@invizi/cli 0.1.1

package/README.md

@@ -0,0 +1,39 @@
+# invizi-cli
+
+Thin CLI for Invizi with local auth/setup commands and remote command execution.
+
+## Install
+
+```bash
+npm install -g @invizi/cli
+```
+
+## Usage
+
+```bash
+invizi auth login
+invizi auth status
+invizi --help
+invizi connect 0x1234...abcd --label main
+invizi setup
+```
+
+## Development
+
+### Scripts
+
+```bash
+npm run build      # Compile TypeScript to dist/
+npm run typecheck  # TypeScript checks (no emit)
+npm test           # Jest tests
+```
+
+### Project Layout
+
+- `src/` TypeScript source code
+- `dist/` compiled runtime (generated)
+- `bin/invizi.js` published executable wrapper
+
+### Packaging
+
+- `npm pack` and `npm publish` run `prepack`, which builds `dist/` automatically.

package/bin/invizi.js

@@ -0,0 +1,9 @@
+#!/usr/bin/env node
+import { main } from '../dist/invizi.js';
+
+main(process.argv.slice(2))
+  .then((code) => process.exit(code))
+  .catch((err) => {
+    console.error(err?.message || String(err));
+    process.exit(1);
+  });

package/dist/auth.js

@@ -0,0 +1,232 @@
+import { getApiUrl, loadConfig, saveConfig } from './config.js';
+const DEFAULT_SCOPE = 'openid profile email offline_access';
+function sleep(ms) {
+    return new Promise(resolve => setTimeout(resolve, ms));
+}
+function getAuth0Config(config = loadConfig()) {
+    const auth = config.auth;
+    const domain = process.env.AUTH0_DOMAIN || config.auth0Domain || auth?.domain;
+    const audience = process.env.AUTH0_AUDIENCE || config.auth0Audience || auth?.audience;
+    const clientId = process.env.AUTH0_CLIENT_ID || config.auth0ClientId || auth?.clientId;
+    if (!domain || !audience || !clientId) {
+        throw new Error('Missing AUTH0_DOMAIN, AUTH0_AUDIENCE, or AUTH0_CLIENT_ID. Set env vars or save them in config.');
+    }
+    return { domain, audience, clientId };
+}
+function getStoredAuth() {
+    const cfg = loadConfig();
+    return cfg.auth || null;
+}
+function setStoredAuth(auth) {
+    const cfg = loadConfig();
+    cfg.auth = auth;
+    saveConfig(cfg);
+}
+function clearStoredAuth() {
+    const cfg = loadConfig();
+    delete cfg.auth;
+    saveConfig(cfg);
+}
+function isTokenValid(auth, skewMs = 30_000) {
+    if (!auth || !auth.accessToken || !auth.expiresAt)
+        return false;
+    return auth.expiresAt > Date.now() + skewMs;
+}
+export function inferEmail(profile) {
+    if (!profile || typeof profile !== 'object')
+        return null;
+    const p = profile;
+    if (typeof p.email === 'string' && p.email.includes('@'))
+        return p.email;
+    if (typeof p.name === 'string' && p.name.includes('@'))
+        return p.name;
+    if (typeof p.nickname === 'string' && p.nickname.includes('@'))
+        return p.nickname;
+    return null;
+}
+async function fetchAuth0UserProfile(accessToken, domain) {
+    if (!accessToken || !domain)
+        return null;
+    const res = await fetch(`https://${domain}/userinfo`, {
+        headers: { Authorization: `Bearer ${accessToken}` },
+    });
+    if (!res.ok)
+        return null;
+    return await res.json();
+}
+async function refreshAccessToken(auth) {
+    if (!auth.refreshToken)
+        return null;
+    const { domain, clientId } = getAuth0Config();
+    const res = await fetch(`https://${domain}/oauth/token`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: new URLSearchParams({
+            grant_type: 'refresh_token',
+            client_id: clientId,
+            refresh_token: auth.refreshToken,
+        }),
+    });
+    if (!res.ok)
+        return null;
+    const data = await res.json();
+    if (!data.access_token || !data.expires_in)
+        return null;
+    return {
+        ...auth,
+        accessToken: data.access_token,
+        refreshToken: data.refresh_token || auth.refreshToken,
+        expiresAt: Date.now() + (data.expires_in * 1000),
+        tokenType: data.token_type || auth.tokenType,
+        scope: data.scope || auth.scope,
+    };
+}
+export async function getAccessToken() {
+    const auth = getStoredAuth();
+    if (!auth)
+        return null;
+    if (isTokenValid(auth))
+        return auth.accessToken;
+    const refreshed = await refreshAccessToken(auth);
+    if (!refreshed)
+        return null;
+    setStoredAuth(refreshed);
+    return refreshed.accessToken;
+}
+export async function getAuthorizationHeader() {
+    const accessToken = await getAccessToken();
+    if (accessToken)
+        return `Bearer ${accessToken}`;
+    if (process.env.INVIZI_API_KEY) {
+        return `Bearer ${process.env.INVIZI_API_KEY}`;
+    }
+    return null;
+}
