@clubnet/seedclub 0.2.17 → 0.2.19

package/README.md

@@ -1,19 +1,19 @@
 # seedclub
 
-The Human+ Venture Network — AI agent for deal sourcing, research, and signal tracking.
+Seed Club's pi-based agent for authenticated access to Seed Club programs, CRM, meetings, media, and headlines.
 
 Requirements: Node.js 22+
 
-## Source of truth
+## What it is
 
-This repo is the source of truth for the published Seed Club wrapper package:
+`seedclub` is the Seed Club distribution of pi. This repo provides the `seedclub` launcher, installs the Seed Club theme and extensions, and adds Seed Club-specific workflows for connecting your account, using CRM/meeting/media tools, retrieving transcripts, and working with Seed Club-backed app surfaces.
+
+This repo is the source of truth for the published package:
 
 - GitHub repo: `seedclub/seedclub-agent`
 - npm package: `@clubnet/seedclub`
 - user-facing command: `seedclub`
 
-This is the Pi wrapper repo, not the older extracted full-agent monorepo.
-
 ## Install
 
 ```bash
@@ -26,7 +26,15 @@ Then:
 seedclub
 ```
 
-Use `/login` to set up your API keys.
+### First run
+
+On a fresh install, the normal setup flow is:
+
+1. `/login` to sign in to a model provider such as Anthropic, OpenAI, or Gemini
+2. `/model` to choose the model you want to use
+3. `/connect` to connect your Seed Club account
+
+After that, run `/seedclub` to open the main Seed Club menu.
 
 ### Alternative: curl | bash
 
@@ -34,9 +42,9 @@ Use `/login` to set up your API keys.
 curl -fsSL https://raw.githubusercontent.com/seedclub/seedclub-agent/main/install.sh | bash
 ```
 
-### Team onboarding (private package)
+### Internal install auth
 
-seedclub is published to npmjs as a private package in the `@clubnet` org.
+`@clubnet/seedclub` is currently a private npm package. This auth is only for installing or updating the package from npm. It is separate from `/login` and `/connect` inside the app.
 
 Fast path:
 
@@ -54,15 +62,56 @@ echo "//registry.npmjs.org/:_authToken=YOUR_NPM_TOKEN" >> ~/.npmrc
 
 Then `npm install -g @clubnet/seedclub` works.
 
+## Core workflow
+
+The normal interactive flow is:
+
+1. Start the app with `seedclub`
+2. Complete `/login`, `/model`, and `/connect` if this is your first run
+3. Open `/seedclub`
+4. Choose the CRM, meetings, media, recordings, or transcript workflow you need
+
 ## Commands
 
 | Command | What it does |
 |---|---|
-| `/seedclub` | Main menu — connect, add signals, sort signals |
-| `/add <url>` | Add a signal (any URL) |
-| `/sort` | Sort signals into angel.md values |
+| `/login` | Sign in to a model provider for the underlying agent |
+| `/model` | Choose which model to use |
+| `/connect` | Connect your Seed Club account |
+| `/seedclub` | Main menu — connect, inspect access, and jump into CRM/meetings/media/headlines workflows |
+| `/transcripts` | Export transcript VTT files with filters (date, person, time, output dir) |
 | `seedclub setup-auth` | Configure npm auth for npmjs private package access in `~/.npmrc` |
 
+Natural-language transcript retrieval is also supported (no slash command required). Examples: `download vibhu transcripts from 11am`, `i need transcripts for all guests on 11am last week`. Seed Club will run metadata-first export confirmation and then write VTT files.
+
+## Auth
+
+There are two separate auth layers in the product:
+
+1. Model auth: `/login`
+   This signs you into the LLM provider you want the agent to use.
+2. Seed Club auth: `/connect`
+   This connects the CLI to your Seed Club account so Seed Club tools and commands can read and write account data.
+
+`/seedclub` is the main entry point for Seed Club actions. If you are not connected yet, it will start the Seed Club connect flow automatically.
+
+Power-user env overrides:
+
+```bash
+export SEEDCLUB_API_URL=http://localhost:3001
+export SEEDCLUB_AUTH_URL=http://localhost:3000
+export SEEDCLUB_ACCESS_TOKEN=<bearer-token>
+```
+
+Production defaults are already built into the auth extension:
+
+```bash
+SEEDCLUB_API_URL=https://api.seedclub.com
+SEEDCLUB_AUTH_URL=https://auth.seedclub.com
+```
+
+You do not need to export those for normal use. Only set env vars when you want to override them for local/dev.
+
 ## How it works
 
 seedclub is an npm package (`@clubnet/seedclub`) that wraps [pi](https://github.com/badlogic/pi-mono) as a dependency. Installing the package globally gives you the `seedclub` command.
@@ -98,9 +147,9 @@ seedclub pins versions in `package.json`:
 
