@m-kopa/launchpad-cli 0.39.0 → 0.40.0

package/CHANGELOG.md

@@ -6,6 +6,28 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html);
 pre-1.0 minor bumps may carry breaking changes per ADR 0005.
 
+## 0.40.0 — 2026-06-21
+
+Feature (sp-rptndg, PS-1601): `launchpad` now nudges you toward `launchpad bug`
+when a command fails because the **platform** misbehaved — so the reporting verbs
+are discoverable at the moment they're needed, not only to people who already
+know they exist.
+
+- A single one-line, **non-actionable** reminder prints (stderr) on platform
+  faults only: a bot 5xx, a network error, `✗ NO NEW DEPLOYMENT WAS CREATED`
+  (exit 69), or an unexpected crash. Classified by the typed HTTP error, **not**
+  an exit-code allowlist — the common platform faults (5xx / network) are caught
+  and returned as exit 1 inside commands, so an exit-code check would miss them.
+- Stays **quiet** for your-side failures (auth/401, forbidden/403,
+  not-found/404, `ApiError` 4xx, bad input, usage errors) and on non-interactive
+  output (CI, pipes, `--json`).
+- It **never files anything** — filing still shows you the report and asks you to
+  confirm first; the report carries only the last command name, never its args.
+- The `launchpad-deploy` and `launchpad-deploy-status` skills now point an agent
+  at `/launchpad-report` on a platform fault, preserving "never file silently".
+
+No portal-bot change.
+
 ## 0.39.0 — 2026-06-20
 
 Feature (sp-bld9kq, PS-1590): `launchpad deploy` now confirms a Cloudflare

package/dist/cli.js

@@ -19,7 +19,7 @@ var __toESM = (mod, isNodeMode, target) => {
 var __require = /* @__PURE__ */ createRequire(import.meta.url);
 
 // src/version.ts
-var CLI_VERSION = "0.39.0";
+var CLI_VERSION = "0.40.0";
 
 // src/config.ts
 import * as os from "node:os";
@@ -75,6 +75,28 @@ class TransportError extends Error {
   code = "transport_error";
 }
 
+// src/report/fault-signal.ts
+var last = null;
+function recordFault(err) {
+  if (err === null || typeof err !== "object")
+    return;
+  const code = err.code;
+  if (typeof code !== "string")
+    return;
+  const status = err.status;
+  last = typeof status === "number" ? { code, status } : { code };
+}
+function recordedFault(err) {
+  recordFault(err);
+  return err;
+}
+function clearFault() {
+  last = null;
+}
+function peekFault() {
+  return last;
+}
+
 // src/auth/flow.ts
 import { randomBytes as randomBytes4 } from "node:crypto";
 
@@ -838,7 +860,7 @@ async function apiJson(cfg, opts, fetcher = fetch) {
   try {
     parsed = await res.json();
   } catch (e) {
-    throw new TransportError(`bot returned non-JSON body for ${opts.path}: ${describe7(e)}`);
+    throw recordedFault(new TransportError(`bot returned non-JSON body for ${opts.path}: ${describe7(e)}`));
   }
   return parsed;
 }
@@ -880,27 +902,28 @@ async function apiRaw(cfg, opts, fetcher = fetch) {
   try {
     res = await fetcher(url, init);
   } catch (e) {
-    throw new TransportError(`network error calling ${url}: ${describe7(e)}`);
+    throw recordedFault(new TransportError(`network error calling ${url}: ${describe7(e)}`));
   }
   if (res.status === 401) {
     const detail = await peek(res);
-    throw new UnauthenticatedError(`bot returned 401 for ${opts.path}: ${detail} — run \`launchpad login\``);
+    throw recordedFault(new UnauthenticatedError(`bot returned 401 for ${opts.path}: ${detail} — run \`launchpad login\``));
   }
   if (res.status === 403) {
     const detail = await peek(res);
-    throw new ForbiddenError(`bot returned 403 for ${opts.path}: ${detail}`);
+    throw recordedFault(new ForbiddenError(`bot returned 403 for ${opts.path}: ${detail}`));
   }
   if (res.status === 404) {
     const detail = await peek(res);
-    throw new NotFoundError(`bot returned 404 for ${opts.path}: ${detail}`);
+    throw recordedFault(new NotFoundError(`bot returned 404 for ${opts.path}: ${detail}`));
   }
   if (!res.ok) {
     if (opts.nonThrowingStatuses?.includes(res.status) === true) {
       return res;
     }
     const detail = await peek(res);
-    throw new ApiError(`bot returned HTTP ${res.status} for ${opts.path}: ${detail}`, res.status);
+    throw recordedFault(new ApiError(`bot returned HTTP ${res.status} for ${opts.path}: ${detail}`, res.status));
   }
+  clearFault();
   return res;
 }
 async function peek(res) {
@@ -13720,6 +13743,52 @@ function printHelp6(io, commands) {
   io.out("silent until the grant session expires.");
 }
 
