npm - @f-o-h/cli - Versions diffs - 0.1.75 → 0.1.77 - Mend

@f-o-h/cli 0.1.75 → 0.1.77

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +85 -223
package/dist/foh.js +486 -144
package/examples/business-requirement-brief.real-estate-buyer.json +37 -0
package/package.json +1 -1
package/schemas/business-requirement-brief.schema.json +67 -0
package/schemas/foh-template.schema.json +186 -0

package/dist/foh.js CHANGED Viewed

@@ -10050,10 +10050,21 @@ var SERVICE_TOKEN_ENV = "FOH_SERVICE_TOKEN";
 var ORG_ID_ENV = "FOH_ORG_ID";
 var API_URL_ENV = "FOH_API_URL";
 var TOKEN_EXPIRES_AT_ENV = "FOH_TOKEN_EXPIRES_AT";
+var SERVICE_TOKEN_ENV_ALIAS = "FOH_EXTERNAL_AGENT_EVAL_TOKEN";
+var ORG_ID_ENV_ALIAS = "FOH_EXTERNAL_AGENT_EVAL_ORG_ID";
+var API_URL_ENV_ALIAS = "FOH_EXTERNAL_AGENT_EVAL_API_URL";
+var TOKEN_EXPIRES_AT_ENV_ALIAS = "FOH_EXTERNAL_AGENT_EVAL_TOKEN_EXPIRES_AT";
 function normalizeEnv(value) {
   const normalized = String(value ?? "").trim();
   return normalized ? normalized : void 0;
 }
+function firstDefinedEnv(env, keys) {
+  for (const key of keys) {
+    const value = normalizeEnv(env[key]);
+    if (value) return value;
+  }
+  return void 0;
+}
 function decodeBase64UrlJson(value) {
   try {
     const padded = value.replace(/-/g, "+").replace(/_/g, "/").padEnd(Math.ceil(value.length / 4) * 4, "=");
@@ -10083,25 +10094,25 @@ function credentialExpiresSoon(expiresAt, minimumTtlMs = 0, now = Date.now()) {
   return remainingMs !== null && remainingMs <= minimumTtlMs;
 }
 function credentialsFromEnv(apiUrlOverride, env = process.env) {
-  const token = normalizeEnv(env[SERVICE_TOKEN_ENV]);
+  const token = firstDefinedEnv(env, [SERVICE_TOKEN_ENV, SERVICE_TOKEN_ENV_ALIAS]);
   if (!token) return void 0;
-  const apiUrl = resolveApiUrlOverride(apiUrlOverride) ?? normalizeEnv(env[API_URL_ENV]) ?? DEFAULT_FOH_API_URL;
-  const orgId = normalizeEnv(env[ORG_ID_ENV]);
+  const apiUrl = resolveApiUrlOverride(apiUrlOverride) ?? firstDefinedEnv(env, [API_URL_ENV, API_URL_ENV_ALIAS]) ?? DEFAULT_FOH_API_URL;
+  const orgId = firstDefinedEnv(env, [ORG_ID_ENV, ORG_ID_ENV_ALIAS]);
   return {
     apiUrl,
     token,
-    expiresAt: normalizeEnv(env[TOKEN_EXPIRES_AT_ENV]) ?? expiryFromJwt(token) ?? fallbackExpiry(),
+    expiresAt: firstDefinedEnv(env, [TOKEN_EXPIRES_AT_ENV, TOKEN_EXPIRES_AT_ENV_ALIAS]) ?? expiryFromJwt(token) ?? fallbackExpiry(),
     ...isUsableOrgId(orgId) ? { orgId } : {}
   };
 }
 function hasEnvCredentials(env = process.env) {
-  return Boolean(normalizeEnv(env[SERVICE_TOKEN_ENV]));
+  return Boolean(firstDefinedEnv(env, [SERVICE_TOKEN_ENV, SERVICE_TOKEN_ENV_ALIAS]));
 }
 function loadCredentials(apiUrlOverride) {
   const envCreds = credentialsFromEnv(apiUrlOverride);
   if (envCreds) {
     if (credentialExpiresSoon(envCreds.expiresAt)) {
-      throw new Error("Token expired. Refresh FOH_SERVICE_TOKEN/FOH_TOKEN_EXPIRES_AT or run: foh auth login");
+      throw new Error("Token expired. Refresh FOH_SERVICE_TOKEN/FOH_TOKEN_EXPIRES_AT (or FOH_EXTERNAL_AGENT_EVAL_TOKEN/FOH_EXTERNAL_AGENT_EVAL_TOKEN_EXPIRES_AT) or run: foh auth login");
     }
     return envCreds;
   }
@@ -14461,56 +14472,66 @@ async function validateAgentLocalDraftShape(agentId, opts = {}) {
     warnings: ["local-only draft-shape validation was used"]
   });
 }
-function registerAgentValidationCommands(agent) {
-  agent.command("validate").description("Validate agent config \u2014 exits 1 if issues found").requiredOption("--agent <id>", "Agent ID").option("--local-only", "Run local draft-shape validation without calling remote validate endpoint").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    const data = opts.localOnly ? await validateAgentLocalDraftShape(opts.agent, { apiUrlOverride: opts.apiUrl }) : await validateAgentRemoteOnly(opts.agent, { apiUrlOverride: opts.apiUrl });
-    format(data, { json: opts.json ?? false });
-    if (Array.isArray(data.issues) && data.issues.length > 0) markCommandFailed(1);
-  }));
-  agent.command("publish").description("Validate and publish an agent using existing certification evidence").requiredOption("--agent <id>", "Agent ID").option("--cert-mode <m>", "Deprecated compatibility flag; publish consumes existing certification evidence", "quick").option("--cert-scenario-ids <csv>", "Deprecated compatibility flag; run foh sim certify before publish").option("--cert-adaptive-runs <n>", "Deprecated compatibility flag; run foh sim certify before publish", "30").option("--cert-max-improvement-rounds <n>", "Deprecated compatibility flag; run foh sim certify before publish", "1").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--break-glass-reason <reason>", "Break-glass reason for publish override").option("--break-glass-incident <id>", "Break-glass incident ID for publish override").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    if (opts.breakGlassReason || opts.breakGlassIncident) {
-      if (!opts.breakGlassReason || !opts.breakGlassIncident) {
-        throw new FohError({
-          step: "agent.publish",
-          error: "Both --break-glass-reason and --break-glass-incident are required together",
-          remediation: "Provide both break-glass fields, or omit both for normal publish.",
-          statusCode: 400
-        });
-      }
-      const data2 = await apiFetch(`/v1/console/agents/${opts.agent}/publish`, {
-        method: "POST",
-        body: JSON.stringify({
-          break_glass: {
-            reason: String(opts.breakGlassReason),
-            incident_id: String(opts.breakGlassIncident)
-          }
-        }),
-        orgId: opts.org,
-        apiUrlOverride: opts.apiUrl
+async function publishAgentAction(opts) {
+  if (opts.breakGlassReason || opts.breakGlassIncident) {
+    if (!opts.breakGlassReason || !opts.breakGlassIncident) {
+      throw new FohError({
+        step: "agent.publish",
+        error: "Both --break-glass-reason and --break-glass-incident are required together",
+        remediation: "Provide both break-glass fields, or omit both for normal publish.",
+        statusCode: 400
       });
-      format({
-        status: "published_with_break_glass",
-        warning: "break-glass bypassed the normal validate -> publish evidence gate CLI sequence",
-        publish: data2
-      }, { json: opts.json ?? false });
-      return;
     }
-    const data = await validateCertifyAndPublishAgent({
-      agentId: opts.agent,
+    const data2 = await apiFetch(`/v1/console/agents/${opts.agent}/publish`, {
+      method: "POST",
+      body: JSON.stringify({
+        break_glass: {
+          reason: String(opts.breakGlassReason),
+          incident_id: String(opts.breakGlassIncident)
+        }
+      }),
       orgId: opts.org,
-      apiUrlOverride: opts.apiUrl,
-      certMode: opts.certMode,
-      scenarioIds: opts.certScenarioIds,
-      adaptiveRuns: Number(opts.certAdaptiveRuns),
-      maxImprovementRounds: Number(opts.certMaxImprovementRounds)
+      apiUrlOverride: opts.apiUrl
     });
     format({
-      status: "validated_published",
-      certification: data.certification,
-      publish: data.publish
+      status: "published_with_break_glass",
+      warning: "break-glass bypassed the normal validate -> publish evidence gate CLI sequence",
+      publish: data2
     }, { json: opts.json ?? false });
+    return;
+  }
+  const data = await validateCertifyAndPublishAgent({
+    agentId: opts.agent,
+    orgId: opts.org,
+    apiUrlOverride: opts.apiUrl,
+    certMode: opts.certMode ?? "quick",
+    scenarioIds: opts.certScenarioIds,
+    adaptiveRuns: Number(opts.certAdaptiveRuns ?? "30"),
+    maxImprovementRounds: Number(opts.certMaxImprovementRounds ?? "1")
+  });
+  format({
+    status: "validated_published",
+    certification: data.certification,
+    publish: data.publish
+  }, { json: opts.json ?? false });
+}
+function registerAgentPublishCommand(parent, options = {}) {
+  const publish = parent.command("publish").description(options.publicAlias ? "Publish an agent using existing certification evidence" : "Validate and publish an agent using existing certification evidence").requiredOption("--agent <id>", "Agent ID").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON");
+  if (!options.publicAlias) {
