@meltstudio/meltctl 4.37.0 → 4.38.1

package/dist/index.js

@@ -1,217 +1,2185 @@
 #!/usr/bin/env node
-import chalk from 'chalk';
-import { Command, Option } from '@commander-js/extra-typings';
-import { readFileSync } from 'fs';
-import { join, dirname } from 'path';
-import { fileURLToPath } from 'url';
-import { initCommand } from './commands/init.js';
-import { templatesCommand } from './commands/templates.js';
-import { loginCommand } from './commands/login.js';
-import { logoutCommand } from './commands/logout.js';
-import { printBanner } from './utils/banner.js';
-import { checkAndEnforceUpdate } from './utils/version-check.js';
-import { versionCheckCommand } from './commands/version.js';
-import { standupCommand } from './commands/standup.js';
-import { feedbackCommand } from './commands/feedback.js';
-import { coinsCommand } from './commands/coins.js';
-import { auditSubmitCommand, auditListCommand, auditViewCommand } from './commands/audit.js';
-import { planSubmitCommand, planListCommand } from './commands/plan.js';
-import { updateCommand } from './commands/update.js';
-import { trackCommand } from './utils/analytics.js';
-// Read version from package.json
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = dirname(__filename);
-const packageJson = JSON.parse(readFileSync(join(__dirname, '../package.json'), 'utf8'));
-const program = new Command();
-program
-    .name('meltctl')
-    .description('Set up AI-first development standards (AGENTS.md, Claude skills, Cursor commands, OpenCode commands, MCP config) in your project.\n\nRequires a @meltstudio.co Google Workspace account. Run `npx @meltstudio/meltctl@latest login` first, then `npx @meltstudio/meltctl@latest project init` in your repo.')
-    .version(packageJson.version)
-    .addHelpText('beforeAll', () => {
-    printBanner();
-    return '';
-})
-    .addHelpText('after', `
-${chalk.bold('AI Skills')} ${chalk.dim('(run these in your AI coding tool, not the CLI):')}
-${chalk.dim('  /melt-setup            Analyze the project and customize AGENTS.md')}
-${chalk.dim('  /melt-link             Connect and verify ticket tracker + browser testing')}
-${chalk.dim('  /melt-plan             Design an implementation approach before writing code')}
-${chalk.dim('  /melt-validate         Run the validation plan and verify end-to-end')}
-${chalk.dim('  /melt-review           Review changes against project standards')}
-${chalk.dim('  /melt-pr               Create a well-structured pull request')}
-${chalk.dim('  /melt-debug            Systematically investigate and fix bugs')}
-${chalk.dim('  /melt-audit            Run a project compliance audit')}
-${chalk.dim('  /melt-ux-audit         Review UI against usability heuristics')}
-${chalk.dim('  /melt-security-audit   Run a security posture audit across the platform')}
-${chalk.dim('  /melt-update           Update Melt skills to the latest version')}
-${chalk.dim('  /melt-help             Answer questions about the development playbook')}
-`)
-    .hook('preAction', async () => {
-    await checkAndEnforceUpdate();
-})
-    .hook('postAction', async (_thisCommand, actionCommand) => {
-    try {
-        const parts = [];
-        let cmd = actionCommand;
-        while (cmd && cmd.name() !== 'meltctl') {
-            parts.unshift(cmd.name());
-            cmd = cmd.parent;
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+
+// src/utils/version.ts
+var CLI_VERSION;
+var init_version = __esm({
+  "src/utils/version.ts"() {
+    "use strict";
+    CLI_VERSION = "4.38.1";
+  }
+});
+
+// src/commands/update.ts
+var update_exports = {};
+__export(update_exports, {
+  detectPackageManager: () => detectPackageManager,
+  updateCommand: () => updateCommand
+});
+import chalk7 from "chalk";
+import { execSync } from "child_process";
+import path4 from "path";
+import { fileURLToPath } from "url";
+function detectPackageManager() {
+  const installPath = path4.resolve(__dirname, "../..");
+  try {
+    const npmGlobalPrefix = execSync("npm prefix -g", { encoding: "utf-8", stdio: "pipe" }).trim();
+    if (installPath.startsWith(npmGlobalPrefix)) {
+      return "npm";
+    }
+  } catch {
+  }
+  try {
+    const yarnGlobalDir = execSync("yarn global dir", { encoding: "utf-8", stdio: "pipe" }).trim();
+    if (installPath.startsWith(yarnGlobalDir)) {
+      return "yarn";
+    }
+  } catch {
+  }
+  if (installPath.includes("yarn")) return "yarn";
+  if (installPath.includes("npm")) return "npm";
+  return "unknown";
+}
+async function updateCommand() {
+  const currentVersion = await getCurrentCliVersion();
+  const latestVersion = await getLatestCliVersion();
+  if (!latestVersion) {
+    console.error(chalk7.red("Could not check for updates. Check your network connection."));
+    process.exit(1);
+  }
+  const severity = getUpdateSeverity(currentVersion, latestVersion);
+  if (severity === "none") {
+    console.log(chalk7.green(`  \u2713 Already on the latest version (${currentVersion})`));
+    return;
+  }
+  console.log(chalk7.dim(`  ${currentVersion} \u2192 ${latestVersion}`));
+  console.log();
+  const pm = detectPackageManager();
+  let cmd;
+  if (pm === "yarn") {
+    cmd = "yarn global add @meltstudio/meltctl@latest";
+  } else if (pm === "npm") {
+    cmd = "npm install -g @meltstudio/meltctl@latest";
+  } else {
+    console.log(chalk7.dim("  Could not detect package manager, trying npm..."));
+    cmd = "npm install -g @meltstudio/meltctl@latest";
+  }
+  console.log(chalk7.dim(`  Running: ${cmd}`));
+  console.log();
+  try {
+    execSync(cmd, { stdio: "inherit" });
+    console.log();
+    console.log(chalk7.green(`  \u2713 Updated to ${latestVersion}`));
+  } catch {
+    console.error();
+    console.error(chalk7.red("  Update failed. Try running manually:"));
+    console.error(chalk7.cyan(`    ${cmd}`));
+    process.exit(1);
+  }
+}
+var __dirname;
+var init_update = __esm({
+  "src/commands/update.ts"() {
+    "use strict";
+    init_version_check();
+    __dirname = path4.dirname(fileURLToPath(import.meta.url));
+  }
+});
+
+// src/utils/version-check.ts
+import chalk8 from "chalk";
+import { confirm as confirm2 } from "@inquirer/prompts";
+import { execSync as execSync2 } from "child_process";
+async function getCurrentCliVersion() {
+  return CLI_VERSION;
+}
+async function getLatestCliVersion() {
+  try {
+    const result = execSync2("npm view @meltstudio/meltctl version --json", {
+      encoding: "utf-8",
+      stdio: "pipe",
+      timeout: 5e3
+      // 5 second timeout
+    });
+    return JSON.parse(result.trim());
+  } catch {
+    return null;
+  }
+}
+function compareVersions(current, latest) {
+  const parseVersion = (version) => {
+    const [base, prerelease] = version.split("-");
+    const parts = (base || "").split(".").map(Number);
+    return {
+      major: parts[0] || 0,
+      minor: parts[1] || 0,
+      patch: parts[2] || 0,
+      prerelease: prerelease || null
+    };
+  };
+  const currentVer = parseVersion(current);
+  const latestVer = parseVersion(latest);
+  if (latestVer.major !== currentVer.major) {
+    return latestVer.major > currentVer.major;
+  }
+  if (latestVer.minor !== currentVer.minor) {
+    return latestVer.minor > currentVer.minor;
+  }
+  if (latestVer.patch !== currentVer.patch) {
+    return latestVer.patch > currentVer.patch;
+  }
+  if (!latestVer.prerelease && currentVer.prerelease) return true;
+  if (latestVer.prerelease && !currentVer.prerelease) return false;
+  if (latestVer.prerelease && currentVer.prerelease) {
+    return latestVer.prerelease > currentVer.prerelease;
+  }
+  return false;
+}
+function isCI() {
+  return !!(process.env.CI || // Generic CI flag
+  process.env.GITHUB_ACTIONS || // GitHub Actions
+  process.env.GITLAB_CI || // GitLab CI
+  process.env.CIRCLECI || // CircleCI
+  process.env.TRAVIS || // Travis CI
+  process.env.JENKINS_URL || // Jenkins
+  process.env.BUILDKITE || // Buildkite
+  process.env.DRONE || // Drone
+  process.env.MELTCTL_SKIP_UPDATE_CHECK);
+}
+function getUpdateSeverity(current, latest) {
+  const parseCurrent = current.split("-")[0].split(".").map(Number);
+  const parseLatest = latest.split("-")[0].split(".").map(Number);
+  const [curMajor = 0, curMinor = 0, curPatch = 0] = parseCurrent;
+  const [latMajor = 0, latMinor = 0, latPatch = 0] = parseLatest;
+  if (latMajor > curMajor) return "major";
+  if (latMajor === curMajor && latMinor > curMinor) return "minor";
+  if (latMajor === curMajor && latMinor === curMinor && latPatch > curPatch) return "patch";
+  return "none";
