@caplets/core 0.25.1 → 0.26.0

package/dist/index.js

@@ -1,9 +1,9 @@
-import { $ as decodeDirectResourceUri, $t as ElicitResultSchema, A as nativeCapletToolDescription, An as objectFromShape, At as defaultCacheBaseDir, B as QuickJsCodeModeSandbox, Bt as assertClientRequestTaskCapability, C as resolveRemoteMode, Cn as getLiteralValue, Ct as startOAuthFlow, D as parseServerBaseUrl, Dn as isSchemaOptional, Dt as DEFAULT_AUTH_DIR, E as isLoopbackHost, En as getSchemaDescription, Et as readTokenBundle, F as codeModeRunInputSchema, Ft as resolveConfigPath, G as CodeModeLogStore, Gt as toJsonSchemaCompat, H as createCodeModeCapletsApi, Ht as AjvJsonSchemaValidator, I as codeModeRunParamsSchema, It as resolveProjectCapletsRoot, J as generateCodeModeDeclarations, Jt as CompleteRequestSchema, K as redactCodeModeLogText, Kt as CallToolRequestSchema, L as emptyCodeModeRunMeta, Lt as resolveProjectConfigPath, Mn as safeParseAsync, Mt as defaultConfigPath, Nt as defaultStateBaseDir, O as resolveCapletsServer, On as isZ4Schema, Pt as resolveCapletsRoot, Q as resolveExposure, R as runCodeMode, Rt as ReadBuffer, S as resolveHostedCloudRemote, Sn as isJSONRPCResultResponse, St as startGenericOAuthFlow, T as controlUrlForBase, Tn as getParseErrorMessage, Tt as isTokenBundleExpired, U as listCodeModeCallableCaplets, Ut as Protocol, V as diagnoseCodeModeTypeScript, Vt as assertToolsCallTaskCapability, W as CodeModeJournalStore, Wt as mergeCapabilities, X as minifyCodeModeDeclarationText, Xt as CreateMessageResultWithToolsSchema, Y as generateCodeModeRunToolDescription, Yt as CreateMessageResultSchema, Z as CapletsEngine, Zt as CreateTaskResultSchema, _n as assertCompleteRequestPrompt, _t as markdownCallToolResultContent, a as CloudAuthStore, an as JSONRPCMessageSchema, at as capabilityDescription, b as normalizeRemoteProfileHostUrl, bn as isJSONRPCErrorResponse, bt as runGenericOAuthFlow, c as redactedCloudAuthStatus, cn as ListResourceTemplatesRequestSchema, ct as loadConfigWithSources, d as projectBindingError, dn as ListToolsRequestSchema, dt as loadProjectConfig, en as EmptyResultSchema, et as directResourceUriMatchesTemplate, f as projectBindingRecovery, fn as LoggingLevelSchema, ft as parseConfig, g as buildProjectSyncManifest, gn as SetLevelRequestSchema, gt as hasRenderableStructuredContent, hn as SUPPORTED_PROTOCOL_VERSIONS, ht as loadCapletFilesFromMap, i as createRemoteProfileStore, in as InitializedNotificationSchema, it as ServerRegistry, j as nativeCapletToolName, jn as safeParse, jt as defaultConfigBaseDir, k as nativeCapletPromptGuidance, kn as normalizeObjectSchema, kt as DEFAULT_OBSERVED_OUTPUT_SHAPE_CACHE_DIR, l as PROJECT_BINDING_ERROR_CODES, ln as ListResourcesRequestSchema, lt as loadGlobalConfig, mn as ReadResourceRequestSchema, mt as validateCapletFile, n as resolveRemoteSelection, nn as GetPromptRequestSchema, nt as fingerprintProjectRoot, o as cloudAuthPath, on as LATEST_PROTOCOL_VERSION, ot as GoogleDiscoveryManager, p as CloudAuthClient, pn as McpError, pt as discoverCapletFiles, q as codeModeDeclarationHash, qt as CallToolResultSchema, r as cloudCredentialsFromRemoteProfile, rn as InitializeRequestSchema, rt as handleServerTool, s as migrateCredentials, sn as ListPromptsRequestSchema, st as loadConfig, t as createNativeCapletsService, tn as ErrorCode, tt as findProjectRoot, u as ProjectBindingError, un as ListRootsResultSchema, ut as loadLocalOverlayConfigWithSources, v as hostedCloudWorkspaceFromRemoteUrl, vn as assertCompleteRequestResourceTemplate, vt as markdownStructuredContent, w as appendBasePath, wn as getObjectShape, wt as deleteTokenBundle, x as resolveCapletsRemote, xn as isJSONRPCRequest, xt as runOAuthFlow, y as isCapletsCloudUrl, yn as isInitializeRequest, yt as refreshOAuthTokenBundle, z as CodeModeSessionManager, zt as serializeMessage } from "./service-Ut6dN9M8.js";
+import { $ as resolveExposure, $t as CallToolRequestSchema, A as nativeCapletPromptGuidance, An as getLiteralValue, At as startOAuthFlow, B as CodeModeSessionManager, Bt as defaultStateBaseDir, C as resolveHostedCloudRemote, Cn as SetLevelRequestSchema, Ct as hasRenderableStructuredContent, D as isLoopbackHost, Dn as isJSONRPCErrorResponse, Dt as runGenericOAuthFlow, E as controlUrlForBase, En as isInitializeRequest, Et as refreshOAuthTokenBundle, Fn as isZ4Schema, G as CodeModeJournalStore, Gt as ReadBuffer, H as diagnoseCodeModeTypeScript, Ht as resolveConfigPath, I as codeModeRunInputSchema, In as normalizeObjectSchema, It as DEFAULT_OBSERVED_OUTPUT_SHAPE_CACHE_DIR, J as codeModeDeclarationHash, Jt as assertToolsCallTaskCapability, K as CodeModeLogStore, Kt as serializeMessage, L as codeModeRunParamsSchema, Ln as objectFromShape, Lt as defaultCacheBaseDir, M as nativeCapletToolName, Mn as getParseErrorMessage, Mt as isTokenBundleExpired, Nn as getSchemaDescription, Nt as readTokenBundle, O as parseServerBaseUrl, On as isJSONRPCRequest, Ot as runOAuthFlow, Pn as isSchemaOptional, Pt as DEFAULT_AUTH_DIR, Q as CapletsEngine, Qt as toJsonSchemaCompat, R as emptyCodeModeRunMeta, Rn as safeParse, Rt as defaultConfigBaseDir, S as resolveCapletsRemote, Sn as SUPPORTED_PROTOCOL_VERSIONS, St as loadCapletFilesFromMap, T as appendBasePath, Tn as assertCompleteRequestResourceTemplate, Tt as markdownStructuredContent, U as createCodeModeCapletsApi, Ut as resolveProjectCapletsRoot, V as QuickJsCodeModeSandbox, Vt as resolveCapletsRoot, W as listCodeModeCallableCaplets, Wt