+    publish.option("--cert-mode <m>", "Deprecated compatibility flag; publish consumes existing certification evidence", "quick").option("--cert-scenario-ids <csv>", "Deprecated compatibility flag; run foh certify before publish").option("--cert-adaptive-runs <n>", "Deprecated compatibility flag; run foh certify before publish", "30").option("--cert-max-improvement-rounds <n>", "Deprecated compatibility flag; run foh certify before publish", "1").option("--break-glass-reason <reason>", "Break-glass reason for publish override").option("--break-glass-incident <id>", "Break-glass incident ID for publish override");
+  }
+  publish.action(async (opts) => withCommandErrorHandling(async () => {
+    await publishAgentAction(opts);
   }));
 }
+function registerAgentValidationCommands(agent) {
+  agent.command("validate").description("Validate agent config \u2014 exits 1 if issues found").requiredOption("--agent <id>", "Agent ID").option("--local-only", "Run local draft-shape validation without calling remote validate endpoint").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const data = opts.localOnly ? await validateAgentLocalDraftShape(opts.agent, { apiUrlOverride: opts.apiUrl }) : await validateAgentRemoteOnly(opts.agent, { apiUrlOverride: opts.apiUrl });
+    format(data, { json: opts.json ?? false });
+    if (Array.isArray(data.issues) && data.issues.length > 0) markCommandFailed(1);
+  }));
+  registerAgentPublishCommand(agent);
+}
 // src/commands/agent.ts
 function registerAgent(program3) {
@@ -14851,6 +14872,72 @@ async function agentExport(agentId, opts = {}) {
   return manifest;
 }
+// src/lib/template-proof-plan.ts
+var ACCEPTED_NO_SPEND_VOICE_HOLD_REASONS = [
+  "voice_contact_expected_no_spend_hold",
+  "contact_phone_missing",
+  "voice_contact_phone_provisioning_failed",
+  "paid_resource_blocked_by_spend_policy",
+  "byon_voice_number_not_configured",
+  "provider_capacity_blocked"
+];
+function missionForGate(gate) {
+  const command = String(gate.command || "");
+  const channels = gate.channels ?? [];
+  if (command.includes("foh certify run")) return "certification";
+  if (command.includes("--mission widget") || channels.includes("widget")) return "widget";
+  if (command.includes("--mission voice") || channels.includes("voice")) return "voice";
+  return "other";
+}
+function concreteCommand(gate, agentId) {
+  const command = String(gate.command || "").trim();
+  return command.replaceAll("<agent_id>", agentId);
+}
+function buildTemplateProofPlan(templateResponse, agentId) {
+  const template = templateResponse.template ?? {};
+  const contract = template.template_contract ?? {};
+  const templateId = String(contract.template_id || template.id || "");
+  const templateSlug = String(contract.slug || templateId || "unknown-template");
+  const templateName = String(contract.name || template.name || templateSlug);
+  const useCase = String(contract.use_case || "unknown");
+  const proofGates = Array.isArray(contract.proof_gates) ? contract.proof_gates : [];
+  const cloneMode = String(contract.fork_policy?.clone_mode || "unknown");
+  const commands = proofGates.filter((gate) => typeof gate.command === "string" && gate.command.trim().length > 0).map((gate) => {
+    const mission = missionForGate(gate);
+    const command = {
+      gate_id: String(gate.id || mission),
+      mission,
+      command: concreteCommand(gate, agentId),
+      expected_status: mission === "voice" ? "pass_or_expected_hold" : "pass",
+      pass_criteria: Array.isArray(gate.pass_criteria) ? gate.pass_criteria.map(String) : []
+    };
+    if (mission === "voice") {
+      command.environment = { FOH_CLI_SPEND_POLICY: "no_spend" };
+      command.accepted_hold_reason_codes = ACCEPTED_NO_SPEND_VOICE_HOLD_REASONS;
+    }
+    return command;
+  });
+  return {
+    schema_version: "template_proof_plan.v1",
+    template_id: templateId,
+    template_slug: templateSlug,
+    template_name: templateName,
+    use_case: useCase,
+    agent_id: agentId,
+    outcome: {
+      primary_outcome: String(contract.outcome_contract?.primary_outcome || ""),
+      required_lead_fields: (contract.outcome_contract?.required_lead_fields ?? []).map(String)
+    },
+    lineage: {
+      source_template_id: templateId,
+      source_template_slug: templateSlug,
+      clone_mode: cloneMode
+    },
+    commands,
+    next_commands: commands.map((entry) => entry.command)
+  };
+}
 // src/commands/templates.ts
 var VALID_CATEGORIES = ["buyer", "seller", "landlord", "commercial"];
 function registerTemplates(program3) {
@@ -14871,6 +14958,41 @@ function registerTemplates(program3) {
     const data = await apiFetch(`/v1/console/templates/${opts.template}`, { apiUrlOverride: opts.apiUrl });
     format(data, { json: opts.json ?? false });
   }));
+  templates.command("capabilities").description("Show machine-readable template capabilities for planning (delivery, tools, voice options, proof gates)").requiredOption("--template <id>", "Template ID").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const data = await apiFetch(`/v1/console/templates/${opts.template}/capabilities`, { apiUrlOverride: opts.apiUrl });
+    format(data, { json: opts.json ?? false });
+  }));
+  templates.command("recipe").description("Show machine-readable recipe bundle for coding-agent customization (editable paths, guardrails, verification commands)").requiredOption("--template <id>", "Template ID").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const data = await apiFetch(`/v1/console/templates/${opts.template}/recipe`, {
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+  templates.command("select").description("Select candidate templates from a business requirement brief").requiredOption("--brief <json|@file>", "Business requirement brief JSON or @path").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const brief = await parseJsonOption(opts.brief, "--brief");
+    const data = await apiFetch("/v1/console/templates/select", {
+      method: "POST",
+      body: JSON.stringify(brief),
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+  templates.command("fork").description("Fork a system template into a customer template with explicit lineage and contract diff").requiredOption("--template <id>", "Source template ID").requiredOption("--name <name>", "Forked template name").option("--description <text>", "Fork description").option("--category <c>", "Fork category override").option("--contract <json|@file>", "Optional contract patch JSON or @path").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const payload = {
+      name: opts.name
+    };
+    if (opts.description) payload.description = opts.description;
+    if (opts.category) payload.category = opts.category;
+    if (opts.contract) payload.contract = await parseJsonOption(opts.contract, "--contract");
+    const data = await apiFetch(`/v1/console/templates/${opts.template}/fork`, {
+      method: "POST",
+      body: JSON.stringify(payload),
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
   templates.command("apply").description("Create a new agent in your org from a template (clones draft config, leaves unpublished unless --publish)").requiredOption("--template <id>", "Template ID").requiredOption("--name <name>", "Name for the new agent").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--publish", "Validate and publish using existing certification evidence after creating").option("--cert-mode <m>", "Deprecated compatibility flag; run foh sim certify before publish", "full").option("--cert-adaptive-runs <n>", "Deprecated compatibility flag; run foh sim certify before publish", "30").option("--cert-max-improvement-rounds <n>", "Deprecated compatibility flag; run foh sim certify before publish", "1").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
     const result = await apiFetch(`/v1/console/templates/${opts.template}/apply`, {
       method: "POST",
@@ -14902,6 +15024,73 @@ function registerTemplates(program3) {
     });
     format({ status: "created_and_published", agent: result.agent, publish: published }, { json: opts.json ?? false });
   }));
+  templates.command("proof-plan").description("Expand a template proof contract into concrete prove/certify commands for an applied agent").requiredOption("--template <id>", "Template ID").requiredOption("--agent <id>", "Applied agent ID").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const data = await apiFetch(`/v1/console/templates/${opts.template}/proof-plan`, {
