@lumoai/cli 1.5.0 → 1.6.0

package/dist/cli/src/index.js

@@ -45,6 +45,7 @@ const hook_1 = require("./commands/hook");
 const session_attach_1 = require("./commands/session-attach");
 const session_detach_1 = require("./commands/session-detach");
 const session_status_1 = require("./commands/session-status");
+const session_wrap_1 = require("./commands/session-wrap");
 const task_context_1 = require("./commands/task-context");
 const task_create_1 = require("./commands/task-create");
 const task_update_1 = require("./commands/task-update");
@@ -66,6 +67,11 @@ const task_artifact_list_1 = require("./commands/task-artifact-list");
 const task_artifact_show_1 = require("./commands/task-artifact-show");
 const task_artifact_rm_1 = require("./commands/task-artifact-rm");
 const task_artifact_update_1 = require("./commands/task-artifact-update");
+const task_slack_show_1 = require("./commands/task-slack-show");
+const task_web_show_1 = require("./commands/task-web-show");
+const task_figma_context_1 = require("./commands/task-figma-context");
+const task_comment_list_1 = require("./commands/task-comment-list");
+const task_pr_show_1 = require("./commands/task-pr-show");
 const project_list_1 = require("./commands/project-list");
 const milestone_list_1 = require("./commands/milestone-list");
 const milestone_create_1 = require("./commands/milestone-create");
@@ -83,6 +89,8 @@ const sprint_summary_1 = require("./commands/sprint-summary");
 const sprint_add_1 = require("./commands/sprint-add");
 const sprint_remove_1 = require("./commands/sprint-remove");
 const doc_create_1 = require("./commands/doc-create");
+const doc_import_gdoc_1 = require("./commands/doc-import-gdoc");
+const doc_sync_1 = require("./commands/doc-sync");
 const doc_update_1 = require("./commands/doc-update");
 const doc_show_1 = require("./commands/doc-show");
 const doc_list_1 = require("./commands/doc-list");
@@ -96,6 +104,7 @@ const doc_move_1 = require("./commands/doc-move");
 const update_1 = require("./commands/update");
 const setup_1 = require("./commands/setup");
 const update_check_1 = require("./lib/update-check");
+const sanitize_1 = require("./lib/sanitize");
 // Resolve package.json relative to __dirname so this works regardless of how
 // deep the compiled output ends up (flat dist/ or nested dist/cli/src/).
 const pkg = require(path.resolve(__dirname, '../../..', 'package.json'));
@@ -138,7 +147,7 @@ function wrap(fn) {
         }
         catch (err) {
             const msg = err instanceof Error ? err.message : String(err);
-            console.error(`Error: ${msg}`);
+            console.error(`Error: ${(0, sanitize_1.sanitizeField)(msg)}`);
             process.exit(1);
         }
     };
@@ -170,6 +179,7 @@ program
     .option('--user', 'Install into ~/.claude (applies across all projects for this user)')
     .option('--project', 'Install into ./.claude (applies to the current project only)')
     .option('--force', 'Overwrite an existing SKILL.md when its contents differ from the bundled version')
+    .option('--agent <token>', 'Coding agent these hooks run under (claude-code, codex, cursor, gemini-cli, github-copilot, windsurf). Baked into every hook command. Defaults to claude-code.')
     .action(wrap(options => (0, setup_1.setup)(options)));
 const session = program
     .command('session')
@@ -186,6 +196,12 @@ session
     .command('detach')
     .description('Clear the task binding on the current Claude Code session. Past hook events keep their taskId; only future events become untagged.')
     .action(wrap(() => (0, session_detach_1.sessionDetach)()));
+session
+    .command('wrap')
+    .description("Session-end wrap-up: draft a progress comment from this session's turn summaries and post it to the bound task after confirmation.")
+    .option('-y, --yes', 'Post the drafted comment without prompting (agent-friendly)')
+    .option('--dry-run', 'Print the draft but do not post or advance the watermark')
+    .action(wrap(options => (0, session_wrap_1.sessionWrap)(options)));
 const task = program
     .command('task')
     .description('Inspect tasks from the terminal');
@@ -243,6 +259,38 @@ taskFigma
     .command('refresh <task>')
     .description('Re-fetch Figma metadata + thumbnail for every link on this task. Per-link failures isolated.')
     .action(wrap((taskId) => (0, task_figma_refresh_1.taskFigmaRefresh)({ identifier: taskId })));
+// Tier-2 retrieval commands (LUM-122). `task context` prints the matching
+// command at the end of each cheap inline card; the agent runs it to pull the
+// full content on demand.
+const taskSlack = task.command('slack').description('Inspect Slack context');
+taskSlack
+    .command('show <identifier> <contextId>')
+    .description('Show the full stored Slack thread snapshot')
+    .action(wrap((id, ctx) => (0, task_slack_show_1.taskSlackShow)(id, ctx)));
+const taskWeb = task.command('web').description('Inspect web link content');
+taskWeb
+    .command('show <identifier> <linkId>')
+    .description('Show the fetched web link body as plain text')
+    .action(wrap((id, link) => (0, task_web_show_1.taskWebShow)(id, link)));
+// taskFigma already exists above → attach the context leaf to it.
+taskFigma
+    .command('context <identifier> <linkId>')
+    .description('Show the cached Figma design context (metadata)')
+    .action(wrap((id, link) => (0, task_figma_context_1.taskFigmaContext)(id, link)));
