@floomhq/floom 1.0.3 → 1.0.4

package/dist/install.js

@@ -4,7 +4,7 @@ import { createHash } from "node:crypto";
 import { homedir } from "node:os";
 import { basename, dirname, isAbsolute, join, relative, resolve, sep } from "node:path";
 import ora from "ora";
-import { getApiUrl, readConfig } from "./config.js";
+import { readConfig, resolveApiUrl } from "./config.js";
 import { getJson } from "./lib/api.js";
 import { c, symbols } from "./ui.js";
 import { FloomError } from "./errors.js";
@@ -21,11 +21,21 @@ function slugFromInput(input) {
         return trimmed.replace(/\.(md|json)$/i, "");
     }
 }
-function skillsDir() {
+function skillsDir(target) {
+    if (target === "codex") {
+        const codexHome = process.env.CODEX_HOME ?? join(homedir(), ".codex");
+        return process.env.CODEX_SKILLS_DIR ?? join(codexHome, "skills");
+    }
     return process.env.CLAUDE_SKILLS_DIR ?? join(homedir(), ".claude", "skills");
 }
-function skillPath(slug) {
-    return join(skillsDir(), `${slug}.md`);
+function skillPath(root, slug) {
+    return join(root, `${slug}.md`);
+}
+function skillsDirHint(target) {
+    return target === "codex" ? "CODEX_SKILLS_DIR" : "CLAUDE_SKILLS_DIR";
+}
+function setupCommand(target) {
+    return `npx -y @floomhq/floom setup --target ${target} --yes`;
 }
 function sha256(input) {
     return createHash("sha256").update(input).digest("hex");
@@ -55,8 +65,8 @@ async function localHash(path) {
         throw err;
     }
 }
-async function writeInstallFile(target, body) {
-    const parent = await openSafeParentDirectory(skillsDir(), target);
+async function writeInstallFile(root, target, body) {
+    const parent = await openSafeParentDirectory(root, target);
     let handle = null;
     try {
         handle = await open(childCreatePath(parent, dirname(target), basename(target)), constants.O_WRONLY | constants.O_CREAT | constants.O_EXCL | constants.O_NOFOLLOW, 0o600);
@@ -93,7 +103,15 @@ async function ensureSafeParentDirectory(root, target) {
     if (relativeParent === ".." || relativeParent.startsWith(`..${sep}`) || isAbsolute(relativeParent)) {
         throw new FloomError("Invalid skill target path.");
     }
-    await mkdir(resolvedRoot, { recursive: true, mode: 0o700 });
+    try {
+        await mkdir(resolvedRoot, { recursive: true, mode: 0o700 });
+    }
+    catch (err) {
+        if (err.code === "EEXIST") {
+            throw new FloomError("Skills directory points to a file, not a directory.", "Set the skills directory env var to a directory, or remove the file blocking it.");
+        }
+        throw err;
+    }
     await assertSafeDirectory(resolvedRoot);
     if (!relativeParent || relativeParent === ".")
         return;
@@ -120,13 +138,15 @@ async function assertSafeDirectory(path) {
         throw new FloomError("Local path is blocked by an existing file or directory.");
     }
 }
-export async function install(slugInput) {
+export async function install(slugInput, opts = {}) {
+    const targetAgent = opts.target ?? "claude";
+    const root = skillsDir(targetAgent);
     const slug = slugFromInput(slugInput);
     if (!SLUG_RE.test(slug)) {
         throw new FloomError(`Invalid skill slug: ${slugInput}`);
     }
     const cfg = await readConfig();
-    const apiUrl = cfg?.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     const spinner = ora({ text: c.dim(`Adding ${slug}...`), color: "yellow" }).start();
     let detail;
     try {
@@ -139,8 +159,16 @@ export async function install(slugInput) {
         spinner.stop();
         throw err;
     }
-    await mkdir(skillsDir(), { recursive: true, mode: 0o700 });
-    const target = skillPath(slug);
+    try {
+        await mkdir(root, { recursive: true, mode: 0o700 });
+    }
+    catch (err) {
+        if (err.code === "EEXIST") {
+            throw new FloomError(`${skillsDirHint(targetAgent)} points to a file, not a directory.`, `Set ${skillsDirHint(targetAgent)} to a directory, or remove the file blocking it.`);
+        }
+        throw err;
+    }
+    const target = skillPath(root, slug);
     const remoteHash = sha256(detail.body_md);
     const existing = await localHash(target);
     let action;
@@ -152,7 +180,7 @@ export async function install(slugInput) {
     }
     else {
         try {
-            await writeInstallFile(target, detail.body_md);
+            await writeInstallFile(root, target, detail.body_md);
         }
         catch (err) {
             const code = err.code;
@@ -172,4 +200,7 @@ export async function install(slugInput) {
     spinner.stop();
     process.stdout.write(`\n${symbols.ok}  [floom] ${action} ${c.bold(slug)}\n`);
     process.stdout.write(`   ${c.dim(target)}\n\n`);
+    process.stdout.write(`   ${c.bold("Next")}\n`);
+    process.stdout.write(`   ${c.dim("1.")} Tell your agent to use ${c.bold(slug)} when it matches the task.\n`);
+    process.stdout.write(`   ${c.dim("2.")} One-time setup: ${c.cyan(setupCommand(targetAgent))}\n\n`);
 }