+      method: "POST",
+      body: JSON.stringify({ agent_id: opts.agent }),
+      apiUrlOverride: opts.apiUrl
+    });
+    if (data?.plan) {
+      format(data.plan, { json: opts.json ?? false });
+      return;
+    }
+    const fallbackTemplate = await apiFetch(`/v1/console/templates/${opts.template}`, { apiUrlOverride: opts.apiUrl });
+    const fallbackPlan = buildTemplateProofPlan(fallbackTemplate, opts.agent);
+    format(fallbackPlan, { json: opts.json ?? false });
+  }));
+  templates.command("prove").description("Template-aware prove helper that derives missions from template proof gates (no manual mission inference)").requiredOption("--template <id>", "Template ID").requiredOption("--agent <id>", "Applied agent ID").option("--mode <mode>", "Prove mode: quick (widget+voice) or full (includes certification)", "quick").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const mode = String(opts.mode || "quick").toLowerCase();
+    if (mode !== "quick" && mode !== "full") {
+      throw new FohError({
+        step: "templates.prove",
+        error: `Invalid mode: ${opts.mode}`,
+        remediation: "Use --mode quick or --mode full"
+      });
+    }
+    const data = await apiFetch(`/v1/console/templates/${opts.template}/proof-plan`, {
+      method: "POST",
+      body: JSON.stringify({ agent_id: opts.agent }),
+      apiUrlOverride: opts.apiUrl
+    });
+    const plan = data.plan;
+    const commands = Array.isArray(plan?.commands) ? plan.commands : [];
+    const selected = commands.filter((entry) => mode === "full" ? true : entry?.mission === "widget" || entry?.mission === "voice");
+    format({
+      schema_version: "template_prove_helper.v1",
+      template_id: plan?.template_id ?? opts.template,
+      agent_id: opts.agent,
+      mode,
+      commands: selected,
+      next_commands: selected.map((entry) => entry.command)
+    }, { json: opts.json ?? false });
+  }));
+  templates.command("publish").description("Template-aware publish helper that validates evidence before agent publish").requiredOption("--template <id>", "Template ID").requiredOption("--agent <id>", "Applied agent ID").requiredOption("--evidence <json|@file>", "Template publish evidence JSON or @path").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--dry-run", "Only validate evidence and return publish decision").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const evidence = await parseJsonOption(opts.evidence, "--evidence");
+    const helper = await apiFetch(`/v1/console/templates/${opts.template}/publish-helper`, {
+      method: "POST",
+      body: JSON.stringify({
+        agent_id: opts.agent,
+        evidence
+      }),
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    if (opts.dryRun) {
+      format(helper, { json: opts.json ?? false });
+      return;
+    }
+    const publish = await apiFetch(`/v1/console/agents/${opts.agent}/publish`, {
+      method: "POST",
+      body: JSON.stringify({}),
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format({
+      status: "template_publish_completed",
+      helper,
+      publish
+    }, { json: opts.json ?? false });
+  }));
 }
 // src/commands/widget.ts
@@ -15469,7 +15658,7 @@ async function resolveWhatsAppSetupInputs(opts) {
     if (!appSecret) process.stdout.write("App Secret is required.\n");
   }
   if (opts.audioEnabled === void 0 && process.stdin.isTTY && process.stdout.isTTY && !opts.json) {
-    const answer = await promptLine("Enable WhatsApp audio fallback path? [Y/n]", { allowEmpty: true });
+    const answer = await promptLine("Enable inbound WhatsApp audio fallback auto-reply? [Y/n]", { allowEmpty: true });
     audioEnabled = isAffirmative(answer, true);
   }
   return {
@@ -15692,7 +15881,7 @@ function registerWhatsAppChannelCommands(whatsapp, addCommonOptions) {
   }));
   addCommonOptions(
     whatsapp.command("setup").description("Run guided WhatsApp setup and readiness checks")
-  ).option("--phone-number-id <id>", "Meta WhatsApp phone number id").option("--access-token <token>", "Meta access token").option("--verify-token <token>", "Webhook verify token").option("--app-secret <secret>", "Meta app secret for signature verification").option("--agent-id <id>", "Agent to bind to the WhatsApp channel").option("--audio-enabled <bool>", "Enable WhatsApp audio fallback path (true/false)").option("--generate-verify-token", "Generate webhook verify token automatically when missing").option("--wizard", "Run guided setup wizard prompts").action(async (opts) => withCommandErrorHandling(async () => {
+  ).option("--phone-number-id <id>", "Meta WhatsApp phone number id").option("--access-token <token>", "Meta access token").option("--verify-token <token>", "Webhook verify token").option("--app-secret <secret>", "Meta app secret for signature verification").option("--agent-id <id>", "Agent to bind to the WhatsApp channel").option("--audio-enabled <bool>", "Enable inbound WhatsApp audio fallback auto-reply (true/false)").option("--generate-verify-token", "Generate webhook verify token automatically when missing").option("--wizard", "Run guided setup wizard prompts").action(async (opts) => withCommandErrorHandling(async () => {
     const inputs = await resolveWhatsAppSetupInputs(opts);
     const creds = loadCredentials(opts.apiUrl);
     const apiBaseUrl = creds.apiUrl;
@@ -15785,7 +15974,7 @@ function registerWhatsAppChannelCommands(whatsapp, addCommonOptions) {
   }));
   addCommonOptions(
     whatsapp.command("connect").description("Connect WhatsApp channel credentials")
-  ).requiredOption("--phone-number-id <id>", "Meta WhatsApp phone number id").requiredOption("--access-token <token>", "Meta access token").option("--agent-id <id>", "Agent to bind to the WhatsApp channel").option("--verify-token <token>", "Webhook verify token").option("--app-secret <secret>", "Meta app secret for signature verification").option("--audio-enabled <bool>", "Enable WhatsApp audio fallback path (true/false)", "true").action(async (opts) => withCommandErrorHandling(async () => {
+  ).requiredOption("--phone-number-id <id>", "Meta WhatsApp phone number id").requiredOption("--access-token <token>", "Meta access token").option("--agent-id <id>", "Agent to bind to the WhatsApp channel").option("--verify-token <token>", "Webhook verify token").option("--app-secret <secret>", "Meta app secret for signature verification").option("--audio-enabled <bool>", "Enable inbound WhatsApp audio fallback auto-reply (true/false)", "true").action(async (opts) => withCommandErrorHandling(async () => {
     const data = await apiFetch("/v1/console/channels/whatsapp/connect", {
       method: "POST",
       body: JSON.stringify({
@@ -32798,7 +32987,7 @@ var StdioServerTransport = class {
 };
 // src/lib/cli-version.ts
-var CLI_VERSION = "0.1.75";
+var CLI_VERSION = "0.1.77";
 // src/commands/mcp-serve.ts
 var DEFAULT_TIMEOUT_MS = 12e4;
@@ -36463,7 +36652,27 @@ function registerTest(program3) {
   }));
 }
-// src/commands/ops.ts
+// src/commands/ops-agency-setup.ts
+function registerOpsAgencySetupCommands(reporting) {
+  reporting.command("agency-setup-preview").description("Build a fail-closed setup/release/customer-evidence preview from agency name and official source URL").requiredOption("--agency-name <name>", "Estate agency trading name").option("--source-url <url>", "Official branch/contact/source URL").option("--branch-location <value>", "Branch/location this setup represents").option("--tools <csv>", "Requested tool surfaces", "widget,voice,email,callback,calendar,crm,webhook,whatsapp").option("--target-mode <value>", "Target exposure mode", "founder_assisted").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const body = {
+      agency_name: String(opts.agencyName),
+      requested_tool_surface: parseCsvOption(opts.tools) ?? [],
+      target_exposure_mode: String(opts.targetMode)
+    };
+    if (opts.sourceUrl) body.source_url = String(opts.sourceUrl);
+    if (opts.branchLocation) body.branch_location = String(opts.branchLocation);
+    const data = await apiFetch("/v1/console/agency-setup/preview", {
+      method: "POST",
+      body: JSON.stringify(body),