as resolveProjectConfigPath, X as generateCodeModeRunToolDescription, Xt as Protocol, Y as generateCodeModeDeclarations, Yt as AjvJsonSchemaValidator, Z as minifyCodeModeDeclarationText, Zt as mergeCapabilities, _ as CapletsCloudClient, _n as ListRootsResultSchema, _t as FileVaultStore, a as CloudAuthStore, at as ServerRegistry, b as isCapletsCloudUrl, bn as McpError, bt as discoverCapletFiles, c as redactedCloudAuthStatus, cn as ErrorCode, ct as loadConfig, d as projectBindingError, dn as InitializedNotificationSchema, dt as loadLocalOverlayConfigWithSources, en as CallToolResultSchema, et as decodeDirectResourceUri, f as projectBindingRecovery, fn as JSONRPCMessageSchema, ft as loadProjectConfig, g as buildProjectSyncManifest, gn as ListResourcesRequestSchema, gt as vaultStoreForAuthDir, hn as ListResourceTemplatesRequestSchema, ht as vaultResolverForAuthDir, i as createRemoteProfileStore, in as CreateTaskResultSchema, it as handleServerTool, j as nativeCapletToolDescription, jn as getObjectShape, jt as deleteTokenBundle, k as resolveCapletsServer, kn as isJSONRPCResultResponse, kt as startGenericOAuthFlow, l as PROJECT_BINDING_ERROR_CODES, ln as GetPromptRequestSchema, lt as loadConfigWithSources, mn as ListPromptsRequestSchema, mt as vaultBootstrapResolver, n as resolveRemoteSelection, nn as CreateMessageResultSchema, nt as findProjectRoot, o as cloudAuthPath, on as ElicitResultSchema, ot as capabilityDescription, p as CloudAuthClient, pn as LATEST_PROTOCOL_VERSION, pt as parseConfig, q as redactCodeModeLogText, qt as assertClientRequestTaskCapability, r as cloudCredentialsFromRemoteProfile, rn as CreateMessageResultWithToolsSchema, rt as fingerprintProjectRoot, s as migrateCredentials, sn as EmptyResultSchema, st as GoogleDiscoveryManager, t as createNativeCapletsService, tn as CompleteRequestSchema, tt as directResourceUriMatchesTemplate, u as ProjectBindingError, un as InitializeRequestSchema, ut as loadGlobalConfig, vn as ListToolsRequestSchema, vt as VAULT_MAX_VALUE_BYTES, w as resolveRemoteMode, wn as assertCompleteRequestPrompt, wt as markdownCallToolResultContent, x as normalizeRemoteProfileHostUrl, xn as ReadResourceRequestSchema, xt as validateCapletFile, y as hostedCloudWorkspaceFromRemoteUrl, yn as LoggingLevelSchema, yt as validateVaultKeyName, z as runCodeMode, zn as safeParseAsync, zt as defaultConfigPath } from "./service-rvZ7z6FI.js";
 import { _ as record, b as unknown, d as literal, m as object, n as ZodOptional, o as array, p as number, r as _enum, s as boolean, v as string, x as url } from "./schemas-BoqMu4MG.js";
 import { f as redactSecrets$1, i as SERVER_ID_PATTERN, l as CAPLETS_ERROR_CODES, p as toSafeError, u as CapletsError } from "./validation-C4tYXw6G.js";
 import { generatedToolInputJsonSchemaForCaplet, generatedToolInputSchema, generatedToolInputSchemaForCaplet } from "./generated-tool-input-schema.js";
 import { f as observedOutputShapeKey, g as stableJsonStringify, h as schemaHash, i as observeOutputShape, u as FileObservedOutputShapeStore } from "./observed-output-shapes-DuP7mJQf.js";
-import { a as formatCapletList, c as resolveCliConfigPaths, l as cliCommands$1, n as completionScript, o as formatConfigPaths, s as listCaplets, t as completeCliWords, u as completionShells } from "./completion-De4t5MtT.js";
+import { a as formatCapletList, c as resolveCliConfigPaths, l as cliCommands$1, n as completionScript, o as formatConfigPaths, s as listCaplets, t as completeCliWords, u as completionShells } from "./completion-DaYL-XQN.js";
 import { n as normalizeCapletSourcePath, t as FilesystemCapletSource } from "./filesystem-Kkg32TOJ.js";
 import { parseConfig as parseConfig$1 } from "./config-runtime.js";
 import fs, { accessSync, chmodSync, closeSync, constants, copyFileSync, cpSync, existsSync, fstatSync, lstatSync, mkdirSync, mkdtempSync, openSync, readFileSync, readSync, readdirSync, readlinkSync, realpathSync, renameSync, rmSync, statSync, watch, writeFileSync, writeSync } from "node:fs";
@@ -14,9 +14,9 @@ import { Readable, Writable } from "node:stream";
 import { STATUS_CODES, createServer } from "node:http";
 import { createHash, randomBytes, randomUUID, timingSafeEqual } from "node:crypto";
 import { homedir, tmpdir, userInfo } from "node:os";
+import { Buffer as Buffer$1 } from "node:buffer";
 import { EventEmitter } from "node:events";
 import { promisify, stripVTControlCharacters } from "node:util";
-import { Buffer as Buffer$1 } from "node:buffer";
 import { createInterface } from "node:readline/promises";
 import { Http2ServerRequest, constants as constants$1 } from "node:http2";
 //#region ../../node_modules/.pnpm/@modelcontextprotocol+sdk@1.29.0_zod@4.4.3/node_modules/@modelcontextprotocol/sdk/dist/esm/experimental/tasks/server.js
@@ -1553,7 +1553,7 @@ const EMPTY_COMPLETION_RESULT = { completion: {
 } };
 //#endregion
 //#region package.json
-var version = "0.25.1";
+var version = "0.26.0";
 //#endregion
 //#region src/serve/session.ts
 var CapletsMcpSession = class {
@@ -5353,7 +5353,7 @@ function collectFiles(root) {
 //#endregion
 //#region src/cli/auth.ts
 async function loginAuth(serverId, options) {
-	const server = await resolveAuthTarget$1(serverId, options.config ?? loadConfig(options.configPath), options.authDir);
+	const server = await resolveAuthTarget$1(serverId, options.config ?? loadAuthResolvedConfig(options), options.authDir);
 	assertLoginTarget(server, serverId);
 	try {
 		const flowOptions = {