package/dist/lib/api.js

@@ -4,15 +4,15 @@ import { friendlyHttp, friendlyNetwork, FloomError } from "../errors.js";
  * patterns but throws FloomError instances so the CLI's printError gives
  * users a clean message instead of a stack trace.
  */
-const DEFAULT_TIMEOUT_MS = 15_000;
-async function floomFetch(url, action, opts = {}) {
-    const headers = {};
+export const DEFAULT_TIMEOUT_MS = 15_000;
+export async function floomFetch(url, action, opts = {}) {
+    const headers = { ...(opts.headers ?? {}) };
     if (opts.token)
         headers.authorization = `Bearer ${opts.token}`;
     if (opts.body !== undefined)
         headers["content-type"] = "application/json";
     const controller = new AbortController();
-    const timer = setTimeout(() => controller.abort(), opts.timeoutMs ?? DEFAULT_TIMEOUT_MS);
+    const timer = setTimeout(() => controller.abort(), requestTimeoutMs(opts.timeoutMs));
     let res;
     try {
         res = await fetch(url, {
@@ -31,11 +31,19 @@ async function floomFetch(url, action, opts = {}) {
     finally {
         clearTimeout(timer);
     }
-    if (!res.ok) {
+    if (opts.checkOk !== false && !res.ok) {
         throw friendlyHttp(res.status, action);
     }
     return res;
 }
+function requestTimeoutMs(override) {
+    if (override !== undefined)
+        return override;
+    const fromEnv = Number(process.env.FLOOM_REQUEST_TIMEOUT_MS);
+    if (Number.isFinite(fromEnv) && fromEnv > 0)
+        return fromEnv;
+    return DEFAULT_TIMEOUT_MS;
+}
 export async function getJson(url, action, token) {
     const res = await floomFetch(url, action, token ? { token } : {});
     return (await res.json());