+// src/report/classify-fault.ts
+var PLATFORM_FAULT_EXIT_CODES = [69];
+function classifyFault(input3) {
+  if (input3.exitCode === 0)
+    return false;
+  if (PLATFORM_FAULT_EXIT_CODES.includes(input3.exitCode))
+    return true;
+  const f = input3.lastFault;
+  if (f === null)
+    return false;
+  if (f.code === "transport_error")
+    return true;
+  if (f.code === "api_error")
+    return (f.status ?? 0) >= 500;
+  return false;
+}
+
+// src/report/report-nudge.ts
+function nudgeSuppressed(ctx) {
+  if (ctx.env.CI)
+    return true;
+  if (!ctx.stderrIsTTY)
+    return true;
+  if (ctx.argv.includes("--json"))
+    return true;
+  const verb = ctx.argv[0];
+  if (verb === "bug" || verb === "feature")
+    return true;
+  return false;
+}
+function printNudge(io) {
+  io.err('This looks like a platform issue, not something you did — you can report it with `launchpad bug "<what you were trying to do>"` (the last command is attached automatically; don\'t paste secrets).');
+}
+function maybeReportNudge(io, ctx) {
+  if (nudgeSuppressed(ctx))
+    return;
+  if (!classifyFault({ exitCode: ctx.exitCode, lastFault: ctx.lastFault }))
+    return;
+  printNudge(io);
+}
+function maybeCrashReportNudge(io, ctx) {
+  if (nudgeSuppressed(ctx))
+    return;
+  printNudge(io);
+}
+
 // src/cli.ts
 var io = {
   out: (line) => {
@@ -13737,6 +13806,13 @@ dispatch(args, io).then((code) => {
   const elapsedMs = Date.now() - startedAt;
   process.exitCode = code;
   notifyAfterCommand(io, args);
+  maybeReportNudge(io, {
+    argv: args,
+    env: process.env,
+    stderrIsTTY: Boolean(process.stderr.isTTY),
+    exitCode: code,
+    lastFault: peekFault()
+  });
   maybeFirstRunNoticeReal(io, args);
   recordAfterCommandReal(args, code, elapsedMs);
 }).catch((err) => {
@@ -13745,6 +13821,11 @@ dispatch(args, io).then((code) => {
   process.stderr.write(`launchpad: unexpected error: ${msg}
 `);
   process.exitCode = 70;
+  maybeCrashReportNudge(io, {
+    argv: args,
+    env: process.env,
+    stderrIsTTY: Boolean(process.stderr.isTTY)
+  });
   maybeFirstRunNoticeReal(io, args);
   recordAfterCommandReal(args, 70, elapsedMs);
 });