@@ -5375,7 +5375,7 @@ function logoutAuth(serverId, options) {
 	else options.writeOut(`No OAuth credentials found for \`${serverId}\`.\n`);
 }
 function logoutAuthResult(serverId, options) {
-	assertLoginTarget(findAuthTarget(serverId, options.config ?? loadConfig(options.configPath)), serverId);
+	assertLoginTarget(findAuthTarget(serverId, options.config ?? loadConfig(options.configPath, void 0, { vaultResolver: vaultBootstrapResolver })), serverId);
 	return {
 		server: serverId,
 		deleted: deleteTokenBundle(serverId, options.authDir)
@@ -5386,13 +5386,16 @@ async function refreshAuth(serverId, options) {
 	options.writeOut(`Refreshed OAuth credentials for \`${serverId}\`.\n`);
 }
 async function refreshAuthResult(serverId, options) {
-	const target = await resolveAuthTarget$1(serverId, options.config ?? loadConfig(options.configPath), options.authDir);
+	const target = await resolveAuthTarget$1(serverId, options.config ?? loadAuthResolvedConfig(options), options.authDir);
 	assertLoginTarget(target, serverId);
 	await refreshOAuthTokenBundle(target, options.authDir);
 	return { server: serverId };
 }
 function listAuthRows(options) {
-	return authRowsForTargets(authTargets(loadConfig(options.configPath)), options.authDir);
+	return authRowsForTargets(authTargets(loadConfig(options.configPath, void 0, { vaultResolver: vaultBootstrapResolver })), options.authDir);
+}
+function loadAuthResolvedConfig(options) {
+	return loadConfig(options.configPath, void 0, { vaultResolver: vaultResolverForAuthDir(options.authDir) });
 }
 function listLocalAuthRows(options) {
 	return authRowsForTargets(localAuthTargets(options), options.authDir);
@@ -5402,7 +5405,7 @@ function localAuthTargets(options) {
 }
 function localAuthConfigForTarget(options) {
 	assertLoginTarget(localAuthTargets(options).find((candidate) => candidate.server === options.serverId), options.serverId);
-	return loadConfigForSource(options.source, options);
+	return loadConfigForSource(options.source, options, { vaultResolver: vaultResolverForAuthDir(options.authDir) });
 }
 function authTargetsForSource(source, options) {
 	try {
@@ -5415,9 +5418,9 @@ function authTargetsForSource(source, options) {
 		throw error;
 	}
 }
-function loadConfigForSource(source, options) {
-	if (source === "global") return loadGlobalConfig(options.configPath);
-	return loadProjectConfig(options.projectConfigPath);
+function loadConfigForSource(source, options, loadOptions = { vaultResolver: vaultBootstrapResolver }) {
+	if (source === "global") return loadGlobalConfig(options.configPath, loadOptions);
+	return loadProjectConfig(options.projectConfigPath, loadOptions);
 }
 function authRowsForTargets(targets, authDir) {
 	return targets.sort((left, right) => left.server.localeCompare(right.server)).map((server) => {
@@ -11048,7 +11051,7 @@ async function dispatchRemoteCliRequest(request, context) {
 async function dispatch(request, context) {
 	assertObject(request, "remote control request");
 	assertObject(request.arguments, "remote control request arguments");
-	if (request.command === "list") return listCaplets(loadConfigWithSources(context.configPath, context.projectConfigPath), { includeDisabled: optionalBoolean(request.arguments, "includeDisabled") ?? false });
+	if (request.command === "list") return listCaplets(loadConfigWithSources(context.configPath, context.projectConfigPath, { vaultResolver: vaultBootstrapResolver }), { includeDisabled: optionalBoolean(request.arguments, "includeDisabled") ?? false });
 	if (ENGINE_COMMANDS.has(request.command)) {
 		const caplet = requiredString(request.arguments, "caplet");
 		const toolRequest = requiredEngineRequest(request.arguments, request.command);
@@ -11089,6 +11092,7 @@ async function dispatch(request, context) {
 		...optionalProp("configPath", context.configPath),
 		...optionalProp("authDir", context.authDir)
 	});
+	if (request.command.startsWith("vault_")) return dispatchVault(request, context);
 	if (request.command === "auth_logout") return logoutAuthResult(requiredString(request.arguments, "server"), {
 		...optionalProp("configPath", context.configPath),
 		...optionalProp("authDir", context.authDir)
@@ -11101,9 +11105,76 @@ async function dispatch(request, context) {
 	if (request.command === "auth_login_complete") return completeRemoteAuthLogin(requiredString(request.arguments, "flowId"), requiredString(request.arguments, "callbackUrl"), context);
 	throw new CapletsError("UNKNOWN_OPERATION", `Unsupported remote control command ${request.command}`);
 }
+function dispatchVault(request, context) {
+	const store = remoteVaultStore(context);
+	switch (request.command) {
+		case "vault_set": {
+			const name = requiredString(request.arguments, "name");
+			const value = requiredString(request.arguments, "value");
+			const grant = optionalString(request.arguments, "grant");
+			const grantInput = grant ? {
+				storedKey: validateVaultKeyName(name),
+				referenceName: validateVaultKeyName(optionalString(request.arguments, "referenceName") ?? name),
+				capletId: grant,
+				origin: remoteVaultAccessOrigin(grant, context)
+			} : void 0;
+			const existed = store.getStatus(name).present;
+			const previousValue = existed && grantInput ? store.resolveValue(name) : void 0;
+			const status = store.set(name, value, { force: optionalBoolean(request.arguments, "force") ?? false });
+			try {
+				if (grantInput) store.grantAccess(grantInput);