+}
+async function checkAndEnforceUpdate() {
+  if (isCI()) {
+    return;
+  }
+  try {
+    const currentVersion = await getCurrentCliVersion();
+    const latestVersion = await getLatestCliVersion();
+    if (!latestVersion) {
+      return;
+    }
+    const severity = getUpdateSeverity(currentVersion, latestVersion);
+    if (severity === "none") {
+      return;
+    }
+    if (severity === "patch") {
+      console.log();
+      console.log(
+        chalk8.yellow(
+          `  Update available: ${currentVersion} \u2192 ${latestVersion} (run: meltctl update)`
+        )
+      );
+      console.log();
+      return;
+    }
+    console.log();
+    console.log(chalk8.yellow(`  Update required: ${currentVersion} \u2192 ${latestVersion}`));
+    console.log();
+    const shouldUpdate = await confirm2({
+      message: "Update now?",
+      default: true
+    });
+    if (shouldUpdate) {
+      const { updateCommand: updateCommand2 } = await Promise.resolve().then(() => (init_update(), update_exports));
+      await updateCommand2();
+      console.log();
+      console.log(chalk8.dim("  Please re-run your command."));
+      console.log();
+      process.exit(0);
+    }
+    console.log();
+    console.log(chalk8.gray("To skip this check (CI/CD), set MELTCTL_SKIP_UPDATE_CHECK=1"));
+    console.log();
+    process.exit(1);
+  } catch {
+    return;
+  }
+}
+var init_version_check = __esm({
+  "src/utils/version-check.ts"() {
+    "use strict";
+    init_version();
+  }
+});
+
+// src/index.ts
+import chalk16 from "chalk";
+import { Command, Option } from "@commander-js/extra-typings";
+
+// src/commands/init.ts
+import chalk2 from "chalk";
+import { checkbox, confirm } from "@inquirer/prompts";
+import fs2 from "fs-extra";
+import path2 from "path";
+
+// src/utils/auth.ts
+import fs from "fs-extra";
+import path from "path";
+import os from "os";
+var AUTH_DIR = path.join(os.homedir(), ".meltctl");
+var AUTH_FILE = path.join(AUTH_DIR, "auth.json");
+var API_BASE = process.env["MELTCTL_API_URL"] ?? "https://ewszkw32he2ebgkwlbwmoubf5y0hllpx.lambda-url.us-east-1.on.aws";
+async function getStoredAuth() {
+  if (!await fs.pathExists(AUTH_FILE)) {
+    return void 0;
+  }
+  try {
+    return await fs.readJson(AUTH_FILE);
+  } catch {
+    return void 0;
+  }
+}
+async function storeAuth(auth) {
+  await fs.ensureDir(AUTH_DIR);
+  await fs.writeJson(AUTH_FILE, auth, { spaces: 2 });
+}
+async function clearAuth() {
+  if (await fs.pathExists(AUTH_FILE)) {
+    await fs.remove(AUTH_FILE);
+  }
+}
+async function isAuthenticated() {
+  const auth = await getStoredAuth();
+  if (!auth) {
+    return false;
+  }
+  return new Date(auth.expiresAt) > /* @__PURE__ */ new Date();
+}
+
+// src/utils/api.ts
+import chalk from "chalk";
+
+// ../sdk/dist/resources/audits.js
+function createAuditsResource(config) {
+  return {
+    async submit(input3) {
+      const { data, status } = await apiFetch(config, "/audits", {
+        method: "POST",
+        body: JSON.stringify(input3)
+      });
+      if (status !== 201)
+        throw new Error(data.error ?? `Failed to submit audit (${status})`);
+      return data;
+    },
+    async list(filters) {
+      const params = new URLSearchParams();
+      if (filters?.type)
+        params.set("type", filters.type);
+      if (filters?.repository)
+        params.set("repository", filters.repository);
+      if (filters?.latest)
+        params.set("latest", "true");
+      if (filters?.limit)
+        params.set("limit", String(filters.limit));
+      const query = params.toString();
+      const path8 = `/audits${query ? `?${query}` : ""}`;
+      const { data, status } = await apiFetch(config, path8);
+      if (status === 403)
+        throw new Error("Access denied. Only Team Managers can list audits.");
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to list audits (${status})`);
+      return data;
+    },
+    async get(id) {
+      const { data, status } = await apiFetch(config, `/audits/${id}`);
+      if (status === 403)
+        throw new Error("Access denied. Only Team Managers can view audits.");
+      if (status === 404)
+        throw new Error(`Audit not found: ${id}`);
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to fetch audit (${status})`);
+      return data;
+    }
+  };
+}
+
+// ../sdk/dist/resources/plans.js
+function createPlansResource(config) {
+  return {
+    async submit(input3) {
+      const { data, status } = await apiFetch(config, "/plans", {
+        method: "POST",
+        body: JSON.stringify(input3)
+      });
+      if (status !== 201 && status !== 200)
+        throw new Error(data.error ?? `Failed to submit plan (${status})`);
+      return data;
+    },
+    async list(filters) {
+      const params = new URLSearchParams();
+      if (filters?.repository)
+        params.set("repository", filters.repository);
+      if (filters?.author)
+        params.set("author", filters.author);
+      if (filters?.ticket)
+        params.set("ticket", filters.ticket);
+      if (filters?.status)
+        params.set("status", filters.status);
+      if (filters?.limit)
+        params.set("limit", String(filters.limit));
+      const query = params.toString();
+      const path8 = `/plans${query ? `?${query}` : ""}`;
+      const { data, status } = await apiFetch(config, path8);
+      if (status === 403)
+        throw new Error("Access denied. Only Team Managers can list plans.");
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to list plans (${status})`);
+      return data;
+    },
+    async get(id) {
+      const { data, status } = await apiFetch(config, `/plans/${id}`);
+      if (status === 403)
+        throw new Error("Access denied. Only Team Managers can view plans.");
+      if (status === 404)
+        throw new Error(`Plan not found: ${id}`);
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to fetch plan (${status})`);
+      return data;
+    }
+  };
+}
+
+// ../sdk/dist/resources/events.js
+function createEventsResource(config) {
+  return {
+    async submit(input3) {
+      const { data, status } = await apiFetch(config, "/events", {
+        method: "POST",
+        body: JSON.stringify(input3)
+      });
+      if (status !== 201)
+        throw new Error(data.error ?? `Failed to submit event (${status})`);
+      return data;
+    },
+    async list(filters) {
+      const params = new URLSearchParams();
+      if (filters?.command)
+        params.set("command", filters.command);
+      if (filters?.author)
+        params.set("author", filters.author);
+      if (filters?.repository)
+        params.set("repository", filters.repository);
+      if (filters?.dateFrom)
+        params.set("dateFrom", filters.dateFrom);
+      if (filters?.dateTo)
+        params.set("dateTo", filters.dateTo);
+      if (filters?.limit)
+        params.set("limit", String(filters.limit));
+      const query = params.toString();
+      const path8 = `/events${query ? `?${query}` : ""}`;
+      const { data, status } = await apiFetch(config, path8);
+      if (status === 403)
+        throw new Error("Access denied. Only Team Managers can view analytics.");
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to list events (${status})`);
+      return data;
+    },
+    async getStats(filters) {
+      const params = new URLSearchParams();
+      if (filters?.dateFrom)
+        params.set("dateFrom", filters.dateFrom);
+      if (filters?.dateTo)
+        params.set("dateTo", filters.dateTo);
+      const query = params.toString();
+      const path8 = `/events/stats${query ? `?${query}` : ""}`;
+      const { data, status } = await apiFetch(config, path8);
+      if (status === 403)
+        throw new Error("Access denied. Only Team Managers can view analytics.");
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to fetch stats (${status})`);
+      return data;
+    }
+  };
+}
+
+// ../sdk/dist/resources/standups.js
+function createStandupsResource(config) {
+  return {
+    async submit(input3) {
+      const { data, status } = await apiFetch(config, "/standups", {
+        method: "POST",
+        body: JSON.stringify(input3)
+      });
+      if (status !== 201)
+        throw new Error(data.error ?? `Failed to submit standup (${status})`);
+      return data;
+    },
+    async getStatus() {
+      const { data, status } = await apiFetch(config, "/standups/status");
+      if (status === 404)
+        return null;
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to check standup status (${status})`);
