@keepur/hive 0.1.0 → 0.1.1

package/scripts/honeypot

@@ -0,0 +1,186 @@
+#!/bin/bash
+set -euo pipefail
+
+# honeypot — macOS Keychain credential wrapper for Hive
+#
+# Stores secrets scoped to the Hive instance under service prefix "hive/<id>/".
+# The keychain MCP server (keychain-mcp-server.ts) reads these at runtime.
+# Coexists with .env — either source works, Keychain is preferred for new installs.
+#
+# Usage:
+#   honeypot set ANTHROPIC_API_KEY           # prompt for value (hidden input)
+#   honeypot set SLACK_BOT_TOKEN "xoxb-..."  # inline value
+#   honeypot get ANTHROPIC_API_KEY           # print value
+#   honeypot list                            # show stored keys (no values)
+#   honeypot rm ANTHROPIC_API_KEY            # delete
+#   honeypot doctor                          # check required keys are present
+
+GREEN='\033[0;32m'
+RED='\033[0;31m'
+YELLOW='\033[1;33m'
+DIM='\033[2m'
+NC='\033[0m'
+
+# Resolve instance ID from hive.yaml
+resolve_instance_id() {
+  local yaml=""
+  if [ -n "${HIVE_HOME:-}" ] && [ -f "${HIVE_HOME}/hive.yaml" ]; then
+    yaml="${HIVE_HOME}/hive.yaml"
+  elif [ -f "./hive.yaml" ]; then
+    yaml="./hive.yaml"
+  elif [ -f "${HOME}/.hive/hive.yaml" ]; then
+    yaml="${HOME}/.hive/hive.yaml"
+  fi
+
+  if [ -n "$yaml" ]; then
+    # Extract instance.id from YAML (simple grep — no yq dependency)
+    local id
+    id=$(grep -A5 '^instance:' "$yaml" 2>/dev/null | grep 'id:' | head -1 | sed 's/.*id: *//' | tr -d '[:space:]"'"'")
+    if [ -n "$id" ]; then
+      echo "$id"
+      return
+    fi
+  fi
+  echo "hive"
+}
+
+INSTANCE_ID=$(resolve_instance_id)
+PREFIX="hive/${INSTANCE_ID}"
+
+cmd="${1:-help}"
+shift || true
+
+case "$cmd" in
+  set)
+    key="${1:-}"
+    value="${2:-}"
+    if [ -z "$key" ]; then
+      echo "Usage: honeypot set <KEY> [value]"
+      exit 1
+    fi
+    if [ -z "$value" ]; then
+      printf "Enter value for %s: " "$key"
+      read -rs value
+      echo ""
+      if [ -z "$value" ]; then
+        echo -e "${RED}Error:${NC} empty value"
+        exit 1
+      fi
+    fi
+    security add-generic-password \
+      -s "${PREFIX}/${key}" \
+      -a "$key" \
+      -w "$value" \
+      -U 2>/dev/null || \
+    security add-generic-password \
+      -s "${PREFIX}/${key}" \
+      -a "$key" \
+      -w "$value"
+    echo -e "${GREEN}+${NC} ${PREFIX}/${key}"
+    ;;
+
+  get)
+    key="${1:-}"
+    if [ -z "$key" ]; then
+      echo "Usage: honeypot get <KEY>"
+      exit 1
+    fi
+    security find-generic-password \
+      -s "${PREFIX}/${key}" \
+      -a "$key" \
+      -w 2>/dev/null || {
+      echo -e "${RED}Not found:${NC} ${PREFIX}/${key}"
+      exit 1
+    }
+    ;;
+
+  rm|remove|delete)
+    key="${1:-}"
+    if [ -z "$key" ]; then
+      echo "Usage: honeypot rm <KEY>"
+      exit 1
+    fi
+    security delete-generic-password \
+      -s "${PREFIX}/${key}" \
+      -a "$key" &>/dev/null && \
+      echo -e "${GREEN}-${NC} ${PREFIX}/${key}" || {
+      echo -e "${RED}Not found:${NC} ${PREFIX}/${key}"
+      exit 1
+    }
+    ;;
+
+  list|ls)
+    echo -e "${DIM}Secrets under ${PREFIX}/:${NC}"
+    echo ""
+    # Extract service names matching our prefix from keychain dump
+    entries=$(security dump-keychain 2>/dev/null | \
+      grep "0x00000007" | \
+      sed 's/.*<blob>="\([^"]*\)".*/\1/' | \
+      grep "^${PREFIX}/" | \
+      sort -u || true)
+    if [ -n "$entries" ]; then
+      echo "$entries" | while IFS= read -r svc; do
+        echo "  ${svc#${PREFIX}/}"
+      done
+    else
+      echo "  (none)"
+    fi
+    ;;
+
+  doctor)
+    echo -e "Checking required credentials for ${YELLOW}${INSTANCE_ID}${NC}..."
+    echo ""
+    required=("ANTHROPIC_API_KEY" "SLACK_APP_TOKEN" "SLACK_BOT_TOKEN")
+    recommended=("MONGODB_URI")
+    all_good=true
+
+    for key in "${required[@]}"; do
+      if security find-generic-password -s "${PREFIX}/${key}" -a "$key" -w &>/dev/null; then
+        echo -e "  ${GREEN}ok${NC}  $key"
+      else
+        echo -e "  ${RED}--${NC}  $key  ${DIM}(required)${NC}"
+        all_good=false
+      fi
+    done
+
+    for key in "${recommended[@]}"; do
+      if security find-generic-password -s "${PREFIX}/${key}" -a "$key" -w &>/dev/null; then
+        echo -e "  ${GREEN}ok${NC}  $key"
+      else
+        echo -e "  ${YELLOW}--${NC}  $key  ${DIM}(recommended)${NC}"
+      fi
+    done
+
+    echo ""
+    if $all_good; then
+      echo -e "${GREEN}All required credentials present.${NC}"
+    else
+      echo -e "Run ${YELLOW}honeypot set <KEY>${NC} to add missing credentials."
+      exit 1
+    fi
+    ;;
+
+  help|--help|-h)
+    cat <<'HELP'
+honeypot — macOS Keychain credential store for Hive
+
+Usage:
+  honeypot set <KEY> [value]    Store a credential (prompts if value omitted)
+  honeypot get <KEY>            Retrieve a credential
+  honeypot list                 Show stored keys (no values)
+  honeypot rm <KEY>             Delete a credential
+  honeypot doctor               Check required credentials are present
+  honeypot help                 This message
+
+Credentials are stored in macOS Keychain under "hive/<instance-id>/<KEY>"
+and are readable by the Hive keychain MCP server at runtime.
+
+HELP
+    ;;
+
+  *)
+    echo "Unknown command: $cmd"
+    echo "Run 'honeypot help' for usage."
+    exit 1
+    ;;
+esac

