@caplets/core 0.18.9 → 0.19.0

package/dist/index.js

@@ -1,17 +1,22 @@
-import { $ as assertCompleteRequestPrompt, A as CreateMessageResultSchema, At as hasRenderableStructuredContent, B as JSONRPCMessageSchema, C as AjvJsonSchemaValidator, Ct as resolveCapletsRoot, D as CallToolRequestSchema, Dt as discoverCapletFiles, E as toJsonSchemaCompat, Et as resolveProjectConfigPath, F as EmptyResultSchema, Ft as redactSecrets, G as ListRootsResultSchema, H as ListPromptsRequestSchema, I as ErrorCode, It as toSafeError, J as McpError, K as ListToolsRequestSchema, L as GetPromptRequestSchema, M as CreateTaskResultSchema, Mt as markdownStructuredContent, Nt as CAPLETS_ERROR_CODES, O as CallToolResultSchema, Ot as validateCapletFile, P as ElicitResultSchema, Pt as CapletsError, R as InitializeRequestSchema, S as assertToolsCallTaskCapability, T as mergeCapabilities, Tt as resolveProjectCapletsRoot, U as ListResourceTemplatesRequestSchema, V as LATEST_PROTOCOL_VERSION, W as ListResourcesRequestSchema, X as SUPPORTED_PROTOCOL_VERSIONS, Y as ReadResourceRequestSchema, Z as SetLevelRequestSchema, _t as loadGlobalConfig, a as resolveCapletsServer, at as getLiteralValue, bt as parseConfig, c as ServerRegistry, ct as getSchemaDescription, d as runOAuthFlow, dt as normalizeObjectSchema, et as assertCompleteRequestResourceTemplate, f as startGenericOAuthFlow, ft as objectFromShape, g as readTokenBundle, gt as loadConfigWithSources, h as isTokenBundleExpired, ht as loadConfig, i as resolveCapletsMode, it as isJSONRPCResultResponse, j as CreateMessageResultWithToolsSchema, jt as markdownCallToolResultContent, k as CompleteRequestSchema, kt as SERVER_ID_PATTERN, l as capabilityDescription, lt as isSchemaOptional, m as deleteTokenBundle, mt as safeParseAsync, nt as isJSONRPCErrorResponse, o as CapletsEngine, ot as getObjectShape, p as startOAuthFlow, pt as safeParse, q as LoggingLevelSchema, r as parseServerBaseUrl, rt as isJSONRPCRequest, s as handleServerTool, st as getParseErrorMessage, t as controlUrlForBase, tt as isInitializeRequest, u as runGenericOAuthFlow, ut as isZ4Schema, v as ReadBuffer, vt as loadLocalOverlayConfigWithSources, w as Protocol, wt as resolveConfigPath, x as assertClientRequestTaskCapability, y as serializeMessage, yt as loadProjectConfig, z as InitializedNotificationSchema } from "./options-DnOUjft1.js";
-import { A as url, C as object, D as string, b as literal, d as ZodOptional, o as generatedToolInputSchema, s as generatedToolInputSchemaForCaplet } from "./generated-tool-input-schema--kVuUNc5.js";
-import { a as formatCapletList, c as resolveCliConfigPaths, l as cliCommands, n as completionScript, o as formatConfigPaths, s as listCaplets, t as completeCliWords, u as completionShells } from "./completion-RqzHpHRY.js";
+import { $ as ElicitResultSchema, $t as markdownStructuredContent, A as capabilityDescription, At as objectFromShape, B as assertClientRequestTaskCapability, C as migrateCredentials, Ct as getLiteralValue, D as CapletsEngine, Dt as isSchemaOptional, E as fingerprintProjectRoot, Et as getSchemaDescription, F as deleteTokenBundle, Ft as loadGlobalConfig, G as toJsonSchemaCompat, Gt as resolveConfigPath, H as AjvJsonSchemaValidator, Ht as defaultConfigBaseDir, I as isTokenBundleExpired, It as loadLocalOverlayConfigWithSources, J as CompleteRequestSchema, Jt as discoverCapletFiles, K as CallToolRequestSchema, Kt as resolveProjectCapletsRoot, L as readTokenBundle, Lt as loadProjectConfig, M as runOAuthFlow, Mt as safeParseAsync, N as startGenericOAuthFlow, Nt as loadConfig, O as handleServerTool, Ot as isZ4Schema, P as startOAuthFlow, Pt as loadConfigWithSources, Qt as markdownCallToolResultContent, R as ReadBuffer, Rt as parseConfig, S as cloudAuthPath, St as isJSONRPCResultResponse, T as findProjectRoot, Tt as getParseErrorMessage, U as Protocol, Ut as defaultStateBaseDir, V as assertToolsCallTaskCapability, Vt as defaultCacheBaseDir, W as mergeCapabilities, Wt as resolveCapletsRoot, X as CreateMessageResultWithToolsSchema, Xt as loadCapletFilesFromMap, Y as CreateMessageResultSchema, Yt as validateCapletFile, Z as CreateTaskResultSchema, Zt as hasRenderableStructuredContent, _ as controlUrlForBase, _t as assertCompleteRequestPrompt, a as createSdkRemoteCapletsClient, at as JSONRPCMessageSchema, b as resolveCapletsServer, bt as isJSONRPCErrorResponse, ct as ListResourceTemplatesRequestSchema, d as PROJECT_BINDING_ERROR_CODES, dt as ListToolsRequestSchema, et as EmptyResultSchema, f as ProjectBindingError, ft as LoggingLevelSchema, g as resolveCapletsRemote, gt as SetLevelRequestSchema, h as CloudAuthClient, ht as SUPPORTED_PROTOCOL_VERSIONS, it as InitializedNotificationSchema, j as runGenericOAuthFlow, jt as safeParse, k as ServerRegistry, kt as normalizeObjectSchema, lt as ListResourcesRequestSchema, m as projectBindingRecovery, mt as ReadResourceRequestSchema, n as buildProjectSyncManifest, nt as GetPromptRequestSchema, ot as LATEST_PROTOCOL_VERSION, p as projectBindingError, pt as McpError, q as CallToolResultSchema, qt as resolveProjectConfigPath, rt as InitializeRequestSchema, st as ListPromptsRequestSchema, t as createNativeCapletsService, tt as ErrorCode, u as resolveRemoteSelection, ut as ListRootsResultSchema, v as parseServerBaseUrl, vt as assertCompleteRequestResourceTemplate, w as redactedCloudAuthStatus, wt as getObjectShape, x as CloudAuthStore, xt as isJSONRPCRequest, y as resolveCapletsMode, yt as isInitializeRequest, z as serializeMessage } from "./service-BXcE4Rv8.js";
+import { f as redactSecrets, i as SERVER_ID_PATTERN, l as CAPLETS_ERROR_CODES, p as toSafeError, u as CapletsError } from "./validation-BBG4skZf.js";
+import { _ as record, b as unknown, d as literal, m as object, n as ZodOptional, o as array, p as number, r as _enum, s as boolean, v as string, x as url } from "./schemas-BZ6BBrh7.js";
+import { generatedToolInputSchema, generatedToolInputSchemaForCaplet } from "./generated-tool-input-schema.js";
+import { a as formatCapletList, c as resolveCliConfigPaths, l as cliCommands$1, n as completionScript, o as formatConfigPaths, s as listCaplets, t as completeCliWords, u as completionShells } from "./completion-brgziz4L.js";
+import { n as normalizeCapletSourcePath, t as FilesystemCapletSource } from "./filesystem-Kkg32TOJ.js";
+import { parseConfig as parseConfig$1 } from "./config-runtime.js";
 import fs, { accessSync, chmodSync, closeSync, constants, copyFileSync, cpSync, existsSync, lstatSync, mkdirSync, mkdtempSync, openSync, readFileSync, readdirSync, readlinkSync, realpathSync, rmSync, statSync, writeFileSync, writeSync } from "node:fs";
-import path, { basename, dirname, isAbsolute, join, parse, relative, resolve, sep } from "node:path";
-import childProcess, { execFile, execFileSync } from "node:child_process";
+import path, { basename, dirname, isAbsolute, join, parse, posix, relative, resolve, sep, win32 } from "node:path";
+import childProcess, { execFile, execFileSync, spawn } from "node:child_process";
+import { homedir, tmpdir } from "node:os";
 import process$1, { stdin, stdout } from "node:process";
-import { tmpdir } from "node:os";
 import { Readable } from "node:stream";
 import { STATUS_CODES, createServer } from "node:http";
-import { randomUUID, timingSafeEqual } from "node:crypto";
+import { createHash, randomUUID, timingSafeEqual } from "node:crypto";
 import { EventEmitter } from "node:events";
 import { promisify, stripVTControlCharacters } from "node:util";
 import { createInterface } from "node:readline/promises";
+import { Buffer as Buffer$1 } from "node:buffer";
 import { Http2ServerRequest, constants as constants$1 } from "node:http2";
 //#region ../../node_modules/.pnpm/@modelcontextprotocol+sdk@1.29.0_zod@4.4.3/node_modules/@modelcontextprotocol/sdk/dist/esm/experimental/tasks/server.js
 /**
@@ -1322,7 +1327,7 @@ const EMPTY_COMPLETION_RESULT = { completion: {
 } };
 //#endregion
 //#region package.json
-var version = "0.18.9";
+var version = "0.19.0";
 //#endregion
 //#region src/serve/session.ts
 var CapletsMcpSession = class {
@@ -4741,11 +4746,14 @@ function renderLocalPaths(fields, outputDir) {
 	});
 }
 function localPathRelativeToOutput(path, outputDir) {
-	const absolutePath = resolve(path);
-	const rendered = relative(outputDir, resolve(path));
+	const absolutePath = displayPath(resolve(path));
+	const rendered = relative(outputDir, absolutePath);
 	if (rendered.startsWith("../..") || rendered.startsWith("..\\..")) return absolutePath;
 	return rendered === "" ? "." : rendered;
 }
+function displayPath(path) {
+	return path;
+}
 function rejectUnsafeDestinationParents(path) {
 	const parent = dirname(resolve(path));
 	const root = parse(parent).root;
@@ -4755,10 +4763,22 @@ function rejectUnsafeDestinationParents(path) {
 		current = join(current, segment);
 		const stats = lstatIfExists$1(current);
 		if (!stats) return;
-		if (stats.isSymbolicLink()) throw new CapletsError("CONFIG_EXISTS", `Output parent path ${current} is a symlink; remove it before writing`);
+		if (stats.isSymbolicLink()) {
+			if (isDarwinSystemAliasSymlink$1(current)) continue;
+			throw new CapletsError("CONFIG_EXISTS", `Output parent path ${current} is a symlink; remove it before writing`);
+		}
 		if (!stats.isDirectory()) throw new CapletsError("CONFIG_EXISTS", `Output parent path ${current} is not a directory; choose a file path`);
 	}
 }
+function isDarwinSystemAliasSymlink$1(path) {
+	if (process.platform !== "darwin") return false;
+	if (path !== "/var" && path !== "/tmp") return false;
+	try {
+		return realpathSync(path) === `/private${path}`;
+	} catch {
+		return false;
+	}
+}
 function lstatIfExists$1(path) {
 	try {
 		return lstatSync(path);
@@ -5009,6 +5029,344 @@ function starterConfig() {
 	}, null, 2);
 }
 //#endregion
+//#region src/project-binding/workspaces.ts
+const DEFAULT_STALE_LEASE_TTL_MS = 120 * 1e3;
+const DEFAULT_INACTIVE_WORKSPACE_TTL_MS = 720 * 60 * 60 * 1e3;
+const DEFAULT_SOFT_DISK_CAP_BYTES = 10 * 1024 * 1024 * 1024;
+function projectBindingWorkspaceRoot(options = {}) {
+	if (options.root) return options.root;
+	const platform = options.platform ?? process.platform;
+	const home = options.homedir ?? homedir();
+	const env = options.env ?? process.env;
+	if (platform === "win32") {
+		const base = env.LOCALAPPDATA && win32.isAbsolute(env.LOCALAPPDATA) ? env.LOCALAPPDATA : win32.join(home, "AppData", "Local");
+		return win32.join(base, "Caplets", "State", "workspaces");
+	}
+	const base = env.XDG_STATE_HOME && posix.isAbsolute(env.XDG_STATE_HOME) ? env.XDG_STATE_HOME : posix.join(home, ".local", "state");
+	return posix.join(base, "caplets", "workspaces");
+}
+function projectBindingWorkspacePaths(projectFingerprint, options = {}) {
+	assertPathSegment(projectFingerprint, "project fingerprint");
+	const pathJoin = pathJoinFor(options.platform);
+	const root = pathJoin(projectBindingWorkspaceRoot(options), projectFingerprint);
+	const leases = pathJoin(root, "leases");
+	const setup = pathJoin(root, "setup");
+	return {
+		projectFingerprint,
+		root,
+		project: pathJoin(root, "project"),
+		metadata: pathJoin(root, "metadata.json"),
+		leases,
+		setup,
+		setupReceipts: pathJoin(setup, "receipts.json"),
+		lease(bindingId) {
+			assertPathSegment(bindingId, "binding ID");
+			return pathJoin(leases, `${bindingId}.json`);
+		}
+	};
+}
+var ProjectBindingWorkspaceStore = class {
+	options;
+	root;
+	now;
+	staleLeaseTtlMs;
+	inactiveWorkspaceTtlMs;
+	softDiskCapBytes;
+	workspaceSizeBytes;
+	constructor(options = {}) {
+		this.options = options;
+		this.root = projectBindingWorkspaceRoot(options);
+		this.now = options.now ?? (() => /* @__PURE__ */ new Date());
+		this.staleLeaseTtlMs = options.staleLeaseTtlMs ?? DEFAULT_STALE_LEASE_TTL_MS;
+		this.inactiveWorkspaceTtlMs = options.inactiveWorkspaceTtlMs ?? DEFAULT_INACTIVE_WORKSPACE_TTL_MS;
+		this.softDiskCapBytes = options.softDiskCapBytes ?? DEFAULT_SOFT_DISK_CAP_BYTES;
+		this.workspaceSizeBytes = options.workspaceSizeBytes ?? ((paths) => directorySize(paths.root));
+	}
+	paths(projectFingerprint) {
+		return projectBindingWorkspacePaths(projectFingerprint, {
+			...this.options,
+			root: this.root
+		});
+	}
+	async ensureWorkspace(input) {
+		const paths = this.paths(input.projectFingerprint);
+		const now = this.now().toISOString();
+		const existing = this.readMetadata(input.projectFingerprint);
+		const metadata = {
+			projectFingerprint: input.projectFingerprint,
+			projectRoot: input.projectRoot,
+			createdAt: input.createdAt ?? existing?.createdAt ?? now,
+			lastActiveAt: input.lastActiveAt ?? now
+		};
+		mkdirSync(paths.project, { recursive: true });
+		mkdirSync(paths.leases, { recursive: true });
+		mkdirSync(paths.setup, { recursive: true });
+		writeJson$1(paths.metadata, metadata);
+		return paths;
+	}
+	async writeLease(lease) {
+		const paths = this.paths(lease.projectFingerprint);
+		mkdirSync(paths.leases, { recursive: true });
+		writeJson$1(paths.lease(lease.bindingId), lease);
+		if (lease.active) {
+			const metadata = this.readMetadata(lease.projectFingerprint);
+			if (metadata) writeJson$1(paths.metadata, {
+				...metadata,
+				lastActiveAt: lease.updatedAt
+			});
+		}
+	}
+	async listLeases(projectFingerprint) {
+		return this.leasesFor(this.paths(projectFingerprint)).map((entry) => entry.lease);
+	}
+	async writeSetupReceipts(projectFingerprint, receipts) {
+		const paths = this.paths(projectFingerprint);
+		mkdirSync(paths.setup, { recursive: true });
+		writeJson$1(paths.setupReceipts, receipts);
+	}
+	async cleanup() {
+		const expiredLeases = [];
+		const deletedWorkspaces = [];
+		const retainedWorkspaces = [];
+		const candidates = [];
+		for (const paths of this.workspacePaths()) {
+			const leases = this.leasesFor(paths);
+			for (const entry of leases) if (!entry.lease.active && this.isStaleLease(entry.lease)) {
+				rmSync(entry.path, { force: true });
+				expiredLeases.push(entry.path);
+			}
+			if (this.leasesFor(paths).some((entry) => entry.lease.active)) {
+				retainedWorkspaces.push(paths.root);
+				continue;
+			}
+			const metadata = this.readMetadata(paths.projectFingerprint);
+			const lastActiveMs = metadata ? Date.parse(metadata.lastActiveAt) : workspaceMtime(paths.root);
+			const sizeBytes = this.workspaceSizeBytes(paths);
+			candidates.push({
+				paths,
+				lastActiveMs,
+				sizeBytes
+			});
+		}
+		for (const candidate of candidates) if (this.isInactiveWorkspace(candidate.lastActiveMs)) {
+			rmSync(candidate.paths.root, {
+				recursive: true,
+				force: true
+			});
+			deletedWorkspaces.push(candidate.paths.root);
+		}
+		const remaining = candidates.filter((candidate) => !deletedWorkspaces.includes(candidate.paths.root)).sort((first, second) => first.lastActiveMs - second.lastActiveMs);
+		let totalBytes = remaining.reduce((sum, candidate) => sum + candidate.sizeBytes, 0);
+		for (const candidate of remaining) {
+			if (totalBytes <= this.softDiskCapBytes) {
+				retainedWorkspaces.push(candidate.paths.root);
+				continue;
+			}
+			rmSync(candidate.paths.root, {
+				recursive: true,
+				force: true
+			});
+			deletedWorkspaces.push(candidate.paths.root);
+			totalBytes -= candidate.sizeBytes;
+		}
+		return {
+			expiredLeases,
+			deletedWorkspaces,
+			retainedWorkspaces
+		};
+	}
+	readMetadata(projectFingerprint) {
+		const path = this.paths(projectFingerprint).metadata;
+		if (!existsSync(path)) return void 0;
+		return JSON.parse(readFileSync(path, "utf8"));
+	}
+	workspacePaths() {
+		if (!existsSync(this.root)) return [];
+		return readdirSync(this.root, { withFileTypes: true }).filter((entry) => entry.isDirectory()).map((entry) => this.paths(entry.name));
+	}
+	leasesFor(paths) {
+		if (!existsSync(paths.leases)) return [];
+		return readdirSync(paths.leases, { withFileTypes: true }).filter((entry) => entry.isFile() && entry.name.endsWith(".json")).map((entry) => {
+			const path = join(paths.leases, entry.name);
+			return {
+				path,
+				lease: JSON.parse(readFileSync(path, "utf8"))
+			};
+		});
+	}
+	isStaleLease(lease) {
+		const parsedExpiresAt = lease.expiresAt ? Date.parse(lease.expiresAt) : NaN;
+		return (Number.isFinite(parsedExpiresAt) ? parsedExpiresAt : Date.parse(lease.updatedAt) + this.staleLeaseTtlMs) <= this.now().getTime();
+	}
+	isInactiveWorkspace(lastActiveMs) {
+		return lastActiveMs + this.inactiveWorkspaceTtlMs <= this.now().getTime();
+	}
+};
+function writeJson$1(path, value) {
+	writeFileSync(path, `${JSON.stringify(value, null, 2)}\n`, { mode: 384 });
+}
+function directorySize(path) {
+	if (!existsSync(path)) return 0;
+	const stat = statSync(path);
+	if (stat.isFile()) return stat.size;
+	if (!stat.isDirectory()) return 0;
+	return readdirSync(path).reduce((sum, entry) => sum + directorySize(join(path, entry)), 0);
+}
+function workspaceMtime(path) {
+	return existsSync(path) ? statSync(path).mtimeMs : 0;
+}
+function pathJoinFor(platform = process.platform) {
+	return platform === "win32" ? win32.join : join;
+}
+function assertPathSegment(value, label) {
+	if (!value || value.includes("/") || value.includes("\\") || value.includes("\0") || value === "." || value === "..") throw new Error(`Invalid ${label}: ${value}`);
+}
+//#endregion
+//#region src/cli/doctor.ts
+async function doctorJsonReport(options = {}) {
+	const env = options.env ?? process.env;
+	const root = findProjectRoot(options.cwd ?? process.cwd());
+	const projectFingerprint = fingerprintProjectRoot(root);
+	const paths = projectBindingWorkspacePaths(projectFingerprint, { env });
+	const server = resolveServerSection(env);
+	const remote = resolveRemoteSection(env);
+	const credentials = await (options.cloudAuthStore ?? new CloudAuthStore({ env })).load();
+	return {
+		server,
+		remote,
+		projectBinding: {
+			state: "not_attached",
+			projectRoot: root,
+			projectFingerprint,
+			workspacePath: paths.project,
+			authMode: credentials ? "hosted_cloud" : remote.configured ? "self_hosted_remote" : "unconfigured",
+			selectedWorkspace: credentials?.workspaceSlug ?? credentials?.workspaceId ?? remote.workspace ?? null,
+			webSocketUrl: remote.webSocketUrl,
+			lease: null,
+			lastUpgradeError: null,
+			recoveryCommand: credentials || remote.configured ? "caplets attach --once" : "caplets cloud auth login"
+		},
+		sync: {
+			state: options.syncStatus?.state ?? "idle",
+			diagnosticCode: options.syncStatus?.diagnosticCode ?? null,
+			mutagenBinary: options.syncStatus?.mutagenBinary ?? "mutagen",
+			mutagenVersion: options.syncStatus?.mutagenVersion ?? null,
+			lastCommand: options.syncStatus?.lastCommand ?? null
+		},
+		daemon: {
+			configured: false,
+			running: false
+		},
+		cloudAuth: redactedCloudAuthStatus(credentials)
+	};
+}
+async function formatDoctorReport(options = {}) {
+	const report = await doctorJsonReport(options);
+	return `${[
+		"Server hosting",
+		`  Configured: ${yesNo(Boolean(report.server.configured))}`,
+		...report.server.configured ? [`  Base URL: ${report.server.baseUrl}`] : [],
+		"",
+		"Remote client",
+		`  Configured: ${yesNo(Boolean(report.remote.configured))}`,
+		...report.remote.configured ? [
+			`  MCP URL: ${report.remote.mcpUrl}`,
+			`  Control URL: ${report.remote.controlUrl}`,
+			`  Health URL: ${report.remote.healthUrl}`,
+			`  WebSocket URL: ${report.remote.webSocketUrl}`,
+			`  Auth: ${report.remote.auth}`
+		] : [],
+		"",
+		"Project Binding",
+		`  State: ${report.projectBinding.state}`,
+		`  Project root: ${report.projectBinding.projectRoot}`,
+		`  Project fingerprint: ${report.projectBinding.projectFingerprint}`,
+		`  Workspace path: ${report.projectBinding.workspacePath}`,
+		`  Auth mode: ${report.projectBinding.authMode}`,
+		`  Selected Workspace: ${report.projectBinding.selectedWorkspace ?? "none"}`,
+		`  Binding Session: ${report.projectBinding.state}`,
+		`  Recovery: ${report.projectBinding.recoveryCommand}`,
+		"",
+		"Project sync",
+		`  State: ${report.sync.state}`,
+		`  Mutagen: ${report.sync.mutagenVersion ?? report.sync.mutagenBinary}`,
+		...report.sync.diagnosticCode ? [`  Diagnostic: ${report.sync.diagnosticCode}`] : [],
+		"",
+		"Daemon",
+		`  Running: ${yesNo(Boolean(report.daemon.running))}`,
+		"",
+		"Cloud Auth",
+		`  Authenticated: ${yesNo(Boolean(report.cloudAuth.authenticated))}`,
+		...report.cloudAuth.cloudUrl ? [`  Cloud URL: ${report.cloudAuth.cloudUrl}`] : [],
+		...report.cloudAuth.workspaceSlug || report.cloudAuth.workspaceId ? [`  Selected Workspace: ${report.cloudAuth.workspaceSlug ?? report.cloudAuth.workspaceId}`] : []
+	].join("\n")}\n`;
+}
+function resolveServerSection(env) {
+	try {
+		const server = resolveCapletsServer({}, env);
+		return {
+			configured: true,
+			baseUrl: server.baseUrl.href,
+			mcpUrl: server.mcpUrl.href,