package/dist/http/api-client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"api-client.d.ts","sourceRoot":"","sources":["../../src/http/api-client.ts"],"names":[],"mappings":"AA4BA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAM9C,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,OAAO,CAAC;IAC9D,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,qEAAqE;IACrE,QAAQ,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;IAC5B,+DAA+D;IAC/D,QAAQ,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACpD;;;;;;;OAOG;IACH,QAAQ,CAAC,mBAAmB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CAClD;AAED;;;GAGG;AACH,wBAAsB,OAAO,CAAC,CAAC,EAC7B,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,iBAAiB,EACvB,OAAO,GAAE,OAAO,KAAa,GAC5B,OAAO,CAAC,CAAC,CAAC,CAWZ;AAED;;;;;;;GAOG;AACH,wBAAsB,MAAM,CAC1B,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,iBAAiB,EACvB,OAAO,GAAE,OAAO,KAAa,GAC5B,OAAO,CAAC,QAAQ,CAAC,CA2FnB"}
+{"version":3,"file":"api-client.d.ts","sourceRoot":"","sources":["../../src/http/api-client.ts"],"names":[],"mappings":"AA4BA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAO9C,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,MAAM,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,OAAO,CAAC;IAC9D,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,qEAAqE;IACrE,QAAQ,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;IAC5B,+DAA+D;IAC/D,QAAQ,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACpD;;;;;;;OAOG;IACH,QAAQ,CAAC,mBAAmB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CAClD;AAED;;;GAGG;AACH,wBAAsB,OAAO,CAAC,CAAC,EAC7B,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,iBAAiB,EACvB,OAAO,GAAE,OAAO,KAAa,GAC5B,OAAO,CAAC,CAAC,CAAC,CAWZ;AAED;;;;;;;GAOG;AACH,wBAAsB,MAAM,CAC1B,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,iBAAiB,EACvB,OAAO,GAAE,OAAO,KAAa,GAC5B,OAAO,CAAC,QAAQ,CAAC,CA8FnB"}

package/dist/report/classify-fault.d.ts

@@ -0,0 +1,28 @@
+import type { RecordedFault } from "./fault-signal.js";
+/**
+ * Exit codes that are themselves platform-fault signals, independent of any
+ * recorded HTTP fault. Today only 69 = no-new-deployment (sp-bld9kq): the
+ * commit committed but Cloudflare never built it.
+ *
+ * NB the unhandled-crash exit (70, EX_SOFTWARE) is NOT here — it is emitted
+ * only from `cli.ts`'s top-level `.catch`, which nudges directly; a returned
+ * code never carries it.
+ */
+export declare const PLATFORM_FAULT_EXIT_CODES: readonly number[];
+export interface FaultClassifierInput {
+    readonly exitCode: number;
+    readonly lastFault: RecordedFault | null;
+}
+/**
+ * True iff the failure warrants a "file a bug" nudge.
+ *
+ * - exit 0 (incl. the soft pending/superseded/not-registered-yet outcomes)
+ *   is never a fault.
+ * - A platform-fault exit code (69) is a direct signal.
+ * - Otherwise classify by the last typed HTTP fault: `TransportError`
+ *   (network) and `ApiError` with status >= 500 (bot/server 5xx) are platform
+ *   faults; `ApiError` 4xx, 401/403/404, and any non-HTTP failure (local input,
+ *   usage) are NOT.
+ */
+export declare function classifyFault(input: FaultClassifierInput): boolean;
+//# sourceMappingURL=classify-fault.d.ts.map

package/dist/report/classify-fault.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"classify-fault.d.ts","sourceRoot":"","sources":["../../src/report/classify-fault.ts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEvD;;;;;;;;GAQG;AACH,eAAO,MAAM,yBAAyB,EAAE,SAAS,MAAM,EAAS,CAAC;AAEjE,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,aAAa,GAAG,IAAI,CAAC;CAC1C;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,oBAAoB,GAAG,OAAO,CAUlE"}

package/dist/report/fault-signal.d.ts

@@ -0,0 +1,23 @@
+/** The discriminant + (for `ApiError`) status of the last typed HTTP error. */
+export interface RecordedFault {
+    readonly code: string;
+    readonly status?: number;
+}
+/**
+ * Record the last typed error. Accepts any of the `http/errors.ts` classes
+ * (all carry a string `.code`; `ApiError` also carries `.status`). A non-error
+ * or code-less value is ignored, so a stray throw can never poison the signal.
+ */
+export declare function recordFault(err: unknown): void;
+/**
+ * Record then return the error — sugar for `throw recordedFault(new ApiError(…))`
+ * at the HTTP client throw sites, so recording can't be forgotten next to a throw.
+ */
+export declare function recordedFault<T>(err: T): T;
+/** Clear the recorded fault — called by the HTTP client on a 2xx success. */
+export declare function clearFault(): void;
+/** Read the last recorded fault (null if none / cleared). */
+export declare function peekFault(): RecordedFault | null;
+/** Test-only: reset module state between cases. */
+export declare function _resetFaultForTesting(): void;
+//# sourceMappingURL=fault-signal.d.ts.map

