@genrupt/cli 0.1.0

package/README.md

@@ -0,0 +1,100 @@
+# @genrupt/cli
+
+Genrupt CLI for local-file workflows and local MCP clients.
+
+## Install
+
+```bash
+npm install -g @genrupt/cli
+```
+
+## Login
+
+```bash
+genrupt auth login
+```
+
+The CLI uses Genrupt's OAuth device flow. It opens a browser approval page and stores refreshable credentials on the local machine.
+
+To disconnect the machine, revoke the server-side OAuth grant and remove local credentials:
+
+```bash
+genrupt auth logout
+```
+
+If Genrupt is unreachable and you only want to remove the local file, run:
+
+```bash
+genrupt auth logout --local
+```
+
+## Claude Code
+
+```bash
+genrupt setup claude-code
+```
+
+This registers a local stdio MCP server:
+
+```bash
+genrupt mcp serve
+```
+
+Claude Code can then call Genrupt from chat while the local process can read user-approved local file paths.
+
+## Upload Product Reference Images
+
+```bash
+genrupt upload image "./product-photo.jpg" --asin B07QF3GNS2
+```
+
+Multiple files are supported:
+
+```bash
+genrupt upload image "./front.jpg" "./detail.png" --asin B07QF3GNS2 --json
+```
+
+The command creates Genrupt product reference assets and returns `sourceAssetIds` that can be used by product reference sheet workflows.
+
+Remote MCP calls are audited by Genrupt and rate-limited per connected auth source. Product-reference upload capabilities are executed through Genrupt's capability registry, so hidden workflow tools are not directly exposed to stale MCP clients.
+
+## Remote MCP Calls
+
+```bash
+genrupt mcp call get_current_account_context '{}'
+```
+
+Windows-friendly flag form:
+
+```bash
+genrupt mcp call search_capabilities --query "product reference upload" --includeUnavailable --limit 10
+```
+
+For nested arguments, write an args file and pass it directly:
+
+```bash
+genrupt mcp call search_capabilities --json-file ./args.json
+```
+
+Use this for smoke tests and low-level debugging.
+
+## Publishing
+
+The package is published publicly under the `@genrupt` npm scope.
+
+Local verification:
+
+```bash
+pnpm --filter @genrupt/cli build
+node scripts/verify-genrupt-cli-release.cjs --check-registry
+```
+
+Manual publish, from a machine logged into an npm account with `@genrupt` scope access:
+
+```bash
+pnpm --filter @genrupt/cli publish --access public --provenance=false --otp 123456
+```
+
+If npm returns a 403 that says two-factor authentication or a granular access token is required, either pass the current npm 2FA one-time code with `--otp`, or publish with a granular npm token that has package write access and bypass 2FA enabled.
+
+Preferred publish path is the `Publish Genrupt CLI` GitHub Actions workflow, using the `NPM_TOKEN` repository secret. The workflow publishes with provenance disabled because this repository is private and npm provenance currently requires a public GitHub source repository.

