npm - @enactprotocol/cli - Versions diffs - 1.2.2 → 1.2.4 - Mend

@enactprotocol/cli 1.2.2 → 1.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -29,7 +29,7 @@ var __export = (target, all) => {
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
 var __require = /* @__PURE__ */ createRequire(import.meta.url);
-// ../../node_modules/picocolors/picocolors.js
+// node_modules/picocolors/picocolors.js
 var require_picocolors = __commonJS((exports, module) => {
   var p = process || {};
   var argv = p.argv || [];
@@ -99,7 +99,7 @@ var require_picocolors = __commonJS((exports, module) => {
   module.exports.createColors = createColors;
 });
-// ../../node_modules/sisteransi/src/index.js
+// node_modules/sisteransi/src/index.js
 var require_src = __commonJS((exports, module) => {
   var ESC = "\x1B";
   var CSI = `${ESC}[`;
@@ -158,31 +158,52 @@ var require_src = __commonJS((exports, module) => {
 });
 // ../shared/dist/utils/config.js
-import { homedir as homedir2 } from "os";
-import { join as join2 } from "path";
-import { existsSync as existsSync2 } from "fs";
-import { mkdir as mkdir2, readFile as readFile2, writeFile as writeFile2 } from "fs/promises";
+import { homedir } from "os";
+import { join } from "path";
+import { existsSync } from "fs";
+import { mkdir, readFile, writeFile } from "fs/promises";
 async function ensureConfig() {
-  if (!existsSync2(CONFIG_DIR2)) {
-    await mkdir2(CONFIG_DIR2, { recursive: true });
+  if (!existsSync(CONFIG_DIR)) {
+    await mkdir(CONFIG_DIR, { recursive: true });
   }
-  if (!existsSync2(CONFIG_FILE)) {
-    await writeFile2(CONFIG_FILE, JSON.stringify({ history: [] }, null, 2));
+  if (!existsSync(CONFIG_FILE)) {
+    const defaultConfig = {
+      history: [],
+      urls: {
+        frontend: DEFAULT_FRONTEND_URL,
+        api: DEFAULT_API_URL
+      }
+    };
+    await writeFile(CONFIG_FILE, JSON.stringify(defaultConfig, null, 2));
   }
 }
 async function readConfig() {
   await ensureConfig();
   try {
-    const data = await readFile2(CONFIG_FILE, "utf8");
-    return JSON.parse(data);
+    const data = await readFile(CONFIG_FILE, "utf8");
+    const config = JSON.parse(data);
+    if (!config.urls) {
+      config.urls = {
+        frontend: DEFAULT_FRONTEND_URL,
+        api: DEFAULT_API_URL
+      };
+      await writeConfig(config);
+    }
+    return config;
   } catch (error) {
     console.error("Failed to read config:", error.message);
-    return { history: [] };
+    return {
+      history: [],
+      urls: {
+        frontend: DEFAULT_FRONTEND_URL,
+        api: DEFAULT_API_URL
+      }
+    };
   }
 }
 async function writeConfig(config) {
   await ensureConfig();
-  await writeFile2(CONFIG_FILE, JSON.stringify(config, null, 2));
+  await writeFile(CONFIG_FILE, JSON.stringify(config, null, 2));
 }
 async function addToHistory(filePath) {
   const config = await readConfig();
@@ -208,10 +229,190 @@ async function getDefaultUrl() {
   const config = await readConfig();
   return config.defaultUrl;
 }
-var CONFIG_DIR2, CONFIG_FILE;
+async function getFrontendUrl() {
+  if (process.env.ENACT_FRONTEND_URL) {
+    return process.env.ENACT_FRONTEND_URL;
+  }
+  const config = await readConfig();
+  if (config.urls?.frontend) {
+    return config.urls.frontend;
+  }
+  return DEFAULT_FRONTEND_URL;
+}
+async function getApiUrl() {
+  if (process.env.ENACT_API_URL) {
+    return process.env.ENACT_API_URL;
+  }
+  const config = await readConfig();
+  if (config.urls?.api) {
+    return config.urls.api;
+  }
+  return DEFAULT_API_URL;
+}
+async function setFrontendUrl(url) {
+  const config = await readConfig();
+  if (!config.urls) {
+    config.urls = {};
+  }
+  config.urls.frontend = url;
+  await writeConfig(config);
+}
+async function setApiUrl(url) {
+  const config = await readConfig();
+  if (!config.urls) {
+    config.urls = {};
+  }
+  config.urls.api = url;
+  await writeConfig(config);
+}
+async function resetUrls() {
+  const config = await readConfig();
+  if (config.urls) {
+    delete config.urls.frontend;
+    delete config.urls.api;
+  }
+  await writeConfig(config);
+}
+async function getUrlConfig() {
+  const config = await readConfig();
+  let frontendValue = DEFAULT_FRONTEND_URL;
+  let frontendSource = "default";
+  if (config.urls?.frontend) {
+    frontendValue = config.urls.frontend;
+    frontendSource = "config";
+  }
+  if (process.env.ENACT_FRONTEND_URL) {
+    frontendValue = process.env.ENACT_FRONTEND_URL;
+    frontendSource = "environment";
+  }
+  let apiValue = DEFAULT_API_URL;
+  let apiSource = "default";
+  if (config.urls?.api) {
+    apiValue = config.urls.api;
+    apiSource = "config";
+  }
+  if (process.env.ENACT_API_URL) {
+    apiValue = process.env.ENACT_API_URL;
+    apiSource = "environment";
+  }
+  return {
+    frontend: { value: frontendValue, source: frontendSource },
+    api: { value: apiValue, source: apiSource }
+  };
+}
+async function ensureTrustedKeysDir() {
+  if (!existsSync(CONFIG_DIR)) {
+    await mkdir(CONFIG_DIR, { recursive: true });
+  }
+  if (!existsSync(TRUSTED_KEYS_DIR)) {
+    await mkdir(TRUSTED_KEYS_DIR, { recursive: true });
+  }
+  const defaultKeyFile = join(TRUSTED_KEYS_DIR, "enact-protocol-official.pem");
+  const defaultMetaFile = join(TRUSTED_KEYS_DIR, "enact-protocol-official.meta");
+  if (!existsSync(defaultKeyFile)) {
+    await writeFile(defaultKeyFile, DEFAULT_ENACT_PUBLIC_KEY);
+  }
+  if (!existsSync(defaultMetaFile)) {
+    const defaultMeta = {
+      name: "Enact Protocol Official",
+      description: "Official Enact Protocol signing key for verified tools",
+      addedAt: new Date().toISOString(),
+      source: "default",
+      keyFile: "enact-protocol-official.pem"
+    };
+    await writeFile(defaultMetaFile, JSON.stringify(defaultMeta, null, 2));
+  }
+}
+async function getTrustedKeys() {
+  await ensureTrustedKeysDir();
+  const keys = [];
+  try {
+    const { readdir } = await import("fs/promises");
+    const files = await readdir(TRUSTED_KEYS_DIR);
+    const pemFiles = files.filter((f) => f.endsWith(".pem"));
+    for (const pemFile of pemFiles) {
+      try {
+        const keyId = pemFile.replace(".pem", "");
+        const keyPath = join(TRUSTED_KEYS_DIR, pemFile);
+        const metaPath = join(TRUSTED_KEYS_DIR, `${keyId}.meta`);
+        const publicKey = await readFile(keyPath, "utf8");
+        let meta = {
+          name: keyId,
+          addedAt: new Date().toISOString(),
+          source: "user",
+          keyFile: pemFile
+        };
+        if (existsSync(metaPath)) {
+          try {
+            const metaData = await readFile(metaPath, "utf8");
+            meta = { ...meta, ...JSON.parse(metaData) };
+          } catch {}
+        }
+        keys.push({
+          id: keyId,
+          name: meta.name,
+          publicKey: publicKey.trim(),
+          description: meta.description,
+          addedAt: meta.addedAt,
+          source: meta.source,
+          keyFile: pemFile
+        });
+      } catch (error) {
+        console.warn(`Warning: Could not read key file ${pemFile}:`, error);
+      }
+    }
+  } catch (error) {
+    console.error("Failed to read trusted keys directory:", error);
+  }
+  return keys;
+}
+async function addTrustedKey(keyData) {
+  await ensureTrustedKeysDir();
+  const keyFile = `${keyData.id}.pem`;
+  const metaFile = `${keyData.id}.meta`;
+  const keyPath = join(TRUSTED_KEYS_DIR, keyFile);
+  const metaPath = join(TRUSTED_KEYS_DIR, metaFile);
+  if (existsSync(keyPath)) {
+    throw new Error(`Key with ID '${keyData.id}' already exists`);
+  }
+  await writeFile(keyPath, keyData.publicKey);
+  const meta = {
+    name: keyData.name,
+    description: keyData.description,
+    addedAt: new Date().toISOString(),
+    source: keyData.source || "user",
+    keyFile
+  };
+  await writeFile(metaPath, JSON.stringify(meta, null, 2));
+}
+async function removeTrustedKey(keyId) {
+  const keyPath = join(TRUSTED_KEYS_DIR, `${keyId}.pem`);
+  const metaPath = join(TRUSTED_KEYS_DIR, `${keyId}.meta`);
+  if (!existsSync(keyPath)) {
+    throw new Error(`Trusted key '${keyId}' not found`);
+  }
+  const { unlink } = await import("fs/promises");
+  await unlink(keyPath);
+  if (existsSync(metaPath)) {
+    await unlink(metaPath);
+  }
+}
+async function getTrustedKey(keyId) {
+  const keys = await getTrustedKeys();
+  return keys.find((k3) => k3.id === keyId) || null;
+}
+async function isKeyTrusted(publicKey) {
+  const keys = await getTrustedKeys();
+  return keys.some((k3) => k3.publicKey.trim() === publicKey.trim());
+}
+var CONFIG_DIR, CONFIG_FILE, TRUSTED_KEYS_DIR, DEFAULT_FRONTEND_URL = "https://enact.tools", DEFAULT_API_URL = "https://xjnhhxwxovjifdxdwzih.supabase.co", DEFAULT_ENACT_PUBLIC_KEY = `-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8VyE3jGm5yT2mKnPx1dQF7q8Z2Kv
+7mX9YnE2mK8vF3tY9pL6xH2dF8sK3mN7wQ5vT2gR8sL4xN6pM9uE3wF2Qw==
+-----END PUBLIC KEY-----`;
 var init_config = __esm(() => {