+			controlUrl: server.controlUrl.href,
+			healthUrl: server.healthUrl.href,
+			auth: server.auth.enabled ? "basic" : "none"
+		};
+	} catch {
+		return { configured: false };
+	}
+}
+function resolveRemoteSection(env) {
+	try {
+		const remote = resolveCapletsRemote({}, env);
+		return {
+			configured: true,
+			baseUrl: remote.baseUrl.href,
+			mcpUrl: remote.mcpUrl.href,
+			controlUrl: remote.controlUrl.href,
+			healthUrl: remote.healthUrl.href,
+			webSocketUrl: remote.projectBindingWebSocketUrl.href,
+			auth: remote.auth.type,
+			tokenPresent: remote.auth.type === "bearer",
+			workspace: remote.workspace ?? null
+		};
+	} catch {
+		return { configured: false };
+	}
+}
+function yesNo(value) {
+	return value ? "yes" : "no";
+}
+//#endregion
+//#region src/cloud-auth/open-url.ts
+async function openBrowserUrl(url, options = {}) {
+	if (options.opener) return await options.opener(url);
+	const command = process.platform === "darwin" ? "open" : process.platform === "win32" ? "cmd" : "xdg-open";
+	const args = process.platform === "win32" ? [
+		"/c",
+		"start",
+		"",
+		url
+	] : [url];
+	return await new Promise((resolve) => {
+		const child = spawn(command, args, {
+			detached: true,
+			stdio: "ignore"
+		});
+		child.once("error", () => resolve({
+			opened: false,
+			command
+		}));
+		child.once("spawn", () => {
+			child.unref();
+			resolve({
+				opened: true,
+				command
+			});
+		});
+	});
+}
+//#endregion
 //#region src/cli/install.ts
 function installCaplets(repo, options = {}) {
 	const source = resolveInstallSource(repo);
@@ -5118,10 +5476,22 @@ function rejectUnsafeInstallParents(path) {
 		current = join(current, segment);
 		const stats = lstatIfExists(current);
 		if (!stats) return;
-		if (stats.isSymbolicLink()) throw new CapletsError("CONFIG_EXISTS", `Install destination parent ${current} is a symlink; remove it before installing`);
+		if (stats.isSymbolicLink()) {
+			if (isDarwinSystemAliasSymlink(current)) continue;
+			throw new CapletsError("CONFIG_EXISTS", `Install destination parent ${current} is a symlink; remove it before installing`);
+		}
 		if (!stats.isDirectory()) throw new CapletsError("CONFIG_EXISTS", `Install destination parent ${current} is not a directory; choose another destination`);
 	}
 }
+function isDarwinSystemAliasSymlink(path) {
+	if (process.platform !== "darwin") return false;
+	if (path !== "/var" && path !== "/tmp") return false;
+	try {
+		return realpathSync(path) === `/private${path}`;
+	} catch {
+		return false;
+	}
+}
 function rejectUnsafeInstallDestination(plan, force) {
 	const stats = lstatIfExists(plan.destination);
 	if (!stats) return;
@@ -5270,6 +5640,348 @@ function nearestExistingParent(path) {
 	return nearestExistingParent(parent);
 }
 //#endregion
+//#region src/setup/hash.ts
+function capletSetupContentHash(caplet) {
+	return createHash("sha256").update(stableJson(stableCapletForHash(caplet))).digest("hex");
+}
+function stableJson(value) {
+	return JSON.stringify(sortJson(value));
+}
+function stableCapletForHash(caplet) {
+	return {
+		server: caplet.server,
+		name: caplet.name,
+		description: caplet.description,
+		backend: caplet.backend,
+		tags: caplet.tags,
+		body: caplet.body,
+		setup: caplet.setup,
+		backendConfig: Object.fromEntries(Object.entries(caplet).filter(([key]) => ![
+			"server",
+			"name",
+			"description",
+			"backend",
+			"tags",
+			"body",
+			"setup",
+			"disabled"
+		].includes(key)))
+	};
+}
+function sortJson(value) {
+	if (Array.isArray(value)) return value.map(sortJson);
+	if (!value || typeof value !== "object") return value;
+	return Object.fromEntries(Object.entries(value).filter(([, entry]) => entry !== void 0).sort(([left], [right]) => left.localeCompare(right)).map(([key, entry]) => [key, sortJson(entry)]));
+}
+//#endregion
+//#region src/setup/types.ts
+const setupTargetKinds = [
+	"local_host",
+	"remote_host",
+	"hosted_sandbox"
+];
+function isSetupTargetKind(value) {
+	return setupTargetKinds.includes(value);
+}
+//#endregion
+//#region src/setup/local-store.ts
+const DEFAULT_PROJECT_FINGERPRINT = "default";
+var LocalSetupStore = class {
+	root;
+	now;
+	maxAttempts;
+	retentionDays;
+	constructor(options = {}) {
+		this.root = options.baseDir ?? join(defaultCacheBaseDir(), "caplets", "setup");
+		this.now = options.now ?? (() => /* @__PURE__ */ new Date());
+		this.maxAttempts = options.maxAttempts ?? 3;
+		this.retentionDays = options.retentionDays ?? 7;
+	}
+	async getApproval(...args) {
+		const [projectFingerprint, capletId, contentHash, targetKind] = args.length === 3 ? [
+			DEFAULT_PROJECT_FINGERPRINT,
+			args[0],
+			args[1],
+			args[2]
+		] : args;
+		assertSetupTargetKind$1(targetKind);
+		return this.approvals().find((approval) => approval.projectFingerprint === projectFingerprint && approval.capletId === capletId && approval.contentHash === contentHash && approval.targetKind === targetKind);
+	}
+	async approve(input) {
+		const approval = {
+			...input,
+			projectFingerprint: input.projectFingerprint ?? DEFAULT_PROJECT_FINGERPRINT
+		};
+		assertSetupTargetKind$1(approval.targetKind);
+		const approvals = this.approvals().filter((existing) => existing.projectFingerprint !== approval.projectFingerprint || existing.capletId !== approval.capletId || existing.contentHash !== approval.contentHash || existing.targetKind !== approval.targetKind);
+		approvals.push(approval);
+		mkdirSync(this.root, { recursive: true });
+		writeFileSync(this.approvalsPath(), `${JSON.stringify(approvals, null, 2)}\n`, { mode: 384 });
+		return approval;
+	}
+	async recordAttempt(attempt) {
+		assertSetupTargetKind$1(attempt.targetKind);
+		const projectFingerprint = attempt.projectFingerprint ?? DEFAULT_PROJECT_FINGERPRINT;
+		const attempts = this.prunedAttempts([...this.attempts(projectFingerprint, attempt.capletId), {
+			...attempt,
+			projectFingerprint
+		}]);
+		mkdirSync(this.attemptsDir(projectFingerprint), { recursive: true });
+		writeFileSync(this.attemptsPath(projectFingerprint, attempt.capletId), attempts.map((entry) => JSON.stringify(entry)).join("\n") + "\n", { mode: 384 });
+	}
+	async listAttempts(...args) {
+		const [projectFingerprint, capletId] = args.length === 1 ? [DEFAULT_PROJECT_FINGERPRINT, args[0]] : args;
+		return this.attempts(projectFingerprint, capletId);
+	}
+	retention() {
+		return {
+			maxAttempts: this.maxAttempts,
+			days: this.retentionDays
+		};
+	}
+	approvals() {
+		const path = this.approvalsPath();
+		if (!existsSync(path)) return [];
+		return JSON.parse(readFileSync(path, "utf8")).map((approval) => ({
+			...approval,
+			projectFingerprint: approval.projectFingerprint ?? DEFAULT_PROJECT_FINGERPRINT
+		}));
+	}
+	prunedAttempts(attempts) {
+		const cutoffMs = this.now().getTime() - this.retentionDays * 24 * 60 * 60 * 1e3;
+		return attempts.filter((attempt) => new Date(attempt.finishedAt).getTime() >= cutoffMs).slice(-this.maxAttempts);
+	}
+	approvalsPath() {
+		return join(this.root, "approvals.json");
+	}
+	attempts(projectFingerprint, capletId) {
+		const path = this.attemptsPath(projectFingerprint, capletId);
+		if (!existsSync(path)) return [];
+		return readFileSync(path, "utf8").split("\n").filter(Boolean).map((line) => JSON.parse(line));
+	}
+	attemptsDir(projectFingerprint) {
+		return join(this.root, "projects", safeFileName(projectFingerprint), "attempts");
+	}
+	attemptsPath(projectFingerprint, capletId) {
+		return join(this.attemptsDir(projectFingerprint), `${safeFileName(capletId)}.jsonl`);
+	}
+};
+function safeFileName(value) {
+	return value.replace(/[^a-zA-Z0-9._-]/gu, "_");
+}
+function assertSetupTargetKind$1(value) {
+	if (!isSetupTargetKind(value)) throw new CapletsError("REQUEST_INVALID", "setup target must be one of: local_host, remote_host, hosted_sandbox");
+}
+//#endregion
+//#region src/setup/runner.ts
+const DEFAULT_TIMEOUT_MS = 12e4;
+const DEFAULT_MAX_OUTPUT_BYTES = 2e5;
+async function runCapletSetup(options) {
+	assertSetupTargetKind(options.targetKind);
+	if (!options.approved) throw new CapletsError("REQUEST_INVALID", "Setup approval is required before commands run");
+	const attempts = [];
+	const commands = options.setup.commands ?? [];
+	const verify = options.setup.verify ?? [];
+	for (const phase of ["commands", "verify"]) for (const command of phase === "commands" ? commands : verify) {
+		const attempt = await runSetupCommand(options, phase, command);
+		attempts.push(attempt);
+		await options.store.recordAttempt(attempt);
+		if (attempt.status !== "succeeded") return attempts;
+	}
+	return attempts;
+}
+async function runSetupCommand(options, phase, command) {
+	const now = options.now ?? (() => /* @__PURE__ */ new Date());
+	const startedAt = now();
+	const argv = [command.command, ...command.args ?? []];
+	const env = {
+		...process.env,
+		...command.env
+	};
+	const timeoutMs = command.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+	const maxOutputBytes = command.maxOutputBytes ?? DEFAULT_MAX_OUTPUT_BYTES;
+	const cwd = resolveCwd(command.cwd);
+	assertProjectWorkspaceSetupAllowed({
+		cwd,
+		projectBindingRequired: options.projectBindingRequired === true,
+		projectWorkspacePath: options.projectWorkspacePath
+	});
+	const result = await (options.spawn ?? spawnCommand)(command.command, command.args ?? [], {
+		cwd,
+		env,
+		timeoutMs,
+		maxOutputBytes
+	});
+	const finishedAt = now();
+	const redacted = redactsSecrets(command.env);
+	const stdout = redactOutput(result.stdout, command.env);
+	const stderr = redactOutput(result.stderr, command.env);
+	return {
+		attemptId: randomUUID(),
+		projectFingerprint: options.projectFingerprint ?? "default",
+		capletId: options.capletId,
+		contentHash: options.contentHash,
+		...options.setupHash === void 0 ? {} : { setupHash: options.setupHash },
+		targetKind: options.targetKind,
+		...options.runtimeFeatures === void 0 ? {} : { runtimeFeatures: options.runtimeFeatures },
+		actor: options.actor,
+		status: result.exitCode === 0 && !result.signal ? "succeeded" : "failed",
+		phase,
+		commandLabel: command.label,
+		argv,
+		...result.exitCode === void 0 ? {} : { exitCode: result.exitCode },
+		...result.signal === void 0 ? {} : { signal: result.signal },
+		durationMs: result.durationMs,
+		startedAt: startedAt.toISOString(),
+		finishedAt: finishedAt.toISOString(),
+		stdout: capBytes(stdout, maxOutputBytes),
+		stderr: capBytes(stderr, maxOutputBytes),
+		redacted,
+		retention: options.store.retention()
+	};
+}
+function assertProjectWorkspaceSetupAllowed(input) {
+	if (input.projectBindingRequired || !input.cwd || !input.projectWorkspacePath) return;
+	const workspacePath = resolve(input.projectWorkspacePath);
+	const cwd = resolve(input.cwd);
+	if (cwd === workspacePath || cwd.startsWith(`${workspacePath}/`)) throw new CapletsError("REQUEST_INVALID", "Non-project setup cannot run inside project workspace without projectBinding.required");
+}
+async function spawnCommand(command, args, options) {
+	const startedAt = Date.now();
+	return await new Promise((resolvePromise, reject) => {
+		const child = spawn(command, args, {
+			cwd: options.cwd,
+			env: options.env,
+			shell: false,
+			stdio: [
+				"ignore",
+				"pipe",
+				"pipe"
+			]
+		});
+		const chunks = {
+			stdout: "",
+			stderr: ""
+		};
+		const timer = setTimeout(() => {
+			child.kill("SIGTERM");
+		}, options.timeoutMs);
+		child.on("error", (error) => {
+			clearTimeout(timer);
+			reject(error);
+		});
+		child.stdout?.setEncoding("utf8");
+		child.stderr?.setEncoding("utf8");
+		child.stdout?.on("data", (chunk) => {
+			chunks.stdout = capBytes(chunks.stdout + chunk, options.maxOutputBytes);
+		});
+		child.stderr?.on("data", (chunk) => {
+			chunks.stderr = capBytes(chunks.stderr + chunk, options.maxOutputBytes);
+		});
+		child.on("close", (exitCode, signal) => {
+			clearTimeout(timer);
+			resolvePromise({
+				exitCode: exitCode ?? void 0,
+				signal: signal ?? void 0,
+				stdout: chunks.stdout,
+				stderr: chunks.stderr,
+				durationMs: Date.now() - startedAt
+			});
+		});
+	});
+}
+function resolveCwd(cwd) {
+	if (!cwd) return void 0;
+	if (!isAbsolute(cwd)) throw new CapletsError("CONFIG_INVALID", "Setup command cwd must be absolute");
+	return resolve(cwd);
+}
+function redactsSecrets(env) {
+	return Object.entries(env ?? {}).some(([key, value]) => isSecretKey(key) && value.length > 0);
+}
+function redactOutput(output, env) {
+	let redacted = output;
+	for (const [key, value] of Object.entries(env ?? {})) {
+		if (!isSecretKey(key) || !value) continue;
+		redacted = redacted.split(value).join("[REDACTED]");
+	}
+	return redacted;
+}
+function isSecretKey(key) {
+	return /TOKEN|SECRET|PASSWORD|KEY|AUTH/iu.test(key);
+}
+function capBytes(value, maxBytes) {
+	if (Buffer.byteLength(value) <= maxBytes) return value;
+	return Buffer.from(value).subarray(0, maxBytes).toString("utf8");
+}
+function assertSetupTargetKind(value) {
+	if (!isSetupTargetKind(value)) throw new CapletsError("REQUEST_INVALID", "setup target must be one of: local_host, remote_host, hosted_sandbox");
+}
+//#endregion
+//#region src/cli/setup-caplet.ts
+async function runCapletSetupCli(capletId, options = {}) {
+	const targetKind = resolveSetupTarget(options);
+	if (targetKind === "hosted_sandbox") throw new CapletsError("REQUEST_INVALID", "Cloud setup runs through the Caplets Cloud API, not the local CLI runner");
+	const config = loadConfig(options.configPath ?? resolveConfigPath(), options.projectConfigPath ?? resolveProjectConfigPath());
+	const caplet = Object.values({
+		...config.mcpServers,
+		...config.openapiEndpoints,
+		...config.graphqlEndpoints,
+		...config.httpApis,
+		...config.cliTools,
+		...config.capletSets
+	}).find((entry) => entry.server === capletId);
+	if (!caplet) throw new CapletsError("CONFIG_INVALID", `Unknown Caplet ID: ${capletId}`);
+	if (!caplet.setup || !caplet.setup.commands?.length && !caplet.setup.verify?.length) return `No setup metadata is defined for ${caplet.name} (${caplet.server}).\n`;
+	const contentHash = capletSetupContentHash(caplet);
+	const projectFingerprint = "default";
+	const store = new LocalSetupStore(options.baseDir ? { baseDir: options.baseDir } : {});
+	const existingApproval = await store.getApproval(projectFingerprint, caplet.server, contentHash, targetKind);
+	const actor = options.yes ? "cli-yes" : "cli-interactive";
+	if (!existingApproval && !options.yes) return [
+		`Setup approval required for ${caplet.name} (${caplet.server}).`,
+		`Content hash: ${contentHash}`,
+		`Target: ${targetKind}`,
+		"",
+		"Commands:",
+		...formatCommands(caplet.setup.commands ?? []),
+		"Verify:",
+		...formatCommands(caplet.setup.verify ?? []),
+		"",
+		`Run caplets setup ${caplet.server} --yes to approve and execute these exact steps.`,
+		""
+	].join("\n");
+	if (options.yes && !existingApproval) await store.approve({
+		projectFingerprint,
+		capletId: caplet.server,
+		contentHash,
+		targetKind,
+		approvedAt: (/* @__PURE__ */ new Date()).toISOString(),
+		actor
+	});
+	const attempts = await runCapletSetup({
+		projectFingerprint,
+		capletId: caplet.server,
+		contentHash,
+		targetKind,
+		setup: caplet.setup,
+		actor,
+		approved: true,
+		store,
+		...options.spawn ? { spawn: options.spawn } : {}
+	});
+	const failed = attempts.find((attempt) => attempt.status === "failed");
+	if (failed) throw new CapletsError("SERVER_UNAVAILABLE", `Setup failed for ${caplet.server}: ${failed.commandLabel}`, { attempts });
+	return `Completed setup for ${caplet.name} (${caplet.server}).\n`;
+}
+function resolveSetupTarget(options) {
+	if (options.target) return options.target;
+	return options.remote ? "remote_host" : "local_host";
+}
+function formatCommands(commands) {
+	if (commands.length === 0) return ["  none"];
+	return commands.map((command) => `  - ${command.label}: ${[command.command, ...command.args ?? []].join(" ")}`);
+}
+//#endregion
 //#region src/cli/setup.ts
 const execFileAsync = promisify(execFile);
 const setupIntegrationIds = [
@@ -5307,6 +6019,11 @@ function formatSetupMenu() {
 	].join("\n");
 }
 async function runSetup(integration, options = {}) {
+	if (!setupIntegrationIds.includes(integration)) return await runCapletSetupCli(integration, {
+		...options.yes === void 0 ? {} : { yes: options.yes },
+		target: resolveSetupTargetKind(options),
+		...options.remote === void 0 ? {} : { remote: options.remote }
+	});
 	const result = await executeSetup(integration, options);
 	if (options.format === "json") return `${JSON.stringify(result, null, 2)}\n`;
 	return formatSetupResult(result);
@@ -5350,6 +6067,7 @@ async function executeSetup(integration, options) {
 		integration: id,
 		name: definition.name,
 		mode: options.remote ? "remote" : "local",
+		targetKind: resolveSetupTargetKind(options),
 		dryRun: Boolean(options.dryRun),
 		actions,
 		nextSteps: definition.nextSteps
@@ -5497,7 +6215,7 @@ async function defaultSetupCommandRunner(command, args) {
 	};
 }
 function formatSetupResult(result) {
-	const lines = [`${result.dryRun ? "Dry run" : "Completed"} ${result.name} setup (${result.mode})`, ""];
+	const lines = [`${result.dryRun ? "Dry run" : "Completed"} ${result.name} setup (${result.mode}, ${result.targetKind})`, ""];
 	for (const action of result.actions) {
 		if (action.command) lines.push(`- ${action.status}: ${action.command}`);
 		if (action.path) lines.push(`- ${action.status}: wrote ${action.path}`);
@@ -5516,97 +6234,174 @@ function nonEmpty$1(value) {
 	const trimmed = value?.trim();
 	return trimmed ? trimmed : void 0;
 }
-//#endregion
-//#region src/remote-control/client.ts
-var RemoteControlClient = class {
-	#baseUrl;
-	#requestInit;
-	#fetch;
-	constructor(options) {
-		this.#baseUrl = options.baseUrl;
-		this.#requestInit = options.requestInit;
-		this.#fetch = options.fetch ?? fetch;
+function resolveSetupTargetKind(options) {
+	if (options.target !== void 0) {
+		if (isSetupTargetKind(options.target)) return options.target;
+		if (options.target === "local") return "local_host";
+		if (options.target === "remote") return "remote_host";
+		if (options.target === "cloud" || options.target === "hosted_worker") return "hosted_sandbox";
+		throw new CapletsError("REQUEST_INVALID", "setup target must be one of: local_host, remote_host, hosted_sandbox");
 	}
-	async request(command, args) {
-		const controlUrl = controlUrlForBase(this.#baseUrl);
-		let response;
-		try {
-			response = await this.#fetch(controlUrl, {
-				...this.#requestInit,
-				method: "POST",
-				headers: mergeJsonHeaders(this.#requestInit.headers),
-				body: JSON.stringify({
-					command,
-					arguments: args
-				})
-			});
-		} catch (error) {
-			throw new CapletsError("SERVER_UNAVAILABLE", `Could not connect to Caplets server at ${safeBaseUrl(this.#baseUrl)}.`, toSafeError(error, "SERVER_UNAVAILABLE"));
-		}
-		if (response.status === 401 || response.status === 403) throw new CapletsError("AUTH_FAILED", "Caplets server authentication failed. Check CAPLETS_SERVER_USER and CAPLETS_SERVER_PASSWORD.");
-		if (!response.ok) throw new CapletsError("SERVER_UNAVAILABLE", `Caplets server at ${safeBaseUrl(this.#baseUrl)} returned HTTP ${response.status}.`);
-		const payload = await parseRemoteCliResponse(response);
-		if (!payload.ok) throw new CapletsError(payload.error.code, redactRemoteMessage(payload.error.message), payload.error.nextAction === void 0 ? void 0 : { nextAction: payload.error.nextAction });
-		return payload.result;
+	return options.remote ? "remote_host" : "local_host";
+}
+//#endregion
+//#region src/serve/options.ts
+const HTTP_ONLY_OPTIONS = [
+	"host",
+	"port",
+	"path",
+	"user",
+	"password",
+	"allowUnauthenticatedHttp",
+	"trustProxy"
+];
+function resolveServeOptions(raw, env = process.env) {
+	const transport = parseTransport(raw.transport ?? "stdio");
+	if (transport === "stdio") {
+		const invalid = HTTP_ONLY_OPTIONS.filter((key) => raw[key] !== void 0);
+		if (invalid.length > 0) throw new CapletsError("REQUEST_INVALID", `${invalid.map((key) => `--${key}`).join(", ")} ${invalid.length === 1 ? "is" : "are"} only valid with --transport http`);
+		return { transport };
 	}
-};
-function mergeJsonHeaders(headers) {
-	const merged = new Headers(headers);
-	merged.set("content-type", "application/json");
-	return merged;
+	const serverUrl = env.CAPLETS_SERVER_URL ? parseServeServerUrl(nonEmpty(env.CAPLETS_SERVER_URL, "CAPLETS_SERVER_URL")) : void 0;
+	const host = nonEmpty(raw.host, "--host") ?? serverUrlHost(serverUrl) ?? "127.0.0.1";
+	const port = parsePort(raw.port ?? (serverUrl?.port ? Number(serverUrl.port) : 5387));
+	const path = normalizeHttpPath(raw.path ?? serverUrl?.pathname ?? "/");
+	const userWasExplicit = raw.user !== void 0 || hasEnv(env.CAPLETS_SERVER_USER);
