@mcp-s/cli 0.0.9

package/dist/index.js

@@ -0,0 +1,3200 @@
+#!/usr/bin/env node
+
+// src/index.ts
+import { appendFileSync, mkdirSync as mkdirSync5 } from "fs";
+import { homedir as homedir6 } from "os";
+import { join as join7 } from "path";
+
+// src/client.ts
+import { Client } from "@modelcontextprotocol/sdk/client/index.js";
+import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";
+import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
+
+// src/auth.ts
+var tokenStorage = null;
+var clientStorage = null;
+async function getAuthFilePath() {
+  const os = await import("os");
+  const path = await import("path");
+  const fs = await import("fs");
+  const dir = path.join(os.homedir(), ".config", "mcp-s-cli");
+  fs.mkdirSync(dir, { recursive: true });
+  return path.join(dir, "auth.json");
+}
+async function loadAuthData() {
+  if (tokenStorage !== null && clientStorage !== null) {
+    return;
+  }
+  tokenStorage = /* @__PURE__ */ new Map();
+  clientStorage = /* @__PURE__ */ new Map();
+  try {
+    const fs = await import("fs/promises");
+    const authPath = await getAuthFilePath();
+    const data = await fs.readFile(authPath, "utf-8");
+    const parsed = JSON.parse(data);
+    if (parsed.tokens) {
+      for (const [key, value] of Object.entries(parsed.tokens)) {
+        tokenStorage.set(key, value);
+      }
+    }
+    if (parsed.clients) {
+      for (const [key, value] of Object.entries(parsed.clients)) {
+        clientStorage.set(key, value);
+      }
+    }
+  } catch {
+  }
+}
+async function saveAuthData() {
+  if (!tokenStorage || !clientStorage) {
+    return;
+  }
+  try {
+    const fs = await import("fs/promises");
+    const authPath = await getAuthFilePath();
+    const data = {
+      tokens: Object.fromEntries(tokenStorage),
+      clients: Object.fromEntries(clientStorage)
+    };
+    await fs.writeFile(authPath, JSON.stringify(data, null, 2), {
+      mode: 384
+    });
+  } catch (err) {
+    if (process.env.MCP_DEBUG) {
+      console.error(
+        `[mcp-s-cli] Failed to save auth data: ${err.message}`
+      );
+    }
+  }
+}
+async function getTokenStorage() {
+  await loadAuthData();
+  return tokenStorage ?? /* @__PURE__ */ new Map();
+}
+async function getClientStorage() {
+  await loadAuthData();
+  return clientStorage ?? /* @__PURE__ */ new Map();
+}
+function generateCodeVerifier() {
+  const array = new Uint8Array(32);
+  crypto.getRandomValues(array);
+  return Array.from(array, (byte) => byte.toString(16).padStart(2, "0")).join(
+    ""
+  );
+}
+async function generateCodeChallenge(verifier) {
+  const encoder = new TextEncoder();
+  const data = encoder.encode(verifier);
+  const hashBuffer = await crypto.subtle.digest("SHA-256", data);
+  const hashArray = new Uint8Array(hashBuffer);
+  const base64 = btoa(String.fromCharCode(...hashArray)).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+  return base64;
+}
+function parseWWWAuthenticateHeader(header) {
+  const challenge = {};
+  const bearerMatch = header.match(/Bearer\s+(.*)/i);
+  if (!bearerMatch) {
+    return challenge;
+  }
+  const params = bearerMatch[1] ?? "";
+  const paramRegex = /(\w+)="([^"]*)"/g;
+  for (const match of params.matchAll(paramRegex)) {
+    const [, key, value] = match;
+    if (key === "error") {
+      challenge.error = value;
+    } else if (key === "error_description") {
+      challenge.error_description = value;
+    } else if (key === "resource_metadata") {
+      challenge.resource_metadata = value;
+    }
+  }
+  return challenge;
+}
+async function fetchProtectedResourceMetadata(metadataUrl) {
+  try {
+    const response = await fetch(metadataUrl, {
+      signal: AbortSignal.timeout(1e4)
+    });
+    if (!response.ok) {
+      return null;
+    }
+    return await response.json();
+  } catch {
+    return null;
+  }
+}
+async function fetchAuthServerMetadata(authServerUrl) {
+  try {
+    const parsed = new URL(authServerUrl);
+    const metadataUrl = `${parsed.protocol}//${parsed.host}/.well-known/oauth-authorization-server`;
+    const response = await fetch(metadataUrl, {
+      signal: AbortSignal.timeout(1e4)
+    });
+    if (!response.ok) {
+      return null;
+    }
+    return await response.json();
+  } catch {
+    return null;
+  }
+}
+async function registerOAuthClient(registrationEndpoint, redirectUri) {
+  try {
+    const clientMetadata = {
+      client_name: "mcp-s-cli",
+      redirect_uris: [redirectUri],
+      grant_types: ["authorization_code"],
+      response_types: ["code"],
+      token_endpoint_auth_method: "none"
+    };
+    const response = await fetch(registrationEndpoint, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify(clientMetadata),
+      signal: AbortSignal.timeout(1e4)
+    });
+    if (!response.ok) {
+      return null;
+    }
+    return await response.json();
+  } catch {
+    return null;
+  }
+}
+async function exchangeAuthorizationCode(tokenEndpoint, clientId, code, codeVerifier, redirectUri) {
+  try {
+    const params = new URLSearchParams({
+      grant_type: "authorization_code",
+      code,
+      client_id: clientId,
+      code_verifier: codeVerifier,
+      redirect_uri: redirectUri
+    });
+    const response = await fetch(tokenEndpoint, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: params.toString(),
+      signal: AbortSignal.timeout(1e4)
+    });
+    if (!response.ok) {
+      return null;
+    }
+    return await response.json();
+  } catch {
+    return null;
+  }
+}
+async function startCallbackServer(port) {
+  const http = await import("http");
+  return new Promise((resolve4, reject) => {
+    const server = http.createServer((req, res) => {
+      const url = new URL(req.url ?? "/", `http://localhost:${port}`);
+      const code = url.searchParams.get("code");
+      const error = url.searchParams.get("error");
+      if (error) {
+        res.writeHead(400, { "Content-Type": "text/html" });
+        res.end(`
+          <html>
+            <body>
+              <h1>Authorization Failed</h1>
+              <p>Error: ${error}</p>
+              <p>You can close this window.</p>
+            </body>
+          </html>
+        `);
+        server.close();
+        reject(new Error(`OAuth error: ${error}`));
+        return;
+      }
+      if (code) {
+        res.writeHead(200, { "Content-Type": "text/html" });
+        res.end(`
+          <html>
+            <body>
+              <h1>Authorization Successful</h1>
+              <p>You can close this window and return to the CLI.</p>
+            </body>
+          </html>
+        `);
+        server.close();
+        resolve4(code);
+        return;
+      }
+      res.writeHead(400, { "Content-Type": "text/html" });
+      res.end("<html><body><h1>Invalid Request</h1></body></html>");
+    });
+    server.listen(port, "127.0.0.1", () => {
+    });
+    setTimeout(
+      () => {
+        server.close();
+        reject(new Error("OAuth callback timeout"));
+      },
+      5 * 60 * 1e3
+    );
+  });
+}
+async function getOpenCommand() {
+  const platform2 = process.platform;
+  if (platform2 === "darwin") {
+    return "open";
+  }
+  if (platform2 === "win32") {
+    return "start";
+  }
+  if (platform2 === "linux") {
+    return "xdg-open";
+  }
+  return null;
+}
+async function performOAuthFlow(authServerUrl, resourceUrl) {
+  const authMetadata = await fetchAuthServerMetadata(authServerUrl);
+  if (!authMetadata) {
+    console.error("Failed to fetch authorization server metadata");
+    return null;
+  }
+  if (!authMetadata.registration_endpoint) {
+    console.error(
+      "Authorization server does not support dynamic client registration"
+    );
+    return null;
+  }
+  const callbackPort = 8085;
+  const redirectUri = `http://127.0.0.1:${callbackPort}/callback`;
+  const serverKey = new URL(authServerUrl).origin;
+  const clients = await getClientStorage();
+  let clientInfo = clients.get(serverKey);
+  if (!clientInfo) {
+    const newClientInfo = await registerOAuthClient(
+      authMetadata.registration_endpoint,
+      redirectUri
+    );
+    if (!newClientInfo) {
+      console.error("Failed to register OAuth client");
+      return null;
+    }
+    clientInfo = newClientInfo;
+    clients.set(serverKey, clientInfo);
+    await saveAuthData();
+  }
+  const codeVerifier = generateCodeVerifier();
+  const codeChallenge = await generateCodeChallenge(codeVerifier);
+  const authUrl = new URL(authMetadata.authorization_endpoint);
+  authUrl.searchParams.set("response_type", "code");
+  authUrl.searchParams.set("client_id", clientInfo.client_id);
+  authUrl.searchParams.set("redirect_uri", redirectUri);
+  authUrl.searchParams.set("code_challenge", codeChallenge);
+  authUrl.searchParams.set("code_challenge_method", "S256");
+  authUrl.searchParams.set("resource", resourceUrl);
+  console.error(
+    "\nAuthentication required. Opening browser for authorization..."
+  );
+  console.error(`If the browser doesn't open, visit: ${authUrl.toString()}
+`);
+  const open = await getOpenCommand();
+  if (open) {
+    try {
+      const { spawn: spawn2 } = await import("child_process");
+      spawn2(open, [authUrl.toString()], {
+        detached: true,
+        stdio: "ignore"
+      }).unref();
+    } catch {
+      console.error("Could not open browser automatically.");
+    }
+  }
+  try {
+    const code = await startCallbackServer(callbackPort);
+    const tokens = await exchangeAuthorizationCode(
+      authMetadata.token_endpoint,
+      clientInfo.client_id,
+      code,
+      codeVerifier,
+      redirectUri
+    );
+    if (tokens) {
+      const resourceOrigin = new URL(resourceUrl).origin;
+      const tokenMap = await getTokenStorage();
+      tokenMap.set(resourceOrigin, tokens);
+      await saveAuthData();
+    }
+    return tokens;
+  } catch (error) {
+    console.error("OAuth flow failed:", error);
+    return null;
+  }
+}
+async function getStoredTokens(url) {
+  const origin = new URL(url).origin;
+  const tokens = await getTokenStorage();
+  return tokens.get(origin);
+}
+async function storeTokens(url, tokens) {
+  const origin = new URL(url).origin;
+  const tokenMap = await getTokenStorage();
+  tokenMap.set(origin, tokens);
+  await saveAuthData();
+}
+async function clearTokens(url) {
+  const origin = new URL(url).origin;
+  const tokens = await getTokenStorage();
+  tokens.delete(origin);
+  await saveAuthData();
+}
+
+// src/config.ts
+import { createHash } from "crypto";
+import { existsSync, readFileSync } from "fs";
+import { homedir } from "os";
+import { join, resolve } from "path";
+
+// src/errors.ts
+function formatCliError(error) {
+  const lines = [];
+  lines.push(`Error [${error.type}]: ${error.message}`);
+  if (error.details) {
+    lines.push(`  Details: ${error.details}`);
+  }
+  if (error.suggestion) {
+    lines.push(`  Suggestion: ${error.suggestion}`);
+  }
+  return lines.join("\n");
+}
+function configNotFoundError(path) {
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "CONFIG_NOT_FOUND",
+    message: `Config file not found: ${path}`,
+    suggestion: `Create config.json with: { "baseUrl": "https://..." } or run mcp-s-cli init`
+  };
+}
+function configSearchError() {
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "CONFIG_NOT_FOUND",
+    message: "No config.json config file found",
+    details: "Searched: ~/.config/mcp-s-cli/config.json",
+    suggestion: "Run mcp-s-cli init or use -c/--config to specify a path"
+  };
+}
+function configInvalidJsonError(path, parseError) {
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "CONFIG_INVALID_JSON",
+    message: `Invalid JSON in config file: ${path}`,
+    details: parseError,
+    suggestion: "Check for syntax errors: missing commas, unquoted keys, trailing commas"
+  };
+}
+function configMissingFieldError(path) {
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "CONFIG_MISSING_FIELD",
+    message: "Config file is missing required server fields",
+    details: `File: ${path}`,
+    suggestion: 'Config must have "org" or "baseUrl" (HTTP) or "userAccessKey" (stdio). Run mcp-s-cli init to set up.'