+async function login() {
+    const { domain, audience, clientId } = getAuth0Config();
+    const deviceRes = await fetch(`https://${domain}/oauth/device/code`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: new URLSearchParams({
+            client_id: clientId,
+            audience,
+            scope: DEFAULT_SCOPE,
+        }),
+    });
+    if (!deviceRes.ok) {
+        const body = await deviceRes.text();
+        throw new Error(`Auth0 device flow init failed: ${body}`);
+    }
+    const device = await deviceRes.json();
+    console.log('\nAuth0 login required');
+    console.log(`1) Open: ${device.verification_uri_complete || device.verification_uri}`);
+    if (!device.verification_uri_complete) {
+        console.log(`2) Enter code: ${device.user_code}`);
+    }
+    const deadline = Date.now() + (device.expires_in * 1000);
+    let intervalMs = (device.interval || 5) * 1000;
+    while (Date.now() < deadline) {
+        await sleep(intervalMs);
+        const tokenRes = await fetch(`https://${domain}/oauth/token`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            body: new URLSearchParams({
+                grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
+                device_code: device.device_code,
+                client_id: clientId,
+            }),
+        });
+        const token = await tokenRes.json();
+        if (tokenRes.ok && token.access_token && token.expires_in) {
+            setStoredAuth({
+                accessToken: token.access_token,
+                refreshToken: token.refresh_token,
+                expiresAt: Date.now() + (token.expires_in * 1000),
+                tokenType: token.token_type,
+                scope: token.scope,
+                domain,
+                audience,
+                clientId,
+            });
+            console.log('\nLogin successful.');
+            return 0;
+        }
+        if (token.error === 'authorization_pending')
+            continue;
+        if (token.error === 'slow_down') {
+            intervalMs += 5000;
+            continue;
+        }
+        if (token.error === 'expired_token') {
+            throw new Error('Device code expired. Run `invizi auth login` again.');
+        }
+        throw new Error(`Login failed: ${token.error || 'unknown error'}`);
+    }
+    throw new Error('Login timed out before authorization completed.');
+}
+async function status() {
+    const auth = getStoredAuth();
+    if (!auth) {
+        if (process.env.INVIZI_API_KEY) {
+            console.log('No Auth0 token stored. Using INVIZI_API_KEY fallback.');
+        }
+        else {
+            console.log('Not logged in. Run: invizi auth login');
+            return 1;
+        }
+    }
+    else {
+        const ttlSec = Math.max(0, Math.floor((auth.expiresAt - Date.now()) / 1000));
+        console.log(`Token: present (expires in ~${ttlSec}s)`);
+    }
+    const header = await getAuthorizationHeader();
+    if (!header) {
+        console.log('No credentials available.');
+        return 1;
+    }
+    // Use v1 protocol (auth.me) instead of /api/me (not exposed via nginx)
+    const res = await fetch(`${getApiUrl()}/cli/v1/execute`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json', Authorization: header },
+        body: JSON.stringify({ commandId: 'auth.me' }),
+    });
+    if (!res.ok) {
+        console.log(`Unable to query identity (${res.status})`);
+        return 1;
+    }
+    const response = await res.json();
+    if (!response.ok || !response.result) {
+        console.log(`Unable to query identity: ${response.error?.message || 'unknown error'}`);
+        return 1;
+    }
+    const me = response.result;
+    console.log(`User: ${me.id} (${me.role}) via ${me.authProvider}`);
+    let email = me.email || null;
+    if (!email && auth?.accessToken && auth?.domain) {
+        const profile = await fetchAuth0UserProfile(auth.accessToken, auth.domain);
+        email = inferEmail(profile);
+    }
+    if (email) {
+        console.log(`Email: ${email}`);
+    }
+    if (Array.isArray(me.permissions) && me.permissions.length > 0) {
+        console.log(`Permissions: ${me.permissions.join(', ')}`);
+    }
+    return 0;
+}
+function logout() {
+    clearStoredAuth();
+    console.log('Logged out.');
+    return 0;
+}
+export async function auth(args) {
+    const sub = args[0] || 'status';
+    if (sub === 'login')
+        return login();
+    if (sub === 'logout')
+        return logout();
+    if (sub === 'status')
+        return status();
+    console.error('Usage: invizi auth <login|logout|status>');
+    return 1;
+}

