@getjack/jack 0.1.31 → 0.1.32

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@getjack/jack",
-	"version": "0.1.31",
+	"version": "0.1.32",
 	"description": "Ship before you forget why you started. The vibecoder's deployment CLI.",
 	"license": "Apache-2.0",
 	"type": "module",

package/src/commands/services.ts

@@ -99,6 +99,7 @@ async function resolveDatabaseInfo(projectName: string): Promise<ResolvedDatabas
 
 interface ServiceOptions {
 	project?: string;
+	json?: boolean;
 }
 
 export default async function services(
@@ -209,17 +210,23 @@ async function resolveProjectName(options: ServiceOptions): Promise<string> {
  * Show database information
  */
 async function dbInfo(options: ServiceOptions): Promise<void> {
+	const jsonOutput = options.json ?? false;
 	const projectName = await resolveProjectName(options);
 	const projectDir = process.cwd();
 	const link = await readProjectLink(projectDir);
 
 	// For managed projects, use control plane API (no wrangler dependency)
 	if (link?.deploy_mode === "managed") {
-		outputSpinner.start("Fetching database info...");
+		if (!jsonOutput) outputSpinner.start("Fetching database info...");
 		try {
 			const { getManagedDatabaseInfo } = await import("../lib/control-plane.ts");
 			const dbInfo = await getManagedDatabaseInfo(link.project_id);
-			outputSpinner.stop();
+			if (!jsonOutput) outputSpinner.stop();
+
+			if (jsonOutput) {
+				console.log(JSON.stringify({ name: dbInfo.name, id: dbInfo.id, sizeBytes: dbInfo.sizeBytes, numTables: dbInfo.numTables, source: "managed" }));
+				return;
+			}
 
 			console.error("");
 			success(`Database: ${dbInfo.name}`);
@@ -231,7 +238,14 @@ async function dbInfo(options: ServiceOptions): Promise<void> {
 			console.error("");
 			return;
 		} catch (err) {
-			outputSpinner.stop();
+			if (!jsonOutput) outputSpinner.stop();
+			if (jsonOutput) {
+				const msg = err instanceof Error && err.message.includes("No database found")
+					? "No database configured. Run 'jack services db create' to create one."
+					: `Failed to fetch database info: ${err instanceof Error ? err.message : String(err)}`;
+				console.log(JSON.stringify({ success: false, error: msg }));
+				process.exit(1);
+			}
 			console.error("");
 			if (err instanceof Error && err.message.includes("No database found")) {
 				error("No database found for this project");
@@ -248,6 +262,10 @@ async function dbInfo(options: ServiceOptions): Promise<void> {
 	const dbInfo = await resolveDatabaseInfo(projectName);
 
 	if (!dbInfo) {
+		if (jsonOutput) {
+			console.log(JSON.stringify({ success: false, error: "No database found for this project" }));
+			return;
+		}
 		console.error("");
 		error("No database found for this project");
 		info("Create one with: jack services db create");
@@ -256,11 +274,15 @@ async function dbInfo(options: ServiceOptions): Promise<void> {
 	}
 
 	// Fetch detailed database info via wrangler
-	outputSpinner.start("Fetching database info...");
+	if (!jsonOutput) outputSpinner.start("Fetching database info...");
 	const wranglerDbInfo = await getWranglerDatabaseInfo(dbInfo.name);
-	outputSpinner.stop();
+	if (!jsonOutput) outputSpinner.stop();
 
 	if (!wranglerDbInfo) {
+		if (jsonOutput) {
+			console.log(JSON.stringify({ success: false, error: "Database not found" }));
+			process.exit(1);
+		}
 		console.error("");
 		error("Database not found");
 		info("It may have been deleted");
@@ -268,6 +290,11 @@ async function dbInfo(options: ServiceOptions): Promise<void> {
 		process.exit(1);
 	}
 