+  };
+}
+function serverConnectionError(serverLabel, cause) {
+  let suggestion = "Check server configuration and ensure the server process can start";
+  if (cause.includes("ENOENT") || cause.includes("not found")) {
+    suggestion = "Command not found. Install the MCP server: npx -y @modelcontextprotocol/server-<name>";
+  } else if (cause.includes("ECONNREFUSED")) {
+    suggestion = "Server refused connection. Check if the server is running and URL is correct";
+  } else if (cause.includes("ETIMEDOUT") || cause.includes("timeout")) {
+    suggestion = "Connection timed out. Check network connectivity and server availability";
+  } else if (cause.includes("401") || cause.includes("Unauthorized")) {
+    suggestion = "Authentication required. Add Authorization header to config";
+  } else if (cause.includes("403") || cause.includes("Forbidden")) {
+    suggestion = "Access forbidden. Check credentials and permissions";
+  }
+  return {
+    code: 3 /* NETWORK_ERROR */,
+    type: "SERVER_CONNECTION_FAILED",
+    message: `Failed to connect to server "${serverLabel}"`,
+    details: cause,
+    suggestion
+  };
+}
+function toolNotFoundError(toolName, serverLabel, availableTools) {
+  const toolList = availableTools?.slice(0, 5).join(", ") || "";
+  const moreCount = availableTools && availableTools.length > 5 ? ` (+${availableTools.length - 5} more)` : "";
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "TOOL_NOT_FOUND",
+    message: `Tool "${toolName}" not found in server "${serverLabel}"`,
+    details: availableTools ? `Available tools: ${toolList}${moreCount}` : void 0,
+    suggestion: `Run 'mcp-s-cli' to see all available tools`
+  };
+}
+function toolExecutionError(toolName, serverLabel, cause) {
+  let suggestion = "Check tool arguments match the expected schema";
+  if (cause.includes("validation") || cause.includes("invalid_type")) {
+    suggestion = `Run 'mcp-s-cli info ${toolName}' to see the input schema, then fix arguments`;
+  } else if (cause.includes("required")) {
+    suggestion = `Missing required argument. Run 'mcp-s-cli info ${toolName}' to see required fields`;
+  } else if (cause.includes("permission") || cause.includes("denied")) {
+    suggestion = "Permission denied. Check file/resource permissions";
+  } else if (cause.includes("not found") || cause.includes("ENOENT")) {
+    suggestion = "Resource not found. Verify the path or identifier exists";
+  }
+  return {
+    code: 2 /* SERVER_ERROR */,
+    type: "TOOL_EXECUTION_FAILED",
+    message: `Tool "${toolName}" execution failed`,
+    details: cause,
+    suggestion
+  };
+}
+function invalidJsonArgsError(input, parseError) {
+  const truncated = input.length > 100 ? `${input.substring(0, 100)}...` : input;
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "INVALID_JSON_ARGUMENTS",
+    message: "Invalid JSON in tool arguments",
+    details: parseError ? `Parse error: ${parseError}` : `Input: ${truncated}`,
+    suggestion: `Use valid JSON: '{"path": "./file.txt"}'. Run 'mcp-s-cli info <tool>' for the schema.`
+  };
+}
+function unknownOptionError(option) {
+  let suggestion;
+  const optionLower = option.toLowerCase().replace(/^-+/, "");
+  if (["tool", "t"].includes(optionLower)) {
+    suggestion = `Tool is a positional argument. Use 'mcp-s-cli call <tool>'`;
+  } else if (["args", "arguments", "a", "input"].includes(optionLower)) {
+    suggestion = `Pass JSON directly: 'mcp-s-cli call <tool> '{"key": "value"}''`;
+  } else if (["pattern", "p", "search", "query"].includes(optionLower)) {
+    suggestion = `Use 'mcp-s-cli grep "*pattern*"'`;
+  } else if (["call", "run", "exec"].includes(optionLower)) {
+    suggestion = `Use 'call' as a subcommand, not option: 'mcp-s-cli call <tool>'`;
+  } else if (["info", "list", "get"].includes(optionLower)) {
+    suggestion = `Use 'info' as a subcommand, not option: 'mcp-s-cli info'`;
+  } else {
+    suggestion = "Valid options: -c/--config, -j/--json, -d/--with-descriptions, -r/--raw";
+  }
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "UNKNOWN_OPTION",
+    message: `Unknown option: ${option}`,
+    suggestion
+  };
+}
+function missingArgumentError(command, argument) {
+  let suggestion;
+  switch (command) {
+    case "call":
+      suggestion = `Use 'mcp-s-cli call <tool> '{"key": "value"}''`;
+      break;
+    case "grep":
+      suggestion = `Use 'mcp-s-cli grep "*pattern*"'`;
+      break;
+    case "-c/--config":
+      suggestion = `Use 'mcp-s-cli -c /path/to/config.json'`;
+      break;
+    default:
+      suggestion = `Run 'mcp-s-cli --help' for usage examples`;
+  }
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "MISSING_ARGUMENT",
+    message: `Missing required argument for ${command}: ${argument}`,
+    suggestion
+  };
+}
+function unknownSubcommandError(subcommand) {
+  const suggestions = {
+    run: "call",
+    execute: "call",
+    exec: "call",
+    invoke: "call",
+    list: "info",
+    ls: "info",
+    get: "info",
+    show: "info",
+    describe: "info",
+    search: "grep",
+    find: "grep",
+    query: "grep"
+  };
+  const suggested = suggestions[subcommand.toLowerCase()];
+  const validCommands = "info, grep, call";
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "UNKNOWN_SUBCOMMAND",
+    message: `Unknown subcommand: "${subcommand}"`,
+    details: `Valid subcommands: ${validCommands}`,
+    suggestion: suggested ? `Did you mean 'mcp-s-cli ${suggested}'?` : `Use 'mcp-s-cli --help' to see available commands`
+  };
+}
+function tooManyArgumentsError(command, received, max) {
+  return {
+    code: 1 /* CLIENT_ERROR */,
+    type: "TOO_MANY_ARGUMENTS",
+    message: `Too many arguments for ${command}`,
+    details: `Received ${received} arguments, maximum is ${max}`,
+    suggestion: `Run 'mcp-s-cli --help' for correct usage`
+  };
+}
+
+// src/config.ts
+function matchesPattern(name, pattern) {
+  const regexPattern = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*").replace(/\?/g, ".");
+  return new RegExp(`^${regexPattern}$`, "i").test(name);
+}
+function matchesAnyPattern(name, patterns) {
+  return patterns.some((pattern) => matchesPattern(name, pattern));
+}
+function filterTools(tools, config) {
+  const { allowedTools, disabledTools } = config;
+  return tools.filter((tool) => {
+    if (disabledTools && disabledTools.length > 0) {
+      if (matchesAnyPattern(tool.name, disabledTools)) {
+        return false;
+      }
+    }
+    if (allowedTools && allowedTools.length > 0) {
+      return matchesAnyPattern(tool.name, allowedTools);
+    }
+    return true;
+  });
+}
+function isToolAllowed(toolName, config) {
+  const { allowedTools, disabledTools } = config;
+  if (disabledTools && disabledTools.length > 0) {
+    if (matchesAnyPattern(toolName, disabledTools)) {
+      return false;
+    }
+  }
+  if (allowedTools && allowedTools.length > 0) {
+    return matchesAnyPattern(toolName, allowedTools);
+  }
+  return true;
+}
+function isHttpServer(config) {
+  return "url" in config;
+}
+var DEFAULT_TIMEOUT_SECONDS = 1800;
+var DEFAULT_TIMEOUT_MS = DEFAULT_TIMEOUT_SECONDS * 1e3;
+var DEFAULT_MAX_RETRIES = 3;
+var DEFAULT_RETRY_DELAY_MS = 1e3;
+var DEFAULT_DAEMON_TIMEOUT_SECONDS = 300;
+function debug(message) {
+  if (process.env.MCP_DEBUG) {
+    console.error(`[mcp-s-cli] ${message}`);
+  }
+}
+function getTimeoutMs() {
+  const envTimeout = process.env.MCP_TIMEOUT;
+  if (envTimeout) {
+    const seconds = Number.parseInt(envTimeout, 10);
+    if (!Number.isNaN(seconds) && seconds > 0) {
+      return seconds * 1e3;
+    }
+  }
+  return DEFAULT_TIMEOUT_MS;
+}
+function getMaxRetries() {
+  const envRetries = process.env.MCP_MAX_RETRIES;
+  if (envRetries) {
+    const retries = Number.parseInt(envRetries, 10);
+    if (!Number.isNaN(retries) && retries >= 0) {
+      return retries;
+    }
+  }
+  return DEFAULT_MAX_RETRIES;
+}
+function getRetryDelayMs() {
+  const envDelay = process.env.MCP_RETRY_DELAY;
+  if (envDelay) {
+    const delay = Number.parseInt(envDelay, 10);
+    if (!Number.isNaN(delay) && delay > 0) {
+      return delay;
+    }
+  }
+  return DEFAULT_RETRY_DELAY_MS;
+}
+var DAEMON_SERVER_NAME = "mcp-s-cli";
+function isDaemonEnabled() {
+  return process.env.MCP_DAEMON !== "0";
+}
+function getDaemonTimeoutMs() {
+  const envTimeout = process.env.MCP_DAEMON_TIMEOUT;
+  if (envTimeout) {
+    const seconds = Number.parseInt(envTimeout, 10);
+    if (!Number.isNaN(seconds) && seconds > 0) {
+      return seconds * 1e3;
+    }
+  }
+  return DEFAULT_DAEMON_TIMEOUT_SECONDS * 1e3;
+}
+function getSocketDir() {
+  const uid = process.getuid?.() ?? "unknown";
+  const base = process.platform === "darwin" ? "/tmp" : "/tmp";
+  return join(base, `mcp-s-cli-${uid}`);
+}
+function getSocketPath() {
+  return join(getSocketDir(), `${DAEMON_SERVER_NAME}.sock`);
+}
+function getPidPath() {
+  return join(getSocketDir(), `${DAEMON_SERVER_NAME}.pid`);
+}
+function getReadyPath() {
+  return join(getSocketDir(), `${DAEMON_SERVER_NAME}.ready`);
+}
+function getConfigHash(config) {
+  const str = JSON.stringify(config, Object.keys(config).sort());
+  return createHash("sha256").update(str).digest("hex").slice(0, 16);
+}
+function isStrictEnvMode() {
+  const value = process.env.MCP_STRICT_ENV?.toLowerCase();
+  return value !== "false" && value !== "0";
+}
+function substituteEnvVars(value) {
+  const missingVars = [];
+  const result = value.replace(/\$\{([^}]+)\}/g, (match, varName) => {
+    const envValue = process.env[varName];
+    if (envValue === void 0) {
+      missingVars.push(varName);
+      return "";
+    }
+    return envValue;
+  });
+  if (missingVars.length > 0) {
+    const varList = missingVars.map((v) => `\${${v}}`).join(", ");
+    const message = `Missing environment variable${missingVars.length > 1 ? "s" : ""}: ${varList}`;
+    if (isStrictEnvMode()) {
+      throw new Error(
+        formatCliError({
+          code: 1 /* CLIENT_ERROR */,
+          type: "MISSING_ENV_VAR",
+          message,
+          details: "Referenced in config but not set in environment",
+          suggestion: `Set the variable(s) before running: export ${missingVars[0]}="value" or set MCP_STRICT_ENV=false to use empty values`
+        })
+      );
+    }
+    console.error(`[mcp-s-cli] Warning: ${message}`);
+  }
+  return result;
+}
+function substituteEnvVarsInObject(obj) {
+  if (typeof obj === "string") {
+    return substituteEnvVars(obj);
+  }
+  if (Array.isArray(obj)) {
+    return obj.map(substituteEnvVarsInObject);
+  }
+  if (obj && typeof obj === "object") {
+    const result = {};
+    for (const [key, value] of Object.entries(obj)) {
+      result[key] = substituteEnvVarsInObject(value);
+    }
+    return result;
+  }
+  return obj;
+}
+function getDefaultConfigPaths() {
+  const home2 = homedir();
+  return [join(home2, ".config", "mcp-s-cli", "config.json")];
+}
+function deriveServerConfig(raw) {
+  const resolvedUrl = raw.org ? `https://${raw.org}.mcp-s.com/mcp` : raw.baseUrl;
+  if (raw.userAccessKey) {
+    const env = {
+      USER_ACCESS_KEY: raw.userAccessKey
+    };
+    if (raw.mcp) env.MCP = raw.mcp;
+    if (raw.toolkit) env.TOOLKIT = raw.toolkit;
+    if (resolvedUrl) env.BASE_URL = resolvedUrl;
+    return {
+      type: "stdio",
+      command: "npx",
+      args: ["-y", "@mcp-s/mcp"],
+      env,
+      allowedTools: raw.allowedTools,
+      disabledTools: raw.disabledTools
+    };
+  }
+  if (!resolvedUrl) {
+    throw new Error(
+      formatCliError({
+        code: 1 /* CLIENT_ERROR */,
+        type: "CONFIG_INVALID",
+        message: "Config is missing a server URL",
+        details: 'Either "org", "baseUrl" (HTTP mode) or "userAccessKey" (stdio mode) is required',
