@getmagical/cli 0.1.3

package/dist/index.js

@@ -0,0 +1,2220 @@
+#!/usr/bin/env node
+
+// src/cli-formatting.ts
+import { inspect, stripVTControlCharacters, styleText } from "util";
+import { Help } from "commander";
+var EMPTY_VALUE = "-";
+var TABLE_GAP = "  ";
+function applyStyle(value, style, enabled = true) {
+  if (!enabled) {
+    return value;
+  }
+  return styleText(style, value);
+}
+function indent(text, level = 2) {
+  const padding = " ".repeat(level);
+  return text.split("\n").map((line) => `${padding}${line}`).join("\n");
+}
+function stripAnsi(value) {
+  return stripVTControlCharacters(value);
+}
+function displayWidth(value) {
+  return stripAnsi(value).length;
+}
+function padCell(value, width) {
+  return value.padEnd(width + value.length - displayWidth(value));
+}
+function formatHeading(title) {
+  return applyStyle(title, ["bold", "cyan"]);
+}
+function formatLabel(label) {
+  return applyStyle(label, "dim");
+}
+function formatCommandSnippet(command) {
+  return applyStyle(command, ["bold", "cyan"]);
+}
+function formatFlag(flag) {
+  return applyStyle(flag, ["bold", "yellow"]);
+}
+function formatErrorLabel(label) {
+  return applyStyle(label, ["bold", "red"], process.stderr.isTTY);
+}
+function splitWords(value) {
+  const tokens = [];
+  for (const word of value.replaceAll("_", " ").replaceAll("-", " ").split(" ")) {
+    if (word.length === 0) {
+      continue;
+    }
+    let currentToken = word[0] ?? "";
+    for (const character of word.slice(1)) {
+      const previousCharacter = currentToken.at(-1) ?? "";
+      const shouldBreak = character >= "A" && character <= "Z" && (previousCharacter >= "a" && previousCharacter <= "z" || previousCharacter >= "0" && previousCharacter <= "9");
+      if (shouldBreak) {
+        tokens.push(currentToken);
+        currentToken = character;
+        continue;
+      }
+      currentToken += character;
+    }
+    tokens.push(currentToken);
+  }
+  return tokens;
+}
+function startCase(value) {
+  return splitWords(value).map((segment) => {
+    const lowerSegment = segment.toLowerCase();
+    if (lowerSegment === "id") {
+      return "ID";
+    }
+    if (lowerSegment === "url") {
+      return "URL";
+    }
+    if (lowerSegment === "api") {
+      return "API";
+    }
+    return segment.charAt(0).toUpperCase() + segment.slice(1);
+  }).join(" ");
+}
+function formatScalar(value) {
+  if (value === null || value === void 0) {
+    return EMPTY_VALUE;
+  }
+  if (typeof value === "string") {
+    return value.length === 0 ? EMPTY_VALUE : value;
+  }
+  if (typeof value === "number" || typeof value === "boolean") {
+    return String(value);
+  }
+  return inspect(value, {
+    breakLength: Infinity,
+    colors: false,
+    compact: true,
+    depth: 2
+  });
+}
+function isRecord(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function isPrimitiveLike(value) {
+  return value === null || value === void 0 || typeof value === "string" || typeof value === "number" || typeof value === "boolean";
+}
+function formatTable(options) {
+  const widths = options.columns.map(
+    (column, columnIndex) => Math.max(
+      displayWidth(column),
+      ...options.rows.map((row) => displayWidth(row[columnIndex] ?? ""))
+    )
+  );
+  const renderRow = (cells) => cells.map((cell, columnIndex) => padCell(cell, widths[columnIndex] ?? 0)).join(TABLE_GAP).trimEnd();
+  const divider = widths.map((width) => "-".repeat(width)).join(TABLE_GAP);
+  return [
+    renderRow(options.columns.map((column) => applyStyle(column, "bold"))),
+    divider,
+    ...options.rows.map(renderRow)
+  ].join("\n");
+}
+function canRenderRecordArrayAsTable(items) {
+  if (items.length === 0 || !items.every(isRecord)) {
+    return false;
+  }
+  const keys = [...new Set(items.flatMap((item) => Object.keys(item)))];
+  if (keys.length === 0 || keys.length > 8) {
+    return false;
+  }
+  return items.every((item) => keys.every((key) => isPrimitiveLike(item[key])));
+}
+function formatRecord(record) {
+  const entries = Object.entries(record);
+  if (entries.length === 0) {
+    return EMPTY_VALUE;
+  }
+  const labelWidth = Math.max(
+    ...entries.map(([key]) => displayWidth(startCase(key)))
+  );
+  return entries.map(([key, value]) => {
+    const label = `${startCase(key)}:`;
+    if (isPrimitiveLike(value)) {
+      return `${padCell(formatLabel(label), labelWidth + 1)} ${formatScalar(value)}`;
+    }
+    return `${formatLabel(label)}
+${indent(formatHumanReadableOutput(value))}`;
+  }).join("\n");
+}
+function formatArray(items) {
+  if (items.length === 0) {
+    return "No results.";
+  }
+  if (items.every(isPrimitiveLike)) {
+    return items.map((item) => `- ${formatScalar(item)}`).join("\n");
+  }
+  if (canRenderRecordArrayAsTable(items)) {
+    const keys = [...new Set(items.flatMap((item) => Object.keys(item)))];
+    return formatTable({
+      columns: keys.map((key) => startCase(key)),
+      rows: items.map((item) => keys.map((key) => formatScalar(item[key])))
+    });
+  }
+  return items.map((item, index) => {
+    const title = formatHeading(`Item ${index + 1}`);
+    return `${title}
+${indent(formatHumanReadableOutput(item))}`;
+  }).join("\n\n");
+}
+function renderKeyValueBlock(entries) {
+  const labelWidth = Math.max(...entries.map(([label]) => displayWidth(label)));
+  return entries.map(
+    ([label, value]) => `${padCell(formatLabel(`${label}:`), labelWidth + 1)} ${value}`
+  ).join("\n");
+}
+function renderSection(title, bodyLines) {
+  return [formatHeading(title), "", ...bodyLines].join("\n");
+}
+var MagicalHelp = class extends Help {
+  outputHasColors = process.stdout.isTTY;
+  constructor() {
+    super();
+    this.helpWidth = 96;
+    this.showGlobalOptions = true;
+    this.sortSubcommands = true;
+  }
+  prepareContext(contextOptions) {
+    super.prepareContext(contextOptions);
+    this.outputHasColors = contextOptions.outputHasColors ?? process.stdout.isTTY;
+  }
+  styleTitle(str) {
+    return applyStyle(str, ["bold", "cyan"], this.outputHasColors);
+  }
+  styleCommandText(str) {
+    return applyStyle(str, ["bold", "cyan"], this.outputHasColors);
+  }
+  styleSubcommandText(str) {
+    return applyStyle(str, ["bold", "cyan"], this.outputHasColors);
+  }
+  styleOptionText(str) {
+    return applyStyle(str, ["bold", "yellow"], this.outputHasColors);
+  }
+  styleArgumentText(str) {
+    return applyStyle(str, ["bold", "green"], this.outputHasColors);
+  }
+  styleDescriptionText(str) {
+    return applyStyle(str, "dim", this.outputHasColors);
+  }
+};
+function formatAuthLoginPrompt(options) {
+  return renderSection("Sign In With Your Browser", [
+    renderKeyValueBlock([
+      ["Open", options.verificationUrl],
+      ["Code", options.userCode]
+    ])
+  ]);
+}
+function formatAuthLoginSuccess(options) {
+  return renderSection("Signed In", [
+    renderKeyValueBlock([
+      ["Account", options.account.email ?? options.account.userId],
+      ["Organizations", String(options.organizationCount)],
+      [
+        "Default org",
+        options.defaultOrganization ? `${options.defaultOrganization.name} (${options.defaultOrganization.id})` : "None selected"
+      ]
+    ])
+  ]);
+}
+function formatBrowserOpenFallback() {
+  return "Browser auto-open failed. Paste the URL above into any browser.";
+}
+function formatLogoutSuccess() {
+  return renderSection("Signed Out", ["Saved CLI auth state was cleared."]);
+}
+function formatOrganizationList(options) {
+  if (options.organizations.length === 0) {
+    return renderSection("Organizations", ["No organizations are available."]);
+  }
+  const rows = options.organizations.map((organization) => {
+    const status = [
+      options.defaultOrgId === organization.id ? "default" : null,
+      options.lastUsedOrgId === organization.id ? "last used" : null
+    ].filter((value) => value !== null).join(", ");
+    return [
+      status || EMPTY_VALUE,
+      organization.name,
+      organization.id,
+      organization.primaryDomain ?? EMPTY_VALUE
+    ];
+  });
+  return renderSection("Organizations", [
+    formatTable({
+      columns: ["Status", "Name", "ID", "Primary domain"],
+      rows
+    })
+  ]);
+}
+function formatDefaultOrganizationSelection(organization) {
+  return renderSection("Default Organization Updated", [
+    `${organization.name} (${organization.id})`
+  ]);
+}
+function formatHumanReadableOutput(value) {
+  if (isPrimitiveLike(value)) {
+    return formatScalar(value);
+  }
+  if (Array.isArray(value)) {
+    return formatArray(value);
+  }
+  if (isRecord(value)) {
+    return formatRecord(value);
+  }
+  return inspect(value, {
+    colors: false,
+    depth: null
+  });
+}
+function formatCliError(message) {
+  return `${formatErrorLabel("Error:")} ${message}`;