package/dist/library.js

@@ -1,5 +1,5 @@
 import ora from "ora";
-import { getApiUrl, readConfig } from "./config.js";
+import { readConfig, resolveApiUrl } from "./config.js";
 import { deleteRequest, getJson, postJson, putJson } from "./lib/api.js";
 import { c, symbols } from "./ui.js";
 import { FloomError } from "./errors.js";
@@ -10,7 +10,7 @@ function formatLibraryRow(lib) {
 }
 export async function libraryList(opts = {}) {
     const cfg = await readConfig();
-    const apiUrl = cfg?.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     const spinner = opts.json ? null : ora({ text: c.dim("Loading libraries..."), color: "yellow" }).start();
     let result;
     try {
@@ -36,7 +36,7 @@ export async function libraryCreate(opts) {
     const cfg = await readConfig();
     if (!cfg)
         throw new FloomError("Not signed in.", "Run `floom login` first.");
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     const result = await postJson(`${apiUrl}/api/v1/libraries`, "create library", cfg.accessToken, {
         slug: opts.slug,
         name: opts.name,
@@ -51,7 +51,7 @@ export async function libraryAddSkill(opts) {
     const cfg = await readConfig();
     if (!cfg)
         throw new FloomError("Not signed in.", "Run `floom login` first.");
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     await postJson(`${apiUrl}/api/v1/libraries/${encodeURIComponent(opts.librarySlug)}/skills`, "add skill to library", cfg.accessToken, {
         skill_slug: opts.skillSlug,
         ...(opts.folder !== undefined ? { folder: opts.folder } : {}),
@@ -67,7 +67,7 @@ export async function libraryRemoveSkill(librarySlug, skillSlug) {
     const cfg = await readConfig();
     if (!cfg)
         throw new FloomError("Not signed in.", "Run `floom login` first.");
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     await deleteRequest(`${apiUrl}/api/v1/libraries/${encodeURIComponent(librarySlug)}/skills/${encodeURIComponent(skillSlug)}`, "remove skill from library", cfg.accessToken);
     process.stdout.write(`\n${symbols.ok}  Removed ${c.cyan(skillSlug)} from ${c.cyan(librarySlug)}\n\n`);
 }
@@ -75,7 +75,7 @@ export async function librarySubscribe(slug) {
     const cfg = await readConfig();
     if (!cfg)
         throw new FloomError("Not signed in.", "Run `floom login` first.");
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     await postJson(`${apiUrl}/api/v1/me/subscriptions`, "subscribe to library", cfg.accessToken, { library_slug: slug });
     process.stdout.write(`\n${symbols.ok}  Subscribed to ${c.cyan(slug)}\n`);
     process.stdout.write(`   ${c.dim("Skills will sync into ~/.claude/skills/" + slug + "/")}\n\n`);
@@ -84,7 +84,7 @@ export async function libraryUnsubscribe(slug) {
     const cfg = await readConfig();
     if (!cfg)
         throw new FloomError("Not signed in.", "Run `floom login` first.");
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     await deleteRequest(`${apiUrl}/api/v1/me/subscriptions/${encodeURIComponent(slug)}`, "unsubscribe from library", cfg.accessToken);
     process.stdout.write(`\n${symbols.ok}  Unsubscribed from ${c.cyan(slug)}\n\n`);
 }
@@ -92,7 +92,7 @@ export async function moveSkill(opts) {
     const cfg = await readConfig();
     if (!cfg)
         throw new FloomError("Not signed in.", "Run `floom login` first.");
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     await putJson(`${apiUrl}/api/v1/me/skills/${encodeURIComponent(opts.slug)}/override`, "set skill override", cfg.accessToken, { folder: opts.folder, tags: opts.tags });
     const folderText = opts.folder ?? c.dim("(root)");
     const tagsText = opts.tags.length ? opts.tags.join(", ") : c.dim("(none)");

package/dist/list.js

@@ -1,14 +1,15 @@
 import ora from "ora";
-import { getApiUrl, readConfig } from "./config.js";
+import { readConfig, resolveApiUrl } from "./config.js";
 import { getJson } from "./lib/api.js";
 import { extractRequires, formatToolList, formatType } from "./lib/skill-labels.js";
 import { c, symbols } from "./ui.js";
 import { FloomError } from "./errors.js";
+import { formatVersionLabel } from "./version.js";
 function formatRow(s) {
     const title = s.title ?? c.dim("(untitled)");
     const visibility = c.dim(`[${s.visibility}]`);
     const type = c.dim(`[${formatType(s.asset_type)}]`);
-    const version = s.version ? c.dim(`v${s.version}`) : "";
+    const version = s.version ? c.dim(formatVersionLabel(s.version)) : "";
     const updated = c.dim(formatRelative(s.updated_at));
     const requires = extractRequires(s.body_md);
     const needs = requires.length > 0 ? c.dim(`needs ${formatToolList(requires)}`) : "";
@@ -37,7 +38,7 @@ export async function list(opts) {
     if (!cfg) {
         throw new FloomError("Not signed in.", "Run `floom login` first.");
     }
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     const spinner = opts.json ? null : ora({ text: c.dim("Loading skills..."), color: "yellow" }).start();
     let published = [];
     try {