+// Plural `comments` parent: `task comment <id> <body>` already exists for
+// adding a comment, and commander disallows a duplicate name.
+const taskComments = task
+    .command('comments')
+    .description('Inspect the full task comment thread');
+taskComments
+    .command('list <identifier>')
+    .description('List the full task comment thread')
+    .action(wrap(id => (0, task_comment_list_1.taskCommentList)(id)));
+const taskPr = task.command('pr').description('Inspect linked PRs');
+taskPr
+    .command('show <identifier> <number>')
+    .description('Show the synced PR record (diff/review comments when available)')
+    .action(wrap((id, num) => (0, task_pr_show_1.taskPrShow)(id, num)));
 const taskMemory = task
     .command('memory')
     .description('View and record memories scoped to a task');
@@ -269,6 +317,7 @@ taskMemory
     .option('--applies <text>', 'convention: where the rule applies')
     .option('--workflow <text>', 'procedural: the workflow name')
     .option('--step <text>', 'procedural: a step (repeatable)', collect, [])
+    .option('--agent <agent>', 'Producing agent: claude-code | codex | cursor | gemini-cli | github-copilot | windsurf (default claude-code)')
     .action(wrap((taskArg, opts) => (0, memory_task_add_1.memoryTaskAdd)(taskArg, opts)));
 const taskArtifact = task
     .command('artifact')
@@ -334,6 +383,7 @@ projectMemory
     .option('--applies <text>', 'convention: where it applies')
     .option('--workflow <text>', 'procedural workflow')
     .option('--step <text>', 'procedural step (repeatable)', collect, [])
+    .option('--agent <agent>', 'Producing agent: claude-code | codex | cursor | gemini-cli | github-copilot | windsurf (default claude-code)')
     .action(wrap((p, opts) => (0, memory_project_add_1.memoryProjectAdd)(p, opts)));
 const memoryCmd = program
     .command('memory')
@@ -463,6 +513,16 @@ doc
     .option('--tag <name>', 'Attach tag by name (repeatable)', collect, [])
     .option('--tag-id <cuid>', 'Attach tag by id (repeatable)', collect, [])
     .action(wrap((title, opts) => (0, doc_create_1.docCreate)(title, opts)));
+doc
+    .command('import-gdoc <url>')
+    .description('Import a Google Doc as a Lumo doc (one-way Google → Lumo)')
+    .option('--scope <scope>', 'personal | workspace (default: personal)')
+    .option('--task <LUM-N>', 'Bind the imported doc to this task')
+    .action(wrap((url, opts) => (0, doc_import_gdoc_1.docImportGdoc)(url, opts)));
+doc
+    .command('sync <doc>')
+    .description('Re-sync a Google-imported doc (overwrites the Lumo body)')
+    .action(wrap(ref => (0, doc_sync_1.docSync)(ref)));
 doc
     .command('update <doc>')
     .description('Update an existing document. <doc> accepts a cuid or a case-insensitive title (ambiguous titles fail with candidates). Replacement body comes from --content, --file, or piped stdin (pick one). --tag/--tag-id (bulk replace) cannot be combined with --add-tag/--add-tag-id/--remove-tag/--remove-tag-id.')
@@ -551,110 +611,122 @@ task
 const hook = program
     .command('hook')
     .description('Claude Code hook ingestion (invoked by settings.json, not humans)');
-hook
-    .command('pre-tool-use')
-    .description('Forward a PreToolUse hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('pre-tool-use')));
-hook
-    .command('post-tool-use')
-    .description('Forward a PostToolUse hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('post-tool-use')));
-hook
-    .command('post-tool-use-failure')
-    .description('Forward a PostToolUseFailure hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('post-tool-use-failure')));
-hook
-    .command('user-prompt-submit')
-    .description('Forward a UserPromptSubmit hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('user-prompt-submit')));
-hook
-    .command('stop')
-    .description('Forward a Stop hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('stop')));
-hook
-    .command('stop-failure')
-    .description('Forward a StopFailure hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('stop-failure')));
-hook
-    .command('permission-request')
-    .description('Forward a PermissionRequest hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('permission-request')));
-hook
-    .command('permission-denied')
-    .description('Forward a PermissionDenied hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('permission-denied')));
-hook
-    .command('session-start')
-    .description('Forward a SessionStart hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('session-start')));
-hook
-    .command('session-end')
-    .description('Forward a SessionEnd hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('session-end')));
-hook
-    .command('subagent-start')
-    .description('Forward a SubagentStart hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('subagent-start')));
-hook
-    .command('subagent-stop')
-    .description('Forward a SubagentStop hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('subagent-stop')));
-hook
-    .command('worktree-create')
-    .description('Forward a WorktreeCreate hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('worktree-create')));
-hook
-    .command('worktree-remove')
-    .description('Forward a WorktreeRemove hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('worktree-remove')));
-hook
-    .command('file-changed')
-    .description('Forward a FileChanged hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('file-changed')));