+      return data;
+    }
+  };
+}
+
+// ../sdk/dist/resources/feedback.js
+function createFeedbackResource(config) {
+  return {
+    async submit(input3) {
+      const { data, status } = await apiFetch(config, "/feedback", {
+        method: "POST",
+        body: JSON.stringify(input3)
+      });
+      if (status !== 201)
+        throw new Error(data.error ?? `Failed to send feedback (${status})`);
+      return data;
+    },
+    async getRecipients() {
+      const { data, status } = await apiFetch(config, "/feedback/recipients");
+      if (status !== 200)
+        throw new Error(`Failed to load recipients (${status})`);
+      return data;
+    }
+  };
+}
+
+// ../sdk/dist/resources/coins.js
+function createCoinsResource(config) {
+  return {
+    async getBalance() {
+      const { data, status } = await apiFetch(config, "/coins");
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to fetch coins (${status})`);
+      return data;
+    },
+    async getLeaderboard() {
+      const { data, status } = await apiFetch(config, "/coins/leaderboard");
+      if (status !== 200)
+        throw new Error(`Failed to fetch leaderboard (${status})`);
+      return data;
+    }
+  };
+}
+
+// ../sdk/dist/resources/templates.js
+function createTemplatesResource(config) {
+  return {
+    async fetch() {
+      const { data, status } = await apiFetch(config, "/templates");
+      if (status !== 200)
+        throw new Error(data.error ?? `Failed to fetch templates (${status})`);
+      return data.files;
+    }
+  };
+}
+
+// ../sdk/dist/resources/auth.js
+function createAuthResource(config) {
+  return {
+    async exchangeToken(code, redirectUri) {
+      const response = await fetch(`${config.baseUrl}/auth/token`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ code, redirect_uri: redirectUri })
+      });
+      const data = await response.json();
+      if (!response.ok) {
+        if (response.status === 403)
+          throw new Error("Only @meltstudio.co accounts can use this tool.");
+        throw new Error(data.error ?? `Authentication failed (${response.status})`);
+      }
+      return data;
+    },
+    async createCiToken() {
+      const response = await fetch(`${config.baseUrl}/auth/create-ci-token`, {
+        method: "POST",
+        headers: {
+          Authorization: `Bearer ${config.token}`,
+          "Content-Type": "application/json"
         }
-        await trackCommand(parts.join(' '), true);
-    }
-    catch {
-        // Analytics must never break the CLI
-    }
-});
-program
-    .command('login')
-    .description('authenticate with Google Workspace (opens browser)')
-    .action(async () => {
-    await loginCommand();
-});
-program
-    .command('logout')
-    .description('clear stored credentials from ~/.meltctl/')
-    .action(async () => {
-    await logoutCommand();
-});
-const project = program
-    .command('project')
-    .description('manage project configuration')
-    .addHelpText('after', `
-${chalk.dim('Related skills (run in your AI coding tool after init):')}
-${chalk.dim('  /melt-setup    Analyze the project and customize AGENTS.md')}
-${chalk.dim('  /melt-link     Connect and verify ticket tracker + browser testing')}
-${chalk.dim('  /melt-update   Update Melt skills to the latest version')}
-`);
-project
-    .command('init')
-    .description('scaffold Melt development tools into the current directory (AGENTS.md, .claude/, .cursor/, .opencode/, .mcp.json)')
-    .option('--force', 'overwrite existing files if already initialized')
-    .option('--claude', 'generate Claude Code configuration')
-    .option('--cursor', 'generate Cursor configuration')
-    .option('--opencode', 'generate OpenCode configuration')
-    .action(options => {
-    return initCommand({
-        force: options.force,
-        claude: options.claude,
-        cursor: options.cursor,
-        opencode: options.opencode,
-    });
-});
-project
-    .command('templates')
-    .description('fetch latest templates to a temp directory (for /melt-update)')
-    .action(async () => {
-    await templatesCommand();
-});
-program
-    .command('standup')
-    .description('submit your daily standup report')
-    .addOption(new Option('--yesterday <text>').hideHelp())
-    .addOption(new Option('--today <text>').hideHelp())
-    .addOption(new Option('--blockers <text>').hideHelp())
-    .action(async (options) => {
-    await standupCommand(options);
-});
-program
-    .command('feedback')
-    .description('send feedback and coins to a teammate')
-    .addOption(new Option('--to <userId>').hideHelp())
-    .addOption(new Option('--coins <amount>').hideHelp())
-    .addOption(new Option('--description <text>').hideHelp())
-    .action(async (options) => {
-    await feedbackCommand(options);
-});
-program
-    .command('coins')
-    .description('check your coin balance or the team leaderboard')
-    .option('--leaderboard', 'show the team leaderboard')
-    .action(async (options) => {
-    await coinsCommand(options);
-});
-const audit = program
-    .command('audit')
-    .description('submit and list audits')
-    .addHelpText('after', `
-${chalk.dim('Related skills (run in your AI coding tool):')}
-${chalk.dim('  /melt-audit            Run a project compliance audit')}
-${chalk.dim('  /melt-ux-audit         Review UI against usability heuristics')}
-${chalk.dim('  /melt-security-audit   Run a security posture audit across the platform')}
-`);
-audit
-    .command('submit')
-    .description('submit an audit report from a markdown file')
-    .argument('[file]', 'path to the audit file (auto-detects from .audits/ if omitted)')
-    .action(async (file) => {
-    await auditSubmitCommand(file);
-});
-audit
-    .command('list')
-    .description('list submitted audits (Team Managers only)')
-    .option('--type <type>', 'filter by type (audit, ux-audit, security-audit)')
-    .option('--repository <repo>', 'filter by repository (owner/repo)')
-    .option('--latest', 'show only the latest audit per project and type')
-    .option('--limit <n>', 'max results (default 50, max 200)')
-    .action(async (options) => {
-    await auditListCommand(options);
-});
-audit
-    .command('view')
-    .description('view a submitted audit by ID (Team Managers only)')
-    .argument('<id>', 'audit ID')
-    .option('-o, --output <file>', 'save to file instead of printing')
-    .action(async (id, options) => {
-    await auditViewCommand(id, options);
-});
-const plan = program
-    .command('plan')
-    .description('submit and list plans')
-    .addHelpText('after', `
-${chalk.dim('Related skill (run in your AI coding tool):')}
-${chalk.dim('  /melt-plan   Design an implementation approach before writing code')}
+      });
+      const data = await response.json();
+      if (!response.ok)
+        throw new Error(data.error ?? `Failed to create CI token (${response.status})`);
+      return data;
+    }
+  };
+}
+
+// ../sdk/dist/resources/people.js
+function createPeopleResource(config) {
+  return {
+    async list() {
+      const { data, status } = await apiFetch(config, "/people");
+      if (status === 403)
+        throw new Error("Access denied. Only Team Managers can view people.");
+      if (status !== 200)
+        throw new Error(`Failed to fetch people (${status})`);
+      return data;
+    }
+  };
+}
+
+// ../sdk/dist/client.js
+async function apiFetch(config, path8, options = {}) {
+  const response = await fetch(`${config.baseUrl}${path8}`, {
+    ...options,
+    headers: {
+      Authorization: `Bearer ${config.token}`,
+      "Content-Type": "application/json",
+      ...options.headers
+    }
+  });
+  const data = await response.json();
+  return { data, status: response.status };
+}
+function createMeltClient(config) {
+  return {
+    audits: createAuditsResource(config),
+    plans: createPlansResource(config),
+    events: createEventsResource(config),
+    standups: createStandupsResource(config),
+    feedback: createFeedbackResource(config),
+    coins: createCoinsResource(config),
+    templates: createTemplatesResource(config),
+    auth: createAuthResource(config),
+    people: createPeopleResource(config)
+  };
+}
+
+// src/utils/api.ts
+async function getToken() {
+  const envToken = process.env["MELTCTL_TOKEN"];
+  if (envToken) {
+    return envToken;
+  }
+  const auth = await getStoredAuth();
+  if (!auth) {
+    console.error(
+      chalk.red(
+        "Not authenticated. Run `npx @meltstudio/meltctl@latest login` or set MELTCTL_TOKEN for CI."