package/dist/auth.js

@@ -0,0 +1,206 @@
+import { spawn } from "node:child_process";
+import { ACCESS_TOKEN_REFRESH_SKEW_MS, CLI_CLIENT_NAME, DEFAULT_ORIGIN, OAUTH_DEVICE_GRANT_TYPE, OAUTH_SCOPE, } from "./constants.js";
+import { clearConfig, getConfigPath, readConfig, writeConfig, } from "./config.js";
+import { HttpError, getErrorCode, postJson } from "./http.js";
+function buildEndpoint(origin, path) {
+    return `${origin.replace(/\/$/, "")}${path}`;
+}
+function getAuthEndpoints(origin) {
+    return {
+        register: buildEndpoint(origin, "/api/agent/oauth/register"),
+        deviceAuthorization: buildEndpoint(origin, "/api/agent/oauth/device_authorization"),
+        token: buildEndpoint(origin, "/api/agent/oauth/token"),
+        revoke: buildEndpoint(origin, "/api/agent/oauth/revoke"),
+        mcpServerUrl: buildEndpoint(origin, "/api/agent/mcp"),
+    };
+}
+function toExpiresAt(expiresInSeconds) {
+    return new Date(Date.now() + Math.max(0, expiresInSeconds) * 1000).toISOString();
+}
+function isTokenFresh(config) {
+    return (new Date(config.accessTokenExpiresAt).getTime() - ACCESS_TOKEN_REFRESH_SKEW_MS > Date.now());
+}
+function openBrowser(url) {
+    const command = process.platform === "win32" ? "cmd" : process.platform === "darwin" ? "open" : "xdg-open";
+    const args = process.platform === "win32" ? ["/c", "start", "", url] : [url];
+    try {
+        const child = spawn(command, args, {
+            detached: true,
+            stdio: "ignore",
+            shell: false,
+        });
+        child.unref();
+    }
+    catch {
+        // The printed URL is the source of truth; opening the browser is best effort.
+    }
+}
+async function registerClient(origin) {
+    const endpoints = getAuthEndpoints(origin);
+    return postJson(endpoints.register, {
+        client_name: CLI_CLIENT_NAME,
+        grant_types: [OAUTH_DEVICE_GRANT_TYPE, "refresh_token"],
+        response_types: ["code"],
+        token_endpoint_auth_method: "none",
+    });
+}
+async function startDeviceAuthorization(origin, clientId) {
+    const endpoints = getAuthEndpoints(origin);
+    return postJson(endpoints.deviceAuthorization, {
+        client_id: clientId,
+        scope: OAUTH_SCOPE,
+        resource: endpoints.mcpServerUrl,
+    });
+}
+async function exchangeDeviceCode(origin, clientId, deviceCode) {
+    const endpoints = getAuthEndpoints(origin);
+    return postJson(endpoints.token, {
+        grant_type: OAUTH_DEVICE_GRANT_TYPE,
+        client_id: clientId,
+        device_code: deviceCode,
+        resource: endpoints.mcpServerUrl,
+    });
+}
+async function waitForDeviceApproval(params) {
+    const startedAt = Date.now();
+    const expiresAt = startedAt + params.expiresInSeconds * 1000;
+    let intervalMs = Math.max(1, params.intervalSeconds) * 1000;
+    while (Date.now() < expiresAt) {
+        await new Promise((resolve) => setTimeout(resolve, intervalMs));
+        try {
+            return await exchangeDeviceCode(params.origin, params.clientId, params.deviceCode);
+        }
+        catch (error) {
+            if (!(error instanceof HttpError)) {
+                throw error;
+            }
+            const code = getErrorCode(error.payload);
+            if (code === "authorization_pending") {
+                continue;
+            }
+            if (code === "slow_down") {
+                intervalMs += 5_000;
+                continue;
+            }
+            throw error;
+        }
+    }
+    throw new Error("Device authorization expired. Run `genrupt auth login` again.");
+}
+export async function login(options = {}) {
+    const origin = (options.origin ?? DEFAULT_ORIGIN).replace(/\/$/, "");
+    const endpoints = getAuthEndpoints(origin);
+    const client = await registerClient(origin);
+    const device = await startDeviceAuthorization(origin, client.client_id);
+    console.log();
+    console.log("Genrupt CLI login");
+    console.log();
+    console.log(`Open this URL to approve access:\n${device.verification_uri_complete}`);
+    console.log();
+    console.log(`Code: ${device.user_code}`);
+    console.log();
+    if (!options.noOpen) {
+        openBrowser(device.verification_uri_complete);
+    }
+    const token = await waitForDeviceApproval({
+        origin,
+        clientId: client.client_id,
+        deviceCode: device.device_code,
+        intervalSeconds: device.interval,
+        expiresInSeconds: device.expires_in,
+    });
+    if (!token.refresh_token) {
+        throw new Error("OAuth response did not include a refresh token.");
+    }
+    const config = {
+        origin,
+        mcpServerUrl: endpoints.mcpServerUrl,
+        clientId: client.client_id,
+        accessToken: token.access_token,
+        accessTokenExpiresAt: toExpiresAt(token.expires_in),
+        refreshToken: token.refresh_token,
+        scope: token.scope,
+    };
+    await writeConfig(config);
+    console.log(`Logged in. Credentials saved to ${getConfigPath()}`);
+}
+export async function refreshAccessToken(config) {
+    const endpoints = getAuthEndpoints(config.origin);
+    const token = await postJson(endpoints.token, {
+        grant_type: "refresh_token",
+        client_id: config.clientId,
+        refresh_token: config.refreshToken,
+        resource: config.mcpServerUrl,
+    });
+    const nextConfig = {
+        ...config,
+        accessToken: token.access_token,
+        accessTokenExpiresAt: toExpiresAt(token.expires_in),
+        refreshToken: token.refresh_token ?? config.refreshToken,
+        scope: token.scope,
+    };
+    await writeConfig(nextConfig);
+    return nextConfig;
+}
+export async function requireConfig() {
+    const config = await readConfig();
+    if (!config) {
+        throw new Error("Not logged in. Run `genrupt auth login` first.");
+    }
+    return config;
+}
+export async function getValidAccessToken() {
+    const config = await requireConfig();
+    if (isTokenFresh(config)) {
+        return config.accessToken;
+    }
+    const refreshed = await refreshAccessToken(config);
+    return refreshed.accessToken;
+}
+export async function getValidConfig() {
+    const config = await requireConfig();
+    if (isTokenFresh(config)) {
+        return config;
+    }
+    return refreshAccessToken(config);
+}
+export async function printAuthStatus() {
+    const config = await readConfig();
+    if (!config) {
+        console.log("Not logged in.");
+        console.log("Run: genrupt auth login");
+        return;
+    }
+    console.log("Logged in.");
+    console.log(`Origin: ${config.origin}`);
+    console.log(`MCP server: ${config.mcpServerUrl}`);
+    console.log(`Access token expires: ${config.accessTokenExpiresAt}`);
+    console.log(`Config: ${getConfigPath()}`);
+}
+async function revokeCurrentCredentials(config) {
+    const endpoints = getAuthEndpoints(config.origin);
+    await postJson(endpoints.revoke, {
+        client_id: config.clientId,
+        token: config.refreshToken,
+        token_type_hint: "refresh_token",
+    });
+}
+export async function logout(options = {}) {
+    const config = await readConfig();
+    if (config && !options.localOnly) {
+        try {
+            await revokeCurrentCredentials(config);
+            console.log("Server credentials revoked.");
+        }
+        catch (error) {
+            const message = error instanceof Error ? error.message : String(error);
+            console.warn(`Could not revoke server credentials: ${message}`);
+            console.warn("Local credentials will still be removed.");
+        }
+    }
+    await clearConfig();
+    console.log("Logged out.");
+}
+export async function assertLoggedIn() {
+    await getValidAccessToken();
+}

