@keystrokehq/cli 0.0.1

package/dist/src-eHwu-Gfw.mjs

@@ -0,0 +1,369 @@
+#!/usr/bin/env node
+
+import { a as createKyInstance, i as buildSearchParams, n as auth, r as bundles, s as getClientEnv, t as projects$1 } from "./projects-CHkRE9rS.mjs";
+//#region ../../packages/workflow-sdk/src/v1/agents.ts
+const agents = (api) => ({ list: (params) => api.get("agents", { searchParams: params }).json() });
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/api-keys.ts
+const apiKeys = (api) => ({
+	/** List API keys for the current organization. */
+	list: () => api.get("api-keys").json(),
+	/** Create a new API key. The key value is only returned once. */
+	create: (params) => api.post("api-keys", { json: params ?? {} }).json(),
+	/** Delete an API key. */
+	remove: (id) => api.delete(`api-keys/${id}`).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/connections.ts
+const connections = (api) => ({ 
+/**
+* Returns the caller's configured connections.
+*
+* @param params Optional filters. See `ListConnectionsQuerySchema` in
+*   `@keystroke/shared-types/connections` for the authoritative schema.
+*/
+list: (params) => {
+	const searchParams = buildSearchParams(params);
+	return api.get("connections", searchParams ? { searchParams } : {}).json();
+} });
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/credentials.ts
+const credentials = (api) => ({
+	/** List credential sets, optionally filtered. */
+	list: (params) => {
+		const searchParams = buildSearchParams(params);
+		return api.get("credentials", searchParams ? { searchParams } : {}).json();
+	},
+	/** Create a new credential set. */
+	create: (params) => api.post("credentials", { json: params }).json(),
+	/** Get a credential set by ID. */
+	getById: (id) => api.get(`credentials/${id}`).json(),
+	/** Update a credential set (metadata only). */
+	update: (id, params) => api.patch(`credentials/${id}`, { json: params }).json(),
+	/** Delete a credential set. */
+	remove: (id) => api.delete(`credentials/${id}`).json(),
+	/** Update credential values (secrets) for a credential set. */
+	updateValues: (id, params) => api.put(`credentials/${id}/values`, { json: params }).json(),
+	/** Resolve decrypted credential values for an integration. */
+	resolve: (params) => api.post("credentials/resolve", { json: params }).json(),
+	/**
+	* Exchange user-submitted `input` for a stored credential payload via
+	* an authored `credentials-exchange` connection.
+	*
+	* Returns `{ status: 'exchanged', ... }` on success or
+	* `{ status: 'needs-reinput', message? }` when the exchange hook
+	* rejects the input. The CLI and web UI render the `message` and
+	* return the user to the connect form on `needs-reinput`.
+	*
+	* @see packages/credential-connection/src/exchange.ts executeCredentialsExchange
+	*/
+	exchange: (params) => api.post("credentials/exchange", { json: params }).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/hooks.ts
+const hooks = (api) => ({
+	/** Resume a wait hook with optional payload. Continues workflow execution. */
+	resume: (token, payload) => api.post(`hooks/${token}/resume`, { json: payload ?? {} }).json(),
+	/** Cancel a wait hook. Optionally provide a reason. */
+	cancel: (token, body) => api.post(`hooks/${token}/cancel`, { json: body ?? {} }).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/integrations.ts
+const integrations = (api) => ({ 
+/**
+* Returns the Keystroke integration catalog.
+*
+* Catalog data is effectively static for a given server deploy. Consumers
+* should cache the response for the lifetime of a UI session / CLI process
+* rather than refetching per command.
+*
+* @param params Optional query filters. See `ListIntegrationsQuerySchema`
+*   in `@keystroke/shared-types/connections` for the authoritative schema.