+      )
+    );
+    process.exit(1);
+  }
+  if (new Date(auth.expiresAt) <= /* @__PURE__ */ new Date()) {
+    console.error(
+      chalk.red(
+        "Session expired. Run `npx @meltstudio/meltctl@latest login` to re-authenticate, or set MELTCTL_TOKEN for CI."
+      )
+    );
+    process.exit(1);
+  }
+  return auth.token;
+}
+async function getClient() {
+  const token = await getToken();
+  return createMeltClient({ baseUrl: API_BASE, token });
+}
+
+// src/utils/templates.ts
+async function fetchTemplates() {
+  const client = await getClient();
+  return client.templates.fetch();
+}
+
+// src/commands/init.ts
+var SKILL_FRONTMATTER = {
+  setup: `---
+user-invocable: true
+description: >-
+  Analyze the project and customize AGENTS.md for this codebase.
+  Use when setting up a new project, after running meltctl init,
+  or when AGENTS.md has placeholder markers. Detects tech stack,
+  fills in project-specific sections, and merges existing standards.
+---
+
+`,
+  plan: `---
+user-invocable: true
+description: >-
+  Design an implementation approach before writing code. Use when
+  starting a feature, tackling a complex task, or when the developer
+  says "plan this" or "how should we approach this". Gathers requirements,
+  explores codebase, and presents a step-by-step plan for approval.
+---
+
+`,
+  review: `---
+user-invocable: true
+description: >-
+  Review code changes against project standards and address PR feedback.
+  Use when the developer asks to review changes, check code quality,
+  or respond to PR reviewer comments. Categorizes findings as must-fix,
+  should-fix, or suggestions.
+---
+
+`,
+  pr: `---
+user-invocable: true
+description: >-
+  Create a well-structured pull request from current changes. Use when
+  the developer is ready to submit work, says "create a PR", or "open
+  a pull request". Analyzes changes, runs pre-flight checks, drafts
+  description, and creates the PR via gh CLI.
+---
+
+`,
+  debug: `---
+user-invocable: true
+description: >-
+  Systematically investigate and fix bugs. Use when the developer
+  reports a bug, encounters an error, or says "debug this" or "why
+  is this failing". Reproduces the issue, isolates root cause, writes
+  regression test, and implements minimal fix.
+---
+
+`,
+  audit: `---
+user-invocable: true
+description: >-
+  Run a comprehensive project compliance audit against team standards.
+  Use when the developer wants to assess project health, check compliance,
+  or says "audit this project". Checks 15 categories including documentation,
+  testing, CI/CD, security, and AI tool setup. Produces a structured
+  report with scores and actionable fixes.
+---
+
+`,
+  "ux-audit": `---
+user-invocable: true
+description: >-
+  Review the project's UI against usability heuristics using Chrome DevTools
+  MCP. Use when the developer wants to check UX quality, says "review the UI",
+  or "UX audit". In full audit mode, crawls the entire app. During an active
+  plan, scopes to the current feature and appends results to the plan file.
+---
+
+`,
+  "security-audit": `---
+user-invocable: true
+description: >-
+  Run a comprehensive security posture audit across the entire platform.
+  Use when the developer wants to assess security, says "security audit",
+  or "check our security posture". Covers infrastructure, encryption, auth,
+  application security, data protection, CI/CD, and compliance readiness.
+  Investigates all platform repositories for a holistic view.
+---
+
+`,
+  validate: `---
+user-invocable: true
+description: >-
+  Run the validation plan from the plan document after implementation.
+  Use when the developer says "validate this", "test the feature", or
+  after finishing implementation. Validates end-to-end using browser,
+  API, or CLI testing, suggests test coverage improvements, then prompts
+  the developer for mandatory manual sign-off.
+---
+
+`,
+  update: `---
+user-invocable: true
+description: >-
+  Update Melt skills and standards to the latest version. Use when the
+  developer wants the latest skill templates, says "update melt", or
+  after a new meltctl version is released. Fetches latest templates,
+  preserves project customizations in AGENTS.md, and merges changes.
+---
+
+`,
+  help: `---
+user-invocable: true
+description: >-
+  Answer questions about the AI-First Development Playbook and team
+  workflow. Use when the developer asks about the development process,
+  what step they're on, how validation works, or any workflow question.
+  This is a reference skill \u2014 it explains the process, not executes it.
+---
+
+`,
+  link: `---
+user-invocable: true
+description: >-
+  Connect and verify required integrations (ticket tracker, browser
+  testing). Use after melt-setup, when tools aren't working, or when
+  a skill reports missing MCP connections. Guides setup, verifies
+  each tool works, and updates AGENTS.md connection status.
+---
+
+`
+};
+var OPENCODE_COMMAND_FRONTMATTER = {
+  setup: `---
+description: Analyze the project and customize AGENTS.md for this codebase.
+---
+
+`,
+  plan: `---
+description: Design an implementation approach before writing code.
+---
+
+`,
+  review: `---
+description: Review code changes against project standards and address PR feedback.
+---
+
+`,
+  pr: `---
+description: Create a well-structured pull request from current changes.
+---
+
+`,
+  debug: `---
+description: Systematically investigate and fix bugs.
+---
+
+`,
+  audit: `---
+description: Run a comprehensive project compliance audit against team standards.
+---
+
+`,
+  "ux-audit": `---
+description: Review the project's UI against usability heuristics using Chrome DevTools MCP.
+---
+
+`,
+  "security-audit": `---
+description: Run a comprehensive security posture audit across the entire platform.
+---
+
+`,
+  validate: `---
+description: Run the validation plan from the plan document after implementation.
+---
+
+`,
+  update: `---
+description: Update Melt skills and standards to the latest version.
+---
+
+`,
+  help: `---
+description: Answer questions about the AI-First Development Playbook and team workflow.
+---
+
+`,
+  link: `---
+description: Connect and verify required integrations (ticket tracker, browser testing).