package/dist/cli.js

@@ -0,0 +1,213 @@
+#!/usr/bin/env node
+import { readFile } from "node:fs/promises";
+import { CLI_VERSION } from "./constants.js";
+import { login, logout, printAuthStatus } from "./auth.js";
+import { callRemoteMcpTool, assertSuccessfulToolPayload } from "./mcpClient.js";
+import { serveLocalMcp } from "./localMcpServer.js";
+import { setupClaudeCode } from "./setup.js";
+import { uploadProductReferenceImages } from "./upload.js";
+function parseFlags(args) {
+    const flags = {};
+    const positionals = [];
+    for (let index = 0; index < args.length; index += 1) {
+        const arg = args[index];
+        if (!arg.startsWith("--")) {
+            positionals.push(arg);
+            continue;
+        }
+        const [rawKey, inlineValue] = arg.slice(2).split("=", 2);
+        if (inlineValue !== undefined) {
+            flags[rawKey] = inlineValue;
+            continue;
+        }
+        const next = args[index + 1];
+        if (next && !next.startsWith("--")) {
+            flags[rawKey] = next;
+            index += 1;
+            continue;
+        }
+        flags[rawKey] = true;
+    }
+    return { flags, positionals };
+}
+function getStringFlag(flags, key) {
+    const value = flags[key];
+    return typeof value === "string" && value.trim() ? value.trim() : undefined;
+}
+function hasFlag(flags, key) {
+    return flags[key] === true;
+}
+function printHelp() {
+    console.log(`
+Genrupt CLI ${CLI_VERSION}
+
+Usage:
+  genrupt auth login [--origin https://genrupt.com] [--no-open]
+  genrupt auth status
+  genrupt auth logout [--local]
+
+  genrupt setup claude-code [--replace] [--scope user|project|local]
+
+  genrupt upload image <path...> [--asin ASIN] [--project-id ID] [--product-profile-id ID] [--domain amazon.com] [--json]
+
+  genrupt mcp serve
+  genrupt mcp call <tool_name> '<json_args>'
+  genrupt mcp call <tool_name> --query "..." --limit 10
+  genrupt mcp call <tool_name> --json-file ./args.json
+
+Examples:
+  genrupt auth login
+  genrupt setup claude-code
+  genrupt upload image "G:\\My Drive\\product.jpg" --asin B07QF3GNS2
+  genrupt mcp call search_capabilities --query "product reference upload" --includeUnavailable --limit 10
+`);
+}
+async function handleAuth(args) {
+    const subcommand = args[0];
+    const { flags } = parseFlags(args.slice(1));
+    if (subcommand === "login") {
+        await login({
+            origin: getStringFlag(flags, "origin"),
+            noOpen: hasFlag(flags, "no-open"),
+        });
+        return;
+    }
+    if (subcommand === "status") {
+        await printAuthStatus();
+        return;
+    }
+    if (subcommand === "logout") {
+        await logout({
+            localOnly: hasFlag(flags, "local"),
+        });
+        return;
+    }
+    throw new Error("Unknown auth command. Run `genrupt --help`.");
+}
+async function handleSetup(args) {
+    const subcommand = args[0];
+    const { flags } = parseFlags(args.slice(1));
+    if (subcommand === "claude-code") {
+        const scope = getStringFlag(flags, "scope") ?? "user";
+        if (!["local", "project", "user"].includes(scope)) {
+            throw new Error("--scope must be local, project, or user.");
+        }
+        await setupClaudeCode({
+            replace: hasFlag(flags, "replace"),
+            scope: scope,
+        });
+        return;
+    }
+    throw new Error("Unknown setup command. Run `genrupt --help`.");
+}
+async function handleUpload(args) {
+    const type = args[0];
+    if (type !== "image") {
+        throw new Error("Only `genrupt upload image` is supported.");
+    }
+    const { flags, positionals } = parseFlags(args.slice(1));
+    const result = await uploadProductReferenceImages({
+        paths: positionals,
+        asin: getStringFlag(flags, "asin"),
+        projectId: getStringFlag(flags, "project-id"),
+        productProfileId: getStringFlag(flags, "product-profile-id"),
+        domain: getStringFlag(flags, "domain"),
+    });
+    if (hasFlag(flags, "json")) {
+        console.log(JSON.stringify(result, null, 2));
+        return;
+    }
+    console.log();
+    console.log(`Uploaded ${result.uploads.length} image${result.uploads.length === 1 ? "" : "s"}.`);
+    console.log(`sourceAssetIds: ${result.sourceAssetIds.join(", ") || "(none returned)"}`);
+    for (const upload of result.uploads) {
+        console.log(`- ${upload.fileName}: ${upload.assetId ?? "no asset id"} ${upload.imageUrl}`);
+    }
+}
+function coerceMcpFlagValue(value) {
+    if (typeof value === "boolean") {
+        return value;
+    }
+    const trimmed = value.trim();
+    if (trimmed === "true")
+        return true;
+    if (trimmed === "false")
+        return false;
+    if (trimmed === "null")
+        return null;
+    const numeric = Number(trimmed);
+    if (trimmed && Number.isFinite(numeric) && String(numeric) === trimmed) {
+        return numeric;
+    }
+    if ((trimmed.startsWith("{") && trimmed.endsWith("}")) ||
+        (trimmed.startsWith("[") && trimmed.endsWith("]"))) {
+        return JSON.parse(trimmed);
+    }
+    return value;
+}
+async function readMcpCallArguments(args) {
+    const { flags, positionals } = parseFlags(args);
+    const jsonFile = getStringFlag(flags, "json-file");
+    if (jsonFile) {
+        return JSON.parse(await readFile(jsonFile, "utf8"));
+    }
+    if (positionals.length > 0) {
+        return JSON.parse(positionals.join(" "));
+    }
+    const parsed = Object.fromEntries(Object.entries(flags)
+        .filter(([key]) => key !== "json-file")
+        .map(([key, value]) => [key, coerceMcpFlagValue(value)]));
+    return parsed;
+}
+async function handleMcp(args) {
+    const subcommand = args[0];
+    if (subcommand === "serve") {
+        await serveLocalMcp();
+        return;
+    }
+    if (subcommand === "call") {
+        const toolName = args[1];
+        if (!toolName) {
+            throw new Error("Tool name is required.");
+        }
+        const parsedArgs = await readMcpCallArguments(args.slice(2));
+        const result = await callRemoteMcpTool(toolName, parsedArgs);
+        const payload = assertSuccessfulToolPayload(result);
+        console.log(JSON.stringify(payload, null, 2));
+        return;
+    }
+    throw new Error("Unknown mcp command. Run `genrupt --help`.");
+}
+async function main() {
+    const args = process.argv.slice(2);
+    const command = args[0];
+    if (!command || command === "--help" || command === "-h") {
+        printHelp();
+        return;
+    }
+    if (command === "--version" || command === "-v") {
+        console.log(CLI_VERSION);
+        return;
+    }
+    if (command === "auth") {
+        await handleAuth(args.slice(1));
+        return;
+    }
+    if (command === "setup") {
+        await handleSetup(args.slice(1));
+        return;
+    }
+    if (command === "upload") {
+        await handleUpload(args.slice(1));
+        return;
+    }
+    if (command === "mcp") {
+        await handleMcp(args.slice(1));
+        return;
+    }
+    throw new Error(`Unknown command: ${command}. Run \`genrupt --help\`.`);
+}
+main().catch((error) => {
+    console.error(error instanceof Error ? error.message : String(error));
+    process.exit(1);
+});