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+}
+// src/commands/ops-diagnostics.ts
 function parseClientErrorSource(raw) {
   if (!raw) return void 0;
   const source = String(raw).trim().toLowerCase();
@@ -36477,8 +36686,44 @@ function parseClientErrorSource(raw) {
     statusCode: 400
   });
 }
-function registerOps(program3) {
-  const ops = program3.command("ops").description("Operational/reporting workflows (incidents, recommendations, traces, evidence)");
+function registerOpsIntegrationCommands(ops) {
+  const integrations = ops.command("integrations").description("Integration diagnostics and health checks");
+  integrations.command("health-check").description("Run integration health-check probes for an agent").requiredOption("--agent <id>", "Agent ID").option("--integration-id <id>", "Optional integration filter: crm_webhook|calendar_sync|automation_webhook").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const body = {};
+    if (opts.integrationId) body.integration_id = String(opts.integrationId);
+    const data = await apiFetch(`/v1/console/agents/${opts.agent}/integrations/health-check`, {
+      method: "POST",
+      body: JSON.stringify(body),
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+}
+function registerOpsClientErrorCommands(ops) {
+  const clientErrors = ops.command("client-errors").description("Client error telemetry and ingestion");
+  clientErrors.command("report").description("Submit a client error packet").requiredOption("--message <text>", "Error message").option("--stack <text>", "Error stack trace").option("--component-stack <text>", "React component stack").option("--url <url>", "Document URL").option("--route <route>", "Application route").option("--user-agent <text>", "Browser user-agent override").option("--source <value>", "Error source: window|react|unhandledrejection").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const source = parseClientErrorSource(opts.source);
+    const body = {
+      message: String(opts.message)
+    };
+    if (opts.stack) body.stack = String(opts.stack);
+    if (opts.componentStack) body.componentStack = String(opts.componentStack);
+    if (opts.url) body.url = String(opts.url);
+    if (opts.route) body.route = String(opts.route);
+    if (opts.userAgent) body.userAgent = String(opts.userAgent);
+    if (source) body.source = source;
+    const data = await apiFetch("/v1/console/client-errors", {
+      method: "POST",
+      body: JSON.stringify(body),
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+}
+// src/commands/ops-incidents.ts
+function registerOpsIncidentCommands(ops) {
   const incidents = ops.command("incidents").description("Incident loop operations");
   incidents.command("list").description("List incidents for current org").option("--state <value>", "Incident state filter").option("--agent <id>", "Agent ID filter").option("--limit <n>", "Max rows (1-200)", "50").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
     const params = new URLSearchParams();
@@ -36530,6 +36775,8 @@ function registerOps(program3) {
     });
     format(data, { json: opts.json ?? false });
   }));
+}
+function registerOpsRecommendationCommands(ops) {
   const recommendations = ops.command("recommendations").description("Recommendation queue operations");
   recommendations.command("list").description("List recommendations for current org").option("--status <value>", "Recommendation status").option("--limit <n>", "Max rows (1-200)", "50").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
     const params = new URLSearchParams();
@@ -36579,84 +36826,10 @@ function registerOps(program3) {
     });
     format(data, { json: opts.json ?? false });
   }));
-  const traces = ops.command("traces").description("Observability trace operations");
-  traces.command("list").description("List traces for current org").option("--agent <id>", "Agent ID filter").option("--conversation <id>", "Conversation ID filter").option("--limit <n>", "Max rows (1-200)", "100").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    const params = new URLSearchParams();
-    if (opts.agent) params.set("agentId", String(opts.agent));
-    if (opts.conversation) params.set("conversationId", String(opts.conversation));
-    params.set("limit", String(parsePositiveInt(opts.limit, 100, 1, 200)));
-    const data = await apiFetch(withQuery("/v1/console/traces", params), {
-      orgId: opts.org,
-      apiUrlOverride: opts.apiUrl
-    });
-    format(data, { json: opts.json ?? false });
-  }));
-  traces.command("replay").description("Replay a trace input in dry-run mode").requiredOption("--trace <id>", "Trace ID").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    const data = await apiFetch(`/v1/console/traces/${opts.trace}/replay`, {
-      method: "POST",
-      body: JSON.stringify({}),
-      orgId: opts.org,
-      apiUrlOverride: opts.apiUrl
-    });
-    format(data, { json: opts.json ?? false });
-  }));
-  const testingOs = ops.command("testing-os").description("Testing OS lane and coverage diagnostics");
-  testingOs.command("lane-health").description("Show Testing OS lane-health summary").requiredOption("--agent <id>", "Agent ID").option("--window-days <n>", "Lookback window (1-90 days)", "7").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    const params = new URLSearchParams({
-      windowDays: String(parsePositiveInt(opts.windowDays, 7, 1, 90))
-    });
-    const data = await apiFetch(withQuery(`/v1/console/agents/${opts.agent}/testing-os/lane-health`, params), {
-      apiUrlOverride: opts.apiUrl
-    });
-    format(data, { json: opts.json ?? false });
-  }));
-  testingOs.command("fingerprints").description("Show Testing OS failure fingerprints").requiredOption("--agent <id>", "Agent ID").option("--window-days <n>", "Lookback window (1-120 days)", "30").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    const params = new URLSearchParams({
-      windowDays: String(parsePositiveInt(opts.windowDays, 30, 1, 120))
-    });
-    const data = await apiFetch(withQuery(`/v1/console/agents/${opts.agent}/testing-os/fingerprints`, params), {
-      apiUrlOverride: opts.apiUrl
-    });
-    format(data, { json: opts.json ?? false });
-  }));
-  testingOs.command("coverage-matrix").description("Show Testing OS coverage matrix baseline/current delta").requiredOption("--agent <id>", "Agent ID").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    const data = await apiFetch(`/v1/console/agents/${opts.agent}/testing-os/coverage-matrix`, {
-      apiUrlOverride: opts.apiUrl
-    });
-    format(data, { json: opts.json ?? false });
-  }));
-  const integrations = ops.command("integrations").description("Integration diagnostics and health checks");
-  integrations.command("health-check").description("Run integration health-check probes for an agent").requiredOption("--agent <id>", "Agent ID").option("--integration-id <id>", "Optional integration filter: crm_webhook|calendar_sync|automation_webhook").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    const body = {};
-    if (opts.integrationId) body.integration_id = String(opts.integrationId);
-    const data = await apiFetch(`/v1/console/agents/${opts.agent}/integrations/health-check`, {
-      method: "POST",
-      body: JSON.stringify(body),
-      apiUrlOverride: opts.apiUrl
-    });
-    format(data, { json: opts.json ?? false });
-  }));
-  const clientErrors = ops.command("client-errors").description("Client error telemetry and ingestion");
-  clientErrors.command("report").description("Submit a client error packet").requiredOption("--message <text>", "Error message").option("--stack <text>", "Error stack trace").option("--component-stack <text>", "React component stack").option("--url <url>", "Document URL").option("--route <route>", "Application route").option("--user-agent <text>", "Browser user-agent override").option("--source <value>", "Error source: window|react|unhandledrejection").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
-    const source = parseClientErrorSource(opts.source);
-    const body = {
-      message: String(opts.message)
-    };
-    if (opts.stack) body.stack = String(opts.stack);
-    if (opts.componentStack) body.componentStack = String(opts.componentStack);
-    if (opts.url) body.url = String(opts.url);