-  CONFIG_DIR2 = join2(homedir2(), ".enact");
-  CONFIG_FILE = join2(CONFIG_DIR2, "config.json");
+  CONFIG_DIR = join(homedir(), ".enact");
+  CONFIG_FILE = join(CONFIG_DIR, "config.json");
+  TRUSTED_KEYS_DIR = join(CONFIG_DIR, "trusted-keys");
 });
 // ../../node_modules/dotenv/package.json
@@ -289,7 +490,7 @@ var require_main = __commonJS((exports, module) => {
   var packageJson = require_package();
   var version = packageJson.version;
   var LINE = /(?:^|^)\s*(?:export\s+)?([\w.-]+)(?:\s*=\s*?|:\s+?)(\s*'(?:\\'|[^'])*'|\s*"(?:\\"|[^"])*"|\s*`(?:\\`|[^`])*`|[^#\r\n]+)?\s*(?:#.*)?(?:$|$)/mg;
-  function parse2(src) {
+  function parse(src) {
     const obj = {};
     let lines = src.toString();
     lines = lines.replace(/\r\n?/mg, `
@@ -557,7 +758,7 @@ var require_main = __commonJS((exports, module) => {
     _parseVault,
     config,
     decrypt,
-    parse: parse2,
+    parse,
     populate
   };
   exports.configDotenv = DotenvModule.configDotenv;
@@ -571,10 +772,10 @@ var require_main = __commonJS((exports, module) => {
 });
 // ../shared/dist/utils/env-loader.js
-import { join as join3 } from "path";
-import { homedir as homedir3 } from "os";
-import { existsSync as existsSync3 } from "fs";
-import { readFile as readFile3 } from "fs/promises";
+import { join as join2 } from "path";
+import { homedir as homedir2 } from "os";
+import { existsSync as existsSync2 } from "fs";
+import { readFile as readFile2 } from "fs/promises";
 function extractPackageNamespace(toolName) {
   const parts = toolName.split("/");
   if (parts.length < 2) {
@@ -586,7 +787,7 @@ function extractPackageNamespace(toolName) {
   return parts[0];
 }
 function getPackageEnvPath(packageNamespace) {
-  return join3(CONFIG_DIR3, "env", packageNamespace, ".env");
+  return join2(CONFIG_DIR2, "env", packageNamespace, ".env");
 }
 function decryptValue(encryptedValue) {
   try {
@@ -597,11 +798,11 @@ function decryptValue(encryptedValue) {
 }
 async function readPackageEnvConfig(packageNamespace) {
   const envFile = getPackageEnvPath(packageNamespace);
-  if (!existsSync3(envFile)) {
+  if (!existsSync2(envFile)) {
     return { variables: {} };
   }
   try {
-    const data = await readFile3(envFile, "utf8");
+    const data = await readFile2(envFile, "utf8");
     if (data.trim().startsWith("{")) {
       return JSON.parse(data);
     } else {
@@ -630,7 +831,7 @@ function loadPackageEnvFile(toolName) {
   try {
     const packageNamespace = extractPackageNamespace(toolName);
     const packageEnvPath = getPackageEnvPath(packageNamespace);
-    if (!existsSync3(packageEnvPath)) {
+    if (!existsSync2(packageEnvPath)) {
       return {};
     }
     const result = import_dotenv.config({ path: packageEnvPath });
@@ -741,19 +942,89 @@ function generateConfigLink(missingVars, toolName) {
   const encodedPackage = encodeURIComponent(packageNamespace);
   return `${webUrl}/?vars=${encodedVars}&package=${encodedPackage}`;
 }
-var import_dotenv, CONFIG_DIR3;
+var import_dotenv, CONFIG_DIR2;
 var init_env_loader = __esm(() => {
   import_dotenv = __toESM(require_main(), 1);
-  CONFIG_DIR3 = join3(homedir3(), ".enact");
+  CONFIG_DIR2 = join2(homedir2(), ".enact");
   import_dotenv.config();
 });
+// ../../node_modules/picocolors/picocolors.js
+var require_picocolors2 = __commonJS((exports, module) => {
+  var p2 = process || {};
+  var argv = p2.argv || [];
+  var env = p2.env || {};
+  var isColorSupported = !(!!env.NO_COLOR || argv.includes("--no-color")) && (!!env.FORCE_COLOR || argv.includes("--color") || p2.platform === "win32" || (p2.stdout || {}).isTTY && env.TERM !== "dumb" || !!env.CI);
+  var formatter = (open, close, replace = open) => (input) => {
+    let string = "" + input, index = string.indexOf(close, open.length);
+    return ~index ? open + replaceClose(string, close, replace, index) + close : open + string + close;
+  };
+  var replaceClose = (string, close, replace, index) => {
+    let result = "", cursor = 0;
+    do {
+      result += string.substring(cursor, index) + replace;
+      cursor = index + close.length;
+      index = string.indexOf(close, cursor);
+    } while (~index);
+    return result + string.substring(cursor);
+  };
+  var createColors = (enabled = isColorSupported) => {
+    let f = enabled ? formatter : () => String;
+    return {
+      isColorSupported: enabled,
+      reset: f("\x1B[0m", "\x1B[0m"),
+      bold: f("\x1B[1m", "\x1B[22m", "\x1B[22m\x1B[1m"),
+      dim: f("\x1B[2m", "\x1B[22m", "\x1B[22m\x1B[2m"),
+      italic: f("\x1B[3m", "\x1B[23m"),
+      underline: f("\x1B[4m", "\x1B[24m"),
+      inverse: f("\x1B[7m", "\x1B[27m"),
+      hidden: f("\x1B[8m", "\x1B[28m"),
+      strikethrough: f("\x1B[9m", "\x1B[29m"),
+      black: f("\x1B[30m", "\x1B[39m"),
+      red: f("\x1B[31m", "\x1B[39m"),
+      green: f("\x1B[32m", "\x1B[39m"),
+      yellow: f("\x1B[33m", "\x1B[39m"),
+      blue: f("\x1B[34m", "\x1B[39m"),
+      magenta: f("\x1B[35m", "\x1B[39m"),
+      cyan: f("\x1B[36m", "\x1B[39m"),
+      white: f("\x1B[37m", "\x1B[39m"),
+      gray: f("\x1B[90m", "\x1B[39m"),
+      bgBlack: f("\x1B[40m", "\x1B[49m"),
+      bgRed: f("\x1B[41m", "\x1B[49m"),
+      bgGreen: f("\x1B[42m", "\x1B[49m"),
+      bgYellow: f("\x1B[43m", "\x1B[49m"),
+      bgBlue: f("\x1B[44m", "\x1B[49m"),
+      bgMagenta: f("\x1B[45m", "\x1B[49m"),
+      bgCyan: f("\x1B[46m", "\x1B[49m"),
+      bgWhite: f("\x1B[47m", "\x1B[49m"),
+      blackBright: f("\x1B[90m", "\x1B[39m"),
+      redBright: f("\x1B[91m", "\x1B[39m"),
+      greenBright: f("\x1B[92m", "\x1B[39m"),
+      yellowBright: f("\x1B[93m", "\x1B[39m"),
+      blueBright: f("\x1B[94m", "\x1B[39m"),
+      magentaBright: f("\x1B[95m", "\x1B[39m"),
+      cyanBright: f("\x1B[96m", "\x1B[39m"),
+      whiteBright: f("\x1B[97m", "\x1B[39m"),
+      bgBlackBright: f("\x1B[100m", "\x1B[49m"),
+      bgRedBright: f("\x1B[101m", "\x1B[49m"),
+      bgGreenBright: f("\x1B[102m", "\x1B[49m"),
+      bgYellowBright: f("\x1B[103m", "\x1B[49m"),
+      bgBlueBright: f("\x1B[104m", "\x1B[49m"),
+      bgMagentaBright: f("\x1B[105m", "\x1B[49m"),
+      bgCyanBright: f("\x1B[106m", "\x1B[49m"),
+      bgWhiteBright: f("\x1B[107m", "\x1B[49m")
+    };
+  };
+  module.exports = createColors();
+  module.exports.createColors = createColors;
+});
 // ../shared/dist/utils/help.js
 import { readFileSync } from "fs";
-import { join as join4 } from "path";
+import { join as join3 } from "path";
 function getVersion() {
   try {
-    const packageJsonPath = join4(__dirname, "../../package.json");
+    const packageJsonPath = join3(__dirname, "../../package.json");
     const packageJson = JSON.parse(readFileSync(packageJsonPath, "utf8"));
     return packageJson.version || "0.1.0";
   } catch (error) {
@@ -763,47 +1034,47 @@ function getVersion() {
 function showHelp() {
   const version = getVersion();
   console.error(`
-${import_picocolors4.default.bold("Enact CLI")} ${import_picocolors4.default.dim(`v${version}`)}
-${import_picocolors4.default.dim("A CLI tool for managing and publishing Enact tools")}
-${import_picocolors4.default.bold("Usage:")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("<command>")} [options]
-${import_picocolors4.default.bold("Commands:")}
-  ${import_picocolors4.default.green("auth")}       Manage authentication (login, logout, status, token)
-  ${import_picocolors4.default.green("env")}        Manage environment variables (set, get, list, delete)
-  ${import_picocolors4.default.green("exec")}       Execute a tool by fetching and running it
-  ${import_picocolors4.default.green("init")}       Create a new tool definition
-  ${import_picocolors4.default.green("mcp")}        MCP client integration (install, list, status)
-  ${import_picocolors4.default.green("publish")}    Publish a tool to the registry
-  ${import_picocolors4.default.green("search")}     Search for tools in the registry
-  ${import_picocolors4.default.green("sign")}       Sign and verify tools with cryptographic signatures
-  ${import_picocolors4.default.green("remote")}     Manage remote servers (add, list, remove)
-  ${import_picocolors4.default.green("user")}       User operations (get public key)
-${import_picocolors4.default.bold("Global Options:")}
-  ${import_picocolors4.default.yellow("--help, -h")}     Show help message
-  ${import_picocolors4.default.yellow("--version, -v")}  Show version information
-${import_picocolors4.default.bold("Examples:")}
