@clawcard/cli 1.1.6 → 2.0.1

package/README.md

@@ -2,7 +2,7 @@
 
 On-demand credit cards, email, and phone for your AI agents.
 
-ClawCard gives your agent a full identity — dedicated email inbox, SMS-enabled US phone number, virtual Mastercards with spend limits, and an encrypted credential vault. One API key, simple REST endpoints.
+ClawCard gives your agent a full identity — dedicated email inbox, SMS-enabled US phone number, virtual Mastercards with spend limits, and an encrypted credential vault. Your agent interacts with ClawCard through CLI commands — the API key never enters the agent's context.
 
 ## Install
 
@@ -16,10 +16,10 @@ npm install -g @clawcard/cli
 # Sign up (requires invite code)
 clawcard signup
 
-# Or log in
-clawcard login
+# Top up your balance (minimum $5)
+clawcard billing topup
 
-# Create an API key
+# Create your agent key
 clawcard keys create
 
 # Set up your agent (installs skill + configures API key)
@@ -28,54 +28,52 @@ clawcard setup
 
 `clawcard setup` uses [skills.sh](https://skills.sh) to install the ClawCard skill for your agent. Works with Claude Code, Cursor, Codex, Cline, OpenClaw, and 40+ other agents.
 
-## Commands
+## Agent Commands
 
-### Authentication
-| Command | Description |
-|---|---|
-| `clawcard login` | Log in via browser |
-| `clawcard signup` | Sign up with invite code |
-| `clawcard logout` | Clear session |
-| `clawcard whoami` | Show current account |
+Your agent runs these commands directly. All support `--json` for machine-parseable output.
 
-### Keys
 | Command | Description |
 |---|---|
-| `clawcard keys` | Interactive key management |
-| `clawcard keys create` | Create a new API key |
-| `clawcard keys list` | List all keys |
-| `clawcard keys info` | Show key details |
-| `clawcard keys revoke` | Revoke a key |
+| `clawcard agent info --json` | Agent identity (email, phone, budget) |
+| `clawcard agent emails --json` | List inbox |
+| `clawcard agent emails send --to --subject --body --json` | Send email |
+| `clawcard agent sms --json` | List SMS messages |
+| `clawcard agent sms send --to --body --json` | Send SMS |
+| `clawcard agent cards --json` | List virtual cards |
+| `clawcard agent cards create --amount --type --memo --json` | Create card |
+| `clawcard agent cards details <id> --json` | Get PAN, CVV, expiry |
+| `clawcard agent cards close <id> --json` | Close card |
+| `clawcard agent creds --json` | List stored credentials |
+| `clawcard agent creds set --service --key --value --json` | Store credential |
+| `clawcard agent creds get --service --key --json` | Retrieve credential |
+| `clawcard agent budget --json` | Check remaining budget |
+| `clawcard agent activity --json` | View activity log |
+
+## User Commands
 
-### Setup
 | Command | Description |
 |---|---|
-| `clawcard setup` | Install ClawCard skill for your agent |
-
-### Billing
-| Command | Description |
-|---|---|
-| `clawcard billing` | Interactive billing dashboard |
-| `clawcard billing balance` | Quick balance check |
+| `clawcard login` | Log in via browser |
+| `clawcard signup` | Sign up with invite code |
+| `clawcard logout` | Clear session |
+| `clawcard whoami` | Show current account |
+| `clawcard agent` | Show agent identity |
+| `clawcard agent fund` | Add budget to your agent |
+| `clawcard keys create` | Create agent key |
+| `clawcard keys revoke` | Revoke key (exports credentials first) |
+| `clawcard setup` | Install ClawCard skill |
+| `clawcard billing` | Billing dashboard |
 | `clawcard billing topup` | Top up balance |
-| `clawcard billing upgrade` | Upgrade subscription |
-| `clawcard billing transactions` | View transaction history |
-
-### Other
-| Command | Description |
-|---|---|
+| `clawcard billing balance` | Quick balance check |
 | `clawcard referral` | Show referral code |
 | `clawcard help` | Show all commands |
 
-## What Your Agent Gets
-
-Each API key comes with:
+## How It Works
 
-- **Email** — Dedicated inbox (@mail.clawcard.sh), send and receive
-- **Phone** — SMS-enabled US number for verification codes
-- **Virtual Cards** — Mastercards with per-card spend limits (single-use or merchant-locked)
-- **Credential Vault** — AES-256 encrypted key-value storage
-- **Budget Controls** — Per-key spending limits with full audit trail
+1. You create an agent key via the CLI — it gets an email, phone number, and budget
+2. `clawcard setup` installs a skill file that teaches your agent the available commands
+3. Your agent runs `clawcard agent` commands to send emails, create cards, store credentials, etc.
+4. The API key stays in `~/.clawcard/.env` — the agent never sees it
 