package/dist/config.js

@@ -0,0 +1,53 @@
+import { mkdir, readFile, rm, writeFile } from "node:fs/promises";
+import os from "node:os";
+import path from "node:path";
+import { DEFAULT_MCP_SERVER_URL, DEFAULT_ORIGIN } from "./constants.js";
+export function getConfigDir() {
+    if (process.env.GENRUPT_CONFIG_DIR?.trim()) {
+        return process.env.GENRUPT_CONFIG_DIR.trim();
+    }
+    if (process.platform === "win32") {
+        return path.join(process.env.APPDATA ?? os.homedir(), "Genrupt");
+    }
+    return path.join(process.env.XDG_CONFIG_HOME ?? path.join(os.homedir(), ".config"), "genrupt");
+}
+export function getConfigPath() {
+    return path.join(getConfigDir(), "config.json");
+}
+export async function readConfig() {
+    try {
+        const raw = await readFile(getConfigPath(), "utf8");
+        const parsed = JSON.parse(raw);
+        if (!parsed.clientId ||
+            !parsed.accessToken ||
+            !parsed.accessTokenExpiresAt ||
+            !parsed.refreshToken) {
+            return null;
+        }
+        return {
+            origin: parsed.origin ?? DEFAULT_ORIGIN,
+            mcpServerUrl: parsed.mcpServerUrl ?? DEFAULT_MCP_SERVER_URL,
+            clientId: parsed.clientId,
+            accessToken: parsed.accessToken,
+            accessTokenExpiresAt: parsed.accessTokenExpiresAt,
+            refreshToken: parsed.refreshToken,
+            scope: parsed.scope ?? "mcp",
+        };
+    }
+    catch (error) {
+        if (error.code === "ENOENT") {
+            return null;
+        }
+        throw error;
+    }
+}
+export async function writeConfig(config) {
+    await mkdir(getConfigDir(), { recursive: true });
+    await writeFile(getConfigPath(), `${JSON.stringify(config, null, 2)}\n`, {
+        encoding: "utf8",
+        mode: 0o600,
+    });
+}
+export async function clearConfig() {
+    await rm(getConfigPath(), { force: true });
+}