+			} catch (error) {
+				if (existed && previousValue !== void 0) store.set(name, previousValue, { force: true });
+				else store.delete(name);
+				throw error;
+			}
+			return {
+				remote: true,
+				...status
+			};
+		}
+		case "vault_list": return store.listValues();
+		case "vault_get": {
+			const name = requiredString(request.arguments, "name");
+			if (optionalBoolean(request.arguments, "reveal") ?? false) throw new CapletsError("REQUEST_INVALID", "Self-hosted remote Vault reveal is not supported through remote control.");
+			return store.getStatus(name);
+		}
+		case "vault_delete": return store.delete(requiredString(request.arguments, "name"));
+		case "vault_access_grant": {
+			const storedKey = requiredString(request.arguments, "name");
+			const capletId = requiredString(request.arguments, "capletId");
+			return store.grantAccess({
+				storedKey,
+				referenceName: optionalString(request.arguments, "referenceName") ?? storedKey,
+				capletId,
+				origin: remoteVaultAccessOrigin(capletId, context)
+			});
+		}
+		case "vault_access_revoke": return store.revokeAccess({
+			storedKey: requiredString(request.arguments, "name"),
+			capletId: requiredString(request.arguments, "capletId"),
+			...optionalProp("referenceName", optionalString(request.arguments, "referenceName"))
+		});
+		case "vault_access_list": return store.listAccess({
+			...optionalProp("storedKey", optionalString(request.arguments, "name")),
+			...optionalProp("capletId", optionalString(request.arguments, "capletId"))
+		});
+		default: throw new CapletsError("UNKNOWN_OPERATION", `Unsupported remote control command ${request.command}`);
+	}
+}
+function remoteVaultStore(context) {
+	return vaultStoreForAuthDir(context.authDir);
+}
+function remoteVaultAccessOrigin(capletId, context) {
+	const overlay = loadLocalOverlayConfigWithSources(context.configPath, context.projectConfigPath, { vaultResolver: vaultBootstrapResolver });
+	const origin = overlay.sources[capletId];
+	if (!origin) throw new CapletsError("SERVER_NOT_FOUND", `Caplet ${capletId} is not configured.`);
+	if (overlay.shadows[capletId]?.length) throw new CapletsError("REQUEST_INVALID", `Caplet ${capletId} is shadowed in multiple config sources; resolve the active config before granting Vault access.`);
+	return origin;
+}
 async function startRemoteAuthLogin(serverId, context) {
 	if (!context.authFlowStore || !context.controlCallbackBaseUrl) throw new CapletsError("REQUEST_INVALID", "Remote auth login is not available on this server");
-	const config = loadConfigWithSources(context.configPath, context.projectConfigPath).config;
+	const config = loadConfigWithSources(context.configPath, context.projectConfigPath, { vaultResolver: vaultResolverForAuthDir(context.authDir) }).config;
 	const target = await resolveAuthTarget$1(serverId, config, context.authDir);
 	assertLoginTarget(target, serverId);
 	const flowId = randomUUID();
@@ -11978,6 +12049,7 @@ function attachEventsResponse(engine, activeStreams) {
 async function serveHttp(options, engineOptions = {}, writeErr = (value) => process.stderr.write(value)) {
 	const resolvedEngineOptions = {
 		exposeLocalArtifactPaths: false,
+		vaultRecoveryTarget: "remote",
 		...engineOptions
 	};
 	const engine = new CapletsEngine(resolvedEngineOptions);
@@ -12857,6 +12929,7 @@ async function doctorJsonReport(options = {}) {
 		},
 		daemon: await resolveDaemonSection(env, options.daemon),
 		remoteLogin: remoteLogin.report,
+		vault: resolveVaultSection(env, root),
 		exposure: await resolveExposureSection(env),
 		codeMode: await resolveCodeModeSection(options, env)
 	};
@@ -12907,6 +12980,11 @@ async function formatDoctorReport(options = {}) {
 		...report.remoteLogin.workspaceSlug || report.remoteLogin.workspaceId ? [`  Selected Workspace: ${report.remoteLogin.workspaceSlug ?? report.remoteLogin.workspaceId}`] : [],
 		...report.remoteLogin.clientId ? [`  Client: ${report.remoteLogin.clientId}`] : [],
 		"",
+		"Vault",
+		`  OK: ${yesNo(Boolean(report.vault.ok))}`,
+		...!report.vault.ok && typeof report.vault.message === "string" ? [`  Error: ${report.vault.message}`] : [],
+		...Array.isArray(report.vault.issues) ? report.vault.issues.map((issue) => `  ${issue.capletId}: ${issue.reason} ${issue.key} (${issue.recoveryCommand})`) : [],
+		"",
 		"Exposure",
 		`  Default: ${report.exposure.default ?? "unknown"}`,
 		`  Discovery timeout: ${report.exposure.discoveryTimeoutMs ?? "unknown"}ms`,
@@ -12924,6 +13002,37 @@ async function formatDoctorReport(options = {}) {
 		...observedOutputShapePath(report.codeMode.observedOutputShapes) ? [`  Observed output shape cache: ${observedOutputShapePath(report.codeMode.observedOutputShapes)}`] : []
 	].join("\n")}\n`;
 }
+function resolveVaultSection(env, cwd = process.cwd()) {
+	const configPath = env.CAPLETS_CONFIG?.trim() ? env.CAPLETS_CONFIG.trim() : resolveConfigPath();
+	const projectConfigPath = env.CAPLETS_PROJECT_CONFIG?.trim() ? env.CAPLETS_PROJECT_CONFIG.trim() : resolveProjectConfigPath(cwd);
+	try {
+		const issues = loadLocalOverlayConfigWithSources(configPath, projectConfigPath).warnings.filter((warning) => warning.message.includes("Vault key")).map((warning) => vaultIssueFromWarning(warning.message, warning.path)).filter((issue) => issue !== void 0);
+		return {
+			ok: issues.length === 0,
+			issues
+		};
+	} catch (error) {
+		return {
+			ok: false,
+			issues: [],