+	const user = nonEmpty(raw.user, "--user") ?? nonEmpty(env.CAPLETS_SERVER_USER, "CAPLETS_SERVER_USER") ?? "caplets";
+	const password = nonEmpty(raw.password, "--password") ?? nonEmpty(env.CAPLETS_SERVER_PASSWORD, "CAPLETS_SERVER_PASSWORD");
+	if (userWasExplicit && password === void 0) throw new CapletsError("REQUEST_INVALID", "HTTP Basic Auth requires a password; pass --password or set CAPLETS_SERVER_PASSWORD.");
+	const loopback = isLoopbackHost(host);
+	const auth = password === void 0 ? {
+		enabled: false,
+		user
+	} : {
+		enabled: true,
+		user,
+		password
+	};
+	if (!loopback && !auth.enabled && raw.allowUnauthenticatedHttp !== true) throw new CapletsError("REQUEST_INVALID", "Unauthenticated HTTP serving on non-loopback hosts requires --allow-unauthenticated-http.");
+	return {
+		transport,
+		host,
+		port,
+		path,
+		...serverUrl ? { publicOrigin: serverUrl.origin } : {},
+		auth,
+		warnUnauthenticatedNetwork: !loopback && !auth.enabled,
+		loopback,
+		trustProxy: raw.trustProxy === true
+	};
 }
-function safeBaseUrl(baseUrl) {
-	const safe = new URL(baseUrl.href);
-	safe.username = "";
-	safe.password = "";
-	safe.search = "";
-	safe.hash = "";
-	return safe.toString();
+function resolveDaemonServeOptions(raw, env = process.env) {
+	if (raw.transport !== void 0 && raw.transport !== "http") throw new CapletsError("REQUEST_INVALID", "Daemonized serve requires --transport http.");
+	return resolveServeOptions({
+		...raw,
+		transport: "http"
+	}, env);
 }
-async function parseRemoteCliResponse(response) {
-	let payload;
+function isLoopbackHost(host) {
+	const normalized = host.toLocaleLowerCase();
+	return normalized === "localhost" || normalized === "127.0.0.1" || normalized === "::1";
+}
+function parseServeServerUrl(value) {
 	try {
-		payload = await response.json();
+		return parseServerBaseUrl(value);
 	} catch (error) {
-		throw invalidRemoteControlResponse(error);
-	}
-	if (!isRecord(payload)) throw invalidRemoteControlResponse();
-	if (payload.ok === true) {
-		if (!("result" in payload)) throw invalidRemoteControlResponse();
-		return {
-			ok: true,
-			result: payload.result
-		};
-	}
-	if (payload.ok === false) {
-		const error = payload.error;
-		if (!isRecord(error) || typeof error.code !== "string" || typeof error.message !== "string") throw invalidRemoteControlResponse();
-		if ("nextAction" in error && error.nextAction !== void 0 && typeof error.nextAction !== "string") throw invalidRemoteControlResponse();
-		const errorResponse = {
-			ok: false,
-			error: {
-				code: isCapletsErrorCode(error.code) ? error.code : "DOWNSTREAM_TOOL_ERROR",
-				message: error.message
-			}
-		};
-		if (typeof error.nextAction === "string") errorResponse.error.nextAction = error.nextAction;
-		return errorResponse;
+		if (error instanceof CapletsError && error.message.includes("must use https except loopback development URLs")) throw new CapletsError("REQUEST_INVALID", "CAPLETS_SERVER_URL must use https except loopback development URLs; use --host, --port, and --path separately for non-loopback HTTP bind addresses.");
+		throw error;
 	}
-	throw invalidRemoteControlResponse();
 }
-function invalidRemoteControlResponse(cause) {
-	return new CapletsError("DOWNSTREAM_PROTOCOL_ERROR", "Caplets server returned an invalid remote control response.", cause === void 0 ? void 0 : toSafeError(cause, "DOWNSTREAM_PROTOCOL_ERROR"));
+function parseTransport(value) {
+	if (value === "stdio" || value === "http") return value;
+	throw new CapletsError("REQUEST_INVALID", `Expected --transport to be stdio or http, got ${value}`);
 }
-function isRecord(value) {
-	return value !== null && typeof value === "object" && !Array.isArray(value);
+function parsePort(value) {
+	const parsed = typeof value === "number" ? value : Number(value);
+	if (!Number.isInteger(parsed) || parsed < 1 || parsed > 65535) throw new CapletsError("REQUEST_INVALID", `Expected --port to be a valid TCP port, got ${value}`);
+	return parsed;
 }
-function isCapletsErrorCode(value) {
-	return CAPLETS_ERROR_CODES.includes(value);
+function normalizeHttpPath(value) {
+	if (!value.startsWith("/")) throw new CapletsError("REQUEST_INVALID", "HTTP --path must start with /");
+	if (value.includes("?") || value.includes("#")) throw new CapletsError("REQUEST_INVALID", "HTTP --path must not include a query string or fragment");
+	return value === "/" ? value : value.replace(/\/+$/u, "");
 }
-function redactRemoteMessage(message) {
-	return String(redactSecrets(message)).replace(/\b(authorization\s*:\s*(?:basic|bearer)\s+)[^\s,;]+/giu, "$1[REDACTED]").replace(/\b((?:access_)?token=)[^\s,;]+/giu, "$1[REDACTED]").replace(/\b((?:token|secret|authorization|auth|api[-_]?key|password|credential|clientsecret|client_secret|code|refresh(?:_token)?)\s*[=:]\s*)[^\s,;]+/giu, "$1[REDACTED]");
+function serverUrlHost(url) {
+	return url?.hostname.replace(/^\[(.*)\]$/u, "$1");
+}
+function nonEmpty(value, label) {
+	if (value === void 0) return;
+	const trimmed = value.trim();
+	if (!trimmed) throw new CapletsError("REQUEST_INVALID", `${label} must not be empty`);
+	return trimmed;
+}
+function hasEnv(value) {
+	return value !== void 0 && value.trim() !== "";
+}
+//#endregion
+//#region src/attach/options.ts
+async function resolveAttachServeOptions(raw = {}, env = process.env) {
+	const selection = await resolveRemoteSelection(raw, env);
+	return {
+		...resolveServeOptions(raw, env),
+		projectRoot: raw.projectRoot ?? process.cwd(),
+		selection
+	};
 }
 //#endregion
+//#region ../../node_modules/.pnpm/@modelcontextprotocol+sdk@1.29.0_zod@4.4.3/node_modules/@modelcontextprotocol/sdk/dist/esm/server/stdio.js
+/**
+* Server transport for stdio: this communicates with an MCP client by reading from the current process' stdin and writing to stdout.
+*
+* This transport is only available in Node.js environments.
+*/
+var StdioServerTransport = class {
+	constructor(_stdin = process$1.stdin, _stdout = process$1.stdout) {
+		this._stdin = _stdin;
+		this._stdout = _stdout;
+		this._readBuffer = new ReadBuffer();
+		this._started = false;
+		this._ondata = (chunk) => {
+			this._readBuffer.append(chunk);
+			this.processReadBuffer();
+		};
+		this._onerror = (error) => {
+			this.onerror?.(error);
+		};
+	}
+	/**
+	* Starts listening for messages on stdin.
+	*/
+	async start() {
+		if (this._started) throw new Error("StdioServerTransport already started! If using Server class, note that connect() calls start() automatically.");
+		this._started = true;
+		this._stdin.on("data", this._ondata);
+		this._stdin.on("error", this._onerror);
+	}
+	processReadBuffer() {
+		while (true) try {
+			const message = this._readBuffer.readMessage();
+			if (message === null) break;
+			this.onmessage?.(message);
+		} catch (error) {
+			this.onerror?.(error);
+		}
+	}
+	async close() {
+		this._stdin.off("data", this._ondata);
+		this._stdin.off("error", this._onerror);
+		if (this._stdin.listenerCount("data") === 0) this._stdin.pause();
+		this._readBuffer.clear();
+		this.onclose?.();
+	}
+	send(message) {
+		return new Promise((resolve) => {
+			const json = serializeMessage(message);
+			if (this._stdout.write(json)) resolve();
+			else this._stdout.once("drain", resolve);
+		});
+	}
+};
+//#endregion
 //#region ../../node_modules/.pnpm/hono@4.12.23/node_modules/hono/dist/compose.js
 var compose = (middleware, onError, onNotFound) => {
 	return (context, next) => {
@@ -9337,7 +10132,7 @@ function createHttpServeApp(options, engine, io = {}) {
 			id: null
 		}, 400);
 		const nextSessionId = randomUUID();
-		const session = await createHttpSession(engine, nextSessionId, options, async (closedSessionId) => {
+		const session = await createHttpSession(io.sessionFactory ?? (() => new CapletsMcpSession(engine)), nextSessionId, options, async (closedSessionId) => {
 			const closed = sessions.get(closedSessionId);
 			sessions.delete(closedSessionId);
 			if (closed) await closed.server.close();
@@ -9363,6 +10158,11 @@ function createHttpServeApp(options, engine, io = {}) {
 		}
 		return c.json(await dispatchRemoteCliRequest(request, controlContext(io, writeErr, authFlowStore, c.req.url, paths.control, options.publicOrigin, options.trustProxy, (name) => c.req.header(name))));
 	});
+	app.get(routePath(paths.control, "project-bindings/connect"), basicAuth(options.auth), (c) => c.json({ error: "websocket_upgrade_required" }, 426));
+	app.get(routePath(paths.control, "project-bindings/:bindingId/status"), basicAuth(options.auth), (c) => c.json({
+		bindingId: c.req.param("bindingId"),
+		state: "not_attached"
+	}));
 	app.get(routePath(paths.control, "auth/callback/:flowId"), async (c) => {
 		const flowId = c.req.param("flowId");
 		const result = await dispatchRemoteCliRequest({
@@ -9428,6 +10228,28 @@ async function serveHttp(options, engineOptions = {}, writeErr = (value) => proc
 		writeErr(`Basic Auth: ${options.auth.enabled ? `enabled (user: ${options.auth.user})` : "disabled"}\n`);
 	}), app, engine, writeErr);
 }
+async function serveHttpWithSessionFactory(options, createSession, writeErr = (value) => process.stderr.write(value)) {
+	const engine = new CapletsEngine({});
+	const app = createHttpServeApp(options, engine, {
+		writeErr,
+		sessionFactory: createSession,
+		control: { projectCapletsRoot: resolveProjectCapletsRoot() }
+	});
+	const paths = servicePaths(options.path);
+	const origin = `http://${formatHost(options.host)}:${options.port}`;
+	const baseUrl = `${origin}${paths.base === "/" ? "" : paths.base}`;
+	installHttpSignalHandlers(serve({
+		fetch: app.fetch,
+		hostname: options.host,
+		port: options.port
+	}, () => {
+		writeErr(`Caplets HTTP service listening on ${baseUrl}\n`);
+		writeErr(`MCP endpoint: ${origin}${paths.mcp}\n`);
+		writeErr(`Control endpoint: ${origin}${paths.control}\n`);
+		writeErr(`Health check: ${origin}${paths.health}\n`);
+		writeErr(`Basic Auth: ${options.auth.enabled ? `enabled (user: ${options.auth.user})` : "disabled"}\n`);
+	}), app, engine, writeErr);
+}
 function projectCapletsRootForEngineOptions(engineOptions) {
 	return engineOptions.projectConfigPath ? resolveProjectCapletsRootForConfigPath(engineOptions.projectConfigPath) : resolveProjectCapletsRoot();
 }
@@ -9445,13 +10267,13 @@ function servicePaths(base) {
 		health: routePath(base, "healthz")
 	};
 }
-async function createHttpSession(engine, sessionId, options, onClose) {
+async function createHttpSession(createServer, sessionId, options, onClose) {
 	const transport = new StreamableHTTPTransport({
 		sessionIdGenerator: () => sessionId,
 		onsessionclosed: onClose,
 		...options.loopback ? dnsRebindingOptions(options) : {}
 	});
-	const server = new CapletsMcpSession(engine);
+	const server = await createServer();
 	await server.connect(transport);
 	return {
 		server,
@@ -9517,145 +10339,657 @@ function formatHost(host) {
 	return host.includes(":") && !host.startsWith("[") ? `[${host}]` : host;
 }
 //#endregion
-//#region src/serve/options.ts
-const HTTP_ONLY_OPTIONS = [
-	"host",
-	"port",
-	"path",
-	"user",
-	"password",
-	"allowUnauthenticatedHttp",
-	"trustProxy"
-];
-function resolveServeOptions(raw, env = process.env) {
-	const transport = parseTransport(raw.transport ?? "stdio");
-	if (transport === "stdio") {
-		const invalid = HTTP_ONLY_OPTIONS.filter((key) => raw[key] !== void 0);
-		if (invalid.length > 0) throw new CapletsError("REQUEST_INVALID", `${invalid.map((key) => `--${key}`).join(", ")} ${invalid.length === 1 ? "is" : "are"} only valid with --transport http`);
-		return { transport };
+//#region src/serve/native-session.ts
+var NativeCapletsMcpSession = class {
+	service;
+	server;
+	tools = /* @__PURE__ */ new Map();
+	unsubscribe;
+	closed = false;
+	constructor(service, options = {}) {
+		this.service = service;
+		this.server = options.server ?? new McpServer({
+			name: "caplets",
+			version
+		});
+		this.unsubscribe = service.onToolsChanged((tools) => this.reconcileTools(tools));
+		this.reconcileTools(service.listTools());
 	}
-	const serverUrl = env.CAPLETS_SERVER_URL ? parseServeServerUrl(nonEmpty(env.CAPLETS_SERVER_URL, "CAPLETS_SERVER_URL")) : void 0;
-	const host = nonEmpty(raw.host, "--host") ?? serverUrlHost(serverUrl) ?? "127.0.0.1";
-	const port = parsePort(raw.port ?? (serverUrl?.port ? Number(serverUrl.port) : 5387));
-	const path = normalizeHttpPath(raw.path ?? serverUrl?.pathname ?? "/");
-	const userWasExplicit = raw.user !== void 0 || hasEnv(env.CAPLETS_SERVER_USER);
-	const user = nonEmpty(raw.user, "--user") ?? nonEmpty(env.CAPLETS_SERVER_USER, "CAPLETS_SERVER_USER") ?? "caplets";
-	const password = nonEmpty(raw.password, "--password") ?? nonEmpty(env.CAPLETS_SERVER_PASSWORD, "CAPLETS_SERVER_PASSWORD");
-	if (userWasExplicit && password === void 0) throw new CapletsError("REQUEST_INVALID", "HTTP Basic Auth requires a password; pass --password or set CAPLETS_SERVER_PASSWORD.");
-	const loopback = isLoopbackHost(host);
-	const auth = password === void 0 ? {
-		enabled: false,
-		user
-	} : {
+	async connect(transport) {
+		await this.server.connect(transport);
+	}
+	async close() {
+		if (this.closed) return;
+		this.closed = true;
+		this.unsubscribe();
+		this.tools.clear();
+		await this.server.close();
+		await this.service.close();
+	}
+	reconcileTools(next) {
+		const enabled = new Map(next.map((tool) => [tool.caplet, tool]));
+		for (const [id, registered] of this.tools) {
+			const tool = enabled.get(id);
+			if (!tool) {
+				registered.remove();
+				this.tools.delete(id);
+				continue;
+			}
+			registered.update(this.definition(tool));
+		}
+		for (const tool of enabled.values()) if (!this.tools.has(tool.caplet)) this.tools.set(tool.caplet, this.server.registerTool(tool.caplet, this.definition(tool), async (request) => await this.service.execute(tool.caplet, request)));
+	}
+	definition(tool) {
+		return {
+			title: tool.title,
+			description: tool.description,
+			inputSchema: isRecord$2(tool.inputSchema) ? jsonSchemaToZodShape(tool.inputSchema) : void 0
+		};
+	}
+};
+function jsonSchemaToZodShape(schema) {
+	const properties = isRecord$2(schema.properties) ? schema.properties : {};
+	const shape = {};
+	for (const [key, value] of Object.entries(properties)) shape[key] = jsonSchemaPropertyToZod(value);
+	return shape;
+}
+function jsonSchemaPropertyToZod(value) {
+	if (!isRecord$2(value)) return unknown().optional();
+	if (Array.isArray(value.enum) && value.enum.every((item) => typeof item === "string")) {
+		const values = value.enum;
+		if (values.length > 0) return _enum(values).optional();
+	}
+	switch (value.type) {
+		case "string": return string().optional();
+		case "number":
+		case "integer": return number().optional();
+		case "boolean": return boolean().optional();
+		case "array": return array(unknown()).optional();
+		case "object": return record(string(), unknown()).optional();
+		default: return unknown().optional();
+	}
+}
+function isRecord$2(value) {
+	return value !== null && typeof value === "object" && !Array.isArray(value);
+}
+//#endregion
+//#region src/attach/server.ts
+async function attachResolvedCaplets(options, io = {}) {
+	if (options.transport === "stdio") {
+		const service = createAttachNativeService(options, io);
+		const session = new NativeCapletsMcpSession(service);
+		await service.reload();
+		await session.connect(new StdioServerTransport());
+		return;
+	}
+	await serveHttpWithSessionFactory(options, async () => {
+		const service = createAttachNativeService(options, io);
+		await service.reload();
+		return new NativeCapletsMcpSession(service);
+	}, io.writeErr);
+}
+function createAttachNativeService(options, io) {
+	return createNativeCapletsService({
+		mode: options.selection.kind === "hosted_cloud" ? "cloud" : "remote",
+		server: {
+			url: options.selection.remote.baseUrl.toString(),
+			...options.selection.remote.fetch ? { fetch: options.selection.remote.fetch } : {}
+		},
+		remote: {
+			...options.selection.remote.fetch ? { fetch: options.selection.remote.fetch } : {},
+			...options.selection.kind === "hosted_cloud" ? { cloud: {
+				url: options.selection.cloudPresence.url.toString(),
+				accessToken: options.selection.cloudPresence.accessToken,
+				workspaceId: options.selection.cloudPresence.workspaceId,
+				projectRoot: options.projectRoot
+			} } : {}
+		},
+		remoteClientFactory: (resolved) => createSdkRemoteCapletsClient({
+			...resolved,
+			requestInit: options.selection.remote.requestInit,
+			auth: nativeAuthFromRemoteAuth(options.selection.remote.auth),
+			url: options.selection.remote.mcpUrl,
+			...options.selection.remote.fetch ? { fetch: options.selection.remote.fetch } : {}
+		}),
+		...io.writeErr ? { writeErr: io.writeErr } : {}
+	});
+}
+function nativeAuthFromRemoteAuth(auth) {
+	if (auth.type === "basic") return {
 		enabled: true,
-		user,
-		password
+		user: auth.user,
+		password: auth.password
+	};
+	if (auth.type === "none") return {
+		enabled: false,
+		user: auth.user
 	};
-	if (!loopback && !auth.enabled && raw.allowUnauthenticatedHttp !== true) throw new CapletsError("REQUEST_INVALID", "Unauthenticated HTTP serving on non-loopback hosts requires --allow-unauthenticated-http.");
 	return {
-		transport,
-		host,
-		port,
-		path,
-		...serverUrl ? { publicOrigin: serverUrl.origin } : {},
-		auth,
-		warnUnauthenticatedNetwork: !loopback && !auth.enabled,
-		loopback,
-		trustProxy: raw.trustProxy === true
+		enabled: false,
+		user: "caplets"
 	};
 }
-function isLoopbackHost(host) {
-	const normalized = host.toLocaleLowerCase();
-	return normalized === "localhost" || normalized === "127.0.0.1" || normalized === "::1";
-}
-function parseServeServerUrl(value) {
-	try {
-		return parseServerBaseUrl(value);
-	} catch (error) {
-		if (error instanceof CapletsError && error.message.includes("must use https except loopback development URLs")) throw new CapletsError("REQUEST_INVALID", "CAPLETS_SERVER_URL must use https except loopback development URLs; use --host, --port, and --path separately for non-loopback HTTP bind addresses.");
-		throw error;
+//#endregion
+//#region src/project-binding/gitignore.ts
+const CAPLETS_GITIGNORE_CONTENT = "*\n!.gitignore\n";
+function bootstrapProjectBindingGitignore(projectRoot) {
+	const capletsDir = join(projectRoot, ".caplets");
+	const gitignorePath = join(capletsDir, ".gitignore");
+	if (!existsSync(projectRoot)) return {
+		path: gitignorePath,
+		changed: false
+	};
+	mkdirSync(capletsDir, { recursive: true });
+	if (!existsSync(gitignorePath)) {
+		writeFileSync(gitignorePath, CAPLETS_GITIGNORE_CONTENT, { mode: 384 });
+		return {
+			path: gitignorePath,
+			changed: true
+		};
 	}
+	const existing = readFileSync(gitignorePath, "utf8");
+	if (existing.startsWith(CAPLETS_GITIGNORE_CONTENT)) return {
+		path: gitignorePath,
+		changed: false
+	};
+	writeFileSync(gitignorePath, `${CAPLETS_GITIGNORE_CONTENT}${existing}`, { mode: 384 });
+	return {
+		path: gitignorePath,
+		changed: true
+	};
 }
-function parseTransport(value) {
-	if (value === "stdio" || value === "http") return value;
-	throw new CapletsError("REQUEST_INVALID", `Expected --transport to be stdio or http, got ${value}`);
-}
-function parsePort(value) {
-	const parsed = typeof value === "number" ? value : Number(value);
-	if (!Number.isInteger(parsed) || parsed < 1 || parsed > 65535) throw new CapletsError("REQUEST_INVALID", `Expected --port to be a valid TCP port, got ${value}`);
-	return parsed;
-}
-function normalizeHttpPath(value) {
-	if (!value.startsWith("/")) throw new CapletsError("REQUEST_INVALID", "HTTP --path must start with /");
-	if (value.includes("?") || value.includes("#")) throw new CapletsError("REQUEST_INVALID", "HTTP --path must not include a query string or fragment");
-	return value === "/" ? value : value.replace(/\/+$/u, "");
-}
-function serverUrlHost(url) {
-	return url?.hostname.replace(/^\[(.*)\]$/u, "$1");
-}
-function nonEmpty(value, label) {
-	if (value === void 0) return;
-	const trimmed = value.trim();
-	if (!trimmed) throw new CapletsError("REQUEST_INVALID", `${label} must not be empty`);
-	return trimmed;
-}
-function hasEnv(value) {
-	return value !== void 0 && value.trim() !== "";
+//#endregion
+//#region src/project-binding/transport.ts
+function defaultProjectBindingWebSocketFactory(url, protocols) {
+	const WebSocketCtor = globalThis.WebSocket;
+	if (!WebSocketCtor) throw new Error("WebSocket is not available in this runtime.");
+	return new WebSocketCtor(url, protocols);
 }
 //#endregion
-//#region ../../node_modules/.pnpm/@modelcontextprotocol+sdk@1.29.0_zod@4.4.3/node_modules/@modelcontextprotocol/sdk/dist/esm/server/stdio.js
-/**
-* Server transport for stdio: this communicates with an MCP client by reading from the current process' stdin and writing to stdout.