 ## Pricing
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@clawcard/cli",
-  "version": "1.1.6",
+  "version": "2.0.1",
   "description": "The ClawCard CLI — manage your agent keys, billing, and setup from the terminal",
   "bin": {
     "clawcard": "./bin/clawcard.mjs"

package/src/agent-api.js

@@ -0,0 +1,115 @@
+import { readFileSync } from "fs";
+import { join } from "path";
+import { homedir } from "os";
+import { BASE_URL } from "./config.js";
+
+const ENV_PATH = join(homedir(), ".clawcard", ".env");
+
+function getApiKey() {
+  try {
+    const content = readFileSync(ENV_PATH, "utf-8");
+    const match = content.match(/^CLAWCARD_API_KEY=(.+)$/m);
+    return match?.[1]?.trim() ?? null;
+  } catch {
+    return null;
+  }
+}
+
+async function agentRequest(path, options = {}) {
+  const apiKey = getApiKey();
+  if (!apiKey) {
+    throw new Error("No API key found. Run: clawcard setup");
+  }
+
+  const url = `${BASE_URL}${path}`;
+  const headers = {
+    "Content-Type": "application/json",
+    Authorization: `Bearer ${apiKey}`,
+    ...options.headers,
+  };
+
+  const res = await fetch(url, { ...options, headers });
+  const body = await res.json().catch(() => null);
+
+  if (!res.ok) {
+    const msg = body?.error || body?.message || `API error ${res.status}`;
+    throw new Error(msg);
+  }
+
+  return body;
+}
+
+// Identity
+export const getIdentity = () => agentRequest("/api/me");
+
+// Email
+export const listEmails = (agentId, params = {}) => {
+  const qs = new URLSearchParams();
+  if (params.limit) qs.set("limit", params.limit);
+  if (params.unread) qs.set("unread", "true");
+  if (params.from) qs.set("from", params.from);
+  if (params.subject_contains) qs.set("subject_contains", params.subject_contains);
+  const query = qs.toString();
+  return agentRequest(`/api/agents/${agentId}/emails${query ? "?" + query : ""}`);
+};
+export const sendEmail = (agentId, data) =>
+  agentRequest(`/api/agents/${agentId}/emails/send`, {
+    method: "POST",
+    body: JSON.stringify(data),
+  });
+export const markEmailRead = (agentId, emailId) =>
+  agentRequest(`/api/agents/${agentId}/emails/${emailId}/read`, {
+    method: "POST",
+  });
+
+// SMS
+export const listSms = (agentId, params = {}) => {
+  const qs = new URLSearchParams();
+  if (params.limit) qs.set("limit", params.limit);
+  const query = qs.toString();
+  return agentRequest(`/api/agents/${agentId}/sms${query ? "?" + query : ""}`);
+};
+export const sendSms = (agentId, data) =>
+  agentRequest(`/api/agents/${agentId}/sms/send`, {
+    method: "POST",
+    body: JSON.stringify(data),
+  });
+
+// Cards
+export const listCards = (agentId) =>
+  agentRequest(`/api/agents/${agentId}/cards`);
+export const createCard = (agentId, data) =>
+  agentRequest(`/api/agents/${agentId}/cards`, {
+    method: "POST",
+    body: JSON.stringify(data),
+  });
+export const getCardDetails = (agentId, cardId) =>
+  agentRequest(`/api/agents/${agentId}/cards/${cardId}`);
+export const updateCard = (agentId, cardId, action) =>
+  agentRequest(`/api/agents/${agentId}/cards/${cardId}`, {
+    method: "PATCH",
+    body: JSON.stringify({ action }),
+  });
+
+// Credentials
+export const listCredentials = (agentId) =>
+  agentRequest(`/api/agents/${agentId}/credentials`);
+export const setCredential = (agentId, data) =>
+  agentRequest(`/api/agents/${agentId}/credentials`, {
+    method: "POST",
+    body: JSON.stringify(data),
+  });
+export const getCredential = (agentId, service, key) =>
+  agentRequest(`/api/agents/${agentId}/credentials/${service}/${key}`);
+
+// Budget
+export const getBudget = (agentId) =>
+  agentRequest(`/api/agents/${agentId}/budget`);
+
+// Activity
+export const listActivity = (agentId, params = {}) => {
+  const qs = new URLSearchParams();
+  if (params.limit) qs.set("limit", params.limit);
+  const query = qs.toString();
+  return agentRequest(`/api/agents/${agentId}/activity${query ? "?" + query : ""}`);
+};

package/src/api.js

@@ -51,5 +51,19 @@ export const createCheckout = (amountCents) =>
 export const createPortal = () =>
   request("/api/billing/portal", { method: "POST" });
 