+			message: error instanceof Error ? error.message : String(error)
+		};
+	}
+}
+function vaultIssueFromWarning(message, path) {
+	const match = message.match(/^Caplet ([^ ]+) references ([^ ]+) Vault key ([^ ]+) at ([^;]+); run `([^`]+)`/u);
+	if (!match) return void 0;
+	const recoveryCommand = match[5] ?? "";
+	return {
+		capletId: match[1],
+		reason: match[2],
+		key: match[3],
+		configPath: path,
+		referencePath: match[4],
+		target: recoveryCommand.includes("--remote") ? "remote" : "global",
+		recoveryCommand
+	};
+}
 async function resolveDaemonSection(env, options) {
 	try {
 		const status = await daemonStatus({
@@ -13258,6 +13367,42 @@ async function openBrowserUrl(url, options = {}) {
 	});
 }
 //#endregion
+//#region src/cli/vault.ts
+function formatVaultValueStatus(status, json = false) {
+	if (json) return `${JSON.stringify(status, null, 2)}\n`;
+	if (!status.present) return `Vault key ${status.key} is not set.\n`;
+	return [
+		`Vault key ${status.key} is set.`,
+		status.valueBytes === void 0 ? void 0 : `Value bytes: ${status.valueBytes}`,
+		status.updatedAt === void 0 ? void 0 : `Updated: ${status.updatedAt}`
+	].filter((line) => line !== void 0).join("\n").concat("\n");
+}
+function formatVaultValueList(statuses, json = false) {
+	if (json) return `${JSON.stringify(statuses, null, 2)}\n`;
+	if (statuses.length === 0) return "No Vault keys set.\n";
+	return `${statuses.map((status) => status.key).join("\n")}\n`;
+}
+function formatVaultDeleteStatus(status, json = false) {
+	if (json) return `${JSON.stringify(status, null, 2)}\n`;
+	return status.deleted ? `Deleted Vault key ${status.key}. ${status.grantsRetained} access grant${status.grantsRetained === 1 ? "" : "s"} retained.\n` : `No Vault key ${status.key} found.\n`;
+}
+function formatVaultAccessGrant(grant, json = false) {
+	if (json) return `${JSON.stringify(grant, null, 2)}\n`;
+	return `Granted Vault key ${grant.storedKey} to ${grant.capletId} as ${grant.referenceName}.\n`;
+}
+function formatVaultAccessList(grants, json = false) {
+	if (json) return `${JSON.stringify(grants, null, 2)}\n`;
+	if (grants.length === 0) return "No Vault access grants.\n";
+	return `${grants.map((grant) => {
+		const origin = grant.origin ? ` (${grant.origin.kind} ${grant.origin.path})` : "";
+		return `${grant.storedKey} -> ${grant.capletId}:${grant.referenceName}${origin}`;
+	}).join("\n")}\n`;
+}
+function formatVaultAccessRevoke(count, json = false) {
+	if (json) return `${JSON.stringify({ revoked: count }, null, 2)}\n`;
+	return `Revoked ${count} Vault access grant${count === 1 ? "" : "s"}.\n`;
+}
+//#endregion
 //#region src/setup/hash.ts
 function capletSetupContentHash(caplet) {
 	return createHash("sha256").update(stableJson(stableCapletForHash(caplet))).digest("hex");
@@ -14627,7 +14772,7 @@ var RemoteControlClient = class {
 		if (response.status === 401 || response.status === 403) throw new CapletsError("AUTH_FAILED", `Caplets remote authentication failed. Run caplets remote login ${safeBaseUrl(resolved.baseUrl)}.`);
 		if (!response.ok) throw new CapletsError("SERVER_UNAVAILABLE", `Caplets server at ${safeBaseUrl(resolved.baseUrl)} returned HTTP ${response.status}.`);
 		const payload = await parseRemoteCliResponse(response);
-		if (!payload.ok) throw new CapletsError(payload.error.code, redactRemoteMessage(payload.error.message), payload.error.nextAction === void 0 ? void 0 : { nextAction: payload.error.nextAction });
+		if (!payload.ok) throw new CapletsError(payload.error.code, redactRemoteMessage(payload.error.message, sensitiveValues(command, args)), payload.error.nextAction === void 0 ? void 0 : { nextAction: payload.error.nextAction });
 		return payload.result;
 	}
 };
@@ -14684,8 +14829,17 @@ function isRecord$1(value) {
 function isCapletsErrorCode(value) {
 	return CAPLETS_ERROR_CODES.includes(value);
 }
-function redactRemoteMessage(message) {
-	return String(redactSecrets$1(message)).replace(/\b(authorization\s*:\s*(?:basic|bearer)\s+)[^\s,;]+/giu, "$1[REDACTED]").replace(/\b((?:access_)?token=)[^\s,;]+/giu, "$1[REDACTED]").replace(/\b((?:token|secret|authorization|auth|api[-_]?key|password|credential|clientsecret|client_secret|code|refresh(?:_token)?)\s*[=:]\s*)[^\s,;]+/giu, "$1[REDACTED]");
+function redactRemoteMessage(message, values = []) {
+	let redacted = String(redactSecrets$1(message));
+	for (const value of values) {
+		if (value.length === 0) continue;
+		redacted = redacted.split(value).join("[REDACTED]");
+	}
+	return redacted.replace(/\b(authorization\s*:\s*(?:basic|bearer)\s+)[^\s,;]+/giu, "$1[REDACTED]").replace(/\b((?:access_)?token=)[^\s,;]+/giu, "$1[REDACTED]").replace(/\b((?:token|secret|authorization|auth|api[-_]?key|password|credential|clientsecret|client_secret|code|refresh(?:_token)?)\s*[=:]\s*)[^\s,;]+/giu, "$1[REDACTED]");
+}
+function sensitiveValues(command, args) {
+	if (command === "vault_set" && typeof args.value === "string") return [args.value];
+	return [];
 }
 //#endregion
 //#region src/serve/stdio.ts
@@ -15617,6 +15771,135 @@ function createProgram(io = {}) {
 			...io.daemon ? { daemon: io.daemon } : {}
 		}));
 	});
+	const vault = program.command(cliCommands$1.vault).description("Manage Caplets Vault values.");