 ```json
 {
-  "version": "0.2.0",
+  "version": "0.2.18",
   "dependencies": {
-    "@mariozechner/pi-coding-agent": "0.52.12"
+    "@mariozechner/pi-coding-agent": "0.65.2"
   }
 }
 ```
@@ -124,6 +173,8 @@ It's a standard pi theme with 51 color tokens. Edit it to change any visual aspe
 
 The `vars` block at the top defines reusable colors (e.g. `brand: "#00C853"`) that are referenced throughout `colors`. To change the brand color, just update `vars.brand`.
 
+Seed Club keeps product-level names in `vars` (`editorBg`, `messageBg`, `successBg`, `errorBg`) and maps pi's required tokens to those names (`selectedBg`, `userMessageBg`, `toolPendingBg`, etc.). The CLI probes the terminal background with OSC 11 and sets `COLORFGBG` before pi starts when no explicit theme is configured, so light/dark defaults track the actual terminal window instead of pi's fallback.
+
 **Hot reload:** Edit the theme file while seedclub is running and it reloads instantly.
 
 Colors can be hex (`"#00C853"`), 256-color palette index (`242`), a reference to a `vars` entry (`"brand"`), or empty string (`""`) for the terminal default.
@@ -165,36 +216,46 @@ The `assets/` directory contains the canonical source for extensions and themes.
 
 ### Updating pi
 
-When a new pi version comes out:
+When a new pi version comes out, upgrading it for Seed Club users means shipping a new `@clubnet/seedclub` package that depends on the newer pi release.
 
-1. **Test it locally:**
+Recommended flow:
+
+1. **Update and test locally:**
    ```bash
-   # Update the dependency
    npm install @mariozechner/pi-coding-agent@NEW_VERSION
    npm install -g ./
-   seedclub  # test everything works
+   seedclub version
+   seedclub
    ```
 
-2. **Bump versions:**
-   Update the `package.json` dependency and package version:
+   Verify the wrapper still launches, the Seed Club UI loads, and the core flows you care about still work.
+
+2. **Commit the dependency change and bump the package version:**
+   The pi version is carried by this package, so users only receive it once the Seed Club package version is bumped and released.
    ```json
    {
      "version": "0.3.0",
      "dependencies": {
-       "@mariozechner/pi-coding-agent": "0.52.12"
+       "@mariozechner/pi-coding-agent": "NEW_VERSION"
      }
    }
    ```
 
-3. **Publish:**
+3. **Push the release:**
    ```bash
    git add -A
-   git commit -m "bump pi to 0.52.12"
-   git push
-   npm publish
+   git commit -m "bump pi to NEW_VERSION"
+   npm version patch|minor|major
+   git push --follow-tags
+   ```
+
+4. **Users pull the update:**
+   Users get the newer pi runtime when they run:
+   ```bash
+   seedclub update
    ```
 
-Users get the update when they run `seedclub update`.
+   A fresh `npm install -g @clubnet/seedclub` also installs the new packaged pi version.
 
 ### Updating extensions
 
@@ -208,8 +269,8 @@ seedclub  # test
 # When ready, bump package version and publish
 git add -A
 git commit -m "update extensions"
-git push
-npm publish
+npm version patch|minor|major
+git push --follow-tags
 ```
 
 For reproducible extension dependency installs, commit `assets/extensions/seedclub/package-lock.json` and keep it in sync when changing extension deps.

package/assets/extensions/seedclub/api-client.ts

@@ -52,12 +52,26 @@ interface RequestOptions {
 	params?: Record<string, string | number | undefined>;
 }
 
+async function shouldClearCredentialsAfterUnauthorized(apiBase: string, token: string): Promise<boolean> {
+	try {
+		const url = new URL("/session/context", apiBase.endsWith("/") ? apiBase : `${apiBase}/`);
+		const response = await fetch(url.toString(), {
+			method: "GET",
+			headers: { Authorization: `Bearer ${token}` },
+		});
+		return response.status === 401;
+	} catch {
+		return false;
+	}
+}
+
 async function apiRequest<T>(endpoint: string, options: RequestOptions = {}): Promise<T> {
 	const { method = "GET", body, params } = options;
 	const token = await getAuthToken();
 	const apiBase = cachedApiBase || getApiBase();
 