package/dist/constants.js

@@ -0,0 +1,7 @@
+export const DEFAULT_ORIGIN = process.env.GENRUPT_ORIGIN?.replace(/\/$/, "") ?? "https://genrupt.com";
+export const DEFAULT_MCP_SERVER_URL = `${DEFAULT_ORIGIN}/api/agent/mcp`;
+export const OAUTH_DEVICE_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:device_code";
+export const OAUTH_SCOPE = "mcp";
+export const CLI_CLIENT_NAME = "Genrupt CLI";
+export const CLI_VERSION = "0.1.0";
+export const ACCESS_TOKEN_REFRESH_SKEW_MS = 60_000;

package/dist/http.js

@@ -0,0 +1,53 @@
+export class HttpError extends Error {
+    status;
+    payload;
+    constructor(message, status, payload) {
+        super(message);
+        this.name = "HttpError";
+        this.status = status;
+        this.payload = payload;
+    }
+}
+export function getErrorDescription(payload) {
+    if (!payload || typeof payload !== "object") {
+        return null;
+    }
+    const record = payload;
+    const description = record.error_description ?? record.message;
+    return typeof description === "string" && description.trim() ? description : null;
+}
+export function getErrorCode(payload) {
+    if (!payload || typeof payload !== "object") {
+        return null;
+    }
+    const code = payload.error;
+    return typeof code === "string" && code.trim() ? code : null;
+}
+async function readResponsePayload(response) {
+    const text = await response.text();
+    if (!text.trim()) {
+        return null;
+    }
+    try {
+        return JSON.parse(text);
+    }
+    catch {
+        return text;
+    }
+}
+export async function postJson(url, body, headers = {}) {
+    const response = await fetch(url, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/json",
+            Accept: "application/json",
+            ...headers,
+        },
+        body: JSON.stringify(body),
+    });
+    const payload = await readResponsePayload(response);
+    if (!response.ok) {
+        throw new HttpError(getErrorDescription(payload) ?? `Request failed with HTTP ${response.status}.`, response.status, payload);
+    }
+    return payload;
+}