+*/
+list: (params) => {
+	const searchParams = buildSearchParams(params);
+	return api.get("integrations", searchParams ? { searchParams } : {}).json();
+} });
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/organizations.ts
+const organizations = (api) => ({
+	/** List organizations (paginated). */
+	list: (params) => api.get("organizations", { searchParams: params }).json(),
+	/** Create a new organization. */
+	create: (params) => api.post("organizations", { json: params }).json(),
+	/** Get an organization by ID. */
+	getById: (id) => api.get(`organizations/${id}`).json(),
+	/** Update an organization. */
+	update: (id, params) => api.patch(`organizations/${id}`, { json: params }).json(),
+	/** Delete an organization. */
+	remove: (id) => api.delete(`organizations/${id}`).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/projects.ts
+const projects = (api) => ({
+	/** List projects, optionally filtered by organization. */
+	list: (params) => api.get("projects", { searchParams: params }).json(),
+	/** Create a new project. */
+	create: (params) => api.post("projects", { json: params }).json(),
+	/** Get a project by ID. */
+	getById: (id) => api.get(`projects/${id}`).json(),
+	/** Update a project. */
+	update: (id, params) => api.patch(`projects/${id}`, { json: params }).json(),
+	/** Get a short-lived proxy token for the sandbox agent LLM proxy. */
+	getAgentToken: (id) => api.post(`projects/${id}/daytona-sandbox/agent-token`).json(),
+	/** Get git clone credentials for sandbox git operations. */
+	getGitToken: (id) => api.post(`projects/${id}/daytona-sandbox/git-token`).json(),
+	/** Delete a project. */
+	remove: (id) => api.delete(`projects/${id}`).then(() => void 0),
+	/** Roll back a project to a previous deployment snapshot. */
+	listDeployments: (projectId) => api.get(`projects/${projectId}/deployments`).json(),
+	/** Get a workflow snapshot from the current deployment for a project. */
+	getCurrentDeploymentWorkflow: (projectId, authoredWorkflowId) => api.get(`projects/${projectId}/deployments/current/workflows/${authoredWorkflowId}`).json(),
+	/** Roll back a project to a previous deployment snapshot. */
+	rollbackDeployment: (projectId, deploymentId) => api.post(`projects/${projectId}/deployments/${deploymentId}/rollback`).json(),
+	/** Get current user's subscription for a workflow in a project. */
+	getWorkflowSubscription: (projectId, workflowId) => api.get(`projects/${projectId}/workflows/${workflowId}/subscription`).json(),
+	/** Create or update current user's subscription for a workflow in a project. */
+	upsertWorkflowSubscription: (projectId, workflowId, params) => api.put(`projects/${projectId}/workflows/${workflowId}/subscription`, { json: params }).json(),
+	/** Remove current user's subscription for a workflow in a project. */
+	removeWorkflowSubscription: (projectId, workflowId) => api.delete(`projects/${projectId}/workflows/${workflowId}/subscription`).then(() => void 0)
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/public/index.ts
+const publicApi = (api) => ({
+	auth: auth(api),
+	projects: projects$1(api)
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/runs.ts
+const runs = (api) => ({
+	/** List recent workflow runs, optionally filtered by authored workflow id, workflow name, and status. */
+	listRuns: (params) => {
+		const searchParams = buildSearchParams(params);
+		return api.get("runs", searchParams ? { searchParams } : {}).json();
+	},
+	/** List workflow runs currently paused on an active wait or hook. */
+	listPausedRuns: (params) => {
+		const searchParams = buildSearchParams(params);
+		return api.get("runs/paused", searchParams ? { searchParams } : {}).json();
+	},
+	/** Get the current status, input, and output of a workflow run. */
+	getRun: (runId) => api.get(`runs/${runId}`).json(),
+	/** Inspect an agent run with its events, yielded child workflows, and latest replay snapshot. */
+	getAgentRun: (agentRunId) => api.get(`agent-runs/${agentRunId}`).json(),
+	/** List workflow events for a run. */
+	listEvents: (runId) => api.get(`runs/${runId}/events`).json(),
+	/** List workflow logs for a run. */
+	listLogs: (runId, params) => {
+		const searchParams = buildSearchParams(params);