-  ${import_picocolors4.default.cyan("enact")}                           ${import_picocolors4.default.dim("# Interactive mode")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("search")} ${import_picocolors4.default.yellow("--tags")} web,api         ${import_picocolors4.default.dim("# Search tools by tags")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("exec")} enact/text/slugify      ${import_picocolors4.default.dim("# Execute a tool")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("mcp")} install ${import_picocolors4.default.yellow("--client")} claude-desktop ${import_picocolors4.default.dim("# Install MCP server")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("mcp")} install ${import_picocolors4.default.yellow("--client")} goose       ${import_picocolors4.default.dim("# Install for Goose AI")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("env")} set API_KEY --encrypt   ${import_picocolors4.default.dim("# Set encrypted env var")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("sign")} verify my-tool.yaml     ${import_picocolors4.default.dim("# Verify tool signatures")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("publish")} my-tool.yaml           ${import_picocolors4.default.dim("# Publish a tool")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("auth")} login                   ${import_picocolors4.default.dim("# Login with OAuth")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("init")} ${import_picocolors4.default.yellow("--minimal")}               ${import_picocolors4.default.dim("# Create minimal tool template")}
-${import_picocolors4.default.bold("More Help:")}
-  ${import_picocolors4.default.cyan("enact")} ${import_picocolors4.default.green("<command>")} ${import_picocolors4.default.yellow("--help")}          ${import_picocolors4.default.dim("# Show command-specific help")}
+${import_picocolors3.default.bold("Enact CLI")} ${import_picocolors3.default.dim(`v${version}`)}
+${import_picocolors3.default.dim("A CLI tool for managing and publishing Enact tools")}
+${import_picocolors3.default.bold("Usage:")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("<command>")} [options]
+${import_picocolors3.default.bold("Commands:")}
+  ${import_picocolors3.default.green("auth")}       Manage authentication (login, logout, status, token)
+  ${import_picocolors3.default.green("env")}        Manage environment variables (set, get, list, delete)
+  ${import_picocolors3.default.green("exec")}       Execute a tool by fetching and running it
+  ${import_picocolors3.default.green("init")}       Create a new tool definition
+  ${import_picocolors3.default.green("mcp")}        MCP client integration (install, list, status)
+  ${import_picocolors3.default.green("publish")}    Publish a tool to the registry
+  ${import_picocolors3.default.green("search")}     Search for tools in the registry
+  ${import_picocolors3.default.green("sign")}       Sign and verify tools with cryptographic signatures
+  ${import_picocolors3.default.green("remote")}     Manage remote servers (add, list, remove)
+  ${import_picocolors3.default.green("user")}       User operations (get public key)
+${import_picocolors3.default.bold("Global Options:")}
+  ${import_picocolors3.default.yellow("--help, -h")}     Show help message
+  ${import_picocolors3.default.yellow("--version, -v")}  Show version information
+${import_picocolors3.default.bold("Examples:")}
+  ${import_picocolors3.default.cyan("enact")}                           ${import_picocolors3.default.dim("# Interactive mode")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("search")} ${import_picocolors3.default.yellow("--tags")} web,api         ${import_picocolors3.default.dim("# Search tools by tags")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("exec")} enact/text/slugify      ${import_picocolors3.default.dim("# Execute a tool")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("mcp")} install ${import_picocolors3.default.yellow("--client")} claude-desktop ${import_picocolors3.default.dim("# Install MCP server")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("mcp")} install ${import_picocolors3.default.yellow("--client")} goose       ${import_picocolors3.default.dim("# Install for Goose AI")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("env")} set API_KEY --encrypt   ${import_picocolors3.default.dim("# Set encrypted env var")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("sign")} verify my-tool.yaml     ${import_picocolors3.default.dim("# Verify tool signatures")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("publish")} my-tool.yaml           ${import_picocolors3.default.dim("# Publish a tool")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("auth")} login                   ${import_picocolors3.default.dim("# Login with OAuth")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("init")} ${import_picocolors3.default.yellow("--minimal")}               ${import_picocolors3.default.dim("# Create minimal tool template")}
+${import_picocolors3.default.bold("More Help:")}
+  ${import_picocolors3.default.cyan("enact")} ${import_picocolors3.default.green("<command>")} ${import_picocolors3.default.yellow("--help")}          ${import_picocolors3.default.dim("# Show command-specific help")}
 `);
 }
-var import_picocolors4, __dirname = "/Users/keithgroves/projects/enact/enact-cli/packages/shared/dist/utils";
+var import_picocolors3, __dirname = "/Users/keithgroves/projects/enact/enact-cli/packages/shared/dist/utils";
 var init_help = __esm(() => {
-  import_picocolors4 = __toESM(require_picocolors(), 1);
+  import_picocolors3 = __toESM(require_picocolors2(), 1);
 });
 // ../shared/dist/utils/logger.js
@@ -812,29 +1083,29 @@ function setLogLevel(level) {
 }
 function debug(message) {
   if (currentLogLevel <= LogLevel.DEBUG) {
-    console.error(import_picocolors5.default.dim(`\uD83D\uDD0D ${message}`));
+    console.error(import_picocolors4.default.dim(`\uD83D\uDD0D ${message}`));
   }
 }
 function info(message) {
   if (currentLogLevel <= LogLevel.INFO) {
-    console.error(import_picocolors5.default.blue(`ℹ️ ${message}`));
+    console.error(import_picocolors4.default.blue(`ℹ️ ${message}`));
   }
 }
 function success(message) {
   if (currentLogLevel <= LogLevel.SUCCESS) {
-    console.error(import_picocolors5.default.green(`✓ ${message}`));
+    console.error(import_picocolors4.default.green(`✓ ${message}`));
   }
 }
 function warn(message) {
   if (currentLogLevel <= LogLevel.WARN) {
-    console.error(import_picocolors5.default.yellow(`⚠️ ${message}`));
+    console.error(import_picocolors4.default.yellow(`⚠️ ${message}`));
   }
 }
 function error(message, details) {
   if (currentLogLevel <= LogLevel.ERROR) {
-    console.error(import_picocolors5.default.red(`✗ Error: ${message}`));
+    console.error(import_picocolors4.default.red(`✗ Error: ${message}`));
     if (details && currentLogLevel === LogLevel.DEBUG) {
-      console.error(import_picocolors5.default.dim("Details:"));
+      console.error(import_picocolors4.default.dim("Details:"));
       console.error(details);
     }
   }
@@ -848,9 +1119,9 @@ function table(data, columns) {
     }
   }
 }
-var import_picocolors5, LogLevel, currentLogLevel;
+var import_picocolors4, LogLevel, currentLogLevel;
 var init_logger = __esm(() => {
-  import_picocolors5 = __toESM(require_picocolors(), 1);
+  import_picocolors4 = __toESM(require_picocolors2(), 1);
   (function(LogLevel2) {
     LogLevel2[LogLevel2["DEBUG"] = 0] = "DEBUG";
     LogLevel2[LogLevel2["INFO"] = 1] = "INFO";
@@ -1086,7 +1357,7 @@ function parseTimeout(timeout) {
 // ../shared/dist/utils/version.js
 import { readFileSync as readFileSync2 } from "fs";
-import { join as join5, dirname } from "path";
+import { join as join4, dirname } from "path";
 import { fileURLToPath } from "url";
 function showVersion() {
   let version = "0.0.1-dev";
@@ -1096,7 +1367,7 @@ function showVersion() {
     } else {
       const currentFile = typeof __filename !== "undefined" ? __filename : fileURLToPath(import.meta.url);
       const sharedDir = dirname(dirname(dirname(currentFile)));
-      const packageJsonPath = join5(sharedDir, "package.json");
+      const packageJsonPath = join4(sharedDir, "package.json");
       const packageJson = JSON.parse(readFileSync2(packageJsonPath, "utf8"));
       version = packageJson.version;
     }
@@ -1105,13 +1376,13 @@ function showVersion() {
   }
   const versionText = `v${version}`;
   console.error(`
-${import_picocolors6.default.bold("Enact CLI")} ${import_picocolors6.default.cyan(versionText)}
-${import_picocolors6.default.dim("A tool to create and publish enact documents.")}
+${import_picocolors5.default.bold("Enact CLI")} ${import_picocolors5.default.cyan(versionText)}
+${import_picocolors5.default.dim("A tool to create and publish enact documents.")}
 `);
 }
-var import_picocolors6, __filename = "/Users/keithgroves/projects/enact/enact-cli/packages/shared/dist/utils/version.js";
+var import_picocolors5, __filename = "/Users/keithgroves/projects/enact/enact-cli/packages/shared/dist/utils/version.js";
 var init_version = __esm(() => {
-  import_picocolors6 = __toESM(require_picocolors(), 1);
+  import_picocolors5 = __toESM(require_picocolors2(), 1);
 });
 // ../shared/dist/utils/index.js
@@ -1128,23 +1399,34 @@ __export(exports_utils, {
   showVersion: () => showVersion,
   showHelp: () => showHelp,