-	const url = new URL(`/api/mcp${endpoint}`, apiBase);
+	const path = endpoint.startsWith("/") ? endpoint : `/${endpoint}`;
+	const url = new URL(path, apiBase.endsWith("/") ? apiBase : `${apiBase}/`);
 	if (params) {
 		for (const [key, value] of Object.entries(params)) {
 			if (value !== undefined) url.searchParams.set(key, String(value));
@@ -70,11 +84,6 @@ async function apiRequest<T>(endpoint: string, options: RequestOptions = {}): Pr
 		body: body ? JSON.stringify(body) : undefined,
 	});
 
-	if (response.status === 401) {
-		await clearCredentials();
-		throw new ApiError(401, "Token expired or revoked. Run /seedclub to reconnect.");
-	}
-
 	const text = await response.text();
 	let data: any;
 	try {
@@ -86,6 +95,15 @@ async function apiRequest<T>(endpoint: string, options: RequestOptions = {}): Pr
 		throw new ApiError(response.status, `Invalid JSON response from server: ${text.slice(0, 200)}`);
 	}
 
+	if (response.status === 401) {
+		const shouldClear = await shouldClearCredentialsAfterUnauthorized(apiBase, token);
+		if (shouldClear) {
+			await clearCredentials();
+			throw new ApiError(401, "Token expired or revoked. Run /seedclub to reconnect.");
+		}
+		throw new ApiError(401, data?.error || "Request failed (401)", data?.details);
+	}
+
 	if (!response.ok) {
 		throw new ApiError(response.status, data.error || `Request failed (${response.status})`, data.details);
 	}

package/assets/extensions/seedclub/auth.ts

@@ -1,19 +1,26 @@
 /**
  * Token storage for Seed Club.
  *
- * Priority: SEEDCLUB_TOKEN env var > stored token file.
+ * Priority: SEEDCLUB_ACCESS_TOKEN / SEEDCLUB_TOKEN env var > stored token file.
  * Use /seedclub to connect.
  */
 
 import { chmod, mkdir, readFile, unlink, writeFile } from "node:fs/promises";
+import { readFileSync } from "node:fs";
 import { homedir } from "node:os";
 import { join } from "node:path";
 
 const CONFIG_DIR = join(homedir(), ".config", "seedclub");
 const TOKEN_FILE = join(CONFIG_DIR, "token");
+const BASES_FILE = join(CONFIG_DIR, "bases.json");
 const LEGACY_CONFIG_DIR = join(homedir(), ".config", "looseleaf");
 const LEGACY_TOKEN_FILE = join(LEGACY_CONFIG_DIR, "token");
-const DEFAULT_API_BASE = "https://looseleaf-rouge.vercel.app";
+const DEFAULT_API_BASE = "https://api.seedclub.com";
+const DEFAULT_AUTH_BASE = "https://auth.seedclub.com";
+const LOCAL_API_BASE = "http://localhost:3001";
+const LOCAL_AUTH_BASE = "http://localhost:3000";
+
+export type SeedclubEnvironmentMode = "local" | "prod" | "custom";
 
 export interface StoredToken {
 	token: string;
@@ -21,33 +28,134 @@ export interface StoredToken {
 	name?: string;
 	createdAt: string;
 	apiBase: string;
+	authBase?: string;
+}
+
+export interface StoredBases {
+	apiBase: string;
+	authBase: string;
+	mode: SeedclubEnvironmentMode;
+	updatedAt: string;
 }
 
 let _cachedApiBase: string | null = null;
+let _cachedAuthBase: string | null = null;
+let _cachedBases: StoredBases | null | undefined = undefined;
+
+function shouldPreferLocalBases(): boolean {
+	return (
+		process.env.SEEDCLUB_LOCAL === "1" ||
+		process.env.SEEDCLUB_LOCAL === "true" ||
+		process.env.SEEDCLUB_ENV === "local"
+	);
+}
+
+function tryReadStoredBasesSync(): StoredBases | null {
+	if (_cachedBases !== undefined) {
+		return _cachedBases;
+	}
+
+	try {
+		const content = readFileSync(BASES_FILE, "utf-8");
+		const stored = JSON.parse(content) as StoredBases;
+		if (
+			!stored ||
+			typeof stored.apiBase !== "string" ||
+			typeof stored.authBase !== "string" ||
+			typeof stored.mode !== "string"
+		) {
+			_cachedBases = null;
+			return null;
+		}
+		_cachedBases = stored;
+		return stored;
+	} catch {
+		_cachedBases = null;
+		return null;
+	}
+}
 