+}
+function formatExamples(title, examples) {
+  return [
+    formatHeading(title),
+    "",
+    ...examples.map((example) => `  ${formatCommandSnippet(example)}`)
+  ].join("\n");
+}
+function formatOutputModesNote() {
+  return renderSection("Output", [
+    `Human-readable by default.`,
+    `Add ${formatFlag("--json")} before or after a command for stable machine-readable output.`
+  ]);
+}
+
+// src/errors.ts
+var CliError = class extends Error {
+  constructor(message, options) {
+    super(message, options);
+    this.name = "CliError";
+  }
+};
+function getErrorMessage(error) {
+  if (error instanceof Error) {
+    return error.message;
+  }
+  return "Unknown CLI error";
+}
+
+// src/program.ts
+import { spawn } from "child_process";
+
+// ../mcp-registry/src/operation-specs.ts
+import { z } from "zod";
+
+// ../mcp-registry/src/operation-spec.ts
+function stripLeadingGraphqlComments(document) {
+  return document.replace(/^(?:\s*#.*\n)+/u, "").trimStart();
+}
+function assertDocumentMatchesOperation({
+  document,
+  kind,
+  operationName
+}) {
+  const normalizedDocument = stripLeadingGraphqlComments(document);
+  const match = /^(?<actualKind>query|mutation)\s+(?<actualOperationName>[_A-Za-z][_0-9A-Za-z]*)/u.exec(
+    normalizedDocument
+  );
+  const actualKind = match?.groups?.["actualKind"];
+  const actualOperationName = match?.groups?.["actualOperationName"];
+  if (!actualKind || !actualOperationName) {
+    throw new Error(
+      `Operation "${operationName}" is missing a top-level GraphQL ${kind} definition.`
+    );
+  }
+  if (actualKind !== kind || actualOperationName !== operationName) {
+    throw new Error(
+      `Operation "${operationName}" does not match its GraphQL document (${actualKind} ${actualOperationName}).`
+    );
+  }
+}
+function createOperationSpec(spec) {
+  assertDocumentMatchesOperation(spec);
+  return spec;
+}
+
+// ../mcp-registry/src/operation-specs.ts
+function stringOption({
+  description,
+  flagName,
+  inputKey,
+  required = false
+}) {
+  return {
+    description,
+    flagName,
+    inputKey,
+    required,
+    valueType: "string"
+  };
+}
+function numberOption({
+  description,
+  flagName,
+  inputKey,
+  required = false
+}) {
+  return {
+    description,
+    flagName,
+    inputKey,
+    required,
+    valueType: "number"
+  };
+}
+function booleanOption({
+  description,
+  flagName,
+  inputKey
+}) {
+  return {
+    description,
+    flagName,
+    inputKey,
+    valueType: "boolean"
+  };
+}
+function stringArrayOption({
+  description,
+  flagName,
+  inputKey
+}) {
+  return {
+    description,
+    flagName,
+    inputKey,
+    valueHint: "comma-separated",
+    valueType: "string-array"
+  };
+}
+function jsonOption({
+  description,
+  flagName,
+  inputKey,
+  required = false
+}) {
+  return {
+    description,
+    flagName,
+    inputKey,
+    required,
+    valueHint: "JSON",
+    valueType: "json"
+  };
+}
+var jsonObjectSchema = z.record(z.string(), z.unknown());
+var operationSpecs = [
+  createOperationSpec({
+    operationName: "GetAgent",
+    kind: "query",
+    inputSchema: z.object({
+      id: z.string().min(1)
+    }),
+    cli: {
+      name: "get-agent",
+      path: ["agents", "get"],
+      description: "Fetch a single agent with config and schema fields.",
+      resultKey: "agent",
+      options: [
+        stringOption({
+          inputKey: "id",
+          flagName: "id",
+          description: "Agent ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "agent.graphql" },
+    document: `# Query to fetch a single agent with all fields
+# Config selection is limited to scalar/JSON fields to keep responses flat
+query GetAgent($id: ID!) {
+  agent(id: $id) {
+    id
+    name
+    description
+    instructions
+    organizationId
+    createdAt
+    updatedAt
+    sourceAgentId
+    inputSchema
+    outputSchema
+    config {
+      type
+      language
+      model
+      tools
+      maxSessionMessages
+      commonParametersSchema
+      taskQueue
+      waitUponQueueing
+      queueableAgentIds
+      additionalSystemPrompt
+      ignoreUnstableSessionState
+    }
+    childAgentIds
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAgentRun",
+    kind: "query",
+    inputSchema: z.object({
+      id: z.string().min(1)
+    }),
+    cli: {
+      name: "get-agent-run",
+      path: ["agent-runs", "get"],
+      description: "Fetch a single agent run.",
+      resultKey: "agentRun",
+      options: [
+        stringOption({
+          inputKey: "id",
+          flagName: "id",
+          description: "Agent run ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "agentRun.graphql" },
+    document: `# Query a single agent run
+query GetAgentRun($id: ID!) {
+  agentRun(id: $id) {
+    id
+    agentVersionId
+    agentName
+    status
+    statusDetail
+    isChildAgent
+    input
+    startedAt
+    finishedAt
+    parentAgentRunId
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAutomationAgents",
+    kind: "query",
+    inputSchema: z.object({
+      id: z.string().min(1)
+    }),
+    cli: {
+      name: "get-automation-agents",
+      path: ["automations", "agents"],
+      description: "Fetch the agents attached to an automation.",
+      resultKey: "automation",
+      options: [
+        stringOption({
+          inputKey: "id",
+          flagName: "id",
+          description: "Automation ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "automationAgents.graphql" },
+    document: `# Query to fetch automation agents with flat fields only
+# Excludes nested agent config and schemas for MCP tool simplicity
+query GetAutomationAgents($id: ID!) {
+  automation(id: $id) {
+    id
+    name
+    agents {
+      automationId
+      agentId
+      isTrigger
+      agent {
+        id
+        name
+        description
+        instructions
+        organizationId
+        createdAt
+        updatedAt
+        sourceAgentId
+        childAgentIds
+      }
+    }
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAutomationRun",
+    kind: "query",
+    inputSchema: z.object({
+      id: z.string().min(1)
+    }),
+    cli: {
+      name: "get-automation-run",
+      path: ["automation-runs", "get"],
+      description: "Fetch a single automation run.",
+      resultKey: "automationRun",
+      options: [
+        stringOption({
+          inputKey: "id",
+          flagName: "id",
+          description: "Automation run ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "automationRun.graphql" },
+    document: `# Query a full automation run details payload
+query GetAutomationRun($id: ID!) {
+  automationRun(id: $id) {
+    id
+    automationId
+    status
+    statusDetail
+    summary
+    invocationType
+    input
+    additionalPrompt
+    debugUrl
+    createdAt
+    startedAt
+    pausedAt
+    finishedAt
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAutomationRunAgentRuns",
+    kind: "query",
+    inputSchema: z.object({
+      automationRunId: z.string().min(1)
+    }),
+    cli: {
+      name: "get-automation-run-agent-runs",
+      path: ["automation-runs", "agent-runs"],
+      description: "Fetch ordered agent runs for an automation run.",
+      resultKey: "automationRunAgentRuns",
+      options: [
+        stringOption({
+          inputKey: "automationRunId",
+          flagName: "automation-run-id",
+          description: "Automation run ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "automationRunAgentRuns.graphql" },
+    document: `# Query ordered agent runs for an automation run
+query GetAutomationRunAgentRuns($automationRunId: ID!) {
+  automationRunAgentRuns(automationRunId: $automationRunId) {
+    id
+    agentVersionId
+    agentName
+    status
+    statusDetail
+    isChildAgent
+    input
+    startedAt
+    finishedAt
+    parentAgentRunId
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAutomationRunIterations",
+    kind: "query",
+    inputSchema: z.object({
+      automationRunId: z.string().min(1),
+      agentRunId: z.string().min(1).optional(),
+      limit: z.number().int().positive().optional(),
+      reverse: z.boolean().optional()
+    }),
+    cli: {
+      name: "get-automation-run-iterations",
+      path: ["automation-runs", "iterations"],
+      description: "Fetch ordered iterations for an automation run.",
+      resultKey: "automationRunIterations",
+      options: [
+        stringOption({
+          inputKey: "automationRunId",
+          flagName: "automation-run-id",
+          description: "Automation run ID.",
+          required: true
+        }),
+        stringOption({
+          inputKey: "agentRunId",
+          flagName: "agent-run-id",
+          description: "Optional agent run ID to filter by."