+		return api.get(`runs/${runId}/logs`, searchParams ? { searchParams } : {}).json();
+	},
+	/** Delete a test run and all dependent records. */
+	deleteTestRun: (runId) => api.delete(`runs/${runId}`).json(),
+	/** Request cancellation of a sandbox agent within a run. */
+	cancelAgent: (runId, correlationId, body) => api.post(`runs/${runId}/agents/${correlationId}/cancel`, { json: body ?? {} }).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/steps.ts
+const steps = (api) => ({
+	/** List steps, optionally filtered by project. */
+	list: (params) => api.get("steps", { searchParams: params }).json(),
+	/** Create a new step definition. */
+	create: (params) => api.post("steps", { json: params }).json(),
+	/** Get a step by ID. */
+	getById: (id) => api.get(`steps/${id}`).json(),
+	/** Update a step definition. */
+	update: (id, params) => api.patch(`steps/${id}`, { json: params }).json(),
+	/** Delete a step definition. */
+	remove: (id) => api.delete(`steps/${id}`).then(() => void 0),
+	/** List versions of a step. */
+	listVersions: (id, params) => api.get(`steps/${id}/versions`, { searchParams: params }).json(),
+	/** Create a new version of a step. */
+	createVersion: (id, params) => api.post(`steps/${id}/versions`, { json: params }).json(),
+	/** Get a specific step version. */
+	getVersion: (id, version) => api.get(`steps/${id}/versions/${version}`).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/user-groups.ts
+const userGroups = (api) => ({
+	/** List user groups, optionally filtered by organization. */
+	list: (params) => api.get("user-groups", { searchParams: params }).json(),
+	/** Create a new user group. */
+	create: (params) => api.post("user-groups", { json: params }).json(),
+	/** Get a user group by ID. */
+	getById: (id) => api.get(`user-groups/${id}`).json(),
+	/** Update a user group. */
+	update: (id, params) => api.patch(`user-groups/${id}`, { json: params }).json(),
+	/** Delete a user group. */
+	remove: (id) => api.delete(`user-groups/${id}`).then(() => void 0),
+	/** List members of a user group. */
+	listMembers: (id) => api.get(`user-groups/${id}/members`).json(),
+	/** Add a member to a user group. */
+	addMember: (id, params) => api.post(`user-groups/${id}/members`, { json: params }).json(),
+	/** Remove a member from a user group. */
+	removeMember: (id, userId) => api.delete(`user-groups/${id}/members/${userId}`).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/users.ts
+const users = (api) => ({
+	/** Create a new user. */
+	create: (params) => api.post("users", { json: params }).json(),
+	/** Get the currently authenticated user. */
+	getMe: () => api.get("users/me").json(),
+	/** List current user's workflow subscriptions across projects. */
+	listSubscriptions: () => api.get("users/me/subscriptions").json(),
+	/** Get a user by ID. */
+	getById: (id) => api.get(`users/${id}`).json(),
+	/** Invite users to the current organization by email. */
+	invite: (params) => api.post("users/invite", { json: params }).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/webhooks.ts
+function buildWebhookEndpoint(organizationId, webhookPath) {
+	const normalizedPath = webhookPath.replace(/^\/+/, "");
+	if (!normalizedPath) throw new Error("webhookPath is required");
+	return `webhooks/${encodeURIComponent(organizationId)}/${encodeURIComponent(normalizedPath)}`;
+}
+function isBodyInit(body) {
+	if (typeof body === "string") return true;
+	if (typeof FormData !== "undefined" && body instanceof FormData) return true;
+	if (typeof URLSearchParams !== "undefined" && body instanceof URLSearchParams) return true;
+	if (typeof Blob !== "undefined" && body instanceof Blob) return true;
+	if (typeof ArrayBuffer !== "undefined" && body instanceof ArrayBuffer) return true;
+	if (typeof ReadableStream !== "undefined" && body instanceof ReadableStream) return true;
+	if (ArrayBuffer.isView(body)) return true;
+	return false;
+}
+function serializeWebhookRequestBody(body, headers) {
+	if (body === void 0) return void 0;
+	if (isBodyInit(body)) return body;
+	if (!headers.has("Content-Type")) headers.set("Content-Type", "application/json");
+	return JSON.stringify(body);
+}
+const webhooks = (api) => ({
+	/**
+	* Send a request directly to a custom webhook endpoint.