+        suggestion: "Run mcp-s-cli init --org <org> or mcp-s-cli init --base-url <url>"
+      })
+    );
+  }
+  const headers = {};
+  if (raw.mcp) headers["x-mcp"] = raw.mcp;
+  if (raw.toolkit) headers["x-toolkit"] = raw.toolkit;
+  if (raw.token) headers.Authorization = `Bearer ${raw.token}`;
+  const serverConfig = {
+    url: resolvedUrl,
+    allowedTools: raw.allowedTools,
+    disabledTools: raw.disabledTools
+  };
+  if (Object.keys(headers).length > 0) {
+    serverConfig.headers = headers;
+  }
+  return serverConfig;
+}
+async function loadConfig(explicitPath) {
+  let configPath;
+  if (explicitPath) {
+    configPath = resolve(explicitPath);
+  } else if (process.env.MCP_CONFIG_PATH) {
+    configPath = resolve(process.env.MCP_CONFIG_PATH);
+  }
+  if (configPath) {
+    if (!existsSync(configPath)) {
+      throw new Error(formatCliError(configNotFoundError(configPath)));
+    }
+  } else {
+    const searchPaths = getDefaultConfigPaths();
+    for (const path of searchPaths) {
+      if (existsSync(path)) {
+        configPath = path;
+        break;
+      }
+    }
+    if (!configPath) {
+      throw new Error(formatCliError(configSearchError()));
+    }
+  }
+  const content = readFileSync(configPath, "utf-8");
+  let raw;
+  try {
+    raw = JSON.parse(content);
+  } catch (e) {
+    throw new Error(
+      formatCliError(configInvalidJsonError(configPath, e.message))
+    );
+  }
+  if (!raw || typeof raw !== "object" || Array.isArray(raw)) {
+    throw new Error(formatCliError(configMissingFieldError(configPath)));
+  }
+  const knownFields = [
+    "org",
+    "baseUrl",
+    "mcp",
+    "toolkit",
+    "userAccessKey",
+    "token",
+    "allowedTools",
+    "disabledTools"
+  ];
+  const hasKnownField = knownFields.some((f) => f in raw);
+  if (!hasKnownField) {
+    throw new Error(formatCliError(configMissingFieldError(configPath)));
+  }
+  raw = substituteEnvVarsInObject(raw);
+  const serverConfig = deriveServerConfig(raw);
+  return { raw, serverConfig };
+}
+
+// src/daemon-client.ts
+import { spawn } from "child_process";
+import { existsSync as existsSync3, readdirSync } from "fs";
+import { createConnection } from "net";
+import { join as join2 } from "path";
+import { fileURLToPath } from "url";
+
+// src/daemon.ts
+import {
+  existsSync as existsSync2,
+  mkdirSync,
+  readFileSync as readFileSync2,
+  unlinkSync,
+  writeFileSync
+} from "fs";
+import { createServer } from "net";
+import { dirname } from "path";
+function writePidFile(serverName, configHash) {
+  const pidPath = getPidPath();
+  const dir = dirname(pidPath);
+  if (!existsSync2(dir)) {
+    mkdirSync(dir, { recursive: true, mode: 448 });
+  }
+  const content = {
+    pid: process.pid,
+    configHash,
+    startedAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  writeFileSync(pidPath, JSON.stringify(content), { mode: 384 });
+}
+function readPidFile(serverName) {
+  const pidPath = getPidPath();
+  if (!existsSync2(pidPath)) {
+    return null;
+  }
+  try {
+    const content = readFileSync2(pidPath, "utf-8");
+    return JSON.parse(content);
+  } catch {
+    return null;
+  }
+}
+function removePidFile(serverName) {
+  const pidPath = getPidPath();
+  try {
+    if (existsSync2(pidPath)) {
+      unlinkSync(pidPath);
+    }
+  } catch {
+  }
+}
+function removeSocketFile(serverName) {
+  const socketPath = getSocketPath();
+  try {
+    if (existsSync2(socketPath)) {
+      unlinkSync(socketPath);
+    }
+  } catch {
+  }
+}
+function removeReadyFile(serverName) {
+  const readyPath = getReadyPath();
+  try {
+    if (existsSync2(readyPath)) {
+      unlinkSync(readyPath);
+    }
+  } catch {
+  }
+}
+function isProcessRunning(pid) {
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function killProcess(pid) {
+  try {
+    process.kill(pid, "SIGTERM");
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function runDaemon(serverName, config) {
+  const socketPath = getSocketPath();
+  const configHash = getConfigHash(config);
+  const timeoutMs = getDaemonTimeoutMs();
+  let idleTimer = null;
+  let mcpClient = null;
+  let server = null;
+  const activeConnections = /* @__PURE__ */ new Set();
+  const cleanup = async () => {
+    debug(`[daemon:${serverName}] Shutting down...`);
+    if (idleTimer) {
+      clearTimeout(idleTimer);
+      idleTimer = null;
+    }
+    for (const conn of activeConnections) {
+      try {
+        conn.end();
+      } catch {
+      }
+    }
+    activeConnections.clear();
+    if (mcpClient) {
+      try {
+        await mcpClient.close();
+      } catch {
+      }
+      mcpClient = null;
+    }
+    if (server) {
+      try {
+        server.close();
+      } catch {
+      }
+      server = null;
+    }
+    removeSocketFile(serverName);
+    removePidFile(serverName);
+    removeReadyFile(serverName);
+    debug(`[daemon:${serverName}] Cleanup complete`);
+  };
+  const resetIdleTimer = () => {
+    if (idleTimer) {
+      clearTimeout(idleTimer);
+    }
+    idleTimer = setTimeout(async () => {
+      debug(`[daemon:${serverName}] Idle timeout reached, shutting down`);
+      await cleanup();
+      process.exit(0);
+    }, timeoutMs);
+  };
+  process.on("SIGTERM", async () => {
+    await cleanup();
+    process.exit(0);
+  });
+  process.on("SIGINT", async () => {
+    await cleanup();
+    process.exit(0);
+  });
+  const socketDir = getSocketDir();
+  if (!existsSync2(socketDir)) {
+    mkdirSync(socketDir, { recursive: true, mode: 448 });
+  }
+  removeSocketFile(serverName);
+  removeReadyFile(serverName);
+  writePidFile(serverName, configHash);
+  try {
+    debug(`[daemon:${serverName}] Connecting to MCP server...`);
+    mcpClient = await connectToServer(serverName, config);
+    debug(`[daemon:${serverName}] Connected to MCP server`);
+  } catch (error) {
+    console.error(
+      `[daemon:${serverName}] Failed to connect:`,
+      error.message
+    );
+    await cleanup();
+    process.exit(1);
+  }
+  const handleRequest = async (data) => {
+    resetIdleTimer();
+    let request;
+    try {
+      request = JSON.parse(data.toString());
+    } catch {
+      return {
+        id: "unknown",
+        success: false,
+        error: { code: "INVALID_REQUEST", message: "Invalid JSON" }
+      };
+    }
+    debug(`[daemon:${serverName}] Request: ${request.type} (${request.id})`);
+    if (!mcpClient) {
+      return {
+        id: request.id,
+        success: false,
+        error: { code: "NOT_CONNECTED", message: "MCP client not connected" }
+      };
+    }
+    try {
+      switch (request.type) {
+        case "ping":
+          return { id: request.id, success: true, data: "pong" };
+        case "listTools": {
+          const tools = await listTools(mcpClient.client);
+          return { id: request.id, success: true, data: tools };
+        }
+        case "callTool": {
+          if (!request.toolName) {
+            return {
+              id: request.id,
+              success: false,
+              error: { code: "MISSING_TOOL", message: "toolName required" }
+            };
+          }
+          const result = await callTool(
+            mcpClient.client,
+            request.toolName,
+            request.args ?? {}
+          );
+          return { id: request.id, success: true, data: result };
+        }
+        case "getInstructions": {
+          const instructions = mcpClient.client.getInstructions();
+          return { id: request.id, success: true, data: instructions };
+        }
+        case "close":
+          setTimeout(async () => {
+            await cleanup();
+            process.exit(0);
+          }, 100);
+          return { id: request.id, success: true, data: "closing" };
+        default:
+          return {
+            id: request.id,
+            success: false,
+            error: {
+              code: "UNKNOWN_TYPE",
+              message: `Unknown request type: ${request.type}`
+            }
+          };
+      }
+    } catch (error) {
+      const err = error;
+      return {
+        id: request.id,
+        success: false,
+        error: { code: "EXECUTION_ERROR", message: err.message }
+      };
+    }
+  };
+  await new Promise((resolve4, reject) => {
+    server = createServer((socket) => {
+      activeConnections.add(socket);
+      debug(`[daemon:${serverName}] Client connected`);
+      let buffer = "";
+      socket.on("data", async (data) => {
+        buffer += data.toString();
+        const lines = buffer.split("\n");
+        buffer = lines.pop() ?? "";
+        for (const line of lines) {
+          if (!line.trim()) continue;
+          const response = await handleRequest(Buffer.from(line));
+          socket.write(`${JSON.stringify(response)}
+`);
+        }
+      });
+      socket.on("close", () => {
+        activeConnections.delete(socket);
+        debug(`[daemon:${serverName}] Client disconnected`);
+      });
+      socket.on("error", (error) => {
+        debug(`[daemon:${serverName}] Socket error: ${error.message}`);
+        activeConnections.delete(socket);
+      });
+    });
+    server.on("error", reject);
+    server.listen(socketPath, () => {
+      debug(`[daemon:${serverName}] Listening on ${socketPath}`);
+      resetIdleTimer();
+      writeFileSync(getReadyPath(), String(process.pid), {
+        mode: 384
+      });
+      resolve4();
+    });
+  }).catch(async (error) => {
+    console.error(
+      `[daemon:${serverName}] Failed to start socket server:`,
+      error.message
+    );
+    await cleanup();
+    process.exit(1);
+  });
+}
+if (process.argv[2] === "--daemon") {
+  const serverName = process.argv[3];
+  const configJson = process.argv[4];
+  if (!serverName || !configJson) {
+    console.error("Usage: daemon.ts --daemon <serverName> <configJson>");
+    process.exit(1);
+  }
+  let config;
+  try {
+    config = JSON.parse(configJson);
+  } catch {
+    console.error("Invalid config JSON");
+    process.exit(1);
+  }
+  runDaemon(serverName, config).catch((error) => {
+    console.error("Daemon failed:", error);
+    process.exit(1);
+  });
+}
+
+// src/daemon-client.ts
+function generateRequestId() {
+  return `${Date.now()}-${Math.random().toString(36).slice(2, 9)}`;
+}
+async function sendRequest(socketPath, request) {
+  return new Promise((resolve4, reject) => {
+    const socket = createConnection(socketPath);
+    let settled = false;
+    const settle = (fn) => {
+      if (!settled) {
+        settled = true;
+        fn();
+      }
+    };
+    const timer = setTimeout(() => {
+      socket.destroy();
+      settle(() => reject(new Error("Daemon request timeout")));
+    }, 5e3);
+    socket.on("connect", () => {
+      socket.write(`${JSON.stringify(request)}
+`);
+    });
+    let buffer = "";
+    socket.on("data", (data) => {
+      buffer += data.toString();
+      const newlineIdx = buffer.indexOf("\n");
+      if (newlineIdx === -1) return;
+      const line = buffer.slice(0, newlineIdx);
+      buffer = buffer.slice(newlineIdx + 1);
+      try {
+        const response = JSON.parse(line);
+        clearTimeout(timer);
+        socket.end();
+        settle(() => resolve4(response));
+      } catch {
+        clearTimeout(timer);
+        socket.end();
+        settle(() => reject(new Error("Invalid response from daemon")));
+      }
+    });
+    socket.on("error", (err) => {
+      clearTimeout(timer);
+      settle(() => reject(err));
+    });
+    socket.on("close", () => {
+      clearTimeout(timer);
+    });
+  });
+}
+function isDaemonValid(serverName, config) {
+  const socketPath = getSocketPath();
+  const pidInfo = readPidFile(serverName);
+  if (!pidInfo) {
+    debug(`[daemon-client] No PID file for ${serverName}`);
+    return false;
+  }