+        }),
+        numberOption({
+          inputKey: "limit",
+          flagName: "limit",
+          description: "Maximum number of iterations to return."
+        }),
+        booleanOption({
+          inputKey: "reverse",
+          flagName: "reverse",
+          description: "Return newest iterations first."
+        })
+      ]
+    },
+    mcp: { fileName: "automationRunIterations.graphql" },
+    document: `# Query iterations for an automation run with optional filtering by agent run
+query GetAutomationRunIterations(
+  $automationRunId: ID!
+  $agentRunId: ID
+  $limit: Int
+  $reverse: Boolean
+) {
+  automationRunIterations(
+    automationRunId: $automationRunId
+    agentRunId: $agentRunId
+    limit: $limit
+    reverse: $reverse
+  ) {
+    id
+    sequence
+    agentRunId
+    metadata
+    startedAt
+    finishedAt
+    totalDurationMs
+    llmResponseDurationMs
+    withMarksScreenshotUrl
+    withMarksMimeType
+    memories {
+      id
+      type
+      value
+      sequence
+      screenshotUrl
+      screenshotMimeType
+    }
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAutomationRuns",
+    kind: "query",
+    inputSchema: z.object({
+      automationId: z.string().min(1),
+      status: z.array(z.string().min(1)).optional(),
+      invocationType: z.array(z.string().min(1)).optional(),
+      limit: z.number().int().positive().optional(),
+      page: z.number().int().positive().optional()
+    }),
+    cli: {
+      name: "get-automation-runs",
+      path: ["automation-runs", "list"],
+      description: "Fetch automation run history.",
+      resultKey: "automationRuns",
+      options: [
+        stringOption({
+          inputKey: "automationId",
+          flagName: "automation-id",
+          description: "Automation ID.",
+          required: true
+        }),
+        stringArrayOption({
+          inputKey: "status",
+          flagName: "status",
+          description: "Optional run statuses."
+        }),
+        stringArrayOption({
+          inputKey: "invocationType",
+          flagName: "invocation-type",
+          description: "Optional invocation types."
+        }),
+        numberOption({
+          inputKey: "limit",
+          flagName: "limit",
+          description: "Maximum number of runs to return."
+        }),
+        numberOption({
+          inputKey: "page",
+          flagName: "page",
+          description: "Page number."
+        })
+      ]
+    },
+    mcp: { fileName: "automationRuns.graphql" },
+    document: `# Query automation run history for a specific automation with optional filters
+query GetAutomationRuns(
+  $automationId: ID!
+  $status: [RunStatus!]
+  $invocationType: [InvocationType!]
+  $limit: Int
+  $page: Int
+) {
+  automationRuns(
+    automationId: $automationId
+    status: $status
+    invocationType: $invocationType
+    limit: $limit
+    page: $page
+  ) {
+    id
+    automationId
+    status
+    statusDetail
+    invocationType
+    summary
+    createdAt
+    startedAt
+    pausedAt
+    finishedAt
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAutomations",
+    kind: "query",
+    inputSchema: z.object({
+      limit: z.number().positive().optional(),
+      order: jsonObjectSchema.optional(),
+      where: jsonObjectSchema.optional()
+    }),
+    cli: {
+      name: "get-automations",
+      path: ["automations", "list"],
+      description: "Fetch automations with optional list filters.",
+      resultKey: "automations",
+      options: [
+        numberOption({
+          inputKey: "limit",
+          flagName: "limit",
+          description: "Maximum number of automations to return."
+        }),
+        jsonOption({
+          inputKey: "order",
+          flagName: "order-json",
+          description: "GraphQL order object."
+        }),
+        jsonOption({
+          inputKey: "where",
+          flagName: "where-json",
+          description: "GraphQL filter object."
+        })
+      ]
+    },
+    mcp: { fileName: "automations.graphql" },
+    document: `# Query to fetch automations with flat fields only (no nested objects)
+# Excludes config and agents for MCP tool simplicity
+query GetAutomations(
+  $limit: Float
+  $order: AutomationsOrder
+  $where: AutomationsWhereInput
+) {
+  automations(limit: $limit, order: $order, where: $where) {
+    id
+    name
+    organizationId
+    createdAt
+    updatedAt
+    environment
+    lastSavedAt
+    publishedVersionId
+    draftVersionId
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAutomationWithConfigs",
+    kind: "query",
+    inputSchema: z.object({
+      id: z.string().min(1)
+    }),
+    cli: {
+      name: "get-automation-with-configs",
+      path: ["automations", "get"],
+      description: "Fetch a single automation with config fields.",
+      resultKey: "automation",
+      options: [
+        stringOption({
+          inputKey: "id",
+          flagName: "id",
+          description: "Automation ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "automationWithConfigs.graphql" },
+    document: `# Query to fetch a single automation with config but excluding agents
+# Config selection is limited to scalar/JSON fields to keep responses flat
+query GetAutomationWithConfigs($id: ID!) {
+  automation(id: $id) {
+    id
+    name
+    organizationId
+    createdAt
+    updatedAt
+    environment
+    lastSavedAt
+    publishedVersionId
+    draftVersionId
+    config {
+      cronExpression
+      calendars
+      interval
+      enableVisualChangeChecks
+      isCDPforSOM
+      humanInterventionTimeoutSeconds
+      availableSlots
+      additionalSystemPrompt
+      ignoreUnstableSessionState
+    }
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAvailableCommands",
+    kind: "query",
+    inputSchema: z.object({
+      env: z.string().min(1)
+    }),
+    cli: {
+      name: "get-available-commands",
+      path: ["catalog", "commands"],
+      description: "Fetch available command definitions by environment.",
+      resultKey: "availableCommands",
+      options: [
+        stringOption({
+          inputKey: "env",
+          flagName: "env",
+          description: "Environment name.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "availableCommands.graphql" },
+    document: `# Query to fetch available command definitions by environment
+query GetAvailableCommands($env: AvailableCommandsEnv!) {
+  availableCommands(env: $env) {
+    id
+    description
+    inputSchema
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAvailableModels",
+    kind: "query",
+    inputSchema: z.object({
+      agentId: z.string().min(1)
+    }),
+    cli: {
+      name: "get-available-models",
+      path: ["catalog", "models"],
+      description: "Fetch available model definitions for an agent.",
+      resultKey: "availableModels",
+      options: [
+        stringOption({
+          inputKey: "agentId",
+          flagName: "agent-id",
+          description: "Agent ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "availableModels.graphql" },
+    document: `# Query to fetch available model definitions and pools for a specific agent
+query GetAvailableModels($agentId: String!) {
+  availableModels(agentId: $agentId) {
+    availableModelPools {
+      name
+      poolId
+      models {
+        id
+        name
+        description
+        status
+        provider
+      }
+    }
+    allAvailableModels {
+      id
+      name
+      description
+      status
+      provider
+    }
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetAvailableTools",
+    kind: "query",
+    inputSchema: z.object({
+      env: z.string().min(1),
+      automationId: z.string().min(1).optional()
+    }),
+    cli: {
+      name: "get-available-tools",
+      path: ["catalog", "tools"],
+      description: "Fetch available tool definitions by environment.",
+      resultKey: "availableTools",
+      options: [
+        stringOption({
+          inputKey: "env",
+          flagName: "env",
+          description: "Environment name.",
+          required: true
+        }),
+        stringOption({
+          inputKey: "automationId",
+          flagName: "automation-id",
+          description: "Optional automation ID."