+---
+
+`
+};
+var GITIGNORE_ENTRIES = [".env.local", ".claude/settings.local.json"];
+function detectExistingTools(cwd) {
+  return {
+    claude: fs2.pathExistsSync(path2.join(cwd, ".claude/settings.json")),
+    cursor: fs2.pathExistsSync(path2.join(cwd, ".cursor/commands")),
+    opencode: fs2.pathExistsSync(path2.join(cwd, ".opencode/commands"))
+  };
+}
+async function promptToolSelection(existingTools) {
+  const choices = [];
+  if (!existingTools?.claude) {
+    choices.push({ name: "Claude Code", value: "claude", checked: true });
+  }
+  if (!existingTools?.cursor) {
+    choices.push({ name: "Cursor", value: "cursor", checked: true });
+  }
+  if (!existingTools?.opencode) {
+    choices.push({ name: "OpenCode", value: "opencode", checked: true });
+  }
+  choices.push({
+    name: "Other \u2014 contact us in #dev on Slack to request support",
+    value: "other"
+  });
+  const selected = await checkbox({
+    message: "Which AI coding tools do you use?",
+    choices
+  });
+  return {
+    claude: selected.includes("claude"),
+    cursor: selected.includes("cursor"),
+    opencode: selected.includes("opencode"),
+    other: selected.includes("other")
+  };
+}
+async function initCommand(options) {
+  if (!await isAuthenticated()) {
+    console.error(chalk2.red("Not authenticated. Run `npx @meltstudio/meltctl@latest login` first."));
+    process.exit(1);
+  }
+  const cwd = process.cwd();
+  const isGitRepo = await fs2.pathExists(path2.join(cwd, ".git"));
+  if (!isGitRepo) {
+    console.log(chalk2.yellow(`Warning: ${cwd} is not a git repository.`));
+    console.log(chalk2.dim("meltctl init should be run from the root of your project."));
+    console.log();
+    const proceed = await confirm({
+      message: "Continue initializing here anyway?",
+      default: false
+    });
+    if (!proceed) {
+      console.log(chalk2.dim("Aborted. cd into your project root and try again."));
+      return;
+    }
+    console.log();
+  }
+  const alreadyInitialized = await fs2.pathExists(path2.join(cwd, "AGENTS.md"));
+  let isReInit = false;
+  let tools;
+  if (alreadyInitialized && !options.force) {
+    const existing = detectExistingTools(cwd);
+    const existingNames = [
+      existing.claude ? "Claude Code" : "",
+      existing.cursor ? "Cursor" : "",
+      existing.opencode ? "OpenCode" : ""
+    ].filter(Boolean).join(", ");
+    if (existing.claude && existing.cursor && existing.opencode) {
+      console.log(
+        chalk2.yellow("Project already initialized with all tools. Use --force to overwrite.")
+      );
+      process.exit(1);
+    }
+    console.log(
+      chalk2.dim(`Project already initialized${existingNames ? ` with ${existingNames}` : ""}.`)
+    );
+    isReInit = true;
+    if (options.claude || options.cursor || options.opencode) {
+      tools = {
+        claude: !!options.claude,
+        cursor: !!options.cursor,
+        opencode: !!options.opencode,
+        other: false
+      };
+    } else {
+      const addMore = await confirm({
+        message: "Add configuration for another tool?",
+        default: true
+      });
+      if (!addMore) {
+        process.exit(0);
+      }
+      tools = await promptToolSelection(existing);
+    }
+  } else {
+    if (options.claude || options.cursor || options.opencode) {
+      tools = {
+        claude: !!options.claude,
+        cursor: !!options.cursor,
+        opencode: !!options.opencode,
+        other: false
+      };
+    } else {
+      tools = await promptToolSelection();
+    }
+  }
+  if (!tools.claude && !tools.cursor && !tools.opencode && !tools.other) {
+    console.log(chalk2.yellow("No tools selected. Nothing to do."));
+    process.exit(0);
+  }
+  let templates;
+  try {
+    templates = await fetchTemplates();
+  } catch (error) {
+    if (error instanceof Error && error.message.includes("expired")) {
+      console.error(
+        chalk2.red("Session expired. Run `npx @meltstudio/meltctl@latest login` to re-authenticate.")
+      );
+    } else if (error instanceof Error && error.message.includes("fetch")) {
+      console.error(chalk2.red("Could not reach Melt API. Check your connection."));
+    } else {
+      console.error(
+        chalk2.red(
+          `Failed to fetch templates: ${error instanceof Error ? error.message : "Unknown error"}`
+        )
+      );
+    }
+    process.exit(1);
+  }
+  console.log(chalk2.bold("Initializing Melt development tools..."));
+  console.log();
+  const createdFiles = [];
+  const workflows = [
+    "setup",
+    "plan",
+    "validate",
+    "review",
+    "pr",
+    "debug",
+    "audit",
+    "ux-audit",
+    "security-audit",
+    "update",
+    "help",
+    "link"
+  ];
+  if (!isReInit) {
+    const agentsMd = templates["agents-md.md"];
+    if (agentsMd) {
+      await fs2.writeFile(path2.join(cwd, "AGENTS.md"), agentsMd, "utf-8");
+      createdFiles.push("AGENTS.md");
+    }
+    const mcpConfig = templates["mcp-configs/base.json"];
+    if (mcpConfig) {
+      await mergeMcpConfig(cwd, mcpConfig);
+      createdFiles.push(".mcp.json");
+    }
+    await updateGitignore(cwd);
+  }
+  if (tools.claude) {
+    const claudeSettings = templates["claude-settings.json"];
+    if (claudeSettings) {
+      await fs2.ensureDir(path2.join(cwd, ".claude"));
+      await mergeClaudeSettings(cwd, claudeSettings);
+      createdFiles.push(".claude/settings.json");
+    }
+    for (const name of workflows) {
+      const workflowContent = templates[`workflows/${name}.md`];
+      if (workflowContent) {
+        const skillDir = path2.join(cwd, `.claude/skills/melt-${name}`);
+        await fs2.ensureDir(skillDir);
+        const skillContent = SKILL_FRONTMATTER[name] + workflowContent;
+        await fs2.writeFile(path2.join(skillDir, "SKILL.md"), skillContent, "utf-8");
+      }
+    }
+    createdFiles.push(
+      ".claude/skills/melt-{setup,plan,validate,review,pr,debug,audit,ux-audit,security-audit,update,help}/SKILL.md"
+    );
+  }
+  if (tools.cursor) {
+    await fs2.ensureDir(path2.join(cwd, ".cursor/commands"));
+    for (const name of workflows) {
+      const workflowContent = templates[`workflows/${name}.md`];
+      if (workflowContent) {
+        await fs2.writeFile(
+          path2.join(cwd, `.cursor/commands/melt-${name}.md`),
+          workflowContent,
+          "utf-8"
+        );
+      }
+    }
+    createdFiles.push(
+      ".cursor/commands/melt-{setup,plan,validate,review,pr,debug,audit,ux-audit,security-audit,update,help}.md"
+    );
+  }
+  if (tools.opencode) {
+    await fs2.ensureDir(path2.join(cwd, ".opencode/commands"));
+    for (const name of workflows) {
+      const workflowContent = templates[`workflows/${name}.md`];
+      if (workflowContent) {
+        const commandContent = OPENCODE_COMMAND_FRONTMATTER[name] + workflowContent;
+        await fs2.writeFile(
+          path2.join(cwd, `.opencode/commands/melt-${name}.md`),
+          commandContent,
+          "utf-8"
+        );
+      }
+    }
+    createdFiles.push(
+      ".opencode/commands/melt-{setup,plan,validate,review,pr,debug,audit,ux-audit,security-audit,update,help}.md"
+    );
+  }
+  console.log(chalk2.green("Created files:"));
+  for (const file of createdFiles) {
+    console.log(chalk2.dim(`  ${file}`));
+  }
+  console.log();
+  if (tools.other) {
+    console.log(chalk2.cyan("Want support for your tool? Let us know in #dev on Slack"));
+    console.log();
+  }
+  const commandNames = "melt-setup, melt-plan, melt-validate, melt-review, melt-pr, melt-debug, melt-audit, melt-ux-audit, melt-security-audit, melt-update, melt-help";
+  if (tools.claude) {
+    console.log(chalk2.dim(`Available skills: /${commandNames.replace(/, /g, ", /")}`));
+  }
+  if (tools.cursor) {
+    console.log(chalk2.dim(`Available Cursor commands: ${commandNames}`));
+  }
+  if (tools.opencode) {
+    console.log(chalk2.dim(`Available OpenCode commands: /${commandNames.replace(/, /g, ", /")}`));
+  }
+  if (tools.claude || tools.cursor || tools.opencode) {
+    console.log();
+  }
+  if (!isReInit) {
+    console.log(
+      chalk2.bold.cyan("  Next step: run /melt-setup to customize AGENTS.md for your project")
+    );
+    console.log();
+    const toolInstructions = [];
+    if (tools.claude) {
+      toolInstructions.push({
+        name: "Claude Code",
+        steps: [
+          "Type /melt-setup in the chat prompt, or",
+          "Open the skills menu and select melt-setup"
+        ]
+      });
+    }
+    if (tools.cursor) {
+      toolInstructions.push({
+        name: "Cursor",
+        steps: ["Open the command menu (Cmd+K) and search for melt-setup"]
+      });
+    }
+    if (tools.opencode) {
+      toolInstructions.push({
+        name: "OpenCode",
+        steps: ["Type /melt-setup in the chat prompt"]
+      });
+    }
+    if (toolInstructions.length === 1 && toolInstructions[0]) {
+      console.log(chalk2.dim(`  In ${toolInstructions[0].name}:`));
+      for (const step of toolInstructions[0].steps) {
+        console.log(chalk2.dim(`    - ${step}`));
+      }
+    } else {
+      for (const tool of toolInstructions) {
+        console.log(chalk2.dim(`  ${tool.name}:`));
+        for (const step of tool.steps) {
+          console.log(chalk2.dim(`    - ${step}`));
+        }
+        console.log();
+      }
+    }
+    console.log();
+    console.log(chalk2.dim("  The setup skill will analyze your project and fill in AGENTS.md."));
+    console.log(
+      chalk2.dim("  Then run /melt-link to connect your ticket tracker and browser testing tools.")