-hook
-    .command('config-change')
-    .description('Forward a ConfigChange hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('config-change')));
-hook
-    .command('task-created')
-    .description('Forward a TaskCreated hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('task-created')));
-hook
-    .command('task-completed')
-    .description('Forward a TaskCompleted hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('task-completed')));
-hook
-    .command('post-tool-batch')
-    .description('Forward a PostToolBatch hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('post-tool-batch')));
-hook
-    .command('user-prompt-expansion')
-    .description('Forward a UserPromptExpansion hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('user-prompt-expansion')));
-hook
-    .command('notification')
-    .description('Forward a Notification hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('notification')));
-hook
-    .command('elicitation')
-    .description('Forward an Elicitation hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('elicitation')));
-hook
-    .command('elicitation-result')
-    .description('Forward an ElicitationResult hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('elicitation-result')));
-hook
-    .command('cwd-changed')
-    .description('Forward a CwdChanged hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('cwd-changed')));
-hook
-    .command('instructions-loaded')
-    .description('Forward an InstructionsLoaded hook event to Lumo (reads JSON from stdin)')
-    .action(wrap(() => (0, hook_1.hookCommand)('instructions-loaded')));
+// Slug → help-text for every `lumo hook <slug>` subcommand. Each one accepts
+// an optional `--agent <token>` flag (baked into settings.json by `lumo setup
+// --agent <token>`); the value rides to the server as the X-Lumo-Agent header
+// so auto-sedimented memories are attributed to the agent that produced them.
+// Keep this list in sync with LUMO_HOOK_EVENTS (cli/src/lib/hooks-template.ts)
+// and the server-side HookEventType slugs.
+const HOOK_SUBCOMMANDS = [
+    [
+        'pre-tool-use',
+        'Forward a PreToolUse hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'post-tool-use',
+        'Forward a PostToolUse hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'post-tool-use-failure',
+        'Forward a PostToolUseFailure hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'user-prompt-submit',
+        'Forward a UserPromptSubmit hook event to Lumo (reads JSON from stdin)',
+    ],
+    ['stop', 'Forward a Stop hook event to Lumo (reads JSON from stdin)'],
+    [
+        'stop-failure',
+        'Forward a StopFailure hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'permission-request',
+        'Forward a PermissionRequest hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'permission-denied',
+        'Forward a PermissionDenied hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'session-start',
+        'Forward a SessionStart hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'session-end',
+        'Forward a SessionEnd hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'subagent-start',
+        'Forward a SubagentStart hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'subagent-stop',
+        'Forward a SubagentStop hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'worktree-create',
+        'Forward a WorktreeCreate hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'worktree-remove',
+        'Forward a WorktreeRemove hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'file-changed',
+        'Forward a FileChanged hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'config-change',
+        'Forward a ConfigChange hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'task-created',
+        'Forward a TaskCreated hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'task-completed',
+        'Forward a TaskCompleted hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'post-tool-batch',
+        'Forward a PostToolBatch hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'user-prompt-expansion',
+        'Forward a UserPromptExpansion hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'notification',
+        'Forward a Notification hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'elicitation',
+        'Forward an Elicitation hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'elicitation-result',
+        'Forward an ElicitationResult hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'cwd-changed',
+        'Forward a CwdChanged hook event to Lumo (reads JSON from stdin)',
+    ],
+    [
+        'instructions-loaded',
+        'Forward an InstructionsLoaded hook event to Lumo (reads JSON from stdin)',
+    ],
+];
+for (const [slug, description] of HOOK_SUBCOMMANDS) {
+    hook
+        .command(slug)
+        .description(description)
+        .option('--agent <token>', 'Coding agent that owns this session (e.g. claude-code, codex). Baked in by `lumo setup --agent`.')
+        .action(wrap((opts) => (0, hook_1.hookCommand)(slug, opts.agent)));
+}
 if (!isUpdateCheckWorker) {
     program.parseAsync(process.argv).catch(err => {
         const msg = err instanceof Error ? err.message : String(err);
-        console.error(`Error: ${msg}`);
+        console.error(`Error: ${(0, sanitize_1.sanitizeField)(msg)}`);
         process.exit(1);
     });
 }