-    if (opts.route) body.route = String(opts.route);
-    if (opts.userAgent) body.userAgent = String(opts.userAgent);
-    if (source) body.source = source;
-    const data = await apiFetch("/v1/console/client-errors", {
-      method: "POST",
-      body: JSON.stringify(body),
-      orgId: opts.org,
-      apiUrlOverride: opts.apiUrl
-    });
-    format(data, { json: opts.json ?? false });
-  }));
-  const reporting = ops.command("reporting").description("Reporting aggregates and release evidence");
+}
+// src/commands/ops-reporting.ts
+function registerOpsReportingCommands(reporting) {
   reporting.command("kb-usage").description("Show KB usage aggregate report").requiredOption("--agent <id>", "Agent ID").option("--days <n>", "Lookback window in days", "7").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
     const params = new URLSearchParams({
       agentId: String(opts.agent),
@@ -36702,6 +36875,36 @@ function registerOps(program3) {
     });
     format(data, { json: opts.json ?? false });
   }));
+  reporting.command("launch-packet").description("Show latest customer launch packet and grouped go-live blockers").option("--environment <value>", "Environment filter").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const params = new URLSearchParams();
+    if (opts.environment) params.set("environment", String(opts.environment));
+    const data = await apiFetch(withQuery("/v1/console/release-launch-packet", params), {
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+  reporting.command("launch-packet-skeletons").description("Generate customer launch evidence skeletons from latest launch packet blockers").option("--environment <value>", "Environment filter").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const params = new URLSearchParams();
+    if (opts.environment) params.set("environment", String(opts.environment));
+    const data = await apiFetch(withQuery("/v1/console/release-launch-packet/evidence-skeletons", params), {
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+  reporting.command("launch-packet-evidence-check").description("Dry-run customer launch evidence before any release gate can consume it").requiredOption("--evidence <json|@file>", 'Evidence JSON object, usually { "evidence": [{ "id": "...", "payload": {...} }] }').option("--apply", "Request apply mode; currently fails closed until evidence storage contract exists").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const parsed = await parseJsonOption(opts.evidence, "--evidence");
+    const body = parsed && typeof parsed === "object" && !Array.isArray(parsed) ? { ...parsed } : { evidence: parsed };
+    if (opts.apply) body.apply = true;
+    const data = await apiFetch("/v1/console/release-launch-packet/evidence-dry-run", {
+      method: "POST",
+      body: JSON.stringify(body),
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
   reporting.command("release-scorecard").description("Show deterministic release scorecard for an agent").requiredOption("--agent <id>", "Agent ID").option("--limit <n>", "Number of runs to include", "10").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
     const limit = Math.max(1, Math.min(100, Number(opts.limit || 10) || 10));
     const data = await apiFetch(`/v1/console/agents/${opts.agent}/release-scorecard?limit=${limit}`, {
@@ -36747,6 +36950,74 @@ function registerOps(program3) {
   }));
 }
+// src/commands/ops-testing-os.ts
+function registerOpsTestingOsCommands(ops) {
+  const testingOs = ops.command("testing-os").description("Testing OS lane and coverage diagnostics");
+  testingOs.command("lane-health").description("Show Testing OS lane-health summary").requiredOption("--agent <id>", "Agent ID").option("--window-days <n>", "Lookback window (1-90 days)", "7").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const params = new URLSearchParams({
+      windowDays: String(parsePositiveInt(opts.windowDays, 7, 1, 90))
+    });
+    const data = await apiFetch(withQuery(`/v1/console/agents/${opts.agent}/testing-os/lane-health`, params), {
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+  testingOs.command("fingerprints").description("Show Testing OS failure fingerprints").requiredOption("--agent <id>", "Agent ID").option("--window-days <n>", "Lookback window (1-120 days)", "30").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const params = new URLSearchParams({
+      windowDays: String(parsePositiveInt(opts.windowDays, 30, 1, 120))
+    });
+    const data = await apiFetch(withQuery(`/v1/console/agents/${opts.agent}/testing-os/fingerprints`, params), {
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+  testingOs.command("coverage-matrix").description("Show Testing OS coverage matrix baseline/current delta").requiredOption("--agent <id>", "Agent ID").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const data = await apiFetch(`/v1/console/agents/${opts.agent}/testing-os/coverage-matrix`, {
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+}
+// src/commands/ops-traces.ts
+function registerOpsTraceCommands(ops) {
+  const traces = ops.command("traces").description("Observability trace operations");
+  traces.command("list").description("List traces for current org").option("--agent <id>", "Agent ID filter").option("--conversation <id>", "Conversation ID filter").option("--limit <n>", "Max rows (1-200)", "100").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const params = new URLSearchParams();
+    if (opts.agent) params.set("agentId", String(opts.agent));
+    if (opts.conversation) params.set("conversationId", String(opts.conversation));
+    params.set("limit", String(parsePositiveInt(opts.limit, 100, 1, 200)));
+    const data = await apiFetch(withQuery("/v1/console/traces", params), {
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+  traces.command("replay").description("Replay a trace input in dry-run mode").requiredOption("--trace <id>", "Trace ID").option("--org <id>", "Org ID (default: stored org from foh org use)").option("--api-url <url>", "API base URL override").option("--json", "Output as JSON").action(async (opts) => withCommandErrorHandling(async () => {
+    const data = await apiFetch(`/v1/console/traces/${opts.trace}/replay`, {
+      method: "POST",
+      body: JSON.stringify({}),
+      orgId: opts.org,
+      apiUrlOverride: opts.apiUrl
+    });
+    format(data, { json: opts.json ?? false });
+  }));
+}
+// src/commands/ops.ts
+function registerOps(program3) {
+  const ops = program3.command("ops").description("Operational/reporting workflows (incidents, recommendations, traces, evidence)");
+  registerOpsIncidentCommands(ops);
+  registerOpsRecommendationCommands(ops);
+  registerOpsTraceCommands(ops);
+  registerOpsTestingOsCommands(ops);
+  registerOpsIntegrationCommands(ops);
+  registerOpsClientErrorCommands(ops);
+  const reporting = ops.command("reporting").description("Reporting aggregates and release evidence");
+  registerOpsReportingCommands(reporting);
+  registerOpsAgencySetupCommands(reporting);
+}
 // src/commands/diag.ts
 function toErrorRecord(error2) {
   if (error2 instanceof Error) {
@@ -41121,6 +41392,11 @@ var DEFAULT_PROMPT_VERSION = "blank-setup.v1";
 var DEFAULT_BATCH_MODELS = "openai/codex,anthropic/claude,cursor/agent";
 var PROMPTS = {