+        })
+      ]
+    },
+    mcp: { fileName: "availableTools.graphql" },
+    document: `# Query to fetch available tool definitions by environment
+query GetAvailableTools($env: AvailableCommandsEnv!, $automationId: String) {
+  availableTools(env: $env, automationId: $automationId) {
+    id
+    description
+    inputSchema
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "CreateAutomation",
+    kind: "mutation",
+    inputSchema: z.object({
+      input: jsonObjectSchema
+    }),
+    cli: {
+      name: "create-automation",
+      path: ["automations", "create"],
+      description: "Create a draft automation.",
+      resultKey: "createAutomation",
+      options: [
+        jsonOption({
+          inputKey: "input",
+          flagName: "input-json",
+          description: "CreateAutomationInput payload.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "createAutomation.graphql" },
+    document: `# Mutation to create a draft automation with optional initial values
+# Returns flat fields only for MCP tool simplicity
+mutation CreateAutomation($input: CreateAutomationInput!) {
+  createAutomation(input: $input) {
+    id
+    name
+    organizationId
+    createdAt
+    updatedAt
+    environment
+    lastSavedAt
+    publishedVersionId
+    draftVersionId
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "GetGraphqlSchema",
+    kind: "query",
+    inputSchema: z.object({}),
+    cli: {
+      name: "get-graphql-schema",
+      path: ["graphql", "schema"],
+      description: "Fetch GraphQL schema metadata.",
+      resultKey: "graphqlSchema",
+      options: []
+    },
+    mcp: { fileName: "graphqlSchema.graphql" },
+    document: `# Query to fetch full GraphQL schema metadata.
+# Uses the first-class graphqlSchema query field to avoid __schema validation
+# issues in MCP tool-load paths while still returning introspection JSON.
+# Response can be large: call sparingly (typically once per task/session) and
+# reuse cached results.
+query GetGraphqlSchema {
+  graphqlSchema
+}`
+  }),
+  createOperationSpec({
+    operationName: "PauseAutomationRun",
+    kind: "mutation",
+    inputSchema: z.object({
+      automationRunId: z.string().min(1)
+    }),
+    cli: {
+      name: "pause-automation-run",
+      path: ["automation-runs", "pause"],
+      description: "Pause an automation run.",
+      resultKey: "pauseAutomationRun",
+      options: [
+        stringOption({
+          inputKey: "automationRunId",
+          flagName: "automation-run-id",
+          description: "Automation run ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "pauseAutomationRun.graphql" },
+    document: `# Mutation to pause an automation run
+mutation PauseAutomationRun($automationRunId: ID!) {
+  pauseAutomationRun(automationRunId: $automationRunId)
+}`
+  }),
+  createOperationSpec({
+    operationName: "RerunAutomation",
+    kind: "mutation",
+    inputSchema: z.object({
+      automationRunId: z.string().min(1),
+      additionalPrompt: z.string().min(1).optional(),
+      idempotencyKey: z.string().min(1)
+    }),
+    cli: {
+      name: "rerun-automation",
+      path: ["automation-runs", "rerun"],
+      description: "Rerun an existing automation run.",
+      resultKey: "rerunAutomation",
+      options: [
+        stringOption({
+          inputKey: "automationRunId",
+          flagName: "automation-run-id",
+          description: "Automation run ID.",
+          required: true
+        }),
+        stringOption({
+          inputKey: "additionalPrompt",
+          flagName: "additional-prompt",
+          description: "Optional prompt appended to the rerun."
+        }),
+        stringOption({
+          inputKey: "idempotencyKey",
+          flagName: "idempotency-key",
+          description: "Idempotency key for the rerun request.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "rerunAutomation.graphql" },
+    document: `# Mutation to rerun an existing automation run
+mutation RerunAutomation(
+  $automationRunId: ID!
+  $additionalPrompt: String
+  $idempotencyKey: String!
+) {
+  rerunAutomation(
+    automationRunId: $automationRunId
+    additionalPrompt: $additionalPrompt
+    idempotencyKey: $idempotencyKey
+  ) {
+    automationRunId
+    workflowId
+    workflowRunId
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "ResumeAutomationRun",
+    kind: "mutation",
+    inputSchema: z.object({
+      automationRunId: z.string().min(1),
+      message: z.string().min(1).optional()
+    }),
+    cli: {
+      name: "resume-automation-run",
+      path: ["automation-runs", "resume"],
+      description: "Resume a paused automation run.",
+      resultKey: "resumeAutomationRun",
+      options: [
+        stringOption({
+          inputKey: "automationRunId",
+          flagName: "automation-run-id",
+          description: "Automation run ID.",
+          required: true
+        }),
+        stringOption({
+          inputKey: "message",
+          flagName: "message",
+          description: "Optional resume message."
+        })
+      ]
+    },
+    mcp: { fileName: "resumeAutomationRun.graphql" },
+    document: `# Mutation to resume an automation run
+mutation ResumeAutomationRun($automationRunId: ID!, $message: String) {
+  resumeAutomationRun(automationRunId: $automationRunId, message: $message)
+}`
+  }),
+  createOperationSpec({
+    operationName: "RunDraftAutomation",
+    kind: "mutation",
+    inputSchema: z.object({
+      draftAutomationId: z.string().min(1),
+      agentId: z.string().min(1),
+      idempotencyKey: z.string().min(1),
+      input: z.unknown().optional(),
+      additionalPrompt: z.string().min(1).optional()
+    }),
+    cli: {
+      name: "run-draft-automation",
+      path: ["automations", "run-draft"],
+      description: "Run a draft automation with an explicit trigger agent.",
+      resultKey: "runDraftAutomation",
+      options: [
+        stringOption({
+          inputKey: "draftAutomationId",
+          flagName: "draft-automation-id",
+          description: "Draft automation ID.",
+          required: true
+        }),
+        stringOption({
+          inputKey: "agentId",
+          flagName: "agent-id",
+          description: "Trigger agent ID.",
+          required: true
+        }),
+        stringOption({
+          inputKey: "idempotencyKey",
+          flagName: "idempotency-key",
+          description: "Idempotency key for the run request.",
+          required: true
+        }),
+        jsonOption({
+          inputKey: "input",
+          flagName: "input-json",
+          description: "Optional JSON input payload."
+        }),
+        stringOption({
+          inputKey: "additionalPrompt",
+          flagName: "additional-prompt",
+          description: "Optional prompt appended to the run."
+        })
+      ]
+    },
+    mcp: { fileName: "runDraftAutomation.graphql" },
+    document: `# Mutation to run a draft automation with an explicit agent.
+# \`draftAutomationId\` is the draft automation entity ID (\`Automation.id\`), not \`draftVersionId\`.
+mutation RunDraftAutomation(
+  $draftAutomationId: ID!
+  $agentId: ID!
+  $idempotencyKey: String!
