@khanhcan148/mk 0.1.18 → 0.1.19

package/README.md

@@ -88,7 +88,7 @@ cp -r .claude ~/.claude/
 
 ```
 ├── .claude/
-│   ├── agents/      # 32 agents (5 primary + 27 utility: implementers, quality, docs, specialized, concerns)
+│   ├── agents/      # 36 agents (5 primary + 31 utility: implementers, quality, docs, specialized, concerns, brainstorm critics)
 │   ├── skills/      # 67 skill packages (SKILL.md + scripts/references/assets)
 │   │   ├── mk-*/    # 20 workflow commands (/mk-audit, /mk-brainstorm, /mk-log-analysis, /mk-overview, /mk-wiki, etc.)
 │   │   └── ...      # Domain skills (frontend, backend, testing, browser automation, etc.)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@khanhcan148/mk",
-  "version": "0.1.18",
+  "version": "0.1.19",
   "description": "CLI to install and manage MyClaudeKit (.claude/) in your projects",
   "type": "module",
   "bin": {

package/src/commands/auth.js

@@ -138,6 +138,17 @@ export async function statusAction(deps = {}) {
     process.stdout.write(chalk.green('Repo access: granted\n'));
   } else {
     process.stdout.write(chalk.red('Repo access: denied\n'));
-    process.stdout.write('Contact the repository owner for collaborator access.\n');
+    const hasRepoScope = access.scopes?.some((s) => s === 'repo');
+    if (access.status === 404 && access.scopes && !hasRepoScope) {
+      // 404 with no 'repo' scope usually means the token can't see the private
+      // KIT_REPO — re-authenticating picks up the new default scope.
+      const current = access.scopes.length ? access.scopes.join(', ') : 'none';
+      process.stdout.write(
+        `Token is missing the 'repo' scope (current scopes: ${current}).\n` +
+        "Run 'mk auth logout && mk auth login' to re-authenticate with the required scope.\n"
+      );
+    } else {
+      process.stdout.write('Contact the repository owner for collaborator access.\n');
+    }
   }
 }

package/src/commands/update.js

@@ -32,7 +32,7 @@ import { isEmptyDir } from '../lib/fs-utils.js';
  * @param {string} str
  * @returns {string}
  */
-function stripTerminalEscapes(str) {
+export function stripTerminalEscapes(str) {
   return str
     .replace(/\x1b\[[0-9;]*[a-zA-Z]/g, '')         // CSI sequences
     .replace(/\x1b\].*?(\x07|\x1b\\)/gs, '')         // OSC sequences (dotAll for multiline)

package/src/lib/auth.js

@@ -82,8 +82,15 @@ export async function validateToken(token) {
 /**
  * Check whether the token has access to the kit repository.
  *
+ * Returns the HTTP status and any scopes reported via the `x-oauth-scopes`
+ * response header so callers can disambiguate common failure modes:
+ *   - 404 + no 'repo' scope  → token lacks scope (most common for a private KIT_REPO)
+ *   - 404 + has 'repo' scope → authenticated account is not a collaborator
+ *   - 403                    → SSO or rate-limit block
+ *   - 0                      → network error
+ *
  * @param {string} token
- * @returns {Promise<{ accessible: boolean }>}
+ * @returns {Promise<{ accessible: boolean, status: number, scopes: string[] }>}
  */
 export async function checkRepoAccess(token) {
   try {
@@ -93,12 +100,17 @@ export async function checkRepoAccess(token) {
         Accept: 'application/vnd.github.v3+json'
       }
     });
-    return { accessible: res.ok };
+    return { accessible: res.ok, status: res.status, scopes: parseScopes(res) };
   } catch {
-    return { accessible: false };
+    return { accessible: false, status: 0, scopes: [] };
   }
 }
 
+function parseScopes(res) {
+  const raw = res.headers?.get?.('x-oauth-scopes') || '';
+  return raw.split(',').map((s) => s.trim()).filter(Boolean);
+}
+
 // ---------------------------------------------------------------------------
 // OAuth Device Flow
 // ---------------------------------------------------------------------------
@@ -127,9 +139,15 @@ export async function startDeviceFlow(opts = {}) {
       'Content-Type': 'application/x-www-form-urlencoded',
       Accept: 'application/json'
     },
-    // Empty scope sufficient for public repos (5000 req/hr). Set MK_OAUTH_SCOPE=repo for private forks.