   "blank-setup.v1": "Go to https://frontofhouse.okii.uk. Use only public docs, public API docs, and the public npm CLI package. Always invoke the CLI with `npx --yes @f-o-h/cli@latest ...`; do not use unpinned `npx @f-o-h/cli ...`, because cached older packages can produce invalid evidence. Install or verify the FOH CLI, authenticate or reach a deterministic auth blocker, then create or configure a Front Of House voice agent and website widget. Mass evals reuse existing eval state: run `npx --yes @f-o-h/cli@latest org status --json` and `npx --yes @f-o-h/cli@latest agent list --json` before trying to create a fresh agent; if an existing eval agent is present, configure and prove that agent instead of creating a second bronze-tier agent. Prefer the certification-oriented buyer templates: run `npx --yes @f-o-h/cli@latest templates list --category buyer --json` and use `UK Buyer Qualification` or `Viewing Booking` when available; do not use a greeting-only template for proof/certification. Prefer `npx --yes @f-o-h/cli@latest setup --phone-mode observe` for the free scaffold path: agent, widget, voice config, smoke test, certification, and publish readiness together. Treat phone-number purchasing as an explicit paid/scarce contact-path step, not part of high-volume eval setup. If `FOH_CLI_SPEND_POLICY=no_spend` is active and a command returns `paid_resource_blocked_by_spend_policy`, do not try to bypass it; continue widget/setup proof and report that exact reason code for the phone path. If the customer/operator explicitly owns a number and asks for real PSTN proof, use `npx --yes @f-o-h/cli@latest provision byon attach --phone-number <e164> --confirm-owned --json`; do not invent ownership or buy a FOH-owned number. Run proof/smoke/certification where available, including widget proof, voice proof, and one explicit `foh certify run --agent <id> --profile release --json` before publish. `foh prove` does not run release certification by default; only pass `--include-certification --proof-cache-dir .foh/proof-cache` when an explicit combined proof/certification run is required. If voice proof returns `contact_phone_missing` or `voice_contact_expected_no_spend_hold`, report that exact reason code unless a BYON/customer-approved phone path already exists. If `FOH_EXTERNAL_AGENT_RUN_DIR` is set, write `${FOH_EXTERNAL_AGENT_RUN_DIR}/external-agent-metadata.json` with `schema_version`, `docs_pages_used`, key decisions, and blocker reason codes before finishing. Produce a final evidence summary with commands run, docs used, artifacts created, and any blocker reason codes. Do not assume access to the private source repository.",
+  "real-estate-buyer-enquiry.v1": "Go to https://frontofhouse.okii.uk. Use only public docs, public API docs, and the public npm CLI package. Always invoke the CLI with `npx --yes @f-o-h/cli@latest ...`; do not use unpinned `npx @f-o-h/cli ...`. Do not assume access to the private source repository. Mission: configure a buyer-enquiry real-estate agent (UK Buyer Qualification preferred), prove widget behavior, and prove voice behavior in no-spend mode. Required path: 1) verify auth/org scope and reuse existing eval org/agent where possible; 2) select/apply buyer template; 3) configure widget + voice; 4) run widget smoke and `foh certify run --profile release`; 5) run voice proof and treat no-spend contact holds as expected only when all non-contact gates pass. Do not buy numbers; if spend policy blocks purchase, record `paid_resource_blocked_by_spend_policy` and continue no-spend proof path. Final artifact must include: selected template id/slug, commands executed, pass/hold/fail per gate, reason codes, docs_pages_used, and next fix commands.",
+  "real-estate-seller-valuation.v1": "Go to https://frontofhouse.okii.uk. Use only public docs, public API docs, and the public npm CLI package. Always invoke the CLI with `npx --yes @f-o-h/cli@latest ...`; do not use unpinned `npx @f-o-h/cli ...`. Do not assume access to the private source repository. Mission: configure a seller-valuation real-estate agent, prove valuation lead capture on widget and voice, and keep strict no-spend behavior. Required path: 1) verify auth/org scope and reuse existing eval state; 2) select/apply seller valuation template; 3) configure widget + voice; 4) run widget smoke and release certification; 5) run voice proof and classify holds. Do not claim precise valuation output without approved tooling; safe fallback or handoff must remain explicit. Do not buy numbers. Final artifact must include: selected template id/slug, lead fields observed, tool/action behavior, reason codes, docs_pages_used, and next fix commands.",
+  "real-estate-viewing-and-qa.v1": "Go to https://frontofhouse.okii.uk. Use only public docs, public API docs, and the public npm CLI package. Always invoke the CLI with `npx --yes @f-o-h/cli@latest ...`; do not use unpinned `npx @f-o-h/cli ...`. Do not assume access to the private source repository. Mission: configure a viewing-booking/property-QA real-estate agent and prove booking-safe behavior under no-spend policy. Required path: 1) verify auth/org scope and reuse existing eval state; 2) select/apply viewing template; 3) configure widget + voice; 4) run widget smoke, release certification, and voice proof; 5) explicitly check no-duplicate-side-effect behavior and safe fallback/handoff when booking tooling or contact path is unavailable. Do not buy numbers. Final artifact must include: selected template id/slug, booking/fallback evidence, reason codes, docs_pages_used, and next fix commands.",
+  "real-estate-landlord-enquiry.v1": "Go to https://frontofhouse.okii.uk. Use only public docs, public API docs, and the public npm CLI package. Always invoke the CLI with `npx --yes @f-o-h/cli@latest ...`; do not use unpinned `npx @f-o-h/cli ...`. Do not assume access to the private source repository. Mission: configure a landlord-enquiry real-estate agent and prove lead capture + safe escalation under no-spend constraints. Required path: 1) verify auth/org scope and reuse existing eval state; 2) select/apply landlord template; 3) configure widget + voice; 4) run widget smoke, release certification, and voice proof; 5) ensure handoff/escalation remains reason-coded and no-silent-drop. Do not buy numbers. Final artifact must include: selected template id/slug, lead/action/handoff evidence summary, reason codes, docs_pages_used, and next fix commands.",
+  "arbitrary-agency-setup-release.v1": "Go to https://frontofhouse.okii.uk. Use only public docs, public API docs, the deployed production API, and the public npm CLI package. Always invoke the CLI with `npx --yes @f-o-h/cli@latest ...`; do not use unpinned `npx @f-o-h/cli ...`, local source, private repo scripts, or unpublished commands. Do not assume access to the private source repository. Mission: prove whether an arbitrary estate agency can be set up or accurately held using the public launch evidence workflow. Required path: 1) verify CLI version and auth/org scope; 2) run `foh ops reporting agency-setup-preview` with the supplied agency name, official source URL, branch location, requested tool surface, and target mode; 3) run `foh ops reporting launch-packet --json`; 4) run `foh ops reporting launch-packet-skeletons --json`; 5) run `foh ops reporting launch-packet-evidence-check --json` only with redacted synthetic or customer-provided evidence, never raw credentials or secrets; 6) classify the outcome as pass, expected hold, or product failure. No-spend boundary: do not buy phone numbers, provision paid resources, scrape private systems, bypass credential holds, or claim live/customer-ready/production unless the launch packet explicitly allows it. Expected holds such as missing customer credentials, missing behavior approval, missing live voice validation, or missing production signoff are acceptable only when the commands expose clear reason codes and next actions. Final artifact must include commands executed, docs_pages_used, manual_intervention_count, CLI/API version readback, launch mode observed, reason codes, evidence artifacts created, and exact next commands. If `FOH_EXTERNAL_AGENT_RUN_DIR` is set, write `${FOH_EXTERNAL_AGENT_RUN_DIR}/external-agent-metadata.json` with `schema_version`, `docs_pages_used`, key decisions, and blocker reason codes before finishing.",
   "debug-proof-failure.v1": "You are given a FOH proof or debug artifact. Use public docs and FOH CLI/API behavior to classify whether the blocker is docs, auth, org setup, agent config, widget, channel, runtime, or product bug. Produce a redacted improvement packet or the exact command needed to produce one. Do not ask the human to interpret logs manually unless no machine-readable artifact exists.",
   "knowledge-miss.v1": "A FOH agent failed to answer a business question. Use CLI/API/docs to determine whether this is a knowledge-ingestion issue, retrieval issue, config issue, prompt/behavior issue, or runtime issue. Prefer foh knowledge query, transcript export, replay, and foh bug improve artifacts over screenshots.",
   "replay-failure.v1": "You are given a FOH transcript or replay artifact. Use CLI/API/docs to replay or inspect the failed interaction, identify expected vs actual behavior, and produce a scenario-test or improvement-packet candidate."