+  $input: JSON
+  $additionalPrompt: String
+) {
+  runDraftAutomation(
+    draftAutomationId: $draftAutomationId
+    agentId: $agentId
+    idempotencyKey: $idempotencyKey
+    input: $input
+    additionalPrompt: $additionalPrompt
+  ) {
+    automationRunId
+    workflowId
+    workflowRunId
+  }
+}`
+  }),
+  createOperationSpec({
+    operationName: "StopAutomationRun",
+    kind: "mutation",
+    inputSchema: z.object({
+      automationRunId: z.string().min(1)
+    }),
+    cli: {
+      name: "stop-automation-run",
+      path: ["automation-runs", "stop"],
+      description: "Stop an automation run.",
+      resultKey: "stopAutomationRun",
+      options: [
+        stringOption({
+          inputKey: "automationRunId",
+          flagName: "automation-run-id",
+          description: "Automation run ID.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "stopAutomationRun.graphql" },
+    document: `# Mutation to stop an automation run
+mutation StopAutomationRun($automationRunId: ID!) {
+  stopAutomationRun(automationRunId: $automationRunId)
+}`
+  }),
+  createOperationSpec({
+    operationName: "UpdateAutomationById",
+    kind: "mutation",
+    inputSchema: z.object({
+      id: z.string().min(1),
+      input: jsonObjectSchema
+    }),
+    cli: {
+      name: "update-automation-by-id",
+      path: ["automations", "update"],
+      description: "Update an automation.",
+      resultKey: "updateAutomation",
+      options: [
+        stringOption({
+          inputKey: "id",
+          flagName: "id",
+          description: "Automation ID.",
+          required: true
+        }),
+        jsonOption({
+          inputKey: "input",
+          flagName: "input-json",
+          description: "UpdateAutomationInput payload.",
+          required: true
+        })
+      ]
+    },
+    mcp: { fileName: "updateAutomation.graphql" },
+    document: `# Mutation to update an automation
+# Returns only id and lastSavedAt for MCP tool simplicity
+mutation UpdateAutomationById($id: ID!, $input: UpdateAutomationInput!) {
+  updateAutomation(id: $id, input: $input) {
+    id
+    lastSavedAt
+  }
+}`
+  })
+];
+
+// src/program.ts
+import { Command, InvalidArgumentError, Option } from "commander";
+
+// src/api.ts
+import { z as z2 } from "zod";
+var workosOrganizationsResponseSchema = z2.object({
+  organizations: z2.array(
+    z2.object({
+      id: z2.string().min(1),
+      name: z2.string().min(1),
+      primaryDomain: z2.string().nullable().optional()
+    })
+  ),
+  success: z2.boolean()
+});
+var workosUserSchema = z2.object({
+  email: z2.string().nullable(),
+  id: z2.string().min(1)
+});
+var graphQlResponseSchema = z2.object({
+  data: z2.record(z2.string(), z2.unknown()).optional(),
+  errors: z2.array(
+    z2.object({
+      message: z2.string().min(1)
+    })
+  ).optional()
+});
+function createMagicalApiClient({
+  apiBaseUrl,
+  fetchFn = fetch
+}) {
+  async function fetchJson({
+    accessToken,
+    url,
+    init
+  }) {
+    const headers = new Headers(init?.headers);
+    headers.set("authorization", `Bearer ${accessToken}`);
+    const response = await fetchFn(url, {
+      ...init,
+      headers
+    }).catch((error) => {
+      throw new CliError(
+        `Failed to reach Magical API at ${url}. Check MAGICAL_API_URL and make sure service-main is running.`,
+        { cause: error }
+      );
+    });
+    const responseBody = await response.json().catch((error) => {
+      throw new CliError(
+        `Magical API returned a non-JSON response for ${url}.`,
+        {
+          cause: error
+        }
+      );
+    });
+    if (!response.ok) {
+      throw new CliError(
+        `Magical API request to ${url} failed with status ${response.status}.`
+      );
+    }
+    return responseBody;
+  }
+  return {
+    async executeGraphQl({
+      accessToken,
+      query,
+      resultKey,
+      variables
+    }) {
+      const headers = new Headers();
+      headers.set("content-type", "application/json");
+      const parsedResponse = graphQlResponseSchema.safeParse(
+        await fetchJson({
+          accessToken,
+          url: `${apiBaseUrl}/graphql`,
+          init: {
+            method: "POST",
+            headers,
+            body: JSON.stringify({
+              query,
+              variables
+            })
+          }
+        })
+      );
+      if (!parsedResponse.success) {
+        throw new CliError("GraphQL response payload was invalid.");
+      }
+      if (parsedResponse.data.errors && parsedResponse.data.errors.length > 0) {
+        throw new CliError(
+          parsedResponse.data.errors.map((error) => error.message).join("\n")
+        );
+      }
+      return parsedResponse.data.data?.[resultKey] ?? null;
+    },
+    async fetchOrganizations({ accessToken }) {
+      const parsedResponse = workosOrganizationsResponseSchema.safeParse(
+        await fetchJson({
+          accessToken,
+          url: `${apiBaseUrl}/workos/organizations`
+        })
+      );
+      if (!parsedResponse.success) {
+        throw new CliError("Organization list payload was invalid.");
+      }
+      return parsedResponse.data.organizations.map((organization) => ({
+        id: organization.id,
+        name: organization.name,
+        primaryDomain: organization.primaryDomain ?? null
+      }));
+    },
+    async fetchUser({
+      accessToken,
+      userId
+    }) {
+      const parsedResponse = workosUserSchema.safeParse(
+        await fetchJson({
+          accessToken,
+          url: `${apiBaseUrl}/workos/user/${userId}`
+        })
+      );
+      if (!parsedResponse.success) {
+        throw new CliError("User payload was invalid.");
+      }
+      return parsedResponse.data;
+    }
+  };
+}
+
+// src/config.ts
+import os from "os";
+import path from "path";
+var DEFAULT_MAGICAL_API_URL = "https://api-agt.getmagical.io";
+var DEFAULT_WORKOS_API_URL = "https://api.workos.com";
+var DEFAULT_WORKOS_CLIENT_ID = "client_01JJZ6XJ1RF248P20WF63M4VAM";
+var DEFAULT_KEYCHAIN_SERVICE_NAME = "@getmagical/mcp-cli";
+var CLI_CONFIG_DIRECTORY_NAME = "magical-mcp-cli";
+var CLI_STATE_FILE_NAME = "state.json";
+function resolvePlatformConfigDirectory() {
+  const customConfigDirectory = process.env["MAGICAL_CLI_CONFIG_DIR"];
+  if (customConfigDirectory) {
+    return customConfigDirectory;
+  }
+  if (process.platform === "darwin") {
+    return path.join(os.homedir(), "Library", "Application Support");
+  }
+  if (process.platform === "win32") {
+    const appDataDirectory = process.env["APPDATA"];
+    return appDataDirectory ?? path.join(os.homedir(), "AppData", "Roaming");
+  }
+  return process.env["XDG_CONFIG_HOME"] ?? path.join(os.homedir(), ".config");
+}
+function getRuntimeConfig() {
+  const configDirectory = path.join(
+    resolvePlatformConfigDirectory(),
+    CLI_CONFIG_DIRECTORY_NAME
+  );
+  return {
+    magicalApiUrl: process.env["MAGICAL_API_URL"] ?? DEFAULT_MAGICAL_API_URL,
+    stateFilePath: path.join(configDirectory, CLI_STATE_FILE_NAME),
+    workosApiUrl: DEFAULT_WORKOS_API_URL,
+    workosClientId: process.env["WORKOS_CLIENT_ID"] ?? DEFAULT_WORKOS_CLIENT_ID,
+    keychainServiceName: DEFAULT_KEYCHAIN_SERVICE_NAME,
+    ...process.env["WORKOS_AUTHKIT_DOMAIN"] ? { workosAuthkitDomain: process.env["WORKOS_AUTHKIT_DOMAIN"] } : {}
+  };
+}
+function requireWorkosClientId(config) {
+  return config.workosClientId;
+}
+
+// src/keychain.ts
+import keytar from "keytar";
+function buildKeychainAccountName(account) {
+  return `${account.clientId}:${account.userId}`;
+}
+function createKeytarRefreshTokenStore(serviceName) {
+  return {
+    async clear(account) {
+      await keytar.deletePassword(
+        serviceName,
+        buildKeychainAccountName(account)
+      );
+    },
+    async load(account) {
+      return keytar.getPassword(serviceName, buildKeychainAccountName(account));
+    },
+    async save(account, refreshToken) {