-*
-* This transport is only available in Node.js environments.
-*/
-var StdioServerTransport = class {
-	constructor(_stdin = process$1.stdin, _stdout = process$1.stdout) {
-		this._stdin = _stdin;
-		this._stdout = _stdout;
-		this._readBuffer = new ReadBuffer();
-		this._started = false;
-		this._ondata = (chunk) => {
-			this._readBuffer.append(chunk);
-			this.processReadBuffer();
+//#region src/project-binding/session.ts
+async function runProjectBindingSession(input) {
+	const fetchImpl = input.fetch ?? input.remote.fetch ?? fetch;
+	const webSocketFactory = input.webSocketFactory ?? defaultProjectBindingWebSocketFactory;
+	const heartbeatIntervalMs = input.heartbeatIntervalMs ?? 15e3;
+	const projectFingerprint = fingerprintProjectRoot(input.projectRoot);
+	const requestInit = input.remote.requestInit;
+	input.onEvent?.({
+		type: "state",
+		state: "attaching"
+	});
+	const created = await postJson(fetchImpl, sessionUrl(input.remote), requestInit, {
+		projectRoot: input.projectRoot,
+		projectFingerprint,
+		workspaceId: input.remote.workspace ?? "default"
+	});
+	const bindingId = created.binding.bindingId;
+	const sessionId = created.sessionId;
+	let state = created.binding.state ?? "attaching";
+	let syncState = created.binding.syncState ?? "pending";
+	let ended = false;
+	let heartbeatTimer;
+	const publicWebSocketUrl = input.remote.projectBindingWebSocketUrl.toString();
+	const socketUrl = bindingSocketUrl(input.remote, bindingId, sessionId, projectFingerprint);
+	const socketProtocols = bindingSocketProtocols(input.remote);
+	const emitReady = (requestId) => {
+		input.onEvent?.({
+			type: "ready",
+			bindingId,
+			sessionId,
+			projectRoot: input.projectRoot,
+			projectFingerprint,
+			webSocketUrl: publicWebSocketUrl,
+			...requestId ? { requestId } : {}
+		});
+	};
+	const heartbeat = async (socket) => {
+		const payload = {
+			type: "heartbeat",
+			bindingId,
+			sessionId,
+			state,
+			syncState
 		};
-		this._onerror = (error) => {
-			this.onerror?.(error);
+		if (socket?.readyState === 1) socket.send(JSON.stringify(payload));
+		await postJson(fetchImpl, heartbeatUrl(input.remote, bindingId), requestInit, {
+			sessionId,
+			state,
+			syncState
+		}).catch(() => void 0);
+		input.onEvent?.({
+			type: "heartbeat",
+			bindingId,
+			sessionId,
+			state
+		});
+	};
+	const connect = async (attempt) => {
+		const socket = webSocketFactory(socketUrl, socketProtocols);
+		await waitForOpen(socket, input.signal);
+		if (input.signal?.aborted) {
+			closeSocket(socket, 1e3, "aborted");
+			return;
+		}
+		const closePromise = new Promise((resolve) => {
+			listen(socket, "message", (event) => {
+				const message = parseSocketMessage(event.data);
+				if (!message) return;
+				if (message.type === "state") {
+					state = message.state;
+					syncState = message.syncState;
+					input.onEvent?.({
+						type: "state",
+						state,
+						...message.requestId ? { requestId: message.requestId } : {}
+					});
+					return;
+				}
+				if (message.type === "ready") {
+					state = "ready";
+					syncState = message.syncState;
+					emitReady(message.requestId);
+					return;
+				}
+				if (message.type === "blocked") {
+					state = "blocked";
+					input.onEvent?.({
+						type: "ended",
+						bindingId,
+						sessionId,
+						reason: message.reason
+					});
+					resolve({
+						reconnect: false,
+						reason: message.reason.message
+					});
+					return;
+				}
+				input.onEvent?.({
+					type: "ended",
+					bindingId,
+					sessionId,
+					reason: message.reason
+				});
+				resolve({
+					reconnect: false,
+					reason: message.reason.message
+				});
+			});
+			listen(socket, "close", (event) => {
+				resolve({
+					reconnect: !input.signal?.aborted && attempt < 1,
+					reason: event.reason ?? `WebSocket closed${event.code ? ` (${event.code})` : ""}.`
+				});
+			});
+			listen(socket, "error", () => {
+				resolve({
+					reconnect: !input.signal?.aborted && attempt < 1,
+					reason: "WebSocket error."
+				});
+			});
+		});
+		heartbeatTimer = setInterval(() => {
+			heartbeat(socket);
+		}, heartbeatIntervalMs);
+		await heartbeat(socket);
+		const closed = await Promise.race([closePromise, waitForAbort(input.signal)]);
+		if (heartbeatTimer) clearInterval(heartbeatTimer);
+		heartbeatTimer = void 0;
+		closeSocket(socket, 1e3, "Binding Session closed.");
+		if (closed === "abort") return;
+		if (closed.reconnect) {
+			input.onEvent?.({
+				type: "reconnecting",
+				bindingId,
+				sessionId,
+				attempt: attempt + 1,
+				reason: closed.reason
+			});
+			await connect(attempt + 1);
+		}
+	};
+	try {
+		await connect(0);
+	} finally {
+		ended = true;
+		if (heartbeatTimer) clearInterval(heartbeatTimer);
+		const reason = input.signal?.aborted ? {
+			code: "interrupted",
+			message: "Binding Session ended."
+		} : {
+			code: "completed",
+			message: "Binding Session completed."
 		};
+		await endRemoteSession(fetchImpl, input.remote, requestInit, bindingId, sessionId, reason);
+		input.onEvent?.({
+			type: "ended",
+			bindingId,
+			sessionId,
+			reason
+		});
 	}
-	/**
-	* Starts listening for messages on stdin.
-	*/
-	async start() {
-		if (this._started) throw new Error("StdioServerTransport already started! If using Server class, note that connect() calls start() automatically.");
-		this._started = true;
-		this._stdin.on("data", this._ondata);
-		this._stdin.on("error", this._onerror);
+	return {
+		ok: true,
+		bindingId,
+		sessionId,
+		projectRoot: input.projectRoot,
+		projectFingerprint,
+		webSocketUrl: publicWebSocketUrl,
+		ended
+	};
+}
+async function postJson(fetchImpl, url, requestInit, body) {
+	const headers = new Headers(requestInit.headers);
+	headers.set("content-type", "application/json");
+	const response = await fetchImpl(url, {
+		...requestInit,
+		method: "POST",
+		headers,
+		body: JSON.stringify(body)
+	});
+	if (!response.ok) throw new CapletsError("SERVER_UNAVAILABLE", `Project Binding request failed (${response.status}).`);
+	return await response.json().catch(() => ({}));
+}
+async function endRemoteSession(fetchImpl, remote, requestInit, bindingId, sessionId, reason) {
+	const headers = new Headers(requestInit.headers);
+	headers.set("content-type", "application/json");
+	await fetchImpl(endSessionUrl(remote, bindingId), {
+		...requestInit,
+		method: "DELETE",
+		headers,
+		body: JSON.stringify({
+			sessionId,
+			terminalReason: reason
+		})
+	}).catch(() => void 0);
+}
+function sessionUrl(remote) {
+	return controlProjectBindingUrl(remote, "sessions");
+}
+function heartbeatUrl(remote, bindingId) {
+	return controlProjectBindingUrl(remote, `${encodeURIComponent(bindingId)}/heartbeat`);
+}
+function endSessionUrl(remote, bindingId) {
+	return controlProjectBindingUrl(remote, `${encodeURIComponent(bindingId)}/session`);
+}
+function controlProjectBindingUrl(remote, suffix) {
+	const url = new URL(remote.projectBindingWebSocketUrl);
+	if (url.protocol === "wss:") url.protocol = "https:";
+	if (url.protocol === "ws:") url.protocol = "http:";
+	url.pathname = url.pathname.replace(/\/connect$/u, `/${suffix}`);
+	url.search = "";
+	url.hash = "";
+	return url;
+}
+function bindingSocketUrl(remote, bindingId, sessionId, projectFingerprint) {
+	const url = new URL(remote.projectBindingWebSocketUrl);
+	url.searchParams.set("bindingId", bindingId);
+	url.searchParams.set("sessionId", sessionId);
+	url.searchParams.set("projectFingerprint", projectFingerprint);
+	return url.toString();
+}
+function bindingSocketProtocols(remote) {
+	if (remote.auth.type !== "bearer") return void 0;
+	return ["caplets.project-binding.v1", `caplets.bearer.${Buffer$1.from(remote.auth.token).toString("base64url")}`];
+}
+function parseSocketMessage(data) {
+	const text = typeof data === "string" ? data : data instanceof ArrayBuffer ? new TextDecoder().decode(data) : void 0;
+	if (!text) return void 0;
+	const parsed = JSON.parse(text);
+	return typeof parsed.type === "string" ? parsed : void 0;
+}
+async function waitForOpen(socket, signal) {
+	if (socket.readyState === 1) return;
+	await Promise.race([new Promise((resolve, reject) => {
+		listen(socket, "open", () => resolve(), { once: true });
+		listen(socket, "error", () => reject(new CapletsError("SERVER_UNAVAILABLE", "Project Binding WebSocket failed to open.")), { once: true });
+	}), waitForAbort(signal).then(() => void 0)]);
+}
+function waitForAbort(signal) {
+	if (signal?.aborted) return Promise.resolve("abort");
+	return new Promise((resolve) => {
+		signal?.addEventListener("abort", () => resolve("abort"), { once: true });
+	});
+}
+function listen(socket, type, listener, options) {
+	if (socket.addEventListener) {
+		socket.addEventListener(type, listener, options);
+		return;
 	}
-	processReadBuffer() {
-		while (true) try {
-			const message = this._readBuffer.readMessage();
-			if (message === null) break;
-			this.onmessage?.(message);
+	const key = `on${type}`;
+	const existing = socket[key];
+	const wrapper = (event) => {
+		existing?.(event);
+		listener(event);
+		if (options?.once && socket[key] === wrapper) socket[key] = existing ?? null;
+	};
+	socket[key] = wrapper;
+}
+function closeSocket(socket, code, reason) {
+	try {
+		socket.close(code, reason);
+	} catch {}
+}
+//#endregion
+//#region src/project-binding/sync-size.ts
+const DEFAULT_SYNC_LIMITS = {
+	free: {
+		maxSingleFileBytes: 25 * 1024 * 1024,
+		maxProjectBytes: 250 * 1024 * 1024
+	},
+	plus: {
+		maxSingleFileBytes: 100 * 1024 * 1024,
+		maxProjectBytes: 1024 * 1024 * 1024
+	},
+	pro: {
+		maxSingleFileBytes: 250 * 1024 * 1024,
+		maxProjectBytes: 5 * 1024 * 1024 * 1024
+	},
+	enterprise: {
+		maxSingleFileBytes: 250 * 1024 * 1024,
+		maxProjectBytes: 5 * 1024 * 1024 * 1024
+	},
+	self_hosted: {
+		maxSingleFileBytes: 250 * 1024 * 1024,
+		maxProjectBytes: 5 * 1024 * 1024 * 1024
+	}
+};
+function enforceProjectSyncSizeLimits(input) {
+	const limits = {
+		...DEFAULT_SYNC_LIMITS[input.tier],
+		...input.limits
+	};
+	const totalBytes = input.files.reduce((total, file) => total + file.sizeBytes, 0);
+	const largestFileBytes = Math.max(0, ...input.files.map((file) => file.sizeBytes));
+	if (largestFileBytes > limits.maxSingleFileBytes || totalBytes > limits.maxProjectBytes) return {
+		ok: false,
+		code: "sync_size_limit_exceeded",
+		totalBytes,
+		maxSingleFileBytes: limits.maxSingleFileBytes,
+		maxProjectBytes: limits.maxProjectBytes,
+		largestFileBytes,
+		recoveryCommand: "Add exclusions to .capletsignore or upgrade the workspace plan."
