@brainjar/cli 0.2.2 → 0.3.0

package/README.md

@@ -5,9 +5,11 @@
 [![downloads](https://img.shields.io/npm/dm/@brainjar/cli)](https://www.npmjs.com/package/@brainjar/cli)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
 
-Shape how your AI thinks — identity, soul, persona, rules.
+Shape how your AI thinks — soul, persona, rules.
 
-brainjar manages AI agent behavior through composable layers. Instead of one monolithic config file, you separate **what the agent sounds like** (soul), **how it works** (persona), and **what constraints it follows** (rules). Each layer is a markdown file. Mix and match them per project, per task, or per session.
+brainjar manages AI agent behavior through composable layers. Instead of one monolithic config file, you separate **what the agent sounds like** (soul), **how it works** (persona), and **what constraints it follows** (rules). Each layer is a markdown file. Mix, match, and switch them per project, per task, or per session.
+
+**[Documentation](https://brainjar.sh)** · **[Getting Started](https://brainjar.sh/getting-started/)**
 
 ## Quick start
 
@@ -22,272 +24,14 @@ brainjar init --default
 brainjar status
 ```
 
-That gives you a soul (craftsman), a persona (engineer), and rules (boundaries, git discipline, security) — all wired into your `CLAUDE.md` and ready to go.
-
 ## Concepts
 
-brainjar has four core concepts. Understanding these makes everything else click.
-
-### Soul — who the agent is
-
-The soul defines personality: tone, character, standards. It's the constant across all tasks. You probably only have one or two. Think of it as the agent's voice.
-
-### Persona — how the agent works
-
-Personas define role and workflow. An engineer persona works differently than a reviewer or an architect. Switch personas based on what you're doing — they're the agent's job description.
-
-Personas bundle their own rules via frontmatter:
-
-```yaml
----
-rules:
-  - default
-  - security
----
-```
-
-### Rules — what the agent must follow
-
-Rules are behavioral constraints — guardrails that apply regardless of persona. Single files or multi-file packs (directories). Rules from a persona's frontmatter activate automatically when that persona is active.
-
-### Brain — a saved configuration
-
-A brain is a named snapshot of soul + persona + rules. Instead of switching three things separately, save your setup once and activate it in one shot. Useful for repeatable workflows like "code review" or "design session."
-
-### How they compose
-
-```
-soul + persona + rules = full agent behavior
-      │                    │
-      └── bundled rules ───┘  (from persona frontmatter)
-```
-
-A brain captures all three layers. `compose` assembles them into a single prompt for subagent dispatch.
-
-## State cascade
-
-State merges in three tiers. Each tier overrides the previous:
-
-```
-global  →  local  →  env
-```
-
-| Tier | Storage | When to use |
-|------|---------|-------------|
-| **Global** | `~/.brainjar/state.yaml` | Default behavior across all projects |
-| **Local** | `.brainjar/state.yaml` (in project) | Per-project overrides |
-| **Env** | `BRAINJAR_*` environment variables | Per-session or CI overrides |
-
-```bash
-# Global (default for all projects)
-brainjar persona use engineer
-
-# Local (this project only)
-brainjar persona use planner --local
-
-# Env (this session only)
-BRAINJAR_PERSONA=reviewer claude
-
-# Or use a subshell for scoped sessions
-brainjar shell --persona reviewer --rules-add security
-```
-
-`brainjar status` shows where each setting comes from:
-
-```
-soul     craftsman (global)
-persona  planner (local)
-rules    default (global), security (+local)
-```
-
-### Scope annotations
-
-When you see scope labels in `status` and `rules list` output:
-
-| Label | Meaning |
+| Layer | Purpose |
 |-------|---------|
-| `(global)` | Set in `~/.brainjar/state.yaml` |
-| `(local)` | Overridden in `.brainjar/state.yaml` |
-| `(+local)` | Added by local override (not in global) |
-| `(-local)` | Removed by local override (active globally, suppressed here) |
-| `(env)` | Overridden by `BRAINJAR_*` env var |
-| `(+env)` | Added by env var |
-| `(-env)` | Removed by env var |
-
-### Environment variables
-
-These env vars override all other state when set:
-
-| Variable | Effect |
-|----------|--------|
-| `BRAINJAR_HOME` | Override `~/.brainjar/` location |
-| `BRAINJAR_SOUL` | Override active soul |
-| `BRAINJAR_PERSONA` | Override active persona |
-| `BRAINJAR_IDENTITY` | Override active identity |
-| `BRAINJAR_RULES_ADD` | Comma-separated rules to add |
-| `BRAINJAR_RULES_REMOVE` | Comma-separated rules to remove |
-
-Set to empty string to explicitly unset (e.g., `BRAINJAR_SOUL=""` removes the soul for that session).
-
-## What it does
-
-```
-~/.brainjar/
-  souls/            # Voice and character — who the agent is
-    craftsman.md
-  personas/         # Role and workflow — how the agent works
-    engineer.md
-    planner.md
-    reviewer.md
-  rules/            # Constraints — what the agent must follow
-    default/        # Boundaries, context recovery, task completion
-    git-discipline.md
-    security.md
-  brains/           # Full-stack snapshots — soul + persona + rules
-    review.yaml
-```
-
-brainjar reads these markdown files, merges the active layers, and inlines them into your agent's config (`~/.claude/CLAUDE.md` or `.codex/AGENTS.md`) between `<!-- brainjar:start -->` / `<!-- brainjar:end -->` markers. Everything outside the markers is yours. Change a layer, and the agent's behavior changes on next sync.
-
-## Layers
-
-### Soul
-
-```bash
-brainjar soul create mysoul --description "Direct and rigorous"