 export function getApiBase(): string {
-	if (process.env.SEEDCLUB_API || process.env.SEED_NETWORK_API)
-		return process.env.SEEDCLUB_API || process.env.SEED_NETWORK_API!;
+	if (
+		process.env.SEEDCLUB_API_URL ||
+		process.env.SEEDCLUB_API ||
+		process.env.SEED_NETWORK_API
+	)
+		return process.env.SEEDCLUB_API_URL || process.env.SEEDCLUB_API || process.env.SEED_NETWORK_API!;
+	if (shouldPreferLocalBases()) return LOCAL_API_BASE;
+	const storedBases = tryReadStoredBasesSync();
+	if (storedBases?.apiBase) return storedBases.apiBase;
 	if (_cachedApiBase) return _cachedApiBase;
 	return DEFAULT_API_BASE;
 }
 
+export function getAuthBase(): string {
+	if (
+		process.env.SEEDCLUB_AUTH_URL ||
+		process.env.SEEDCLUB_AUTH ||
+		process.env.SEED_NETWORK_AUTH
+	)
+		return process.env.SEEDCLUB_AUTH_URL || process.env.SEEDCLUB_AUTH || process.env.SEED_NETWORK_AUTH!;
+	if (shouldPreferLocalBases()) return LOCAL_AUTH_BASE;
+	const storedBases = tryReadStoredBasesSync();
+	if (storedBases?.authBase) return storedBases.authBase;
+	if (_cachedAuthBase) return _cachedAuthBase;
+	return DEFAULT_AUTH_BASE;
+}
+
 export function setCachedApiBase(apiBase: string): void {
 	_cachedApiBase = apiBase;
 }
 
+export function setCachedAuthBase(authBase: string): void {
+	_cachedAuthBase = authBase;
+}
+
 export function clearCachedApiBase(): void {
 	_cachedApiBase = null;
 }
 
+export function clearCachedAuthBase(): void {
+	_cachedAuthBase = null;
+}
+
+export function getDefaultBases(mode: "local" | "prod"): { apiBase: string; authBase: string } {
+	if (mode === "local") {
+		return {
+			apiBase: LOCAL_API_BASE,
+			authBase: LOCAL_AUTH_BASE,
+		};
+	}
+
+	return {
+		apiBase: DEFAULT_API_BASE,
+		authBase: DEFAULT_AUTH_BASE,
+	};
+}
+
 async function tryReadTokenFile(path: string): Promise<StoredToken | null> {
 	try {
 		const content = await readFile(path, "utf-8");
 		const stored = JSON.parse(content) as StoredToken;
-		if (!stored.token || !stored.token.startsWith("sn_")) return null;
-		if (stored.apiBase && !process.env.SEEDCLUB_API) {
+		if (!stored.token || typeof stored.token !== "string" || !stored.token.trim()) return null;
+		if (
+			stored.apiBase &&
+			!shouldPreferLocalBases() &&
+			!process.env.SEEDCLUB_API_URL &&
+			!process.env.SEEDCLUB_API &&
+			!process.env.SEED_NETWORK_API
+		) {
 			_cachedApiBase = stored.apiBase;
 		}
+		if (
+			stored.authBase &&
+			!shouldPreferLocalBases() &&
+			!process.env.SEEDCLUB_AUTH_URL &&
+			!process.env.SEEDCLUB_AUTH &&
+			!process.env.SEED_NETWORK_AUTH
+		) {
+			_cachedAuthBase = stored.authBase;
+		}
 		return stored;
 	} catch {
 		return null;
@@ -61,24 +169,85 @@ export async function getStoredToken(): Promise<StoredToken | null> {
 	return await tryReadTokenFile(LEGACY_TOKEN_FILE);
 }
 
+export async function getStoredBases(): Promise<StoredBases | null> {
+	try {
+		const content = await readFile(BASES_FILE, "utf-8");
+		const stored = JSON.parse(content) as StoredBases;
+		if (
+			!stored ||
+			typeof stored.apiBase !== "string" ||
+			typeof stored.authBase !== "string" ||
+			typeof stored.mode !== "string"
+		) {
+			return null;
+		}
+		_cachedBases = stored;
+		return stored;
+	} catch {
+		return null;
+	}
+}
+
 export async function getToken(): Promise<string | null> {
-	if (process.env.SEEDCLUB_TOKEN || process.env.SEED_NETWORK_TOKEN)
-		return (process.env.SEEDCLUB_TOKEN || process.env.SEED_NETWORK_TOKEN)!;
+	if (process.env.SEEDCLUB_ACCESS_TOKEN || process.env.SEEDCLUB_TOKEN || process.env.SEED_NETWORK_TOKEN)
+		return (process.env.SEEDCLUB_ACCESS_TOKEN || process.env.SEEDCLUB_TOKEN || process.env.SEED_NETWORK_TOKEN)!;
 	const stored = await getStoredToken();
 	return stored?.token ?? null;
 }
 