+	if (jsonOutput) {
+		console.log(JSON.stringify({ name: wranglerDbInfo.name, id: dbInfo.id || wranglerDbInfo.id, sizeBytes: wranglerDbInfo.sizeBytes, numTables: wranglerDbInfo.numTables, source: "byo" }));
+		return;
+	}
+
 	// Display info
 	console.error("");
 	success(`Database: ${wranglerDbInfo.name}`);
@@ -624,10 +651,16 @@ async function dbCreate(args: string[], options: ServiceOptions): Promise<void>
  * List all databases in the project
  */
 async function dbList(options: ServiceOptions): Promise<void> {
-	outputSpinner.start("Fetching databases...");
+	const jsonOutput = options.json ?? false;
+	if (!jsonOutput) outputSpinner.start("Fetching databases...");
 	try {
 		const databases = await listDatabases(process.cwd());
-		outputSpinner.stop();
+		if (!jsonOutput) outputSpinner.stop();
+
+		if (jsonOutput) {
+			console.log(JSON.stringify(databases));
+			return;
+		}
 
 		if (databases.length === 0) {
 			console.error("");
@@ -654,7 +687,11 @@ async function dbList(options: ServiceOptions): Promise<void> {
 			console.error("");
 		}
 	} catch (err) {
-		outputSpinner.stop();
+		if (!jsonOutput) outputSpinner.stop();
+		if (jsonOutput) {
+			console.log(JSON.stringify({ error: err instanceof Error ? err.message : String(err) }));
+			process.exit(1);
+		}
 		console.error("");
 		error(`Failed to list databases: ${err instanceof Error ? err.message : String(err)}`);
 		process.exit(1);
@@ -729,7 +766,8 @@ function parseExecuteArgs(args: string[]): ExecuteArgs {
 /**
  * Execute SQL against the database
  */
-async function dbExecute(args: string[], _options: ServiceOptions): Promise<void> {
+async function dbExecute(args: string[], options: ServiceOptions): Promise<void> {
+	const jsonOutput = options.json ?? false;
 	const execArgs = parseExecuteArgs(args);
 
 	// Validate input
@@ -766,7 +804,7 @@ async function dbExecute(args: string[], _options: ServiceOptions): Promise<void
 	const projectDir = process.cwd();
 
 	try {
-		outputSpinner.start("Executing SQL...");
+		if (!jsonOutput) outputSpinner.start("Executing SQL...");
 
 		let result;
 		if (execArgs.filePath) {
@@ -823,7 +861,7 @@ async function dbExecute(args: string[], _options: ServiceOptions): Promise<void
 			}
 
 			// NOW execute with confirmation
-			outputSpinner.start("Executing SQL...");
+			if (!jsonOutput) outputSpinner.start("Executing SQL...");
 			if (execArgs.filePath) {
 				result = await executeSqlFile({
 					projectDir,
@@ -857,12 +895,37 @@ async function dbExecute(args: string[], _options: ServiceOptions): Promise<void
 				error_type: "execution_failed",
 			});
 
+			if (jsonOutput) {
+				console.log(JSON.stringify({ success: false, error: result.error || "SQL execution failed" }));
+				process.exit(1);
+			}
+
 			console.error("");
 			error(result.error || "SQL execution failed");
 			console.error("");
 			process.exit(1);
 		}
 
+		// Track telemetry
+		track(Events.SQL_EXECUTED, {
+			success: true,
+			risk_level: result.risk,
+			statement_count: result.statements.length,
+			from_file: !!execArgs.filePath,
+		});
+
+		// JSON output mode — structured result for agents
+		if (jsonOutput) {
+			console.log(JSON.stringify({
+				success: true,
+				results: result.results ?? [],
+				meta: result.meta,
+				risk: result.risk,
+				warning: result.warning,
+			}));
+			return;
+		}
+
 		// Show results
 		console.error("");
 		success(`SQL executed (${getRiskDescription(result.risk)})`);
@@ -886,14 +949,6 @@ async function dbExecute(args: string[], _options: ServiceOptions): Promise<void
 			console.log(JSON.stringify(result.results, null, 2));
 		}
 		console.error("");
-
-		// Track telemetry
-		track(Events.SQL_EXECUTED, {
-			success: true,
-			risk_level: result.risk,
-			statement_count: result.statements.length,
-			from_file: !!execArgs.filePath,
-		});
 	} catch (err) {
 		outputSpinner.stop();
 
@@ -904,6 +959,11 @@ async function dbExecute(args: string[], _options: ServiceOptions): Promise<void
 				risk_level: err.risk,
 			});
 