+// Budget
+export const getAgentBudget = (id) => request(`/api/agents/${id}/budget`);
+export const allocateBudget = (id, amountCents) =>
+  request(`/api/agents/${id}/budget`, {
+    method: "POST",
+    body: JSON.stringify({ amountCents }),
+  });
+
+// Credentials (session auth)
+export const listAgentCredentials = (agentId) =>
+  request(`/api/agents/${agentId}/credentials`);
+export const getAgentCredential = (agentId, service, key) =>
+  request(`/api/agents/${agentId}/credentials/${service}/${key}`);
+
 // User
 export const getMe = () => request("/api/me");

package/src/commands/agent.js

@@ -0,0 +1,238 @@
+import chalk from "chalk";
+import {
+  getIdentity,
+  listEmails,
+  sendEmail,
+  markEmailRead,
+  listSms,
+  sendSms,
+  listCards,
+  createCard,
+  getCardDetails,
+  updateCard,
+  listCredentials,
+  setCredential,
+  getCredential,
+  getBudget,
+  listActivity,
+} from "../agent-api.js";
+
+const orange = chalk.hex("#FF6B35");
+
+async function getAgentId() {
+  const me = await getIdentity();
+  if (!me.keyId) throw new Error("Could not determine agent ID");
+  return me.keyId;
+}
+
+function output(data, json) {
+  if (json) {
+    console.log(JSON.stringify(data, null, 2));
+  }
+  return data;
+}
+
+// ── Info ──
+export async function agentInfoCmd(options) {
+  const me = await getIdentity();
+  if (options.json) return output(me, true);
+
+  const budget = await getBudget(me.keyId);
+  console.log();
+  console.log(`  Name:    ${orange.bold(me.name || "unnamed")}`);
+  console.log(`  Email:   ${me.email || "-"}`);
+  console.log(`  Phone:   ${me.phone || "-"}`);
+  console.log(`  Key ID:  ${chalk.dim(me.keyId)}`);
+  console.log(`  Budget:  ${chalk.green("$" + ((budget.budgetCents || 0) / 100).toFixed(2))}`);
+  console.log();
+}
+
+// ── Emails ──
+export async function agentEmailsCmd(options) {
+  const agentId = await getAgentId();
+  const result = await listEmails(agentId, {
+    limit: options.limit,
+    unread: options.unread,
+  });
+  if (options.json) return output(result, true);
+
+  const emails = result.emails || result;
+  if (!emails.length) {
+    console.log("  No emails");
+    return;
+  }
+  console.log();
+  for (const e of emails) {
+    const read = e.isRead ? chalk.dim("read") : orange("NEW");
+    console.log(`  ${read}  ${chalk.dim(e.sender)}  ${e.subject}`);
+  }
+  console.log();
+}
+
+export async function agentEmailsSendCmd(options) {
+  const agentId = await getAgentId();
+  const result = await sendEmail(agentId, {
+    to: options.to,
+    subject: options.subject,
+    body: options.body,
+  });
+  if (options.json) return output(result, true);
+  console.log(`  Email sent to ${options.to}`);
+}
+
+export async function agentEmailsReadCmd(emailId, options) {
+  const agentId = await getAgentId();
+  const result = await markEmailRead(agentId, emailId);
+  if (options.json) return output(result, true);
+  console.log(`  Marked as read`);
+}
+
+// ── SMS ──
+export async function agentSmsCmd(options) {
+  const agentId = await getAgentId();
+  const result = await listSms(agentId, { limit: options.limit });
+  if (options.json) return output(result, true);
+
+  const messages = result.messages || result;
+  if (!messages.length) {
+    console.log("  No messages");
+    return;
+  }
+  console.log();
+  for (const m of messages) {
+    const dir = m.direction === "inbound" ? chalk.green("←") : chalk.blue("→");
+    console.log(`  ${dir}  ${chalk.dim(m.direction === "inbound" ? m.fromNumber : m.toNumber)}  ${m.body}`);
+  }
+  console.log();
+}
+
+export async function agentSmsSendCmd(options) {
+  const agentId = await getAgentId();
+  const result = await sendSms(agentId, {
+    to: options.to,
+    body: options.body,
+  });
+  if (options.json) return output(result, true);
+  console.log(`  SMS sent to ${options.to}`);
+}
+
+// ── Cards ──
+export async function agentCardsCmd(options) {
+  const agentId = await getAgentId();
+  const result = await listCards(agentId);
+  if (options.json) return output(result, true);
+
+  const cards = result.cards || result;
+  if (!cards.length) {
+    console.log("  No cards");
+    return;
+  }
+  console.log();
+  for (const c of cards) {
+    const status = c.status === "open" ? chalk.green(c.status) : chalk.red(c.status);
+    console.log(`  ${c.id}  ****${c.lastFour}  ${c.type}  $${(c.spendLimitCents / 100).toFixed(2)}  ${status}  ${chalk.dim(c.memo)}`);
+  }
+  console.log();
+}
+
+export async function agentCardsCreateCmd(options) {
+  const agentId = await getAgentId();
+  const result = await createCard(agentId, {
+    amountCents: parseInt(options.amount),
+    type: options.type,
+    memo: options.memo || "Agent card",
+  });
+  if (options.json) return output(result, true);
+
+  console.log();
+  console.log(`  Card created: ${result.id}`);
+  console.log(`  PAN:    ${orange(result.pan)}`);
+  console.log(`  CVV:    ${result.cvv}`);
+  console.log(`  Expiry: ${result.exp_month}/${result.exp_year}`);
+  console.log(`  Limit:  $${(result.spendLimitCents / 100).toFixed(2)}`);
+  console.log();
+}
+
+export async function agentCardsDetailsCmd(cardId, options) {
+  const agentId = await getAgentId();
+  const result = await getCardDetails(agentId, cardId);
+  if (options.json) return output(result, true);
+
+  console.log();
+  console.log(`  PAN:    ${orange(result.pan)}`);
+  console.log(`  CVV:    ${result.cvv}`);
+  console.log(`  Expiry: ${result.exp_month}/${result.exp_year}`);
+  console.log(`  Status: ${result.status}`);
+  console.log(`  Limit:  $${(result.spendLimitCents / 100).toFixed(2)}`);
+  console.log();
+}
+
+export async function agentCardsActionCmd(cardId, action, options) {
+  const agentId = await getAgentId();
+  const result = await updateCard(agentId, cardId, action);
+  if (options.json) return output(result, true);
+  console.log(`  Card ${cardId}: ${action}`);
+}
+
+// ── Credentials ──
+export async function agentCredsCmd(options) {
+  const agentId = await getAgentId();
+  const result = await listCredentials(agentId);
+  if (options.json) return output(result, true);
+
+  const creds = Array.isArray(result) ? result : result.credentials || [];
+  if (!creds.length) {
+    console.log("  No stored credentials");
+    return;
+  }
+  console.log();
+  for (const c of creds) {
+    console.log(`  ${orange(c.service)} / ${c.key}`);
+  }
+  console.log();
+}
+
+export async function agentCredsSetCmd(options) {
+  const agentId = await getAgentId();
+  const result = await setCredential(agentId, {
+    service: options.service,
+    key: options.key,
+    value: options.value,
+  });
+  if (options.json) return output(result, true);
+  console.log(`  Stored: ${options.service}/${options.key}`);
+}
+
+export async function agentCredsGetCmd(options) {
+  const agentId = await getAgentId();
+  const result = await getCredential(agentId, options.service, options.key);
+  if (options.json) return output(result, true);
+  console.log(`  ${options.service}/${options.key}: ${result.value}`);
+}
+
+// ── Budget ──
+export async function agentBudgetCmd(options) {
+  const agentId = await getAgentId();
+  const result = await getBudget(agentId);
+  if (options.json) return output(result, true);
+  console.log(`  Budget: ${chalk.green("$" + ((result.budgetCents || 0) / 100).toFixed(2))}`);
+}
+
+// ── Activity ──
+export async function agentActivityCmd(options) {
+  const agentId = await getAgentId();
+  const result = await listActivity(agentId, { limit: options.limit });
+  if (options.json) return output(result, true);
+
+  const activity = result.activity || result;
+  if (!activity.length) {
+    console.log("  No activity");
+    return;
+  }
+  console.log();
+  for (const a of activity) {
+    const date = new Date(a.createdAt).toLocaleString();
+    console.log(`  ${chalk.dim(date)}  ${orange(a.action)}  ${chalk.dim(a.details)}`);
+  }
+  console.log();
+}