+  if (!isProcessRunning(pidInfo.pid)) {
+    debug(`[daemon-client] Process ${pidInfo.pid} not running, cleaning up`);
+    removePidFile(serverName);
+    removeSocketFile(serverName);
+    return false;
+  }
+  const currentHash = getConfigHash(config);
+  if (pidInfo.configHash !== currentHash) {
+    debug(
+      `[daemon-client] Config hash mismatch for ${serverName}, killing old daemon`
+    );
+    killProcess(pidInfo.pid);
+    removePidFile(serverName);
+    removeSocketFile(serverName);
+    return false;
+  }
+  if (!existsSync3(socketPath)) {
+    debug(`[daemon-client] Socket missing for ${serverName}, cleaning up`);
+    killProcess(pidInfo.pid);
+    removePidFile(serverName);
+    return false;
+  }
+  return true;
+}
+async function spawnDaemon(serverName, config) {
+  debug(`[daemon-client] Spawning daemon for ${serverName}`);
+  const __dirname = join2(fileURLToPath(import.meta.url), "..");
+  const daemonScript = join2(__dirname, "daemon.js");
+  const configJson = JSON.stringify(config);
+  const proc = spawn(
+    "node",
+    [daemonScript, "--daemon", serverName, configJson],
+    {
+      stdio: "ignore",
+      env: { ...process.env, MCP_NO_OAUTH: "1" },
+      detached: true
+    }
+  );
+  proc.unref();
+  const readyPath = getReadyPath();
+  const pollIntervalMs = 100;
+  const timeoutMs = 1e4;
+  const deadline = Date.now() + timeoutMs;
+  while (Date.now() < deadline) {
+    if (existsSync3(readyPath)) {
+      debug(`[daemon-client] Daemon ready for ${serverName}`);
+      return true;
+    }
+    if (proc.pid === void 0 || !isProcessRunning(proc.pid)) {
+      debug(`[daemon-client] Daemon process exited early for ${serverName}`);
+      return false;
+    }
+    await new Promise((r) => setTimeout(r, pollIntervalMs));
+  }
+  debug(`[daemon-client] Daemon spawn timeout for ${serverName}`);
+  return false;
+}
+async function getDaemonConnection(serverName, config) {
+  const socketPath = getSocketPath();
+  if (!isDaemonValid(serverName, config)) {
+    const spawned = await spawnDaemon(serverName, config);
+    if (!spawned) {
+      debug(`[daemon-client] Failed to spawn daemon for ${serverName}`);
+      return null;
+    }
+    await new Promise((r) => setTimeout(r, 100));
+  }
+  if (!existsSync3(socketPath)) {
+    debug(`[daemon-client] Socket not found after spawn for ${serverName}`);
+    return null;
+  }
+  try {
+    const pingResponse = await sendRequest(socketPath, {
+      id: generateRequestId(),
+      type: "ping"
+    });
+    if (!pingResponse.success) {
+      debug(`[daemon-client] Ping failed for ${serverName}`);
+      return null;
+    }
+  } catch (error) {
+    debug(
+      `[daemon-client] Connection test failed for ${serverName}: ${error.message}`
+    );
+    return null;
+  }
+  debug(`[daemon-client] Connected to daemon for ${serverName}`);
+  return {
+    serverName,
+    async listTools() {
+      const response = await sendRequest(socketPath, {
+        id: generateRequestId(),
+        type: "listTools"
+      });
+      if (!response.success) {
+        throw new Error(response.error?.message ?? "listTools failed");
+      }
+      return response.data;
+    },
+    async callTool(toolName, args) {
+      const response = await sendRequest(socketPath, {
+        id: generateRequestId(),
+        type: "callTool",
+        toolName,
+        args
+      });
+      if (!response.success) {
+        throw new Error(response.error?.message ?? "callTool failed");
+      }
+      return response.data;
+    },
+    async getInstructions() {
+      const response = await sendRequest(socketPath, {
+        id: generateRequestId(),
+        type: "getInstructions"
+      });
+      if (!response.success) {
+        throw new Error(response.error?.message ?? "getInstructions failed");
+      }
+      return response.data;
+    },
+    async close() {
+      debug(`[daemon-client] Disconnecting from ${serverName} daemon`);
+    }
+  };
+}
+async function cleanupOrphanedDaemons() {
+  const socketDir = getSocketDir();
+  if (!existsSync3(socketDir)) {
+    return;
+  }
+  try {
+    const files = readdirSync(socketDir).filter((f) => f.endsWith(".pid"));
+    for (const file of files) {
+      const serverName = file.replace(".pid", "");
+      const pidInfo = readPidFile(serverName);
+      if (pidInfo && !isProcessRunning(pidInfo.pid)) {
+        debug(`[daemon-client] Cleaning up orphaned daemon: ${serverName}`);
+        removePidFile(serverName);
+        removeSocketFile(serverName);
+        removeReadyFile(serverName);
+      }
+    }
+  } catch {
+  }
+}
+
+// src/version.ts
+var VERSION = "0.0.9";
+
+// src/client.ts
+function getRetryConfig() {
+  const totalBudgetMs = getTimeoutMs();
+  const maxRetries = getMaxRetries();
+  const baseDelayMs = getRetryDelayMs();
+  const retryBudgetMs = Math.max(0, totalBudgetMs - 5e3);
+  return {
+    maxRetries,
+    baseDelayMs,
+    maxDelayMs: Math.min(1e4, retryBudgetMs / 2),
+    totalBudgetMs
+  };
+}
+function isTransientError(error) {
+  const nodeError = error;
+  if (nodeError.code) {
+    const transientCodes = [
+      "ECONNREFUSED",
+      "ECONNRESET",
+      "ETIMEDOUT",
+      "ENOTFOUND",
+      "EPIPE",
+      "ENETUNREACH",
+      "EHOSTUNREACH",
+      "EAI_AGAIN"
+    ];
+    if (transientCodes.includes(nodeError.code)) {
+      return true;
+    }
+  }
+  const message = error.message;
+  if (/^(502|503|504|429)\b/.test(message)) return true;
+  if (/\b(http|status(\s+code)?)\s*(502|503|504|429)\b/i.test(message))
+    return true;
+  if (/\b(502|503|504|429)\s+(bad gateway|service unavailable|gateway timeout|too many requests)/i.test(
+    message
+  ))
+    return true;
+  if (/network\s*(error|fail|unavailable|timeout)/i.test(message)) return true;
+  if (/connection\s*(reset|refused|timeout)/i.test(message)) return true;
+  if (/\btimeout\b/i.test(message)) return true;
+  return false;
+}
+function calculateDelay(attempt, config) {
+  const exponentialDelay = config.baseDelayMs * 2 ** attempt;
+  const cappedDelay = Math.min(exponentialDelay, config.maxDelayMs);
+  const jitter = cappedDelay * 0.25 * (Math.random() * 2 - 1);
+  return Math.round(cappedDelay + jitter);
+}
+function sleep(ms) {
+  return new Promise((resolve4) => setTimeout(resolve4, ms));
+}
+async function withRetry(fn, operationName, config = getRetryConfig()) {
+  let lastError;
+  const startTime = Date.now();
+  for (let attempt = 0; attempt <= config.maxRetries; attempt++) {
+    const elapsed = Date.now() - startTime;
+    if (elapsed >= config.totalBudgetMs) {
+      debug(`${operationName}: timeout budget exhausted after ${elapsed}ms`);
+      break;
+    }
+    try {
+      return await fn();
+    } catch (error) {
+      lastError = error;
+      const remainingBudget = config.totalBudgetMs - (Date.now() - startTime);
+      const shouldRetry = attempt < config.maxRetries && isTransientError(lastError) && remainingBudget > 1e3;
+      if (shouldRetry) {
+        const delay = Math.min(
+          calculateDelay(attempt, config),
+          remainingBudget - 1e3
+        );
+        debug(
+          `${operationName} failed (attempt ${attempt + 1}/${config.maxRetries + 1}): ${lastError.message}. Retrying in ${delay}ms...`
+        );
+        await sleep(delay);
+      } else {
+        throw lastError;
+      }
+    }
+  }
+  throw lastError;
+}
+async function safeClose(close) {
+  try {
+    await close();
+  } catch (err) {
+    debug(`Failed to close connection: ${err.message}`);
+  }
+}
+async function connectToServer(serverName, config) {
+  if (isHttpServer(config)) {
+    return connectToHttpServer(serverName, config);
+  }
+  const stderrChunks = [];
+  return withRetry(async () => {
+    const client = new Client(
+      {
+        name: "mcp-s-cli",
+        version: VERSION
+      },
+      {
+        capabilities: {}
+      }
+    );
+    const transport = createStdioTransport(config);
+    const stderrStream = transport.stderr;
+    if (stderrStream) {
+      stderrStream.on("data", (chunk) => {
+        const text2 = chunk.toString();
+        stderrChunks.push(text2);
+        process.stderr.write(`[${serverName}] ${text2}`);
+      });
+    }
+    try {
+      await client.connect(transport);
+    } catch (error) {
+      const stderrOutput = stderrChunks.join("").trim();
+      if (stderrOutput) {
+        const err = error;
+        err.message = `${err.message}
+
+Server stderr:
+${stderrOutput}`;
+      }
+      throw error;
+    }
+    const stderrStream2 = transport.stderr;
+    if (stderrStream2) {
+      stderrStream2.on("data", (chunk) => {
+        process.stderr.write(chunk);
+      });
+    }
+    return {
+      client,
+      close: async () => {
+        await client.close();
+      }
+    };
+  }, `connect to ${serverName}`);
+}
+async function connectToHttpServer(serverName, config) {
+  const oauthEnabled = process.env.MCP_NO_OAUTH !== "1";
+  return withRetry(async () => {
+    const configuredAuth = config.headers?.Authorization || config.headers?.authorization;
+    let headers = { ...config.headers };
+    if (!configuredAuth) {
+      const stored = await getStoredTokens(config.url);
+      if (stored) {
+        headers = {
+          ...headers,
+          Authorization: `Bearer ${stored.access_token}`
+        };
+      }
+    }
+    return attemptHttpConnect(serverName, config, headers, oauthEnabled);
+  }, `connect to ${serverName}`);
+}
+async function attemptHttpConnect(serverName, config, headers, oauthEnabled = true) {
+  const hasAuth = Boolean(headers.Authorization || headers.authorization);
+  let effectiveHeaders = headers;
+  let oauthAlreadyRan = false;
+  if (oauthEnabled && !hasAuth) {
+    const probeTokens = await probeAndOAuth(serverName, config, headers);
+    if (probeTokens) {
+      effectiveHeaders = {
+        ...headers,
+        Authorization: `Bearer ${probeTokens.access_token}`
+      };
+      oauthAlreadyRan = true;
+    }
+  }
+  const client = new Client(
+    { name: "mcp-s-cli", version: VERSION },
+    { capabilities: {} }
+  );
+  const transport = new StreamableHTTPClientTransport(new URL(config.url), {
+    requestInit: { headers: effectiveHeaders }
+  });
+  try {
+    await client.connect(transport);
+    return {
+      client,
+      close: async () => {
+        await client.close();
+      }
+    };
+  } catch (connectError) {
+    if (oauthAlreadyRan) {
+      throw connectError;
+    }
+    const errMsg = connectError.message ?? "";
+    const isAuthError = errMsg.includes("401") || errMsg.toLowerCase().includes("unauthorized") || errMsg.includes("invalid_token") || errMsg.toLowerCase().includes("missing authorization") || errMsg.toLowerCase().includes("authentication") || errMsg.toLowerCase().includes("access denied");
+    if (!isAuthError || !oauthEnabled) {
+      throw connectError;
+    }
+    debug(`Auth error from ${serverName}, probing for OAuth metadata`);
+    const retryTokens = await probeAndOAuth(
+      serverName,
+      config,
+      effectiveHeaders,
+      true
+    );
+    if (!retryTokens) {
+      throw connectError;
+    }
+    const newHeaders = {
+      ...effectiveHeaders,
+      Authorization: `Bearer ${retryTokens.access_token}`
+    };
+    const newClient = new Client(
+      { name: "mcp-s-cli", version: VERSION },
+      { capabilities: {} }
+    );
+    const newTransport = new StreamableHTTPClientTransport(
+      new URL(config.url),
+      { requestInit: { headers: newHeaders } }
+    );
+    await newClient.connect(newTransport);
+    return {
+      client: newClient,
+      close: async () => {
+        await newClient.close();
+      }
+    };
+  }
+}
+async function probeAndOAuth(serverName, config, _headers, force = false) {