+	vault.command("set").description("Set a local/global Vault value.").argument("<name>", "Vault key name").option("-g, --global", "target the local/global Vault").option("--remote", "target the selected remote Vault").option("--force", "overwrite an existing Vault value").option("--grant <capletId>", "grant this key to a configured Caplet after setting it").option("--as <referenceName>", "reference name the Caplet uses in config").option("--json", "print JSON output").action(async (name, options) => {
+		if (parseVaultTarget(options) === "remote") {
+			const value = await readVaultValue(io);
+			assertVaultTransportValueSize(value);
+			const status = await remoteVaultSet(io, {
+				name,
+				value,
+				force: Boolean(options.force),
+				...options.grant ? { grant: options.grant } : {},
+				...options.as ?? options.grant ? { referenceName: options.as ?? name } : {}
+			});
+			if (options.json) {
+				writeOut(`${JSON.stringify(status, null, 2)}\n`);
+				return;
+			}
+			writeOut(`Set remote Vault key ${validateVaultKeyName(name)}.\n`);
+			if (options.grant) writeOut(`Granted remote Vault key ${validateVaultKeyName(name)} to ${options.grant} as ${validateVaultKeyName(options.as ?? name)}.\n`);
+			return;
+		}
+		const value = await readVaultValue(io);
+		const store = new FileVaultStore({ env });
+		const existed = store.getStatus(name).present;
+		const previousValue = existed && options.grant ? store.resolveValue(name) : void 0;
+		const status = store.set(name, value, { force: Boolean(options.force) });
+		try {
+			if (options.grant) {
+				const origin = resolveVaultAccessOrigin(options.grant, io);
+				store.grantAccess({
+					storedKey: name,
+					referenceName: options.as ?? name,
+					capletId: options.grant,
+					origin
+				});
+			}
+		} catch (error) {
+			if (existed && previousValue !== void 0) store.set(name, previousValue, { force: true });
+			else store.delete(name);
+			throw error;
+		}
+		if (options.json) {
+			writeOut(`${JSON.stringify(status, null, 2)}\n`);
+			return;
+		}
+		writeOut(`Set Vault key ${validateVaultKeyName(name)}.\n`);
+		if (options.grant) writeOut(`Granted Vault key ${validateVaultKeyName(name)} to ${options.grant} as ${validateVaultKeyName(options.as ?? name)}.\n`);
+	});
+	vault.command("get").description("Show local/global Vault metadata, or reveal with --show.").argument("<name>", "Vault key name").option("-g, --global", "target the local/global Vault").option("--remote", "target the selected remote Vault").option("--show", "reveal the raw Vault value").option("--json", "print JSON output").action(async (name, options) => {
+		if (parseVaultTarget(options) === "remote") {
+			const result = await remoteVaultGet(io, {
+				name,
+				reveal: Boolean(options.show)
+			});
+			if (options.show) {
+				const value = result && typeof result === "object" && "value" in result ? String(result.value) : "";
+				writeOut(options.json ? `${JSON.stringify(result, null, 2)}\n` : `${value}\n`);
+				return;
+			}
+			writeOut(formatVaultValueStatus(result, Boolean(options.json)));
+			return;
+		}
+		const store = new FileVaultStore({ env });
+		if (options.show) {
+			const value = store.resolveValue(name);
+			writeOut(options.json ? `${JSON.stringify({
+				key: name,
+				value
+			}, null, 2)}\n` : `${value}\n`);
+			return;
+		}
+		writeOut(formatVaultValueStatus(store.getStatus(name), Boolean(options.json)));
+	});
+	vault.command("list").description("List local/global Vault keys without revealing values.").option("-g, --global", "target the local/global Vault").option("--remote", "target the selected remote Vault").option("--json", "print JSON output").action(async (options) => {
+		if (parseVaultTarget(options) === "remote") {
+			writeOut(formatVaultValueList(await remoteVaultList(io), Boolean(options.json)));
+			return;
+		}
+		writeOut(formatVaultValueList(new FileVaultStore({ env }).listValues(), Boolean(options.json)));
+	});
+	vault.command("delete").description("Delete a local/global Vault value without revealing it.").argument("<name>", "Vault key name").option("-g, --global", "target the local/global Vault").option("--remote", "target the selected remote Vault").option("--json", "print JSON output").action(async (name, options) => {
+		if (parseVaultTarget(options) === "remote") {
+			writeOut(formatVaultDeleteStatus(await remoteVaultDelete(io, name), Boolean(options.json)));
+			return;
+		}
+		writeOut(formatVaultDeleteStatus(new FileVaultStore({ env }).delete(name), Boolean(options.json)));
+	});
+	const vaultAccess = vault.command("access").description("Manage Vault access grants.");
+	vaultAccess.command("grant").description("Grant a Vault key to a configured Caplet.").argument("<name>", "stored Vault key name").argument("<capletId>", "configured Caplet ID").option("-g, --global", "target the local/global Vault").option("--remote", "target the selected remote Vault").option("--as <referenceName>", "reference name the Caplet uses in config").option("--json", "print JSON output").action(async (name, capletId, options) => {
+		if (parseVaultTarget(options) === "remote") {
+			writeOut(formatVaultAccessGrant(await remoteVaultAccessGrant(io, {
+				name,
+				capletId,
+				referenceName: options.as ?? name
+			}), Boolean(options.json)));
+			return;
+		}
+		const origin = resolveVaultAccessOrigin(capletId, io);
+		writeOut(formatVaultAccessGrant(new FileVaultStore({ env }).grantAccess({
+			storedKey: name,
+			referenceName: options.as ?? name,
+			capletId,
+			origin
+		}), Boolean(options.json)));
+	});