package/src/commands/help.js

@@ -11,15 +11,32 @@ const COMMANDS = [
   ["  logout", "Clear session"],
   ["  whoami", "Show current account"],
   ["", ""],
-  [orange.bold("Agent"), ""],
+  [orange.bold("Agent (user)"), ""],
   ["  agent", "Show your agent's identity"],
+  ["  agent fund", "Add budget to your agent"],
+  ["", ""],
+  [orange.bold("Agent (machine — pass --json)"), ""],
+  ["  agent info", "Agent identity"],
+  ["  agent emails", "List inbox"],
+  ["  agent emails send", "Send email"],
+  ["  agent emails read", "Mark email as read"],
+  ["  agent sms", "List SMS messages"],
+  ["  agent sms send", "Send SMS"],
+  ["  agent cards", "List cards"],
+  ["  agent cards create", "Create card"],
+  ["  agent cards details", "Card PAN/CVV/expiry"],
+  ["  agent cards close", "Close card"],
+  ["  agent cards pause", "Pause card"],
+  ["  agent cards resume", "Resume card"],
+  ["  agent creds", "List credentials"],
+  ["  agent creds set", "Store credential"],
+  ["  agent creds get", "Retrieve credential"],
+  ["  agent budget", "Check budget"],
+  ["  agent activity", "Activity log"],
   ["", ""],
   [orange.bold("Keys"), ""],
-  ["  keys", "Interactive key management"],
-  ["  keys create", "Create a new API key"],
-  ["  keys list", "List all keys"],
-  ["  keys info", "Show key details"],
-  ["  keys revoke", "Revoke a key"],
+  ["  keys create", "Create a new agent key"],
+  ["  keys revoke", "Revoke agent key"],
   ["", ""],
   [orange.bold("Setup"), ""],
   ["  setup", "Install ClawCard skill for your agent"],
@@ -45,7 +62,7 @@ export function helpCommand() {
     } else if (!desc) {
       console.log(`  ${cmd}`);
     } else {
-      console.log(`  ${cmd.padEnd(24)}${dim(desc)}`);
+      console.log(`  ${cmd.padEnd(26)}${dim(desc)}`);
     }
   }
   console.log();