+      await keytar.setPassword(
+        serviceName,
+        buildKeychainAccountName(account),
+        refreshToken
+      );
+    }
+  };
+}
+
+// src/state.ts
+import { mkdir, readFile, rm, writeFile } from "fs/promises";
+import path2 from "path";
+import { z as z3 } from "zod";
+var cliAccountSchema = z3.object({
+  clientId: z3.string().min(1),
+  email: z3.string().nullable(),
+  userId: z3.string().min(1)
+});
+var cliOrganizationSchema = z3.object({
+  id: z3.string().min(1),
+  name: z3.string().min(1),
+  primaryDomain: z3.string().nullable().default(null)
+});
+var cliStateSchema = z3.object({
+  account: cliAccountSchema,
+  defaultOrgId: z3.string().nullable(),
+  lastUsedOrgId: z3.string().nullable(),
+  organizations: z3.array(cliOrganizationSchema)
+});
+function createFileStateStore(stateFilePath) {
+  return {
+    async clear() {
+      await rm(stateFilePath, { force: true });
+    },
+    async load() {
+      try {
+        const fileContents = await readFile(stateFilePath, "utf8");
+        const parsed = cliStateSchema.safeParse(JSON.parse(fileContents));
+        if (!parsed.success) {
+          throw new CliError("Stored CLI state is invalid.");
+        }
+        return parsed.data;
+      } catch (error) {
+        if (error instanceof Error && "code" in error && error.code === "ENOENT") {
+          return null;
+        }
+        if (error instanceof CliError) {
+          throw error;
+        }
+        throw new CliError("Failed to load CLI state.", { cause: error });
+      }
+    },
+    async save(state) {
+      await mkdir(path2.dirname(stateFilePath), { recursive: true });
+      await writeFile(stateFilePath, `${JSON.stringify(state, null, 2)}
+`);
+    }
+  };
+}
+
+// src/workos-auth.ts
+import { z as z4 } from "zod";
+var DEFAULT_DEVICE_POLL_INTERVAL_SECONDS = 5;
+function buildFormHeaders() {
+  const headers = new Headers();
+  headers.set("content-type", "application/x-www-form-urlencoded");
+  return headers;
+}
+var deviceAuthorizationSchema = z4.object({
+  device_code: z4.string().min(1),
+  expires_in: z4.number().int().positive().optional(),
+  interval: z4.number().int().positive().optional(),
+  user_code: z4.string().min(1),
+  verification_uri: z4.url(),
+  verification_uri_complete: z4.url().optional()
+});
+var tokenResponseSchema = z4.object({
+  access_token: z4.string().min(1),
+  expires_in: z4.number().int().positive().optional(),
+  refresh_token: z4.string().min(1),
+  token_type: z4.string().optional()
+});
+var tokenErrorSchema = z4.object({
+  error: z4.string().min(1),
+  error_description: z4.string().optional()
+});
+var accessTokenClaimsSchema = z4.object({
+  org_id: z4.string().min(1).optional(),
+  sid: z4.string().min(1).optional(),
+  sub: z4.string().min(1)
+});
+function createWorkosAuthClient({
+  fetchFn = fetch,
+  sleep = async (milliseconds) => {
+    await new Promise((resolve) => {
+      setTimeout(resolve, milliseconds);
+    });
+  },
+  workosApiUrl
+}) {
+  async function postForm({
+    endpointPath,
+    formData,
+    responseSchema
+  }) {
+    const response = await fetchFn(`${workosApiUrl}${endpointPath}`, {
+      method: "POST",
+      headers: buildFormHeaders(),
+      body: formData
+    });
+    const responseBody = await response.json();
+    if (!response.ok) {
+      const parsedError = tokenErrorSchema.safeParse(responseBody);
+      if (parsedError.success) {
+        throw new CliError(
+          parsedError.data.error_description ?? parsedError.data.error
+        );
+      }
+      throw new CliError(
+        `WorkOS request failed with status ${response.status}.`
+      );
+    }
+    const parsedResponse = responseSchema.safeParse(responseBody);
+    if (!parsedResponse.success) {
+      throw new CliError("WorkOS returned an unexpected response payload.");
+    }
+    return parsedResponse.data;
+  }
+  return {
+    decodeAccessTokenClaims(accessToken) {
+      const [, payloadSegment] = accessToken.split(".");
+      if (!payloadSegment) {
+        throw new CliError("WorkOS access token is malformed.");
+      }
+      const payload = JSON.parse(
+        Buffer.from(payloadSegment, "base64url").toString("utf8")
+      );
+      const parsedClaims = accessTokenClaimsSchema.safeParse(payload);
+      if (!parsedClaims.success) {
+        throw new CliError("WorkOS access token is missing required claims.");
+      }
+      return parsedClaims.data;
+    },
+    async pollForDeviceTokens({
+      clientId,
+      deviceCode,
+      expiresInSeconds,
+      intervalSeconds
+    }) {
+      const timeoutAt = Date.now() + (expiresInSeconds ?? 15 * 60) * 1e3;
+      const initialIntervalMilliseconds = (intervalSeconds ?? DEFAULT_DEVICE_POLL_INTERVAL_SECONDS) * 1e3;
+      async function poll(nextIntervalMilliseconds) {
+        if (Date.now() >= timeoutAt) {
+          throw new CliError(
+            "WorkOS device authorization expired before completion."
+          );
+        }
+        const formData = new URLSearchParams();
+        formData.set("client_id", clientId);
+        formData.set("device_code", deviceCode);
+        formData.set(
+          "grant_type",
+          "urn:ietf:params:oauth:grant-type:device_code"
+        );
+        const response = await fetchFn(
+          `${workosApiUrl}/user_management/authenticate`,
+          {
+            method: "POST",
+            headers: buildFormHeaders(),
+            body: formData
+          }
+        );
+        const responseBody = await response.json();
+        if (response.ok) {
+          const parsedTokens = tokenResponseSchema.safeParse(responseBody);
+          if (!parsedTokens.success) {
+            throw new CliError("WorkOS returned an unexpected token response.");
+          }
+          return parsedTokens.data;
+        }
+        const parsedError = tokenErrorSchema.safeParse(responseBody);
+        if (!parsedError.success) {
+          throw new CliError(
+            `WorkOS device authorization failed with status ${response.status}.`
+          );
+        }
+        if (parsedError.data.error === "authorization_pending") {
+          await sleep(nextIntervalMilliseconds);
+          return poll(nextIntervalMilliseconds);
+        }
+        if (parsedError.data.error === "slow_down") {
+          const slowedIntervalMilliseconds = nextIntervalMilliseconds + 5e3;
+          await sleep(slowedIntervalMilliseconds);
+          return poll(slowedIntervalMilliseconds);
+        }
+        throw new CliError(
+          parsedError.data.error_description ?? parsedError.data.error
+        );
+      }
+      return poll(initialIntervalMilliseconds);
+    },
+    async refreshTokens({
+      clientId,
+      organizationId,
+      refreshToken
+    }) {
+      const formData = new URLSearchParams();
+      formData.set("client_id", clientId);
+      formData.set("grant_type", "refresh_token");
+      formData.set("refresh_token", refreshToken);
+      if (organizationId) {
+        formData.set("organization_id", organizationId);
+      }
+      return postForm({
+        endpointPath: "/user_management/authenticate",
+        formData,
+        responseSchema: tokenResponseSchema
+      });
+    },
+    async startDeviceAuthorization({ clientId }) {
+      const formData = new URLSearchParams();
+      formData.set("client_id", clientId);
+      return postForm({
+        endpointPath: "/user_management/authorize/device",
+        formData,
+        responseSchema: deviceAuthorizationSchema
+      });
+    }
+  };
+}
+
+// src/program.ts
+var rootOperationalGroupDescriptions = /* @__PURE__ */ new Map([
+  ["agents", "Query agents."],
+  ["agent-runs", "Query agent runs."],
+  ["automations", "Manage automations."],
+  ["automation-runs", "Inspect and control automation runs."],
+  ["catalog", "Inspect available commands, models, and tools."],
+  ["graphql", "Inspect GraphQL metadata."]