+    );
+    console.log();
+  }
+  console.log(chalk2.green("Done!"));
+}
+async function mergeMcpConfig(cwd, templateContent) {
+  const mcpPath = path2.join(cwd, ".mcp.json");
+  const templateConfig = JSON.parse(templateContent);
+  if (await fs2.pathExists(mcpPath)) {
+    const existingContent = await fs2.readFile(mcpPath, "utf-8");
+    const existingConfig = JSON.parse(existingContent);
+    existingConfig.mcpServers = {
+      ...existingConfig.mcpServers,
+      ...templateConfig.mcpServers
+    };
+    await fs2.writeFile(mcpPath, JSON.stringify(existingConfig, null, 2) + "\n", "utf-8");
+  } else {
+    await fs2.writeFile(mcpPath, templateContent, "utf-8");
+  }
+}
+async function mergeClaudeSettings(cwd, templateContent) {
+  const settingsPath = path2.join(cwd, ".claude/settings.json");
+  const templateConfig = JSON.parse(templateContent);
+  if (await fs2.pathExists(settingsPath)) {
+    const existingContent = await fs2.readFile(settingsPath, "utf-8");
+    const existingConfig = JSON.parse(existingContent);
+    const existingAllow = existingConfig.permissions?.allow ?? [];
+    const existingDeny = existingConfig.permissions?.deny ?? [];
+    const templateAllow = templateConfig.permissions?.allow ?? [];
+    const templateDeny = templateConfig.permissions?.deny ?? [];
+    existingConfig.permissions = {
+      ...existingConfig.permissions,
+      allow: [.../* @__PURE__ */ new Set([...existingAllow, ...templateAllow])],
+      deny: [.../* @__PURE__ */ new Set([...existingDeny, ...templateDeny])]
+    };
+    await fs2.writeFile(settingsPath, JSON.stringify(existingConfig, null, 2) + "\n", "utf-8");
+  } else {
+    await fs2.writeFile(settingsPath, templateContent, "utf-8");
+  }
+}
+async function updateGitignore(cwd) {
+  const gitignorePath = path2.join(cwd, ".gitignore");
+  let content = "";
+  if (await fs2.pathExists(gitignorePath)) {
+    content = await fs2.readFile(gitignorePath, "utf-8");
+  }
+  const missingEntries = GITIGNORE_ENTRIES.filter((entry) => !content.includes(entry));
+  if (missingEntries.length > 0) {
+    const suffix = content.endsWith("\n") || content === "" ? "" : "\n";
+    const section = missingEntries.length > 0 ? `${suffix}
+# Melt - local settings
+${missingEntries.join("\n")}
+` : "";
+    await fs2.writeFile(gitignorePath, content + section, "utf-8");
+  }
+}
+
+// src/commands/templates.ts
+import chalk3 from "chalk";
+import fs3 from "fs-extra";
+import path3 from "path";
+import os2 from "os";
+async function templatesCommand() {
+  if (!await isAuthenticated()) {
+    console.error(chalk3.red("Not authenticated. Run `npx @meltstudio/meltctl@latest login` first."));
+    process.exit(1);
+  }
+  let templates;
+  try {
+    templates = await fetchTemplates();
+  } catch (error) {
+    if (error instanceof Error && error.message.includes("expired")) {
+      console.error(
+        chalk3.red("Session expired. Run `npx @meltstudio/meltctl@latest login` to re-authenticate.")
+      );
+    } else if (error instanceof Error && error.message.includes("fetch")) {
+      console.error(chalk3.red("Could not reach Melt API. Check your connection."));
+    } else {
+      console.error(
+        chalk3.red(
+          `Failed to fetch templates: ${error instanceof Error ? error.message : "Unknown error"}`
+        )
+      );
+    }
+    process.exit(1);
+  }
+  const tmpDir = path3.join(os2.tmpdir(), `melt-templates-${Date.now()}`);
+  await fs3.ensureDir(tmpDir);
+  for (const [filePath, content] of Object.entries(templates)) {
+    const fullPath = path3.join(tmpDir, filePath);
+    await fs3.ensureDir(path3.dirname(fullPath));
+    await fs3.writeFile(fullPath, content, "utf-8");
+  }
+  console.log(tmpDir);
+}
+
+// src/commands/login.ts
+import chalk5 from "chalk";
+import http from "http";
+import { URL } from "url";
+import { exec } from "child_process";
+
+// src/utils/banner.ts
+init_version();
+import chalk4 from "chalk";
+import gradient from "gradient-string";
+var meltGradient = gradient(["#FFC107", "#E91E63", "#00BCD4", "#FF5722"]);
+var LOGO = `
+  \u2588\u2588\u2588\u2557   \u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557  \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557
+  \u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255D\u2588\u2588\u2551  \u255A\u2550\u2550\u2588\u2588\u2554\u2550\u2550\u255D\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255D\u255A\u2550\u2550\u2588\u2588\u2554\u2550\u2550\u255D\u2588\u2588\u2551
+  \u2588\u2588\u2554\u2588\u2588\u2588\u2588\u2554\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557  \u2588\u2588\u2551     \u2588\u2588\u2551   \u2588\u2588\u2551        \u2588\u2588\u2551   \u2588\u2588\u2551
+  \u2588\u2588\u2551\u255A\u2588\u2588\u2554\u255D\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255D  \u2588\u2588\u2551     \u2588\u2588\u2551   \u2588\u2588\u2551        \u2588\u2588\u2551   \u2588\u2588\u2551
+  \u2588\u2588\u2551 \u255A\u2550\u255D \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2551   \u255A\u2588\u2588\u2588\u2588\u2588\u2588\u2557   \u2588\u2588\u2551   \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557
+  \u255A\u2550\u255D     \u255A\u2550\u255D\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u255D\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u255D\u255A\u2550\u255D    \u255A\u2550\u2550\u2550\u2550\u2550\u255D   \u255A\u2550\u255D   \u255A\u2550\u2550\u2550\u2550\u2550\u2550\u255D`;
+function printBanner() {
+  console.log(meltGradient(LOGO));
+  console.log();
+  console.log(
+    `  ${chalk4.dim("v" + CLI_VERSION)}  ${chalk4.dim("\xB7")}  ${chalk4.dim("AI-first development tools for teams")}`
+  );
+  console.log();
+}
+
+// src/commands/login.ts
+var LOGIN_TIMEOUT_MS = 6e4;
+function openBrowser(url) {
+  const command = process.platform === "darwin" ? "open" : process.platform === "win32" ? "start" : "xdg-open";
+  exec(`${command} "${url}"`);
+}
+function findFreePort() {
+  return new Promise((resolve, reject) => {
+    const server = http.createServer();
+    server.listen(0, () => {
+      const address = server.address();
+      if (address && typeof address === "object") {
+        const port = address.port;
+        server.close(() => resolve(port));
+      } else {
+        reject(new Error("Could not find free port"));
+      }
+    });
+  });
+}
+async function loginCommand() {
+  printBanner();
+  console.log(chalk5.bold("  Logging in to Melt..."));
+  const port = await findFreePort();
+  const redirectUri = `http://localhost:${port.toString()}`;
+  const authCode = await new Promise((resolve, reject) => {
+    const timeout = setTimeout(() => {
+      server.close();
+      reject(new Error("Authentication timed out. Please try again."));
+    }, LOGIN_TIMEOUT_MS);
+    const server = http.createServer((req, res) => {
+      const url = new URL(req.url ?? "/", `http://localhost:${port.toString()}`);
+      const code = url.searchParams.get("code");
+      const error = url.searchParams.get("error");
+      if (error) {
+        res.writeHead(200, { "Content-Type": "text/html" });
+        res.end(
+          "<html><body><h2>Authentication failed</h2><p>You can close this tab.</p></body></html>"
+        );
+        clearTimeout(timeout);
+        server.close();
+        reject(new Error(`Authentication denied: ${error}`));
+        return;