   setLogLevel: () => setLogLevel,
+  setFrontendUrl: () => setFrontendUrl,
   setDefaultUrl: () => setDefaultUrl,
+  setApiUrl: () => setApiUrl,
   resolveToolEnvironmentVariables: () => resolveToolEnvironmentVariables,
+  resetUrls: () => resetUrls,
+  removeTrustedKey: () => removeTrustedKey,
   readConfig: () => readConfig,
   parseTimeout: () => parseTimeout,
   loadPackageEnvironmentVariables: () => loadPackageEnvironmentVariables,
+  isKeyTrusted: () => isKeyTrusted,
   info: () => info,
   globalMonitor: () => globalMonitor,
   getWebServerUrl: () => getWebServerUrl,
+  getUrlConfig: () => getUrlConfig,
+  getTrustedKeys: () => getTrustedKeys,
+  getTrustedKey: () => getTrustedKey,
   getPackageEnvironmentVariables: () => getPackageEnvironmentVariables,
   getHistory: () => getHistory,
+  getFrontendUrl: () => getFrontendUrl,
   getDefaultUrl: () => getDefaultUrl,
+  getApiUrl: () => getApiUrl,
   generateConfigLink: () => generateConfigLink,
   extractPackageNamespace: () => extractPackageNamespace,
   error: () => error,
   ensureSilent: () => ensureSilent,
   ensureConfig: () => ensureConfig,
   debug: () => debug,
+  addTrustedKey: () => addTrustedKey,
   addToHistory: () => addToHistory,
   McpSilentOperationMonitor: () => McpSilentOperationMonitor,
   LogLevel: () => LogLevel
@@ -12327,13 +12609,71 @@ var require_pino = __commonJS((exports, module) => {
   module.exports.pino = pino;
 });
+// ../../node_modules/sisteransi/src/index.js
+var require_src2 = __commonJS((exports, module) => {
+  var ESC = "\x1B";
+  var CSI = `${ESC}[`;
+  var beep = "\x07";
+  var cursor = {
+    to(x2, y3) {
+      if (!y3)
+        return `${CSI}${x2 + 1}G`;
+      return `${CSI}${y3 + 1};${x2 + 1}H`;
+    },
+    move(x2, y3) {
+      let ret = "";
+      if (x2 < 0)
+        ret += `${CSI}${-x2}D`;
+      else if (x2 > 0)
+        ret += `${CSI}${x2}C`;
+      if (y3 < 0)
+        ret += `${CSI}${-y3}A`;
+      else if (y3 > 0)
+        ret += `${CSI}${y3}B`;
+      return ret;
+    },
+    up: (count = 1) => `${CSI}${count}A`,
+    down: (count = 1) => `${CSI}${count}B`,
+    forward: (count = 1) => `${CSI}${count}C`,
+    backward: (count = 1) => `${CSI}${count}D`,
+    nextLine: (count = 1) => `${CSI}E`.repeat(count),
+    prevLine: (count = 1) => `${CSI}F`.repeat(count),
+    left: `${CSI}G`,
+    hide: `${CSI}?25l`,
+    show: `${CSI}?25h`,
+    save: `${ESC}7`,
+    restore: `${ESC}8`
+  };
+  var scroll = {
+    up: (count = 1) => `${CSI}S`.repeat(count),
+    down: (count = 1) => `${CSI}T`.repeat(count)
+  };
+  var erase = {
+    screen: `${CSI}2J`,
+    up: (count = 1) => `${CSI}1J`.repeat(count),
+    down: (count = 1) => `${CSI}J`.repeat(count),
+    line: `${CSI}2K`,
+    lineEnd: `${CSI}K`,
+    lineStart: `${CSI}1K`,
+    lines(count) {
+      let clear = "";
+      for (let i = 0;i < count; i++)
+        clear += this.line + (i < count - 1 ? cursor.up() : "");
+      if (count)
+        clear += cursor.left;
+      return clear;
+    }
+  };
+  module.exports = { cursor, scroll, erase, beep };
+});
 // ../../node_modules/@clack/core/dist/index.cjs
 var require_dist2 = __commonJS((exports) => {
-  var sisteransi = require_src();
+  var sisteransi = require_src2();
   var node_process = __require("node:process");
   var s$2 = __require("node:readline");
   var node_stream = __require("node:stream");
-  var i$1 = require_picocolors();
+  var i$1 = require_picocolors2();
   function _interopDefaultCompat(C3) {
     return C3 && typeof C3 == "object" && "default" in C3 ? C3.default : C3;
   }
@@ -12920,8 +13260,8 @@ var require_dist3 = __commonJS((exports) => {
   var node_util = __require("node:util");
   var core = require_dist2();
   var process$1 = __require("node:process");
-  var e2 = require_picocolors();
-  var sisteransi = require_src();
+  var e2 = require_picocolors2();
+  var sisteransi = require_src2();
   function _interopDefaultCompat(t) {
     return t && typeof t == "object" && "default" in t ? t.default : t;
   }
@@ -213472,10 +213812,10 @@ Additional information: BADCLIENT: Bad error code, ${badCode} not found in range
 var import_picocolors14 = __toESM(require_picocolors(), 1);
 import { parseArgs } from "util";
-// ../../node_modules/@clack/prompts/dist/index.mjs
+// node_modules/@clack/prompts/dist/index.mjs
 import { stripVTControlCharacters as S2 } from "node:util";
-// ../../node_modules/@clack/core/dist/index.mjs
+// node_modules/@clack/core/dist/index.mjs
 var import_sisteransi = __toESM(require_src(), 1);
 var import_picocolors = __toESM(require_picocolors(), 1);
 import { stdin as j, stdout as M } from "node:process";
@@ -213922,7 +214262,7 @@ class RD extends x {
   }
 }
-// ../../node_modules/@clack/prompts/dist/index.mjs
+// node_modules/@clack/prompts/dist/index.mjs
 var import_picocolors2 = __toESM(require_picocolors(), 1);
 var import_sisteransi2 = __toESM(require_src(), 1);
 import y2 from "node:process";
@@ -214175,11 +214515,11 @@ var Y2 = ({ indicator: t = "dots" } = {}) => {
 };
 // src/commands/auth.ts
-var import_picocolors3 = __toESM(require_picocolors(), 1);
-import { existsSync } from "fs";
-import { readFile, writeFile, mkdir } from "fs/promises";
-import { join } from "path";
-import { homedir } from "os";
+var import_picocolors6 = __toESM(require_picocolors(), 1);
+import { existsSync as existsSync3 } from "fs";
+import { readFile as readFile3, writeFile as writeFile2, mkdir as mkdir2 } from "fs/promises";
+import { join as join5 } from "path";
+import { homedir as homedir3 } from "os";
 import { createServer } from "http";
 import { parse } from "url";
 import { randomBytes, createHash } from "crypto";
@@ -214187,11 +214527,18 @@ import { exec } from "child_process";
 import { promisify } from "util";
 // ../shared/dist/api/enact-api.js
+init_config();
 class EnactApiClient {
-  constructor(baseUrl = "https://enact.tools", supabaseUrl = "https://xjnhhxwxovjifdxdwzih.supabase.co") {
+  constructor(baseUrl, supabaseUrl) {
     this.baseUrl = baseUrl.replace(/\/$/, "");
     this.supabaseUrl = supabaseUrl.replace(/\/$/, "");
   }
+  static async create(baseUrl, supabaseUrl) {
+    const frontendUrl = baseUrl || await getFrontendUrl();
+    const apiUrl = supabaseUrl || await getApiUrl();
+    return new EnactApiClient(frontendUrl, apiUrl);
+  }
   async makeRequest(endpoint, options = {}, token, tokenType = "jwt") {
     const url = endpoint.startsWith("http") ? endpoint : `${this.supabaseUrl}${endpoint}`;
     const headers = {
@@ -214473,7 +214820,7 @@ class EnactApiClient {
     };
   }
 }
-var enactApi = new EnactApiClient;
+var enactApi = new EnactApiClient("https://enact.tools", "https://xjnhhxwxovjifdxdwzih.supabase.co");
 class EnactApiError extends Error {
   constructor(message, statusCode, endpoint) {
@@ -214484,14 +214831,17 @@ class EnactApiError extends Error {
   }
 }
 function createEnactApiClient(baseUrl, supabaseUrl) {
-  return new EnactApiClient(baseUrl, supabaseUrl);
+  const defaultFrontend = "https://enact.tools";
+  const defaultApi = "https://xjnhhxwxovjifdxdwzih.supabase.co";
+  return new EnactApiClient(baseUrl || defaultFrontend, supabaseUrl || defaultApi);
 }
 // src/commands/auth.ts
+init_utils();
 var execAsync = promisify(exec);
-var CONFIG_DIR = join(homedir(), ".enact");
-var AUTH_FILE = join(CONFIG_DIR, "auth.json");
-var DEFAULT_SERVER = "https://enact.tools";
+var CONFIG_DIR3 = join5(homedir3(), ".enact");
+var AUTH_FILE = join5(CONFIG_DIR3, "auth.json");
 async function handleAuthCommand(args, options) {
+  const defaultServer = await getFrontendUrl();
   if (options.help || !args[0]) {
     console.error(`
 Usage: enact auth <subcommand> [options]
@@ -214506,16 +214856,16 @@ Subcommands:
 Options:
   --help, -h          Show this help message
-  --server <url>      Specify the enact server URL (default: ${DEFAULT_SERVER})
+  --server <url>      Specify the enact server URL (default: ${defaultServer})
   --port <number>     Local callback port for OAuth (default: 8080)
 `);
     return;
   }
   const subCommand = args[0];
-  const serverUrl = options.server || DEFAULT_SERVER;
+  const serverUrl = options.server || defaultServer;
   const callbackPort = options.port || 8080;
   await ensureAuthConfig();
-  Ie(import_picocolors3.default.bgBlue(import_picocolors3.default.white(" Enact Authentication ")));
+  Ie(import_picocolors6.default.bgBlue(import_picocolors6.default.white(" Enact Authentication ")));
   switch (subCommand) {
     case "login": {
       await handleLogin(serverUrl, callbackPort);
@@ -214534,7 +214884,7 @@ Options:
       break;
     }
     default:
-      Se(import_picocolors3.default.red(`✗ Unknown auth subcommand "${subCommand}"`));
+      Se(import_picocolors6.default.red(`✗ Unknown auth subcommand "${subCommand}"`));
       return;
   }
 }
@@ -214546,7 +214896,7 @@ async function handleLogin(serverUrl, callbackPort) {
         message: "You are already authenticated. Continue with new login?"
