@corelayer-ai/cli 0.1.0 → 0.2.0

package/dist/commands/install-skill.js

@@ -0,0 +1,45 @@
+import { existsSync, mkdirSync, copyFileSync, unlinkSync, rmdirSync, } from "node:fs";
+import { join, dirname } from "node:path";
+import { homedir } from "node:os";
+import { fileURLToPath } from "node:url";
+import { fail } from "../lib/output.js";
+const SKILL_NAME = "corelayer";
+function getSkillTargetDir() {
+    return join(homedir(), ".claude", "skills", SKILL_NAME);
+}
+function getSkillSourcePath() {
+    const thisFile = fileURLToPath(import.meta.url);
+    const distDir = dirname(dirname(thisFile));
+    const packageDir = dirname(distDir);
+    return join(packageDir, "skill", "SKILL.md");
+}
+export async function runInstallSkill(_args, ctx) {
+    const source = getSkillSourcePath();
+    if (!existsSync(source)) {
+        fail("Skill file not found. The CLI package may be incomplete.");
+    }
+    const targetDir = getSkillTargetDir();
+    const targetFile = join(targetDir, "SKILL.md");
+    mkdirSync(targetDir, { recursive: true });
+    copyFileSync(source, targetFile);
+    if (!ctx.quiet) {
+        process.stdout.write(`Corelayer skill installed to ${targetFile}\nClaude Code will now automatically use the Corelayer CLI for production tasks.\n`);
+    }
+}
+export async function runUninstallSkill(_args, ctx) {
+    const targetDir = getSkillTargetDir();
+    const targetFile = join(targetDir, "SKILL.md");
+    if (!existsSync(targetFile)) {
+        fail("Corelayer skill is not installed.");
+    }
+    unlinkSync(targetFile);
+    try {
+        rmdirSync(targetDir);
+    }
+    catch {
+        // directory not empty or already removed
+    }
+    if (!ctx.quiet) {
+        process.stdout.write("Corelayer skill uninstalled.\n");
+    }
+}

package/dist/index.js

@@ -4,6 +4,7 @@ import { runConfig } from "./commands/config.js";
 import { runGroups } from "./commands/groups.js";
 import { runIntegrations } from "./commands/integrations.js";
 import { runIssues } from "./commands/issues.js";
+import { runInstallSkill, runUninstallSkill, } from "./commands/install-skill.js";
 import { runLogin } from "./commands/login.js";
 import { runLogout } from "./commands/logout.js";
 const require = createRequire(import.meta.url);
@@ -19,6 +20,8 @@ Usage:
   corelayer groups list
   corelayer integrations list [--group <groupId>]
   corelayer config <get|set> ...
+  corelayer install-skill                       (install Claude Code skill)
+  corelayer uninstall-skill                     (remove Claude Code skill)
 
 Global flags:
   --json
@@ -102,6 +105,12 @@ async function main() {
         case "config":
             await runConfig(rest, ctx);
             return;
+        case "install-skill":
+            await runInstallSkill(rest, ctx);
+            return;
+        case "uninstall-skill":
+            await runUninstallSkill(rest, ctx);
+            return;
         default:
             process.stderr.write(`Unknown command: ${command}\n`);
             printHelp();

package/dist/lib/auth.js

@@ -151,7 +151,13 @@ export async function loginWithBrowser() {
     return result;
 }
 function validateServerUrl(url) {
-    const parsed = new URL(url);
+    let parsed;
+    try {
+        parsed = new URL(url);
+    }
+    catch {
+        throw new Error("Invalid server URL. Use a full URL such as https://app.corelayer.com or http://localhost:3000.");
+    }
     if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
         throw new Error(`Unsupported protocol "${parsed.protocol}" — only http: and https: are allowed.`);
     }

package/dist/lib/cli-auth.js

@@ -0,0 +1,31 @@
+import crypto from "node:crypto";
+const MAX_CALLBACK_BODY_BYTES = 8 * 1024;
+export function parseTrustedOrigin(authBaseUrl) {
+    const parsed = new URL(authBaseUrl);
+    return parsed.origin;
+}
+export function hashCliAuthCode(code) {
+    return crypto.createHash("sha256").update(code).digest("hex");
+}
+export async function readJsonBody(req) {
+    const chunks = [];
+    let total = 0;
+    for await (const chunk of req) {
+        const buffer = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+        total += buffer.length;
+        if (total > MAX_CALLBACK_BODY_BYTES) {
+            throw new Error("Callback body is too large");
+        }
+        chunks.push(buffer);
+    }
+    const raw = Buffer.concat(chunks).toString("utf8").trim();
+    if (!raw) {
+        return {};
+    }
+    try {
+        return JSON.parse(raw);
+    }
+    catch {
+        throw new Error("Callback body is not valid JSON");
+    }
+}