+    // KIT_REPO is private, so 'repo' scope is required to read it. Default to 'repo'.
+    // Override with MK_OAUTH_SCOPE for public forks (e.g. MK_OAUTH_SCOPE='' for no scope,
+    // or MK_OAUTH_SCOPE='public_repo' for public-only access).
+    // `??` (not `||`) so an explicit empty string is honored as an opt-out.
     // Use URLSearchParams to prevent parameter injection via env var containing '&' chars.
-    body: new URLSearchParams({ client_id: GITHUB_CLIENT_ID, scope: process.env.MK_OAUTH_SCOPE || '' }).toString()
+    body: new URLSearchParams({
+      client_id: GITHUB_CLIENT_ID,
+      scope: process.env.MK_OAUTH_SCOPE ?? 'repo'
+    }).toString()
   });
 
   if (!codeRes.ok) {

package/src/lib/copy.js

@@ -81,6 +81,14 @@ export function collectDiskFiles(targetDir) {
   return results;
 }
 
+/**
+ * @typedef {Object} FileEntry
+ * @property {string} relativePath - Path relative to the target .claude/ (POSIX separators, e.g. ".claude/agents/foo.md")
+ * @property {string} absolutePath - Destination absolute path under targetDir (where the file is copied to)
+ * @property {string} sourceAbsPath - Source absolute path under sourceDir (where the file is copied from)
+ * @property {number} size - File size in bytes, captured at copy time
+ */
+
 /**
  * Copy kit files from sourceDir (.claude/) to targetDir (.claude/).
  * Only copies KIT_SUBDIRS (agents/, skills/, workflows/).
@@ -88,7 +96,7 @@ export function collectDiskFiles(targetDir) {
  * @param {string} sourceDir - Absolute path to source .claude/
  * @param {string} targetDir - Absolute path to target .claude/
  * @param {{ dryRun: boolean }} options
- * @returns {Array<{ relativePath: string, absolutePath: string, sourceAbsPath: string, size: number }>}
+ * @returns {FileEntry[]}
  * @remarks Naming convention: `absolutePath` is the destination (under targetDir),
  *       `sourceAbsPath` is the source (under sourceDir). The asymmetry is intentional —
  *       renaming would break consumers (update.js). See DEBT-016.

package/src/lib/download.js

@@ -39,6 +39,24 @@ export function assertGitHubHostname(url) {
   } catch {
     throw new Error(`SSRF guard: invalid URL "${url}"`);
   }
+  // H9/H10: block non-TLS schemes. Plain http:// to github.com can be MITM-redirected,
+  // and the kit download path has no reason to accept anything but https.
+  if (parsed.protocol !== 'https:') {
+    // Truncate to guard against log injection via crafted long / newline-containing schemes.
+    const safeScheme = String(parsed.protocol).slice(0, 20);
+    throw new Error(
+      `SSRF guard: scheme "${safeScheme}" is not allowed. ` +
+      `Only https: is permitted for kit downloads.`
+    );
+  }
+  // Block userinfo-prefixed URLs (user:pass@host) — they can mask the true
+  // hostname in server-side url parsers or confuse logging/auditing.
+  if (parsed.username || parsed.password) {
+    throw new Error(
+      `SSRF guard: userinfo-prefixed URL is not allowed. ` +
+      `Credentials in the URL (user:pass@host) are rejected for kit downloads.`
+    );
+  }
   const { hostname } = parsed;
   if (!ALLOWED_HOSTS.has(hostname)) {
     throw new Error(