       });
       if (!useExisting) {
-        Se(import_picocolors3.default.yellow("Login cancelled"));
+        Se(import_picocolors6.default.yellow("Login cancelled"));
         return;
       }
     }
@@ -214568,14 +214918,14 @@ async function handleLogin(serverUrl, callbackPort) {
     try {
       server2 = await startCallbackServerWithFallback(callbackPort, serverUrl, codeVerifier, state);
       s.stop("OAuth server started");
-    } catch (error) {
+    } catch (error2) {
       s.stop("OAuth server could not start, using manual mode");
       server2 = null;
     }
     Me(`Opening browser to: ${authUrl}`, "OAuth Login");
     try {
       await openBrowser(authUrl);
-    } catch (error) {
+    } catch (error2) {
       Me(`Please open this URL in your browser: ${authUrl}`, "Manual Browser Open Required");
     }
     if (server2) {
@@ -214602,14 +214952,14 @@ async function handleLogin(serverUrl, callbackPort) {
         }
       });
       if (typeof authCode === "symbol") {
-        Se(import_picocolors3.default.yellow("Login cancelled"));
+        Se(import_picocolors6.default.yellow("Login cancelled"));
         return;
       }
       await exchangeCodeForToken(authCode, redirectUri, codeVerifier, serverUrl);
     }
-    Se(import_picocolors3.default.green("✓ Successfully authenticated with Enact!"));
-  } catch (error) {
-    Se(import_picocolors3.default.red(`✗ Login failed: ${error.message}`));
+    Se(import_picocolors6.default.green("✓ Successfully authenticated with Enact!"));
+  } catch (error2) {
+    Se(import_picocolors6.default.red(`✗ Login failed: ${error2.message}`));
   } finally {
     process.exit(0);
   }
@@ -214623,13 +214973,13 @@ async function startCallbackServerWithFallback(port, serverUrl, codeVerifier, st
         const {
           code,
           state: returnedState,
-          error,
+          error: error2,
           error_description
         } = parsedUrl.query;
         res.setHeader("Access-Control-Allow-Origin", "*");
         res.setHeader("Content-Type", "text/html");
-        if (error) {
-          const errorMsg = error_description || error;
+        if (error2) {
+          const errorMsg = error_description || error2;
           res.writeHead(400);
           res.end(`
             <html>
@@ -214688,19 +215038,19 @@ async function startCallbackServerWithFallback(port, serverUrl, codeVerifier, st
           `);
           server2.close();
           server2.emit("authComplete");
-        } catch (error2) {
-          console.error("Token exchange error:", error2);
+        } catch (error3) {
+          console.error("Token exchange error:", error3);
           res.writeHead(500);
           res.end(`
             <html>
               <body style="font-family: Arial, sans-serif; text-align: center; padding: 50px;">
                 <h1 style="color: red;">❌ Authentication Failed</h1>
-                <p><strong>Error:</strong> ${error2.message}</p>
+                <p><strong>Error:</strong> ${error3.message}</p>
                 <p>You can close this window and check your terminal for more details.</p>
               </body>
             </html>
           `);
-          server2.emit("authError", error2);
+          server2.emit("authError", error3);
         }
       } else {
         res.writeHead(404);
@@ -214719,11 +215069,11 @@ async function startCallbackServerWithFallback(port, serverUrl, codeVerifier, st
       console.error(`OAuth callback server listening on http://localhost:${port}`);
       resolve(server2);
     });
-    server2.on("error", (error) => {
-      if (error.code === "EADDRINUSE") {
+    server2.on("error", (error2) => {
+      if (error2.code === "EADDRINUSE") {
         reject(new Error(`Port ${port} is already in use`));
       } else {
-        reject(error);
+        reject(error2);
       }
     });
   });
@@ -214752,11 +215102,11 @@ async function exchangeCodeForToken(code, redirectUri, codeVerifier, serverUrl)
       server: serverUrl
     });
     console.error("✓ Token stored successfully");
-  } catch (error) {
-    if (error instanceof EnactApiError) {
-      throw new Error(`Token exchange failed: ${error.message}`);
+  } catch (error2) {
+    if (error2 instanceof EnactApiError) {
+      throw new Error(`Token exchange failed: ${error2.message}`);
     }
-    throw error;
+    throw error2;
   }
 }
 async function handleLogout() {
@@ -214770,45 +215120,45 @@ async function handleLogout() {
     message: "Are you sure you want to logout?"
   });
   if (!shouldLogout) {
-    Se(import_picocolors3.default.yellow("Logout cancelled"));
+    Se(import_picocolors6.default.yellow("Logout cancelled"));
     return;
   }
   const s = Y2();
   s.start("Logging out...");
   await writeAuthConfig({});
   s.stop("Logged out successfully");
-  Se(import_picocolors3.default.green("✓ You have been logged out"));
+  Se(import_picocolors6.default.green("✓ You have been logged out"));
 }
 async function handleStatus() {
   const currentAuth = await readAuthConfig();
   if (!currentAuth.token) {
     Me("Not authenticated", "Status");
-    Se(import_picocolors3.default.yellow('Run "enact auth login" to authenticate'));
+    Se(import_picocolors6.default.yellow('Run "enact auth login" to authenticate'));
     return;
   }
   const isExpired = currentAuth.expiresAt && new Date(currentAuth.expiresAt) <= new Date;
   if (isExpired) {
     Me("Token has expired", "Status");
-    Se(import_picocolors3.default.yellow('Run "enact auth login" to re-authenticate'));
+    Se(import_picocolors6.default.yellow('Run "enact auth login" to re-authenticate'));
     return;
   }
   const expiresIn = currentAuth.expiresAt ? Math.round((new Date(currentAuth.expiresAt).getTime() - Date.now()) / 1000 / 60 / 60) : "unknown";
   Me(`Authenticated
 Expires: ${currentAuth.expiresAt || "unknown"}
 Expires in: ${expiresIn} hours`, "Status");
-  Se(import_picocolors3.default.green("✓ Authentication valid"));
+  Se(import_picocolors6.default.green("✓ Authentication valid"));
 }
 async function handleShowToken() {
   const currentAuth = await readAuthConfig();
   if (!currentAuth.token) {
     Me("Not authenticated", "Status");
-    Se(import_picocolors3.default.yellow('Run "enact auth login" to authenticate'));
+    Se(import_picocolors6.default.yellow('Run "enact auth login" to authenticate'));
     return;
   }
   const isExpired = currentAuth.expiresAt && new Date(currentAuth.expiresAt) <= new Date;
   if (isExpired) {
     Me("Token has expired", "Status");
-    Se(import_picocolors3.default.yellow('Run "enact auth login" to re-authenticate'));
+    Se(import_picocolors6.default.yellow('Run "enact auth login" to re-authenticate'));
     return;
   }
   const maskedToken = currentAuth.token.length > 12 ? `${currentAuth.token.slice(0, 8)}...${currentAuth.token.slice(-4)}` : currentAuth.token;
@@ -214843,23 +215193,23 @@ async function openBrowser(url) {
   await execAsync(command);
 }
 async function ensureAuthConfig() {
-  if (!existsSync(CONFIG_DIR)) {
-    await mkdir(CONFIG_DIR, { recursive: true });
+  if (!existsSync3(CONFIG_DIR3)) {
+    await mkdir2(CONFIG_DIR3, { recursive: true });
   }
-  if (!existsSync(AUTH_FILE)) {
+  if (!existsSync3(AUTH_FILE)) {
     await writeAuthConfig({});
   }
 }
 async function readAuthConfig() {
   try {
-    const text = await readFile(AUTH_FILE, "utf8");
+    const text = await readFile3(AUTH_FILE, "utf8");
     return JSON.parse(text);
   } catch (e2) {
     return {};
   }
 }
-async function writeAuthConfig(config) {
-  await writeFile(AUTH_FILE, JSON.stringify(config, null, 2), "utf8");
+async function writeAuthConfig(config2) {
+  await writeFile2(AUTH_FILE, JSON.stringify(config2, null, 2), "utf8");
 }
 async function getCurrentToken() {
   try {
@@ -214871,7 +215221,7 @@ async function getCurrentToken() {
       return null;
     }
     return auth.token;
-  } catch (error) {
+  } catch (error2) {
     return null;
   }
 }
@@ -216058,6 +216408,23 @@ var MCP_CLIENTS = {
     }
   }
 };
+var MCP_SERVERS = {
+  main: {
+    name: "Enact MCP Server",
+    description: "Main server for tool execution, search, and environment management",
+    package: "@enactprotocol/mcp-server"
+  },
+  dev: {
+    name: "Enact MCP Dev Server",
+    description: "Development server for creating, testing, validating, and publishing tools",
+    package: "@enactprotocol/mcp-dev-server"
+  },
+  both: {
+    name: "Both Servers",
+    description: "Install both main and development servers",
+    package: "both"
+  }
+};
 async function handleMcpCommand(args, options) {
   if (options.help || !args[0]) {
     console.error(`
@@ -216066,13 +216433,14 @@ Usage: enact mcp <subcommand> [options]
 Manages MCP (Model Context Protocol) client integrations.