-brainjar soul use mysoul
-```
-
-### Persona
-
-```bash
-brainjar persona use planner    # Design session
-brainjar persona use engineer   # Build session
-brainjar persona use reviewer   # Review session
-```
-
-### Rules
-
-```bash
-brainjar rules create no-delete --description "Never delete files without asking"
-brainjar rules add no-delete
-brainjar rules remove no-delete
-```
-
-### Brain
-
-```bash
-brainjar brain save review           # Snapshot current state as a brain
-brainjar brain use review            # Activate soul + persona + rules in one shot
-brainjar brain list                  # See available brains
-brainjar brain show review           # Inspect a brain's config
-```
-
-When to use a brain vs. switching layers individually:
-- **Brain:** Repeatable workflow you do often (code review, design, debugging). Save once, activate in one command.
-- **Individual layers:** Exploratory work, one-off overrides, or when you only need to change one thing.
-
-## Subagent orchestration
-
-Personas can spawn other personas as subagents. For example, a tech-lead persona can:
-
-1. Spawn an **architect** subagent for design — produces a design doc
-2. Get user approval
-3. Implement the design itself
-4. Spawn a **reviewer** subagent to verify — compares code against the spec
-
-Each subagent gets the full brain context: soul + persona + rules. The `compose` command assembles the full prompt in a single call:
-
-```bash
-# Primary path — brain drives everything
-brainjar compose review --task "Review the changes in src/sync.ts"
-
-# Ad-hoc — no saved brain, specify persona directly
-brainjar compose --persona reviewer --task "Review the changes in src/sync.ts"
-```
-
-For more granular control, use `brainjar persona show <name>` and `brainjar rules show <name>` to retrieve individual layers.
-
-## Recipes
-
-### Code review session
-
-```bash
-# Save a review brain once
-brainjar soul use craftsman
-brainjar persona use reviewer
-brainjar rules add default
-brainjar rules add security
-brainjar brain save review
-
-# Then activate it anytime
-brainjar brain use review
-
-# Or scope it to a single session
-brainjar shell --brain review
-```
-
-### CI pipeline — enforce rules without a persona
-
-```bash
-# In CI, use env vars to override behavior
-BRAINJAR_PERSONA=auditor BRAINJAR_RULES_ADD=security,compliance brainjar status --sync
-```
-
-### Project-specific persona
-
-```bash
-# In your project directory
-brainjar persona use planner --local
-brainjar rules add no-delete --local
-
-# Global settings still apply — local just overrides what you specify
-brainjar status
-# soul     craftsman (global)
-# persona  planner (local)
-# rules    default (global), no-delete (+local)
-```
-
-## Pack
-
-Packs are self-contained, shareable bundles of a brain and all its layers — soul, persona, and rules. Export a brain as a pack directory, hand it to a teammate, and they import it in one command.
-
-A pack mirrors the `~/.brainjar/` structure with a `pack.yaml` manifest at the root. No tarballs, no magic — just files you can inspect with `ls` and `cat`.
-
-```bash
-# Export a brain as a pack
-brainjar pack export review                        # creates ./review/
-brainjar pack export review --out /tmp             # creates /tmp/review/
-brainjar pack export review --name my-review       # override pack name
-brainjar pack export review --version 1.0.0        # set version (default: 0.1.0)
-brainjar pack export review --author frank         # set author field
-
-# Import a pack
-brainjar pack import ./review                      # import into ~/.brainjar/
-brainjar pack import ./review --force              # overwrite conflicts
-brainjar pack import ./review --merge              # rename conflicts as <name>-from-<packname>
-brainjar pack import ./review --activate           # activate the brain after import
-```
-
-On conflict (a file already exists with different content), import fails by default and lists the conflicts. Use `--force` to overwrite or `--merge` to keep both versions. Identical files are silently skipped.
-
-## Hooks
-
-brainjar integrates with Claude Code's hook system for automatic context injection. When hooks are installed, brainjar syncs your config on every session start — no manual `brainjar sync` needed.
-
-```bash
-# Install hooks (writes to ~/.claude/settings.json)
-brainjar hooks install
-
-# Install for this project only
-brainjar hooks install --local
-
-# Check hook status
-brainjar hooks status
-
-# Remove hooks
-brainjar hooks remove
-```
+| **Soul** | Who the agent is — voice, character, standards |
+| **Persona** | How the agent works — role, workflow, bundled rules |
+| **Rules** | Behavioral constraints — guardrails that apply regardless of persona |
+| **Brain** | Saved snapshot of soul + persona + rules — activate in one shot |
 
 ## Commands
 
@@ -296,52 +40,19 @@ brainjar init [--default] [--obsidian] [--backend claude|codex]
 brainjar status [--sync] [--global|--local] [--short]
 brainjar sync [--quiet]
 brainjar compose <brain> [--task <text>]
-brainjar compose --persona <name> [--task <text>]
 
 brainjar brain save|use|list|show|drop
 brainjar soul create|list|show|use|drop
 brainjar persona create|list|show|use|drop
 brainjar rules create|list|show|add|remove
 
-brainjar identity create|list|show|use|drop|unlock|get|status|lock
 brainjar pack export|import
 brainjar hooks install|remove|status [--local]
-brainjar shell [--brain|--soul|--persona|--identity|--rules-add|--rules-remove]
+brainjar shell [--brain|--soul|--persona|--rules-add|--rules-remove]
 brainjar reset [--backend claude|codex]
 ```
 