+	};
+	return {
+		ok: true,
+		totalBytes,
+		maxSingleFileBytes: limits.maxSingleFileBytes,
+		maxProjectBytes: limits.maxProjectBytes
+	};
+}
+//#endregion
+//#region src/project-binding/attach.ts
+async function resolveAttachOptions(raw = {}, env = process.env) {
+	return await resolveAttachOptionsForRun(raw, env);
+}
+async function resolveAttachOptionsForRun(raw = {}, env = process.env) {
+	const selection = await resolveRemoteSelection({
+		...raw.remoteUrl !== void 0 ? { remoteUrl: raw.remoteUrl } : {},
+		...raw.user !== void 0 ? { user: raw.user } : {},
+		...raw.password !== void 0 ? { password: raw.password } : {},
+		...raw.token !== void 0 ? { token: raw.token } : {},
+		...raw.workspace !== void 0 ? { workspace: raw.workspace } : {},
+		...raw.fetch !== void 0 ? { fetch: raw.fetch } : {}
+	}, env);
+	return {
+		projectRoot: raw.projectRoot ?? process.cwd(),
+		json: raw.json === true,
+		verbose: raw.verbose === true,
+		once: raw.once === true,
+		remote: selection.remote,
+		authMode: selection.kind,
+		...selection.kind === "hosted_cloud" ? { selectedWorkspace: selection.selectedWorkspace } : raw.workspace ? { selectedWorkspace: raw.workspace } : {}
+	};
+}
+async function attachProjectOnce(raw = {}, env = process.env) {
+	const resolved = await resolveAttachOptionsForRun({
+		...raw,
+		once: true
+	}, env);
+	bootstrapProjectBindingGitignore(resolved.projectRoot);
+	preflightProjectSync(resolved.projectRoot, hostedTier(env));
+	const response = await (resolved.remote.fetch ?? fetch)(projectBindingProbeUrl(resolved.remote), {
+		...resolved.remote.requestInit,
+		method: "GET"
+	});
+	if (response.status !== 101 && !await isWebSocketUpgradeRequired(response)) throw new CapletsError("SERVER_UNAVAILABLE", `Project Binding WebSocket unavailable at ${resolved.remote.projectBindingWebSocketUrl}. Run caplets doctor for details.`);
+	return {
+		ok: true,
+		projectRoot: resolved.projectRoot,
+		webSocketUrl: resolved.remote.projectBindingWebSocketUrl.toString()
+	};
+}
+async function attachProjectSession(raw = {}, env = process.env, options = {}) {
+	const resolved = await resolveAttachOptionsForRun(raw, env);
+	bootstrapProjectBindingGitignore(resolved.projectRoot);
+	preflightProjectSync(resolved.projectRoot, hostedTier(env));
+	return await runProjectBindingSession({
+		projectRoot: resolved.projectRoot,
+		remote: resolved.remote,
+		fetch: resolved.remote.fetch,
+		signal: options.signal,
+		heartbeatIntervalMs: options.heartbeatIntervalMs,
+		webSocketFactory: options.webSocketFactory,
+		onEvent: options.onEvent
+	});
+}
+function projectBindingProbeUrl(remote) {
+	const url = new URL(remote.projectBindingWebSocketUrl);
+	if (url.protocol === "wss:") url.protocol = "https:";
+	if (url.protocol === "ws:") url.protocol = "http:";
+	return url;
+}
+async function isWebSocketUpgradeRequired(response) {
+	if (response.status !== 426) return false;
+	if (!(response.headers.get("content-type") ?? "").includes("application/json")) return false;
+	return (await response.json().catch(() => void 0))?.error === "websocket_upgrade_required";
+}
+function preflightProjectSync(projectRoot, tier) {
+	if (!existsSync(projectRoot)) return;
+	const size = enforceProjectSyncSizeLimits({
+		tier,
+		files: buildProjectSyncManifest({ projectRoot }).files
+	});
+	if (!size.ok) throw new ProjectBindingError({
+		code: size.code,
+		message: "Project sync size exceeds the selected workspace policy.",
+		recoveryCommand: size.recoveryCommand
+	});
+}
+function hostedTier(env) {
+	const value = env.CAPLETS_CLOUD_TIER?.toLowerCase();
+	return value === "plus" || value === "pro" || value === "enterprise" ? value : "free";
+}
+//#endregion
+//#region src/remote-control/client.ts
+var RemoteControlClient = class {
+	#baseUrl;
+	#requestInit;
+	#fetch;
+	constructor(options) {
+		this.#baseUrl = options.baseUrl;
+		this.#requestInit = options.requestInit;
+		this.#fetch = options.fetch ?? fetch;
+	}
+	async request(command, args) {
+		const controlUrl = controlUrlForBase(this.#baseUrl);
+		let response;
+		try {
+			response = await this.#fetch(controlUrl, {
+				...this.#requestInit,
+				method: "POST",
+				headers: mergeJsonHeaders(this.#requestInit.headers),
+				body: JSON.stringify({
+					command,
+					arguments: args
+				})
+			});
 		} catch (error) {
-			this.onerror?.(error);
+			throw new CapletsError("SERVER_UNAVAILABLE", `Could not connect to Caplets server at ${safeBaseUrl(this.#baseUrl)}.`, toSafeError(error, "SERVER_UNAVAILABLE"));
 		}
+		if (response.status === 401 || response.status === 403) throw new CapletsError("AUTH_FAILED", "Caplets remote authentication failed. Check CAPLETS_REMOTE_USER and CAPLETS_REMOTE_PASSWORD.");
+		if (!response.ok) throw new CapletsError("SERVER_UNAVAILABLE", `Caplets server at ${safeBaseUrl(this.#baseUrl)} returned HTTP ${response.status}.`);
+		const payload = await parseRemoteCliResponse(response);
+		if (!payload.ok) throw new CapletsError(payload.error.code, redactRemoteMessage(payload.error.message), payload.error.nextAction === void 0 ? void 0 : { nextAction: payload.error.nextAction });
+		return payload.result;
 	}
-	async close() {
-		this._stdin.off("data", this._ondata);
-		this._stdin.off("error", this._onerror);
-		if (this._stdin.listenerCount("data") === 0) this._stdin.pause();
-		this._readBuffer.clear();
-		this.onclose?.();
+};
+function mergeJsonHeaders(headers) {
+	const merged = new Headers(headers);
+	merged.set("content-type", "application/json");
+	return merged;
+}
+function safeBaseUrl(baseUrl) {
+	const safe = new URL(baseUrl.href);
+	safe.username = "";
+	safe.password = "";
+	safe.search = "";
+	safe.hash = "";
+	return safe.toString();
+}
+async function parseRemoteCliResponse(response) {
+	let payload;
+	try {
+		payload = await response.json();
+	} catch (error) {
+		throw invalidRemoteControlResponse(error);
 	}
-	send(message) {
-		return new Promise((resolve) => {
-			const json = serializeMessage(message);
-			if (this._stdout.write(json)) resolve();
-			else this._stdout.once("drain", resolve);
-		});
+	if (!isRecord$1(payload)) throw invalidRemoteControlResponse();
+	if (payload.ok === true) {
+		if (!("result" in payload)) throw invalidRemoteControlResponse();
+		return {
+			ok: true,
+			result: payload.result
+		};
 	}
-};
+	if (payload.ok === false) {
+		const error = payload.error;
+		if (!isRecord$1(error) || typeof error.code !== "string" || typeof error.message !== "string") throw invalidRemoteControlResponse();
+		if ("nextAction" in error && error.nextAction !== void 0 && typeof error.nextAction !== "string") throw invalidRemoteControlResponse();
+		const errorResponse = {
+			ok: false,
+			error: {
+				code: isCapletsErrorCode(error.code) ? error.code : "DOWNSTREAM_TOOL_ERROR",
+				message: error.message
+			}
+		};
+		if (typeof error.nextAction === "string") errorResponse.error.nextAction = error.nextAction;
+		return errorResponse;
+	}
+	throw invalidRemoteControlResponse();
+}
+function invalidRemoteControlResponse(cause) {
+	return new CapletsError("DOWNSTREAM_PROTOCOL_ERROR", "Caplets server returned an invalid remote control response.", cause === void 0 ? void 0 : toSafeError(cause, "DOWNSTREAM_PROTOCOL_ERROR"));
+}
+function isRecord$1(value) {
+	return value !== null && typeof value === "object" && !Array.isArray(value);
+}
+function isCapletsErrorCode(value) {
+	return CAPLETS_ERROR_CODES.includes(value);
+}
+function redactRemoteMessage(message) {
+	return String(redactSecrets(message)).replace(/\b(authorization\s*:\s*(?:basic|bearer)\s+)[^\s,;]+/giu, "$1[REDACTED]").replace(/\b((?:access_)?token=)[^\s,;]+/giu, "$1[REDACTED]").replace(/\b((?:token|secret|authorization|auth|api[-_]?key|password|credential|clientsecret|client_secret|code|refresh(?:_token)?)\s*[=:]\s*)[^\s,;]+/giu, "$1[REDACTED]");
+}
 //#endregion
 //#region src/serve/stdio.ts
 async function serveStdio(options = {}) {
@@ -9671,20 +11005,402 @@ async function serveStdio(options = {}) {
 			await engine.close();
 		}
 	};
-	let sigintHandler;
-	let sigtermHandler;
-	if (options.signalHandling !== false) {
-		sigintHandler = () => void close().finally(() => process.exit(130));
-		sigtermHandler = () => void close().finally(() => process.exit(143));
-		process.once("SIGINT", sigintHandler);
-		process.once("SIGTERM", sigtermHandler);
-	}
+	let sigintHandler;
+	let sigtermHandler;
+	if (options.signalHandling !== false) {
+		sigintHandler = () => void close().finally(() => process.exit(130));
+		sigtermHandler = () => void close().finally(() => process.exit(143));
+		process.once("SIGINT", sigintHandler);
+		process.once("SIGTERM", sigtermHandler);
+	}
+	try {
+		await session.connect(new StdioServerTransport());
+	} finally {
+		if (sigintHandler) process.off("SIGINT", sigintHandler);
+		if (sigtermHandler) process.off("SIGTERM", sigtermHandler);
+		await close();
+	}
+}
+//#endregion
+//#region src/serve/daemon/config.ts
+function readDaemonConfig(paths) {
+	return readJson(paths.configFile);
+}
+function writeDaemonConfig(paths, serve, command, now = /* @__PURE__ */ new Date()) {
+	const config = {
+		instance: "default",
+		serve,
+		command,
+		paths,
+		updatedAt: now.toISOString()
+	};
+	writeJson(paths.configFile, config);
+	return config;
+}
+function readDaemonState(paths) {
+	return readJson(paths.stateFile);
+}
+function writeDaemonState(paths, state, now = /* @__PURE__ */ new Date()) {
+	const next = {
+		instance: "default",
+		...state,
+		updatedAt: state.updatedAt ?? now.toISOString()
+	};
+	writeJson(paths.stateFile, next);
+	return next;
+}
+function redactDaemonStatus(status) {
+	return redactDaemonValue(status);
+}
+function redactDaemonValue(value) {
+	if (Array.isArray(value)) return redactDaemonArray(value);
+	if (!value || typeof value !== "object") return value;
+	const redacted = {};
+	for (const [key, nested] of Object.entries(value)) redacted[key] = /password|token|secret|authorization|credential/iu.test(key) ? "[REDACTED]" : redactDaemonValue(nested);
+	return redacted;
+}
+function redactDaemonArray(value) {
+	const redacted = [];
+	let redactNext = false;
+	for (const item of value) {
+		if (redactNext) {
+			redacted.push("[REDACTED]");
+			redactNext = false;
+			continue;
+		}
+		redacted.push(redactDaemonValue(item));
+		if (typeof item === "string" && /--(?:password|token|secret|authorization|credential)$/iu.test(item)) redactNext = true;
+	}
+	return redacted;
+}
+function readJson(path) {
+	if (!existsSync(path)) return void 0;
+	return JSON.parse(readFileSync(path, "utf8"));
+}
+function writeJson(path, value) {
+	mkdirSync(dirname(path), { recursive: true });
+	writeFileSync(path, `${JSON.stringify(value, null, 2)}\n`);
+}
+//#endregion
+//#region src/serve/daemon/platform-darwin.ts
+function buildLaunchdUserAgentDescriptor(paths, command) {
+	const label = "dev.caplets.serve.default";
+	return {
+		kind: "launchd-user-agent",
+		label,
+		path: `${paths.configFile}.plist`,
+		plist: [
+			"<?xml version=\"1.0\" encoding=\"UTF-8\"?>",
+			"<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">",
+			"<plist version=\"1.0\">",
+			"<dict>",
+			"  <key>Label</key>",
+			`  <string>${label}</string>`,
+			"  <key>ProgramArguments</key>",
+			"  <array>",
+			`    <string>${escapeXml(command.executable)}</string>`,
+			...command.args.map((arg) => `    <string>${escapeXml(arg)}</string>`),
+			"  </array>",
+			"  <key>RunAtLoad</key>",
+			"  <true/>",
+			"  <key>KeepAlive</key>",
+			"  <true/>",
+			"  <key>StandardOutPath</key>",
+			`  <string>${escapeXml(paths.stdoutLog)}</string>`,
+			"  <key>StandardErrorPath</key>",
+			`  <string>${escapeXml(paths.stderrLog)}</string>`,
+			"</dict>",
+			"</plist>",
+			""
+		].join("\n")
+	};
+}
+//#endregion
+//#region src/serve/daemon/platform-linux.ts
+function buildLinuxServiceDescriptor(paths, command, serviceAvailable = true) {
+	if (!serviceAvailable) return {
+		kind: "manual",
+		reason: "Linux systemd user service is not available; run the daemon command manually.",
+		command
+	};
+	return {
+		kind: "systemd-user",
+		unitName: "caplets-serve-default.service",
+		path: `${paths.configFile}.service`,
+		unit: [
+			"[Unit]",
+			"Description=Caplets HTTP daemon (default)",
+			"After=network.target",
+			"",
+			"[Service]",
+			"Type=simple",
+			`ExecStart=${shellJoin([command.executable, ...command.args])}`,
+			"Restart=on-failure",
+			`StandardOutput=append:${paths.stdoutLog}`,
+			`StandardError=append:${paths.stderrLog}`,
+			"",
+			"[Install]",
+			"WantedBy=default.target",
+			""
+		].join("\n")
+	};
+}
+function shellJoin(args) {
+	return args.map((arg) => /^[A-Za-z0-9_./:=@-]+$/u.test(arg) ? arg : `'${arg.replaceAll("'", "'\\''")}'`).join(" ");
+}
+//#endregion
+//#region src/serve/daemon/platform-windows.ts
+function buildWindowsScheduledTaskDescriptor(command) {
+	const taskName = "Caplets Serve Default";
+	return {
+		kind: "windows-scheduled-task",
+		taskName,
+		commands: {
+			register: `schtasks /Create /TN "${taskName}" /SC ONLOGON /TR "${commandLine([command.executable, ...command.args])}" /F`,
+			unregister: `schtasks /Delete /TN "${taskName}" /F`,
+			query: `schtasks /Query /TN "${taskName}"`
+		}
+	};
+}
+function commandLine(args) {
+	return args.map((arg) => arg.includes(" ") ? `\\"${arg}\\"` : arg).join(" ");
+}
+//#endregion
+//#region src/serve/daemon/platform.ts
+function buildDaemonPlatformDescriptor(options) {
+	const platform = options.platform ?? process.platform;
+	if (platform === "darwin") return buildLaunchdUserAgentDescriptor(options.paths, options.command);
+	if (platform === "linux") return buildLinuxServiceDescriptor(options.paths, options.command, options.serviceAvailable);
+	if (platform === "win32") return buildWindowsScheduledTaskDescriptor(options.command);
+	return {
+		kind: "manual",
+		reason: `Automatic user service descriptors are not available on ${platform}.`,
+		command: options.command
+	};
+}
+function escapeXml(value) {
+	return value.replaceAll("&", "&amp;").replaceAll("<", "&lt;").replaceAll(">", "&gt;").replaceAll("\"", "&quot;").replaceAll("'", "&apos;");
+}
+//#endregion
+//#region src/serve/daemon/process.ts
+function daemonServeCommand(options) {
+	return {
+		executable: process.argv[1] ?? "caplets",
+		args: daemonServeArgs(options)
+	};
+}
+function daemonServeArgs(options) {
+	const args = [
+		"serve",
+		"--transport",
+		"http",
+		"--host",
+		options.host,
+		"--port",
+		String(options.port),
+		"--path",
+		options.path,
+		"--user",
+		options.auth.user
+	];
+	if (options.auth.enabled) args.push("--password", options.auth.password);
+	if (options.warnUnauthenticatedNetwork) args.push("--allow-unauthenticated-http");
+	if (options.trustProxy) args.push("--trust-proxy");
+	return args;
+}
+function createNodeDaemonProcessRunner() {
+	return {
+		async isRunning(pid) {
+			try {
+				process.kill(pid, 0);
+				return true;
+			} catch {
+				return false;
+			}
+		},
+		async start(command) {
+			mkdirSync(dirname(command.stdoutLog), { recursive: true });
+			mkdirSync(dirname(command.stderrLog), { recursive: true });
+			const stdout = openSync(command.stdoutLog, "a");
+			const stderr = openSync(command.stderrLog, "a");
+			try {
+				const child = spawn(process.execPath, [process.argv[1] ?? "caplets", ...command.args], {
+					detached: true,
+					stdio: [
+						"ignore",
+						stdout,
+						stderr
+					],
+					env: process.env
+				});
+				child.unref();
+				return child.pid ?? 0;
+			} finally {
+				closeSync(stdout);
+				closeSync(stderr);
+			}
+		},
+		async stop(pid) {
+			try {
+				process.kill(pid, "SIGTERM");
+			} catch {
+				return;
+			}
+		}
+	};
+}
+//#endregion
+//#region src/serve/daemon/paths.ts
+function resolveServeDaemonPaths(options = {}) {
+	const platform = options.platform ?? process.platform;
+	const home = options.home ?? homedir();
+	const env = options.env ?? process.env;
+	const path = platform === "win32" ? win32 : posix;
+	const configBase = defaultConfigBaseDir(env, home, platform);
+	const stateBase = defaultStateBaseDir(env, home, platform);
+	if (platform === "win32") {
+		const stateDir = path.join(stateBase, "Caplets", "State", "serve", "default");
+		const logDir = path.join(stateDir, "logs");
+		return {
+			instance: "default",
+			stateDir,
+			logDir,
+			stateFile: path.join(stateDir, "state.json"),
+			pidFile: path.join(stateDir, "server.pid"),
+			stdoutLog: path.join(logDir, "stdout.log"),
+			stderrLog: path.join(logDir, "stderr.log"),
+			configFile: path.join(configBase, "Caplets", "serve", "default.json")
+		};
+	}
+	const stateDir = path.join(stateBase, "caplets", "serve", "default");
+	const logDir = path.join(stateDir, "logs");
+	return {
+		instance: "default",
+		stateDir,
+		logDir,
+		stateFile: path.join(stateDir, "state.json"),
+		pidFile: path.join(stateDir, "server.pid"),
+		stdoutLog: path.join(logDir, "stdout.log"),
+		stderrLog: path.join(logDir, "stderr.log"),
+		configFile: path.join(configBase, "caplets", "serve", "default.json")
+	};
+}
+//#endregion
+//#region src/serve/daemon/index.ts
+async function startDaemon(raw = {}, options = {}) {
+	const paths = resolveServeDaemonPaths(options);
+	const processRunner = options.process ?? createNodeDaemonProcessRunner();
+	const existing = await daemonStatus({
+		...options,
+		process: processRunner
+	});
+	if (existing.running) throw new CapletsError("REQUEST_INVALID", "Caplets HTTP daemon is already running.");
+	const serve = resolveDaemonServeOptions(raw, options.env ?? process.env);
+	const command = daemonServeCommand(serve);
+	mkdirSync(paths.logDir, { recursive: true });
+	const config = writeDaemonConfig(paths, serve, command);
+	const pid = await processRunner.start({
+		args: command.args,
+		stdoutLog: paths.stdoutLog,
+		stderrLog: paths.stderrLog,
+		configFile: paths.configFile
+	});
+	writeFileSync(paths.pidFile, `${pid}\n`);
+	const now = (/* @__PURE__ */ new Date()).toISOString();
+	return { status: redactDaemonStatus({
+		...writeDaemonState(paths, {
+			running: true,
+			pid,
+			startedAt: now,
+			enabled: existing.enabled,
+			updatedAt: now
+		}),
+		paths,
+		config
+	}) };
+}
+async function stopDaemon(options = {}) {
+	const paths = resolveServeDaemonPaths(options);
+	const processRunner = options.process ?? createNodeDaemonProcessRunner();
+	const existing = await daemonStatus({
+		...options,
+		process: processRunner
+	});
+	if (existing.running && existing.pid !== void 0) await processRunner.stop(existing.pid);
+	rmSync(paths.pidFile, { force: true });
+	return { status: redactDaemonStatus({
+		...writeDaemonState(paths, {
+			running: false,
+			enabled: existing.enabled
+		}),
+		paths,
+		...configProperty(readDaemonConfig(paths))
+	}) };
+}
+async function restartDaemon(raw = {}, options = {}) {
+	await stopDaemon(options);
+	return startDaemon(raw, options);
+}
+async function daemonStatus(options = {}) {
+	const paths = resolveServeDaemonPaths(options);
+	const processRunner = options.process ?? createNodeDaemonProcessRunner();
+	const config = readDaemonConfig(paths);
+	const storedState = readDaemonState(paths);
+	const pid = readPid(paths.pidFile) ?? storedState?.pid;
+	const running = pid === void 0 ? false : await processRunner.isRunning(pid);
+	if (!running) rmSync(paths.pidFile, { force: true });
+	return redactDaemonStatus({
+		...writeDaemonState(paths, {
+			running,
+			...running && pid !== void 0 ? { pid } : {},
+			...running && storedState?.startedAt ? { startedAt: storedState.startedAt } : {},
+			enabled: storedState?.enabled ?? false
+		}),
+		paths,
+		...config ? { config } : {}
+	});
+}
+async function enableDaemon(options = {}) {
+	return setDaemonEnabled(true, options);
+}
+async function disableDaemon(options = {}) {
+	return setDaemonEnabled(false, options);
+}
+async function setDaemonEnabled(enabled, options) {
+	const paths = resolveServeDaemonPaths(options);
+	const config = readDaemonConfig(paths);
+	const command = config?.command ?? daemonServeCommand(resolveDaemonServeOptions({}, options.env));
+	const descriptor = buildDaemonPlatformDescriptor({
+		...options.platform !== void 0 ? { platform: options.platform } : {},
+		...options.serviceAvailable !== void 0 ? { serviceAvailable: options.serviceAvailable } : {},
+		paths,
+		command
+	});
+	const current = await daemonStatus(options);
+	return {
+		enabled,
+		descriptor,
+		status: redactDaemonStatus({
+			...writeDaemonState(paths, {
+				running: current.running,
+				...current.running && current.pid !== void 0 ? { pid: current.pid } : {},
+				...current.running && current.startedAt ? { startedAt: current.startedAt } : {},
+				enabled
+			}),
+			paths,
+			...configProperty(config)
+		})
+	};
+}
+function configProperty(config) {
+	return config ? { config } : {};
+}
+function readPid(path) {
 	try {
-		await session.connect(new StdioServerTransport());
-	} finally {
-		if (sigintHandler) process.off("SIGINT", sigintHandler);
-		if (sigtermHandler) process.off("SIGTERM", sigtermHandler);
-		await close();
+		const value = Number(readFileSync(path, "utf8").trim());
+		return Number.isInteger(value) && value > 0 ? value : void 0;
+	} catch {
+		return;
 	}
 }
 //#endregion
@@ -9730,6 +11446,61 @@ async function runCli(args, io = {}) {
 function normalizeCompletionWords(words) {
 	return words.map((word) => word === "__CAPLETS_TRAILING_SPACE__" ? "" : word);
 }
+function addServeDaemonCommand(parent, name, description, action) {
+	parent.command(name).description(description).option("--transport <transport>", "server transport: http").option("--host <host>", "HTTP bind host").option("--port <port>", "HTTP bind port").option("--path <path>", "HTTP service base path").option("--user <user>", "HTTP Basic Auth username").option("--password <password>", "HTTP Basic Auth password").option("--allow-unauthenticated-http", "allow unauthenticated HTTP serving on non-loopback hosts").option("--trust-proxy", "trust X-Forwarded-* headers from a reverse proxy").option("--json", "print JSON output").action(function(options) {
+		return action({
+			...this.parent?.opts(),
+			...options
+		});
+	});
+}
+function cloudAuthStore(env) {
+	return new CloudAuthStore({ env });
+}
+function cloudAuthStatus(credentials) {
+	return redactedCloudAuthStatus(credentials);
+}
+function isProjectBindingWebSocketUnavailable(error) {
+	return error instanceof CapletsError && error.code === "SERVER_UNAVAILABLE" && error.message.includes("Project Binding WebSocket unavailable");
+}
+function isProjectBindingCliError(error) {
+	return error instanceof ProjectBindingError;
+}
+function serveRawOptions(options) {
+	return {
+		...options.transport !== void 0 ? { transport: options.transport } : {},
+		...options.host !== void 0 ? { host: options.host } : {},
+		...options.port !== void 0 ? { port: options.port } : {},
+		...options.path !== void 0 ? { path: options.path } : {},
+		...options.user !== void 0 ? { user: options.user } : {},
+		...options.password !== void 0 ? { password: options.password } : {},
+		...options.allowUnauthenticatedHttp !== void 0 ? { allowUnauthenticatedHttp: options.allowUnauthenticatedHttp } : {},
+		...options.trustProxy !== void 0 ? { trustProxy: options.trustProxy } : {}
+	};
+}
+async function waitForCloudLogin(client, loginId, env) {
+	const timeoutMs = numberEnv(env.CAPLETS_CLOUD_AUTH_TIMEOUT_MS, 12e4);
+	const intervalMs = numberEnv(env.CAPLETS_CLOUD_AUTH_POLL_INTERVAL_MS, 1500);
+	const started = Date.now();
+	while (Date.now() - started <= timeoutMs) {
+		const result = await client.pollLogin(loginId);
+		if (result.status !== "pending" && result.status !== "workspace_selection_required") return result;
+		await sleep(intervalMs);
+	}
+	return {
+		status: "expired",
+		message: "Cloud Auth login timed out."