+	vaultAccess.command("list").description("List Vault access grants without revealing values.").argument("[name]", "optional stored Vault key name").argument("[capletId]", "optional configured Caplet ID").option("-g, --global", "target the local/global Vault").option("--remote", "target the selected remote Vault").option("--caplet <capletId>", "filter by configured Caplet ID").option("--json", "print JSON output").action(async (name, capletId, options) => {
+		if (options.caplet && capletId && options.caplet !== capletId) throw new CapletsError("REQUEST_INVALID", "Use either positional capletId or --caplet, not both.");
+		const capletFilter = options.caplet ?? capletId;
+		if (parseVaultTarget(options) === "remote") {
+			writeOut(formatVaultAccessList(await remoteVaultAccessList(io, {
+				...name ? { name } : {},
+				...capletFilter ? { capletId: capletFilter } : {}
+			}), Boolean(options.json)));
+			return;
+		}
+		writeOut(formatVaultAccessList(new FileVaultStore({ env }).listAccess(vaultAccessFilter(name, capletFilter)), Boolean(options.json)));
+	});
+	vaultAccess.command("revoke").description("Revoke Vault access grants.").argument("<name>", "stored Vault key name").argument("<capletId>", "configured Caplet ID").option("-g, --global", "target the local/global Vault").option("--remote", "target the selected remote Vault").option("--as <referenceName>", "reference name the Caplet uses in config").option("--json", "print JSON output").action(async (name, capletId, options) => {
+		if (parseVaultTarget(options) === "remote") {
+			const revoked = await remoteVaultAccessRevoke(io, {
+				name,
+				capletId,
+				...options.as ? { referenceName: options.as } : {}
+			});
+			writeOut(formatVaultAccessRevoke(Array.isArray(revoked) ? revoked.length : 0, Boolean(options.json)));
+			return;
+		}
+		const filter = vaultAccessFilter(name, capletId, options.as);
+		writeOut(formatVaultAccessRevoke(new FileVaultStore({ env }).revokeAccess(filter).length, Boolean(options.json)));
+	});
 	program.command(cliCommands$1.list).description("List configured Caplets.").option("--all", "include disabled Caplets").option("--json", "print JSON output").option("--format <format>", "output format: plain, markdown, md, or json", parseOutputFormat).action(async (options) => {
 		const includeDisabled = Boolean(options.all);
 		const remote = remoteClientForCli(io);
@@ -15632,7 +15915,7 @@ function createProgram(io = {}) {
 			writeOut(formatCapletList(rows, options.format ?? "plain"));
 			return;
 		}
-		const rows = listCaplets(loadConfigWithSources(currentConfigPath(), envProjectConfigPath(env)), { includeDisabled });
+		const rows = listCaplets(loadConfigWithSources(currentConfigPath(), envProjectConfigPath(env), { vaultResolver: vaultBootstrapResolver }), { includeDisabled });
 		if (options.json || options.format === "json") {
 			writeOut(`${JSON.stringify(rows, null, 2)}\n`);
 			return;
@@ -15982,6 +16265,7 @@ function createProgram(io = {}) {
 			...projectConfigPath ? { projectConfigPath } : {},
 			config: localAuthConfigForTarget({
 				serverId,
+				...io.authDir ? { authDir: io.authDir } : {},
 				...configPath ? { configPath } : {},
 				...projectConfigPath ? { projectConfigPath } : {},
 				source: target
@@ -16002,6 +16286,7 @@ function createProgram(io = {}) {
 			...configPath ? { configPath } : {},
 			config: localAuthConfigForTarget({
 				serverId,
+				...io.authDir ? { authDir: io.authDir } : {},
 				...configPath ? { configPath } : {},
 				...projectConfigPath ? { projectConfigPath } : {},
 				source: target
@@ -16023,6 +16308,7 @@ function createProgram(io = {}) {
 			...configPath ? { configPath } : {},
 			config: localAuthConfigForTarget({
 				serverId,
+				...io.authDir ? { authDir: io.authDir } : {},
 				...configPath ? { configPath } : {},
 				...projectConfigPath ? { projectConfigPath } : {},
 				source: target
@@ -16117,6 +16403,136 @@ function parseMutationTarget(options) {
 	if (options.remote) return "remote";
 	return "project";
 }
+function parseVaultTarget(options) {
+	const selected = [options.global ? "--global" : void 0, options.remote ? "--remote" : void 0].filter((value) => value !== void 0);
+	if (selected.length > 1) throw new CapletsError("REQUEST_INVALID", `Cannot combine Vault target flags: ${selected.join(", ")}`);
+	if (options.remote) return "remote";
+	return "global";
+}
+async function resolveVaultRemoteTarget(io) {
+	const env = io.env ?? process.env;
+	const mode = resolveRemoteMode({}, env).mode;
+	if (mode === "remote") return {
+		kind: "self_hosted",
+		client: requireRemoteClientForTarget(io)
+	};
+	if (mode !== "cloud") throw new CapletsError("REQUEST_INVALID", "--remote requires CAPLETS_MODE=remote or CAPLETS_MODE=cloud and CAPLETS_REMOTE_URL");
+	const selection = await resolveRemoteSelection({
+		mode: "cloud",
+		...io.authDir ? { authDir: io.authDir } : {},
+		...io.fetch ? { fetch: io.fetch } : {}
+	}, env);
+	if (selection.kind !== "hosted_cloud") throw new CapletsError("REQUEST_INVALID", "--remote Vault target did not resolve to Cloud.");
+	return {
+		kind: "cloud",
+		workspace: selection.selectedWorkspace,
+		client: new CapletsCloudClient({
+			baseUrl: selection.remote.baseUrl,
+			accessToken: selection.credentials.accessToken,
+			...selection.remote.fetch ? { fetch: selection.remote.fetch } : {}
+		})
+	};
+}
+async function remoteVaultSet(io, input) {
+	const target = await resolveVaultRemoteTarget(io);
+	if (target.kind === "self_hosted") return await target.client.request("vault_set", input);