package/dist/report/fault-signal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fault-signal.d.ts","sourceRoot":"","sources":["../../src/report/fault-signal.ts"],"names":[],"mappings":"AAgBA,+EAA+E;AAC/E,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B;AAID;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,OAAO,GAAG,IAAI,CAM9C;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAG1C;AAED,6EAA6E;AAC7E,wBAAgB,UAAU,IAAI,IAAI,CAEjC;AAED,6DAA6D;AAC7D,wBAAgB,SAAS,IAAI,aAAa,GAAG,IAAI,CAEhD;AAED,mDAAmD;AACnD,wBAAgB,qBAAqB,IAAI,IAAI,CAE5C"}

package/dist/report/report-nudge.d.ts

@@ -0,0 +1,33 @@
+import type { CliIo } from "../dispatcher.js";
+import type { RecordedFault } from "./fault-signal.js";
+export interface NudgeContext {
+    /** The raw command args; only argv[0] (the verb) is ever read. */
+    readonly argv: readonly string[];
+    readonly env: Record<string, string | undefined>;
+    readonly stderrIsTTY: boolean;
+    readonly exitCode: number;
+    readonly lastFault: RecordedFault | null;
+}
+/** Quiet in non-interactive / machine contexts, and never nudge the report
+ *  verbs themselves. Mirrors update-notifier's isSuppressed. */
+export declare function nudgeSuppressed(ctx: {
+    readonly argv: readonly string[];
+    readonly env: Record<string, string | undefined>;
+    readonly stderrIsTTY: boolean;
+}): boolean;
+/**
+ * Print the nudge for a finished command iff its failure classifies as a
+ * platform fault and we're on an interactive terminal. No-op otherwise.
+ */
+export declare function maybeReportNudge(io: CliIo, ctx: NudgeContext): void;
+/**
+ * Print the nudge for the unhandled-crash path (cli.ts top-level `.catch`,
+ * exit 70). A crash is a platform fault by definition, so no classifier call —
+ * but still TTY/CI-gated and report-verb-skipped.
+ */
+export declare function maybeCrashReportNudge(io: CliIo, ctx: {
+    readonly argv: readonly string[];
+    readonly env: Record<string, string | undefined>;
+    readonly stderrIsTTY: boolean;
+}): void;
+//# sourceMappingURL=report-nudge.d.ts.map

package/dist/report/report-nudge.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"report-nudge.d.ts","sourceRoot":"","sources":["../../src/report/report-nudge.ts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAE9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEvD,MAAM,WAAW,YAAY;IAC3B,kEAAkE;IAClE,QAAQ,CAAC,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACjC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACjD,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,aAAa,GAAG,IAAI,CAAC;CAC1C;AAED;gEACgE;AAChE,wBAAgB,eAAe,CAAC,GAAG,EAAE;IACnC,QAAQ,CAAC,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACjC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACjD,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;CAC/B,GAAG,OAAO,CAOV;AAYD;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,YAAY,GAAG,IAAI,CAInE;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE;IACpD,QAAQ,CAAC,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACjC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACjD,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;CAC/B,GAAG,IAAI,CAGP"}

package/dist/version.d.ts

@@ -1,2 +1,2 @@
-export declare const CLI_VERSION = "0.39.0";
+export declare const CLI_VERSION = "0.40.0";
 //# sourceMappingURL=version.d.ts.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@m-kopa/launchpad-cli",
-  "version": "0.39.0",
+  "version": "0.40.0",
   "description": "Launchpad CLI — clone / deploy / review / merge against Launchpad-managed apps. Talks to the portal-bot endpoints (SCOPE-M-760 / T4).",
   "type": "module",
   "bin": {