+	*
+	* Use this for public webhook ingress where the caller supplies the webhook
+	* path, HTTP method, provider auth/signature headers, query params, and body.
+	*/
+	send: (request) => {
+		const headers = new Headers(request.headers);
+		const body = serializeWebhookRequestBody(request.body, headers);
+		return api(buildWebhookEndpoint(request.organizationId, request.webhookPath), {
+			method: request.method ?? "POST",
+			headers,
+			body,
+			searchParams: request.searchParams
+		}).json();
+	},
+	/**
+	* Send a request to a webhook endpoint (simulates inbound webhook).
+	* Use for testing or forwarding webhook payloads.
+	*/
+	handle: (orgId, webhookId, options) => webhooks(api).send({
+		organizationId: orgId,
+		webhookPath: webhookId,
+		method: options?.method,
+		headers: options?.headers,
+		body: options?.body
+	}),
+	/** Replay a previously captured webhook request by ID. */
+	replay: (orgId, webhookId, requestId) => api.post(`webhooks/${orgId}/${webhookId}/replay/${requestId}`).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/v1/workflows.ts
+const workflows = (api) => ({
+	/** List workflows, optionally filtered by project. */
+	list: (params) => {
+		const searchParams = buildSearchParams(params);
+		return api.get("workflows", searchParams ? { searchParams } : {}).json();
+	},
+	/** Create a new workflow definition. */
+	create: (params) => api.post("workflows", { json: params }).json(),
+	/** Get a workflow by project-scoped authored ID. */
+	getById: (projectId, workflowId) => api.get(`projects/${projectId}/workflows/${workflowId}`).json(),
+	/** Update a workflow definition. */
+	update: (projectId, workflowId, params) => api.patch(`projects/${projectId}/workflows/${workflowId}`, { json: params }).json(),
+	/** Delete a workflow definition. */
+	remove: (projectId, workflowId) => api.delete(`projects/${projectId}/workflows/${workflowId}`).then(() => void 0),
+	/** Start a new run of a workflow. Returns immediately with a run ID. */
+	execute: (params) => api.post("workflows/execute", { json: params }).json(),
+	/** Test a workflow. Server upserts workflow, runs with source 'cli-test'. */
+	testById: (params) => api.post("workflows/test", { json: params }).json(),
+	/** Delete a test bundle from S3 storage. */
+	deleteTestBundle: (params) => api.delete("workflows/test", { json: params }).then(() => void 0),
+	/** Get the ReactFlow graph for the latest deployed version of a workflow. */
+	getGraph: (projectId, workflowId) => api.get(`projects/${projectId}/workflows/${workflowId}/graph`).json(),
+	/** Apply visual mutations (e.g. node position changes) to a workflow's graph state. */
+	applyMutations: (projectId, workflowId, params) => api.post(`projects/${projectId}/workflows/${workflowId}/graph`, { json: params }).json()
+});
+//#endregion
+//#region ../../packages/workflow-sdk/src/client.ts
+/**
+* Creates a Keystroke API client.
+*
+* Authentication is resolved in order: `getApiKey` > `apiKey` > `KEYSTROKE_API_KEY` env.
+* Base URL falls back to the `SERVER_URL` env variable when not provided.