@@ -41251,11 +41527,38 @@ function knowledgeMissPromptContext(knowledgeQuestion, expectedAnswer) {
     "- Do not patch around the miss manually; produce the smallest redacted artifact that explains whether the fix belongs to docs, ingestion, retrieval, config, or runtime."
   ].join("\n");
 }
+function agencySetupPromptContext(context = {}) {
+  const agencyName = String(context.agencyName || "").trim();
+  const sourceUrl = String(context.sourceUrl || "").trim();
+  const branchLocation = String(context.branchLocation || "").trim();
+  const targetMode = String(context.targetMode || "").trim();
+  if (!agencyName && !sourceUrl && !branchLocation && !targetMode) return "";
+  const previewArgs = [
+    "ops reporting agency-setup-preview",
+    agencyName ? `--agency-name ${quoteArg(agencyName)}` : "--agency-name <agency-name>",
+    sourceUrl ? `--source-url ${quoteArg(sourceUrl)}` : "--source-url <official-source-url>",
+    branchLocation ? `--branch-location ${quoteArg(branchLocation)}` : "--branch-location <branch-location>",
+    targetMode ? `--target-mode ${quoteArg(targetMode)}` : "--target-mode founder_assisted",
+    "--json"
+  ].join(" ");
+  return [
+    "",
+    "Arbitrary-agency setup context:",
+    ...agencyName ? [`- Agency name: ${agencyName}`] : [],
+    ...sourceUrl ? [`- Official source URL: ${sourceUrl}`] : [],
+    ...branchLocation ? [`- Branch/location: ${branchLocation}`] : [],
+    ...targetMode ? [`- Target mode: ${targetMode}`] : [],
+    `- Start with: npx --yes @f-o-h/cli@latest ${previewArgs}`,
+    "- Then run launch-packet, launch-packet-skeletons, and launch-packet-evidence-check using public CLI commands only.",
+    "- Treat missing customer credentials or approvals as expected holds only if the CLI gives machine-readable reason codes and next actions."
+  ].join("\n");
+}
 function writePrompt(runDir, promptVersion, context = {}) {
   const prompt = [
     PROMPTS[promptVersion] ?? PROMPTS[DEFAULT_PROMPT_VERSION],
     replayPromptContext(context.replayFile),
-    knowledgeMissPromptContext(context.knowledgeQuestion, context.expectedAnswer)
+    knowledgeMissPromptContext(context.knowledgeQuestion, context.expectedAnswer),
+    agencySetupPromptContext(context)
   ].join("");
   const path2 = (0, import_path19.join)(runDir, "prompt.txt");
   (0, import_fs20.writeFileSync)(path2, `${prompt}
@@ -41327,7 +41630,11 @@ function buildRunArtifact(input) {
     context: {
       replay_file: input.session.replay_file ?? null,
       knowledge_question: input.session.knowledge_question ?? null,
-      expected_answer: input.session.expected_answer ?? null
+      expected_answer: input.session.expected_answer ?? null,
+      agency_name: input.session.agency_name ?? null,
+      source_url: input.session.source_url ?? null,
+      branch_location: input.session.branch_location ?? null,
+      target_mode: input.session.target_mode ?? null
     },
     artifacts: {
       terminal_transcript: null,
@@ -41349,19 +41656,31 @@ function buildRunArtifact(input) {
 function registerEval(program3) {
   const evalCommand = program3.command("eval").description("Run or summarize external-agent evaluation workflows");
   const external = evalCommand.command("external-agent").description("Capture clean external coding-agent setup attempts");
-  external.command("batch").description("Create a deterministic multi-model external-agent batch plan").option("--models <list>", "Comma-separated provider/model list", DEFAULT_BATCH_MODELS).option("--prompt-version <version>", "Prompt version", DEFAULT_PROMPT_VERSION).option("--replay-file <path>", "Local transcript/replay artifact to seed replay-failure prompts").option("--knowledge-question <text>", "Question to seed knowledge-miss prompts").option("--expected-answer <text>", "Expected answer or missing fact for planted knowledge-miss prompts").option("--workspace-type <type>", "Workspace type label", "clean-no-repo").option("--agent-shell <name>", "Agent shell label", "vscode-terminal").option("--out-dir <path>", "Batch output directory").option("--json", "Output as JSON").action(async (opts) => {
+  external.command("batch").description("Create a deterministic multi-model external-agent batch plan").option("--models <list>", "Comma-separated provider/model list", DEFAULT_BATCH_MODELS).option("--prompt-version <version>", "Prompt version", DEFAULT_PROMPT_VERSION).option("--replay-file <path>", "Local transcript/replay artifact to seed replay-failure prompts").option("--knowledge-question <text>", "Question to seed knowledge-miss prompts").option("--expected-answer <text>", "Expected answer or missing fact for planted knowledge-miss prompts").option("--agency-name <name>", "Agency name to seed arbitrary-agency setup prompts").option("--source-url <url>", "Official source URL to seed arbitrary-agency setup prompts").option("--branch-location <value>", "Branch/location to seed arbitrary-agency setup prompts").option("--target-mode <mode>", "Target launch/exposure mode for arbitrary-agency setup prompts").option("--workspace-type <type>", "Workspace type label", "clean-no-repo").option("--agent-shell <name>", "Agent shell label", "vscode-terminal").option("--out-dir <path>", "Batch output directory").option("--json", "Output as JSON").action(async (opts) => {
     const promptVersion = String(opts.promptVersion || DEFAULT_PROMPT_VERSION);
     const batchDir = (0, import_path19.resolve)(String(opts.outDir || defaultBatchDir(promptVersion)));
     const replayFile = opts.replayFile ? (0, import_path19.resolve)(String(opts.replayFile)) : void 0;
     const knowledgeQuestion = opts.knowledgeQuestion ? String(opts.knowledgeQuestion) : void 0;
     const expectedAnswer = opts.expectedAnswer ? String(opts.expectedAnswer) : void 0;
+    const agencyName = opts.agencyName ? String(opts.agencyName) : void 0;
+    const sourceUrl = opts.sourceUrl ? String(opts.sourceUrl) : void 0;
+    const branchLocation = opts.branchLocation ? String(opts.branchLocation) : void 0;
+    const targetMode = opts.targetMode ? String(opts.targetMode) : void 0;
     const models = parseModelList(String(opts.models || DEFAULT_BATCH_MODELS));
     (0, import_fs20.mkdirSync)(batchDir, { recursive: true });
     const runs2 = models.map((model, index) => {
       const runId = `${String(index + 1).padStart(2, "0")}-${safeSlug(model.provider)}-${safeSlug(model.name)}`;
       const runDir = (0, import_path19.join)(batchDir, runId);
       (0, import_fs20.mkdirSync)(runDir, { recursive: true });
-      const promptPath = writePrompt(runDir, promptVersion, { replayFile, knowledgeQuestion, expectedAnswer });
+      const promptPath = writePrompt(runDir, promptVersion, {
+        replayFile,
+        knowledgeQuestion,
+        expectedAnswer,
+        agencyName,
+        sourceUrl,
+        branchLocation,
+        targetMode
+      });
       const commandArgs = [
         "eval",
         "external-agent",
@@ -41382,6 +41701,10 @@ function registerEval(program3) {
       if (replayFile) commandArgs.push("--replay-file", replayFile);
       if (knowledgeQuestion) commandArgs.push("--knowledge-question", knowledgeQuestion);
       if (expectedAnswer) commandArgs.push("--expected-answer", expectedAnswer);
+      if (agencyName) commandArgs.push("--agency-name", agencyName);
+      if (sourceUrl) commandArgs.push("--source-url", sourceUrl);
+      if (branchLocation) commandArgs.push("--branch-location", branchLocation);
+      if (targetMode) commandArgs.push("--target-mode", targetMode);
       return {
         run_id: runId,