package/dist/mcp.js

@@ -1,8 +1,8 @@
 import { c } from "./ui.js";
 export function printMcpSetup() {
     const snippet = `## Floom
-- Use Floom skills from ~/.claude/skills/ when they match the task.
-- To install a shared skill, run \`floom add <slug-or-url>\`.
+- Use Floom skills from the local Floom skills folder when they match the task.
+- To install a shared skill, run \`floom add <slug-or-url> --target claude\` or \`floom add <slug-or-url> --target codex\`.
 - To find reusable behavior, run \`floom search <query>\`.
 - MCP sync is optional preview behavior; use it only while the Floom MCP server is configured and running.`;
     process.stdout.write(`\n${c.bold("Floom MCP setup")}\n\n`);
@@ -11,12 +11,6 @@ export function printMcpSetup() {
     process.stdout.write(`  ${c.cyan("claude mcp add floom -- npx -y @floomhq/floom-mcp-sync")}\n\n`);
     process.stdout.write(`  ${c.bold("Codex CLI")}\n`);
     process.stdout.write(`  ${c.cyan("codex mcp add floom -- npx -y @floomhq/floom-mcp-sync")}\n\n`);
-    process.stdout.write(`  ${c.bold("Gemini CLI")}\n`);
-    process.stdout.write(`  ${c.cyan("gemini mcp add -s user floom npx -y @floomhq/floom-mcp-sync")}\n\n`);
-    process.stdout.write(`  ${c.bold("Kimi CLI")}\n`);
-    process.stdout.write(`  ${c.cyan("kimi mcp add --transport stdio floom -- npx -y @floomhq/floom-mcp-sync")}\n\n`);
-    process.stdout.write(`  ${c.bold("OpenCode")}\n`);
-    process.stdout.write(`  ${c.dim("Edit ~/.config/opencode/opencode.json - see guide.")}\n\n`);
     process.stdout.write(`${c.dim("Full guide:")} ${c.cyan("https://floom.dev/docs/mcp")}\n\n`);
     process.stdout.write(`${c.dim("Recommended agent instruction snippet:")}\n\n`);
     process.stdout.write(`${snippet}\n\n`);