package/seeds/chief-of-staff/agent.yaml

@@ -1,9 +1,9 @@
 _id: chief-of-staff
-name: Mokie
+name: Chief
 model: opus
 icon: ":bee:"
 channels:
-  - agent-mokie
+  - agent-chief
 passiveChannels: []
 keywords: []
 isDefault: false

package/seeds/chief-of-staff/skills/agent-builder/skills/agent-builder/SKILL.md

@@ -0,0 +1,26 @@
+---
+name: agent-builder
+description: Conversational agent creation — propose roles, configure agents, introduce them to the team
+agents:
+  - chief-of-staff
+---
+
+# Agent Builder
+
+Create new agents conversationally. The owner describes what they need, you propose a role, configure the agent, and introduce it to the team.
+
+## When to use
+
+When the owner asks to create a new agent, add a team member, or needs help with a task that would be better handled by a dedicated agent.
+
+## What to do
+
+1. Understand what the owner needs — what problem, what domain, what tools
+2. Propose a role with a name, personality, and capabilities
+3. Confirm the proposal with the owner
+4. Create the agent definition using admin MCP tools:
+   - Set appropriate model ceiling (haiku for simple routing, sonnet for complex work)
+   - Assign relevant MCP servers from core servers
+   - Write a soul (personality) and system prompt (role/guardrails)
+   - Create a Slack channel for the agent
+5. Introduce the new agent to the owner in Slack

package/seeds/chief-of-staff/skills/capability-inventory/skills/capability-inventory/SKILL.md

@@ -0,0 +1,21 @@
+---
+name: capability-inventory
+description: Know what's installed and available — agents, servers, plugins, skills, registry offerings
+agents:
+  - chief-of-staff
+---
+
+# Capability Inventory
+
+Know what's installed on this hive and what's available to install. Answer questions about capabilities, suggest additions, and help the owner understand their team.
+
+## When to use
+
+When the owner asks "what can you do?", "what agents do I have?", "what's available?", or similar discovery questions.
+
+## What to do
+
+1. Use admin MCP tools to list current agents and their configurations
+2. Describe each agent's role, capabilities, and assigned MCP servers
+3. If asked about available additions, describe what can be installed from the registry
+4. Suggest agents or capabilities that might help based on the owner's business context

package/seeds/chief-of-staff/skills/credential-setup/skills/credential-setup/SKILL.md