package/dist/config.js

@@ -0,0 +1,46 @@
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from 'node:fs';
+import { dirname, join } from 'node:path';
+import { homedir } from 'node:os';
+export const DEFAULT_API_URL = 'https://api.invizi.co';
+export function getConfigDir(home = homedir()) {
+    const xdg = join(home, '.config', 'invizi');
+    const fallback = join(home, '.invizi');
+    if (existsSync(join(home, '.config'))) {
+        return xdg;
+    }
+    return fallback;
+}
+export function getConfigPath(home = homedir()) {
+    return join(getConfigDir(home), 'config.json');
+}
+export function loadConfig(configPath = getConfigPath()) {
+    try {
+        return JSON.parse(readFileSync(configPath, 'utf-8'));
+    }
+    catch {
+        return {};
+    }
+}
+export function saveConfig(config, configPath = getConfigPath()) {
+    mkdirSync(dirname(configPath), { recursive: true });
+    writeFileSync(configPath, JSON.stringify(config, null, 2));
+}
+export function resolveApiUrl(config, env = process.env) {
+    return config.apiUrl || env.INVIZI_API_URL || env.INVIZI_SERVER || DEFAULT_API_URL;
+}
+export function getApiUrl() {
+    return resolveApiUrl(loadConfig());
+}
+export function redactConfig(config) {
+    const auth = config.auth
+        ? {
+            ...config.auth,
+            accessToken: '***',
+            refreshToken: config.auth.refreshToken ? '***' : undefined,
+        }
+        : undefined;
+    return {
+        ...config,
+        auth,
+    };
+}