-`show` accepts an optional name to view any item, not just the active one. Use `--short` to get just the active name (useful in scripts and statuslines):
-
-```bash
-brainjar persona show reviewer    # View a specific persona
-brainjar soul show                # View the active soul
-brainjar rules show security      # View a rule's content
-brainjar status --short           # One-liner: soul | persona | identity
-brainjar soul show --short        # Just the active soul name
-```
-
-## Obsidian support
-
-`~/.brainjar/` is a folder of markdown files — it's already almost an Obsidian vault.
-
-```bash
-brainjar init --obsidian
-```
-
-Adds `.obsidian/` config that hides private files (state, identities) from the file explorer and includes templates for creating new souls, personas, and rules from within Obsidian.
-
-## Backends
-
-```bash
-brainjar init --backend codex      # writes ~/.codex/AGENTS.md
-brainjar reset --backend codex
-```
-
-Supported: `claude` (default), `codex`
-
-## Backup & restore
-
-On first sync, brainjar backs up any existing config file to `CLAUDE.md.pre-brainjar`. Running `brainjar reset` removes brainjar-managed config and restores the backup.
+See the [CLI reference](https://brainjar.sh/reference/cli/) for full details.
 
 ## Development
 

package/package.json

@@ -1,14 +1,14 @@
 {
   "name": "@brainjar/cli",
-  "version": "0.2.2",
-  "description": "Shape how your AI thinks — composable identity, soul, persona, and rules for AI agents",
+  "version": "0.3.0",
+  "description": "Shape how your AI thinks — composable soul, persona, and rules for AI agents",
   "type": "module",
   "license": "MIT",
   "repository": {
     "type": "git",
     "url": "https://github.com/brainjar-sh/brainjar-cli.git"
   },
-  "homepage": "https://github.com/brainjar-sh/brainjar-cli",
+  "homepage": "https://brainjar.sh",
   "bugs": "https://github.com/brainjar-sh/brainjar-cli/issues",
   "keywords": [
     "ai",

package/src/cli.ts

@@ -2,7 +2,6 @@
 import { Cli } from 'incur'
 import pkg from '../package.json'
 import { init } from './commands/init.js'
-import { identity } from './commands/identity.js'
 import { soul } from './commands/soul.js'
 import { persona } from './commands/persona.js'
 import { rules } from './commands/rules.js'
@@ -16,7 +15,7 @@ import { hooks } from './commands/hooks.js'
 import { pack } from './commands/pack.js'
 
 Cli.create('brainjar', {
-  description: 'Shape how your AI thinks — identity, soul, persona, rules',
+  description: 'Shape how your AI thinks — soul, persona, rules',
   version: pkg.version,
   sync: { depth: 0 },
 })
@@ -26,7 +25,6 @@ Cli.create('brainjar', {
   .command(persona)
   .command(rules)
   .command(brain)
-  .command(identity)
   .command(reset)
   .command(shell)
   .command(compose)

package/src/commands/init.ts

@@ -21,14 +21,13 @@ export const init = Cli.create('init', {
       mkdir(paths.personas, { recursive: true }),
       mkdir(paths.rules, { recursive: true }),
       mkdir(paths.brains, { recursive: true }),
-      mkdir(paths.identities, { recursive: true }),
     ])
 
     // Seed the default rule pack
     await seedDefaultRule(paths.rules)
 
     // Build .gitignore — always exclude private files, add .obsidian if vault enabled
-    const gitignoreLines = ['identities/', '.session', 'state.yaml']
+    const gitignoreLines = ['state.yaml']
     if (c.options.obsidian) {
       gitignoreLines.push('.obsidian/', 'templates/')
     }
@@ -53,7 +52,7 @@ export const init = Cli.create('init', {
     const result: Record<string, unknown> = {
       created: brainjarDir,
       backend: c.options.backend,
-      directories: ['souls/', 'personas/', 'rules/', 'brains/', 'identities/'],
+      directories: ['souls/', 'personas/', 'rules/', 'brains/'],
     }
 
     if (c.options.default) {
@@ -63,7 +62,7 @@ export const init = Cli.create('init', {
       result.personas = ['engineer', 'planner', 'reviewer']
       result.next = 'Ready to go. Run `brainjar status` to see your config.'
     } else {
-      result.next = 'Run `brainjar identity create <slug> --name <name> --email <email>` to set up your first identity.'
+      result.next = 'Run `brainjar soul create <name>` to create your first soul.'
     }
 
     if (c.options.obsidian) {

package/src/commands/shell.ts

@@ -14,20 +14,19 @@ export const shell = Cli.create('shell', {
     brain: z.string().optional().describe('Brain name — sets soul, persona, and rules from brain file'),
     soul: z.string().optional().describe('Soul override for this session'),
     persona: z.string().optional().describe('Persona override for this session'),
-    identity: z.string().optional().describe('Identity override for this session'),
     'rules-add': z.string().optional().describe('Comma-separated rules to add'),
     'rules-remove': z.string().optional().describe('Comma-separated rules to remove'),
   }),
   async run(c) {
     await requireBrainjarDir()
 
-    const individualFlags = c.options.soul || c.options.persona || c.options.identity
+    const individualFlags = c.options.soul || c.options.persona
       || c.options['rules-add'] || c.options['rules-remove']
 
     if (c.options.brain && individualFlags) {
       throw new IncurError({
         code: 'MUTUALLY_EXCLUSIVE',
-        message: '--brain is mutually exclusive with --soul, --persona, --identity, --rules-add, --rules-remove.',
+        message: '--brain is mutually exclusive with --soul, --persona, --rules-add, --rules-remove.',
         hint: 'Use --brain alone or individual flags, not both.',
       })
     }
@@ -44,7 +43,6 @@ export const shell = Cli.create('shell', {
     } else {
       if (c.options.soul) envOverrides.BRAINJAR_SOUL = c.options.soul
       if (c.options.persona) envOverrides.BRAINJAR_PERSONA = c.options.persona
-      if (c.options.identity) envOverrides.BRAINJAR_IDENTITY = c.options.identity
       if (c.options['rules-add']) envOverrides.BRAINJAR_RULES_ADD = c.options['rules-add']
       if (c.options['rules-remove']) envOverrides.BRAINJAR_RULES_REMOVE = c.options['rules-remove']
     }
@@ -53,7 +51,7 @@ export const shell = Cli.create('shell', {
       throw new IncurError({
         code: 'NO_OVERRIDES',
         message: 'No overrides specified.',
-        hint: 'Use --brain, --soul, --persona, --identity, --rules-add, or --rules-remove.',
+        hint: 'Use --brain, --soul, --persona, --rules-add, or --rules-remove.',
       })
     }
 