+*
+* @example
+* ```ts
+* // Static API key
+* const client = createClient({ apiKey: 'wz_live_...' });
+*
+* // Dynamic token (e.g. from auth provider)
+* const client = createClient({
+*   baseUrl: 'https://api.keystroke.dev',
+*   getApiKey: () => getSession().then((s) => s.accessToken),
+* });
+*
+* // Execute a workflow
+* const { runId } = await client.workflows.execute({
+*   projectId: '00000000-0000-4000-8000-000000000001',
+*   authoredWorkflowId: 'onboard-user',
+*   args: [{ email: 'user@example.com' }],
+* });
+*
+* // Check run status
+* const { run } = await client.runs.getRun(runId);
+* ```
+*/
+function createClient(config = {}) {
+	const env = getClientEnv();
+	const baseUrl = config.baseUrl ?? env.SERVER_URL;
+	const apiKey = config.apiKey ?? env.KEYSTROKE_API_KEY;
+	const getApiKey = config.getApiKey;
+	const organizationId = config.organizationId ?? env.KEYSTROKE_ORG_ID;
+	const getOrganizationId = config.getOrganizationId;
+	if (!baseUrl) throw new Error("baseUrl is required (pass in config or set SERVER_URL)");
+	if (!(apiKey ?? getApiKey)) throw new Error("Keystroke API Key is required (pass apiKey, getApiKey, or set KEYSTROKE_API_KEY)");
+	const v1 = createKyInstance({
+		prefixUrl: baseUrl,
+		apiKey,
+		getApiKey,
+		organizationId,
+		getOrganizationId,
+		onRequest: config.onRequest,
+		onResponse: config.onResponse
+	}).extend((options) => ({ prefixUrl: `${options.prefixUrl}/api/v1` }));
+	return {
+		agents: agents(v1),
+		apiKeys: apiKeys(v1),
+		public: publicApi(v1),
+		bundles: bundles(v1),
+		connections: connections(v1),
+		credentials: credentials(v1),
+		hooks: hooks(v1),
+		integrations: integrations(v1),
+		organizations: organizations(v1),
+		projects: projects(v1),
+		runs: runs(v1),
+		steps: steps(v1),
+		userGroups: userGroups(v1),
+		users: users(v1),
+		webhooks: webhooks(v1),
+		workflows: workflows(v1)
+	};
+}
+//#endregion
+export { createClient };

package/dist/status.handler-BO4nwvWn.mjs

@@ -0,0 +1,101 @@
+#!/usr/bin/env node
+
+import { h as toErrorMessage, l as AUTH_HINT, m as isNetworkError, p as isAuthError, t as ui, u as REAUTH_HINT } from "./keystroke.mjs";
+//#region src/commands/auth/status.handler.ts
+async function getValidationStatus(ctx) {
+	if (!ctx.client) return { kind: "not_authenticated" };
+	try {
+		const result = await ctx.client.public.auth.validate();
+		return {
+			kind: "valid",
+			apiKeyId: result.apiKeyId,
+			organizationId: result.organizationId
+		};
+	} catch (error) {
+		const message = toErrorMessage(error);
+		if (isAuthError(error)) return {
+			kind: "invalid",
+			message
+		};
+		return {
+			kind: "unavailable",
+			message,
+			reason: isNetworkError(error) ? "network" : "other"
+		};
+	}
+}
+async function getLiveUser(ctx, validation) {
+	if (!ctx.client || validation.kind !== "valid") return;
+	try {
+		const { user } = await ctx.client.users.getMe();
+		return user;
+	} catch {
+		return;
+	}
+}
+function getLocalOrganization(ctx) {
+	if (!ctx.organizationId) return;
+	const org = ctx.storedCredentials?.orgs.find((entry) => entry.organizationId === ctx.organizationId);
+	if (!org) return { id: ctx.organizationId };
+	return {
+		id: org.organizationId,
+		name: org.organizationName
+	};
+}
+function getLiveOrganization(liveUser, organizationId) {
+	if (!liveUser || !organizationId) return;
+	const org = liveUser.organizations?.find((entry) => entry.id === organizationId);
+	if (!org) return;
+	return {
+		id: org.id,
+		name: org.name
+	};
+}
+function printOrganization(org) {
+	if (!org) {