+]);
+function configureCommandPresentation(command) {
+  const originalCreateCommand = command.createCommand.bind(command);
+  command.createCommand = (name) => configureCommandPresentation(originalCreateCommand(name));
+  command.createHelp = () => new MagicalHelp();
+  return command;
+}
+function createOperationHelpExamples(operationSpec) {
+  const baseCommand = `mgcl ${operationSpec.cli.path.join(" ")}`;
+  const requiredOptions = operationSpec.cli.options.filter((optionSpec) => optionSpec.required).map((optionSpec) => {
+    if (optionSpec.valueType === "boolean") {
+      return `--${optionSpec.flagName}`;
+    }
+    if (optionSpec.valueType === "number") {
+      return `--${optionSpec.flagName} 10`;
+    }
+    if (optionSpec.valueType === "json") {
+      return `--${optionSpec.flagName} '{...}'`;
+    }
+    if (optionSpec.valueType === "string-array") {
+      return `--${optionSpec.flagName} value-a,value-b`;
+    }
+    return `--${optionSpec.flagName} <${optionSpec.flagName}>`;
+  });
+  const baseInvocation = [baseCommand, ...requiredOptions].join(" ");
+  return [
+    baseInvocation,
+    `${baseInvocation} --org <org>`,
+    `${baseInvocation} --json`
+  ];
+}
+function buildCommandOptionProperty(flagName) {
+  const [firstSegment, ...remainingSegments] = flagName.split("-");
+  return [
+    firstSegment ?? "",
+    ...remainingSegments.map(
+      (segment) => `${segment[0]?.toUpperCase() ?? ""}${segment.slice(1)}`
+    )
+  ].join("");
+}
+function parseCommandOptionValue(rawValue, optionSpec) {
+  switch (optionSpec.valueType) {
+    case "number": {
+      const parsedNumber = Number(rawValue);
+      if (Number.isNaN(parsedNumber)) {
+        throw new InvalidArgumentError(
+          `Expected a number for --${optionSpec.flagName}.`
+        );
+      }
+      return parsedNumber;
+    }
+    case "string-array": {
+      return rawValue.split(",").map((value) => value.trim()).filter((value) => value.length > 0);
+    }
+    case "json": {
+      try {
+        return JSON.parse(rawValue);
+      } catch {
+        throw new InvalidArgumentError(
+          `Expected valid JSON for --${optionSpec.flagName}.`
+        );
+      }
+    }
+    case "boolean": {
+      return rawValue;
+    }
+    case "string": {
+      return rawValue;
+    }
+  }
+}
+function isRecord2(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function resolveOrganizationBySelector({
+  organizations,
+  selector
+}) {
+  const matchedOrganization = organizations.find(
+    (organization) => organization.id === selector || organization.name === selector
+  );
+  if (!matchedOrganization) {
+    throw new CliError(`Unknown organization "${selector}".`);
+  }
+  return matchedOrganization;
+}
+function resolveSelectedOrganization({
+  organizationSelector,
+  state
+}) {
+  if (organizationSelector) {
+    return resolveOrganizationBySelector({
+      organizations: state.organizations,
+      selector: organizationSelector
+    });
+  }
+  if (!state.defaultOrgId) {
+    throw new CliError(
+      'No default organization is configured. Use "mgcl org use <org>" or pass --org.'
+    );
+  }
+  return resolveOrganizationBySelector({
+    organizations: state.organizations,
+    selector: state.defaultOrgId
+  });
+}
+function requireLoggedInState(state) {
+  if (!state) {
+    throw new CliError('You are not logged in. Run "mgcl auth login" first.');
+  }
+  return state;
+}
+function writeJsonOutput(io, value) {
+  io.info(JSON.stringify(value, null, 2));
+}
+function collectOperationVariables(operationSpec, options) {
+  const variables = Object.fromEntries(
+    operationSpec.cli.options.flatMap((optionSpec) => {
+      const optionValue = options[buildCommandOptionProperty(optionSpec.flagName)];
+      if (optionValue === void 0) {
+        return [];
+      }
+      return [[optionSpec.inputKey, optionValue]];
+    })
+  );
+  const parsedVariables = operationSpec.inputSchema.safeParse(variables);
+  if (!parsedVariables.success) {
+    throw new CliError(
+      parsedVariables.error.issues[0]?.message ?? "Invalid command input."
+    );
+  }
+  if (!isRecord2(parsedVariables.data)) {
+    throw new CliError("Invalid command input.");
+  }
+  return parsedVariables.data;
+}
+async function withOrgScopedAccessToken({
+  dependencies,
+  organizationId,
+  state
+}) {
+  const refreshToken = await dependencies.refreshTokenStore.load(state.account);
+  if (!refreshToken) {
+    throw new CliError(
+      'No refresh token was found. Run "mgcl auth login" again.'
+    );
+  }
+  const tokenResponse = await dependencies.authClient.refreshTokens({
+    clientId: state.account.clientId,
+    organizationId,
+    refreshToken
+  }).catch((error) => {
+    if (error instanceof CliError && error.message === "Refresh token already exchanged.") {
+      throw new CliError(
+        'Refresh token already exchanged. Run "mgcl auth login" again.',
+        { cause: error }
+      );
+    }
+    throw error;
+  });
+  await dependencies.refreshTokenStore.save(
+    state.account,
+    tokenResponse.refresh_token
+  );
+  return {
+    accessToken: tokenResponse.access_token
+  };
+}
+async function handleAuthLogin(dependencies, options) {
+  const clientId = requireWorkosClientId(dependencies.runtimeConfig);
+  const deviceAuthorization = await dependencies.authClient.startDeviceAuthorization({ clientId });
+  const verificationUrl = deviceAuthorization.verification_uri_complete ?? deviceAuthorization.verification_uri;
+  const promptWriter = options.json ? dependencies.io.error : dependencies.io.info;
+  promptWriter(
+    formatAuthLoginPrompt({
+      userCode: deviceAuthorization.user_code,
+      verificationUrl
+    })
+  );
+  await dependencies.openExternalUrl(verificationUrl).catch(() => {
+    promptWriter(formatBrowserOpenFallback());
+  });
+  const tokenResponse = await dependencies.authClient.pollForDeviceTokens({
+    clientId,
+    deviceCode: deviceAuthorization.device_code,
+    ...deviceAuthorization.expires_in ? { expiresInSeconds: deviceAuthorization.expires_in } : {},
+    ...deviceAuthorization.interval ? { intervalSeconds: deviceAuthorization.interval } : {}
+  });
+  const accessTokenClaims = dependencies.authClient.decodeAccessTokenClaims(
+    tokenResponse.access_token
+  );
+  const [user, organizations] = await Promise.all([
+    dependencies.apiClient.fetchUser({
+      accessToken: tokenResponse.access_token,
+      userId: accessTokenClaims.sub
+    }),
+    dependencies.apiClient.fetchOrganizations({
+      accessToken: tokenResponse.access_token
+    })
+  ]);
+  const defaultOrgId = accessTokenClaims.org_id ?? organizations[0]?.id ?? null;
+  const nextState = {
+    account: {
+      clientId,
+      email: user.email,
+      userId: user.id
+    },
+    defaultOrgId,
+    lastUsedOrgId: defaultOrgId,
+    organizations
+  };
+  await Promise.all([
+    dependencies.refreshTokenStore.save(
+      nextState.account,
+      tokenResponse.refresh_token
+    ),
+    dependencies.stateStore.save(nextState)
+  ]);
+  const defaultOrganization = organizations.find((organization) => organization.id === defaultOrgId) ?? null;
+  if (options.json) {
+    writeJsonOutput(dependencies.io, nextState);
+    return;
+  }
+  dependencies.io.info(
+    formatAuthLoginSuccess({
+      account: nextState.account,
+      defaultOrganization,
+      organizationCount: organizations.length
+    })
+  );
+}
+async function handleAuthLogout(dependencies, options) {
+  const state = await dependencies.stateStore.load();
+  if (state) {
+    await dependencies.refreshTokenStore.clear(state.account);
+  }
+  await dependencies.stateStore.clear();
+  if (options.json) {
+    writeJsonOutput(dependencies.io, { loggedOut: true });
+    return;
+  }
+  dependencies.io.info(formatLogoutSuccess());
+}
+async function handleOrgList(dependencies, options) {
+  const state = requireLoggedInState(await dependencies.stateStore.load());
+  if (options.json) {
+    writeJsonOutput(dependencies.io, state.organizations);
+    return;
+  }
+  dependencies.io.info(
+    formatOrganizationList({
+      defaultOrgId: state.defaultOrgId,
+      lastUsedOrgId: state.lastUsedOrgId,
+      organizations: state.organizations
+    })
+  );
+}
+async function handleOrgUse(dependencies, organizationSelector, options) {
+  const state = requireLoggedInState(await dependencies.stateStore.load());
+  const organization = resolveOrganizationBySelector({