package/skills/launchpad-content-pr/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: launchpad-content-pr
 description: Push a content change to a Launchpad app via `launchpad deploy` and verify it shipped via `launchpad status`. Covers the post-first-deploy iteration loop (edit → deploy → verify) — subsequent deploys commit directly to the app repo's main and the Pages build runs asynchronously, so verification is its own step. Use when someone says "push a content change", "ship an update", "/launchpad-content-pr", "verify my deploy", or after `/launchpad-deploy` reports `done` and they want to follow up with an edit.
-version: 0.39.0
+version: 0.40.0
 ---
 
 <!-- BEGIN shell-contract (managed by scripts/sync-skill-contract.sh — edit skills/_partials/shell-contract.md) -->

package/skills/launchpad-deploy/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: launchpad-deploy
 description: Walk a Launchpad user through deploying an app from their local working directory (Model A — `launchpad init` + `launchpad deploy`). Wraps the CLI verbs end-to-end: detects the app shape, scaffolds `launchpad.yaml`, resolves the allowed Entra group via `launchpad groups`, bundles the CWD via `launchpad deploy`, and watches the rollout via `launchpad status`. Use when someone says "deploy a new app", "ship my app to Launchpad", "/launchpad-deploy", "I have an app locally — get it on Launchpad", or any variant. Resume/abandon for legacy in-flight provisioning is at the bottom.
-version: 0.39.0
+version: 0.40.0
 ---
 
 <!-- BEGIN shell-contract (managed by scripts/sync-skill-contract.sh — edit skills/_partials/shell-contract.md) -->
@@ -511,3 +511,18 @@ the in-flight case.
   strips the user JWT and 401s every user (see "Gateway auth").
 - Do **not** `wrangler secret put` for a two-tier app — `launchpad secrets
   push` with `targets: all` seeds both tiers via the bot.
+
+## When a deploy fails because the platform misbehaved
+
+If `launchpad deploy` (or `status`) fails for a reason that is **not** the
+user's — a bot 5xx, a network error, `✗ NO NEW DEPLOYMENT WAS CREATED` /
+exit 69, or an unexpected crash — i.e. it looks like **our** fault, not a typo
+or a missing permission — offer to file it via the **`/launchpad-report`** skill
+(`launchpad bug "<what they were trying to do>"`). The CLI prints a one-line
+nudge on these; offer proactively.
+
+Follow `/launchpad-report`'s rules: **never file silently** — show the user the
+exact title + body you'll send and get their confirmation first, and never paste
+secret-bearing commands/values into the report body. Do **not** offer to file
+for a user-side failure (auth/401, not-found/404, a bad manifest, a dirty tree) —
+fix those instead.

package/skills/launchpad-deploy-status/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: launchpad-deploy-status
 description: Show the current provisioning stage + failure reason for a Launchpad app via `launchpad status` (Model A drift + deployment_verified) and `launchpad apps` (lifecycle bucket), or watch provisioning live with `launchpad watch`. Renders the M-892 stage trace for in-flight provisioning, and is the canonical home for `launchpad recover` (repair a terminal-failed app record that is actually live). Use when someone says "what's the status of demo-X", "/launchpad-deploy-status", "is my deploy stuck", "watch my deploy go live", "watch provisioning", "my app says failed but it's serving", or after `/launchpad-deploy` reports a non-`done` terminal stage.
-version: 0.39.0
+version: 0.40.0
 ---
 