+	};
+}
+function numberEnv(value, fallback) {
+	if (value === void 0) return fallback;
+	const parsed = Number(value);
+	return Number.isFinite(parsed) && parsed >= 0 ? parsed : fallback;
+}
+async function sleep(ms) {
+	if (ms <= 0) return;
+	await new Promise((resolve) => setTimeout(resolve, ms));
+}
 function createProgram(io = {}) {
 	const writeOut = io.writeOut ?? ((value) => process.stdout.write(value));
 	const writeErr = io.writeErr ?? ((value) => process.stderr.write(value));
@@ -9744,11 +11515,11 @@ function createProgram(io = {}) {
 		writeErr,
 		outputError: (value, write) => write(value)
 	});
-	program.command(cliCommands.completion).description("Print a shell completion script.").argument("<shell>", "completion shell: bash, zsh, fish, powershell, or cmd").action((shell) => {
+	program.command(cliCommands$1.completion).description("Print a shell completion script.").argument("<shell>", "completion shell: bash, zsh, fish, powershell, or cmd").action((shell) => {
 		if (!completionShells.includes(shell)) throw new CapletsError("REQUEST_INVALID", "completion shell must be bash, zsh, fish, powershell, or cmd");
 		writeOut(completionScript(shell));
 	});
-	program.command(cliCommands.completeHidden, { hidden: true }).description("Internal shell completion endpoint.").option("--shell <shell>", "completion shell").allowUnknownOption(true).argument("[words...]", "words to complete").action(async (words, options) => {
+	program.command(cliCommands$1.completeHidden, { hidden: true }).description("Internal shell completion endpoint.").option("--shell <shell>", "completion shell").allowUnknownOption(true).argument("[words...]", "words to complete").action(async (words, options) => {
 		const shell = completionShells.includes(options.shell) ? options.shell : "bash";
 		const remote = remoteClientForCli(io);
 		const configPath = currentConfigPath();
@@ -9781,7 +11552,7 @@ function createProgram(io = {}) {
 		}
 		if (suggestions.length > 0) writeOut(`${suggestions.join("\n")}\n`);
 	});
-	program.command(cliCommands.serve).description("Serve configured Caplets as an MCP server.").option("--transport <transport>", "server transport: stdio or http").option("--host <host>", "HTTP bind host").option("--port <port>", "HTTP bind port").option("--path <path>", "HTTP service base path").option("--user <user>", "HTTP Basic Auth username").option("--password <password>", "HTTP Basic Auth password").option("--allow-unauthenticated-http", "allow unauthenticated HTTP serving on non-loopback hosts").option("--trust-proxy", "trust X-Forwarded-* headers from a reverse proxy").action(async (options) => {
+	const serve = program.command(cliCommands$1.serve).description("Serve configured Caplets as an MCP server.").option("--transport <transport>", "server transport: stdio or http").option("--host <host>", "HTTP bind host").option("--port <port>", "HTTP bind port").option("--path <path>", "HTTP service base path").option("--user <user>", "HTTP Basic Auth username").option("--password <password>", "HTTP Basic Auth password").option("--allow-unauthenticated-http", "allow unauthenticated HTTP serving on non-loopback hosts").option("--trust-proxy", "trust X-Forwarded-* headers from a reverse proxy").action(async (options) => {
 		const resolved = resolveServeOptions(options);
 		const configPath = currentConfigPath();
 		await (io.serve ?? ((serveOptions) => serveResolvedCaplets(serveOptions, {
@@ -9789,7 +11560,233 @@ function createProgram(io = {}) {
 			...io.authDir ? { authDir: io.authDir } : {}
 		}, writeErr)))(resolved);
 	});
-	program.command(cliCommands.init).description("Create a starter Caplets config file.").option("--project", "create the project Caplets config").option("-g, --global", "create the user Caplets config").option("--remote", "create the remote Caplets config").option("--force", "overwrite an existing config file").action(async (options) => {
+	const daemonOptions = () => ({
+		env,
+		...io.daemon
+	});
+	addServeDaemonCommand(serve, "start", "Start the default Caplets HTTP daemon.", async (options) => {
+		const result = await startDaemon(serveRawOptions(options), daemonOptions());
+		const serveConfig = result.status.config?.serve;
+		writeOut(`Started Caplets HTTP daemon on ${serveConfig?.host ?? "127.0.0.1"}:${serveConfig?.port ?? 5387}.\n`);
+		if (options.json) writeOut(`${JSON.stringify(result.status, null, 2)}\n`);
+	});
+	addServeDaemonCommand(serve, "stop", "Stop the default Caplets HTTP daemon.", async (options) => {
+		const result = await stopDaemon(daemonOptions());
+		if (options.json) {
+			writeOut(`${JSON.stringify(result.status, null, 2)}\n`);
+			return;
+		}
+		writeOut("Stopped Caplets HTTP daemon.\n");
+	});
+	addServeDaemonCommand(serve, "status", "Show the default Caplets HTTP daemon status.", async (options) => {
+		const status = await daemonStatus(daemonOptions());
+		if (options.json) {
+			writeOut(`${JSON.stringify(status, null, 2)}\n`);
+			return;
+		}
+		writeOut(status.running ? `Caplets HTTP daemon is running${status.pid ? ` (pid ${status.pid})` : ""}.\n` : "Caplets HTTP daemon is stopped.\n");
+	});
+	addServeDaemonCommand(serve, "restart", "Restart the default Caplets HTTP daemon.", async (options) => {
+		const result = await restartDaemon(serveRawOptions(options), daemonOptions());
+		if (options.json) {
+			writeOut(`${JSON.stringify(result.status, null, 2)}\n`);
+			return;
+		}
+		const serveConfig = result.status.config?.serve;
+		writeOut(`Restarted Caplets HTTP daemon on ${serveConfig?.host ?? "127.0.0.1"}:${serveConfig?.port ?? 5387}.\n`);
+	});
+	addServeDaemonCommand(serve, "enable", "Enable the default Caplets HTTP daemon at login.", async (options) => {
+		const result = await enableDaemon(daemonOptions());
+		if (options.json) {
+			writeOut(`${JSON.stringify(result, null, 2)}\n`);
+			return;
+		}
+		writeOut(`Enabled Caplets HTTP daemon at login (${result.descriptor.kind}).\n`);
+	});
+	addServeDaemonCommand(serve, "disable", "Disable the default Caplets HTTP daemon at login.", async (options) => {
+		const result = await disableDaemon(daemonOptions());
+		if (options.json) {
+			writeOut(`${JSON.stringify(result, null, 2)}\n`);
+			return;
+		}
+		writeOut(`Disabled Caplets HTTP daemon at login (${result.descriptor.kind}).\n`);
+	});
+	program.command(cliCommands$1.attach).description("Start a remote-backed Caplets MCP server.").option("--transport <transport>", "server transport: stdio or http").option("--host <host>", "HTTP bind host").option("--port <port>", "HTTP bind port").option("--path <path>", "HTTP service base path").option("--remote-url <url>", "remote Caplets service base URL").option("--user <user>", "remote Basic Auth username").option("--password <password>", "remote Basic Auth password").option("--token <token>", "remote bearer token").option("--workspace <workspace>", "hosted Cloud workspace ID or slug").option("--allow-unauthenticated-http", "allow unauthenticated HTTP serving on non-loopback hosts").option("--trust-proxy", "trust X-Forwarded-* headers from a reverse proxy").option("--json", "print JSON status events").option("--verbose", "print detailed attach diagnostics").option("--once", "validate Project Binding once and exit").option("--project-root <path>", "test-only project root override").action(async (options) => {
+		try {
+			const attachOptions = {
+				...options,
+				...io.fetch ? { fetch: io.fetch } : {}
+			};
+			if (!options.once) {
+				const resolved = await resolveAttachServeOptions(attachOptions, env);
+				await (io.attachServe ?? ((serveOptions) => attachResolvedCaplets(serveOptions, { writeErr })))(resolved);
+				return;
+			}
+			const result = await attachProjectOnce(attachOptions, env);
+			if (options.json) {
+				writeOut(`${JSON.stringify(result, null, 2)}\n`);
+				return;
+			}
+			writeOut(`Project Binding available at ${result.webSocketUrl}.\n`);
+		} catch (error) {
+			if (options.json && isProjectBindingWebSocketUnavailable(error)) {
+				writeOut(`${JSON.stringify({
+					ok: false,
+					error: {
+						code: "PROJECT_BINDING_WEBSOCKET_UNAVAILABLE",
+						message: error instanceof Error ? error.message : String(error)
+					}
+				}, null, 2)}\n`);
+				setExitCode(1);
+				return;
+			}
+			if (options.json && isProjectBindingCliError(error)) {
+				writeOut(`${JSON.stringify({
+					ok: false,
+					error: {
+						code: error.projectBindingCode,
+						message: error.message,
+						recoveryCommand: error.recoveryCommand,
+						requestId: error.requestId
+					}
+				}, null, 2)}\n`);
+				setExitCode(1);
+				return;
+			}
+			if (options.json && error instanceof CapletsError) {
+				writeOut(`${JSON.stringify({
+					ok: false,
+					error: {
+						code: error.code,
+						message: error.message
+					}
+				}, null, 2)}\n`);
+				setExitCode(1);
+				return;
+			}
+			throw error;
+		}
+	});
+	const cloudAuth = program.command(cliCommands$1.cloud).description("Manage hosted Caplets Cloud.").command("auth").description("Authenticate this Caplets client to hosted Caplets Cloud.");
+	cloudAuth.command("login").description("Log in to hosted Caplets Cloud.").option("--cloud-url <url>", "hosted Caplets Cloud URL").option("--workspace <workspace>", "workspace ID or slug to select").option("--device-name <name>", "device label for this Cloud Auth credential").option("--no-open", "print the login URL without opening a browser").option("--json", "print JSON output").action(async (options) => {
+		const client = new CloudAuthClient({
+			cloudUrl: options.cloudUrl ?? env.CAPLETS_CLOUD_URL ?? "https://cloud.caplets.dev",
+			...io.fetch ? { fetch: io.fetch } : {}
+		});
+		const started = await client.startLogin({
+			requestedWorkspace: options.workspace,
+			deviceName: options.deviceName ?? env.CAPLETS_DEVICE_NAME ?? "Caplets CLI"
+		});
+		if (options.open !== false) await openBrowserUrl(started.loginUrl);
+		if (!options.json) {
+			writeOut(`Open ${started.loginUrl}\n`);
+			writeOut(`Enter code ${started.userCode} if prompted.\n`);
+		}
+		const completed = await waitForCloudLogin(client, started.loginId, env);
+		if (completed.status !== "completed") throw new CapletsError("AUTH_FAILED", `Cloud Auth login ${completed.status}.`);
+		const exchanged = await client.exchangeToken({
+			loginId: started.loginId,
+			oneTimeCode: completed.oneTimeCode
+		});
+		const now = (/* @__PURE__ */ new Date()).toISOString();
+		const credentials = {
+			version: 2,
+			cloudUrl: exchanged.cloudUrl,
+			workspaceId: exchanged.workspaceId,
+			...exchanged.workspaceSlug ? { workspaceSlug: exchanged.workspaceSlug } : {},
+			accessToken: exchanged.accessToken,
+			refreshToken: exchanged.refreshToken ?? "",
+			expiresAt: exchanged.expiresAt,
+			scope: exchanged.scope,
+			tokenType: exchanged.tokenType,
+			credentialFamilyId: exchanged.credentialFamilyId,
+			deviceName: exchanged.deviceName ?? options.deviceName ?? "Caplets CLI",
+			createdAt: now,
+			lastRefreshAt: now
+		};
+		await cloudAuthStore(env).save(credentials);
+		const status = cloudAuthStatus(credentials);
+		if (options.json) {
+			writeOut(`${JSON.stringify(status, null, 2)}\n`);
+			return;
+		}
+		writeOut(`Authenticated to ${credentials.cloudUrl} as workspace ${credentials.workspaceSlug ?? credentials.workspaceId}.\n`);
+	});
+	cloudAuth.command("status").description("Show hosted Caplets Cloud authentication status.").option("--json", "print JSON output").action(async (options) => {
+		const credentials = await cloudAuthStore(env).load();
+		if (options.json) {
+			writeOut(`${JSON.stringify(cloudAuthStatus(credentials), null, 2)}\n`);
+			return;
+		}
+		writeOut(credentials ? `Authenticated to ${credentials.cloudUrl} as workspace ${credentials.workspaceSlug ?? credentials.workspaceId}.\n` : "Not authenticated to hosted Caplets Cloud.\n");
+	});
+	cloudAuth.command("logout").description("Log out of hosted Caplets Cloud.").action(async () => {
+		const store = cloudAuthStore(env);
+		const credentials = await store.load();
+		if (credentials?.refreshToken) await new CloudAuthClient({
+			cloudUrl: credentials.cloudUrl,
+			...io.fetch ? { fetch: io.fetch } : {}
+		}).logout(credentials.refreshToken).catch(() => void 0);
+		await store.clear();
+		writeOut("Logged out of hosted Caplets Cloud.\n");
+	});
+	cloudAuth.command("workspaces").description("List hosted Caplets Cloud workspaces.").option("--json", "print JSON output").action(async (options) => {
+		const credentials = await cloudAuthStore(env).load();
+		const workspaces = credentials?.accessToken ? (await new CloudAuthClient({
+			cloudUrl: credentials.cloudUrl,
+			...io.fetch ? { fetch: io.fetch } : {}
+		}).workspaces(credentials.accessToken).catch(() => ({ workspaces: [{
+			workspaceId: credentials.workspaceId,
+			...credentials.workspaceSlug ? { slug: credentials.workspaceSlug } : {}
+		}] }))).workspaces.map((workspace) => ({
+			...workspace,
+			selected: workspace.workspaceId === credentials.workspaceId || workspace.slug === credentials.workspaceSlug
+		})) : [];
+		if (options.json) {
+			writeOut(`${JSON.stringify({ workspaces }, null, 2)}\n`);
+			return;
+		}
+		if (workspaces.length === 0) {
+			writeOut("No hosted Caplets Cloud workspaces available. Run caplets cloud auth login.\n");
+			return;
+		}
+		for (const workspace of workspaces) writeOut(`${workspace.selected ? "* " : "  "}${workspace.slug ?? workspace.workspaceId}\n`);
+	});
+	cloudAuth.command("switch").description("Switch the hosted Caplets Cloud Selected Workspace.").argument("<workspace>", "workspace ID or slug").option("--json", "print JSON output").action(async (workspace, options) => {
+		const store = cloudAuthStore(env);
+		const credentials = await store.load();
+		if (!credentials) throw new CapletsError("AUTH_REQUIRED", "Run caplets cloud auth login first.");
+		const switched = await new CloudAuthClient({
+			cloudUrl: credentials.cloudUrl,
+			...io.fetch ? { fetch: io.fetch } : {}
+		}).switchWorkspace({
+			accessToken: credentials.accessToken,
+			refreshToken: credentials.refreshToken,
+			workspace,
+			deviceName: credentials.deviceName
+		});
+		const now = (/* @__PURE__ */ new Date()).toISOString();
+		const next = {
+			...credentials,
+			workspaceId: switched.workspaceId,
+			workspaceSlug: switched.workspaceSlug,
+			accessToken: switched.accessToken,
+			refreshToken: switched.refreshToken ?? credentials.refreshToken,
+			expiresAt: switched.expiresAt,
+			scope: switched.scope,
+			tokenType: switched.tokenType,
+			credentialFamilyId: switched.credentialFamilyId,
+			lastRefreshAt: now,
+			selectedWorkspaceSwitchedAt: now
+		};
+		await store.save(next);
+		if (options.json) {
+			writeOut(`${JSON.stringify(cloudAuthStatus(next), null, 2)}\n`);
+			return;
+		}
+		writeOut(`Selected workspace ${next.workspaceSlug ?? next.workspaceId}.\n`);
+	});
+	program.command(cliCommands$1.init).description("Create a starter Caplets config file.").option("--project", "create the project Caplets config").option("-g, --global", "create the user Caplets config").option("--remote", "create the remote Caplets config").option("--force", "overwrite an existing config file").action(async (options) => {
 		const target = parseMutationTarget(options);
 		if (target === "remote") {
 			writeOut(`Created remote Caplets config at ${(await requireRemoteClientForTarget(io).request("init", { force: Boolean(options.force) })).path}\n`);
@@ -9801,7 +11798,7 @@ function createProgram(io = {}) {
 		});
 		writeOut(`Created ${localMutationTargetLabel(target, io)}Caplets config at ${path}\n`);
 	});
-	program.command(cliCommands.setup).description("Install or configure an agent integration for Caplets.").argument("[integration]", "integration: codex, claude-code, opencode, pi, or mcp-client").option("--remote", "configure for a remote Caplets server").option("--server-url <url>", "remote Caplets service base URL").option("--output <path>", "config path to write for generic MCP setup").option("--dry-run", "print actions without running commands or writing files").option("--format <format>", "output format: plain or json", parseSetupFormat).action(async (integration, options) => {
+	program.command(cliCommands$1.setup).description("Install or configure an agent integration for Caplets.").argument("[integration]", "integration: codex, claude-code, opencode, pi, or mcp-client").option("--remote", "configure for a remote Caplets server").option("--server-url <url>", "remote Caplets service base URL").option("--output <path>", "config path to write for generic MCP setup").option("--dry-run", "print actions without running commands or writing files").option("--yes", "approve Caplet setup commands for the exact current content hash").option("--target <target>", "Caplet setup target: local, remote, or cloud", parseSetupTarget).option("--format <format>", "output format: plain or json", parseSetupFormat).action(async (integration, options) => {
 		if (!integration) {
 			writeOut(formatSetupMenu());
 			return;
@@ -9813,7 +11810,14 @@ function createProgram(io = {}) {
 		if (io.runSetupCommand) setupOptions.runCommand = io.runSetupCommand;
 		writeOut(await runSetup(integration, setupOptions));
 	});
-	program.command(cliCommands.list).description("List configured Caplets.").option("--all", "include disabled Caplets").option("--json", "print JSON output").option("--format <format>", "output format: plain, markdown, md, or json", parseOutputFormat).action(async (options) => {
+	program.command(cliCommands$1.doctor).description("Diagnose Caplets local, remote, and project-sync configuration.").option("--json", "print JSON output").action(async (options) => {
+		if (options.json) {
+			writeOut(`${JSON.stringify(await doctorJsonReport({ env }), null, 2)}\n`);
+			return;
+		}
+		writeOut(await formatDoctorReport({ env }));
+	});
+	program.command(cliCommands$1.list).description("List configured Caplets.").option("--all", "include disabled Caplets").option("--json", "print JSON output").option("--format <format>", "output format: plain, markdown, md, or json", parseOutputFormat).action(async (options) => {
 		const includeDisabled = Boolean(options.all);
 		const remote = remoteClientForCli(io);
 		if (remote) {
@@ -9835,7 +11839,7 @@ function createProgram(io = {}) {
 		}
 		writeOut(formatCapletList(rows, options.format ?? "plain"));
 	});
-	program.command(cliCommands.install).description("Install Caplets from a repo's caplets directory.").argument("<repo>", "local repo path, Git URL, or GitHub owner/repo").argument("[caplets...]", "optional Caplet IDs to install").option("--project", "install to the project Caplets root").option("-g, --global", "install to the user Caplets root").option("--remote", "install through remote control").option("--force", "overwrite installed Caplets").action(async (repo, capletIds, options) => {
+	program.command(cliCommands$1.install).description("Install Caplets from a repo's caplets directory.").argument("<repo>", "local repo path, Git URL, or GitHub owner/repo").argument("[caplets...]", "optional Caplet IDs to install").option("--project", "install to the project Caplets root").option("-g, --global", "install to the user Caplets root").option("--remote", "install through remote control").option("--force", "overwrite installed Caplets").action(async (repo, capletIds, options) => {
 		const target = parseMutationTarget(options);
 		if (target === "remote") {
 			const result = await requireRemoteClientForTarget(io).request("install", {
@@ -9853,7 +11857,7 @@ function createProgram(io = {}) {
 		});
 		for (const caplet of result.installed) writeOut(`Installed ${caplet.id} to ${localMutationTargetLabel(target, io)}${caplet.destination}\n`);
 	});
-	const add = program.command(cliCommands.add).description("Add generated Caplet files.");
+	const add = program.command(cliCommands$1.add).description("Add generated Caplet files.");
 	add.command("cli").description("Add a CLI tools Caplet.").argument("<id>", "Caplet ID/display seed").option("--repo <path>", "repository path to inspect").option("--include <items>", "comma-separated generators to include: git,gh,package").option("--command <name>", "single CLI command template to generate").option("--project", "write to the project Caplets root").option("-g, --global", "write to the user Caplets root").option("--remote", "add through remote control").option("--print", "print generated Caplet text without writing a file").option("--output <path>", "output path").option("--force", "overwrite an existing destination file").action(async (id, options) => {