@@ -66,7 +64,6 @@ export const shell = Cli.create('shell', {
     const labels: string[] = []
     if (envOverrides.BRAINJAR_SOUL) labels.push(`soul: ${envOverrides.BRAINJAR_SOUL}`)
     if (envOverrides.BRAINJAR_PERSONA) labels.push(`persona: ${envOverrides.BRAINJAR_PERSONA}`)
-    if (envOverrides.BRAINJAR_IDENTITY) labels.push(`identity: ${envOverrides.BRAINJAR_IDENTITY}`)
     if (envOverrides.BRAINJAR_RULES_ADD) labels.push(`+rules: ${envOverrides.BRAINJAR_RULES_ADD}`)
     if (envOverrides.BRAINJAR_RULES_REMOVE) labels.push(`-rules: ${envOverrides.BRAINJAR_RULES_REMOVE}`)
 

package/src/commands/status.ts

@@ -1,5 +1,5 @@
 import { Cli, z } from 'incur'
-import { readState, readLocalState, readEnvState, mergeState, loadIdentity, requireBrainjarDir } from '../state.js'
+import { readState, readLocalState, readEnvState, mergeState, requireBrainjarDir } from '../state.js'
 import { sync } from '../sync.js'
 
 export const status = Cli.create('status', {
@@ -8,7 +8,7 @@ export const status = Cli.create('status', {
     sync: z.boolean().default(false).describe('Regenerate config file from active layers'),
     global: z.boolean().default(false).describe('Show only global state'),
     local: z.boolean().default(false).describe('Show only local overrides'),
-    short: z.boolean().default(false).describe('One-line output: soul | persona | identity'),
+    short: z.boolean().default(false).describe('One-line output: soul | persona'),
   }),
   async run(c) {
     await requireBrainjarDir()
@@ -19,13 +19,9 @@ export const status = Cli.create('status', {
       const local = await readLocalState()
       const env = readEnvState()
       const effective = mergeState(global, local, env)
-      const slug = effective.identity.value
-        ? (await loadIdentity(effective.identity.value).catch(() => null))?.slug ?? effective.identity.value
-        : null
       const parts = [
         `soul: ${effective.soul.value ?? 'none'}`,
         `persona: ${effective.persona.value ?? 'none'}`,
-        `identity: ${slug ?? 'none'}`,
       ]
       return parts.join(' | ')
     }
@@ -40,20 +36,10 @@ export const status = Cli.create('status', {
     // --global: show only global state (v0.1 behavior)
     if (c.options.global) {
       const state = await readState()
-      let identityFull: Record<string, unknown> | null = null
-      if (state.identity) {
-        try {
-          const { content: _, ...id } = await loadIdentity(state.identity)
-          identityFull = id
-        } catch {
-          identityFull = { slug: state.identity, error: 'File not found' }
-        }
-      }
       const result: Record<string, unknown> = {
         soul: state.soul ?? null,
         persona: state.persona ?? null,
         rules: state.rules,
-        identity: identityFull,
       }
       if (synced) result.synced = synced
       return result
@@ -66,7 +52,6 @@ export const status = Cli.create('status', {
       if ('soul' in local) result.soul = local.soul
       if ('persona' in local) result.persona = local.persona
       if (local.rules) result.rules = local.rules
-      if ('identity' in local) result.identity = local.identity
       if (Object.keys(result).length === 0) result.note = 'No local overrides'
       if (synced) result.synced = synced
       return result
@@ -78,24 +63,12 @@ export const status = Cli.create('status', {
     const env = readEnvState()
     const effective = mergeState(global, local, env)
 
-    // Resolve identity details
-    let identityFull: Record<string, unknown> | null = null
-    if (effective.identity.value) {
-      try {
-        const { content: _, ...id } = await loadIdentity(effective.identity.value)
-        identityFull = { ...id, scope: effective.identity.scope }
-      } catch {
-        identityFull = { slug: effective.identity.value, scope: effective.identity.scope, error: 'File not found' }
-      }
-    }
-
     // Agents and explicit --format get full structured data
     if (c.agent || c.formatExplicit) {
       const result: Record<string, unknown> = {
         soul: effective.soul,
         persona: effective.persona,
         rules: effective.rules,
-        identity: identityFull,
       }
       if (synced) result.synced = synced
       return result
@@ -104,14 +77,6 @@ export const status = Cli.create('status', {
     // Humans get a compact view with scope annotations
     const fmtScope = (scope: string) => `(${scope})`
 