 <!-- BEGIN shell-contract (managed by scripts/sync-skill-contract.sh — edit skills/_partials/shell-contract.md) -->
@@ -360,3 +360,16 @@ such a link anyway.
   `launchpad apps`. Use `launchpad status <slug> --json` for any
   downstream automation (`launchpad apps` has no `--json`; for
   per-app automation go through `status --json` instead).
+
+## When a status check fails because the platform misbehaved
+
+If `launchpad status` / `watch` / `recover` fails for a reason that is **not**
+the user's — a bot 5xx, a network error, `✗ NO NEW DEPLOYMENT WAS CREATED` /
+exit 69, or an unexpected crash — offer to file it via the
+**`/launchpad-report`** skill (`launchpad bug "<what they were trying to do>"`).
+The CLI prints a one-line nudge on these; offer proactively.
+
+Follow `/launchpad-report`'s rules: **never file silently** — show the exact
+title + body and confirm first, and never paste secret-bearing commands/values
+into the body. Do **not** offer to file for a user-side failure (auth/401,
+not-found/404) — resolve those instead.

package/skills/launchpad-destroy/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: launchpad-destroy
 description: Tear down a Launchpad app end-to-end via `launchpad destroy` — Cloudflare Pages project, edge-auth wiring (gateway KV/audience entries, or the Access app for `auth: access` apps), custom hostname, platform-repo TF, and the app repo (archive-renamed). Owner-only verb with a two-step destructive confirmation. Use when someone says "destroy this app", "/launchpad-destroy", "tear down `<slug>`", "delete the app", or asks to clean up a smoke-test / orphan / retired app.
-version: 0.39.0
+version: 0.40.0
 ---
 
 <!-- BEGIN shell-contract (managed by scripts/sync-skill-contract.sh — edit skills/_partials/shell-contract.md) -->

package/skills/launchpad-identity/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: launchpad-identity
 description: Teach an app author how to use the signed-in user's identity inside a Launchpad app — read the gateway-forwarded X-Launchpad-User-Assertion in a Pages Function, VERIFY it with @m-kopa/platform-auth (fail-closed), and show who's logged in (sub/email/name). Use when someone says "who is logged in", "show the current user", "get the user's email in my app", "auth in my launchpad app", "read the user identity", "/launchpad-identity", or is wiring up an /api/me for a gateway-fronted app.
-version: 0.39.0
+version: 0.40.0
 ---
 
 <!-- BEGIN shell-contract (managed by scripts/sync-skill-contract.sh — edit skills/_partials/shell-contract.md) -->

package/skills/launchpad-onboard/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: launchpad-onboard
 description: One-time setup for the Launchpad CLI + Claude Code skill bundle. Verifies the `launchpad` CLI is installed and current, runs `launchpad whoami` to confirm the session is fresh, and checks the bundled skills are installed and in lock-step with the CLI. Idempotent — safe to re-run any time. Use when someone says "set me up for Launchpad", "I just got a new machine and want to use Launchpad", "/launchpad-onboard", or any of the other launchpad-* skills fails on a prereq check.
-version: 0.39.0
+version: 0.40.0
 ---
 
 <!-- BEGIN shell-contract (managed by scripts/sync-skill-contract.sh — edit skills/_partials/shell-contract.md) -->

package/skills/launchpad-report/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: launchpad-report
 description: File a bug report or feature request to the Launchpad team's tracker from the CLI. Use when someone reports something broken, hits an error in a launchpad command, or wishes a feature existed — e.g. "this is broken", "report a bug", "can you file that", "I wish launchpad could…", "/launchpad-bug", "/launchpad-feature". Always confirm and show exactly what you'll send before filing; never file silently.
-version: 0.39.0
+version: 0.40.0
 ---
 
 <!-- BEGIN shell-contract (managed by scripts/sync-skill-contract.sh — edit skills/_partials/shell-contract.md) -->

package/skills/launchpad-status/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: launchpad-status
 description: Show whether a Launchpad app's local launchpad.yaml matches what's deployed, and read the deployed manifest. Wraps `launchpad pull` (fetch deployed YAML) and `launchpad status` (drift report). Use when someone says "is my app in sync", "what's deployed", "show drift", "/launchpad-status", "/launchpad-pull", or after `launchpad deploy` to verify the change landed.
-version: 0.39.0
+version: 0.40.0
 ---
 
 <!-- BEGIN shell-contract (managed by scripts/sync-skill-contract.sh — edit skills/_partials/shell-contract.md) -->