package/src/commands/keys.js

@@ -1,7 +1,7 @@
 import * as p from "@clack/prompts";
 import chalk from "chalk";
 import { requireAuth } from "../auth-guard.js";
-import { listAgents, createAgent, getAgent, deleteAgent } from "../api.js";
+import { listAgents, createAgent, getAgent, deleteAgent, getBalance, getAgentBudget, allocateBudget, listAgentCredentials, getAgentCredential } from "../api.js";
 import { saveKey } from "../config.js";
 
 const orange = chalk.hex("#FF6B35");
@@ -63,26 +63,43 @@ export async function keysCreateCommand() {
   });
   if (p.isCancel(name)) return;
 
-  const spendLimit = await p.text({
-    message: "Spend limit (dollars)",
-    placeholder: "50",
+  // Check account balance to show how much they can allocate
+  let accountBalance = 0;
+  try {
+    const bal = await getBalance();
+    accountBalance = bal.amountCents || 0;
+  } catch {}
+
+  const budget = await p.text({
+    message: `How much budget for this agent? (account balance: $${(accountBalance / 100).toFixed(2)})`,
+    placeholder: String(Math.min(accountBalance / 100, 20)),
     validate: (v) => {
       const n = parseFloat(v);
       if (isNaN(n) || n <= 0) return "Enter a valid dollar amount";
+      if (Math.round(n * 100) > accountBalance) return `Exceeds your account balance of $${(accountBalance / 100).toFixed(2)}`;
     },
   });
-  if (p.isCancel(spendLimit)) return;
+  if (p.isCancel(budget)) return;
+
+  const budgetCents = Math.round(parseFloat(budget) * 100);
 
   const s = p.spinner();
-  s.start("Creating key...");
+  s.start("Creating agent...");
 
   try {
     const result = await createAgent({
       name,
-      spendLimitCents: Math.round(parseFloat(spendLimit) * 100),
+      spendLimitCents: budgetCents,
     });
 
-    s.stop("Key created!");
+    // Allocate budget from account balance to agent
+    try {
+      await allocateBudget(result.id, budgetCents);
+    } catch {
+      // non-critical — agent created but budget not allocated
+    }
+
+    s.stop("Agent created!");
 
     // Save raw key locally so `clawcard setup` can use it later
     saveKey(result.id, result.apiKey, {
@@ -90,27 +107,32 @@ export async function keysCreateCommand() {
       keyPrefix: result.keyPrefix,
     });
 
-    p.note(
-      `${orange.bold(result.apiKey)}\n\n${chalk.dim("This key will only be shown once. Copy it now.")}`,
-      "Your API Key"
-    );
-
-    const copy = await p.confirm({ message: "Copy to clipboard?" });
-    if (copy && !p.isCancel(copy)) {
-      const { default: clipboardy } = await import("clipboardy");
-      await clipboardy.write(result.apiKey);
-      p.log.success("Copied to clipboard");
-    }
-
     // Show provisioned resources
     const details = [
-      `Name:   ${orange.bold(result.name || "unnamed")}`,
-      result.email && `Email:  ${result.email}`,
-      result.phone && `Phone:  ${result.phone}`,
-      `Limit:  $${(result.spendLimitCents / 100).toFixed(2)}`,
+      `Name:    ${orange.bold(result.name || "unnamed")}`,
+      result.email && `Email:   ${result.email}`,
+      result.phone && `Phone:   ${result.phone}`,
+      `Budget:  ${chalk.green("$" + (budgetCents / 100).toFixed(2))}`,
     ].filter(Boolean).join("\n");
 
     p.note(details, "Your Agent");
+
+    p.log.info(
+      chalk.dim("Next step: install the ClawCard skill so your agent knows how to use its email, phone, and cards.")
+    );
+
+    const runSetup = await p.select({
+      message: "Set up your agent now?",
+      options: [
+        { value: "yes", label: "Yes, set up now" },
+        { value: "skip", label: "Skip for now", hint: "run clawcard setup later" },
+      ],
+    });
+
+    if (!p.isCancel(runSetup) && runSetup === "yes") {
+      const { setupCommand } = await import("./setup.js");
+      await setupCommand();
+    }
   } catch (err) {
     s.stop("Failed to create key");
     p.log.error(err.message);
@@ -208,6 +230,60 @@ export async function keysInfoCommand(keyIdOrPrefix) {
   }
 }
 