         model_provider: model.provider,
@@ -41401,6 +41724,10 @@ function registerEval(program3) {
       replay_file: replayFile ?? null,
       knowledge_question: knowledgeQuestion ?? null,
       expected_answer: expectedAnswer ?? null,
+      agency_name: agencyName ?? null,
+      source_url: sourceUrl ?? null,
+      branch_location: branchLocation ?? null,
+      target_mode: targetMode ?? null,
       workspace_type: String(opts.workspaceType || "clean-no-repo"),
       agent_shell: String(opts.agentShell || "vscode-terminal"),
       run_count: runs2.length,
@@ -41425,16 +41752,28 @@ function registerEval(program3) {
       extra: { batch }
     }), { json: Boolean(opts.json) });
   });
-  external.command("run").description("Launch an instrumented shell and emit external_agent_run.v1 when it exits").option("--model-provider <name>", "Model provider label", "unknown").option("--model-name <name>", "Model name label", "unknown-model").option("--prompt-version <version>", "Prompt version", DEFAULT_PROMPT_VERSION).option("--replay-file <path>", "Local transcript/replay artifact to seed replay-failure prompts").option("--knowledge-question <text>", "Question to seed knowledge-miss prompts").option("--expected-answer <text>", "Expected answer or missing fact for planted knowledge-miss prompts").option("--workspace-type <type>", "Workspace type label", "clean-no-repo").option("--agent-shell <name>", "Agent shell label", "vscode-terminal").option("--out-dir <path>", "Run output directory").option("--status <status>", "Final status when not interactively classified: pass|hold|fail", "hold").option("--reason-code <code>", "Failure/hold reason code", "external_agent_run_needs_review").option("--shell <command>", "Shell command to launch for capture").option("--no-shell", "Do not launch a shell; create/finalize artifacts immediately").option("--json", "Output as JSON").action(async (opts) => {
+  external.command("run").description("Launch an instrumented shell and emit external_agent_run.v1 when it exits").option("--model-provider <name>", "Model provider label", "unknown").option("--model-name <name>", "Model name label", "unknown-model").option("--prompt-version <version>", "Prompt version", DEFAULT_PROMPT_VERSION).option("--replay-file <path>", "Local transcript/replay artifact to seed replay-failure prompts").option("--knowledge-question <text>", "Question to seed knowledge-miss prompts").option("--expected-answer <text>", "Expected answer or missing fact for planted knowledge-miss prompts").option("--agency-name <name>", "Agency name to seed arbitrary-agency setup prompts").option("--source-url <url>", "Official source URL to seed arbitrary-agency setup prompts").option("--branch-location <value>", "Branch/location to seed arbitrary-agency setup prompts").option("--target-mode <mode>", "Target launch/exposure mode for arbitrary-agency setup prompts").option("--workspace-type <type>", "Workspace type label", "clean-no-repo").option("--agent-shell <name>", "Agent shell label", "vscode-terminal").option("--out-dir <path>", "Run output directory").option("--status <status>", "Final status when not interactively classified: pass|hold|fail", "hold").option("--reason-code <code>", "Failure/hold reason code", "external_agent_run_needs_review").option("--shell <command>", "Shell command to launch for capture").option("--no-shell", "Do not launch a shell; create/finalize artifacts immediately").option("--json", "Output as JSON").action(async (opts) => {
     const status = normalizeStatus(opts.status);
     const promptVersion = String(opts.promptVersion || DEFAULT_PROMPT_VERSION);
     const runDir = (0, import_path19.resolve)(String(opts.outDir || defaultRunDir(opts.modelName, promptVersion)));
     const replayFile = opts.replayFile ? (0, import_path19.resolve)(String(opts.replayFile)) : void 0;
     const knowledgeQuestion = opts.knowledgeQuestion ? String(opts.knowledgeQuestion) : void 0;
     const expectedAnswer = opts.expectedAnswer ? String(opts.expectedAnswer) : void 0;
+    const agencyName = opts.agencyName ? String(opts.agencyName) : void 0;
+    const sourceUrl = opts.sourceUrl ? String(opts.sourceUrl) : void 0;
+    const branchLocation = opts.branchLocation ? String(opts.branchLocation) : void 0;
+    const targetMode = opts.targetMode ? String(opts.targetMode) : void 0;
     (0, import_fs20.mkdirSync)(runDir, { recursive: true });
     const runId = runDir.split(/[\\/]/).filter(Boolean).slice(-1)[0];
-    const promptPath = writePrompt(runDir, promptVersion, { replayFile, knowledgeQuestion, expectedAnswer });
+    const promptPath = writePrompt(runDir, promptVersion, {
+      replayFile,
+      knowledgeQuestion,
+      expectedAnswer,
+      agencyName,
+      sourceUrl,
+      branchLocation,
+      targetMode
+    });
     const shell = inferShell(opts.shell);
     const session = {
       schema_version: "external_agent_capture_session.v1",
@@ -41446,6 +41785,10 @@ function registerEval(program3) {
       replay_file: replayFile ?? null,
       knowledge_question: knowledgeQuestion ?? null,
       expected_answer: expectedAnswer ?? null,
+      agency_name: agencyName ?? null,
+      source_url: sourceUrl ?? null,
+      branch_location: branchLocation ?? null,
+      target_mode: targetMode ?? null,
       workspace_type: String(opts.workspaceType || "clean-no-repo"),
       agent_shell: String(opts.agentShell || shell.label),
       manual_intervention_count: 0,
@@ -41728,10 +42071,8 @@ var CLI_MISSION_EXAMPLES = [
   { mission: "Start", command: "foh start", description: "guided setup and next action selector" },
   { mission: "Setup", command: "foh setup --phone-mode observe --json", description: "create or update agent, widget, voice config, and proof scaffold" },
   { mission: "Prove", command: "foh prove --agent <agent_id> --mission widget --json", description: "produce a machine-readable proof report" },
-  { mission: "Certify", command: "foh certify run --agent <agent_id> --profile release --json", description: "produce release evidence before publish" },
-  { mission: "Debug", command: "foh debug --out test-results/foh-cli-diag.latest.json --json", description: "collect auth/org/API diagnostics" },
-  { mission: "Improve", command: "foh bug improve --from-file <artifact.json> --json", description: "convert a failure artifact into a redacted improvement packet" },
-  { mission: "Publish", command: "foh agent publish --agent <agent_id> --json", description: "publish after proof gates pass" }
+  { mission: "Publish", command: "foh publish --agent <agent_id> --json", description: "publish when proof and release evidence pass" },
+  { mission: "Debug", command: "foh debug --out test-results/foh-cli-diag.latest.json --json", description: "collect auth/org/API diagnostics" }
 ];
 function missionHelpText() {
   return [
@@ -41739,7 +42080,7 @@ function missionHelpText() {
     "Common missions:",
     ...CLI_MISSION_EXAMPLES.map((item) => `  ${item.command.padEnd(66)} ${item.description}`),
     "",
-    "For AI agents: prefer --json and follow next_commands exactly when a command blocks."
+    "For AI agents: prefer --json, follow next_commands exactly, and treat certify/eval/bug as advanced operator surfaces."
   ].join("\n");
 }
 function addMissionHelp(program3) {
@@ -41832,6 +42173,7 @@ registerCertify(program2);
 registerDiag(program2);
 registerBug(program2);
 registerProve(program2);
+registerAgentPublishCommand(program2, { publicAlias: true });
 registerEval(program2);
 registerUpdate(program2);
 registerHome(program2);