package/dist/localMcpServer.js

@@ -0,0 +1,143 @@
+import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { CallToolRequestSchema, ListToolsRequestSchema } from "@modelcontextprotocol/sdk/types.js";
+import { CLI_VERSION } from "./constants.js";
+import { listRemoteMcpTools, callRemoteMcpTool } from "./mcpClient.js";
+import { uploadProductReferenceImages } from "./upload.js";
+const LOCAL_UPLOAD_TOOL = {
+    name: "upload_product_reference_images",
+    title: "Upload local product reference images",
+    description: "Use when the user provides local image file paths from this computer and wants them uploaded to Genrupt as product reference assets. This local CLI MCP tool can read local files, uploads them through Genrupt's presigned upload flow, completes registration, and returns sourceAssetIds for create_product_reference_sheet. Supports JPEG, PNG, and WebP images up to 50 MB each.",
+    inputSchema: {
+        type: "object",
+        properties: {
+            paths: {
+                type: "array",
+                minItems: 1,
+                items: { type: "string", minLength: 1 },
+                description: "Absolute or working-directory-relative local image file paths.",
+            },
+            asin: {
+                type: "string",
+                minLength: 1,
+                description: "Optional Amazon ASIN to associate with the product reference assets.",
+            },
+            projectId: {
+                type: "string",
+                minLength: 1,
+                description: "Optional Genrupt project ID to associate with the uploaded assets.",
+            },
+            productProfileId: {
+                type: "string",
+                minLength: 1,
+                description: "Optional Genrupt product profile ID to associate with the uploaded assets.",
+            },
+            domain: {
+                type: "string",
+                minLength: 1,
+                description: "Optional Amazon domain, such as amazon.com.",
+            },
+        },
+        required: ["paths"],
+        additionalProperties: false,
+    },
+};
+function buildToolResult(payload) {
+    return {
+        content: [{ type: "text", text: JSON.stringify(payload, null, 2) }],
+        structuredContent: payload,
+    };
+}
+function buildToolError(error) {
+    const message = error instanceof Error ? error.message : String(error);
+    return {
+        isError: true,
+        content: [
+            {
+                type: "text",
+                text: JSON.stringify({
+                    error: {
+                        code: "GENRUPT_CLI_TOOL_ERROR",
+                        message,
+                        retryable: false,
+                    },
+                }, null, 2),
+            },
+        ],
+        structuredContent: {
+            error: {
+                code: "GENRUPT_CLI_TOOL_ERROR",
+                message,
+                retryable: false,
+            },
+        },
+    };
+}
+function normalizeStringArray(value) {
+    if (!Array.isArray(value)) {
+        throw new Error("paths must be an array of image file paths.");
+    }
+    const paths = value.filter((entry) => typeof entry === "string" && entry.trim().length > 0);
+    if (paths.length === 0) {
+        throw new Error("paths must include at least one image file path.");
+    }
+    return paths;
+}
+function getOptionalString(args, key) {
+    const value = args[key];
+    return typeof value === "string" && value.trim() ? value.trim() : undefined;
+}
+async function handleLocalUploadTool(args) {
+    const payload = await uploadProductReferenceImages({
+        paths: normalizeStringArray(args.paths),
+        asin: getOptionalString(args, "asin"),
+        projectId: getOptionalString(args, "projectId"),
+        productProfileId: getOptionalString(args, "productProfileId"),
+        domain: getOptionalString(args, "domain"),
+    });
+    return buildToolResult(payload);
+}
+export async function serveLocalMcp() {
+    const server = new Server({
+        name: "genrupt-cli",
+        version: CLI_VERSION,
+    }, {
+        capabilities: {
+            tools: {},
+        },
+        instructions: "Genrupt local bridge. Use upload_product_reference_images for local file paths, then use Genrupt remote MCP tools for market analysis, listing images, A+ content, product reference sheets, and video workflows.",
+    });
+    server.setRequestHandler(ListToolsRequestSchema, async () => {
+        try {
+            const remote = await listRemoteMcpTools();
+            return {
+                tools: [
+                    LOCAL_UPLOAD_TOOL,
+                    ...remote.tools.filter((tool) => tool.name !== LOCAL_UPLOAD_TOOL.name),
+                ],
+            };
+        }
+        catch (error) {
+            console.error(`[genrupt] Failed to list remote MCP tools: ${error instanceof Error ? error.message : String(error)}`);
+            return {
+                tools: [LOCAL_UPLOAD_TOOL],
+            };
+        }
+    });
+    server.setRequestHandler(CallToolRequestSchema, async (request) => {
+        const args = request.params.arguments && typeof request.params.arguments === "object"
+            ? request.params.arguments
+            : {};
+        try {
+            if (request.params.name === LOCAL_UPLOAD_TOOL.name) {
+                return await handleLocalUploadTool(args);
+            }
+            return await callRemoteMcpTool(request.params.name, args);
+        }
+        catch (error) {
+            return buildToolError(error);
+        }
+    });
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+}