+			if (jsonOutput) {
+				console.log(JSON.stringify({ success: false, error: err.message, suggestion: "Add --write flag" }));
+				process.exit(1);
+			}
+
 			console.error("");
 			error(err.message);
 			info("Add the --write flag to allow data modification:");
@@ -919,6 +979,11 @@ async function dbExecute(args: string[], _options: ServiceOptions): Promise<void
 				risk_level: "destructive",
 			});
 
+			if (jsonOutput) {
+				console.log(JSON.stringify({ success: false, error: err.message, suggestion: "Destructive operations require confirmation via CLI" }));
+				process.exit(1);
+			}
+
 			console.error("");
 			error(err.message);
 			info("Destructive operations require confirmation via CLI.");
@@ -931,6 +996,11 @@ async function dbExecute(args: string[], _options: ServiceOptions): Promise<void
 			error_type: "unknown",
 		});
 
+		if (jsonOutput) {
+			console.log(JSON.stringify({ success: false, error: err instanceof Error ? err.message : String(err) }));
+			process.exit(1);
+		}
+
 		console.error("");
 		error(`SQL execution failed: ${err instanceof Error ? err.message : String(err)}`);
 		console.error("");

package/src/commands/ship.ts

@@ -3,14 +3,15 @@ import { createReporter, output } from "../lib/output.ts";
 import { deployProject } from "../lib/project-operations.ts";
 
 export default async function ship(
-	options: { managed?: boolean; byo?: boolean; dryRun?: boolean } = {},
+	options: { managed?: boolean; byo?: boolean; dryRun?: boolean; json?: boolean } = {},
 ): Promise<void> {
 	const isCi = process.env.CI === "true" || process.env.CI === "1";
+	const jsonOutput = options.json ?? false;
 	try {
 		const result = await deployProject({
 			projectPath: process.cwd(),
-			reporter: createReporter(),
-			interactive: !isCi,
+			reporter: jsonOutput ? undefined : createReporter(),
+			interactive: !isCi && !jsonOutput,
 			includeSecrets: !options.dryRun,
 			includeSync: !options.dryRun,
 			managed: options.managed,
@@ -18,11 +19,35 @@ export default async function ship(
 			dryRun: options.dryRun,
 		});
 
+		if (jsonOutput) {
+			console.log(
+				JSON.stringify({
+					success: true,
+					projectName: result.projectName,
+					url: result.workerUrl,
+					deployMode: result.deployMode,
+				}),
+			);
+			return;
+		}
+
 		if (!result.workerUrl && result.deployOutput) {
 			console.error(result.deployOutput);
 		}
 	} catch (error) {
 		const details = getErrorDetails(error);
+
+		if (jsonOutput) {
+			console.log(
+				JSON.stringify({
+					success: false,
+					error: details.message,
+					suggestion: details.suggestion,
+				}),
+			);
+			process.exit(details.meta?.exitCode ?? 1);
+		}
+
 		if (!details.meta?.reported) {
 			output.error(details.message);
 		}