+  debug(`Probing ${serverName} for OAuth metadata`);
+  let probeResponse;
+  try {
+    probeResponse = await fetch(config.url, {
+      signal: AbortSignal.timeout(1e4)
+    });
+  } catch {
+    return null;
+  }
+  if (!force && probeResponse.status !== 401) {
+    return null;
+  }
+  const wwwAuth = probeResponse.headers.get("WWW-Authenticate");
+  if (!wwwAuth) {
+    return null;
+  }
+  const challenge = parseWWWAuthenticateHeader(wwwAuth);
+  if (!challenge.resource_metadata) {
+    return null;
+  }
+  const resourceMetadata = await fetchProtectedResourceMetadata(
+    challenge.resource_metadata
+  );
+  if (!resourceMetadata?.authorization_servers?.[0]) {
+    return null;
+  }
+  const newTokens = await performOAuthFlow(
+    resourceMetadata.authorization_servers[0],
+    resourceMetadata.resource
+  );
+  if (newTokens) {
+    await storeTokens(config.url, newTokens);
+  }
+  return newTokens;
+}
+function createStdioTransport(config) {
+  const mergedEnv = {};
+  for (const [key, value] of Object.entries(process.env)) {
+    if (value !== void 0) {
+      mergedEnv[key] = value;
+    }
+  }
+  if (config.env) {
+    Object.assign(mergedEnv, config.env);
+  }
+  return new StdioClientTransport({
+    command: config.command,
+    args: config.args,
+    env: mergedEnv,
+    cwd: config.cwd,
+    stderr: "pipe"
+    // Capture stderr for better error messages
+  });
+}
+async function listTools(client) {
+  return withRetry(async () => {
+    const result = await client.listTools();
+    return result.tools.map((tool) => ({
+      name: tool.name,
+      description: tool.description,
+      inputSchema: tool.inputSchema
+    }));
+  }, "list tools");
+}
+async function callTool(client, toolName, args) {
+  return withRetry(async () => {
+    const result = await client.callTool(
+      {
+        name: toolName,
+        arguments: args
+      },
+      void 0,
+      { timeout: getTimeoutMs() }
+    );
+    return result;
+  }, `call tool ${toolName}`);
+}
+async function getConnection(serverName, config) {
+  await cleanupOrphanedDaemons();
+  if (isDaemonEnabled()) {
+    try {
+      const daemonConn = await getDaemonConnection(serverName, config);
+      if (daemonConn) {
+        debug(`Using daemon connection for ${serverName}`);
+        return {
+          async listTools() {
+            const data = await daemonConn.listTools();
+            const tools = data;
+            return filterTools(tools, config);
+          },
+          async callTool(toolName, args) {
+            if (!isToolAllowed(toolName, config)) {
+              throw new Error(
+                `Tool "${toolName}" is disabled by configuration`
+              );
+            }
+            return daemonConn.callTool(toolName, args);
+          },
+          async getInstructions() {
+            return daemonConn.getInstructions();
+          },
+          async close() {
+            await daemonConn.close();
+          },
+          isDaemon: true
+        };
+      }
+    } catch (err) {
+      debug(
+        `Daemon connection failed for ${serverName}: ${err.message}, falling back to direct`
+      );
+    }
+  }
+  debug(`Using direct connection for ${serverName}`);
+  const { client, close } = await connectToServer(serverName, config);
+  return {
+    async listTools() {
+      const tools = await listTools(client);
+      return filterTools(tools, config);
+    },
+    async callTool(toolName, args) {
+      if (!isToolAllowed(toolName, config)) {
+        throw new Error(`Tool "${toolName}" is disabled by configuration`);
+      }
+      return callTool(client, toolName, args);
+    },
+    async getInstructions() {
+      return client.getInstructions();
+    },
+    async close() {
+      await close();
+    },
+    isDaemon: false
+  };
+}
+
+// src/output.ts
+var colors = {
+  reset: "\x1B[0m",
+  bold: "\x1B[1m",
+  dim: "\x1B[2m",
+  cyan: "\x1B[36m",
+  green: "\x1B[32m",
+  yellow: "\x1B[33m",
+  blue: "\x1B[34m",
+  magenta: "\x1B[35m"
+};
+function shouldColorize() {
+  return process.stdout.isTTY && !process.env.NO_COLOR;
+}
+function color(text2, colorCode) {
+  if (!shouldColorize()) return text2;
+  return `${colorCode}${text2}${colors.reset}`;
+}
+function formatServerList(servers, withDescriptions) {
+  const lines = [];
+  for (const server of servers) {
+    lines.push(color(server.name, colors.bold + colors.cyan));
+    if (server.instructions) {
+      const instructionLines = server.instructions.split("\n");
+      const firstLine = instructionLines[0].slice(0, 100);
+      const suffix = instructionLines.length > 1 || instructionLines[0].length > 100 ? "..." : "";
+      lines.push(
+        `  ${color(`Instructions: ${firstLine}${suffix}`, colors.dim)}`
+      );
+    }
+    for (const tool of server.tools) {
+      if (withDescriptions && tool.description) {
+        lines.push(`  \u2022 ${tool.name} - ${color(tool.description, colors.dim)}`);
+      } else {
+        lines.push(`  \u2022 ${tool.name}`);
+      }
+    }
+    lines.push("");
+  }
+  return lines.join("\n").trimEnd();
+}
+function formatSearchResults(results, withDescriptions) {
+  const lines = [];
+  for (const result of results) {
+    const server = color(result.server, colors.cyan);
+    const tool = color(result.tool.name, colors.green);
+    if (withDescriptions && result.tool.description) {
+      lines.push(
+        `${server} ${tool} ${color(result.tool.description, colors.dim)}`
+      );
+    } else {
+      lines.push(`${server} ${tool}`);
+    }
+  }
+  return lines.join("\n");
+}
+function formatServerDetails(serverName, config, tools, withDescriptions = false, instructions) {
+  const lines = [];
+  lines.push(
+    `${color("Server:", colors.bold)} ${color(serverName, colors.cyan)}`
+  );
+  if (isHttpServer(config)) {
+    lines.push(`${color("Transport:", colors.bold)} HTTP`);
+    lines.push(`${color("URL:", colors.bold)} ${config.url}`);
+  } else {
+    lines.push(`${color("Transport:", colors.bold)} stdio`);
+    lines.push(
+      `${color("Command:", colors.bold)} ${config.command} ${(config.args || []).join(" ")}`
+    );
+  }
+  if (instructions) {
+    lines.push("");
+    lines.push(`${color("Instructions:", colors.bold)}`);
+    const indentedInstructions = instructions.split("\n").map((line) => `  ${line}`).join("\n");
+    lines.push(indentedInstructions);
+  }
+  lines.push("");
+  lines.push(`${color(`Tools (${tools.length}):`, colors.bold)}`);
+  for (const tool of tools) {
+    lines.push(`  ${color(tool.name, colors.green)}`);
+    if (withDescriptions && tool.description) {
+      lines.push(`    ${color(tool.description, colors.dim)}`);
+    }
+    const schema = tool.inputSchema;
+    if (schema.properties) {
+      lines.push(`    ${color("Parameters:", colors.yellow)}`);
+      for (const [name, prop] of Object.entries(schema.properties)) {
+        const required = schema.required?.includes(name) ? "required" : "optional";
+        const type = prop.type || "any";
+        const desc = withDescriptions && prop.description ? ` - ${prop.description}` : "";
+        lines.push(`      \u2022 ${name} (${type}, ${required})${desc}`);
+      }
+    }
+    lines.push("");
+  }
+  return lines.join("\n").trimEnd();
+}
+function formatToolSchema(serverName, tool) {
+  const lines = [];
+  lines.push(
+    `${color("Tool:", colors.bold)} ${color(tool.name, colors.green)}`
+  );
+  lines.push(
+    `${color("Server:", colors.bold)} ${color(serverName, colors.cyan)}`
+  );
+  lines.push("");
+  if (tool.description) {
+    lines.push(`${color("Description:", colors.bold)}`);
+    lines.push(`  ${tool.description}`);
+    lines.push("");
+  }
+  lines.push(`${color("Input Schema:", colors.bold)}`);
+  lines.push(JSON.stringify(tool.inputSchema, null, 2));
+  return lines.join("\n");
+}
+function formatToolResult(result) {
+  if (typeof result === "object" && result !== null) {
+    const r = result;
+    if (r.content && Array.isArray(r.content)) {
+      const textParts = r.content.filter((c2) => c2.type === "text" && c2.text).map((c2) => c2.text);
+      if (textParts.length > 0) {
+        return textParts.join("\n");
+      }
+    }
+  }
+  return JSON.stringify(result, null, 2);
+}
+
+// src/commands/call.ts
+async function parseArgs(argsString) {
+  let jsonString;
+  if (argsString) {
+    jsonString = argsString;
+  } else if (!process.stdin.isTTY) {
+    const timeoutMs = getTimeoutMs();
+    const chunks = [];
+    let timeoutId;
+    const readPromise = (async () => {
+      for await (const chunk of process.stdin) {
+        chunks.push(chunk);
+      }
+      return Buffer.concat(chunks).toString("utf-8").trim();
+    })();
+    const timeoutPromise = new Promise((_, reject) => {
+      timeoutId = setTimeout(
+        () => reject(new Error(`stdin read timed out after ${timeoutMs}ms`)),
+        timeoutMs
+      );
+    });
+    try {
+      jsonString = await Promise.race([readPromise, timeoutPromise]);
+    } finally {
+      if (timeoutId) clearTimeout(timeoutId);
+    }
+  } else {
+    return {};
+  }
+  if (!jsonString) {
+    return {};
+  }
+  try {
+    return JSON.parse(jsonString);
+  } catch (e) {
+    throw new Error(
+      formatCliError(invalidJsonArgsError(jsonString, e.message))
+    );
+  }
+}
+async function callCommand(options) {
+  let loaded;
+  try {
+    loaded = await loadConfig(options.configPath);
+  } catch (error) {
+    console.error(error.message);
+    process.exit(1 /* CLIENT_ERROR */);
+  }
+  const { serverConfig } = loaded;
+  const serverLabel = "server";
+  if (options.args !== void 0) {
+    try {
+      await parseArgs(options.args);
+    } catch (error) {
+      console.error(error.message);
+      process.exit(1 /* CLIENT_ERROR */);
+    }
+  }
+  let args;
+  try {
+    args = await parseArgs(options.args);
+  } catch (error) {
+    console.error(error.message);
+    process.exit(1 /* CLIENT_ERROR */);
+  }
+  let connection;
+  try {
+    connection = await getConnection(serverLabel, serverConfig);
+  } catch (error) {
+    console.error(
+      formatCliError(
+        serverConnectionError(serverLabel, error.message)
+      )
+    );
+    process.exit(3 /* NETWORK_ERROR */);
+  }
+  try {
+    const result = await connection.callTool(options.tool, args);
+    console.log(formatToolResult(result));
+  } catch (error) {
+    let availableTools;
+    try {
+      const tools = await connection.listTools();
+      availableTools = tools.map((t) => t.name);
+    } catch {
+    }
+    const errMsg = error.message;
+    if (errMsg.includes("not found") || errMsg.includes("unknown tool")) {
+      console.error(
+        formatCliError(
+          toolNotFoundError(options.tool, serverLabel, availableTools)
+        )
+      );
+    } else {
+      console.error(
+        formatCliError(toolExecutionError(options.tool, serverLabel, errMsg))
+      );
+    }
+    process.exit(2 /* SERVER_ERROR */);
+  } finally {
+    await safeClose(connection.close);
+  }
+}
+
+// src/commands/clear.ts
+import { existsSync as existsSync4, mkdirSync as mkdirSync2, rmSync, writeFileSync as writeFileSync2 } from "fs";
+import { homedir as homedir2 } from "os";
+import { dirname as dirname2, join as join3 } from "path";
+var GLOBAL_CONFIG_PATH = join3(
+  homedir2(),
+  ".config",
+  "mcp-s-cli",
+  "config.json"
+);
+var AUTH_PATH = join3(homedir2(), ".config", "mcp-s-cli", "auth.json");
+async function clearCommand() {
+  mkdirSync2(dirname2(GLOBAL_CONFIG_PATH), { recursive: true });
+  writeFileSync2(
+    GLOBAL_CONFIG_PATH,
+    `${JSON.stringify({}, null, 2)}
+`,
+    "utf-8"
+  );
+  console.log(`Cleared server config at ${GLOBAL_CONFIG_PATH}`);
+}