+export async function agentFundCommand() {
+  requireAuth();
+
+  const s = p.spinner();
+  s.start("Fetching agent...");
+
+  try {
+    const [agents, balance] = await Promise.all([
+      listAgents(),
+      getBalance(),
+    ]);
+    const active = agents.filter((a) => a.status === "active");
+
+    if (!active.length) {
+      s.stop("");
+      p.log.info("No active agent. Create one with: clawcard keys create");
+      return;
+    }
+
+    const agent = active[0];
+    const currentBudget = await getAgentBudget(agent.id);
+    s.stop("");
+
+    p.log.info(
+      `Account balance: ${chalk.green("$" + (balance.amountCents / 100).toFixed(2))}  |  Agent budget: ${chalk.green("$" + ((currentBudget.budgetCents || 0) / 100).toFixed(2))}`
+    );
+
+    const amount = await p.text({
+      message: "How much to add to agent budget?",
+      placeholder: "10",
+      validate: (v) => {
+        const n = parseFloat(v);
+        if (isNaN(n) || n <= 0) return "Enter a valid dollar amount";
+        if (Math.round(n * 100) > balance.amountCents)
+          return `Exceeds account balance of $${(balance.amountCents / 100).toFixed(2)}`;
+      },
+    });
+    if (p.isCancel(amount)) return;
+
+    const s2 = p.spinner();
+    s2.start("Allocating budget...");
+
+    const result = await allocateBudget(agent.id, Math.round(parseFloat(amount) * 100));
+    s2.stop("Budget allocated!");
+
+    p.log.success(
+      `Agent budget: ${chalk.green("$" + ((result.agentBudgetCents || 0) / 100).toFixed(2))}  |  Account remaining: ${chalk.green("$" + ((result.balanceRemainingCents || 0) / 100).toFixed(2))}`
+    );
+  } catch (err) {
+    s.stop("Failed");
+    p.log.error(err.message);
+  }
+}
+
 export async function agentStatusCommand() {
   requireAuth();
 
@@ -267,6 +343,39 @@ export async function keysRevokeCommand() {
     });
     if (p.isCancel(selected)) return;
 
+    // Check for stored credentials and offer export
+    try {
+      const creds = await listAgentCredentials(selected);
+      const credList = Array.isArray(creds) ? creds : creds.credentials || [];
+      if (credList.length > 0) {
+        p.log.warn(`This agent has ${credList.length} stored credential(s):`);
+        for (const c of credList) {
+          p.log.info(`  ${orange(c.service)} / ${c.key}`);
+        }
+
+        const exportCreds = await p.confirm({
+          message: "Export credentials before revoking?",
+        });
+
+        if (!p.isCancel(exportCreds) && exportCreds) {
+          console.log();
+          for (const c of credList) {
+            try {
+              const full = await getAgentCredential(selected, c.service, c.key);
+              console.log(`  ${orange(c.service)}/${c.key}: ${full.value}`);
+            } catch {
+              console.log(`  ${orange(c.service)}/${c.key}: ${chalk.red("(could not retrieve)")}`);
+            }
+          }
+          console.log();
+        }
+      }
+    } catch {
+      // couldn't fetch creds — continue
+    }
+
+    p.log.warn("This will close all cards, delete credentials, and return allocated budget to your account balance.");
+
     const confirm = await p.confirm({
       message: "Are you sure? This cannot be undone.",
     });

package/src/index.js

@@ -1,16 +1,17 @@
 import { Command } from "commander";
 import * as p from "@clack/prompts";
 import chalk from "chalk";
-import { showSplash, checkForUpdate, VERSION } from "./splash.js";
+import { showSplash, performAutoUpdate, VERSION } from "./splash.js";
 import { isLoggedIn } from "./config.js";
 
 const orange = chalk.hex("#FF6B35");
+const isJsonMode = process.argv.includes("--json");
 
-// Show splash on every invocation
-showSplash();
-
-// Check for updates in background (non-blocking)
-const updatePromise = checkForUpdate();
+// Suppress splash and auto-update for --json (agent) mode
+if (!isJsonMode) {
+  showSplash();
+  await performAutoUpdate();
+}
 
 const program = new Command();
 program.name("clawcard").description("The ClawCard CLI").version(VERSION);
@@ -88,13 +89,172 @@ keys
     await keysRevokeCommand();
   });
 