-    const identityLabel = identityFull
-      ? identityFull.error
-        ? `${effective.identity.value} (not found)`
-        : identityFull.engine
-          ? `${identityFull.slug} ${fmtScope(effective.identity.scope)} (${identityFull.engine})`
-          : `${identityFull.slug} ${fmtScope(effective.identity.scope)}`
-      : null
-
     const rulesLabel = effective.rules.length
       ? effective.rules
           .filter(r => !r.scope.startsWith('-'))
@@ -123,7 +88,6 @@ export const status = Cli.create('status', {
       soul: effective.soul.value ? `${effective.soul.value} ${fmtScope(effective.soul.scope)}` : null,
       persona: effective.persona.value ? `${effective.persona.value} ${fmtScope(effective.persona.scope)}` : null,
       rules: rulesLabel,
-      identity: identityLabel,
     }
     if (synced) result.synced = synced
     return result

package/src/paths.ts

@@ -41,8 +41,6 @@ export const paths = {
   get personas() { return join(getBrainjarDir(), 'personas') },
   get rules() { return join(getBrainjarDir(), 'rules') },
   get brains() { return join(getBrainjarDir(), 'brains') },
-  get identities() { return join(getBrainjarDir(), 'identities') },
-  get session() { return join(getBrainjarDir(), '.session') },
   get state() { return join(getBrainjarDir(), 'state.yaml') },
   get localState() { return join(getLocalDir(), 'state.yaml') },
 }

package/src/seeds.ts

@@ -26,9 +26,7 @@ function obsidianAppConfigWithExclusions() {
     useMarkdownLinks: false,
     alwaysUpdateLinks: true,
     userIgnoreFilters: [
-      'identities/',
       'state.yaml',
-      '.session',
       '.gitignore',
     ],
   }, null, 2)

package/src/state.ts

@@ -73,13 +73,12 @@ export async function listAvailableRules(): Promise<string[]> {
 
 export interface State {
   backend: string | null
-  identity: string | null
   soul: string | null
   persona: string | null
   rules: string[]
 }
 
-const DEFAULT_STATE: State = { backend: null, identity: null, soul: null, persona: null, rules: [] }
+const DEFAULT_STATE: State = { backend: null, soul: null, persona: null, rules: [] }
 
 export async function requireBrainjarDir(): Promise<void> {
   try {
@@ -111,20 +110,6 @@ export function stripFrontmatter(content: string): string {
   return content.replace(/\r\n/g, '\n').replace(/^---\n[\s\S]*?\n---\n*/, '').trim()
 }
 
-export function parseIdentity(content: string) {
-  const parsed = parseYaml(content)
-  return {
-    name: parsed?.name as string | undefined,
-    email: parsed?.email as string | undefined,
-    engine: parsed?.engine as string | undefined,
-  }
-}
-
-export async function loadIdentity(slug: string) {
-  const content = await readFile(join(paths.identities, `${slug}.yaml`), 'utf-8')
-  return { slug, content, ...parseIdentity(content) }
-}
-
 /** Return a valid slug or null. Prevents path traversal from state.yaml. */
 function safeName(value: unknown): string | null {
   if (typeof value !== 'string' || !value) return null
@@ -151,7 +136,6 @@ export async function readState(): Promise<State> {
 
   return {
     backend: ((parsed as any).backend === 'claude' || (parsed as any).backend === 'codex') ? (parsed as any).backend : null,
-    identity: safeName((parsed as any).identity),
     soul: safeName((parsed as any).soul),
     persona: safeName((parsed as any).persona),
     rules: Array.isArray((parsed as any).rules)
@@ -209,7 +193,6 @@ export async function withStateLock<T>(fn: () => Promise<T>): Promise<T> {
 export async function writeState(state: State): Promise<void> {
   const doc = {
     backend: state.backend ?? null,
-    identity: state.identity ?? null,
     soul: state.soul ?? null,
     persona: state.persona ?? null,
     rules: state.rules,
@@ -223,7 +206,6 @@ export async function writeState(state: State): Promise<void> {
 
 /** Local state only stores overrides. undefined = cascade, null = explicit unset. */
 export interface LocalState {
-  identity?: string | null
   soul?: string | null
   persona?: string | null
   rules?: {
@@ -240,7 +222,6 @@ export type Scope = 'global' | 'local' | '+local' | '-local' | 'env' | '+env' |
 /** Effective state after merging global + local + env, with scope annotations. */
 export interface EffectiveState {
   backend: string | null
-  identity: { value: string | null; scope: Scope }
   soul: { value: string | null; scope: Scope }
   persona: { value: string | null; scope: Scope }
   rules: { value: string; scope: Scope }[]
@@ -268,7 +249,6 @@ export async function readLocalState(): Promise<LocalState> {
   const p = parsed as Record<string, unknown>
 
   // For each layer: if key is present, include it (even if null)
-  if ('identity' in p) result.identity = p.identity === null ? null : safeName(p.identity)
   if ('soul' in p) result.soul = p.soul === null ? null : safeName(p.soul)
   if ('persona' in p) result.persona = p.persona === null ? null : safeName(p.persona)
 
@@ -292,7 +272,6 @@ export async function writeLocalState(local: LocalState): Promise<void> {
 
   // Build a clean doc — only include keys that are present in local
   const doc: Record<string, unknown> = {}
-  if ('identity' in local) doc.identity = local.identity ?? null
   if ('soul' in local) doc.soul = local.soul ?? null
   if ('persona' in local) doc.persona = local.persona ?? null
   if (local.rules) {
@@ -313,9 +292,6 @@ export function readEnvState(extraEnv?: Record<string, string>): EnvState {
   const env = extraEnv ? { ...process.env, ...extraEnv } : process.env
   const result: EnvState = {}
 
-  if (env.BRAINJAR_IDENTITY !== undefined) {
-    result.identity = env.BRAINJAR_IDENTITY === '' ? null : safeName(env.BRAINJAR_IDENTITY)
-  }
   if (env.BRAINJAR_SOUL !== undefined) {
     result.soul = env.BRAINJAR_SOUL === '' ? null : safeName(env.BRAINJAR_SOUL)
   }
@@ -353,10 +329,6 @@ function applyOverrides(
   const plusScope = `+${scope}` as Scope
   const minusScope = `-${scope}` as Scope
 