+      }
+      if (!code) {
+        res.writeHead(400, { "Content-Type": "text/html" });
+        res.end("<html><body><h2>Missing authorization code</h2></body></html>");
+        return;
+      }
+      res.writeHead(200, { "Content-Type": "text/html" });
+      res.end(
+        "<html><body><h2>Authentication successful!</h2><p>You can close this tab and return to your terminal.</p></body></html>"
+      );
+      clearTimeout(timeout);
+      server.close();
+      resolve(code);
+    });
+    server.listen(port, () => {
+      const authUrl = `${API_BASE}/auth/google?redirect_uri=${encodeURIComponent(redirectUri)}`;
+      console.log();
+      console.log(chalk5.bold("  A browser window will open shortly."));
+      console.log(chalk5.dim("  Please log in with your @meltstudio.co Google Workspace account."));
+      console.log();
+      setTimeout(() => {
+        openBrowser(authUrl);
+        console.log(chalk5.dim(`  If the browser didn't open, visit: ${authUrl}`));
+      }, 2e3);
+    });
+  });
+  console.log(chalk5.dim("Exchanging authorization code..."));
+  const client = createMeltClient({ baseUrl: API_BASE, token: "" });
+  try {
+    const data = await client.auth.exchangeToken(authCode, redirectUri);
+    await storeAuth({
+      token: data.token,
+      email: data.email,
+      expiresAt: data.expiresAt
+    });
+    console.log();
+    console.log(chalk5.green(`Logged in as ${data.email}`));
+  } catch (error) {
+    console.error(
+      chalk5.red(
+        `Authentication failed: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+
+// src/commands/logout.ts
+import chalk6 from "chalk";
+async function logoutCommand() {
+  const auth = await getStoredAuth();
+  await clearAuth();
+  if (auth) {
+    console.log(chalk6.green(`Logged out (was ${auth.email})`));
+  } else {
+    console.log(chalk6.dim("No active session found."));
+  }
+}
+
+// src/index.ts
+init_version_check();
+
+// src/commands/version.ts
+init_version_check();
+import chalk9 from "chalk";
+
+// src/utils/package-manager.ts
+import { execSync as execSync3 } from "child_process";
+function detectPackageManager2() {
+  try {
+    execSync3("npm list -g @meltstudio/meltctl", {
+      encoding: "utf-8",
+      stdio: "pipe"
+    });
+    return {
+      type: "npm",
+      updateCommand: "npm install -g @meltstudio/meltctl@latest"
+    };
+  } catch {
+  }
+  try {
+    execSync3("yarn global list @meltstudio/meltctl", {
+      encoding: "utf-8",
+      stdio: "pipe"
+    });
+    return {
+      type: "yarn",
+      updateCommand: "yarn global add @meltstudio/meltctl@latest"
+    };
+  } catch {
+  }
+  return {
+    type: "unknown",
+    updateCommand: "npm install -g @meltstudio/meltctl@latest"
+  };
+}
+function getUpdateInstructions() {
+  const { type, updateCommand: updateCommand2 } = detectPackageManager2();
+  if (type === "npm") {
+    return [updateCommand2, "", "Or with yarn:", "  yarn global add @meltstudio/meltctl@latest"];
+  } else if (type === "yarn") {
+    return [updateCommand2, "", "Or with npm:", "  npm install -g @meltstudio/meltctl@latest"];
+  } else {
+    return [
+      "npm install -g @meltstudio/meltctl@latest",
+      "",
+      "Or with yarn:",
+      "  yarn global add @meltstudio/meltctl@latest"
+    ];
+  }
+}
+
+// src/commands/version.ts
+async function versionCheckCommand() {
+  try {
+    const currentVersion = await getCurrentCliVersion();
+    const latestVersion = await getLatestCliVersion();
+    if (!latestVersion) {
+      console.log(chalk9.yellow("\u26A0\uFE0F  Unable to check for updates (network error)"));
+      console.log(chalk9.gray(`Current version: ${currentVersion}`));
+      return;
+    }
+    if (compareVersions(currentVersion, latestVersion)) {
+      console.log(chalk9.yellow(`\u26A0  Update available: ${currentVersion} \u2192 ${latestVersion}`));
+      console.log();
+      console.log(chalk9.white("To update, run:"));
+      const instructions = getUpdateInstructions();
+      instructions.forEach((instruction, index) => {
+        if (index === 0) {
+          console.log(chalk9.cyan(`  ${instruction}`));
+        } else if (instruction === "") {
+          console.log();
+        } else if (instruction.startsWith("Or with")) {
+          console.log(chalk9.gray(instruction));
+        } else {
+          console.log(chalk9.cyan(instruction));
+        }
+      });
+    } else {
+      console.log(chalk9.green(`\u2713 meltctl ${currentVersion} is up to date`));
+    }
+  } catch (error) {
+    console.error(
+      chalk9.red("Failed to check for updates:"),
+      error instanceof Error ? error.message : String(error)
+    );
+    process.exit(1);
+  }
+}
+
+// src/commands/standup.ts
+import chalk10 from "chalk";
+import { input, editor } from "@inquirer/prompts";
+var EDITOR_HINT = chalk10.dim("(type \\e to open your editor)");
+async function promptField(message, required) {
+  const value = await input({ message: `${message} ${EDITOR_HINT}` });
+  if (value === "\\e") {
+    try {
+      return await editor({ message });
+    } catch {
+      console.log(chalk10.yellow("Editor failed to open. Falling back to inline input."));
+      return promptField(message, required);
+    }
+  }
+  if (required && !value.trim()) {
+    console.log(chalk10.yellow("This field is required."));
+    return promptField(message, required);
+  }
+  return value;
+}
+async function standupCommand(options) {
+  if (!await isAuthenticated()) {
+    console.error(chalk10.red("Not authenticated. Run `npx @meltstudio/meltctl@latest login` first."));
+    process.exit(1);
+  }
+  const client = await getClient();
+  try {
+    const existing = await client.standups.getStatus();
+    if (existing) {
+      console.log(chalk10.yellow("\nYou already submitted a standup today:\n"));
+      console.log(chalk10.bold("Yesterday:"), existing.yesterday);
+      console.log(chalk10.bold("Today:"), existing.today);
+      if (existing.blockers) {
+        console.log(chalk10.bold("Blockers:"), existing.blockers);
+      }
+      console.log(chalk10.dim("\nTo edit your standup, use the Melt Connect frontend."));
+      return;
+    }
+  } catch {
+  }
+  let yesterday;
+  let today;
+  let blockers;
+  if (options.yesterday && options.today) {
+    yesterday = options.yesterday;
+    today = options.today;
+    blockers = options.blockers ?? "";
+  } else {
+    console.log(chalk10.bold.cyan("\n  Daily Standup Report\n"));
+    console.log(chalk10.dim("  Tip: Mention tickets, PRs, or features by name.\n"));
+    yesterday = await promptField("What did you work on yesterday?", true);
+    today = await promptField("What are you going to work on today?", true);
+    blockers = await promptField("Any blockers? (leave empty if none)", false);
+  }
+  try {
+    await client.standups.submit({
+      yesterday,
+      today,
+      blockers: blockers || void 0
+    });
+    console.log(chalk10.green("\n  \u2713 Standup submitted!\n"));
+  } catch (error) {
+    console.error(
+      chalk10.red(
+        `
+Failed to submit standup: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+
+// src/commands/feedback.ts
+import chalk11 from "chalk";
+import { input as input2, select, editor as editor2 } from "@inquirer/prompts";
+var EDITOR_HINT2 = chalk11.dim("(type \\\\e to open your editor)");
+async function promptDescription() {