-// Agent status
-program
-  .command("agent")
-  .description("Show your agent's identity (email, phone, key)")
+// Agent
+const agent = program.command("agent").description("Agent commands");
+
+agent.action(async () => {
+  const { agentStatusCommand } = await import("./commands/keys.js");
+  await agentStatusCommand();
+});
+
+agent
+  .command("fund")
+  .description("Add budget to your agent")
   .action(async () => {
-    const { agentStatusCommand } = await import("./commands/keys.js");
-    await agentStatusCommand();
+    const { agentFundCommand } = await import("./commands/keys.js");
+    await agentFundCommand();
+  });
+
+agent
+  .command("info")
+  .description("Show agent identity")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentInfoCmd } = await import("./commands/agent.js");
+    await agentInfoCmd(options);
+  });
+
+// Agent emails
+const agentEmails = agent.command("emails").description("Agent email inbox");
+agentEmails
+  .option("--limit <n>", "Max results", "20")
+  .option("--unread", "Unread only")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentEmailsCmd } = await import("./commands/agent.js");
+    await agentEmailsCmd(options);
+  });
+agentEmails
+  .command("send")
+  .requiredOption("--to <email>", "Recipient")
+  .requiredOption("--subject <subject>", "Subject line")
+  .requiredOption("--body <body>", "Email body")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentEmailsSendCmd } = await import("./commands/agent.js");
+    await agentEmailsSendCmd(options);
+  });
+agentEmails
+  .command("read <emailId>")
+  .option("--json", "Output as JSON")
+  .action(async (emailId, options) => {
+    const { agentEmailsReadCmd } = await import("./commands/agent.js");
+    await agentEmailsReadCmd(emailId, options);
+  });
+
+// Agent SMS
+const agentSms = agent.command("sms").description("Agent SMS messages");
+agentSms
+  .option("--limit <n>", "Max results", "50")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentSmsCmd } = await import("./commands/agent.js");
+    await agentSmsCmd(options);
+  });
+agentSms
+  .command("send")
+  .requiredOption("--to <phone>", "Recipient phone (E.164)")
+  .requiredOption("--body <body>", "Message text")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentSmsSendCmd } = await import("./commands/agent.js");
+    await agentSmsSendCmd(options);
+  });
+
+// Agent cards
+const agentCards = agent.command("cards").description("Virtual cards");
+agentCards
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentCardsCmd } = await import("./commands/agent.js");
+    await agentCardsCmd(options);
+  });
+agentCards
+  .command("create")
+  .requiredOption("--amount <cents>", "Spend limit in cents")
+  .requiredOption("--type <type>", "single_use or merchant_locked")
+  .option("--memo <memo>", "Card description", "Agent card")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentCardsCreateCmd } = await import("./commands/agent.js");
+    await agentCardsCreateCmd(options);
+  });
+agentCards
+  .command("details <cardId>")
+  .option("--json", "Output as JSON")
+  .action(async (cardId, options) => {
+    const { agentCardsDetailsCmd } = await import("./commands/agent.js");
+    await agentCardsDetailsCmd(cardId, options);
+  });
+agentCards
+  .command("close <cardId>")
+  .option("--json", "Output as JSON")
+  .action(async (cardId, options) => {
+    const { agentCardsActionCmd } = await import("./commands/agent.js");
+    await agentCardsActionCmd(cardId, "close", options);
+  });
+agentCards
+  .command("pause <cardId>")
+  .option("--json", "Output as JSON")
+  .action(async (cardId, options) => {
+    const { agentCardsActionCmd } = await import("./commands/agent.js");
+    await agentCardsActionCmd(cardId, "pause", options);
+  });
+agentCards
+  .command("resume <cardId>")
+  .option("--json", "Output as JSON")
+  .action(async (cardId, options) => {
+    const { agentCardsActionCmd } = await import("./commands/agent.js");
+    await agentCardsActionCmd(cardId, "resume", options);
+  });
+
+// Agent credentials
+const agentCreds = agent.command("creds").description("Credential vault");
+agentCreds
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentCredsCmd } = await import("./commands/agent.js");
+    await agentCredsCmd(options);
+  });
+agentCreds
+  .command("set")
+  .requiredOption("--service <name>", "Service name")
+  .requiredOption("--key <key>", "Credential key")
+  .requiredOption("--value <value>", "Secret value")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentCredsSetCmd } = await import("./commands/agent.js");
+    await agentCredsSetCmd(options);
+  });
+agentCreds
+  .command("get")
+  .requiredOption("--service <name>", "Service name")
+  .requiredOption("--key <key>", "Credential key")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentCredsGetCmd } = await import("./commands/agent.js");
+    await agentCredsGetCmd(options);
+  });
+
+// Agent budget
+agent
+  .command("budget")
+  .description("Check agent budget")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentBudgetCmd } = await import("./commands/agent.js");
+    await agentBudgetCmd(options);
+  });
+
+// Agent activity
+agent
+  .command("activity")
+  .description("View activity log")
+  .option("--limit <n>", "Max results", "50")
+  .option("--json", "Output as JSON")
+  .action(async (options) => {
+    const { agentActivityCmd } = await import("./commands/agent.js");
+    await agentActivityCmd(options);
   });
 
 // Setup
@@ -178,14 +338,6 @@ program
 if (process.argv.length <= 2) {
   const loggedIn = isLoggedIn();
 