package/dist/lib/config.js

@@ -37,6 +37,7 @@ export function writeConfig(config) {
         encoding: "utf8",
         mode: 0o600,
     });
+    fs.chmodSync(CONFIG_PATH, 0o600);
 }
 export function updateConfig(partial) {
     const current = readConfig();

package/package.json

@@ -1,13 +1,14 @@
 {
   "name": "@corelayer-ai/cli",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Corelayer CLI",
   "type": "module",
   "bin": {
     "corelayer": "./dist/index.js"
   },
   "files": [
-    "dist"
+    "dist",
+    "skill"
   ],
   "engines": {
     "node": ">=18.0.0"

package/skill/SKILL.md

@@ -0,0 +1,150 @@
+---
+name: corelayer
+description: >
+  Use when the user mentions production issues, errors, monitoring, incidents,
+  error analysis, root cause analysis, issue triage, Corelayer, or wants to
+  check/manage/close/reopen production issues. Also use when the user says
+  "check prod", "what's broken", "any errors", "issue summary", or references
+  the corelayer CLI.
+user-invocable: true
+---
+
+# Corelayer CLI
+
+Corelayer is an AI-powered error analysis and monitoring platform. The `corelayer` CLI lets you manage production issues, view root cause analyses, and triage errors directly from the terminal.
+
+## Prerequisites
+
+The CLI must be installed and authenticated. Config lives at `~/.corelayer/config.json`.
+
+If not logged in, run:
+
+```bash
+corelayer login
+```
+
+## Quick reference
+
+### Check production health
+
+```bash
+corelayer issues summary --group <groupId>
+corelayer issues list --group <groupId>
+corelayer issues list --severity critical
+corelayer issues list --status open
+```
+
+### Inspect a specific issue
+
+```bash
+corelayer issues get <issueId>
+corelayer issues get <issueId> --json
+```
+
+Returns: title, status, severity, event count, what happened, root cause, and next steps.
+
+### Triage issues
+
+```bash
+corelayer issues close <issueId> --feedback "Fixed in PR #123"
+corelayer issues reopen <issueId>
+corelayer issues delete <issueId> --yes
+```
+
+### List groups and integrations
+
+```bash
+corelayer groups list
+corelayer integrations list --group <groupId>
+```
+
+### Configuration
+
+```bash
+corelayer config set default-group <groupId>
+corelayer config get
+```
+
+Setting a default group avoids repeating `--group` on every command.
+
+## Global flags
+
+| Flag              | Purpose                                            |
+| ----------------- | -------------------------------------------------- |
+| `--json`          | Output as JSON (useful for piping/parsing)         |
+| `--quiet` / `-q`  | Suppress non-error output                          |
+| `--no-color`      | Disable colored output                             |
+| `--api-url <url>` | Override the configured API server for one command |
+
+## Command reference
+
+### `corelayer issues list [--group <id>] [--status <s>] [--severity <s>] [--limit <n>] [--page <n>]`
+
+List issues for a group. Requires `--group` or a configured default group.
+Filterable by status (`open`, `closed`) and severity (`critical`, `high`, `medium`, `low`).
+
+### `corelayer issues get <issueId>`
+
+Get full details for an issue including AI-generated analysis: what happened, root cause, and next steps.
+
+### `corelayer issues summary [--group <id>]`
+
+Returns a JSON severity breakdown for the group.
+
+### `corelayer issues close <issueId> [--feedback "..."]`
+
+Close an issue. Optionally provide feedback (e.g., link to the fix).
+
+### `corelayer issues reopen <issueId>`
+
+Reopen a previously closed issue.
+
+### `corelayer issues delete <issueId> [--yes]`
+
+Soft-delete an issue. Prompts for confirmation unless `--yes` is passed.
+
+### `corelayer groups list`
+
+List all groups in the organization.
+
+### `corelayer integrations list [--group <id>]`
+
+List connected integration accounts and their resource counts.
+
+### `corelayer config get [key]`
+
+Get config values. Keys: `api-url`, `default-group`. No key returns the full config.
+
+### `corelayer config set <key> <value>`
+
+Set config values. Keys: `api-url`, `default-group`.
+
+### `corelayer login`
+
+Authenticate via browser. Or use `corelayer login --code <CODE> --api-url <url>` for manual auth.
+
+### `corelayer logout`
+
+Clear stored credentials.
+
+## Workflows
+
+### "What's happening in production?"
+
+```bash
+corelayer issues summary
+corelayer issues list --severity critical
+corelayer issues get <id> --json
+```
+
+### Scripting and automation
+
+Use `--json` and `--quiet` flags for machine-readable output:
+
+```bash
+corelayer issues list --json --group <id> | jq '.issues[] | select(.severity == "critical")'
+```
+
+### Background agent usage
+
+When running as a background agent, always use `--json` for structured output and `--quiet` to suppress interactive messages. Set `default-group` in config so group IDs don't need to be passed every time.