package/dist/mcpClient.js

@@ -0,0 +1,121 @@
+import { getValidAccessToken, getValidConfig, refreshAccessToken } from "./auth.js";
+import { HttpError, getErrorDescription } from "./http.js";
+let nextJsonRpcId = 1;
+function parseEventStreamPayload(text) {
+    const dataLines = text
+        .split(/\r?\n/)
+        .filter((line) => line.startsWith("data:"))
+        .map((line) => line.slice(5).trim())
+        .filter(Boolean);
+    if (dataLines.length === 0) {
+        throw new Error("MCP server returned an empty event stream.");
+    }
+    return JSON.parse(dataLines[dataLines.length - 1]);
+}
+async function readJsonRpcResponse(response) {
+    const text = await response.text();
+    const contentType = response.headers.get("content-type") ?? "";
+    const payload = contentType.includes("text/event-stream")
+        ? parseEventStreamPayload(text)
+        : JSON.parse(text);
+    if (!response.ok) {
+        throw new HttpError(getErrorDescription(payload) ?? `MCP request failed with HTTP ${response.status}.`, response.status, payload);
+    }
+    if ("error" in payload) {
+        throw new Error(payload.error.message);
+    }
+    return payload.result;
+}
+async function postMcpJsonRpc(params) {
+    const response = await fetch(params.mcpServerUrl, {
+        method: "POST",
+        headers: {
+            Authorization: `Bearer ${params.accessToken}`,
+            "Content-Type": "application/json",
+            Accept: "application/json, text/event-stream",
+        },
+        body: JSON.stringify({
+            jsonrpc: "2.0",
+            id: nextJsonRpcId++,
+            method: params.method,
+            params: params.rpcParams ?? {},
+        }),
+    });
+    return readJsonRpcResponse(response);
+}
+async function withAuthRetry(call) {
+    const config = await getValidConfig();
+    try {
+        return await call(config.accessToken, config.mcpServerUrl);
+    }
+    catch (error) {
+        if (!(error instanceof HttpError) || error.status !== 401) {
+            throw error;
+        }
+        const refreshed = await refreshAccessToken(config);
+        return call(refreshed.accessToken, refreshed.mcpServerUrl);
+    }
+}
+export async function listRemoteMcpTools() {
+    return withAuthRetry(async (accessToken, mcpServerUrl) => postMcpJsonRpc({
+        method: "tools/list",
+        accessToken,
+        mcpServerUrl,
+    }));
+}
+export async function callRemoteMcpTool(name, args) {
+    return withAuthRetry(async (accessToken, mcpServerUrl) => postMcpJsonRpc({
+        method: "tools/call",
+        rpcParams: {
+            name,
+            arguments: args,
+        },
+        accessToken,
+        mcpServerUrl,
+    }));
+}
+export async function executeRemoteCapability(capabilityId, args) {
+    return callRemoteMcpTool("execute_capability", {
+        capabilityId,
+        arguments: args,
+    });
+}
+export async function callRemoteMcpToolWithFreshToken(name, args) {
+    const accessToken = await getValidAccessToken();
+    const config = await getValidConfig();
+    return postMcpJsonRpc({
+        method: "tools/call",
+        rpcParams: {
+            name,
+            arguments: args,
+        },
+        accessToken,
+        mcpServerUrl: config.mcpServerUrl,
+    });
+}
+export function getStructuredContent(result) {
+    if (result.structuredContent !== undefined) {
+        return result.structuredContent;
+    }
+    const textBlock = result.content?.find((block) => block.type === "text" && typeof block.text === "string");
+    if (!textBlock?.text) {
+        return null;
+    }
+    try {
+        return JSON.parse(textBlock.text);
+    }
+    catch {
+        return { text: textBlock.text };
+    }
+}
+export function assertSuccessfulToolPayload(result) {
+    const payload = getStructuredContent(result);
+    if (result.isError) {
+        const textBlock = result.content?.find((block) => block.type === "text" && typeof block.text === "string" && block.text.trim());
+        const message = payload && typeof payload === "object" && "error" in payload
+            ? JSON.stringify(payload.error)
+            : textBlock?.text?.trim() || "Remote Genrupt tool call failed.";
+        throw new Error(message);
+    }
+    return payload;
+}

package/dist/setup.js

@@ -0,0 +1,44 @@
+import { spawnSync } from "node:child_process";
+import { assertLoggedIn } from "./auth.js";
+function runClaude(args) {
+    return spawnSync("claude", args, {
+        stdio: "inherit",
+        shell: process.platform === "win32",
+    });
+}
+export async function setupClaudeCode(options = {}) {
+    await assertLoggedIn();
+    const scope = options.scope ?? "user";
+    if (options.replace) {
+        runClaude(["mcp", "remove", "genrupt"]);
+    }
+    const args = [
+        "mcp",
+        "add",
+        "--transport",
+        "stdio",
+        "--scope",
+        scope,
+        "genrupt",
+        "--",
+        "genrupt",
+        "mcp",
+        "serve",
+    ];
+    const result = runClaude(args);
+    if (result.error || result.status !== 0) {
+        console.log();
+        console.log("Could not register Genrupt with Claude Code automatically.");
+        console.log("Run this command manually:");
+        console.log();
+        console.log(`claude ${args.join(" ")}`);
+        console.log();
+        if (result.error) {
+            throw result.error;
+        }
+        process.exit(result.status ?? 1);
+    }
+    console.log();
+    console.log("Genrupt local MCP bridge is installed for Claude Code.");
+    console.log("Start a new Claude Code chat, then ask Genrupt to upload local product files or run a workflow.");
+}