 Subcommands:
-  install             Install Enact MCP server to MCP clients
+  install             Install Enact MCP server(s) to MCP clients
   list                List detected MCP clients
   status              Show MCP integration status
 Options:
   --help, -h          Show this help message
   --client <name>     Target specific client (claude-desktop, claude-code, vscode, goose, gemini)
+  --server <type>     Choose server type (main, dev, both) - default: main
 `);
     return;
   }
@@ -216110,6 +216478,20 @@ Supported clients:
       return;
     }
     let targetClient = options.client;
+    let serverType = options.server || "main";
+    if (!MCP_SERVERS[serverType]) {
+      console.error(import_picocolors11.default.red(`Invalid server type: ${serverType}. Valid options: main, dev, both`));
+      process.exit(1);
+    }
+    if (!options.server) {
+      serverType = await ve({
+        message: "Which MCP server(s) would you like to install?",
+        options: Object.entries(MCP_SERVERS).map(([key, config2]) => ({
+          value: key,
+          label: `${config2.name} - ${config2.description}`
+        }))
+      });
+    }
     if (!targetClient) {
       if (detectedClients.length === 1) {
         targetClient = detectedClients[0].id;
@@ -216133,10 +216515,11 @@ Supported clients:
       console.error(import_picocolors11.default.red(`Client "${targetClient}" not found or not detected.`));
       process.exit(1);
     }
-    const isAlreadyInstalled = await checkMcpServerInstalled(selectedClient);
+    const isAlreadyInstalled = await checkMcpServerInstalled(selectedClient, serverType);
     if (isAlreadyInstalled) {
+      const serverConfig2 = MCP_SERVERS[serverType];
       const shouldReinstall = await ye({
-        message: `Enact MCP server is already installed in ${selectedClient.name}. Do you want to reinstall it?`
+        message: `${serverConfig2.name} is already installed in ${selectedClient.name}. Do you want to reinstall it?`
       });
       if (!shouldReinstall) {
         Se("Installation cancelled.");
@@ -216144,11 +216527,14 @@ Supported clients:
       }
     }
     const s = Y2();
-    s.start("Installing Enact MCP server...");
-    await installMcpServer(selectedClient);
-    s.stop("✓ Enact MCP server installation process completed");
-    Me(import_picocolors11.default.green(`✓ Added 'enact' MCP server to ${selectedClient.name}
-`) + import_picocolors11.default.cyan(`→ Please restart ${selectedClient.name} to enable the Enact MCP server
+    const serverConfig = MCP_SERVERS[serverType];
+    s.start(`Installing ${serverConfig.name}...`);
+    await installMcpServer(selectedClient, serverType);
+    s.stop(`✓ ${serverConfig.name} installation process completed`);
+    const successMessage = serverType === "both" ? `✓ Added both 'enact' and 'enact-dev' MCP servers to ${selectedClient.name}
+` : `✓ Added '${serverType === "main" ? "enact" : "enact-dev"}' MCP server to ${selectedClient.name}
+`;
+    Me(import_picocolors11.default.green(successMessage) + import_picocolors11.default.cyan(`→ Please restart ${selectedClient.name} to enable the MCP server(s)
 `) + import_picocolors11.default.cyan(`→ Look for the MCP tools icon in the chat interface`), "Installation complete");
     Se("MCP server installation completed!");
   } catch (error2) {
@@ -216179,8 +216565,18 @@ async function handleStatusCommand() {
     return;
   }
   for (const client of detectedClients) {
-    const isInstalled = await checkMcpServerInstalled(client);
-    const status = isInstalled ? import_picocolors11.default.green("✓ Installed") : import_picocolors11.default.yellow("○ Not installed");
+    const mainInstalled = await checkMcpServerInstalled(client, "main");
+    const devInstalled = await checkMcpServerInstalled(client, "dev");
+    let status = "";
+    if (mainInstalled && devInstalled) {
+      status = import_picocolors11.default.green("✓ Main + Dev servers");
+    } else if (mainInstalled) {
+      status = import_picocolors11.default.green("✓ Main server") + import_picocolors11.default.yellow(" (Dev server not installed)");
+    } else if (devInstalled) {
+      status = import_picocolors11.default.green("✓ Dev server") + import_picocolors11.default.yellow(" (Main server not installed)");
+    } else {
+      status = import_picocolors11.default.yellow("○ Not installed");
+    }
     Me(`${status}
 Config: ${client.configPath}`, client.name);
   }
@@ -216222,10 +216618,9 @@ async function detectMcpClients() {
   }
   return detected;
 }
-async function installMcpServer(client) {
+async function installMcpServer(client, serverType = "main") {
   if (client.id === "goose") {
     try {
-      const extensionName = "Enact Tools";
       const yaml = await Promise.resolve().then(() => __toESM(require_dist(), 1));
       const configPath2 = client.configPath;
       const configDir2 = join8(configPath2, "..");
@@ -216242,16 +216637,29 @@ async function installMcpServer(client) {
       if (!config3.extensions) {
         config3.extensions = {};
       }
-      config3.extensions.enact = {
-        name: "enact",
-        cmd: "npx",
-        args: ["-y", "@enactprotocol/mcp-server"],
-        enabled: true,
-        type: "stdio",
-        timeout: 300
-      };
+      if (serverType === "main" || serverType === "both") {
+        config3.extensions.enact = {
+          name: "enact",
+          cmd: "npx",
+          args: ["-y", "@enactprotocol/mcp-server"],
+          enabled: true,
+          type: "stdio",
+          timeout: 300
+        };
+      }
+      if (serverType === "dev" || serverType === "both") {
+        config3.extensions["enact-dev"] = {
+          name: "enact-dev",
+          cmd: "npx",
+          args: ["-y", "@enactprotocol/mcp-dev-server"],
+          enabled: true,
+          type: "stdio",
+          timeout: 300
+        };
+      }
       await writeFile6(configPath2, yaml.stringify(config3), "utf-8");
-      Me(import_picocolors11.default.green(`✓ Successfully added 'Enact Tools' extension to Goose configuration
+      const serverConfig = MCP_SERVERS[serverType];
+      Me(import_picocolors11.default.green(`✓ Successfully added '${serverConfig.name}' extension to Goose configuration
 `) + import_picocolors11.default.cyan(`→ The extension is now available in your Goose AI sessions
 `) + import_picocolors11.default.cyan(`→ Restart Goose if it's currently running`), "Installation complete");
     } catch (error2) {
@@ -216271,24 +216679,33 @@ async function installMcpServer(client) {
       console.warn(import_picocolors11.default.yellow(`Warning: Could not parse existing config at ${configPath}. Creating new config.`));
     }
   }
-  const mcpServerConfig = {
-    command: "npx",
-    args: ["-y", "@enactprotocol/mcp-server"]
-  };
+  const serverConfigs = {};
+  if (serverType === "main" || serverType === "both") {
+    serverConfigs.enact = {
+      command: "npx",
+      args: ["-y", "@enactprotocol/mcp-server"]
+    };
+  }
+  if (serverType === "dev" || serverType === "both") {
+    serverConfigs["enact-dev"] = {
+      command: "npx",
+      args: ["-y", "@enactprotocol/mcp-dev-server"]
+    };
+  }
   if (client.id === "claude-desktop" || client.id === "claude-code" || client.id === "gemini") {
     if (!config2.mcpServers) {
       config2.mcpServers = {};
     }
-    config2.mcpServers.enact = mcpServerConfig;
+    Object.assign(config2.mcpServers, serverConfigs);
   } else if (client.id === "vscode") {
     if (!config2["mcp.servers"]) {
       config2["mcp.servers"] = {};
     }
-    config2["mcp.servers"].enact = mcpServerConfig;
+    Object.assign(config2["mcp.servers"], serverConfigs);
   }
   await writeFile6(configPath, JSON.stringify(config2, null, 2), "utf-8");
 }
-async function checkMcpServerInstalled(client) {
+async function checkMcpServerInstalled(client, serverType = "main") {
   if (client.id === "goose") {
     try {
       const yaml = await Promise.resolve().then(() => __toESM(require_dist(), 1));
@@ -216297,7 +216714,14 @@ async function checkMcpServerInstalled(client) {
       }
       const configContent = await readFile6(client.configPath, "utf-8");
       const config2 = yaml.parse(configContent);
-      return config2?.extensions?.enact?.enabled === true;
+      if (serverType === "main") {
+        return config2?.extensions?.enact?.enabled === true;