+async function clearAuthCommand() {
+  mkdirSync2(dirname2(AUTH_PATH), { recursive: true });
+  writeFileSync2(AUTH_PATH, `${JSON.stringify({}, null, 2)}
+`, "utf-8");
+  console.log(`Cleared auth data from ${AUTH_PATH}`);
+}
+var HISTORY_PATH = join3(homedir2(), ".config", "mcp-s-cli", "history.jsonl");
+function clearHistoryCommand() {
+  if (!existsSync4(HISTORY_PATH)) {
+    console.log("No history file found.");
+    return;
+  }
+  rmSync(HISTORY_PATH);
+  console.log(`Cleared history from ${HISTORY_PATH}`);
+}
+
+// src/commands/grep.ts
+function globToRegex(pattern) {
+  let escaped = "";
+  let i = 0;
+  while (i < pattern.length) {
+    const char = pattern[i];
+    if (char === "*" && pattern[i + 1] === "*") {
+      escaped += ".*";
+      i += 2;
+      while (pattern[i] === "*") {
+        i++;
+      }
+    } else if (char === "*") {
+      escaped += "[^/]*";
+      i += 1;
+    } else if (char === "?") {
+      escaped += "[^/]";
+      i += 1;
+    } else if ("[.+^${}()|\\]".includes(char)) {
+      escaped += `\\${char}`;
+      i += 1;
+    } else {
+      escaped += char;
+      i += 1;
+    }
+  }
+  return new RegExp(`^${escaped}$`, "i");
+}
+async function grepCommand(options) {
+  let loaded;
+  try {
+    loaded = await loadConfig(options.configPath);
+  } catch (error) {
+    console.error(error.message);
+    process.exit(1 /* CLIENT_ERROR */);
+  }
+  const { serverConfig } = loaded;
+  const serverLabel = "server";
+  const pattern = globToRegex(options.pattern);
+  debug(`Searching for pattern "${options.pattern}"`);
+  let connection = null;
+  const allResults = [];
+  let searchError;
+  try {
+    connection = await getConnection(serverLabel, serverConfig);
+    const tools = await connection.listTools();
+    for (const tool of tools) {
+      if (pattern.test(tool.name)) {
+        allResults.push({ server: serverLabel, tool });
+      }
+    }
+    debug(`found ${allResults.length} matches`);
+  } catch (error) {
+    searchError = error.message;
+    debug(`connection failed - ${searchError}`);
+  } finally {
+    if (connection) {
+      await safeClose(connection.close);
+    }
+  }
+  if (searchError) {
+    console.error(`Warning: Failed to connect to server: ${searchError}`);
+  }
+  if (allResults.length === 0) {
+    console.log(`No tools found matching "${options.pattern}"`);
+    console.log("  Tip: Pattern matches tool names only");
+    console.log(`  Tip: Use '*' for wildcards, e.g. '*file*' or 'read_*'`);
+    console.log(`  Tip: Run 'mcp-s-cli' to list all available tools`);
+    return;
+  }
+  console.log(formatSearchResults(allResults, options.withDescriptions));
+}
+
+// src/commands/info.ts
+async function infoCommand(options) {
+  let loaded;
+  try {
+    loaded = await loadConfig(options.configPath);
+  } catch (error) {
+    console.error(error.message);
+    process.exit(1 /* CLIENT_ERROR */);
+  }
+  const { serverConfig } = loaded;
+  const serverLabel = "server";
+  let connection;
+  try {
+    connection = await getConnection(serverLabel, serverConfig);
+  } catch (error) {
+    console.error(
+      formatCliError(
+        serverConnectionError(serverLabel, error.message)
+      )
+    );
+    process.exit(3 /* NETWORK_ERROR */);
+  }
+  try {
+    if (options.tool) {
+      const tools = await connection.listTools();
+      const tool = tools.find((t) => t.name === options.tool);
+      if (!tool) {
+        const availableTools = tools.map((t) => t.name);
+        console.error(
+          formatCliError(
+            toolNotFoundError(options.tool, serverLabel, availableTools)
+          )
+        );
+        process.exit(1 /* CLIENT_ERROR */);
+      }
+      console.log(formatToolSchema(serverLabel, tool));
+    } else {
+      const tools = await connection.listTools();
+      const instructions = await connection.getInstructions();
+      console.log(
+        formatServerDetails(
+          serverLabel,
+          serverConfig,
+          tools,
+          options.withDescriptions,
+          instructions
+        )
+      );
+    }
+  } finally {
+    await safeClose(connection.close);
+  }
+}
+
+// src/commands/init.ts
+import { mkdirSync as mkdirSync4, writeFileSync as writeFileSync4 } from "fs";
+import { homedir as homedir4 } from "os";
+import { dirname as dirname4, join as join5 } from "path";
+import * as readline from "readline";
+
+// src/commands/install-skill.ts
+import {
+  existsSync as existsSync5,
+  lstatSync,
+  mkdirSync as mkdirSync3,
+  readFileSync as readFileSync3,
+  readlinkSync,
+  rmSync as rmSync2,
+  symlinkSync,
+  writeFileSync as writeFileSync3
+} from "fs";
+import { homedir as homedir3, platform } from "os";
+import { dirname as dirname3, join as join4, normalize, relative, resolve as resolve2, sep } from "path";
+import { fileURLToPath as fileURLToPath2 } from "url";
+var home = homedir3();
+var AGENTS = {
+  cursor: {
+    displayName: "Cursor",
+    globalSkillsDir: join4(home, ".cursor", "skills"),
+    detect: () => existsSync5(join4(home, ".cursor"))
+  },
+  codex: {
+    displayName: "Codex",
+    globalSkillsDir: join4(
+      process.env.CODEX_HOME?.trim() || join4(home, ".codex"),
+      "skills"
+    ),
+    detect: () => existsSync5(process.env.CODEX_HOME?.trim() || join4(home, ".codex")) || existsSync5("/etc/codex")
+  },
+  "claude-code": {
+    displayName: "Claude Code",
+    globalSkillsDir: join4(
+      process.env.CLAUDE_CONFIG_DIR?.trim() || join4(home, ".claude"),
+      "skills"
+    ),
+    detect: () => existsSync5(
+      process.env.CLAUDE_CONFIG_DIR?.trim() || join4(home, ".claude")
+    )
+  },
+  windsurf: {
+    displayName: "Windsurf",
+    globalSkillsDir: join4(home, ".codeium", "windsurf", "skills"),
+    detect: () => existsSync5(join4(home, ".codeium", "windsurf"))
+  },
+  "github-copilot": {
+    displayName: "GitHub Copilot",
+    globalSkillsDir: join4(home, ".copilot", "skills"),
+    detect: () => existsSync5(join4(home, ".copilot"))
+  },
+  cline: {
+    displayName: "Cline",
+    globalSkillsDir: join4(home, ".cline", "skills"),
+    detect: () => existsSync5(join4(home, ".cline"))
+  },
+  roo: {
+    displayName: "Roo Code",
+    globalSkillsDir: join4(home, ".roo", "skills"),
+    detect: () => existsSync5(join4(home, ".roo"))
+  },
+  continue: {
+    displayName: "Continue",
+    globalSkillsDir: join4(home, ".continue", "skills"),
+    detect: () => existsSync5(join4(home, ".continue")) || existsSync5(join4(process.cwd(), ".continue"))
+  }
+};
+function getCanonicalSkillDir(skillName) {
+  return join4(home, ".agents", "skills", skillName);
+}
+function getCanonicalSkillPath() {
+  return getCanonicalSkillDir(SKILL_NAME);
+}
+function isPathSafe(base, target) {
+  const normalizedBase = normalize(resolve2(base));
+  const normalizedTarget = normalize(resolve2(target));
+  return normalizedTarget.startsWith(normalizedBase + sep) || normalizedTarget === normalizedBase;
+}
+function createSymlinkSync(target, linkPath) {
+  try {
+    const resolvedTarget = resolve2(target);
+    const resolvedLinkPath = resolve2(linkPath);
+    if (resolvedTarget === resolvedLinkPath) return true;
+    try {
+      const stats = lstatSync(linkPath);
+      if (stats.isSymbolicLink()) {
+        const existing = readlinkSync(linkPath);
+        const resolvedExisting = resolve2(dirname3(linkPath), existing);
+        if (resolvedExisting === resolvedTarget) return true;
+        rmSync2(linkPath);
+      } else {
+        rmSync2(linkPath, { recursive: true });
+      }
+    } catch (err) {
+      if (err && typeof err === "object" && "code" in err && err.code === "ELOOP") {
+        try {
+          rmSync2(linkPath, { force: true });
+        } catch {
+        }
+      }
+    }
+    const linkDir = dirname3(linkPath);
+    mkdirSync3(linkDir, { recursive: true });
+    const relativePath = relative(linkDir, target);
+    symlinkSync(
+      relativePath,
+      linkPath,
+      platform() === "win32" ? "junction" : void 0
+    );
+    return true;
+  } catch {
+    return false;
+  }
+}
+var SKILL_NAME = "mcp-s-cli";
+function getSkillMdContent() {
+  const __filename = fileURLToPath2(import.meta.url);
+  const __dirname = dirname3(__filename);
+  const candidates = [
+    join4(__dirname, "SKILL.md"),
+    join4(__dirname, "..", "SKILL.md"),
+    join4(__dirname, "..", "..", "SKILL.md")
+  ];
+  for (const candidate of candidates) {
+    if (existsSync5(candidate)) {
+      return readFileSync3(candidate, "utf-8");
+    }
+  }
+  throw new Error(
+    "Could not locate SKILL.md. Make sure to build the project first."
+  );
+}
+function installSkill() {
+  const content = getSkillMdContent();
+  const canonicalDir = getCanonicalSkillDir(SKILL_NAME);
+  if (!isPathSafe(join4(home, ".agents", "skills"), canonicalDir)) {
+    throw new Error("Invalid skill name: potential path traversal detected");
+  }
+  rmSync2(canonicalDir, { recursive: true, force: true });
+  mkdirSync3(canonicalDir, { recursive: true });
+  writeFileSync3(join4(canonicalDir, "SKILL.md"), content, "utf-8");
+  const result = {
+    installed: [],
+    skipped: [],
+    failed: [],
+    canonicalPath: canonicalDir
+  };
+  for (const [agentName, agent] of Object.entries(AGENTS)) {
+    if (!agent.detect()) {
+      result.skipped.push(agentName);
+      continue;
+    }
+    const agentSkillDir = join4(agent.globalSkillsDir, SKILL_NAME);
+    if (!isPathSafe(agent.globalSkillsDir, agentSkillDir)) {
+      result.failed.push({
+        agent: agentName,
+        error: "Path traversal detected"
+      });
+      continue;
+    }
+    try {
+      const symlinkOk = createSymlinkSync(canonicalDir, agentSkillDir);
+      if (!symlinkOk) {
+        rmSync2(agentSkillDir, { recursive: true, force: true });
+        mkdirSync3(agentSkillDir, { recursive: true });
+        writeFileSync3(join4(agentSkillDir, "SKILL.md"), content, "utf-8");
+      }
+      result.installed.push(agentName);
+    } catch (err) {
+      result.failed.push({
+        agent: agentName,
+        error: err instanceof Error ? err.message : String(err)
+      });
+    }
+  }
+  return result;
+}
+function clearSkill() {
+  const result = {
+    removed: [],
+    skipped: [],
+    failed: [],
+    canonicalRemoved: false
+  };
+  for (const [agentName, agent] of Object.entries(AGENTS)) {
+    const agentSkillDir = join4(agent.globalSkillsDir, SKILL_NAME);
+    if (!existsSync5(agentSkillDir)) {
+      result.skipped.push(agentName);
+      continue;
+    }
+    try {
+      rmSync2(agentSkillDir, { recursive: true, force: true });
+      result.removed.push(agentName);
+    } catch (err) {
+      result.failed.push({
+        agent: agentName,
+        error: err instanceof Error ? err.message : String(err)
+      });
+    }
+  }
+  const canonicalDir = getCanonicalSkillDir(SKILL_NAME);
+  if (existsSync5(canonicalDir)) {
+    try {
+      rmSync2(canonicalDir, { recursive: true, force: true });
+      result.canonicalRemoved = true;
+    } catch {
+    }
+  }
+  return result;
+}
+function getSkillInstallInfo() {
+  return Object.entries(AGENTS).filter(([, agent]) => agent.detect()).map(([agentName, agent]) => {
+    const agentSkillDir = join4(agent.globalSkillsDir, SKILL_NAME);
+    return {
+      agent: agentName,
+      displayName: agent.displayName,
+      path: agentSkillDir,
+      installed: existsSync5(join4(agentSkillDir, "SKILL.md"))
+    };
+  });
+}
+
+// src/commands/login.ts
+async function loginCommand(options) {
+  const { configPath } = options;
+  const { serverConfig } = await loadConfig(configPath);
+  if (!isHttpServer(serverConfig)) {
+    throw new Error(
+      "Current server is a stdio server. OAuth login is only supported for HTTP servers."