 		const target = parseMutationTarget(options);
 		if (target === "remote") {
@@ -9938,7 +11942,7 @@ function createProgram(io = {}) {
 		});
 		writeAddResult(writeOut, `${localMutationTargetLabel(target, io)}HTTP`, result);
 	});
-	program.command(cliCommands.inspect).description("Print a configured Caplet card.").argument("<caplet>", "configured Caplet ID").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => {
+	program.command(cliCommands$1.inspect).description("Print a configured Caplet card.").argument("<caplet>", "configured Caplet ID").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => {
 		await executeOperation(caplet, { operation: "inspect" }, {
 			writeOut,
 			writeErr,
@@ -9949,7 +11953,7 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.checkBackend).description("Check backend availability for a configured Caplet.").argument("<caplet>", "configured Caplet ID").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => {
+	program.command(cliCommands$1.checkBackend).description("Check backend availability for a configured Caplet.").argument("<caplet>", "configured Caplet ID").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => {
 		await executeOperation(caplet, { operation: "check_backend" }, {
 			writeOut,
 			writeErr,
@@ -9960,7 +11964,7 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.listTools).description("List downstream tools for a configured Caplet.").argument("<caplet>", "configured Caplet ID").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => {
+	program.command(cliCommands$1.listTools).description("List downstream tools for a configured Caplet.").argument("<caplet>", "configured Caplet ID").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => {
 		await executeOperation(caplet, { operation: "list_tools" }, {
 			writeOut,
 			writeErr,
@@ -9971,7 +11975,7 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.searchTools).description("Search downstream tools for a configured Caplet.").argument("<caplet>", "configured Caplet ID").argument("<query>", "search query").option("--limit <n>", "maximum number of tools to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, query, options) => {
+	program.command(cliCommands$1.searchTools).description("Search downstream tools for a configured Caplet.").argument("<caplet>", "configured Caplet ID").argument("<query>", "search query").option("--limit <n>", "maximum number of tools to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, query, options) => {
 		await executeOperation(caplet, options.limit === void 0 ? {
 			operation: "search_tools",
 			query
@@ -9989,7 +11993,7 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.getTool).description("Print one downstream tool schema.").argument("<caplet-or-target>", "Caplet ID or qualified <caplet.tool> target").argument("[tool]", "downstream tool name when caplet is provided separately").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, toolArgument, options) => {
+	program.command(cliCommands$1.getTool).description("Print one downstream tool schema.").argument("<caplet-or-target>", "Caplet ID or qualified <caplet.tool> target").argument("[tool]", "downstream tool name when caplet is provided separately").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, toolArgument, options) => {
 		const { caplet, tool } = parseQualifiedTarget(capletOrTarget, toolArgument);
 		await executeOperation(caplet, {
 			operation: "get_tool",
@@ -10004,7 +12008,7 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.callTool).description("Call one downstream tool.").argument("<caplet-or-target>", "Caplet ID or qualified <caplet.tool> target").argument("[tool]", "downstream tool name when caplet is provided separately").option("--args <json-object>", "JSON object of downstream tool arguments").option("--field <path>", "project a field from structured output", collect, []).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, toolArgument, options) => {
+	program.command(cliCommands$1.callTool).description("Call one downstream tool.").argument("<caplet-or-target>", "Caplet ID or qualified <caplet.tool> target").argument("[tool]", "downstream tool name when caplet is provided separately").option("--args <json-object>", "JSON object of downstream tool arguments").option("--field <path>", "project a field from structured output", collect, []).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, toolArgument, options) => {
 		const { caplet, tool } = parseQualifiedTarget(capletOrTarget, toolArgument);
 		await executeOperation(caplet, {
 			operation: "call_tool",
@@ -10021,7 +12025,7 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.listResources).description("List MCP resources for a configured MCP Caplet.").argument("<caplet>").option("--limit <n>", "maximum number of resources to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => executeOperation(caplet, options.limit === void 0 ? { operation: "list_resources" } : {
+	program.command(cliCommands$1.listResources).description("List MCP resources for a configured MCP Caplet.").argument("<caplet>").option("--limit <n>", "maximum number of resources to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => executeOperation(caplet, options.limit === void 0 ? { operation: "list_resources" } : {
 		operation: "list_resources",
 		limit: options.limit
 	}, {
@@ -10033,7 +12037,7 @@ function createProgram(io = {}) {
 		remote: remoteClientForCli(io),
 		format: options.format
 	}));
-	program.command(cliCommands.searchResources).description("Search MCP resources and resource templates for a configured MCP Caplet.").argument("<caplet>").argument("<query>").option("--limit <n>", "maximum number of matches to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, query, options) => executeOperation(caplet, options.limit === void 0 ? {
+	program.command(cliCommands$1.searchResources).description("Search MCP resources and resource templates for a configured MCP Caplet.").argument("<caplet>").argument("<query>").option("--limit <n>", "maximum number of matches to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, query, options) => executeOperation(caplet, options.limit === void 0 ? {
 		operation: "search_resources",
 		query
 	} : {
@@ -10049,7 +12053,7 @@ function createProgram(io = {}) {
 		remote: remoteClientForCli(io),
 		format: options.format
 	}));
-	program.command(cliCommands.listResourceTemplates).description("List MCP resource templates for a configured MCP Caplet.").argument("<caplet>").option("--limit <n>", "maximum number of templates to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => executeOperation(caplet, options.limit === void 0 ? { operation: "list_resource_templates" } : {
+	program.command(cliCommands$1.listResourceTemplates).description("List MCP resource templates for a configured MCP Caplet.").argument("<caplet>").option("--limit <n>", "maximum number of templates to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => executeOperation(caplet, options.limit === void 0 ? { operation: "list_resource_templates" } : {
 		operation: "list_resource_templates",
 		limit: options.limit
 	}, {
@@ -10061,7 +12065,7 @@ function createProgram(io = {}) {
 		remote: remoteClientForCli(io),
 		format: options.format
 	}));
-	program.command(cliCommands.readResource).description("Read one MCP resource by URI.").argument("<caplet>").argument("<uri>").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, uri, options) => executeOperation(caplet, {
+	program.command(cliCommands$1.readResource).description("Read one MCP resource by URI.").argument("<caplet>").argument("<uri>").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, uri, options) => executeOperation(caplet, {
 		operation: "read_resource",
 		uri
 	}, {
@@ -10073,7 +12077,7 @@ function createProgram(io = {}) {
 		remote: remoteClientForCli(io),
 		format: options.format
 	}));
-	program.command(cliCommands.listPrompts).description("List MCP prompts for a configured MCP Caplet.").argument("<caplet>").option("--limit <n>", "maximum number of prompts to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => executeOperation(caplet, options.limit === void 0 ? { operation: "list_prompts" } : {
+	program.command(cliCommands$1.listPrompts).description("List MCP prompts for a configured MCP Caplet.").argument("<caplet>").option("--limit <n>", "maximum number of prompts to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => executeOperation(caplet, options.limit === void 0 ? { operation: "list_prompts" } : {
 		operation: "list_prompts",
 		limit: options.limit
 	}, {
@@ -10085,7 +12089,7 @@ function createProgram(io = {}) {
 		remote: remoteClientForCli(io),
 		format: options.format
 	}));
-	program.command(cliCommands.searchPrompts).description("Search MCP prompts for a configured MCP Caplet.").argument("<caplet>").argument("<query>").option("--limit <n>", "maximum number of prompts to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, query, options) => executeOperation(caplet, options.limit === void 0 ? {
+	program.command(cliCommands$1.searchPrompts).description("Search MCP prompts for a configured MCP Caplet.").argument("<caplet>").argument("<query>").option("--limit <n>", "maximum number of prompts to return", parsePositiveInteger).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, query, options) => executeOperation(caplet, options.limit === void 0 ? {
 		operation: "search_prompts",
 		query
 	} : {
@@ -10101,7 +12105,7 @@ function createProgram(io = {}) {
 		remote: remoteClientForCli(io),
 		format: options.format
 	}));
-	program.command(cliCommands.getPrompt).description("Get one MCP prompt by name.").argument("<caplet-or-target>", "MCP Caplet ID or qualified <caplet.prompt> target").argument("[prompt]", "prompt name when caplet is provided separately").option("--args <json-object>", "JSON object of prompt arguments").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, promptArgument, options) => {
+	program.command(cliCommands$1.getPrompt).description("Get one MCP prompt by name.").argument("<caplet-or-target>", "MCP Caplet ID or qualified <caplet.prompt> target").argument("[prompt]", "prompt name when caplet is provided separately").option("--args <json-object>", "JSON object of prompt arguments").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, promptArgument, options) => {
 		const { caplet, tool: prompt } = parseQualifiedTarget(capletOrTarget, promptArgument);
 		await executeOperation(caplet, {
 			operation: "get_prompt",
@@ -10117,7 +12121,7 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.complete).description("Complete an MCP prompt or resource-template argument.").argument("<caplet>").requiredOption("--argument <name>", "argument name").option("--value <value>", "argument prefix", "").option("--prompt <name>", "prompt name to complete").option("--resource-template <uri-template>", "resource template URI to complete").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => executeOperation(caplet, {
+	program.command(cliCommands$1.complete).description("Complete an MCP prompt or resource-template argument.").argument("<caplet>").requiredOption("--argument <name>", "argument name").option("--value <value>", "argument prefix", "").option("--prompt <name>", "prompt name to complete").option("--resource-template <uri-template>", "resource template URI to complete").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (caplet, options) => executeOperation(caplet, {
 		operation: "complete",
 		ref: completionRefFromOptions(options),
 		argument: {
@@ -10133,7 +12137,7 @@ function createProgram(io = {}) {
 		remote: remoteClientForCli(io),
 		format: options.format
 	}));
-	const config = program.command(cliCommands.config).description("Inspect Caplets config locations.");
+	const config = program.command(cliCommands$1.config).description("Inspect Caplets config locations.");
 	config.command("path").description("Print the effective user config path.").action(() => {
 		writeOut(`${resolveConfigPath(currentConfigPath())}\n`);
 	});
@@ -10145,7 +12149,7 @@ function createProgram(io = {}) {
 		}
 		writeOut(formatConfigPaths(paths, options.format ?? "plain"));
 	});
-	const auth = program.command(cliCommands.auth).description("Manage OAuth credentials for remote servers.");
+	const auth = program.command(cliCommands$1.auth).description("Manage OAuth credentials for remote servers.");
 	auth.command("login").description("Authenticate a configured remote OAuth server.").argument("<server>", "configured server ID").option("--project", "authenticate using the project Caplets config").option("-g, --global", "authenticate using the user Caplets config").option("--remote", "authenticate using the remote server auth store").option("--no-open", "print the authorization URL without opening a browser").action(async (serverId, options) => {
 		const target = await resolveAuthTarget(serverId, options, io);
 		if (target === "remote") {
@@ -10348,6 +12352,10 @@ function parseSetupFormat(value) {
 	if (value === "plain" || value === "json") return value;
 	throw new CapletsError("REQUEST_INVALID", "setup format must be plain or json");
 }
+function parseSetupTarget(value) {
+	if (value === "local" || value === "remote" || value === "cloud") return value;
+	throw new CapletsError("REQUEST_INVALID", "setup target must be local, remote, or cloud");
+}
 function parseQualifiedTarget(capletOrTarget, toolArgument) {
 	if (toolArgument !== void 0) {
 		if (capletOrTarget.length === 0 || toolArgument.length === 0) throw new CapletsError("REQUEST_INVALID", "Expected target in the form <caplet> <tool> or <caplet>.<tool>");
@@ -10385,22 +12393,22 @@ function localShadowedCompletionTarget(words, config) {
 	const target = words[1];
 	if (!command || !target || target.startsWith("-")) return;
 	const qualifiedCommands = new Set([
-		cliCommands.getTool,
-		cliCommands.callTool,
-		cliCommands.getPrompt
+		cliCommands$1.getTool,
+		cliCommands$1.callTool,
+		cliCommands$1.getPrompt
 	]);
 	const capletCommands = new Set([
-		cliCommands.inspect,
-		cliCommands.checkBackend,
-		cliCommands.listTools,
-		cliCommands.searchTools,
-		cliCommands.listResources,
-		cliCommands.searchResources,
-		cliCommands.listResourceTemplates,
-		cliCommands.readResource,
-		cliCommands.listPrompts,
-		cliCommands.searchPrompts,
-		cliCommands.complete
+		cliCommands$1.inspect,
+		cliCommands$1.checkBackend,
+		cliCommands$1.listTools,
+		cliCommands$1.searchTools,
+		cliCommands$1.listResources,
+		cliCommands$1.searchResources,
+		cliCommands$1.listResourceTemplates,
+		cliCommands$1.readResource,
+		cliCommands$1.listPrompts,
+		cliCommands$1.searchPrompts,
+		cliCommands$1.complete
 	]);
 	const caplet = qualifiedCommands.has(command) ? target.slice(0, target.includes(".") ? target.indexOf(".") : target.length) : capletCommands.has(command) ? target : void 0;
 	return caplet && hasEnabledCaplet(config, caplet) ? caplet : void 0;
@@ -10940,4 +12948,729 @@ function writeAddResult(writeOut, label, result) {
 	writeOut(result.text);
 }
 //#endregion
-export { CapletsRuntime, ServerRegistry, capabilityDescription, createProgram, generatedToolInputSchema, handleServerTool, hasRenderableStructuredContent, loadConfig, markdownCallToolResultContent, markdownStructuredContent, parseConfig, runCli, serveCaplets, serveHttp, serveResolvedCaplets, serveStdio };
+//#region src/caplet-source/bundle.ts
+var BundleCapletSource = class {
+	files;
+	constructor(files) {
+		this.files = /* @__PURE__ */ new Map();
+		for (const file of files) {
+			const path = normalizeCapletSourcePath(file.path);
+			if (!path) throw new CapletsError("CONFIG_INVALID", `Invalid bundle file path ${file.path}`);
+			if (this.files.has(path)) throw new CapletsError("CONFIG_INVALID", `Duplicate bundle file path ${path}`);
+			this.files.set(path, {
+				path,
+				content: file.content
+			});
+		}
+	}
+	async listFiles() {
+		return [...this.files.values()].sort((left, right) => left.path.localeCompare(right.path));
+	}
+	async readFile(path) {
+		const normalized = normalizeCapletSourcePath(path);
+		if (!normalized) return;
+		return this.files.get(normalized);
+	}
+};
+//#endregion
+//#region src/runtime-plan/features.ts
+function inferRuntimeFeatures(caplet) {
+	const provenance = [];
+	for (const feature of explicitFeatures(caplet)) provenance.push({
+		feature,
+		source: "explicit",
+		matched: "runtime.features"
+	});
+	for (const command of commandRecords(caplet)) {
+		const text = [command.command, ...command.args].join(" ");
+		const dockerMatch = matchDocker(command.command, command.args);
+		if (dockerMatch) provenance.push({
+			feature: "docker",
+			source: command.source,
+			matched: dockerMatch,
+			command: text
+		});
+		const browserMatch = matchBrowser(command.command, command.args);
+		if (browserMatch) provenance.push({
+			feature: "browser",
+			source: command.source,
+			matched: browserMatch,
+			command: text
+		});
+	}
+	return {
+		features: orderedFeatures([...new Set(provenance.map((entry) => entry.feature))]),
+		provenance
+	};
+}
+function explicitFeatures(caplet) {
+	const runtime = caplet.runtime;
+	if (!runtime || typeof runtime !== "object" || Array.isArray(runtime)) return [];
+	const features = runtime.features;
+	return Array.isArray(features) ? features.filter((feature) => feature === "docker" || feature === "browser") : [];
+}
+function commandRecords(caplet) {
+	return [
+		...setupCommands(caplet.setup, "setup.commands"),
+		...setupCommands(caplet.setup, "setup.verify", true),
+		...mcpCommands(caplet),
+		...cliCommands(caplet)
+	];
+}
+function setupCommands(setup, source, verify = false) {
+	if (!setup || typeof setup !== "object" || Array.isArray(setup)) return [];
+	const values = setup[verify ? "verify" : "commands"];
+	if (!Array.isArray(values)) return [];
+	return values.flatMap((value) => commandRecordFrom(value, source));
+}
+function mcpCommands(caplet) {
+	if (caplet.backend !== "mcp" || typeof caplet.command !== "string") return [];
+	return [{
+		source: "mcp.command",
+		command: caplet.command,
+		args: stringArray(caplet.args)
+	}];
+}
+function cliCommands(caplet) {
+	if (caplet.backend !== "cli") return [];
+	const records = [];
+	if (typeof caplet.command === "string") records.push({
+		source: "cli.command",
+		command: caplet.command,
+		args: stringArray(caplet.args)
+	});
+	const actions = caplet.actions;
+	if (actions && typeof actions === "object" && !Array.isArray(actions)) for (const action of Object.values(actions)) records.push(...commandRecordFrom(action, "cli.action"));
+	return records;
+}
+function commandRecordFrom(value, source) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) return [];
+	const command = value.command;
+	if (typeof command !== "string") return [];
+	return [{
+		source,
+		command,
+		args: stringArray(value.args)
+	}];
+}
+function stringArray(value) {
+	return Array.isArray(value) ? value.filter((item) => typeof item === "string") : [];
+}
+function matchDocker(command, args) {
+	const text = [command, ...args].join(" ").toLowerCase();
+	if (text.includes("docker-mcp")) return "docker-mcp";
+	if (/\bdocker(?:-compose)?\b/u.test(text)) return command === "docker" ? command : text;
+	return text.includes("docker mcp") ? "docker mcp" : void 0;
+}
+function matchBrowser(command, args) {
+	const text = [command, ...args].join(" ").toLowerCase();
+	if (text.includes("@playwright/mcp")) return "@playwright/mcp";
+	if (text.includes("playwright install")) return "playwright install";
+	if (text.includes("playwright")) return "playwright";
+	if (text.includes("browser-use")) return "browser-use";
+	if (text.includes("puppeteer")) return "puppeteer";
+	if (text.includes("chromium")) return "chromium";
+	return /\bchrome\b/u.test(text) ? "chrome" : void 0;
+}
+function orderedFeatures(features) {
+	return ["docker", "browser"].filter((feature) => features.includes(feature));
+}
+//#endregion
+//#region src/runtime-plan/resources.ts
+const defaults = {
+	small: {
+		class: "small",
+		cpu: 1,
+		memoryMb: 1024,
+		diskMb: 4096
+	},
+	medium: {
+		class: "medium",
+		cpu: 2,
+		memoryMb: 4096,
+		diskMb: 8192
+	},
+	standard: {
+		class: "standard",
+		cpu: 2,
+		memoryMb: 4096,
+		diskMb: 8192