+      } else if (serverType === "dev") {
+        return config2?.extensions?.["enact-dev"]?.enabled === true;
+      } else if (serverType === "both") {
+        return config2?.extensions?.enact?.enabled === true && config2?.extensions?.["enact-dev"]?.enabled === true;
+      }
+      return false;
     } catch (error2) {
       return false;
     }
@@ -216309,9 +216733,23 @@ async function checkMcpServerInstalled(client) {
     const configContent = await readFile6(client.configPath, "utf-8");
     const config2 = JSON.parse(configContent);
     if (client.id === "claude-desktop" || client.id === "claude-code" || client.id === "gemini") {
-      return config2.mcpServers && config2.mcpServers.enact;
+      const servers = config2.mcpServers || {};
+      if (serverType === "main") {
+        return Boolean(servers.enact);
+      } else if (serverType === "dev") {
+        return Boolean(servers["enact-dev"]);
+      } else if (serverType === "both") {
+        return Boolean(servers.enact) && Boolean(servers["enact-dev"]);
+      }
     } else if (client.id === "vscode") {
-      return config2["mcp.servers"] && config2["mcp.servers"].enact;
+      const servers = config2["mcp.servers"] || {};
+      if (serverType === "main") {
+        return Boolean(servers.enact);
+      } else if (serverType === "dev") {
+        return Boolean(servers["enact-dev"]);
+      } else if (serverType === "both") {
+        return Boolean(servers.enact) && Boolean(servers["enact-dev"]);
+      }
     }
     return false;
   } catch (error2) {
@@ -216321,6 +216759,7 @@ async function checkMcpServerInstalled(client) {
 // src/commands/config.ts
 var import_picocolors12 = __toESM(require_picocolors(), 1);
+init_utils();
 import fs from "fs/promises";
 import path from "path";
 import { existsSync as existsSync8 } from "fs";
@@ -216508,6 +216947,13 @@ function showConfigHelp() {
   console.log("  get <key>           Get specific configuration value");
   console.log("  set <key> <value>   Set configuration value");
   console.log("  reset               Reset to default configuration");
+  console.log("  urls                Show current URL configuration");
+  console.log("  set-frontend-url    Set frontend URL (for OAuth, registry)");
+  console.log("  set-api-url         Set API URL (for backend calls)");
+  console.log("  reset-urls          Reset URLs to defaults");
+  console.log("  keys                Show trusted public keys");
+  console.log("  add-key             Add a trusted public key");
+  console.log("  remove-key <id>     Remove a trusted public key");
   console.log(`
 Options:`);
   console.log("  --global            Use global configuration (~/.enact-config.json)");
@@ -216528,6 +216974,160 @@ Examples:`);
   console.log("  enact config set daggerOptions.baseImage ubuntu:22.04");
   console.log("  enact config get executionProvider");
   console.log("  enact config list --global");
+  console.log("  enact config urls");
+  console.log("  enact config set-frontend-url https://my-instance.example.com");
+  console.log("  enact config set-api-url https://api.example.com");
+  console.log("  enact config keys");
+  console.log("  enact config add-key");
+  console.log("  enact config remove-key my-org-key");
+}
+async function showUrls() {
+  const urlConfig = await getUrlConfig();
+  console.log(import_picocolors12.default.cyan(`
+\uD83C\uDF10 URL Configuration:
+`));
+  console.log(import_picocolors12.default.white("Frontend URL:"));
+  console.log(`  ${import_picocolors12.default.green(urlConfig.frontend.value)} ${import_picocolors12.default.gray(`(${urlConfig.frontend.source})`)}`);
+  console.log(import_picocolors12.default.white("API URL:"));
+  console.log(`  ${import_picocolors12.default.green(urlConfig.api.value)} ${import_picocolors12.default.gray(`(${urlConfig.api.source})`)}`);
+  console.log(import_picocolors12.default.gray(`
+Sources: default < config < environment`));
+}
+async function setUrl(type, url) {
+  try {
+    if (type === "frontend") {
+      await setFrontendUrl(url);
+      console.log(import_picocolors12.default.green(`✅ Frontend URL set to: ${url}`));
+    } else {
+      await setApiUrl(url);
+      console.log(import_picocolors12.default.green(`✅ API URL set to: ${url}`));
+    }
+    console.log(import_picocolors12.default.gray("Use 'enact config urls' to view current configuration"));
+  } catch (error2) {
+    console.error(import_picocolors12.default.red(`Error setting ${type} URL: ${error2}`));
+    process.exit(1);
+  }
+}
+async function resetUrlsConfig() {
+  try {
+    await resetUrls();
+    console.log(import_picocolors12.default.green("✅ URLs reset to defaults"));
+    await showUrls();
+  } catch (error2) {
+    console.error(import_picocolors12.default.red(`Error resetting URLs: ${error2}`));
+    process.exit(1);
+  }
+}
+async function showTrustedKeys() {
+  try {
+    const keys = await getTrustedKeys();
+    console.log(import_picocolors12.default.cyan(`
+\uD83D\uDD10 Trusted Keys:
+`));
+    if (keys.length === 0) {
+      console.log(import_picocolors12.default.gray("No trusted keys found"));
+      return;
+    }
+    for (const key of keys) {
+      const sourceColor = key.source === "default" ? import_picocolors12.default.blue : key.source === "organization" ? import_picocolors12.default.yellow : import_picocolors12.default.green;
+      console.log(import_picocolors12.default.white(`${key.name} (${key.id})`));
+      console.log(`  ${sourceColor(`[${key.source}]`)} ${import_picocolors12.default.gray(`Added: ${new Date(key.addedAt).toLocaleDateString()}`)}`);
+      if (key.description) {
+        console.log(`  ${import_picocolors12.default.gray(key.description)}`);
+      }
+      console.log(`  ${import_picocolors12.default.gray(`Key: ${key.publicKey.substring(0, 50)}...`)}`);
+      console.log();
+    }
+  } catch (error2) {
+    console.error(import_picocolors12.default.red(`Error reading trusted keys: ${error2}`));
+    process.exit(1);
+  }
+}
+async function addTrustedKeyInteractive() {
+  try {
+    console.log(import_picocolors12.default.cyan(`
+\uD83D\uDD10 Add Trusted Key
+`));
+    const id = await he({
+      message: "Key ID (unique identifier):",
+      placeholder: "my-org-key",
+      validate: (value) => {
+        if (!value)
+          return "ID is required";
+        if (!/^[a-zA-Z0-9-_]+$/.test(value))
+          return "ID must contain only letters, numbers, hyphens, and underscores";
+      }
+    });
+    const name = await he({
+      message: "Key name (display name):",
+      placeholder: "My Organization Key",
+      validate: (value) => value ? undefined : "Name is required"
+    });
+    const description = await he({
+      message: "Description (optional):",
+      placeholder: "Key for verifying my organization's tools"
+    });
+    const publicKey = await he({
+      message: "Public key (PEM format):",
+      placeholder: "-----BEGIN PUBLIC KEY-----\\n...\\n-----END PUBLIC KEY-----",
+      validate: (value) => {
+        if (!value)
+          return "Public key is required";
+        if (!value.includes("BEGIN PUBLIC KEY"))
+          return "Invalid PEM format";
+      }
+    });
+    const source = await ve({
+      message: "Key source:",
+      options: [
+        { value: "user", label: "Personal key" },
+        { value: "organization", label: "Organization key" }
+      ]
+    });
+    const keyData = {
+      id,
+      name,
+      publicKey: publicKey.replace(/\\n/g, `
+`),
+      description: description || undefined,
+      source
+    };
+    await addTrustedKey(keyData);
+    console.log(import_picocolors12.default.green(`✅ Trusted key '${keyData.name}' added successfully`));
+  } catch (error2) {
+    console.error(import_picocolors12.default.red(`Error adding trusted key: ${error2}`));
+    process.exit(1);
+  }
+}
+async function removeTrustedKeyById(keyId) {
+  try {
+    const key = await getTrustedKey(keyId);
+    if (!key) {
+      console.error(import_picocolors12.default.red(`Trusted key '${keyId}' not found`));
+      process.exit(1);
+    }
+    let confirmMessage = `Remove trusted key '${key.name}' (${keyId})?`;
+    if (keyId === "enact-protocol-official") {
+      confirmMessage = `${import_picocolors12.default.yellow("⚠️  Warning:")} You are about to remove the default Enact Protocol key. This may prevent verification of official tools.