package/dist/cli/src/lib/agent.js

@@ -5,7 +5,7 @@
  * mirrored here. Keep in sync with prisma `enum TaskArtifactAgent`.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.VALID_AGENT_TOKENS = exports.AGENT_LABELS = void 0;
+exports.VALID_AGENT_TOKENS = exports.ENUM_TO_TOKEN = exports.AGENT_LABELS = void 0;
 exports.normalizeAgent = normalizeAgent;
 /** enum value → display label (matches lib/i18n en.json taskArtifact.agent.*) */
 exports.AGENT_LABELS = {
@@ -16,6 +16,15 @@ exports.AGENT_LABELS = {
     GITHUB_COPILOT: 'GitHub Copilot',
     WINDSURF: 'Windsurf',
 };
+/** enum value → canonical CLI token (inverse of the non-alias TOKEN_TO_ENUM rows) */
+exports.ENUM_TO_TOKEN = {
+    CLAUDE_CODE: 'claude-code',
+    CODEX: 'codex',
+    CURSOR: 'cursor',
+    GEMINI_CLI: 'gemini-cli',
+    GITHUB_COPILOT: 'github-copilot',
+    WINDSURF: 'windsurf',
+};
 /** accepted CLI token (normalized) → enum value */
 const TOKEN_TO_ENUM = {
     'claude-code': 'CLAUDE_CODE',