package/dist/connect.js

@@ -0,0 +1,131 @@
+import { getApiUrl, loadConfig, saveConfig } from './config.js';
+import { getAuthorizationHeader } from './auth.js';
+const HLP_API = 'https://api.hyperliquid.xyz/info';
+function detectChain(address) {
+    if (/^0x[0-9a-fA-F]{40}$/.test(address))
+        return 'evm';
+    return null;
+}
+const EXCHANGE_CHECKERS = {
+    evm: [{ name: 'hyperliquid', check: validateHlpAddress }],
+};
+async function validateHlpAddress(address) {
+    const [stateRes, fillsRes] = await Promise.all([
+        fetch(HLP_API, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ type: 'clearinghouseState', user: address }),
+        }),
+        fetch(HLP_API, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ type: 'userFills', user: address }),
+        }),
+    ]);
+    if (!stateRes.ok || !fillsRes.ok) {
+        return null;
+    }
+    const state = (await stateRes.json());
+    const fills = (await fillsRes.json());
+    return {
+        positions: state.assetPositions?.length || 0,
+        accountValue: Number.parseFloat(state.marginSummary?.accountValue || '0'),
+        trades: fills.length || 0,
+    };
+}
+async function registerWithServer(exchange, address, label) {
+    const apiUrl = getApiUrl();
+    const authHeader = await getAuthorizationHeader();
+    if (!authHeader) {
+        throw new Error('Not authenticated. Run: invizi auth login');
+    }
+    const res = await fetch(`${apiUrl}/api/connect`, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            Authorization: authHeader,
+        },
+        body: JSON.stringify({ exchange, address, label }),
+    });
+    if (!res.ok) {
+        const bodyText = await res.text();
+        let parsed = null;
+        try {
+            parsed = JSON.parse(bodyText);
+        }
+        catch {
+            parsed = null;
+        }
+        if (res.status === 403 && parsed?.error?.includes('Tracking limit reached')) {
+            const tracked = parsed.trackedAddress;
+            const details = tracked
+                ? `existing ${tracked.exchange}:${tracked.address}${tracked.label ? ` (${tracked.label})` : ''}`
+                : 'already at limit';
+            throw new Error(`Tracking limit reached (${details}).`);
+        }
+        throw new Error(`Server error: ${res.status} ${parsed?.error || bodyText}`);
+    }
+    return (await res.json());
+}
+export async function connect(args) {
+    const address = args[0];
+    const labelIdx = args.indexOf('--label');
+    const label = labelIdx !== -1 ? args[labelIdx + 1] || null : null;
+    if (!address) {
+        console.error('Usage: invizi connect <wallet-address> [--label name]');
+        return 1;
+    }
+    const chain = detectChain(address);
+    if (!chain) {
+        console.error(`Unrecognized address format: ${address}`);
+        console.error('Supported: EVM addresses (0x...)');
+        return 1;
+    }
+    const checkers = EXCHANGE_CHECKERS[chain];
+    if (!checkers || checkers.length === 0) {
+        console.error(`No supported exchanges for chain: ${chain}`);
+        return 1;
+    }
+    console.log(`Scanning exchanges for ${address}...`);
+    const found = [];
+    for (const { name, check } of checkers) {
+        const info = await check(address);
+        if (info && (info.positions > 0 || info.trades > 0 || info.accountValue > 0)) {
+            found.push({ exchange: name, info });
+            console.log(`  [ok] ${name}: ${info.positions} positions, ${info.trades} trades, $${info.accountValue.toFixed(2)}`);
+        }
+        else {
+            console.log(`  [x] ${name}: no activity`);
+        }
+    }
+    if (found.length === 0) {
+        console.error('No activity found on any supported exchange for this address.');
+        return 1;
+    }
+    const selected = found[0];
+    try {
+        const result = await registerWithServer(selected.exchange, address, label);
+        const config = loadConfig();
+        config.userId = result.userId;
+        config.trackedAddressId = result.trackedAddressId;
+        delete config.accountId;
+        config.address = address;
+        config.exchange = selected.exchange;
+        if (label)
+            config.label = label;
+        saveConfig(config);
+        console.log(`Connected watch-only tracking: ${selected.exchange}`);
+        if (result.alreadyTracked) {
+            console.log('  Already tracked previously.');
+        }
+        console.log(`  Positions: ${selected.info.positions}`);
+        console.log(`  Trades: ${selected.info.trades}`);
+        console.log(`  Account value: $${selected.info.accountValue.toFixed(2)}`);
+        return 0;
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        console.error(`Failed to register: ${message}`);
+        return 1;
+    }
+}