+		ui.warn("No organization set. Use `keystroke org switch` or `--org` to select one.");
+		return;
+	}
+	if (org.name) {
+		ui.text(`Current organization: ${org.name}`);
+		return;
+	}
+	ui.text(`Current organization: ${org.id}`);
+}
+function printValidationStatus(validation) {
+	switch (validation.kind) {
+		case "valid":
+			ui.success("API key is valid.");
+			ui.hint(`Key ID: ${validation.apiKeyId}`);
+			return;
+		case "invalid":
+			ui.warn("Saved API key is invalid or expired.");
+			ui.hint(REAUTH_HINT);
+			ui.hint(`Validation error: ${validation.message}`);
+			return;
+		case "unavailable":
+			ui.warn(validation.reason === "network" ? "Could not reach the API to verify the saved API key." : "Could not verify the saved API key right now.");
+			ui.hint(`Validation error: ${validation.message}`);
+			return;
+		case "not_authenticated":
+			ui.warn(`Not authenticated. ${AUTH_HINT}`);
+			return;
+	}
+}
+async function handleAuthStatus(_options, ctx) {
+	const validation = await getValidationStatus(ctx);
+	const liveUser = await getLiveUser(ctx, validation);
+	const organization = getLiveOrganization(liveUser, ctx.organizationId ?? (validation.kind === "valid" ? validation.organizationId : void 0)) ?? getLocalOrganization(ctx);
+	const userEmail = liveUser?.email ?? ctx.storedCredentials?.user?.email;
+	ui.header("Keystroke CLI auth status");
+	if (userEmail) ui.text(`Signed in as: ${userEmail}`);
+	else if (validation.kind === "not_authenticated") ui.hint("No saved user identity found.");
+	else ui.warn("Signed-in user could not be determined from saved credentials.");
+	printOrganization(organization);
+	if (ctx.orgSource) ui.hint(`Source: ${ctx.orgSource}`);
+	printValidationStatus(validation);
+	if (ctx.baseUrl) ui.hint(`API URL: ${ctx.baseUrl}`);
+	ui.hint(`Credentials: ${ctx.credentialsPath}`);
+}
+//#endregion
+export { handleAuthStatus };

package/dist/switch.handler-D_9213Vf.mjs

@@ -0,0 +1,51 @@
+#!/usr/bin/env node
+
+import { D as throwReportedCliExit, t as ui } from "./keystroke.mjs";
+import { u as setActiveOrg } from "./dist-CUK7yBM0.mjs";
+import { i as requireClient } from "./context-T7HZuB97.mjs";
+import { select } from "@clack/prompts";
+//#region src/commands/org/switch.handler.ts
+async function handleOrgSwitch(_options, ctx) {
+	const { user } = await requireClient(ctx).users.getMe();
+	const orgs = user.organizations ?? [];
+	const storedOrgIds = new Set(ctx.storedCredentials?.orgs.map((o) => o.organizationId) ?? []);
+	if (orgs.length === 0) {
+		ui.warn("You do not belong to any organization.");
+		return;
+	}
+	if (orgs.length === 1) {
+		const name = orgs[0]?.name ?? "unknown";
+		ui.hint(`You only belong to one organization: ${name}`);
+		return;
+	}
+	const selected = await select({
+		message: "Switch to organization:",
+		options: orgs.map((org) => {
+			const isCurrent = org.id === ctx.organizationId;
+			const hasKey = storedOrgIds.has(org.id);
+			const hint = isCurrent ? "(current)" : hasKey ? void 0 : "No stored key, run `keystroke auth`";
+			return {
+				value: org.id,
+				label: org.name,
+				hint
+			};
+		})
+	});
+	if (typeof selected !== "string") {
+		ui.hint("Cancelled.");
+		return;
+	}
+	const selectedOrg = orgs.find((o) => o.id === selected);
+	if (!selectedOrg) {
+		ui.error("Selected organization not found.");
+		throwReportedCliExit("Selected organization not found.");
+	}
+	if (!storedOrgIds.has(selected)) {
+		ui.warn(`No stored API key for ${selectedOrg.name}. Run \`keystroke auth\` and select this org to add credentials.`);
+		return;
+	}