-  const identity = 'identity' in overrides
-    ? { value: overrides.identity ?? null, scope: scope as Scope }
-    : base.identity
-
   const soul = 'soul' in overrides
     ? { value: overrides.soul ?? null, scope: scope as Scope }
     : base.soul
@@ -395,7 +367,7 @@ function applyOverrides(
     }
   }
 
-  return { backend: base.backend, identity, soul, persona, rules }
+  return { backend: base.backend, soul, persona, rules }
 }
 
 /** Pure merge: global → local → env, each scope overrides the previous. */
@@ -403,7 +375,6 @@ export function mergeState(global: State, local: LocalState, env?: EnvState): Ef
   // Start with global as the base effective state
   const base: EffectiveState = {
     backend: global.backend,
-    identity: { value: global.identity, scope: 'global' },
     soul: { value: global.soul, scope: 'global' },
     persona: { value: global.persona, scope: 'global' },
     rules: global.rules.map(r => ({ value: r, scope: 'global' as Scope })),

package/src/sync.ts

@@ -1,4 +1,4 @@
-import { readFile, writeFile, copyFile, mkdir, access } from 'node:fs/promises'
+import { readFile, writeFile, copyFile, mkdir } from 'node:fs/promises'
 import { join } from 'node:path'
 import { type Backend, getBackendConfig, paths } from './paths.js'
 import { type State, readState, readLocalState, readEnvState, mergeState, requireBrainjarDir, stripFrontmatter, resolveRuleContent } from './state.js'
@@ -40,17 +40,6 @@ async function inlineRules(rules: string[], sections: string[], warnings: string
   }
 }
 
-async function inlineIdentity(name: string, sections: string[]) {
-  try {
-    await access(join(paths.identities, `${name}.yaml`))
-    sections.push('')
-    sections.push('## Identity')
-    sections.push('')
-    sections.push(`See ~/.brainjar/identities/${name}.yaml for active identity.`)
-    sections.push('Manage with `brainjar identity [list|use|show]`.')
-  } catch {}
-}
-
 /** Extract content before, inside, and after brainjar markers. */
 function parseMarkers(content: string): { before: string; after: string } | null {
   const startIdx = content.indexOf(MARKER_START)
@@ -115,21 +104,16 @@ export async function sync(options?: Backend | SyncOptions) {
       // But only write rules section if local state has rules overrides
       await inlineRules(activeRules, sections, warnings)
     }
-    if ('identity' in localState && effective.identity.value) {
-      await inlineIdentity(effective.identity.value, sections)
-    }
   } else {
     // Global mode: apply env overrides on top of global state, write all layers
     const effective = mergeState(globalState, {}, envState)
     const effectiveSoul = effective.soul.value
     const effectivePersona = effective.persona.value
     const effectiveRules = effective.rules.filter(r => !r.scope.startsWith('-')).map(r => r.value)
-    const effectiveIdentity = effective.identity.value
 
     if (effectiveSoul) await inlineSoul(effectiveSoul, sections)
     if (effectivePersona) await inlinePersona(effectivePersona, sections)
     await inlineRules(effectiveRules, sections, warnings)
-    if (effectiveIdentity) await inlineIdentity(effectiveIdentity, sections)
 
     // Local Overrides note (only for global config)
     sections.push('')