package/dist/invizi.js

@@ -0,0 +1,145 @@
+import { readFileSync } from 'node:fs';
+import { auth, getAuthorizationHeader } from './auth.js';
+import { connect } from './connect.js';
+import { getApiUrl, getConfigPath, loadConfig, redactConfig } from './config.js';
+import { setup } from './setup.js';
+function showLocalHelp() {
+    console.log(`
+Invizi CLI
+
+Commands:
+  invizi auth login            Login via Auth0 device flow
+  invizi auth status           Show current auth identity
+  invizi auth logout           Clear local Auth0 session
+  invizi connect <address>     Connect a wallet address (auto-detects exchange)
+  invizi setup                 Install skills into your AI tool
+  invizi config                Show current config
+  invizi version               Show CLI version
+
+Run invizi --help after login for the remote command list.
+`);
+}
+async function executeProtocol(args, authHeader) {
+    const apiUrl = getApiUrl();
+    const res = await fetch(`${apiUrl}/cli/v1/execute`, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            Authorization: authHeader,
+        },
+        body: JSON.stringify({ argv: args }),
+    });
+    if (res.status === 404) {
+        return { handled: false, exitCode: 0 };
+    }
+    if (res.status === 401 || res.status === 403) {
+        console.error('Auth error. Run: invizi auth login');
+        return { handled: true, exitCode: 1 };
+    }
+    const output = (await res.json().catch(() => null));
+    if (!output || typeof output !== 'object') {
+        console.error('Invalid protocol response from server');
+        return { handled: true, exitCode: 1 };
+    }
+    if (typeof output.text === 'string' && output.text.length > 0) {
+        process.stdout.write(`${output.text}${output.text.endsWith('\n') ? '' : '\n'}`);
+    }
+    if (!output.text && output.result !== undefined) {
+        process.stdout.write(`${JSON.stringify(output.result, null, 2)}\n`);
+    }
+    if (output.error?.message) {
+        process.stderr.write(`${output.error.message}\n`);
+        return { handled: true, exitCode: 1 };
+    }
+    return { handled: true, exitCode: output.ok === false ? 1 : 0 };
+}
+async function showRemoteHelp(authHeader) {
+    const apiUrl = getApiUrl();
+    const res = await fetch(`${apiUrl}/cli/v1/commands`, {
+        headers: { Authorization: authHeader },
+    });
+    if (!res.ok) {
+        throw new Error(`Unable to fetch command catalog (${res.status})`);
+    }
+    const data = (await res.json());
+    const commands = Array.isArray(data.commands) ? data.commands : [];
+    if (commands.length === 0) {
+        console.log('No commands available for this user.');
+        return;
+    }
+    console.log('Invizi Remote Commands\n');
+    for (const cmd of commands) {
+        const name = Array.isArray(cmd.tokens) ? cmd.tokens.join(' ') : cmd.id || '(unknown)';
+        const desc = cmd.description || '';
+        console.log(`  ${name.padEnd(20)} ${desc}`);
+    }
+    console.log('\nUse: invizi <command> --help (if supported)');
+}
+async function executeRemote(args, options = {}) {
+    const authHeader = await getAuthorizationHeader();
+    if (!authHeader) {
+        console.error('Not authenticated. Run: invizi auth login');
+        return 1;
+    }
+    try {
+        const protocol = await executeProtocol(args, authHeader);
+        return protocol.exitCode;
+    }
+    catch (error) {
+        if (!options.quietNetworkError) {
+            const message = error instanceof Error ? error.message : String(error);
+            console.error(message);
+        }
+        return 1;
+    }
+}
+export async function main(rawArgs = process.argv.slice(2)) {
+    const args = rawArgs;
+    const command = args[0];
+    if (!command) {
+        showLocalHelp();
+        return 0;
+    }
+    if (command === '--help' || command === '-h') {
+        const header = await getAuthorizationHeader();
+        if (!header) {
+            showLocalHelp();
+            return 0;
+        }
+        try {
+            await showRemoteHelp(header);
+            return 0;
+        }
+        catch {
+            try {
+                const code = await executeRemote(['--help'], { quietNetworkError: true });
+                if (code !== 0) {
+                    showLocalHelp();
+                    return 0;
+                }
+                return code;
+            }
+            catch {
+                showLocalHelp();
+                return 0;
+            }
+        }
+    }
+    if (command === 'auth')
+        return auth(args.slice(1));
+    if (command === 'connect')
+        return connect(args.slice(1));
+    if (command === 'setup')
+        return setup(args.slice(1));
+    if (command === 'config') {
+        console.log(JSON.stringify(redactConfig(loadConfig()), null, 2));
+        console.log(`\nConfig path: ${getConfigPath()}`);
+        return 0;
+    }
+    if (command === 'version') {
+        const pkg = JSON.parse(readFileSync(new URL('../package.json', import.meta.url), 'utf-8'));
+        console.log(`invizi-cli v${pkg.version || 'unknown'}`);
+        return 0;
+    }
+    return executeRemote(args);
+}