package/dist/cli/src/lib/api.js

@@ -1,12 +1,92 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.assertSafeApiUrl = assertSafeApiUrl;
+exports.hostMismatchWarning = hostMismatchWarning;
+exports.resolveAuthedApiUrl = resolveAuthedApiUrl;
 exports.resolveApiUrl = resolveApiUrl;
 exports.trimTrailingSlash = trimTrailingSlash;
 exports.verifyToken = verifyToken;
 const DEFAULT_API_URL = 'https://www.uselumo.ai';
+// Hostnames allowed to use plaintext http:// — local dev only. Everything
+// else MUST be https:// so the Bearer token is never sent in the clear.
+// `URL.hostname` returns IPv6 literals wrapped in brackets, so `::1` appears
+// as `[::1]`.
+const LOCALHOST_HOSTNAMES = new Set([
+    'localhost',
+    '127.0.0.1',
+    '::1',
+    '[::1]',
+]);
+/**
+ * Throw if `url` is not a safe target for sending the API token.
+ *
+ * The CLI attaches a `Bearer` token (and the hook runner POSTs full session
+ * content) to whatever `LUMO_API_URL` resolves to. An attacker who can set
+ * that env var could otherwise exfiltrate the token / session stream by
+ * pointing it at their own host, or downgrade to http:// to sniff it in
+ * plaintext. We therefore require https://, with an http:// exception for
+ * localhost so local dev still works.
+ */
+function assertSafeApiUrl(url) {
+    let parsed;
+    try {
+        parsed = new URL(url);
+    }
+    catch {
+        throw new Error(`Invalid LUMO_API_URL: "${url}" is not a valid URL`);
+    }
+    if (parsed.protocol === 'https:')
+        return;
+    if (parsed.protocol === 'http:' && LOCALHOST_HOSTNAMES.has(parsed.hostname)) {
+        return;
+    }
+    throw new Error(`Refusing to use insecure API URL "${url}": only https:// is allowed ` +
+        `(http:// permitted for localhost only). This protects your API token ` +
+        `and session data from being sent in plaintext or to an untrusted host.`);
+}
+/**
+ * Return a prominent warning when the resolved API host differs from the host
+ * the credentials were issued for, otherwise null. Compares hostname only
+ * (case-insensitive, courtesy of URL parsing). Used to warn-then-send: a host
+ * change is suspicious (possible token exfiltration) but intentional dev/env
+ * redirects are legitimate, so we surface it rather than block.
+ */
+function hostMismatchWarning(resolvedUrl, credsApiUrl) {
+    let resolvedHost;
+    let credsHost;
+    try {
+        resolvedHost = new URL(resolvedUrl).hostname;
+        credsHost = new URL(credsApiUrl).hostname;
+    }
+    catch {
+        return null;
+    }
+    if (resolvedHost === credsHost)
+        return null;
+    return (`⚠ LUMO_API_URL points at "${resolvedHost}" but your credentials were ` +
+        `issued for "${credsHost}". Your API token will be sent there. If you did ` +
+        `not set this, your token may be exfiltrated — unset LUMO_API_URL.`);
+}
+/**
+ * Resolve the API URL for an authenticated command: prefer a non-empty
+ * `LUMO_API_URL` override, else the baked-in `credsApiUrl`. The resolved URL
+ * is validated (throws on an insecure target) and any host-mismatch warning is
+ * routed to `opts.warn` (defaults to stderr via console.error).
+ */
+function resolveAuthedApiUrl(credsApiUrl, opts) {
+    const envUrl = process.env.LUMO_API_URL?.trim();
+    const apiUrl = envUrl && envUrl.length > 0 ? envUrl : credsApiUrl;
+    assertSafeApiUrl(apiUrl);
+    const warning = hostMismatchWarning(apiUrl, credsApiUrl);
+    if (warning)
+        (opts?.warn ?? ((m) => console.error(m)))(warning);
+    return apiUrl;
+}
 function resolveApiUrl() {
     const url = process.env.LUMO_API_URL?.trim();
-    return url && url.length > 0 ? url : DEFAULT_API_URL;
+    const resolved = url && url.length > 0 ? url : DEFAULT_API_URL;
+    assertSafeApiUrl(resolved);
+    return resolved;
 }
 function trimTrailingSlash(url) {
     return url.replace(/\/+$/, '');