package/dist/publish.js

@@ -2,9 +2,12 @@ import { readFile } from "node:fs/promises";
 import { basename, resolve } from "node:path";
 import ora from "ora";
 import clipboard from "clipboardy";
-import { getApiUrl, getWebUrl, readConfig } from "./config.js";
+import { getWebUrl, readConfig, resolveApiUrl } from "./config.js";
+import { floomFetch } from "./lib/api.js";
 import { c, symbols } from "./ui.js";
-import { FloomError, friendlyHttp, friendlyNetwork } from "./errors.js";
+import { FloomError, friendlyHttp } from "./errors.js";
+import { formatVersionLabel } from "./version.js";
+import { detectSkillSecurityFindings, formatSecurityFindings } from "./secrets.js";
 const ASSET_TYPES = new Set(["knowledge", "instruction", "workflow", "skill"]);
 const INSTALL_TARGETS = new Set([
     "claude_skill",
@@ -86,10 +89,6 @@ function parseVersion(value, source) {
     throw new FloomError(`Invalid ${source}: ${value}`, "Use 1-64 characters: letters, numbers, dots, underscores, plus, or hyphen.");
 }
 export async function publish(opts) {
-    const cfg = await readConfig();
-    if (!cfg) {
-        throw new FloomError("Not signed in.", "Run `floom login` first.");
-    }
     const filePath = resolve(process.cwd(), opts.file);
     let raw;
     try {
@@ -108,6 +107,11 @@ export async function publish(opts) {
     if (!raw.trim()) {
         throw new FloomError(`File is empty: ${opts.file}`);
     }
+    const securityFindings = detectSkillSecurityFindings(raw);
+    if (securityFindings.length > 0) {
+        throw new FloomError("Security scan failed. Publish stopped.", `${formatSecurityFindings(securityFindings)}\nRemove secrets, prompt-injection text, or data-exfiltration instructions before publishing.`);
+    }
+    process.stdout.write(`\n${symbols.ok}  Pre-publish security scan passed (3 checks).\n`);
     const { meta, error: fmError } = parseFrontmatter(raw);
     if (fmError) {
         throw new FloomError(`Couldn't parse frontmatter — check your YAML.`, `Line ${fmError.line}: ${fmError.message}`);
@@ -115,6 +119,10 @@ export async function publish(opts) {
     const assetType = opts.assetType ?? parseAssetType(meta.asset_type ?? meta.type, "frontmatter type") ?? "skill";
     const installsAs = opts.installsAs ?? parseInstallsAs(meta.installs_as, "frontmatter installs_as") ?? null;
     const version = opts.version ?? parseVersion(meta.version, "frontmatter version") ?? null;
+    const cfg = await readConfig();
+    if (!cfg) {
+        throw new FloomError("Not signed in.", "Run `floom login` first.");
+    }
     // Later version: detect already-published when --update is missing.
     // The current API does not return a duplicate-skill code, so we leave
     // the actual dedupe to the server and surface the friendly hint on 409.
@@ -122,16 +130,14 @@ export async function publish(opts) {
         text: c.dim(`Publishing ${meta.title ? c.bold(meta.title) : opts.file}...`),
         color: "yellow",
     }).start();
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     let res;
     try {
-        res = await fetch(`${apiUrl}/api/skills`, {
+        res = await floomFetch(`${apiUrl}/api/skills`, "publish your skill", {
             method: "POST",
-            headers: {
-                authorization: `Bearer ${cfg.accessToken}`,
-                "content-type": "application/json",
-            },
-            body: JSON.stringify({
+            token: cfg.accessToken,
+            checkOk: false,
+            body: {
                 title: meta.title ?? null,
                 description: meta.description ?? null,
                 body_md: raw,
@@ -143,12 +149,12 @@ export async function publish(opts) {
                 original_filename: basename(filePath),
                 published_via: "cli",
                 shared_with_emails: opts.sharedWithEmails,
-            }),
+            },
         });
     }
     catch (err) {
         spinner.stop();
-        throw friendlyNetwork(err);
+        throw err;
     }
     if (res.status === 409) {
         spinner.stop();
@@ -165,7 +171,7 @@ export async function publish(opts) {
         ? data.url.replace(/\.md$/, "")
         : `${webBase}/s/${data.slug}`;
     spinner.stop();
-    const versionTag = version ? c.dim(` (v${version})`) : "";
+    const versionTag = version ? c.dim(` (${formatVersionLabel(version)})`) : "";
     const titleLabel = data.title ? `"${data.title}"` : opts.file;
     process.stdout.write(`\n${symbols.ok}  Published ${c.bold(titleLabel)}${versionTag}\n\n`);
     process.stdout.write(`   ${c.cyan(humanUrl)}\n\n`);
@@ -186,4 +192,9 @@ export async function publish(opts) {
     else {
         process.stdout.write(`   ${c.dim("Share it anywhere.")}\n\n`);
     }
+    process.stdout.write(`   ${c.bold("Next")}\n`);
+    process.stdout.write(`   ${c.dim("1.")} Test locally: ${c.cyan(`npx -y @floomhq/floom add ${humanUrl} --target claude`)}\n`);
+    process.stdout.write(`   ${c.dim("2.")} Send the link.\n`);
+    process.stdout.write(`   ${c.dim("3.")} Receiver runs ${c.cyan(`npx -y @floomhq/floom add ${humanUrl} --target claude`)}\n`);
+    process.stdout.write(`   ${c.dim("4.")} Agent reads the installed Markdown from the local skills folder.\n\n`);
 }

package/dist/scan.js

@@ -0,0 +1,26 @@
+import { readFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { detectSkillSecurityFindings, formatSecurityFindings } from "./secrets.js";
+import { FloomError } from "./errors.js";
+import { c, symbols } from "./ui.js";
+export async function scanSkill(file) {
+    const path = resolve(process.cwd(), file);
+    let raw;
+    try {
+        raw = await readFile(path, "utf8");
+    }
+    catch (err) {
+        const code = err.code;
+        if (code === "ENOENT")
+            throw new FloomError(`File not found: ${file}`);
+        if (code === "EISDIR")
+            throw new FloomError(`That's a directory, not a file: ${file}`);
+        throw new FloomError(`Couldn't read ${file}: ${err.message}`);
+    }
+    const findings = detectSkillSecurityFindings(raw);
+    if (findings.length > 0) {
+        throw new FloomError("Security scan failed.", `${formatSecurityFindings(findings)}\nRemove secrets, prompt-injection text, or data-exfiltration instructions before publishing.`);
+    }
+    process.stdout.write(`\n${symbols.ok}  Security scan passed for ${c.bold(file)}\n`);
+    process.stdout.write(`   ${c.dim("No high-confidence secrets, prompt-injection text, or exfiltration instructions found.")}\n\n`);
+}