-  // Show update notice if available (non-blocking, already fetched)
-  const latest = await updatePromise;
-  if (latest) {
-    p.log.warn(
-      `Update available: ${chalk.dim(VERSION)} → ${orange.bold(latest)}  Run ${orange("npm i -g @clawcard/cli@latest")}`
-    );
-  }
-
   let options;
 
   if (!loggedIn) {
@@ -227,14 +379,17 @@ if (process.argv.length <= 2) {
 
     options = [
       ...(!hasBalance
-        ? [{ value: "topup", label: "Top up balance", hint: "required — minimum $5 to get started" }]
+        ? [{ value: "topup", label: "Top up my account", hint: "required — minimum $5 to get started" }]
         : !hasAgent
           ? [{ value: "keys-create", label: "Create agent", hint: "you have balance — create your agent now" }]
-          : [{ value: "agent", label: "My Agent", hint: "email, phone, key details" }]),
+          : [
+              { value: "agent", label: "View agent details", hint: "phone, email, budget" },
+              { value: "agent-fund", label: "Fund my agent", hint: "allocate budget from your balance" },
+            ]),
       ...(hasAgent
-        ? [{ value: "setup", label: "Setup", hint: "set up your agent" }]
+        ? [{ value: "setup", label: "Configure", hint: "install skill for your agent" }]
         : []),
-      { value: "billing", label: "Billing", hint: "check balance & top up" },
+      { value: "topup", label: "Top up my account", hint: "add balance (10% fee)" },
       { value: "referral", label: "Referral", hint: "share & earn $5" },
       { value: "whoami", label: "Who am I?", hint: "show current account" },
       { value: "logout", label: "Logout", hint: "clear session" },
@@ -258,6 +413,7 @@ if (process.argv.length <= 2) {
     logout: () => import("./commands/logout.js").then((m) => m.logoutCommand()),
     whoami: () => import("./commands/whoami.js").then((m) => m.whoamiCommand()),
     agent: () => import("./commands/keys.js").then((m) => m.agentStatusCommand()),
+    "agent-fund": () => import("./commands/keys.js").then((m) => m.agentFundCommand()),
     "keys-create": () => import("./commands/keys.js").then((m) => m.keysCreateCommand()),
     "topup": () => import("./commands/billing.js").then((m) => m.billingTopupCommand()),
     keys: () => import("./commands/keys.js").then((m) => m.keysCommand()),

package/src/splash.js

@@ -1,33 +1,87 @@
 import chalk from "chalk";
-import { readFileSync } from "fs";
+import { readFileSync, existsSync, copyFileSync } from "fs";
 import { join, dirname } from "path";
 import { fileURLToPath } from "url";
+import { execSync } from "child_process";
+import { homedir } from "os";
+import { getConfig, saveConfig } from "./config.js";
 
 const o = chalk.hex("#FF6B35");
 const d = chalk.dim;
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
-const pkg = JSON.parse(readFileSync(join(__dirname, "..", "package.json"), "utf-8"));
+const pkg = JSON.parse(
+  readFileSync(join(__dirname, "..", "package.json"), "utf-8")
+);
 export const VERSION = pkg.version;
 
+const SKILL_SOURCE = join(__dirname, "..", "skill", "SKILL.md");
+const home = homedir();
+
+const SKILL_TARGETS = [
+  join(home, ".claude", "skills", "clawcard", "SKILL.md"),
+  join(home, ".openclaw", "skills", "clawcard", "SKILL.md"),
+  join(home, ".cursor", "skills", "clawcard", "SKILL.md"),
+  join(home, ".agents", "skills", "clawcard", "SKILL.md"),
+];
+
 export async function checkForUpdate() {
   try {
-    const res = await fetch("https://registry.npmjs.org/@clawcard/cli/latest", {
-      signal: AbortSignal.timeout(3000),
-    });
+    const res = await fetch(
+      "https://registry.npmjs.org/@clawcard/cli/latest",
+      { signal: AbortSignal.timeout(3000) }
+    );
     const data = await res.json();
     if (data.version && data.version !== VERSION) {
       return data.version;
     }
   } catch {
-    // offline or timeout — skip silently
+    // offline or timeout
   }
   return null;
 }
 
+export async function performAutoUpdate() {
+  const config = getConfig() || {};
+  const lastCheck = config.lastUpdateCheck || 0;
+  const now = Date.now();
+
+  // Skip if checked within last hour
+  if (now - lastCheck < 3600000) return;
+
+  // Save check time
+  saveConfig({ ...config, lastUpdateCheck: now });
+
+  const latest = await checkForUpdate();
+  if (!latest) return;
+
+  console.log(`  Updating ClawCard CLI to v${latest}...`);
+
+  try {
+    execSync("npm i -g @clawcard/cli@latest", {
+      stdio: "pipe",
+      timeout: 60000,
+    });
+    console.log(`  Updated to v${latest}`);
+
+    // Refresh installed SKILL.md files
+    if (existsSync(SKILL_SOURCE)) {
+      for (const target of SKILL_TARGETS) {
+        if (existsSync(target)) {
+          copyFileSync(SKILL_SOURCE, target);
+        }
+      }
+    }
+  } catch {
+    // update failed — continue normally
+  }
+}
+
 export function showSplash() {
   console.log();
   console.log(`  🦞 ${o.bold("clawcard.sh")} ${d("v" + VERSION)}`);
-  console.log(`  ${o("on-demand credit cards, email and phone for your agents")}`);
+  console.log(
+    `  ${o("on-demand credit cards, email and phone for your agents")}`
+  );
   console.log();
 }