+    );
+  }
+  const resourceMetadataUrl = `${new URL(serverConfig.url).origin}/.well-known/oauth-protected-resource`;
+  const resourceMetadata = await fetchProtectedResourceMetadata(resourceMetadataUrl);
+  if (!resourceMetadata?.authorization_servers?.[0]) {
+    throw new Error(
+      `Server does not appear to support OAuth (no authorization server found at ${resourceMetadataUrl}).`
+    );
+  }
+  const authServerUrl = resourceMetadata.authorization_servers[0];
+  const resourceUrl = resourceMetadata.resource;
+  console.error(`Logging in to ${serverConfig.url}...`);
+  const tokens = await performOAuthFlow(authServerUrl, resourceUrl);
+  if (!tokens) {
+    throw new Error("Login failed. OAuth flow did not return tokens.");
+  }
+  console.log(`Logged in to ${serverConfig.url} successfully.`);
+}
+
+// src/commands/init.ts
+var A = {
+  reset: "\x1B[0m",
+  bold: "\x1B[1m",
+  dim: "\x1B[2m",
+  cyan: "\x1B[36m",
+  green: "\x1B[32m",
+  yellow: "\x1B[33m",
+  red: "\x1B[31m",
+  gray: "\x1B[90m",
+  white: "\x1B[97m",
+  bgCyan: "\x1B[46m",
+  clearLine: "\x1B[2K\x1B[G",
+  up: (n) => `\x1B[${n}A`
+};
+var c = (code, s) => `${code}${s}${A.reset}`;
+var BAR = c(A.gray, "\u2502");
+var BAR_END = c(A.gray, "\u2514");
+var CANCEL = /* @__PURE__ */ Symbol("cancel");
+function isCancel(v) {
+  return v === CANCEL;
+}
+function intro(msg) {
+  process.stdout.write(`
+${c(A.bgCyan + A.bold, ` ${msg} `)}
+${BAR}
+`);
+}
+function outro(msg) {
+  process.stdout.write(`${BAR_END}  ${c(A.green, msg)}
+
+`);
+}
+function cancel(msg) {
+  process.stdout.write(`${BAR_END}  ${c(A.yellow, msg)}
+
+`);
+}
+function readLine(prompt) {
+  return new Promise((resolve4) => {
+    const rl = readline.createInterface({
+      input: process.stdin,
+      output: process.stdout,
+      terminal: false
+    });
+    process.stdout.write(prompt);
+    rl.once("line", (line) => {
+      rl.close();
+      resolve4(line);
+    });
+    rl.once("SIGINT", () => {
+      rl.close();
+      process.stdout.write("\n");
+      resolve4(CANCEL);
+    });
+    process.stdin.once("end", () => {
+      rl.close();
+      resolve4(CANCEL);
+    });
+  });
+}
+async function select(opts) {
+  const { message, options, initialValue } = opts;
+  const defaultIdx = Math.max(
+    0,
+    options.findIndex((o) => o.value === initialValue)
+  );
+  process.stdout.write(`${BAR}  ${c(A.bold + A.white, message)}
+`);
+  options.forEach((o, i) => {
+    const active = i === defaultIdx;
+    const dot = active ? c(A.cyan, "\u25CF") : c(A.gray, "\u25CB");
+    const label = active ? c(A.white, o.label) : c(A.dim, o.label);
+    const hint = o.hint ? c(A.gray, ` (${o.hint})`) : "";
+    process.stdout.write(`${BAR}  ${dot} ${label}${hint}
+`);
+  });
+  if (process.stdin.isTTY) {
+    let idx = defaultIdx;
+    const render = () => {
+      process.stdout.write(A.up(options.length));
+      options.forEach((o, i) => {
+        const active = i === idx;
+        const dot = active ? c(A.cyan, "\u25CF") : c(A.gray, "\u25CB");
+        const label = active ? c(A.white, o.label) : c(A.dim, o.label);
+        const hint = o.hint ? c(A.gray, ` (${o.hint})`) : "";
+        process.stdout.write(`${A.clearLine}${BAR}  ${dot} ${label}${hint}
+`);
+      });
+    };
+    return new Promise((resolve4) => {
+      readline.emitKeypressEvents(process.stdin);
+      process.stdin.setRawMode(true);
+      process.stdin.resume();
+      const onKey = (_, key) => {
+        if (key.ctrl && key.name === "c") {
+          cleanup();
+          resolve4(CANCEL);
+          return;
+        }
+        if (key.name === "up") {
+          idx = (idx - 1 + options.length) % options.length;
+          render();
+        }
+        if (key.name === "down") {
+          idx = (idx + 1) % options.length;
+          render();
+        }
+        if (key.name === "return") {
+          cleanup();
+          resolve4(options[idx].value);
+        }
+      };
+      const cleanup = () => {
+        process.stdin.setRawMode(false);
+        process.stdin.pause();
+        process.stdin.removeListener("keypress", onKey);
+        process.stdout.write(`${BAR}
+`);
+      };
+      process.stdin.on("keypress", onKey);
+    });
+  }
+  while (true) {
+    const raw = await readLine(
+      `${BAR}  ${c(A.gray, `Choose 1-${options.length} (default ${defaultIdx + 1}):`)} `
+    );
+    if (isCancel(raw)) return CANCEL;
+    const trimmed = raw.trim();
+    if (trimmed === "") return options[defaultIdx].value;
+    const n = Number(trimmed);
+    if (Number.isInteger(n) && n >= 1 && n <= options.length)
+      return options[n - 1].value;
+    process.stdout.write(
+      `${BAR}  ${c(A.red, `Please enter a number between 1 and ${options.length}`)}
+`
+    );
+  }
+}
+async function text(opts) {
+  const { message, placeholder, validate } = opts;
+  while (true) {
+    const hint = placeholder ? c(A.gray, ` (${placeholder})`) : "";
+    const raw = await readLine(
+      `${BAR}  ${c(A.bold + A.white, message)}${hint}
+${BAR}  ${c(A.cyan, "\u25C6")} `
+    );
+    if (isCancel(raw)) return CANCEL;
+    const val = raw;
+    const error = validate?.(val);
+    if (error) {
+      process.stdout.write(`${BAR}  ${c(A.red, `! ${error}`)}
+`);
+      continue;
+    }
+    process.stdout.write(`${BAR}
+`);
+    return val;
+  }
+}
+var p = { intro, outro, cancel, isCancel, select, text };
+var GLOBAL_CONFIG_PATH2 = join5(
+  homedir4(),
+  ".config",
+  "mcp-s-cli",
+  "config.json"
+);
+function writeConfig(config) {
+  mkdirSync4(dirname4(GLOBAL_CONFIG_PATH2), { recursive: true });
+  writeFileSync4(
+    GLOBAL_CONFIG_PATH2,
+    `${JSON.stringify(config, null, 2)}
+`,
+    "utf-8"
+  );
+}
+async function initCommand(options) {
+  const { baseUrl, org, mcp, toolkit, userAccessKey, token } = options;
+  const config = {};
+  if (org) {
+    config.org = org;
+  } else if (baseUrl) {
+    config.baseUrl = baseUrl;
+  }
+  if (mcp) config.mcp = mcp;
+  if (toolkit) config.toolkit = toolkit;
+  if (userAccessKey) config.userAccessKey = userAccessKey;
+  if (token) config.token = token;
+  writeConfig(config);
+  console.log("Initialized mcp-s-cli config");
+  try {
+    const skillResult = installSkill();
+    if (skillResult.installed.length > 0) {
+      const agents = skillResult.installed.join(", ");
+      console.log(`mcp-s-cli skill installed for ${agents}`);
+    }
+    if (skillResult.failed.length > 0) {
+      const agents = skillResult.failed.map(({ agent }) => agent).join(", ");
+      console.log(`mcp-s-cli skill install failed for ${agents}`);
+    }
+  } catch {
+  }
+  const isHttpConfig = !!(org || baseUrl);
+  const hasStaticAuth = !!token;
+  if (isHttpConfig && !hasStaticAuth) {
+    try {
+      await loginCommand({});
+    } catch (err) {
+      console.error(`Login failed: ${err.message}`);
+    }
+  }
+}
+async function initInteractive() {
+  p.intro("mcp-s-cli init");
+  const connectionType = await p.select({
+    message: "Connection",
+    options: [
+      { value: "org", label: "Org", hint: "derive URL from org name" },
+      { value: "base-url", label: "Base URL", hint: "provide a custom URL" }
+    ],
+    initialValue: "org"
+  });
+  if (p.isCancel(connectionType)) {
+    p.cancel("Operation cancelled");
+    process.exit(0);
+  }
+  let org;
+  let baseUrl;
+  if (connectionType === "org") {
+    const orgValue = await p.text({
+      message: "Org",
+      validate(value) {
+        if (!value?.trim()) return "Org is required";
+      }
+    });
+    if (p.isCancel(orgValue)) {
+      p.cancel("Operation cancelled");
+      process.exit(0);
+    }
+    org = orgValue;
+  } else {
+    const baseUrlValue = await p.text({
+      message: "Base URL",
+      validate(value) {
+        if (!value?.trim()) return "Base URL is required";
+      }
+    });
+    if (p.isCancel(baseUrlValue)) {
+      p.cancel("Operation cancelled");
+      process.exit(0);
+    }
+    baseUrl = baseUrlValue;
+  }
+  const mcp = await p.text({
+    message: "MCP",
+    placeholder: "none"
+  });
+  if (p.isCancel(mcp)) {
+    p.cancel("Operation cancelled");
+    process.exit(0);
+  }
+  const toolkit = await p.text({
+    message: "Toolkit",
+    placeholder: "none"
+  });
+  if (p.isCancel(toolkit)) {
+    p.cancel("Operation cancelled");
+    process.exit(0);
+  }
+  const userAccessKey = await p.text({
+    message: "User Access Key (optional \u2014 leave blank for HTTP mode)",
+    placeholder: "none"
+  });
+  if (p.isCancel(userAccessKey)) {
+    p.cancel("Operation cancelled");
+    process.exit(0);
+  }
+  p.outro("Saving config...");
+  await initCommand({
+    org,
+    baseUrl,
+    mcp: mcp?.trim() || void 0,
+    toolkit: toolkit?.trim() || void 0,
+    userAccessKey: userAccessKey?.trim() || void 0
+  });
+}
+
+// src/commands/kill-daemon.ts
+import { existsSync as existsSync7, readdirSync as readdirSync2 } from "fs";
+function killDaemonCommand() {
+  const socketDir = getSocketDir();
+  if (!existsSync7(socketDir)) {
+    console.log("No daemons running.");
+    return;
+  }
+  let files;
+  try {
+    files = readdirSync2(socketDir).filter((f) => f.endsWith(".pid"));
+  } catch {
+    console.log("No daemons running.");
+    return;
+  }
+  if (files.length === 0) {
+    console.log("No daemons running.");
+    return;
+  }
+  let killed = 0;
+  let alreadyDead = 0;
+  for (const file of files) {
+    const serverName = file.replace(".pid", "");
+    const pidInfo = readPidFile(serverName);
+    if (!pidInfo) {
+      removeSocketFile(serverName);
+      removeReadyFile(serverName);
+      continue;
+    }
+    if (isProcessRunning(pidInfo.pid)) {
+      killProcess(pidInfo.pid);
+      console.log(`Killed daemon for ${serverName} (pid ${pidInfo.pid})`);
+      killed++;
+    } else {
+      alreadyDead++;
+    }
+    removePidFile(serverName);
+    removeSocketFile(serverName);
+    removeReadyFile(serverName);
+  }
+  if (killed === 0 && alreadyDead > 0) {
+    console.log("No daemons running (cleaned up stale files).");
+  }
+}
+
+// src/commands/list.ts
+async function listCommand(options) {
+  let loaded;
+  try {
+    loaded = await loadConfig(options.configPath);
+  } catch (error) {
+    console.error(error.message);
+    process.exit(1 /* CLIENT_ERROR */);
+  }
+  const { serverConfig } = loaded;
+  const serverLabel = "server";
+  let connection = null;
+  let tools = [];
+  let instructions;
+  let errorMsg;
+  try {
+    connection = await getConnection(serverLabel, serverConfig);
+    tools = await connection.listTools();
+    instructions = await connection.getInstructions();
+    debug(`${serverLabel}: loaded ${tools.length} tools`);
+  } catch (error) {
+    errorMsg = error.message;
+    debug(`${serverLabel}: connection failed - ${errorMsg}`);
+  } finally {
+    if (connection) {
+      await safeClose(connection.close);
+    }
+  }
+  const displayServers = [
+    {
+      name: serverLabel,
+      instructions,
+      tools: errorMsg ? [
+        {
+          name: `<error: ${errorMsg}>`,
+          description: void 0,
+          inputSchema: {}
+        }
+      ] : tools
+    }
+  ];
+  console.log(formatServerList(displayServers, options.withDescriptions));
+}
+
+// src/commands/logout.ts
+async function logoutCommand(options) {
+  const { configPath } = options;
+  const { serverConfig } = await loadConfig(configPath);
+  if (!isHttpServer(serverConfig)) {
+    throw new Error(
+      "Current server is a stdio server. OAuth logout is only supported for HTTP servers."
+    );
+  }
+  await clearTokens(serverConfig.url);
+  console.log(`Logged out from ${serverConfig.url}.`);
+}
+
+// src/commands/whoami.ts
+import { existsSync as existsSync8, readFileSync as readFileSync4, statSync } from "fs";
+import { homedir as homedir5 } from "os";
+import { join as join6, resolve as resolve3 } from "path";
+function getResolvedConfigPath(explicitPath) {
+  if (explicitPath) {
+    return resolve3(explicitPath);
+  }
+  if (process.env.MCP_CONFIG_PATH) {
+    return resolve3(process.env.MCP_CONFIG_PATH);
+  }
+  const defaultPath = join6(homedir5(), ".config", "mcp-s-cli", "config.json");
+  if (existsSync8(defaultPath)) {
+    return defaultPath;
+  }
+  return null;
+}
+async function whoamiCommand(options) {
+  const { configPath } = options;
+  console.log(`mcp-s-cli v${VERSION}`);
+  console.log("");
+  const resolvedConfigPath = getResolvedConfigPath(configPath);
+  console.log("Config");
+  if (resolvedConfigPath) {
+    console.log(`  Path: ${resolvedConfigPath}`);
+  } else {
+    console.log("  Path: (not found)");
+    console.log(
+      '  Run "mcp-s-cli init --org <org>" or "mcp-s-cli init --base-url <url>" to create a config file.'