+Remove trusted key '${key.name}' (${keyId})?`;
+    }
+    const confirm = await ye({
+      message: confirmMessage
+    });
+    if (!confirm) {
+      console.log(import_picocolors12.default.yellow("Operation cancelled"));
+      return;
+    }
+    await removeTrustedKey(keyId);
+    console.log(import_picocolors12.default.green(`✅ Trusted key '${key.name}' removed successfully`));
+    if (keyId === "enact-protocol-official") {
+      console.log(import_picocolors12.default.yellow("\uD83D\uDCA1 You can re-add the Enact Protocol key anytime with 'enact config add-key'"));
+    }
+  } catch (error2) {
+    console.error(import_picocolors12.default.red(`Error removing trusted key: ${error2}`));
+    process.exit(1);
+  }
 }
 async function handleConfigCommand(args, options) {
   if (options.help) {
@@ -216562,6 +217162,42 @@ async function handleConfigCommand(args, options) {
     case "reset":
       await resetConfig(global2);
       break;
+    case "urls":
+      await showUrls();
+      break;
+    case "set-frontend-url":
+      if (!args[1]) {
+        console.error(import_picocolors12.default.red("Error: Missing URL"));
+        console.log("Usage: enact config set-frontend-url <url>");
+        process.exit(1);
+      }
+      await setUrl("frontend", args[1]);
+      break;
+    case "set-api-url":
+      if (!args[1]) {
+        console.error(import_picocolors12.default.red("Error: Missing URL"));
+        console.log("Usage: enact config set-api-url <url>");
+        process.exit(1);
+      }
+      await setUrl("api", args[1]);
+      break;
+    case "reset-urls":
+      await resetUrlsConfig();
+      break;
+    case "keys":
+      await showTrustedKeys();
+      break;
+    case "add-key":
+      await addTrustedKeyInteractive();
+      break;
+    case "remove-key":
+      if (!args[1]) {
+        console.error(import_picocolors12.default.red("Error: Missing key ID"));
+        console.log("Usage: enact config remove-key <key-id>");
+        process.exit(1);
+      }
+      await removeTrustedKeyById(args[1]);
+      break;
     default:
       if (!subcommand) {
         await interactiveConfig(global2);
@@ -216803,7 +217439,7 @@ class DirectExecutionProvider extends ExecutionProvider {
       }
       if (verbose) {
         try {
-          const pc11 = require_picocolors();
+          const pc11 = require_picocolors2();
           console.error(pc11.cyan(`
 \uD83D\uDE80 Executing command:`));
           console.error(pc11.white(command));
@@ -216897,7 +217533,7 @@ class DirectExecutionProvider extends ExecutionProvider {
           if (code === 0) {
             if (showSpinner || verbose) {
               try {
-                const pc11 = require_picocolors();
+                const pc11 = require_picocolors2();
                 console.error(pc11.green(`
 ✅ Tool executed successfully`));
                 if (stdout.trim() && !streamOutput) {
@@ -216918,7 +217554,7 @@ class DirectExecutionProvider extends ExecutionProvider {
           } else {
             if (showSpinner || verbose) {
               try {
-                const pc11 = require_picocolors();
+                const pc11 = require_picocolors2();
                 console.error(pc11.red(`
 ❌ Tool execution failed (exit code: ${code})`));
                 if (stderr.trim() && !streamOutput) {
@@ -216960,7 +217596,7 @@ class DirectExecutionProvider extends ExecutionProvider {
           }
           if (showSpinner || verbose) {
             try {
-              const pc11 = require_picocolors();
+              const pc11 = require_picocolors2();
               console.error(pc11.red(`
 ❌ Failed to execute command: ${error2.message}`));
             } catch (e2) {
@@ -225677,7 +226313,7 @@ class DaggerExecutionProvider extends ExecutionProvider {
       if (verbose) {
         const containerImage = tool?.from || this.options.baseImage;
         try {
-          const pc11 = require_picocolors();
+          const pc11 = require_picocolors2();
           console.error(pc11.cyan(`
 \uD83D\uDC33 Executing Enact command in Dagger container:`));
           console.error(pc11.white(substitutedCommand));
@@ -226083,37 +226719,6 @@ class DaggerExecutionProvider extends ExecutionProvider {
       process.exit(1);
     }
   }
-  forceCleanup() {
-    if (this.isShuttingDown)
-      return;
-    try {
-      logger_default.info("\uD83D\uDD04 Force cleaning up Dagger engines...");
-      const result = spawnSync("docker", [
-        "ps",
-        "--all",
-        "--filter",
-        "name=dagger-engine",
-        "--format",
-        "{{.Names}}"
-      ], {
-        encoding: "utf8",
-        timeout: 5000
-      });
-      if (result.stdout) {
-        const names = result.stdout.trim().split(`
-`).filter((n) => n.trim());
-        if (names.length > 0) {
-          logger_default.info(`Found ${names.length} engine containers, force removing...`);
-          for (const name of names) {
-            spawnSync("docker", ["rm", "-f", name.trim()], { timeout: 3000 });
-          }
-          logger_default.info("✅ Force cleanup completed");
-        }
-      }
-    } catch (error2) {
-      logger_default.debug("Force cleanup failed (this is usually fine):", error2);
-    }
-  }
   getEngineStatus() {
     return {
       health: { ...this.engineHealth },
@@ -228517,7 +229122,7 @@ class KeyManager {
   static getAllTrustedPublicKeys() {
     try {
       this.ensureDirectories();
-      return fs5.readdirSync(this.TRUSTED_KEYS_DIR).filter((file) => file.endsWith("-public.pem")).map((file) => {
+      return fs5.readdirSync(this.TRUSTED_KEYS_DIR).filter((file) => file.endsWith(".pem")).map((file) => {
         try {
           const publicKeyPem = fs5.readFileSync(path8.join(this.TRUSTED_KEYS_DIR, file), "utf8").trim();
           return CryptoUtils.pemToHex(publicKeyPem, "PUBLIC");
@@ -228847,6 +229452,8 @@ class SigningService {
 }
 // ../shared/dist/core/EnactCore.js
+init_config();
 class EnactCore {
   constructor(options = {}) {
     this.options = {
@@ -228859,6 +229466,15 @@ class EnactCore {
     this.apiClient = new EnactApiClient(this.options.apiUrl, this.options.supabaseUrl);
     this.executionProvider = this.createExecutionProvider();
   }
+  static async create(options = {}) {
+    const frontendUrl = options.apiUrl || await getFrontendUrl();
+    const apiUrl = options.supabaseUrl || await getApiUrl();
+    return new EnactCore({
+      ...options,
+      apiUrl: frontendUrl,
+      supabaseUrl: apiUrl
+    });
+  }
   setAuthToken(token) {
     this.options.authToken = token;
   }
@@ -229045,7 +229661,6 @@ class EnactCore {
     }
   }
   async verifyTool(tool, dangerouslySkipVerification = false) {
-    console.log("=== VERIFY TOOL CALLED ===", tool.name, "skipVerification:", dangerouslySkipVerification);
     if (dangerouslySkipVerification) {
       logger_default.warn(`Skipping signature verification for tool: ${tool.name}`);
       return;
@@ -229054,9 +229669,6 @@ class EnactCore {
       if (!tool.signatures || tool.signatures.length === 0) {
         throw new Error(`Tool ${tool.name} does not have any signatures`);
       }
-      console.log("=== TOOL SIGNATURE DATA ===");
-      console.log("Tool signatures from database:", JSON.stringify(tool.signatures, null, 2));
-      console.log("Tool command:", tool.command);
       const documentForVerification = {
         command: tool.command
       };
@@ -229067,20 +229679,9 @@ class EnactCore {
         timestamp: new Date(tool.signatures[0].created).getTime()
       };
       const canonicalDoc = SigningService.getCanonicalDocument(documentForVerification, { includeFields: ["command"] });
-      console.log("=== SIGNATURE VERIFICATION DEBUG ===");
-      console.log("Original document for verification:", JSON.stringify(documentForVerification, null, 2));
-      console.log("Canonical document:", JSON.stringify(canonicalDoc, null, 2));
       const docString = JSON.stringify(canonicalDoc);
       const messageHash = CryptoUtils.hash(docString);
-      console.log("Document string:", docString);
-      console.log("Message hash:", messageHash);
-      console.log("Reference signature object:", JSON.stringify(referenceSignature, null, 2));
       const directVerify = CryptoUtils.verify(referenceSignature.publicKey, messageHash, referenceSignature.signature);
-      console.log("KEITH DEBUG - Direct crypto verification result:", directVerify, "publicKey:", referenceSignature.publicKey);
-      const trustedKeys = KeyManager.getAllTrustedPublicKeys();
-      console.log("Trusted keys:", trustedKeys);
-      console.log("Our referenceSignature.publicKey:", JSON.stringify(referenceSignature.publicKey));
-      console.log("Is our public key trusted?", trustedKeys.includes(referenceSignature.publicKey));
       const isValid = SigningService.verifyDocument(documentForVerification, referenceSignature, { includeFields: ["command"] });
       console.log("Final verification result:", isValid);
       if (!isValid) {
@@ -229427,7 +230028,7 @@ ${import_picocolors13.default.bold("EXAMPLES:")}
       author,
       format
     };
-    const apiClient = new EnactApiClient("https://enact.tools", "https://xjnhhxwxovjifdxdwzih.supabase.co");
+    const apiClient = await EnactApiClient.create();
     const searchResults = await apiClient.searchTools(searchOptions);
     const results = [];
     for (const result of searchResults) {
@@ -229685,7 +230286,7 @@ Examples:
       toolDefinition = await loadLocalTool(toolIdentifier);
       spinner.stop("Local tool definition loaded");
     } else {
-      const apiClient = new EnactApiClient("https://enact.tools", "https://xjnhhxwxovjifdxdwzih.supabase.co");
+      const apiClient = await EnactApiClient.create();
       toolDefinition = await apiClient.getTool(toolIdentifier);
       spinner.stop("Tool definition fetched");
     }
@@ -229913,7 +230514,7 @@ Environment variables:`));
       }
       if (!isLocalFile) {
         try {
-          const apiClient = new EnactApiClient("https://enact.tools", "https://xjnhhxwxovjifdxdwzih.supabase.co");
+          const apiClient = await EnactApiClient.create();
           await apiClient.logToolUsage(toolIdentifier, {
             action: "execute",
             metadata: {
@@ -230016,7 +230617,7 @@ ${import_picocolors13.default.bold("EXAMPLES:")}
     Ie(import_picocolors13.default.bgBlue(import_picocolors13.default.black(" Getting Tool Info ")));
     const spinner = Y2();
     spinner.start(`Fetching ${toolName}...`);
-    const apiClient = new EnactApiClient("https://enact.tools", "https://xjnhhxwxovjifdxdwzih.supabase.co");
+    const apiClient = await EnactApiClient.create();
     const toolDefinition = await apiClient.getTool(toolName);
     if (!toolDefinition) {
       spinner.stop("Tool not found");
@@ -230115,8 +230716,8 @@ function displayResultsTable(results) {
   console.error(`
 ` + import_picocolors13.default.bold("Search Results:"));
   console.error("═".repeat(100));
-  const nameWidth = 25;
-  const descWidth = 50;
+  const nameWidth = 40;
+  const descWidth = 45;
   const tagsWidth = 20;
   console.error(import_picocolors13.default.bold(import_picocolors13.default.cyan("NAME".padEnd(nameWidth))) + " │ " + import_picocolors13.default.bold(import_picocolors13.default.cyan("DESCRIPTION".padEnd(descWidth))) + " │ " + import_picocolors13.default.bold(import_picocolors13.default.cyan("TAGS".padEnd(tagsWidth))));
   console.error("─".repeat(nameWidth) + "─┼─" + "─".repeat(descWidth) + "─┼─" + "─".repeat(tagsWidth));
@@ -230587,7 +231188,8 @@ async function main() {
       case "mcp":
         await handleMcpCommand(commandArgs, {
           help: values.help,
-          client: values.client
+          client: values.client,
+          server: values.server
         });
         break;
       case "config":