package/src/commands/tokens.ts

@@ -0,0 +1,119 @@
+/**
+ * jack tokens - Manage API tokens for headless authentication
+ *
+ * Tokens are account-level (not project-scoped).
+ * Set JACK_API_TOKEN in your environment for CI/CD and automated pipelines.
+ */
+
+import { error, info, success } from "../lib/output.ts";
+import {
+	type TokenInfo,
+	createApiToken,
+	listApiTokens,
+	revokeApiToken,
+} from "../lib/services/token-operations.ts";
+import { Events, track } from "../lib/telemetry.ts";
+
+export default async function tokens(
+	subcommand?: string,
+	args: string[] = [],
+	flags: Record<string, unknown> = {},
+): Promise<void> {
+	if (!subcommand) {
+		return showHelp();
+	}
+
+	if (subcommand === "help" || subcommand === "--help" || subcommand === "-h") {
+		return showHelp();
+	}
+
+	switch (subcommand) {
+		case "create":
+		case "new":
+			return await createToken(args, flags);
+		case "list":
+		case "ls":
+			return await listTokens();
+		case "revoke":
+		case "rm":
+		case "delete":
+			return await revokeToken(args);
+		default:
+			error(`Unknown subcommand: ${subcommand}`);
+			info("Available: create, list, revoke");
+			process.exit(1);
+	}
+}
+
+function showHelp(): void {
+	console.error("");
+	info("jack tokens - Manage API tokens for headless authentication");
+	console.error("");
+	console.error("Commands:");
+	console.error("  create [name]             Create a new API token");
+	console.error("  list                      List active tokens");
+	console.error("  revoke <id>               Revoke a token");
+	console.error("");
+	console.error("Usage:");
+	console.error("  Set JACK_API_TOKEN in your environment for headless auth.");
+	console.error("  Tokens work in CI/CD, Docker, and automated pipelines.");
+	console.error("");
+}
+
+async function createToken(args: string[], flags: Record<string, unknown> = {}): Promise<void> {
+	// Accept name from --name flag or first positional arg
+	let name = "CLI Token";
+	if (flags.name && typeof flags.name === "string") {
+		name = flags.name;
+	} else if (args[0] && !args[0].startsWith("-")) {
+		name = args[0];
+	}
+
+	const data = await createApiToken(name);
+
+	track(Events.TOKEN_CREATED);
+
+	success("Token created");
+	console.error("");
+	console.error(`  ${data.token}`);
+	console.error("");
+	console.error("  Save this token -- it will not be shown again.");
+	console.error("");
+	console.error("  Usage:");
+	console.error("    export JACK_API_TOKEN=<token>");
+	console.error("    jack ship");
+	console.error("");
+}
+
+async function listTokens(): Promise<void> {
+	const tokenList = await listApiTokens();
+
+	if (tokenList.length === 0) {
+		info("No active tokens");
+		return;
+	}
+
+	console.error("");
+	for (const t of tokenList) {
+		const lastUsed = t.last_used_at ? `last used ${t.last_used_at}` : "never used";
+		console.error(`  ${t.id}  ${t.name}  (${lastUsed})`);
+	}
+	console.error("");
+}
+
+async function revokeToken(args: string[]): Promise<void> {
+	const tokenId = args[0];
+
+	if (!tokenId) {
+		error("Missing token ID");
+		info("Usage: jack tokens revoke <token-id>");
+		info("Run 'jack tokens list' to see token IDs");
+		process.exit(1);
+	}
+
+	await revokeApiToken(tokenId);
+
+	track(Events.TOKEN_REVOKED);
+
+	success(`Token revoked: ${tokenId}`);
+}

package/src/commands/whoami.ts

@@ -19,13 +19,17 @@ export default async function whoami(): Promise<void> {
 		item(`Name: ${creds.user.first_name}${creds.user.last_name ? ` ${creds.user.last_name}` : ""}`);
 	}
 
-	const expiresIn = creds.expires_at - Math.floor(Date.now() / 1000);
-	if (expiresIn > 0) {
-		const hours = Math.floor(expiresIn / 3600);
-		const minutes = Math.floor((expiresIn % 3600) / 60);
-		item(`Token expires: ${hours}h ${minutes}m`);
+	if (process.env.JACK_API_TOKEN) {
+		item("Auth: API token");
 	} else {
-		item("Token: expired (will refresh on next request)");
+		const expiresIn = creds.expires_at - Math.floor(Date.now() / 1000);
+		if (expiresIn > 0) {
+			const hours = Math.floor(expiresIn / 3600);
+			const minutes = Math.floor((expiresIn % 3600) / 60);
+			item(`Token expires: ${hours}h ${minutes}m`);
+		} else {
+			item("Token: expired (will refresh on next request)");
+		}
 	}
 	console.error("");
 }

package/src/index.ts

@@ -35,6 +35,7 @@ const cli = meow(
     login               Sign in
     logout              Sign out
     whoami              Show current user
+    tokens              Manage API tokens
     update              Update jack to latest version
 
   Project Management
@@ -181,6 +182,9 @@ const cli = meow(
 			sort: {
 				type: "string",
 			},
+			name: {
+				type: "string",
+			},
 		},
 	},
 );
@@ -208,6 +212,7 @@ const [command, ...args] = cli.input;
 			os: process.platform,
 			arch: process.arch,
 			node_version: process.version,
+			auth_method: process.env.JACK_API_TOKEN ? "token" : "oauth",
 		});
 