+	},
+	large: {
+		class: "large",
+		cpu: 4,
+		memoryMb: 8192,
+		diskMb: 20480
+	},
+	heavy: {
+		class: "heavy",
+		cpu: 8,
+		memoryMb: 16384,
+		diskMb: 40960
+	}
+};
+const rank = {
+	small: 0,
+	standard: 1,
+	medium: 1,
+	large: 2,
+	heavy: 3
+};
+function resolveRuntimeResources(inputOrCaplet, features, policy) {
+	const caplet = inputOrCaplet;
+	const input = features === void 0 ? inputOrCaplet : {
+		backend: typeof caplet.backend === "string" ? caplet.backend : void 0,
+		features,
+		explicitClass: explicitResourceClass$1(caplet),
+		setupRequired: Boolean(caplet.setup),
+		policy
+	};
+	const requested = input.explicitClass ?? defaultResourceClass(input);
+	const capped = capClass(requested, input.policy?.maxClass);
+	return {
+		...defaults[capped] ?? defaults.standard,
+		...requested !== capped ? { cappedByPolicy: input.policy?.maxClass } : {}
+	};
+}
+function defaultResourceClass(input) {
+	const hasDocker = input.features.includes("docker");
+	const hasBrowser = input.features.includes("browser");
+	if (hasDocker && hasBrowser) return "heavy";
+	if (hasDocker || hasBrowser) return "large";
+	if (input.backend === "cli" || input.backend === "mcp" || input.setupRequired) return "medium";
+	return "small";
+}
+function explicitResourceClass$1(caplet) {
+	const runtime = caplet.runtime;
+	if (!runtime || typeof runtime !== "object" || Array.isArray(runtime)) return void 0;
+	const resources = runtime.resources;
+	if (!resources || typeof resources !== "object" || Array.isArray(resources)) return void 0;
+	const value = resources.class;
+	return typeof value === "string" ? value : void 0;
+}
+function capClass(requested, maxClass) {
+	if (!maxClass) return requested;
+	return (rank[requested] ?? 0) > (rank[maxClass] ?? 0) ? maxClass : requested;
+}
+//#endregion
+//#region src/runtime-plan/planner.ts
+function planCapletRuntimeRoutes(caplets, options = {}) {
+	return caplets.map((caplet) => planSingleCaplet(caplet, options));
+}
+function planCapletRuntimeRoute(caplet, options = {}) {
+	return planCapletRuntimeRoutes([caplet], options)[0] ?? planSingleCaplet(caplet, options);
+}
+function planSingleCaplet(caplet, options) {
+	const route = classifyCapletRuntimeRoute(caplet);
+	const setupRequired = Boolean(caplet.setup);
+	const projectBindingRequired = projectBindingRequiredFor(caplet);
+	const features = inferRuntimeFeatures(caplet);
+	const runtime = {
+		features: features.features,
+		featureProvenance: features.provenance,
+		resources: resolveRuntimeResources({
+			backend: typeof caplet.backend === "string" ? caplet.backend : void 0,
+			features: features.features,
+			explicitClass: explicitResourceClass(caplet),
+			policy: options.resourcePolicy,
+			setupRequired
+		})
+	};
+	return {
+		id: String(caplet.server ?? ""),
+		backend: typeof caplet.backend === "string" ? caplet.backend : "unknown",
+		route,
+		setupRequired,
+		authRequired: authRequired$1("auth" in caplet ? caplet.auth : void 0),
+		...route === "process" || route === "project_bound_process" ? { setupTarget: setupTargetFor(options.deployment) } : {},
+		projectBindingRequired,
+		runtime,
+		caplet
+	};
+}
+function classifyCapletRuntimeRoute(caplet) {
+	if (projectBindingRequiredFor(caplet)) return "project_bound_process";
+	if (caplet.setup) return "process";
+	if (caplet.backend === "cli") return "process";
+	if (caplet.backend === "mcp") return caplet.transport === "stdio" || Boolean(caplet.command) ? "process" : "worker_safe";
+	if (caplet.backend === "openapi" || caplet.backend === "graphql" || caplet.backend === "http") return "worker_safe";
+	if (caplet.backend === "caplets") return "worker_safe";
+	return "local_only";
+}
+function setupTargetFor(deployment) {
+	if (deployment === "local") return "local_host";
+	return deployment === "self_hosted" ? "remote_host" : "hosted_sandbox";
+}
+function authRequired$1(auth) {
+	return auth !== null && typeof auth === "object" && "type" in auth && auth.type !== "none";
+}
+function projectBindingRequiredFor(caplet) {
+	const projectBinding = caplet.projectBinding;
+	return Boolean(projectBinding) && typeof projectBinding === "object" && !Array.isArray(projectBinding) && projectBinding.required === true;
+}
+function explicitResourceClass(caplet) {
+	const runtime = caplet.runtime;
+	if (!runtime || typeof runtime !== "object" || Array.isArray(runtime)) return void 0;
+	const resources = runtime.resources;
+	if (!resources || typeof resources !== "object" || Array.isArray(resources)) return void 0;
+	const value = resources.class;
+	return value === "small" || value === "medium" || value === "standard" || value === "large" || value === "heavy" ? value : void 0;
+}
+//#endregion
+//#region src/caplet-source/parse.ts
+async function parseCapletSource(source) {
+	const files = await source.listFiles();
+	let loaded;
+	try {
+		loaded = loadCapletFilesFromMap({ files });
+	} catch (error) {
+		return {
+			ok: false,
+			resolvedCaplets: [],
+			warnings: [],
+			errors: [{ message: errorMessage(error) }]
+		};
+	}
+	if (!loaded) return {
+		ok: false,
+		resolvedCaplets: [],
+		warnings: [],
+		errors: [{ message: "Caplet source must include at least one CAPLET.md or top-level Markdown Caplet file." }]
+	};
+	let config;
+	try {
+		config = parseConfig$1({
+			version: 1,
+			...loaded.config
+		});
+	} catch (error) {
+		return {
+			ok: false,
+			resolvedCaplets: [],
+			warnings: [],
+			errors: [{ message: errorMessage(error) }]
+		};
+	}
+	const configCaplets = capletsFromConfig(config);
+	const plansById = new Map(planCapletRuntimeRoutes(configCaplets, { deployment: "hosted" }).map((plan) => [plan.id, plan]));
+	const caplets = configCaplets.map((caplet) => {
+		const plan = plansById.get(caplet.server);
+		return {
+			id: caplet.server,
+			name: caplet.name,
+			description: caplet.description,
+			backend: caplet.backend,
+			sourcePath: loaded.paths[caplet.server] ?? "CAPLET.md",
+			setupRequired: Boolean(caplet.setup),
+			authRequired: authRequired("auth" in caplet ? caplet.auth : void 0),
+			projectBindingRequired: plan?.projectBindingRequired ?? false,
+			runtime: {
+				...plan?.runtime ?? {
+					features: [],
+					featureProvenance: [],
+					resources: {
+						class: "standard",
+						cpu: 2,
+						memoryMb: 4096,
+						diskMb: 8192
+					}
+				},
+				route: plan?.route ?? "local_only",
+				...plan?.setupTarget === void 0 ? {} : { setupTarget: plan.setupTarget }
+			},
+			localReferences: localReferencePaths(caplet).map((path) => ({
+				path,
+				exists: false
+			})),
+			config: caplet
+		};
+	});
+	for (const caplet of caplets) for (const reference of caplet.localReferences) reference.exists = Boolean(await source.readFile(reference.path));
+	const errors = caplets.flatMap((caplet) => caplet.localReferences.filter((reference) => !reference.exists).map((reference) => ({
+		path: caplet.sourcePath,
+		message: `Referenced file ${reference.path} was not found.`
+	})));
+	return {
+		ok: errors.length === 0,
+		config,
+		resolvedCaplets: errors.length === 0 ? caplets : [],
+		warnings: [],
+		errors
+	};
+}
+function capletsFromConfig(config) {
+	return [
+		...Object.values(config.mcpServers),
+		...Object.values(config.openapiEndpoints),
+		...Object.values(config.graphqlEndpoints),
+		...Object.values(config.httpApis),
+		...Object.values(config.cliTools),
+		...Object.values(config.capletSets)
+	];
+}
+function localReferencePaths(caplet) {
+	if (caplet.backend === "openapi") return filterLocalReferences([caplet.specPath]);
+	if (caplet.backend === "graphql") return filterLocalReferences([caplet.schemaPath, ...Object.values(caplet.operations ?? {}).map((operation) => operation.documentPath)]);
+	if (caplet.backend === "caplets") return filterLocalReferences([caplet.configPath]);
+	return [];
+}
+function filterLocalReferences(values) {
+	return values.filter((value) => typeof value === "string" && value.length > 0 && !hasEnvReference(value) && !/^[a-z][a-z0-9+.-]*:/iu.test(value));
+}
+function authRequired(auth) {
+	return auth !== null && typeof auth === "object" && "type" in auth && auth.type !== "none";
+}
+function hasEnvReference(value) {
+	return /\$\{[A-Za-z_][A-Za-z0-9_]*\}|\$env:[A-Za-z_][A-Za-z0-9_]*/u.test(value);
+}
+function errorMessage(error) {
+	return error instanceof Error ? error.message : String(error);
+}
+//#endregion
+//#region src/project-binding/types.ts
+const PROJECT_BINDING_STATES = [
+	"not_attached",
+	"attaching",
+	"syncing",
+	"ready",
+	"degraded",
+	"blocked",
+	"offline",
+	"cleaning_up",
+	"ended",
+	"expired"
+];
+const PROJECT_BINDING_SYNC_STATES = [
+	"not_started",
+	"pending",
+	"syncing",
+	"idle",
+	"failed"
+];
+//#endregion
+//#region src/project-binding/routes.ts
+const PROJECT_BINDINGS_CONTROL_PATH = "/control/project-bindings";
+const PROJECT_BINDING_CONNECT_PATH = `${PROJECT_BINDINGS_CONTROL_PATH}/connect`;
+function projectBindingConnectPath() {
+	return PROJECT_BINDING_CONNECT_PATH;
+}
+function projectBindingStatusPath(bindingId) {
+	return `${PROJECT_BINDINGS_CONTROL_PATH}/${encodeURIComponent(bindingId)}/status`;
+}
+function projectBindingConnectUrl(baseUrl) {
+	return withBasePath(baseUrl, projectBindingConnectPath()).toString();
+}
+function projectBindingStatusUrl(baseUrl, bindingId) {
+	return withBasePath(baseUrl, projectBindingStatusPath(bindingId)).toString();
+}
+function withBasePath(baseUrl, path) {
+	const url = new URL(baseUrl);
+	url.pathname = `${trimTrailingSlash(url.pathname)}${path}`;
+	url.search = "";
+	url.hash = "";
+	return url;
+}
+function trimTrailingSlash(pathname) {
+	if (pathname === "/") return "";
+	return pathname.replace(/\/+$/u, "");
+}
+//#endregion
+//#region src/project-binding/mutagen.ts
+const readyStatuses = new Set([
+	"watching",
+	"ready",
+	"ok"
+]);
+const syncingStatuses = new Set([
+	"connecting",
+	"halted on root",
+	"reconciling",
+	"scanning",
+	"staging",
+	"syncing",
+	"transitioning",
+	"watching for changes"
+]);
+function planMutagenVersionCommand(mutagenBinary = "mutagen") {
+	return {
+		command: mutagenBinary,
+		args: ["version"]
+	};
+}
+function planMutagenSyncCreateCommand(input, mutagenBinary = "mutagen") {
+	return {
+		command: mutagenBinary,
+		args: [
+			"sync",
+			"create",
+			input.localProjectRoot,
+			input.serverProjectRoot,
+			"--name",
+			mutagenSyncName(input.bindingId)
+		]
+	};
+}
+function planMutagenSyncListCommand(mutagenBinary = "mutagen") {
+	return {
+		command: mutagenBinary,
+		args: [
+			"sync",
+			"list",
+			"--template",
+			"json"
+		]
+	};
+}
+function planMutagenSyncTerminateCommand(bindingId, mutagenBinary = "mutagen") {
+	return {
+		command: mutagenBinary,
+		args: [
+			"sync",
+			"terminate",
+			mutagenSyncName(bindingId)
+		]
+	};
+}
+function mutagenSyncName(bindingId) {
+	return `caplets-${bindingId}`;
+}
+var ManagedMutagenProjectSync = class {
+	mutagenBinary;
+	#runner;
+	#snapshot;
+	constructor(options = {}) {
+		this.mutagenBinary = options.mutagenBinary ?? "mutagen";
+		this.#runner = options.runner ?? defaultMutagenProcessRunner;
+		this.#snapshot = {
+			state: "idle",
+			publicMessage: "Project sync is idle.",
+			mutagenBinary: this.mutagenBinary
+		};
+	}
+	async start(input) {
+		this.#setState({
+			state: "starting",
+			bindingId: input.bindingId,
+			publicMessage: "Project sync is starting."
+		});
+		const versionResult = await this.#run(planMutagenVersionCommand(this.mutagenBinary));
+		if (versionResult.blocked) return this.snapshot();
+		this.#snapshot.mutagenVersion = parseMutagenVersionOutput(versionResult.result.stdout ?? "").version;
+		if ((await this.#run(planMutagenSyncCreateCommand(input, this.mutagenBinary))).blocked) return this.snapshot();
+		this.#setState({
+			state: "syncing",
+			bindingId: input.bindingId,
+			publicMessage: "Project sync is starting."
+		});
+		return this.snapshot();
+	}
+	async refresh(input) {
+		const listResult = await this.#run(planMutagenSyncListCommand(this.mutagenBinary), input.bindingId);
+		if (listResult.blocked) return this.snapshot();
+		let session;
+		try {
+			session = findMutagenSyncSession(listResult.result.stdout, mutagenSyncName(input.bindingId));
+		} catch {
+			this.#block(input.bindingId, "project_sync_status_unavailable");
+			return this.snapshot();
+		}
+		if (!session) {
+			this.#block(input.bindingId, "project_sync_status_unavailable");
+			return this.snapshot();
+		}
+		const normalizedStatus = session.status.toLocaleLowerCase();
+		if (readyStatuses.has(normalizedStatus)) {
+			this.#setState({
+				state: "ready",
+				bindingId: input.bindingId,
+				publicMessage: "Project sync is ready."
+			});
+			return this.snapshot();
+		}
+		if (syncingStatuses.has(normalizedStatus)) {
+			this.#setState({
+				state: "syncing",
+				bindingId: input.bindingId,
+				publicMessage: "Project sync is catching up."
+			});
+			return this.snapshot();
+		}
+		this.#block(input.bindingId, mapTextToDiagnosticCode(session.status));
+		return this.snapshot();
+	}
+	async stop(input) {
+		if ((await this.#run(planMutagenSyncTerminateCommand(input.bindingId, this.mutagenBinary), input.bindingId)).blocked) return this.snapshot();
+		this.#setState({
+			state: "stopped",
+			bindingId: input.bindingId,
+			publicMessage: "Project sync has stopped."
+		});
+		return this.snapshot();
+	}
+	snapshot() {
+		const snapshot = { ...this.#snapshot };
+		if (this.#snapshot.lastCommand) snapshot.lastCommand = {
+			...this.#snapshot.lastCommand,
+			args: [...this.#snapshot.lastCommand.args]
+		};
+		return snapshot;
+	}
+	async #run(plan, bindingId = this.#snapshot.bindingId) {
+		try {
+			const result = normalizeProcessResult(await this.#runner(plan.command, [...plan.args]));
+			this.#snapshot.lastCommand = {
+				...plan,
+				...result,
+				args: [...plan.args]
+			};
+			if (result.exitCode !== 0) {
+				this.#block(bindingId, "project_sync_process_exit");
+				return { blocked: true };
+			}
+			return {
+				blocked: false,
+				result
+			};
+		} catch (error) {
+			const errorResult = {
+				stdout: "",
+				stderr: error instanceof Error ? error.message : String(error)
+			};
+			const exitCode = errorExitCode(error);
+			if (exitCode !== void 0) errorResult.exitCode = exitCode;
+			this.#snapshot.lastCommand = commandStatus(plan, errorResult);
+			this.#block(bindingId, mapErrorToDiagnosticCode(error));
+			return { blocked: true };
+		}
+	}
+	#block(bindingId, diagnosticCode) {
+		this.#setState({
+			state: "blocked",
+			bindingId,
+			diagnosticCode,
+			publicMessage: "Project sync is blocked."
+		});
+	}
+	#setState(next) {
+		const snapshot = {
+			...this.#snapshot,
+			state: next.state,
+			publicMessage: next.publicMessage,
+			mutagenBinary: this.mutagenBinary
+		};
+		if (next.bindingId !== void 0) snapshot.bindingId = next.bindingId;
+		if (next.diagnosticCode !== void 0) snapshot.diagnosticCode = next.diagnosticCode;
+		else delete snapshot.diagnosticCode;
+		this.#snapshot = snapshot;
+	}
+};
+function mutagenProjectSyncDoctorData(snapshot) {
+	const doctorData = { state: snapshot.state };
+	if (snapshot.diagnosticCode !== void 0) doctorData.diagnosticCode = snapshot.diagnosticCode;
+	if (snapshot.mutagenBinary !== void 0) doctorData.mutagenBinary = snapshot.mutagenBinary;
+	if (snapshot.mutagenVersion !== void 0) doctorData.mutagenVersion = snapshot.mutagenVersion;
+	if (snapshot.lastCommand !== void 0) doctorData.lastCommand = snapshot.lastCommand;
+	return doctorData;
+}
+function parseMutagenVersionOutput(output) {
+	return { version: output.match(/Mutagen version\s+([^\s]+)/u)?.[1] ?? "unknown" };
+}
+async function defaultMutagenProcessRunner(command, args) {
+	return new Promise((resolve, reject) => {
+		const child = spawn(command, args, { stdio: [
+			"ignore",
+			"pipe",
+			"pipe"
+		] });
+		let stdout = "";
+		let stderr = "";
+		child.stdout.setEncoding("utf8");
+		child.stderr.setEncoding("utf8");
+		child.stdout.on("data", (chunk) => {
+			stdout += chunk;
+		});
+		child.stderr.on("data", (chunk) => {
+			stderr += chunk;
+		});
+		child.on("error", reject);
+		child.on("close", (exitCode) => {
+			resolve(exitCode === null ? {
+				stdout,
+				stderr
+			} : {
+				stdout,
+				stderr,
+				exitCode
+			});
+		});
+	});
+}
+function normalizeProcessResult(result) {
+	return {
+		stdout: result.stdout ?? "",
+		stderr: result.stderr ?? "",
+		exitCode: result.exitCode ?? 0
+	};
+}
+function commandStatus(plan, result) {
+	const status = {
+		...plan,
+		args: [...plan.args],
+		stdout: result.stdout ?? "",
+		stderr: result.stderr ?? ""
+	};
+	if (result.exitCode !== void 0) status.exitCode = result.exitCode;
+	return status;
+}
+function mapErrorToDiagnosticCode(error) {
+	const text = errorText(error);
+	if (errorCode(error) === "ENOENT" || /\bnot found\b|enoent|no such file/u.test(text)) return "project_sync_binary_missing";
+	return mapTextToDiagnosticCode(text, errorExitCode(error));
+}
+function mapTextToDiagnosticCode(text, exitCode) {
+	const normalized = text.toLocaleLowerCase();
+	if (/auth|credential|permission denied|unauthorized|forbidden/u.test(normalized)) return "project_sync_auth_failed";
+	if (/already exists|conflict|duplicate|in use/u.test(normalized)) return "project_sync_conflict";
+	if (exitCode !== void 0 || /exit|failed|terminated/u.test(normalized)) return "project_sync_process_exit";
+	return "project_sync_status_unavailable";
+}
+function errorText(error) {
+	return error instanceof Error ? error.message.toLocaleLowerCase() : String(error).toLocaleLowerCase();
+}
+function errorCode(error) {
+	return typeof error === "object" && error !== null && "code" in error ? error.code : void 0;
+}
+function errorExitCode(error) {
+	return typeof error === "object" && error !== null && "exitCode" in error ? error.exitCode : void 0;
+}
+function findMutagenSyncSession(stdout, name) {
+	const parsed = JSON.parse(stdout);
+	for (const entry of collectCandidateSessions(parsed)) if (entry.name === name) return entry;
+}
+function collectCandidateSessions(value) {
+	if (Array.isArray(value)) return value.flatMap(collectCandidateSessions);
+	if (!isRecord(value)) return [];
+	const ownSession = sessionFromRecord(value);
+	const nested = [
+		"synchronizations",
+		"sessions",
+		"syncs"
+	].flatMap((key) => collectCandidateSessions(value[key]));
+	return ownSession ? [ownSession, ...nested] : nested;
+}
+function sessionFromRecord(value) {
+	const name = stringProperty(value, "name") ?? stringProperty(value, "Name");
+	const status = stringProperty(value, "status") ?? stringProperty(value, "Status") ?? stringProperty(value, "sessionStatus") ?? stringProperty(value, "SessionStatus");
+	return name && status ? {
+		name,
+		status
+	} : void 0;
+}
+function stringProperty(value, key) {
+	return typeof value[key] === "string" ? value[key] : void 0;
+}
+function isRecord(value) {
+	return typeof value === "object" && value !== null;
+}
+//#endregion
+export { BundleCapletSource, CapletsRuntime, CloudAuthClient, CloudAuthStore, DEFAULT_SYNC_LIMITS, FilesystemCapletSource, LocalSetupStore, ManagedMutagenProjectSync, PROJECT_BINDINGS_CONTROL_PATH, PROJECT_BINDING_CONNECT_PATH, PROJECT_BINDING_ERROR_CODES, PROJECT_BINDING_STATES, PROJECT_BINDING_SYNC_STATES, ProjectBindingError, ProjectBindingWorkspaceStore, ServerRegistry, attachProjectOnce, attachProjectSession, buildProjectSyncManifest, capabilityDescription, capletSetupContentHash, classifyCapletRuntimeRoute, cloudAuthPath, createProgram, defaultProjectBindingWebSocketFactory, enforceProjectSyncSizeLimits, generatedToolInputSchema, handleServerTool, hasRenderableStructuredContent, loadConfig, markdownCallToolResultContent, markdownStructuredContent, migrateCredentials, mutagenProjectSyncDoctorData, mutagenSyncName, openBrowserUrl, parseCapletSource, parseConfig, parseMutagenVersionOutput as parseManagedMutagenVersionOutput, planCapletRuntimeRoute, planCapletRuntimeRoutes, planMutagenSyncCreateCommand, planMutagenSyncListCommand, planMutagenSyncTerminateCommand, planMutagenVersionCommand, projectBindingConnectPath, projectBindingConnectUrl, projectBindingError, projectBindingRecovery, projectBindingStatusPath, projectBindingStatusUrl, projectBindingWorkspacePaths, projectBindingWorkspaceRoot, redactedCloudAuthStatus, resolveAttachOptions, runCapletSetup, runCli, runProjectBindingSession, serveCaplets, serveHttp, serveResolvedCaplets, serveStdio, stableJson };