package/dist/search.js

@@ -1,5 +1,5 @@
 import ora from "ora";
-import { getApiUrl, readConfig } from "./config.js";
+import { readConfig, resolveApiUrl } from "./config.js";
 import { getJson } from "./lib/api.js";
 import { c, symbols } from "./ui.js";
 function formatSkillRow(skill) {
@@ -16,7 +16,7 @@ function formatLibraryRow(library) {
 }
 export async function search(opts) {
     const cfg = await readConfig();
-    const apiUrl = cfg?.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     const params = new URLSearchParams({ q: opts.query });
     if (opts.library)
         params.set("library", opts.library);

package/dist/secrets.js

@@ -0,0 +1,105 @@
+const SECRET_PATTERNS = [
+    { label: "OpenAI API key", regex: /\bsk-proj-[A-Za-z0-9_-]{20,}\b/g },
+    { label: "OpenAI API key", regex: /\bsk-[A-Za-z0-9]{32,}\b/g },
+    { label: "Anthropic API key", regex: /\bsk-ant-[A-Za-z0-9_-]{20,}\b/g },
+    { label: "Google API key", regex: /\bAIza[0-9A-Za-z_-]{25,}\b/g },
+    { label: "GitHub token", regex: /\b(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{30,}\b/g },
+    { label: "GitHub token", regex: /\bgithub_pat_[A-Za-z0-9_]{40,}\b/g },
+    { label: "Supabase access token", regex: /\bsbp_[A-Za-z0-9]{30,}\b/g },
+    { label: "Stripe secret key", regex: /\bsk_(?:live|test)_[A-Za-z0-9]{20,}\b/g },
+    { label: "Slack token", regex: /\bxox[baprs]-[A-Za-z0-9-]{20,}\b/g },
+    { label: "AWS access key", regex: /\b(?:AKIA|ASIA)[A-Z0-9]{16}\b/g },
+    { label: "Private key", regex: /-----BEGIN (?:RSA |EC |OPENSSH |)PRIVATE KEY-----/g },
+];
+const GENERIC_ASSIGNMENT_RE = /\b(?:api[_-]?key|secret|access[_-]?token|auth[_-]?token|bearer[_-]?token)\b\s*[:=]\s*["']?([A-Za-z0-9_./+=-]{24,})["']?/gi;
+const PLACEHOLDER_RE = /^(?:your|example|placeholder|replace|changeme|todo|xxx|test|demo|dummy|redacted)/i;
+const PROMPT_INJECTION_PATTERNS = [
+    { label: "Prompt injection instruction", regex: /\bignore (?:all )?(?:previous|prior|above|earlier) instructions\b/gi },
+    { label: "Prompt injection instruction", regex: /\bdisregard (?:all )?(?:previous|prior|above|earlier) instructions\b/gi },
+    { label: "Prompt injection instruction", regex: /\bforget (?:all )?(?:previous|prior|above|earlier) instructions\b/gi },
+    { label: "Prompt injection instruction", regex: /\boverride (?:the )?(?:system|developer|safety) instructions\b/gi },
+    { label: "System prompt extraction", regex: /\b(?:reveal|print|show|dump|expose|leak) (?:the )?(?:system prompt|developer message|hidden instructions)\b/gi },
+];
+const DATA_EXFILTRATION_PATTERNS = [
+    { label: "Data exfiltration instruction", regex: /\b(?:send|post|upload|exfiltrate|copy) (?:[^.\n]{0,80})\b(?:api keys?|tokens?|secrets?|environment variables|\.env|credentials)\b(?:[^.\n]{0,120})\b(?:to|into) https?:\/\//gi },
+    { label: "Data exfiltration instruction", regex: /\b(?:curl|wget|fetch)\b[^\n]{0,160}\b(?:api keys?|tokens?|secrets?|environment variables|\.env|credentials)\b/gi },
+    { label: "Credential harvesting instruction", regex: /\b(?:collect|harvest|steal|extract) (?:[^.\n]{0,80})\b(?:api keys?|tokens?|secrets?|environment variables|\.env|credentials)\b/gi },