 		// Update lastIdentifyDate
@@ -220,6 +225,7 @@ const [command, ...args] = cli.input;
 			os: process.platform,
 			arch: process.arch,
 			node_version: process.version,
+			auth_method: process.env.JACK_API_TOKEN ? "token" : "oauth",
 		});
 	}
 })();
@@ -285,6 +291,7 @@ try {
 				managed: cli.flags.managed,
 				byo: cli.flags.byo,
 				dryRun: cli.flags.dryRun,
+				json: cli.flags.json,
 			});
 			break;
 		}
@@ -389,6 +396,7 @@ try {
 
 			await withTelemetry("services", services, { subcommand })(args[0], serviceArgs, {
 				project: cli.flags.project,
+				json: cli.flags.json,
 			});
 			break;
 		}
@@ -399,6 +407,15 @@ try {
 			});
 			break;
 		}
+		case "tokens": {
+			const { default: tokens } = await import("./commands/tokens.ts");
+			await withTelemetry("tokens", tokens, { subcommand: args[0] })(
+				args[0],
+				args.slice(1),
+				cli.flags,
+			);
+			break;
+		}
 		case "domain": {
 			const { default: domain } = await import("./commands/domain.ts");
 			await withTelemetry("domain", domain, { subcommand: args[0] })(args[0], args.slice(1));

package/src/lib/auth/client.ts

@@ -73,6 +73,16 @@ export async function refreshToken(refreshTokenValue: string): Promise<TokenResp
 }
 
 export async function getValidAccessToken(): Promise<string | null> {
+	// Priority 1: API token from environment
+	const apiToken = process.env.JACK_API_TOKEN;
+	if (apiToken) {
+		if (!apiToken.startsWith("jkt_")) {
+			console.error("Warning: JACK_API_TOKEN should start with 'jkt_'");
+		}
+		return apiToken;
+	}
+
+	// Priority 2: Stored OAuth credentials
 	const creds = await getCredentials();
 	if (!creds) {
 		return null;
@@ -102,7 +112,7 @@ export async function getValidAccessToken(): Promise<string | null> {
 export async function authFetch(url: string, options: RequestInit = {}): Promise<Response> {
 	const token = await getValidAccessToken();
 	if (!token) {
-		throw new Error("Not authenticated. Run 'jack login' first.");
+		throw new Error("Not authenticated. Run 'jack login' or set JACK_API_TOKEN.");
 	}
 
 	return fetch(url, {

package/src/lib/auth/guard.ts

@@ -13,7 +13,7 @@ export async function requireAuth(): Promise<string> {
 		throw new JackError(
 			JackErrorCode.AUTH_FAILED,
 			"Not logged in",
-			"Run 'jack login' to sign in to jack cloud",
+			"Run 'jack login' to sign in, or set JACK_API_TOKEN for headless use",
 		);
 	}
 

package/src/lib/auth/store.ts

@@ -51,6 +51,9 @@ export type AuthState = "logged-in" | "not-logged-in" | "session-expired";
  * - "session-expired": had credentials but refresh failed
  */
 export async function getAuthState(): Promise<AuthState> {
+	// API token always counts as logged in
+	if (process.env.JACK_API_TOKEN) return "logged-in";
+
 	const creds = await getCredentials();
 	if (!creds) return "not-logged-in";
 