+	return await target.client.setVaultValue({
+		workspace: target.workspace,
+		...input
+	});
+}
+async function remoteVaultGet(io, input) {
+	const target = await resolveVaultRemoteTarget(io);
+	if (target.kind === "self_hosted") return await target.client.request("vault_get", {
+		name: input.name,
+		reveal: input.reveal
+	});
+	return await target.client.getVaultValue({
+		workspace: target.workspace,
+		name: input.name,
+		reveal: input.reveal
+	});
+}
+async function remoteVaultList(io) {
+	const target = await resolveVaultRemoteTarget(io);
+	if (target.kind === "self_hosted") return await target.client.request("vault_list", {});
+	return await target.client.listVaultValues({ workspace: target.workspace });
+}
+async function remoteVaultDelete(io, name) {
+	const target = await resolveVaultRemoteTarget(io);
+	if (target.kind === "self_hosted") return await target.client.request("vault_delete", { name });
+	return await target.client.deleteVaultValue({
+		workspace: target.workspace,
+		name
+	});
+}
+async function remoteVaultAccessGrant(io, input) {
+	const target = await resolveVaultRemoteTarget(io);
+	if (target.kind === "self_hosted") return await target.client.request("vault_access_grant", input);
+	return await target.client.grantVaultAccess({
+		workspace: target.workspace,
+		...input
+	});
+}
+async function remoteVaultAccessList(io, input) {
+	const target = await resolveVaultRemoteTarget(io);
+	if (target.kind === "self_hosted") return await target.client.request("vault_access_list", input);
+	return await target.client.listVaultAccess({
+		workspace: target.workspace,
+		...input
+	});
+}
+async function remoteVaultAccessRevoke(io, input) {
+	const target = await resolveVaultRemoteTarget(io);
+	if (target.kind === "self_hosted") return await target.client.request("vault_access_revoke", input);
+	return await target.client.revokeVaultAccess({
+		workspace: target.workspace,
+		...input
+	});
+}
+async function readVaultValue(io) {
+	let value;
+	if (io.readStdin) value = stripOneTrailingNewline(await io.readStdin());
+	else if (!process.stdin.isTTY && !io.writeOut && !io.writeErr) value = stripOneTrailingNewline(await readAllStdin());
+	else if (io.writeOut || io.writeErr || !process.stdin.isTTY || !process.stdout.isTTY) throw new CapletsError("REQUEST_INVALID", "Vault value input is required. Run interactively or provide stdin.");
+	else {
+		const output = new HiddenPromptOutput(process.stdout);
+		const readline = createInterface({
+			input: process.stdin,
+			output,
+			terminal: true
+		});
+		try {
+			value = await readline.question("Vault value: ");
+		} finally {
+			readline.close();
+			process.stdout.write("\n");
+		}
+	}
+	if (value.length === 0) throw new CapletsError("REQUEST_INVALID", "Vault value input is required.");
+	return value;
+}
+function stripOneTrailingNewline(value) {
+	return value.replace(/\r?\n$/u, "");
+}
+function assertVaultTransportValueSize(value) {
+	if (Buffer$1.byteLength(value, "utf8") > 65536) throw new CapletsError("REQUEST_INVALID", `Vault values must be ${VAULT_MAX_VALUE_BYTES} bytes or smaller.`);
+}
+function resolveVaultAccessOrigin(capletId, io) {
+	const env = io.env ?? process.env;
+	const config = loadConfigWithSources(envConfigPath(env), envProjectConfigPath(env), { vaultResolver: vaultBootstrapResolver });
+	if (config.shadows[capletId]?.length) throw new CapletsError("REQUEST_INVALID", `Caplet ${capletId} is shadowed in multiple config sources; resolve the active config before granting Vault access.`);
+	const origin = config.sources[capletId];
+	if (!origin) throw new CapletsError("SERVER_NOT_FOUND", `Caplet ${capletId} is not configured.`);
+	return origin;
+}
+function vaultAccessFilter(storedKey, capletId, referenceName) {
+	return {
+		...storedKey ? { storedKey: validateVaultKeyName(storedKey) } : {},
+		...capletId ? { capletId } : {},
+		...referenceName ? { referenceName: validateVaultKeyName(referenceName) } : {}
+	};
+}
 function localMutationTargetLabel(target, io) {
 	return remoteClientForCli(io) ? `${target} ` : "";
 }
@@ -16387,7 +16803,8 @@ function mergePartialLocalOverlays(globalOverlay, projectOverlay) {
 		config,
 		sources,
 		shadows,
-		warnings: [...globalOverlay.warnings, ...projectOverlay.warnings]
+		warnings: [...globalOverlay.warnings, ...projectOverlay.warnings],
+		sourceFound: globalOverlay.sourceFound || projectOverlay.sourceFound
 	};
 }
 const capletConfigKinds = [

package/dist/native.js

@@ -1,4 +1,4 @@
-import { A as nativeCapletToolDescription, M as nativeCapletsSystemGuidance, N as nativeCodeModeToolId, P as nativeCodeModeToolName, _ as resolveNativeCapletsServiceOptions, h as createSdkRemoteCapletsClient, j as nativeCapletToolName, k as nativeCapletPromptGuidance, m as RemoteNativeCapletsService, t as createNativeCapletsService } from "./service-Ut6dN9M8.js";
+import { A as nativeCapletPromptGuidance, F as nativeCodeModeToolName, M as nativeCapletToolName, N as nativeCapletsSystemGuidance, P as nativeCodeModeToolId, h as createSdkRemoteCapletsClient, j as nativeCapletToolDescription, m as RemoteNativeCapletsService, t as createNativeCapletsService, v as resolveNativeCapletsServiceOptions } from "./service-rvZ7z6FI.js";
 import { generatedToolInputJsonSchema, generatedToolInputSchema } from "./generated-tool-input-schema.js";
 //#region src/native/process-cleanup.ts
 function registerNativeCapletsProcessCleanup(service, options = {}) {