package/dist/upload.js

@@ -0,0 +1,122 @@
+import { readFile, stat } from "node:fs/promises";
+import path from "node:path";
+import { assertSuccessfulToolPayload, executeRemoteCapability } from "./mcpClient.js";
+const MAX_PRODUCT_REFERENCE_BYTES = 50 * 1024 * 1024;
+function detectContentType(filePath) {
+    const extension = path.extname(filePath).toLowerCase();
+    if (extension === ".jpg" || extension === ".jpeg") {
+        return "image/jpeg";
+    }
+    if (extension === ".png") {
+        return "image/png";
+    }
+    if (extension === ".webp") {
+        return "image/webp";
+    }
+    throw new Error(`Unsupported image type for ${filePath}. Use JPEG, PNG, or WebP.`);
+}
+function asRecord(value) {
+    return value && typeof value === "object" && !Array.isArray(value)
+        ? value
+        : null;
+}
+function requireCreateUploadPayload(payload) {
+    const record = asRecord(payload);
+    if (!record ||
+        typeof record.uploadUrl !== "string" ||
+        typeof record.assetUrl !== "string" ||
+        typeof record.objectKey !== "string") {
+        throw new Error("Genrupt did not return a valid upload URL payload.");
+    }
+    return {
+        uploadUrl: record.uploadUrl,
+        assetUrl: record.assetUrl,
+        objectKey: record.objectKey,
+        headers: asRecord(record.headers),
+        method: typeof record.method === "string" ? record.method : "PUT",
+        maxBytes: typeof record.maxBytes === "number" ? record.maxBytes : undefined,
+    };
+}
+function requireCompleteUploadPayload(payload) {
+    const record = asRecord(payload);
+    if (!record) {
+        throw new Error("Genrupt did not return a valid completed upload payload.");
+    }
+    return record;
+}
+async function uploadBytes(params) {
+    const body = new Blob([new Uint8Array(params.bytes)]);
+    const response = await fetch(params.uploadUrl, {
+        method: params.method,
+        headers: params.headers,
+        body,
+    });
+    if (!response.ok) {
+        const body = await response.text().catch(() => "");
+        throw new Error(`Storage upload failed with HTTP ${response.status}${body ? `: ${body.slice(0, 500)}` : ""}`);
+    }
+}
+export async function uploadProductReferenceImages(options) {
+    if (options.paths.length === 0) {
+        throw new Error("At least one image path is required.");
+    }
+    const uploads = [];
+    for (const filePath of options.paths) {
+        const fileStat = await stat(filePath);
+        if (!fileStat.isFile()) {
+            throw new Error(`${filePath} is not a file.`);
+        }
+        if (fileStat.size > MAX_PRODUCT_REFERENCE_BYTES) {
+            throw new Error(`${filePath} is larger than 50 MB.`);
+        }
+        const fileName = path.basename(filePath);
+        const contentType = detectContentType(filePath);
+        const createResult = await executeRemoteCapability("create_product_reference_upload", {
+            fileName,
+            contentType,
+            byteLength: fileStat.size,
+            ...(options.asin ? { asin: options.asin } : {}),
+            ...(options.projectId ? { projectId: options.projectId } : {}),
+            ...(options.productProfileId ? { productProfileId: options.productProfileId } : {}),
+            ...(options.domain ? { domain: options.domain } : {}),
+        });
+        const createPayload = requireCreateUploadPayload(assertSuccessfulToolPayload(createResult));
+        const bytes = await readFile(filePath);
+        await uploadBytes({
+            uploadUrl: createPayload.uploadUrl,
+            method: createPayload.method ?? "PUT",
+            headers: createPayload.headers ?? { "Content-Type": contentType },
+            bytes,
+        });
+        const completeResult = await executeRemoteCapability("complete_product_reference_upload", {
+            objectKey: createPayload.objectKey,
+            assetUrl: createPayload.assetUrl,
+            contentType,
+            byteLength: fileStat.size,
+            fileName,
+            ...(options.asin ? { asin: options.asin } : {}),
+            ...(options.projectId ? { projectId: options.projectId } : {}),
+            ...(options.productProfileId ? { productProfileId: options.productProfileId } : {}),
+            ...(options.domain ? { domain: options.domain } : {}),
+        });
+        const completePayload = requireCompleteUploadPayload(assertSuccessfulToolPayload(completeResult));
+        uploads.push({
+            path: filePath,
+            fileName,
+            objectKey: createPayload.objectKey,
+            assetUrl: createPayload.assetUrl,
+            assetId: completePayload.asset?.id ?? null,
+            imageUrl: completePayload.asset?.imageUrl ?? createPayload.assetUrl,
+            contentType,
+            byteLength: fileStat.size,
+            alreadyCompleted: completePayload.alreadyCompleted ?? false,
+        });
+    }
+    return {
+        uploads,
+        sourceAssetIds: uploads
+            .map((upload) => upload.assetId)
+            .filter((assetId) => Boolean(assetId)),
+        nextSuggestedTool: "create_product_reference_sheet",
+    };
+}

package/package.json

@@ -0,0 +1,47 @@
+{
+  "name": "@genrupt/cli",
+  "version": "0.1.0",
+  "description": "Genrupt CLI for OAuth login, local file uploads, and local MCP bridge setup.",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Shackelfordian/Genrupt.git",
+    "directory": "packages/genrupt-cli"
+  },
+  "keywords": [
+    "genrupt",
+    "mcp",
+    "claude-code",
+    "amazon",
+    "upload"
+  ],
+  "type": "module",
+  "bin": {
+    "genrupt": "dist/cli.js"
+  },
+  "publishConfig": {
+    "access": "public",
+    "provenance": false
+  },
+  "files": [
+    "dist/",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "pack:dry-run": "npm pack --dry-run",
+    "release:check": "npm run build && node ../../scripts/verify-genrupt-cli-release.cjs",
+    "prepublishOnly": "npm run build && node ../../scripts/verify-genrupt-cli-release.cjs"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.18.0",
+    "zod": "^3.25.76"
+  },
+  "devDependencies": {
+    "@types/node": "^20.8.7",
+    "typescript": "^5.2.2"
+  },
+  "engines": {
+    "node": ">=20"
+  }
+}