+];
+function redact(value) {
+    if (value.length <= 12)
+        return "[redacted]";
+    return `${value.slice(0, 4)}...${value.slice(-4)}`;
+}
+function lineNumberAt(input, index) {
+    let line = 1;
+    for (let i = 0; i < index; i++) {
+        if (input.charCodeAt(i) === 10)
+            line++;
+    }
+    return line;
+}
+function pushFinding(findings, seen, label, line, value) {
+    const key = `${label}:${line}:${value}`;
+    if (seen.has(key))
+        return;
+    seen.add(key);
+    findings.push({ label, line, preview: redact(value) });
+}
+export function detectSecrets(input) {
+    const findings = [];
+    const seen = new Set();
+    for (const pattern of SECRET_PATTERNS) {
+        pattern.regex.lastIndex = 0;
+        for (const match of input.matchAll(pattern.regex)) {
+            const value = match[0] ?? "";
+            pushFinding(findings, seen, pattern.label, lineNumberAt(input, match.index ?? 0), value);
+        }
+    }
+    GENERIC_ASSIGNMENT_RE.lastIndex = 0;
+    for (const match of input.matchAll(GENERIC_ASSIGNMENT_RE)) {
+        const value = match[1] ?? "";
+        if (!value || PLACEHOLDER_RE.test(value))
+            continue;
+        pushFinding(findings, seen, "Possible secret assignment", lineNumberAt(input, match.index ?? 0), value);
+    }
+    return findings.sort((a, b) => a.line - b.line || a.label.localeCompare(b.label));
+}
+function detectPatternFindings(input, patterns, category) {
+    const findings = [];
+    const seen = new Set();
+    for (const pattern of patterns) {
+        pattern.regex.lastIndex = 0;
+        for (const match of input.matchAll(pattern.regex)) {
+            const value = (match[0] ?? "").replace(/\s+/g, " ").trim();
+            const key = `${pattern.label}:${match.index ?? 0}:${value}`;
+            if (seen.has(key))
+                continue;
+            seen.add(key);
+            findings.push({
+                label: pattern.label,
+                line: lineNumberAt(input, match.index ?? 0),
+                preview: redact(value),
+                severity: "high",
+                category,
+            });
+        }
+    }
+    return findings;
+}
+export function detectSkillSecurityFindings(input) {
+    const secretFindings = detectSecrets(input).map((finding) => ({
+        ...finding,
+        severity: "high",
+        category: "secret",
+    }));
+    return [
+        ...secretFindings,
+        ...detectPatternFindings(input, PROMPT_INJECTION_PATTERNS, "prompt_injection"),
+        ...detectPatternFindings(input, DATA_EXFILTRATION_PATTERNS, "data_exfiltration"),
+    ].sort((a, b) => a.line - b.line || a.label.localeCompare(b.label));
+}
+export function formatSecurityFindings(findings, limit = 5) {
+    const shown = findings.slice(0, limit).map((finding) => (`line ${finding.line}: ${finding.label} (${finding.preview})`));
+    const more = findings.length > shown.length ? `\n...and ${findings.length - shown.length} more.` : "";
+    return `${shown.join("\n")}${more}`;
+}