package/src/lib/services/token-operations.ts

@@ -0,0 +1,84 @@
+/**
+ * Token operations service layer for jack cloud
+ *
+ * Provides shared API token management functions for both CLI and MCP.
+ * Returns pure data - no console.log or process.exit.
+ */
+
+import { authFetch } from "../auth/index.ts";
+import { getControlApiUrl } from "../control-plane.ts";
+
+// ============================================================================
+// Types
+// ============================================================================
+
+export interface CreateTokenResult {
+	token: string;
+	id: string;
+	name: string;
+	created_at: string;
+	expires_at: string | null;
+}
+
+export interface TokenInfo {
+	id: string;
+	name: string;
+	id_prefix: string;
+	created_at: string;
+	last_used_at: string | null;
+	expires_at: string | null;
+}
+
+// ============================================================================
+// Service Functions
+// ============================================================================
+
+/**
+ * Create a new API token for headless authentication.
+ */
+export async function createApiToken(
+	name: string,
+	expiresInDays?: number,
+): Promise<CreateTokenResult> {
+	const response = await authFetch(`${getControlApiUrl()}/v1/tokens`, {
+		method: "POST",
+		headers: { "Content-Type": "application/json" },
+		body: JSON.stringify({ name, expires_in_days: expiresInDays }),
+	});
+
+	if (!response.ok) {
+		const err = (await response.json().catch(() => ({}))) as { message?: string };
+		throw new Error(err.message || `Failed to create token: ${response.status}`);
+	}
+
+	return response.json() as Promise<CreateTokenResult>;
+}
+
+/**
+ * List all active API tokens for the current user.
+ */
+export async function listApiTokens(): Promise<TokenInfo[]> {
+	const response = await authFetch(`${getControlApiUrl()}/v1/tokens`);
+
+	if (!response.ok) {
+		const err = (await response.json().catch(() => ({}))) as { message?: string };
+		throw new Error(err.message || `Failed to list tokens: ${response.status}`);
+	}
+
+	const data = (await response.json()) as { tokens: TokenInfo[] };
+	return data.tokens;
+}
+
+/**
+ * Revoke an API token by ID.
+ */
+export async function revokeApiToken(tokenId: string): Promise<void> {
+	const response = await authFetch(`${getControlApiUrl()}/v1/tokens/${tokenId}`, {
+		method: "DELETE",
+	});
+
+	if (!response.ok) {
+		const err = (await response.json().catch(() => ({}))) as { message?: string };
+		throw new Error(err.message || `Failed to revoke token: ${response.status}`);
+	}
+}

package/src/lib/telemetry.ts

@@ -44,6 +44,9 @@ export const Events = {
 	BYO_DEPLOY_STARTED: "byo_deploy_started",
 	BYO_DEPLOY_COMPLETED: "byo_deploy_completed",
 	BYO_DEPLOY_FAILED: "byo_deploy_failed",
+	// Token management events
+	TOKEN_CREATED: "token_created",
+	TOKEN_REVOKED: "token_revoked",
 } as const;
 
 type EventName = (typeof Events)[keyof typeof Events];
@@ -127,6 +130,7 @@ export interface UserProperties {
 	is_tty?: boolean;
 	locale?: string;
 	config_style?: "byoc" | "jack-cloud";
+	auth_method?: "oauth" | "token";
 }
 
 // Detect environment properties (for user profile - stable properties)

package/src/mcp/resources/index.ts

@@ -31,6 +31,13 @@ export function registerResources(
 					description: "Semantic information about jack's capabilities for AI agents",
 					mimeType: "application/json",
 				},
+				{
+					uri: "agents://workflows",
+					name: "Workflow Recipes",
+					description:
+						"Multi-step workflow templates for common tasks like creating APIs with databases, debugging production issues, and setting up cron jobs",
+					mimeType: "text/markdown",
+				},
 			],
 		};
 	});
@@ -160,6 +167,172 @@ Check for JACK.md in the project root for project-specific instructions.
 			};
 		}
 