package/dist/setup.js

@@ -0,0 +1,114 @@
+import { existsSync, mkdirSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { join } from 'node:path';
+import { loadConfig, saveConfig, getConfigPath } from './config.js';
+const SKILLS_URL = 'https://pub-6e61fc0656544ad3bf01416b1d0a6065.r2.dev';
+function detectAiTool() {
+    const checks = [
+        { name: 'Claude Code', dir: join(homedir(), '.claude', 'skills'), marker: join(homedir(), '.claude') },
+        { name: 'OpenCode', dir: join(homedir(), '.opencode', 'skills'), marker: join(homedir(), '.opencode') },
+    ];
+    for (const { name, dir, marker } of checks) {
+        if (existsSync(marker)) {
+            return { name, skillsDir: dir };
+        }
+    }
+    return null;
+}
+// Public Auth0 config (client-side values, not secrets)
+const AUTH0_CONFIG = {
+    domain: 'dev-u1fgwppsg73adwpc.us.auth0.com',
+    audience: 'https://api-dev.invizi.co',
+    clientId: 'RK5mtxCZygkrBkQr9n2CkgSkjFFsYSsI',
+};
+export async function setup(args) {
+    const outputIdx = args.indexOf('--output');
+    const customOutput = outputIdx !== -1 ? args[outputIdx + 1] : null;
+    const dryRun = args.includes('--dry-run');
+    const isDev = args.includes('--dev');
+    const apiUrl = isDev ? 'http://localhost:3000' : 'https://api.invizi.co';
+    // Step 0: Configure API URL + Auth0
+    console.log(`Configuring Invizi CLI (${isDev ? 'dev' : 'prod'})...`);
+    if (!dryRun) {
+        const config = loadConfig();
+        let changed = false;
+        // Always update apiUrl if --dev flag changes the target
+        if (!config.apiUrl || config.apiUrl !== apiUrl) {
+            config.apiUrl = apiUrl;
+            changed = true;
+        }
+        if (!config.auth0Domain) {
+            config.auth0Domain = AUTH0_CONFIG.domain;
+            changed = true;
+        }
+        if (!config.auth0Audience) {
+            config.auth0Audience = AUTH0_CONFIG.audience;
+            changed = true;
+        }
+        if (!config.auth0ClientId) {
+            config.auth0ClientId = AUTH0_CONFIG.clientId;
+            changed = true;
+        }
+        if (changed) {
+            saveConfig(config);
+            console.log(`  Config saved to ${getConfigPath()}`);
+            console.log(`  API: ${config.apiUrl}`);
+        }
+        else {
+            console.log('  Config already set up.');
+        }
+    }
+    console.log('');
+    let skillsDir;
+    let toolName;
+    if (customOutput) {
+        skillsDir = customOutput;
+        toolName = 'custom path';
+    }
+    else {
+        const tool = detectAiTool();
+        if (!tool) {
+            console.error('No supported AI tool detected.');
+            console.error('Supported: Claude Code (~/.claude/), OpenCode (~/.opencode/)');
+            console.error('Use --output <path> to specify a custom install directory.');
+            return 1;
+        }
+        skillsDir = tool.skillsDir;
+        toolName = tool.name;
+    }
+    console.log(`Detected: ${toolName}`);
+    console.log(`Skills directory: ${skillsDir}`);
+    if (dryRun) {
+        console.log('(dry run - no files will be written)');
+    }
+    console.log('Fetching skills...');
+    const listRes = await fetch(`${SKILLS_URL}/list.json`);
+    if (!listRes.ok) {
+        console.error('Failed to fetch skill list from Invizi.');
+        return 1;
+    }
+    const skills = (await listRes.json());
+    for (const name of skills) {
+        const res = await fetch(`${SKILLS_URL}/${name}/SKILL.md`);
+        if (!res.ok) {
+            console.error(`  [x] ${name} (download failed)`);
+            continue;
+        }
+        const content = await res.text();
+        if (!dryRun) {
+            const dir = join(skillsDir, name);
+            mkdirSync(dir, { recursive: true });
+            writeFileSync(join(dir, 'SKILL.md'), content);
+        }
+        console.log(`  [ok] ${name}`);
+    }
+    console.log('');
+    if (dryRun) {
+        console.log('Dry run complete. No files written.');
+    }
+    else {
+        console.log(`Installed ${skills.length} skills to ${skillsDir}`);
+        console.log('Try /invizi-trade in your AI tool.');
+    }
+    return 0;
+}

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "@invizi/cli",
+  "version": "0.1.1",
+  "description": "Invizi CLI",
+  "type": "module",
+  "bin": {
+    "invizi": "./bin/invizi.js"
+  },
+  "files": [
+    "bin/",
+    "dist/"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "typecheck": "tsc --noEmit -p tsconfig.json",
+    "test": "jest",
+    "prepack": "npm run build"
+  },
+  "devDependencies": {
+    "@types/jest": "^30.0.0",
+    "@types/node": "^24.6.0",
+    "jest": "^30.2.0",
+    "ts-jest": "^29.4.4",
+    "typescript": "^5.9.3"
+  },
+  "keywords": [
+    "invizi",
+    "cli"
+  ],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/invizi/cli"
+  },
+  "homepage": "https://invizi.co"
+}