+	await setActiveOrg(selected);
+	ui.success(`Switched to ${selectedOrg.name}`);
+}
+//#endregion
+export { handleOrgSwitch };

package/dist/sync-BL_Mo5st.mjs

@@ -0,0 +1,39 @@
+#!/usr/bin/env node
+
+import { t as createTypedCommand } from "./commander-DfTVqQ-3.mjs";
+import { z } from "zod";
+//#region src/commands/sync/sync.command.ts
+/**
+* Sync command options schema
+*/
+const SyncOptionsSchema = z.object({
+	watch: z.boolean().default(false).describe("Watch for changes and sync automatically"),
+	force: z.boolean().default(false).describe("Force sync even if no changes detected")
+});
+/**
+* Commander option configuration for sync command
+*/
+const SYNC_OPTIONS_CONFIG = {
+	watch: {
+		flag: "--watch",
+		description: "Watch for changes and sync automatically"
+	},
+	force: {
+		flag: "--force",
+		description: "Force sync even if no changes detected"
+	}
+};
+/**
+* Creates the sync command
+*/
+function createSyncCommand() {
+	return createTypedCommand({
+		name: "sync",
+		description: "Sync local workflows with Keystroke",
+		schema: SyncOptionsSchema,
+		optionsConfig: SYNC_OPTIONS_CONFIG,
+		loadHandler: async () => (await import("./sync.handler-BUFPdzWz.mjs")).handleSync
+	});
+}
+//#endregion
+export { createSyncCommand };

package/dist/sync-keystroke-agent-skills-Kx_H7UTd.mjs

@@ -0,0 +1,70 @@
+#!/usr/bin/env node
+
+import { access, cp, mkdir, readdir } from "node:fs/promises";
+import path from "node:path";
+//#region src/lib/sync-keystroke-agent-skills.ts
+/**
+* Resolve the installed `@keystroke/skills` package root for a consumer project.
+*
+* Only checks `projectDir/node_modules/@keystroke/skills` (pnpm symlinks that path; npm/yarn lay out
+* the same). We intentionally do not walk ancestor directories — that avoids resolving a
+* unrelated workspace copy when TMPDIR or the project lives inside another repo.
+*/
+async function resolveKeystrokeSkillsPackageRoot(projectDir) {
+	const root = path.resolve(projectDir);
+	const marker = path.join(root, "node_modules", "@keystroke", "skills", "package.json");
+	try {
+		await access(marker);
+		return path.dirname(marker);
+	} catch {
+		return null;
+	}
+}
+async function listKeystrokeSkillDirectoryNames(skillsPackageRoot) {
+	const entries = await readdir(skillsPackageRoot, { withFileTypes: true });
+	const names = [];
+	for (const e of entries) {
+		if (!e.isDirectory()) continue;
+		if (e.name.startsWith(".")) continue;
+		try {
+			await access(path.join(skillsPackageRoot, e.name, "SKILL.md"));
+			names.push(e.name);
+		} catch {}
+	}
+	return names.sort();
+}
+/**
+* Copy each skill directory from `node_modules/@keystroke/skills/*` into
+* `.cursor/skills` and `.claude/skills` under `projectDir`.
+*/
+async function syncKeystrokeAgentSkills(projectDir) {
+	const packageRoot = await resolveKeystrokeSkillsPackageRoot(projectDir);
+	if (!packageRoot) return {
+		ok: false,
+		reason: "not_installed"
+	};
+	const names = await listKeystrokeSkillDirectoryNames(packageRoot);
+	if (names.length === 0) return {
+		ok: false,
+		reason: "no_skills_found",
+		packageRoot
+	};
+	const root = path.resolve(projectDir);
+	for (const name of names) {
+		const src = path.join(packageRoot, name);
+		for (const rel of [".cursor/skills", ".claude/skills"]) {
+			const dest = path.join(root, rel, name);
+			await mkdir(path.dirname(dest), { recursive: true });
+			await cp(src, dest, {
+				recursive: true,
+				force: true
+			});
+		}
+	}
+	return {
+		ok: true,
+		copied: names
+	};
+}
+//#endregion
+export { syncKeystrokeAgentSkills as t };