package/dist/cli/src/lib/config.js

@@ -33,6 +33,7 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.configDir = configDir;
 exports.credentialsPath = credentialsPath;
 exports.readCredentials = readCredentials;
 exports.writeCredentials = writeCredentials;
@@ -41,7 +42,7 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const os = __importStar(require("os"));
 function configDir() {
-    return path.join(os.homedir(), '.lumo');
+    return process.env.LUMO_CONFIG_DIR || path.join(os.homedir(), '.lumo');
 }
 function credentialsPath() {
     return path.join(configDir(), 'credentials.json');

package/dist/cli/src/lib/doc-input.js

@@ -37,6 +37,7 @@ exports.resolveDocContent = resolveDocContent;
 exports.readStdinToString = readStdinToString;
 exports.readFileUtf8 = readFileUtf8;
 const fs = __importStar(require("fs"));
+const path_guard_1 = require("./path-guard");
 /**
  * Pick one of --content / --file / stdin as the markdown source.
  * Explicit flags win: if --content or --file is set, stdin is ignored
@@ -56,7 +57,17 @@ async function resolveDocContent(args) {
     if (hasContent)
         return { kind: 'ok', markdown: args.content };
     if (hasFile) {
-        const text = await args.readFile(args.file);
+        const check = (args.checkFilePath ?? path_guard_1.checkArtifactFilePath)(args.file);
+        if (!check.ok) {
+            return {
+                kind: 'error',
+                message: check.reason === 'unreadable'
+                    ? `could not read file ${args.file}`
+                    : `refusing to read ${args.file} — ${check.detail}. ` +
+                        `--file must be a non-sensitive path inside the project directory.`,
+            };
+        }
+        const text = await args.readFile(check.resolved);
         return { kind: 'ok', markdown: text };
     }
     if (!args.stdinIsTTY) {

package/dist/cli/src/lib/editor.js

@@ -0,0 +1,66 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.editInEditor = editInEditor;
+const child_process_1 = require("child_process");
+const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+/**
+ * Open `initial` in the user's $EDITOR (fallback vi → nano), return the edited
+ * text. Degrades gracefully: when stdin is not a TTY (piped / agent) or the
+ * editor exits non-zero, the original text is returned unchanged so the caller
+ * can proceed without an interactive editor.
+ */
+async function editInEditor(initial) {
+    if (!process.stdin.isTTY)
+        return initial;
+    const editor = process.env.EDITOR || process.env.VISUAL || 'vi';
+    const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'lumo-wrap-'));
+    const file = path.join(dir, 'progress.md');
+    try {
+        fs.writeFileSync(file, initial, 'utf8');
+        const result = (0, child_process_1.spawnSync)(editor, [file], { stdio: 'inherit' });
+        if (result.status !== 0)
+            return initial;
+        return fs.readFileSync(file, 'utf8');
+    }
+    catch {
+        return initial;
+    }
+    finally {
+        fs.rmSync(dir, { recursive: true, force: true });
+    }
+}

package/dist/cli/src/lib/figma-api.js

@@ -18,7 +18,7 @@ async function call(path, init) {
     const creds = (0, config_1.readCredentials)();
     if (!creds)
         throw new Error('Not logged in. Run: lumo auth login');
-    const apiUrl = (0, api_1.resolveApiUrl)();
+    const apiUrl = (0, api_1.resolveAuthedApiUrl)(creds.apiUrl);
     const res = await fetch(`${(0, api_1.trimTrailingSlash)(apiUrl)}${path}`, {
         ...init,
         headers: {

package/dist/cli/src/lib/format.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.formatTaskListTable = formatTaskListTable;
+const sanitize_1 = require("./sanitize");
 /**
  * Render a task list as a fixed-width table. Each row:
  *   LUM-42  IN_PROGRESS  HIGH    project-name   Title here
@@ -14,8 +15,8 @@ function formatTaskListTable(tasks) {
         identifier: `${t.teamIdentifier}-${t.number}`,
         status: t.status,
         priority: t.priority,
-        project: t.project.name,
-        title: t.title,
+        project: (0, sanitize_1.sanitizeField)(t.project.name),
+        title: (0, sanitize_1.sanitizeField)(t.title),
     }));
     const widths = {
         identifier: Math.max(...rows.map(r => r.identifier.length)),