+    );
+    return;
+  }
+  let raw;
+  try {
+    const loaded = await loadConfig(configPath);
+    raw = loaded.raw;
+  } catch (err) {
+    console.log(`  Error loading config: ${err.message}`);
+    return;
+  }
+  const authFilePath = join6(homedir5(), ".config", "mcp-s-cli", "auth.json");
+  console.log("");
+  console.log("OAuth Tokens");
+  console.log(`  Path: ${authFilePath}`);
+  if (!existsSync8(authFilePath)) {
+    console.log("  (no tokens stored)");
+  } else {
+    try {
+      const raw2 = readFileSync4(authFilePath, "utf-8");
+      const data = JSON.parse(raw2);
+      const tokenEntries = Object.entries(data.tokens ?? {});
+      if (tokenEntries.length === 0) {
+        console.log("  (no tokens stored)");
+      }
+    } catch {
+      console.log("  (could not read auth file)");
+    }
+  }
+  const historyPath = join6(homedir5(), ".config", "mcp-s-cli", "history.jsonl");
+  if (existsSync8(historyPath)) {
+    const lines = readFileSync4(historyPath, "utf-8").split("\n").filter(Boolean);
+    const size = statSync(historyPath).size;
+    const sizeStr = size >= 1024 * 1024 ? `${(size / (1024 * 1024)).toFixed(1)} MB` : size >= 1024 ? `${(size / 1024).toFixed(1)} KB` : `${size} B`;
+    console.log("");
+    console.log("History");
+    console.log(`  Path:    ${historyPath}`);
+    console.log(`  Entries: ${lines.length} (${sizeStr})`);
+    if (lines.length > 0) {
+      try {
+        const last = JSON.parse(lines[lines.length - 1]);
+        const cmd = last.args?.join(" ") ?? "";
+        const ts = last.ts ? new Date(last.ts).toLocaleString() : "";
+        console.log(`  Last:    ${ts}  ${cmd}`);
+      } catch {
+      }
+    }
+  }
+  const skillInfo = getSkillInstallInfo();
+  const canonicalPath = getCanonicalSkillPath();
+  console.log("");
+  console.log("Skill");
+  console.log(`  Canonical: ${canonicalPath}`);
+  if (skillInfo.length === 0) {
+    console.log("  (no supported agents detected)");
+  } else {
+    for (const { displayName, path, installed } of skillInfo) {
+      const status = installed ? "\u2713" : "\u2717";
+      console.log(`  ${status} ${displayName}`);
+      console.log(`    ${path}`);
+    }
+  }
+}
+
+// src/index.ts
+function isPossibleSubcommand(arg) {
+  const aliases = [
+    "run",
+    "execute",
+    "exec",
+    "invoke",
+    "list",
+    "ls",
+    "get",
+    "show",
+    "describe",
+    "search",
+    "find",
+    "query"
+  ];
+  return aliases.includes(arg.toLowerCase());
+}
+function parseArgs2(args) {
+  const result = {
+    command: "info",
+    withDescriptions: false
+  };
+  const positional = [];
+  for (let i = 0; i < args.length; i++) {
+    const arg = args[i];
+    switch (arg) {
+      case "-h":
+      case "--help":
+        result.command = "help";
+        return result;
+      case "-v":
+      case "--version":
+        result.command = "version";
+        return result;
+      case "-d":
+      case "--with-descriptions":
+        result.withDescriptions = true;
+        break;
+      case "-c":
+      case "--config":
+        result.configPath = args[++i];
+        if (!result.configPath) {
+          console.error(
+            formatCliError(missingArgumentError("-c/--config", "path"))
+          );
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        break;
+      case "--url":
+        result.baseUrl = args[++i];
+        if (!result.baseUrl) {
+          console.error(formatCliError(missingArgumentError("--url", "url")));
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        break;
+      case "--base-url":
+        result.baseUrl = args[++i];
+        if (!result.baseUrl) {
+          console.error(
+            formatCliError(missingArgumentError("--base-url", "url"))
+          );
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        break;
+      case "--org":
+        result.org = args[++i];
+        if (!result.org) {
+          console.error(formatCliError(missingArgumentError("--org", "org")));
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        break;
+      case "--mcp":
+        result.mcp = args[++i];
+        if (!result.mcp) {
+          console.error(formatCliError(missingArgumentError("--mcp", "id")));
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        break;
+      case "--toolkit":
+        result.toolkit = args[++i];
+        if (!result.toolkit) {
+          console.error(
+            formatCliError(missingArgumentError("--toolkit", "name"))
+          );
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        break;
+      case "--user-access-key":
+        result.userAccessKey = args[++i];
+        if (!result.userAccessKey) {
+          console.error(
+            formatCliError(missingArgumentError("--user-access-key", "key"))
+          );
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        break;
+      case "--token":
+        result.token = args[++i];
+        if (!result.token) {
+          console.error(
+            formatCliError(missingArgumentError("--token", "token"))
+          );
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        break;
+      default:
+        if (arg.startsWith("-") && arg !== "-") {
+          console.error(formatCliError(unknownOptionError(arg)));
+          process.exit(1 /* CLIENT_ERROR */);
+        }
+        positional.push(arg);
+    }
+  }
+  if (positional.length === 0) {
+    result.command = "list";
+    return result;
+  }
+  const firstArg = positional[0];
+  if (firstArg === "info") {
+    result.command = "info";
+    result.tool = positional[1];
+    if (positional.length > 2) {
+      console.error(
+        formatCliError(tooManyArgumentsError("info", positional.length - 1, 1))
+      );
+      process.exit(1 /* CLIENT_ERROR */);
+    }
+    return result;
+  }
+  if (firstArg === "grep") {
+    result.command = "grep";
+    result.pattern = positional[1];
+    if (!result.pattern) {
+      console.error(formatCliError(missingArgumentError("grep", "pattern")));
+      process.exit(1 /* CLIENT_ERROR */);
+    }
+    if (positional.length > 2) {
+      console.error(
+        formatCliError(tooManyArgumentsError("grep", positional.length - 1, 1))
+      );
+      process.exit(1 /* CLIENT_ERROR */);
+    }
+    return result;
+  }
+  if (firstArg === "call") {
+    result.command = "call";
+    const remaining = positional.slice(1);
+    if (remaining.length === 0) {
+      console.error(formatCliError(missingArgumentError("call", "tool")));
+      process.exit(1 /* CLIENT_ERROR */);
+    }
+    result.tool = remaining[0];
+    const jsonArgs = remaining.slice(1);
+    if (jsonArgs.length > 0) {
+      const argsValue = jsonArgs.join(" ");
+      result.args = argsValue === "-" ? void 0 : argsValue;
+    }
+    return result;
+  }
+  if (firstArg === "whoami") {
+    result.command = "whoami";
+    return result;
+  }
+  if (firstArg === "login") {
+    result.command = "login";
+    return result;
+  }
+  if (firstArg === "logout") {
+    result.command = "logout";
+    return result;
+  }
+  if (firstArg === "clear") {
+    result.command = "clear";
+    return result;
+  }
+  if (firstArg === "clear-auth") {
+    result.command = "clear-auth";
+    return result;
+  }
+  if (firstArg === "clear-history") {
+    result.command = "clear-history";
+    return result;
+  }
+  if (firstArg === "clear-skill") {
+    result.command = "clear-skill";
+    return result;
+  }
+  if (firstArg === "kill-daemon") {
+    result.command = "kill-daemon";
+    return result;
+  }
+  if (firstArg === "init") {
+    result.command = "init";
+    if (result.baseUrl && result.org) {
+      console.error(
+        formatCliError({
+          code: 1 /* CLIENT_ERROR */,
+          type: "INVALID_ARGUMENT",
+          message: "--base-url and --org are mutually exclusive",
+          suggestion: "Use --base-url for a custom URL or --org for an org-derived URL, not both"
+        })
+      );
+      process.exit(1 /* CLIENT_ERROR */);
+    }
+    return result;
+  }
+  if (isPossibleSubcommand(firstArg)) {
+    console.error(formatCliError(unknownSubcommandError(firstArg)));
+    process.exit(1 /* CLIENT_ERROR */);
+  }
+  result.command = "info";
+  result.tool = firstArg;
+  return result;
+}
+function printHelp() {
+  console.log(`
+mcp-s-cli v${VERSION} - A lightweight CLI for connecting AI agents to the Webrix MCP Gateway
+
+Usage:
+  mcp-s-cli [options]                        List all tools
+  mcp-s-cli [options] info                   Show server details
+  mcp-s-cli [options] info <tool>            Show tool schema
+  mcp-s-cli [options] grep <pattern>         Search tools by glob pattern
+  mcp-s-cli [options] call <tool>            Call tool (reads JSON from stdin if no args)
+  mcp-s-cli [options] call <tool> <json>     Call tool with JSON arguments
+  mcp-s-cli init --org <org> [--mcp <id>] [--toolkit <tk>] [--user-access-key <key>]  Initialize with org
+  mcp-s-cli init --base-url <url> [--mcp <id>] [--toolkit <tk>] [--user-access-key <key>]  Initialize with URL
+  mcp-s-cli whoami                           Show config location and auth state
+  mcp-s-cli login                            Log in to the configured server via OAuth
+  mcp-s-cli logout                           Log out (remove stored OAuth tokens)
+  mcp-s-cli clear                            Clear server config (resets config.json to {})
+  mcp-s-cli clear-auth                       Clear all stored auth data (sets auth.json to {})
+  mcp-s-cli clear-history                    Delete the history file (~/.config/mcp-s-cli/history.jsonl)
+  mcp-s-cli clear-skill                      Remove the mcp-s-cli skill from all agent skill directories
+
+Options:
+  -h, --help               Show this help message
+  -v, --version            Show version number
+  -d, --with-descriptions  Include tool descriptions
+  -c, --config <path>      Path to config.json config file
+      --base-url <url>     Server base URL (used with init)
+      --org <org>          Org name \u2014 derives URL as https://<org>.mcp-s.com/mcp (used with init)
+      --mcp <id>           MCP identifier header (used with init)
+      --toolkit <name>     Toolkit name header (used with init)
+      --user-access-key <key>  User access key \u2014 triggers stdio mode (used with init)
+
+Output:
+  mcp-s-cli/info/grep        Human-readable text to stdout
+  call                     Raw JSON to stdout (for piping)
+  Errors                   Always to stderr
+
+Examples:
+  mcp-s-cli                                  # List all tools
+  mcp-s-cli -d                               # List with descriptions
+  mcp-s-cli grep "*file*"                    # Search for file tools
+  mcp-s-cli info                             # Show server details
+  mcp-s-cli info read_file                   # Show tool schema
+  mcp-s-cli call read_file '{}'              # Call tool
+  cat input.json | mcp-s-cli call read_file  # Read args from stdin
+  mcp-s-cli init --org my-org --mcp slack --toolkit my-tk  # HTTP mode via org
+  mcp-s-cli init --base-url example.com/123 --mcp slack    # HTTP mode via base URL
+  mcp-s-cli init --org my-org --mcp slack --user-access-key 123  # stdio mode
+  mcp-s-cli whoami                           # Show config and auth state
+  mcp-s-cli login                            # Authenticate via OAuth
+  mcp-s-cli logout                           # Remove stored OAuth tokens
+  mcp-s-cli clear                            # Reset server config
+  mcp-s-cli clear-auth                       # Clear stored auth data
+  mcp-s-cli clear-skill                      # Remove installed skill from all agents
+  mcp-s-cli kill-daemon                      # Kill the running daemon process
+
+Environment Variables:
+  MCP_DAEMON=0           Disable connection caching (daemon mode, on by default)
+  MCP_DAEMON_TIMEOUT=N   Set daemon idle timeout in seconds (default: 300)
+
+Config File:
+  The CLI looks for config.json in:
+    1. Path specified by MCP_CONFIG_PATH or -c/--config
+    2. ~/.config/mcp-s-cli/config.json
+
+  'mcp-s-cli init' always writes to ~/.config/mcp-s-cli/config.json
+`);
+}
+function appendHistory(argv) {
+  if (process.env.MCP_CLI_HISTORY !== "1") return;
+  try {
+    const dir = join7(homedir6(), ".config", "mcp-s-cli");
+    mkdirSync5(dir, { recursive: true });
+    const entry = JSON.stringify({ ts: (/* @__PURE__ */ new Date()).toISOString(), args: argv });
+    appendFileSync(join7(dir, "history.jsonl"), `${entry}
+`, "utf8");
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    process.stderr.write(
+      `mcp-s-cli: warning: failed to write history: ${msg}
+`
+    );
+  }
+}
+async function main() {
+  appendHistory(process.argv.slice(2));
+  const args = parseArgs2(process.argv.slice(2));
+  switch (args.command) {
+    case "help":
+      printHelp();
+      break;
+    case "version":
+      console.log(`mcp-s-cli v${VERSION}`);
+      break;
+    case "list":
+      await listCommand({
+        withDescriptions: args.withDescriptions,
+        configPath: args.configPath
+      });
+      break;
+    case "info":
+      await infoCommand({
+        tool: args.tool,
+        withDescriptions: args.withDescriptions,
+        configPath: args.configPath
+      });
+      break;
+    case "grep":
+      await grepCommand({
+        pattern: args.pattern ?? "",
+        withDescriptions: args.withDescriptions,
+        configPath: args.configPath
+      });
+      break;
+    case "call":
+      await callCommand({
+        tool: args.tool ?? "",
+        args: args.args,
+        configPath: args.configPath
+      });
+      break;
+    case "init":
+      if (args.baseUrl || args.org) {
+        await initCommand({
+          baseUrl: args.baseUrl,
+          org: args.org,
+          mcp: args.mcp,
+          toolkit: args.toolkit,
+          userAccessKey: args.userAccessKey,
+          token: args.token
+        });
+      } else {
+        await initInteractive();
+      }
+      break;
+    case "whoami":
+      await whoamiCommand({ configPath: args.configPath });
+      break;
+    case "login":
+      await loginCommand({ configPath: args.configPath });
+      break;
+    case "logout":
+      await logoutCommand({ configPath: args.configPath });
+      break;
+    case "clear":
+      await clearCommand();
+      break;
+    case "clear-auth":
+      await clearAuthCommand();
+      break;
+    case "clear-history":
+      clearHistoryCommand();
+      break;
+    case "kill-daemon":
+      killDaemonCommand();
+      break;
+    case "clear-skill": {
+      const result = clearSkill();
+      if (result.removed.length > 0) {
+        console.log(`Removed skill from: ${result.removed.join(", ")}`);
+      }
+      if (result.canonicalRemoved) {
+        console.log("Removed canonical skill directory");
+      }
+      if (result.failed.length > 0) {
+        for (const { agent, error } of result.failed) {
+          console.error(`Failed to remove skill for ${agent}: ${error}`);
+        }
+      }
+      if (result.removed.length === 0 && !result.canonicalRemoved) {
+        console.log("Skill was not installed anywhere.");
+      }
+      break;
+    }
+  }
+}
+process.on("SIGINT", () => {
+  process.exit(130);
+});
+process.on("SIGTERM", () => {
+  process.exit(143);
+});
+main().then(() => {
+  setImmediate(() => process.exit(0));
+}).catch((error) => {
+  console.error(error.message);
+  setImmediate(() => process.exit(1 /* CLIENT_ERROR */));
+});