package/src/commands/identity.ts

@@ -1,276 +0,0 @@
-import { Cli, z, Errors } from 'incur'
-import { stringify as stringifyYaml } from 'yaml'
-
-const { IncurError } = Errors
-import { readdir, readFile, writeFile, mkdir, rm } from 'node:fs/promises'
-import { join, basename } from 'node:path'
-import { paths } from '../paths.js'
-import { readState, writeState, withStateLock, readLocalState, writeLocalState, withLocalStateLock, readEnvState, mergeState, loadIdentity, parseIdentity, requireBrainjarDir, normalizeSlug } from '../state.js'
-import { getEngine } from '../engines/index.js'
-import { sync } from '../sync.js'
-
-function redactSession(status: Record<string, unknown>) {
-  const { session: _, ...safe } = status as any
-  return safe
-}
-
-async function requireActiveIdentity() {
-  await requireBrainjarDir()
-  const state = await readState()
-  if (!state.identity) {
-    throw new IncurError({
-      code: 'NO_ACTIVE_IDENTITY',
-      message: 'No active identity.',
-      hint: 'Run `brainjar identity use <slug>` to activate one.',
-    })
-  }
-  return loadIdentity(state.identity)
-}
-
-function requireEngine(engineName: string | undefined) {
-  if (!engineName) {
-    throw new IncurError({
-      code: 'NO_ENGINE',
-      message: 'Active identity has no engine configured.',
-    })
-  }
-  const engine = getEngine(engineName)
-  if (!engine) {
-    throw new IncurError({
-      code: 'UNKNOWN_ENGINE',
-      message: `Unknown engine: ${engineName}`,
-      hint: 'Supported engines: bitwarden',
-    })
-  }
-  return engine
-}
-
-export const identity = Cli.create('identity', {
-  description: 'Manage digital identity — one active at a time',
-})
-  .command('create', {
-    description: 'Create a new identity',
-    args: z.object({
-      slug: z.string().describe('Identity slug (e.g. personal, work)'),
-    }),
-    options: z.object({
-      name: z.string().describe('Full display name'),
-      email: z.string().describe('Email address'),
-      engine: z.literal('bitwarden').default('bitwarden').describe('Credential engine'),
-    }),
-    async run(c) {
-      await requireBrainjarDir()
-      const slug = normalizeSlug(c.args.slug, 'identity slug')
-      await mkdir(paths.identities, { recursive: true })
-
-      const content = stringifyYaml({ name: c.options.name, email: c.options.email, engine: c.options.engine })
-
-      const filePath = join(paths.identities, `${slug}.yaml`)
-      await writeFile(filePath, content)
-
-      return {
-        created: filePath,
-        identity: { slug, name: c.options.name, email: c.options.email, engine: c.options.engine },
-        next: `Run \`brainjar identity use ${slug}\` to activate.`,
-      }
-    },
-  })
-  .command('list', {
-    description: 'List available identities',
-    async run() {
-      const entries = await readdir(paths.identities).catch(() => [])
-      const identities = []
-
-      for (const file of entries.filter(f => f.endsWith('.yaml'))) {
-        const slug = basename(file, '.yaml')
-        const content = await readFile(join(paths.identities, file), 'utf-8')
-        identities.push({ slug, ...parseIdentity(content) })
-      }
-
-      return { identities }
-    },
-  })
-  .command('show', {
-    description: 'Show the active identity',
-    options: z.object({
-      local: z.boolean().default(false).describe('Show local identity override (if any)'),
-      short: z.boolean().default(false).describe('Print only the active identity slug'),
-    }),
-    async run(c) {
-      if (c.options.short) {
-        const global = await readState()
-        const local = await readLocalState()
-        const env = readEnvState()
-        const effective = mergeState(global, local, env)
-        return effective.identity.value ?? 'none'
-      }
-
-      if (c.options.local) {
-        const local = await readLocalState()
-        if (!('identity' in local)) return { active: false, scope: 'local', note: 'No local identity override (cascades from global)' }
-        if (local.identity === null) return { active: false, scope: 'local', slug: null, note: 'Explicitly unset at local scope' }
-        try {
-          const content = await readFile(join(paths.identities, `${local.identity}.yaml`), 'utf-8')
-          return { active: true, scope: 'local', slug: local.identity, ...parseIdentity(content) }
-        } catch {
-          return { active: false, scope: 'local', slug: local.identity, error: 'File not found' }
-        }
-      }
-
-      const global = await readState()
-      const local = await readLocalState()
-      const env = readEnvState()
-      const effective = mergeState(global, local, env)
-      if (!effective.identity.value) return { active: false }
-      try {
-        const content = await readFile(join(paths.identities, `${effective.identity.value}.yaml`), 'utf-8')
-        return { active: true, slug: effective.identity.value, scope: effective.identity.scope, ...parseIdentity(content) }
-      } catch {
-        return { active: false, slug: effective.identity.value, error: 'File not found' }
-      }
-    },
-  })
-  .command('use', {
-    description: 'Activate an identity',
-    args: z.object({
-      slug: z.string().describe('Identity slug to activate'),
-    }),
-    options: z.object({
-      local: z.boolean().default(false).describe('Write to local .claude/CLAUDE.md instead of global'),
-    }),
-    async run(c) {
-      await requireBrainjarDir()
-      const slug = normalizeSlug(c.args.slug, 'identity slug')
-      const source = join(paths.identities, `${slug}.yaml`)
-      try {
-        await readFile(source, 'utf-8')
-      } catch {
-        throw new IncurError({
-          code: 'IDENTITY_NOT_FOUND',
-          message: `Identity "${slug}" not found.`,
-          hint: 'Run `brainjar identity list` to see available identities.',
-        })
-      }
-
-      if (c.options.local) {
-        await withLocalStateLock(async () => {
-          const local = await readLocalState()
-          local.identity = slug
-          await writeLocalState(local)
-          await sync({ local: true })
-        })
-      } else {
-        await withStateLock(async () => {
-          const state = await readState()
-          state.identity = slug
-          await writeState(state)
-          await sync()
-        })
-      }
-
-      return { activated: slug, local: c.options.local }
-    },
-  })
-  .command('drop', {
-    description: 'Deactivate the current identity',
-    options: z.object({
-      local: z.boolean().default(false).describe('Remove local identity override or deactivate global identity'),
-    }),
-    async run(c) {
-      await requireBrainjarDir()
-      if (c.options.local) {
-        await withLocalStateLock(async () => {
-          const local = await readLocalState()
-          delete local.identity
-          await writeLocalState(local)
-          await sync({ local: true })
-        })
-      } else {
-        await withStateLock(async () => {
-          const state = await readState()
-          if (!state.identity) {
-            throw new IncurError({
-              code: 'NO_ACTIVE_IDENTITY',
-              message: 'No active identity to deactivate.',
-            })
-          }
-          state.identity = null
-          await writeState(state)
-          await sync()
-        })
-      }
-      return { deactivated: true, local: c.options.local }
-    },
-  })
-  .command('unlock', {
-    description: 'Store the credential engine session token',
-    args: z.object({
-      session: z.string().optional().describe('Session token (reads from stdin if omitted)'),
-    }),
-    async run(c) {
-      let session = c.args.session
-      if (!session) {
-        if (process.stdin.isTTY) {
-          throw new IncurError({
-            code: 'NO_SESSION',
-            message: 'No session token provided.',
-            hint: 'Pipe it in: bw unlock --raw | brainjar identity unlock',
-          })
-        }
-        let data = ''
-        for await (const chunk of process.stdin) {
-          data += typeof chunk === 'string' ? chunk : chunk.toString('utf-8')
-        }
-        session = data.trim()
-      }
-      if (!session) {
-        throw new IncurError({
-          code: 'EMPTY_SESSION',
-          message: 'Session token is empty.',
-        })
-      }
-      await writeFile(paths.session, session, { mode: 0o600 })
-      return { unlocked: true, stored: paths.session }
-    },
-  })
-  .command('get', {
-    description: 'Retrieve a credential from the active identity engine',
-    args: z.object({
-      item: z.string().describe('Item name or ID to retrieve from the vault'),
-    }),
-    async run(c) {
-      const { engine: engineName } = await requireActiveIdentity()
-      const engine = requireEngine(engineName)
-
-      const status = await engine.status()
-      if (status.state !== 'unlocked') {
-        throw new IncurError({
-          code: 'ENGINE_LOCKED',
-          message: 'Credential engine is not unlocked.',
-          hint: 'operator_action' in status ? status.operator_action : undefined,
-          retryable: true,
-        })
-      }
-
-      return engine.get(c.args.item, status.session)
-    },
-  })
-  .command('status', {
-    description: 'Check if the credential engine session is active',
-    async run() {
-      const { name, email, engine: engineName } = await requireActiveIdentity()
-      const engine = requireEngine(engineName)
-      const engineStatus = await engine.status()
-      return { identity: { name, email, engine: engineName }, ...redactSession(engineStatus) }
-    },
-  })
-  .command('lock', {
-    description: 'Lock the credential engine session',
-    async run() {
-      const { engine: engineName } = await requireActiveIdentity()
-      const engine = requireEngine(engineName)
-      await engine.lock()
-      await rm(paths.session, { force: true })
-      return { locked: true }
-    },
-  })