+    organizations: state.organizations,
+    selector: organizationSelector
+  });
+  const nextState = {
+    ...state,
+    defaultOrgId: organization.id,
+    lastUsedOrgId: organization.id
+  };
+  await dependencies.stateStore.save(nextState);
+  if (options.json) {
+    writeJsonOutput(dependencies.io, {
+      defaultOrgId: organization.id,
+      organization
+    });
+    return;
+  }
+  dependencies.io.info(formatDefaultOrganizationSelection(organization));
+}
+async function handleOperationCommand(dependencies, operationSpec, commandOptions) {
+  const state = requireLoggedInState(await dependencies.stateStore.load());
+  const organization = resolveSelectedOrganization({
+    state,
+    ...commandOptions.org ? { organizationSelector: commandOptions.org } : {}
+  });
+  const variables = collectOperationVariables(operationSpec, commandOptions);
+  const { accessToken } = await withOrgScopedAccessToken({
+    dependencies,
+    organizationId: organization.id,
+    state
+  });
+  const result = await dependencies.apiClient.executeGraphQl({
+    accessToken,
+    query: operationSpec.document,
+    resultKey: operationSpec.cli.resultKey,
+    variables
+  });
+  await dependencies.stateStore.save({
+    ...state,
+    lastUsedOrgId: organization.id
+  });
+  if (commandOptions.json) {
+    writeJsonOutput(dependencies.io, result);
+    return;
+  }
+  dependencies.io.info(formatHumanReadableOutput(result));
+}
+function addRegistryOperationCommand({
+  program: program2,
+  commandGroups,
+  dependencies,
+  operationSpec
+}) {
+  const commandPath = [...operationSpec.cli.path];
+  const leafCommandName = commandPath.pop();
+  if (!leafCommandName) {
+    throw new CliError(
+      `CLI path is missing a leaf command for ${operationSpec.operationName}.`
+    );
+  }
+  let parentCommand = program2;
+  const currentGroupPath = [];
+  for (const groupSegment of commandPath) {
+    currentGroupPath.push(groupSegment);
+    const groupPathKey = currentGroupPath.join(" ");
+    const existingGroup = commandGroups.get(groupPathKey);
+    if (existingGroup) {
+      parentCommand = existingGroup;
+      continue;
+    }
+    const nextGroup = parentCommand.command(groupSegment);
+    if (currentGroupPath.length === 1) {
+      nextGroup.helpGroup("Operation groups:");
+    }
+    const rootGroupDescription = currentGroupPath.length === 1 ? rootOperationalGroupDescriptions.get(groupSegment) : void 0;
+    if (rootGroupDescription) {
+      nextGroup.description(rootGroupDescription);
+    }
+    commandGroups.set(groupPathKey, nextGroup);
+    parentCommand = nextGroup;
+  }
+  const command = parentCommand.command(leafCommandName);
+  configureOperationalCommand(command, dependencies, operationSpec);
+  const legacyAliasCommand = program2.command(operationSpec.cli.name, {
+    hidden: true
+  });
+  configureOperationalCommand(legacyAliasCommand, dependencies, operationSpec);
+}
+function configureOperationalCommand(command, dependencies, operationSpec) {
+  command.description(operationSpec.cli.description).addOption(
+    new Option(
+      "--org <org>",
+      "Organization ID or exact organization name to use."
+    ).helpGroup("Shared options:")
+  ).addHelpText(
+    "after",
+    `
+${formatExamples(
+      "Examples",
+      createOperationHelpExamples(operationSpec)
+    )}`
+  );
+  for (const optionSpec of operationSpec.cli.options) {
+    const optionFlags = optionSpec.valueType === "boolean" ? `--${optionSpec.flagName}` : `--${optionSpec.flagName} <value>`;
+    const optionDescription = optionSpec.valueHint ? `${optionSpec.description} (${optionSpec.valueHint})` : optionSpec.description;
+    const nextOption = new Option(optionFlags, optionDescription).helpGroup(
+      operationSpec.kind === "query" ? "Query options:" : "Mutation options:"
+    );
+    if (optionSpec.valueType === "boolean") {
+      command.addOption(nextOption);
+      continue;
+    }
+    const parser = (rawValue) => parseCommandOptionValue(rawValue, optionSpec);
+    nextOption.argParser(parser);
+    if (optionSpec.required) {
+      nextOption.makeOptionMandatory(true);
+      command.addOption(nextOption);
+      continue;
+    }
+    command.addOption(nextOption);
+  }
+  command.action(async function() {
+    await handleOperationCommand(
+      dependencies,
+      operationSpec,
+      this.optsWithGlobals()
+    );
+  });
+}
+function createConsoleIo() {
+  return {
+    error(message) {
+      process.stderr.write(`${message}
+`);
+    },
+    info(message) {
+      process.stdout.write(`${message}
+`);
+    }
+  };
+}
+async function openExternalUrl(url) {
+  const command = resolveOpenCommand(url);
+  const childProcess = spawn(command.executable, command.args, {
+    detached: true,
+    stdio: "ignore"
+  });
+  await new Promise((resolve, reject) => {
+    childProcess.on("error", reject);
+    childProcess.on("spawn", () => {
+      childProcess.unref();
+      resolve();
+    });
+  });
+}
+function resolveOpenCommand(url) {
+  if (process.platform === "darwin") {
+    return { executable: "open", args: [url] };
+  }
+  if (process.platform === "win32") {
+    return { executable: "cmd", args: ["/c", "start", "", url] };
+  }
+  return { executable: "xdg-open", args: [url] };
+}
+function createDefaultDependencies() {
+  const runtimeConfig = getRuntimeConfig();
+  return {
+    apiClient: createMagicalApiClient({
+      apiBaseUrl: runtimeConfig.magicalApiUrl
+    }),
+    authClient: createWorkosAuthClient({
+      workosApiUrl: runtimeConfig.workosApiUrl
+    }),
+    io: createConsoleIo(),
+    openExternalUrl,
+    refreshTokenStore: createKeytarRefreshTokenStore(
+      runtimeConfig.keychainServiceName
+    ),
+    runtimeConfig,
+    stateStore: createFileStateStore(runtimeConfig.stateFilePath)
+  };
+}
+function buildProgram(dependencies) {
+  const program2 = configureCommandPresentation(
+    new Command().name("mgcl").description("Run Magical shared MCP operations from the command line.")
+  ).addOption(new Option("--json", "Render JSON output.")).showHelpAfterError().showSuggestionAfterError().addHelpText(
+    "after",
+    `
+${formatExamples("Quick start", [
+      "mgcl auth login",
+      "mgcl org list",
+      "mgcl automations list --limit 10",
+      "mgcl automation-runs get --id <run-id>"
+    ])}
+
+${formatOutputModesNote()}`
+  );
+  const authCommand = configureCommandPresentation(
+    new Command("auth").description("Manage CLI authentication.")
+  ).helpGroup("Workspace:").addHelpText(
+    "after",
+    `
+${formatExamples("Examples", [
+      "mgcl auth login",
+      "mgcl auth logout"
+    ])}`
+  );
+  authCommand.command("login").description("Authenticate with Magical and load organization memberships.").action(async function() {
+    await handleAuthLogin(dependencies, this.optsWithGlobals());
+  });
+  authCommand.command("logout").description("Remove local CLI auth state.").action(async function() {
+    await handleAuthLogout(dependencies, this.optsWithGlobals());
+  });
+  program2.addCommand(authCommand);
+  const orgCommand = configureCommandPresentation(
+    new Command("org").description("Manage organization selection.")
+  ).helpGroup("Workspace:").addHelpText(
+    "after",
+    `
+${formatExamples("Examples", [
+      "mgcl org list",
+      "mgcl org use <org>"
+    ])}`
+  );
+  orgCommand.command("list").description("List organizations available to the saved identity.").action(async function() {
+    await handleOrgList(dependencies, this.optsWithGlobals());
+  });
+  orgCommand.command("use <org>").description("Set the default organization by ID or exact name.").action(async function(organizationSelector) {
+    await handleOrgUse(
+      dependencies,
+      organizationSelector,
+      this.optsWithGlobals()
+    );
+  });
+  program2.addCommand(orgCommand);
+  const operationalCommandGroups = /* @__PURE__ */ new Map();
+  for (const operationSpec of operationSpecs) {
+    addRegistryOperationCommand({
+      program: program2,
+      commandGroups: operationalCommandGroups,
+      dependencies,
+      operationSpec
+    });
+  }
+  return program2;
+}
+
+// src/index.ts
+var program = buildProgram(createDefaultDependencies());
+program.parseAsync(process.argv).catch((error) => {
+  process.stderr.write(`${formatCliError(getErrorMessage(error))}
+`);
+  process.exitCode = 1;
+});
+//# sourceMappingURL=index.js.map