@@ -0,0 +1,23 @@
+---
+name: credential-setup
+description: Guide the user through setting up credentials for services via honeypot (macOS Keychain)
+agents:
+  - chief-of-staff
+---
+
+# Credential Setup
+
+Guide the hive owner through setting up credentials for services that require API keys or OAuth tokens.
+
+## When to use
+
+When the owner wants to connect a new service (Google, HubSpot, etc.) or when a tool fails because a required credential is missing.
+
+## What to do
+
+1. Identify which credential is needed
+2. Explain what the service does and why the credential is needed
+3. Walk the owner through obtaining the credential (API key page, OAuth flow, etc.)
+4. Instruct them to run `honeypot set <KEY_NAME>` from their terminal
+5. Verify the credential works by testing the relevant tool
+6. Confirm success and explain what's now available

package/seeds/chief-of-staff/skills/onboarding/skills/onboarding/SKILL.md

@@ -0,0 +1,26 @@
+---
+name: onboarding
+description: First-contact onboarding interview — learns about the business and writes findings to shared/business-context.md
+agents:
+  - chief-of-staff
+---
+
+# Onboarding
+
+Structured first-contact interview for new hive owners. Learn about their business, team, products, and services. Write findings to `shared/business-context.md` in MongoDB memory so all future agents inherit the full business context.
+
+## When to use
+
+Run this skill on first contact with a new user — when `shared/business-context.md` contains only the skeleton seeded by `hive init`.
+
+## What to do
+
+1. Introduce yourself and explain your role as Chief of Staff
+2. Interview the owner about their business:
+   - Company name, industry, location
+   - Products and services offered
+   - Team members and their roles
+   - Key customers and markets
+   - Business goals and priorities
+3. Write a comprehensive `shared/business-context.md` using the memory tools
+4. Summarize what you learned and confirm with the owner

package/pkg/setup/install-prereqs.sh

@@ -1,80 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-
-echo ""
-echo "╔══════════════════════════════════════════════╗"
-echo "║       Hive — Prerequisites Installer         ║"
-echo "╚══════════════════════════════════════════════╝"
-echo ""
-
-# Colors
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-NC='\033[0m' # No Color
-
-check() { command -v "$1" &>/dev/null; }
-
-ok() { echo -e "${GREEN}✓${NC} $1"; }
-need() { echo -e "${YELLOW}→${NC} $1"; }
-
-# 1. Homebrew
-if check brew; then
-  ok "Homebrew already installed"
-else
-  need "Installing Homebrew..."
-  /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
-  # Add to path for this session
-  if [ -f /opt/homebrew/bin/brew ]; then
-    eval "$(/opt/homebrew/bin/brew shellenv)"
-  fi
-  ok "Homebrew installed"
-fi
-
-# 2. Node.js
-if check node; then
-  NODE_VERSION=$(node -v | cut -d. -f1 | tr -d v)
-  if [ "$NODE_VERSION" -ge 22 ]; then
-    ok "Node.js $(node -v) already installed"
-  else
-    need "Node.js $(node -v) is too old — installing Node.js 22..."
-    brew install node@22
-    ok "Node.js updated"
-  fi
-else
-  need "Installing Node.js..."
-  brew install node
-  ok "Node.js installed"
-fi
-
-# 3. MongoDB
-if check mongod; then
-  ok "MongoDB already installed"
-else
-  need "Installing MongoDB..."
-  brew tap mongodb/brew 2>/dev/null || true
-  brew install mongodb-community
-  ok "MongoDB installed"
-fi
-
-# Start MongoDB if not running
-if ! pgrep -x mongod &>/dev/null; then
-  need "Starting MongoDB..."
-  brew services start mongodb-community
-  ok "MongoDB started"
-else
-  ok "MongoDB already running"
-fi
-
-# 4. Git
-if check git; then
-  ok "Git already installed"
-else
-  need "Installing Git..."
-  brew install git
-  ok "Git installed"
-fi
-
-echo ""
-echo "All prerequisites installed."
-echo "Next: run 'npm install && npm run setup' to configure Hive."
-echo ""