+export async function storeBases(
+	apiBase: string,
+	authBase: string,
+	mode: SeedclubEnvironmentMode = "custom",
+): Promise<void> {
+	const stored: StoredBases = {
+		apiBase,
+		authBase,
+		mode,
+		updatedAt: new Date().toISOString(),
+	};
+	_cachedApiBase = apiBase;
+	_cachedAuthBase = authBase;
+	_cachedBases = stored;
+	await mkdir(CONFIG_DIR, { recursive: true, mode: 0o700 });
+	await writeFile(BASES_FILE, JSON.stringify(stored, null, 2), { mode: 0o600 });
+	try {
+		await chmod(BASES_FILE, 0o600);
+	} catch {}
+}
+
+export async function clearStoredBases(): Promise<boolean> {
+	_cachedBases = null;
+	try {
+		await unlink(BASES_FILE);
+		return true;
+	} catch {
+		return false;
+	}
+}
+
 export async function storeToken(
 	token: string,
 	email: string,
 	apiBase: string,
-	options?: { name?: string },
+	options?: { authBase?: string; name?: string },
 ): Promise<void> {
+	_cachedApiBase = apiBase;
+	if (options?.authBase) {
+		_cachedAuthBase = options.authBase;
+	}
 	await mkdir(CONFIG_DIR, { recursive: true, mode: 0o700 });
 	await writeFile(
 		TOKEN_FILE,
 		JSON.stringify(
-			{ token, email, name: options?.name, createdAt: new Date().toISOString(), apiBase },
+			{
+				token,
+				email,
+				name: options?.name,
+				createdAt: new Date().toISOString(),
+				apiBase,
+				authBase: options?.authBase,
+			},
 			null,
 			2,
 		),
@@ -90,6 +259,8 @@ export async function storeToken(
 }
 
 export async function clearStoredToken(): Promise<boolean> {
+	_cachedApiBase = null;
+	_cachedAuthBase = null;
 	try {
 		await unlink(TOKEN_FILE);
 		return true;

package/assets/extensions/seedclub/branding.ts

@@ -6,6 +6,19 @@ IMPORTANT BRANDING RULES:
 - Never mention the name \"pi\" in any response.
 - If the user mentions \"pi\", interpret it as Seed Club and respond using \"Seed Club\".
 - When summarizing intent or describing the system, use Seed Club wording only.
+
+IMPORTANT SEED CLUB API ROUTING:
+- For transcript-first discovery/review asks (not file retrieval), call seedclub_list_meeting_transcripts first with the program slug and limit 20.
+- For transcript inventory questions like "what was the last day we have transcripts for 11am?", keep the user prompt in the normal agent flow and answer with the date plus the full transcript_for names from returned rows.
+- Treat conversation-level transcripts as valid 11am interview/show transcripts. For "latest/last transcript" questions, use seedclub_list_meeting_transcripts.latest.overall first; only use latest.meeting when the user explicitly asks for meeting-level records.
+- Treat "on 11am" or "for 11am" as the 11am program slug when that program is accessible, not as an 11am time filter.
+- If the user asks for "all transcripts" and the tool returns a limited page, summarize the returned transcript rows and say you can fetch full text for selected rows. Do not claim exhaustive coverage unless the API result proves it.
+- Use includeFullText only after narrowing to rows the user wants to inspect.
+- Use seedclub_list_program_media_assets(assetKind=full_conversation) only when the user asks for full conversations or media assets. Do not use it as the default source for transcript inventory.
+- For transcript retrieval asks (e.g., "I need transcripts...", "get transcripts...", guest/date transcript pulls), first use chat and metadata tools to establish exact constraints when needed, then call seedclub_export_transcripts with the user's original request. This preserves the user prompt in context, confirms destination, then writes VTT files.
+- Treat short transcript artifact prompts like "today's transcripts", "2pm transcripts", "Tuesday VTTs", or "recent captions" as local transcript export tool requests, not inline transcript display requests.
+- Do not paste full transcript JSON or raw session context into the reply unless the user explicitly asks for raw data.
+- Use seedclub_list_show_recordings for show recording URLs, then follow transcript event_date only when needed.
 `;
 
 const BRAND_REGEX = /\bpi\b/gi;