package/dist/setup.js

@@ -11,15 +11,20 @@ const TARGETS = {
     claude: { label: "Claude Code", filename: "CLAUDE.md" },
     codex: { label: "Codex", filename: "AGENTS.md" },
 };
-export const FLOOM_AGENT_INSTRUCTIONS = `${START_MARKER}
+function floomAgentInstructions(target) {
+    const addCommand = target === "codex"
+        ? "floom add <slug-or-url> --target codex"
+        : "floom add <slug-or-url> --target claude";
+    return `${START_MARKER}
 ## Floom
 
 - Before recreating agent behavior from scratch, check Floom for reusable skills.
 - Search or inspect skills with \`floom search <query>\`, \`floom info <slug-or-url>\`, and \`floom list\`.
-- Add shared skills with \`floom add <slug-or-url>\`; public and unlisted links do not require a Floom account.
+- Add shared skills with \`${addCommand}\`; public and unlisted links do not require a Floom account.
 - Use installed Markdown skills from the local skills folder when they match the task.
 - \`floom sync\`, \`floom watch\`, and \`@floomhq/floom-mcp-sync\` are preview paths for saved, published, and subscribed library skills; review conflicts before relying on synced output.
 ${END_MARKER}`;
+}
 async function fileExists(path) {
     try {
         await access(path);
@@ -65,10 +70,12 @@ async function findUp(filename) {
 async function detectTarget(opts) {
     const agent = opts.target ?? (opts.file ? parseTargetFromFile(opts.file) : undefined);
     if (opts.file) {
-        const resolvedAgent = agent ?? "codex";
+        if (!agent) {
+            throw new FloomError("Cannot infer agent target from that file name.", "Pass `--target claude` or `--target codex`, or use CLAUDE.md / AGENTS.md.");
+        }
         return {
-            agent: resolvedAgent,
-            label: TARGETS[resolvedAgent].label,
+            agent,
+            label: TARGETS[agent].label,
             path: resolve(process.cwd(), opts.file),
         };
     }
@@ -99,7 +106,7 @@ function renderPreview(target, existing) {
         `   ${c.dim("Target:")} ${target.path}`,
         `   ${c.dim("Action:")} ${action}`,
         "",
-        FLOOM_AGENT_INSTRUCTIONS,
+        floomAgentInstructions(target.agent),
         "",
         `${c.dim("MCP setup guidance:")} run ${c.cyan("floom mcp")} to print local agent commands.`,
         "",
@@ -139,9 +146,10 @@ export async function setupAgent(opts) {
         }
     }
     await mkdir(dirname(target.path), { recursive: true });
+    const instructions = floomAgentInstructions(target.agent);
     const next = existing === null
-        ? `${FLOOM_AGENT_INSTRUCTIONS}\n`
-        : `${existing.replace(/\s*$/, "")}\n\n${FLOOM_AGENT_INSTRUCTIONS}\n`;
+        ? `${instructions}\n`
+        : `${existing.replace(/\s*$/, "")}\n\n${instructions}\n`;
     if (existing === null) {
         await writeFile(target.path, next, { encoding: "utf8", flag: "wx" }).catch((err) => {
             if (err instanceof Error && "code" in err && err.code === "EEXIST") {

package/dist/share.js

@@ -1,5 +1,5 @@
 import ora from "ora";
-import { getApiUrl, readConfig } from "./config.js";
+import { readConfig, resolveApiUrl } from "./config.js";
 import { friendlyHttp, friendlyNetwork, FloomError } from "./errors.js";
 import { c, symbols } from "./ui.js";
 function slugFromInput(input) {
@@ -25,7 +25,7 @@ export async function share(opts) {
     if (!slug) {
         throw new FloomError("Missing skill slug.", "Try: `floom share <slug> --list`");
     }
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     const endpoint = `${apiUrl}/api/skills/${encodeURIComponent(slug)}/share`;
     const spinner = ora({ text: c.dim("Updating sharing..."), color: "yellow" }).start();
     let res;

package/dist/sync.js

@@ -4,7 +4,7 @@ import { createHash } from "node:crypto";
 import { homedir } from "node:os";
 import { basename, dirname, isAbsolute, join, relative, resolve, sep } from "node:path";
 import ora from "ora";
-import { getApiUrl, readConfig } from "./config.js";
+import { readConfig, resolveApiUrl } from "./config.js";
 import { getJson } from "./lib/api.js";
 import { c, symbols } from "./ui.js";
 import { FloomError } from "./errors.js";
@@ -207,7 +207,7 @@ export async function sync(opts = {}) {
     if (!cfg)
         throw new FloomError("Not signed in.", "Run `floom login` first.");
     await ensureSyncManifestDir();
-    const apiUrl = cfg.apiUrl ?? getApiUrl();
+    const apiUrl = resolveApiUrl(cfg);
     const spinner = opts.spinner === false ? null : ora({ text: c.dim("Syncing skills..."), color: "yellow" }).start();
     let payload;
     try {

package/dist/version.js

@@ -0,0 +1,25 @@
+import pkg from "../package.json" with { type: "json" };
+export const CLI_VERSION = pkg.version;
+function numericParts(value) {
+    const normalized = value.trim().replace(/^v/i, "");
+    const numeric = normalized.match(/^\d+(?:\.\d+)*/)?.[0] ?? "0";
+    return numeric.split(".").map((part) => Number.parseInt(part, 10));
+}
+export function compareSemverish(a, b) {
+    const left = numericParts(a);
+    const right = numericParts(b);
+    const max = Math.max(left.length, right.length);
+    for (let i = 0; i < max; i++) {
+        const l = left[i] ?? 0;
+        const r = right[i] ?? 0;
+        if (l > r)
+            return 1;
+        if (l < r)
+            return -1;
+    }
+    return 0;
+}
+export function formatVersionLabel(value) {
+    const trimmed = value.trim();
+    return trimmed.match(/^v/i) ? trimmed.replace(/^v/i, "v") : `v${trimmed}`;
+}