package/src/engines/bitwarden.ts

@@ -1,105 +0,0 @@
-import { $ } from 'bun'
-import { readFile } from 'node:fs/promises'
-import { paths } from '../paths.js'
-import type { CredentialEngine, EngineStatus } from './types.js'
-
-export async function loadSession(): Promise<string | null> {
-  // Env var takes precedence, then session file
-  if (process.env.BW_SESSION) return process.env.BW_SESSION
-  try {
-    const session = (await readFile(paths.session, 'utf-8')).trim()
-    return session || null
-  } catch {
-    return null
-  }
-}
-
-/** Thin shell wrapper — extracted so tests can replace it via spyOn. */
-export const bw = {
-  async whichBw(): Promise<void> {
-    await $`which bw`.quiet()
-  },
-
-  async status(session: string | null): Promise<any> {
-    return session
-      ? $`bw status`.env({ ...process.env, BW_SESSION: session }).json()
-      : $`bw status`.json()
-  },
-
-  async getItem(item: string, session: string): Promise<any> {
-    return $`bw get item ${item}`.env({ ...process.env, BW_SESSION: session }).json()
-  },
-
-  async lock(): Promise<void> {
-    await $`bw lock`.quiet()
-  },
-}
-
-export const bitwarden: CredentialEngine = {
-  name: 'bitwarden',
-
-  async status(): Promise<EngineStatus> {
-    try {
-      await bw.whichBw()
-    } catch {
-      return { state: 'not_installed', install: 'npm install -g @bitwarden/cli' }
-    }
-
-    try {
-      const session = await loadSession()
-      const result = await bw.status(session)
-
-      if (result.status === 'unauthenticated') {
-        return {
-          state: 'unauthenticated',
-          operator_action: `bw login ${result.userEmail ?? '<email>'}`,
-        }
-      }
-
-      if (result.status === 'unlocked' && session) {
-        return { state: 'unlocked', session }
-      }
-
-      return {
-        state: 'locked',
-        operator_action: 'Run `bw unlock` and then `brainjar identity unlock <session>`',
-      }
-    } catch {
-      return {
-        state: 'locked',
-        operator_action: 'Could not determine vault status. Run `bw unlock` and then `brainjar identity unlock <session>`',
-      }
-    }
-  },
-
-  async get(item: string, session: string) {
-    if (!item || item.length > 256 || /[\x00-\x1f]/.test(item)) {
-      return { error: `Invalid item name: "${item}"` }
-    }
-    try {
-      const result = await bw.getItem(item, session)
-
-      if (result.login?.password) {
-        return { value: result.login.password }
-      }
-      if (result.notes) {
-        return { value: result.notes }
-      }
-
-      return { error: `Item "${item}" found but has no password or notes.` }
-    } catch (e) {
-      const stderr = (e as any)?.stderr?.toString?.()?.trim?.()
-      const message = stderr || (e as Error).message || 'unknown error'
-      return { error: `Could not retrieve "${item}": ${message}` }
-    }
-  },
-
-  async lock() {
-    try {
-      await bw.lock()
-    } catch (e) {
-      const stderr = (e as any)?.stderr?.toString?.()?.trim?.()
-      throw new Error(`Failed to lock vault: ${stderr || (e as Error).message}`)
-    }
-  },
-}

package/src/engines/index.ts

@@ -1,12 +0,0 @@
-import type { CredentialEngine } from './types.js'
-import { bitwarden } from './bitwarden.js'
-
-const engines: Record<string, CredentialEngine> = {
-  bitwarden,
-}
-
-export function getEngine(name: string): CredentialEngine | null {
-  return engines[name] ?? null
-}
-
-export type { CredentialEngine }

package/src/engines/types.ts

@@ -1,12 +0,0 @@
-export type EngineStatus =
-  | { state: 'not_installed'; install: string }
-  | { state: 'unauthenticated'; operator_action: string }
-  | { state: 'locked'; operator_action: string }
-  | { state: 'unlocked'; session: string }
-
-export interface CredentialEngine {
-  name: string
-  status(): Promise<EngineStatus>
-  get(item: string, session: string): Promise<{ value: string } | { error: string }>
-  lock(): Promise<void>
-}