+		if (uri === "agents://workflows") {
+			const workflows = `# Jack Workflow Recipes
+
+Multi-step workflows for common tasks. Each workflow can be executed by an agent team or a single agent working sequentially.
+
+---
+
+## 1. Create API with Database
+
+Goal: Scaffold a new API, add a database, create tables, and verify.
+
+\`\`\`
+Step 1: Create project
+  jack new my-api --template api
+
+Step 2: Add database
+  mcp__jack__create_database (or: jack services db create)
+
+Step 3: Create schema
+  mcp__jack__execute_sql
+    sql: "CREATE TABLE items (id INTEGER PRIMARY KEY, name TEXT NOT NULL, created_at TEXT DEFAULT CURRENT_TIMESTAMP)"
+    allow_write: true
+
+Step 4: Edit src/index.ts — add routes that use c.env.DB
+
+Step 5: Deploy
+  mcp__jack__deploy_project (or: jack ship)
+
+Step 6: Verify
+  curl https://<slug>.runjack.xyz/api/items
+\`\`\`
+
+---
+
+## 2. Debug Production Issue
+
+Goal: Identify and fix a bug reported in production.
+
+\`\`\`
+Step 1: Check current status
+  mcp__jack__get_project_status (or: jack info)
+
+Step 2: Collect recent logs
+  mcp__jack__tail_logs with max_events: 100, duration_ms: 5000
+
+Step 3: Inspect database state if relevant
+  mcp__jack__execute_sql
+    sql: "SELECT * FROM <table> WHERE <condition>"
+
+Step 4: Read and fix the source code
+
+Step 5: Deploy fix
+  mcp__jack__deploy_project (or: jack ship)
+
+Step 6: Verify fix via logs
+  mcp__jack__tail_logs with max_events: 20, duration_ms: 3000
+\`\`\`
+
+---
+
+## 3. Add Scheduled Task (Cron)
+
+Goal: Run code on a schedule (cleanup, sync, reports).
+
+\`\`\`
+Step 1: Add scheduled handler to src/index.ts
+  export default {
+    async fetch(request, env) { ... },
+    async scheduled(event, env, ctx) {
+      // your cron logic here
+    },
+  };
+
+  Or with Hono, add a POST /__scheduled route.
+
+Step 2: Deploy the handler
+  mcp__jack__deploy_project (or: jack ship)
+
+Step 3: Create cron schedule
+  mcp__jack__create_cron with expression: "0 * * * *"
+  (or: jack services cron create "0 * * * *")
+
+Step 4: Verify schedule
+  mcp__jack__test_cron with expression: "0 * * * *"
+  Shows next 5 scheduled times.
+
+Step 5: Monitor via logs
+  mcp__jack__tail_logs
+\`\`\`
+
+---
+
+## 4. Add File Storage
+
+Goal: Enable file uploads and downloads via R2.
+
+\`\`\`
+Step 1: Create storage bucket
+  mcp__jack__create_storage_bucket (or: jack services storage create)
+
+Step 2: Deploy to activate binding
+  mcp__jack__deploy_project (or: jack ship)
+
+Step 3: Add upload/download routes to src/index.ts
+  Upload:  c.env.BUCKET.put(key, body)
+  Download: c.env.BUCKET.get(key)
+  List:    c.env.BUCKET.list()
+
+Step 4: Deploy routes
+  mcp__jack__deploy_project (or: jack ship)
+\`\`\`
+
+---
+
+## 5. Add Semantic Search (Vectorize + AI)
+
+Goal: Enable vector similarity search using embeddings.
+
+\`\`\`
+Step 1: Create vector index
+  mcp__jack__create_vectorize_index (or: jack services vectorize create)
+  Default: 768 dimensions, cosine metric (matches bge-base-en-v1.5)
+
+Step 2: Deploy to activate binding
+  mcp__jack__deploy_project (or: jack ship)
+
+Step 3: Add indexing route
+  Generate embedding: c.env.AI.run("@cf/baai/bge-base-en-v1.5", { text: [input] })
+  Insert: c.env.VECTORIZE_INDEX.insert([{ id, values, metadata }])
+
+Step 4: Add search route
+  Generate query embedding, then:
+  c.env.VECTORIZE_INDEX.query(embedding, { topK: 5, returnMetadata: "all" })
+
+Step 5: Deploy and test
+  mcp__jack__deploy_project (or: jack ship)
+\`\`\`
+
+---
+
+## Parallel Task Patterns (Agent Teams)
+
+For Opus 4.6 Agent Teams, these tasks can run in parallel:
+
+**Independent (run simultaneously):**
+- Creating database + creating storage bucket
+- Reading logs + checking project status
+- Multiple SQL queries on different tables
+
+**Sequential (must wait for previous):**
+- Create project → then add services
+- Create database → then create tables → then deploy
+- Edit code → then deploy → then verify
+`;
+
+			return {
+				contents: [
+					{
+						uri,
+						mimeType: "text/markdown",
+						text: workflows,
+					},
+				],
+			};
+		}
+
 		throw new Error(`Unknown resource URI: ${uri}`);
 	});
 }