+  const value = await input2({
+    message: `Write your feedback (50\u2013500 chars): ${EDITOR_HINT2}`
+  });
+  if (value === "\\e") {
+    try {
+      const editorValue = await editor2({ message: "Write your feedback:" });
+      return validateDescription(editorValue);
+    } catch {
+      console.log(chalk11.yellow("Editor failed to open. Falling back to inline input."));
+      return promptDescription();
+    }
+  }
+  return validateDescription(value);
+}
+function validateDescription(value) {
+  const trimmed = value.trim();
+  if (trimmed.length < 50) {
+    console.log(chalk11.yellow(`Too short (${trimmed.length}/50 min). Please write more.`));
+    return promptDescription();
+  }
+  if (trimmed.length > 500) {
+    console.log(chalk11.yellow(`Too long (${trimmed.length}/500 max). Please shorten it.`));
+    return promptDescription();
+  }
+  return trimmed;
+}
+async function feedbackCommand(options) {
+  if (!await isAuthenticated()) {
+    console.error(chalk11.red("Not authenticated. Run `npx @meltstudio/meltctl@latest login` first."));
+    process.exit(1);
+  }
+  const client = await getClient();
+  let toUserId;
+  let coins;
+  let description;
+  if (options.to && options.coins && options.description) {
+    toUserId = parseInt(options.to, 10);
+    coins = parseInt(options.coins, 10);
+    description = options.description;
+  } else {
+    console.log(chalk11.bold.cyan("\n  Send Feedback\n"));
+    let recipients;
+    try {
+      recipients = await client.feedback.getRecipients();
+    } catch {
+      console.error(chalk11.red("Failed to connect to the server."));
+      process.exit(1);
+    }
+    if (recipients.length === 0) {
+      console.log(chalk11.yellow("No recipients available."));
+      return;
+    }
+    const selectedRecipient = await select({
+      message: "Who would you like to recognize?",
+      choices: recipients.map((r) => ({
+        name: `${r.firstName} ${r.lastName} (${r.email})`,
+        value: r.id
+      }))
+    });
+    toUserId = selectedRecipient;
+    coins = await select({
+      message: "How many coins?",
+      choices: [
+        { name: "1 coin", value: 1 },
+        { name: "2 coins", value: 2 },
+        { name: "3 coins", value: 3 }
+      ]
+    });
+    description = await promptDescription();
+  }
+  try {
+    await client.feedback.submit({ toUserId, coins, description });
+    console.log(
+      chalk11.green(`
+  \u2713 Feedback sent! You gave ${coins} coin${coins > 1 ? "s" : ""}.
+`)
+    );
+  } catch (error) {
+    console.error(
+      chalk11.red(
+        `
+Failed to send feedback: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+
+// src/commands/coins.ts
+import chalk12 from "chalk";
+async function coinsCommand(options) {
+  if (!await isAuthenticated()) {
+    console.error(chalk12.red("Not authenticated. Run `npx @meltstudio/meltctl@latest login` first."));
+    process.exit(1);
+  }
+  if (options.leaderboard) {
+    await showLeaderboard();
+  } else {
+    await showBalance();
+  }
+}
+async function showBalance() {
+  const client = await getClient();
+  try {
+    const data = await client.coins.getBalance();
+    console.log(chalk12.bold.cyan("\n  Your Coins (last 28 days)"));
+    console.log(`  ${chalk12.bold(String(data.coins))} coin${data.coins !== 1 ? "s" : ""} received
 `);
-plan
-    .command('submit')
-    .description('submit or update a plan from a markdown file')
-    .argument('[file]', 'path to the plan file (auto-detects from .plans/ if omitted)')
-    .action(async (file) => {
-    await planSubmitCommand(file);
-});
-plan
-    .command('list')
-    .description('list submitted plans (Team Managers only)')
-    .option('--repository <repo>', 'filter by repository (owner/repo)')
-    .option('--author <email>', 'filter by author email')
-    .option('--limit <n>', 'max results (default 50, max 200)')
-    .action(async (options) => {
-    await planListCommand(options);
-});
-program
-    .command('update')
-    .description('update meltctl to the latest version')
-    .action(async () => {
-    await updateCommand();
-});
-program
-    .command('version')
-    .description('show current version')
-    .option('--check', 'also check for available updates')
-    .action(async (options) => {
-    if (options.check) {
-        await versionCheckCommand();
-    }
-    else {
-        console.log(packageJson.version);
+  } catch (error) {
+    console.error(
+      chalk12.red(
+        `Failed to fetch coins: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+async function showLeaderboard() {
+  const client = await getClient();
+  try {
+    const entries = await client.coins.getLeaderboard();
+    if (entries.length === 0) {
+      console.log(chalk12.yellow("\n  No coins have been sent in the last 28 days.\n"));
+      return;
+    }
+    console.log(chalk12.bold.cyan("\n  Leaderboard (last 28 days)\n"));
+    const maxNameLen = Math.max(...entries.map((e) => e.name.length), 4);
+    console.log(chalk12.dim(`  ${"#".padEnd(4)} ${"Name".padEnd(maxNameLen)}  Coins`));
+    entries.forEach((entry, i) => {
+      const rank = String(i + 1).padEnd(4);
+      const name = entry.name.padEnd(maxNameLen);
+      const coins = String(entry.coins);
+      console.log(`  ${rank} ${name}  ${coins}`);
+    });
+    console.log();
+  } catch (error) {
+    console.error(
+      chalk12.red(
+        `Failed to fetch leaderboard: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+
+// src/commands/audit.ts
+import chalk13 from "chalk";
+import fs5 from "fs-extra";
+import path6 from "path";
+
+// src/utils/git.ts
+import fs4 from "fs-extra";
+import path5 from "path";
+import { execSync as execSync4 } from "child_process";
+function getGitBranch() {
+  try {
+    return execSync4("git rev-parse --abbrev-ref HEAD", { encoding: "utf-8" }).trim();
+  } catch {
+    return "unknown";
+  }
+}
+function getGitCommit() {
+  try {
+    return execSync4("git rev-parse --short HEAD", { encoding: "utf-8" }).trim();
+  } catch {
+    return "unknown";
+  }
+}
+function getGitRepository() {
+  try {
+    const url = execSync4("git remote get-url origin", { encoding: "utf-8" }).trim();
+    const match = url.match(/[/:]([\w.-]+\/[\w.-]+?)(?:\.git)?$/);
+    const slug = match ? match[1] : url;
+    return { slug, url };
+  } catch {
+    return null;
+  }
+}
+function getProjectName() {
+  const cwd = process.cwd();
+  try {
+    const pkgPath = path5.join(cwd, "package.json");
+    if (fs4.pathExistsSync(pkgPath)) {
+      const pkg = fs4.readJsonSync(pkgPath);
+      if (pkg.name) {
+        return pkg.name;
+      }
+    }
+  } catch {
+  }
+  return path5.basename(cwd);
+}
+function extractTicketId(branch) {
+  const match = branch.match(/([A-Z]+-\d+)/i);
+  return match ? match[1] : null;
+}
+async function findMdFiles(dir) {
+  if (!await fs4.pathExists(dir)) {
+    return [];
+  }
+  const results = [];
+  async function walk(current) {
+    const entries = await fs4.readdir(current, { withFileTypes: true });
+    for (const entry of entries) {
+      const fullPath = path5.join(current, entry.name);
+      if (entry.isDirectory()) {
+        await walk(fullPath);
+      } else if (entry.isFile() && entry.name.endsWith(".md")) {
+        const stat = await fs4.stat(fullPath);
+        results.push({ path: fullPath, mtime: stat.mtimeMs });
+      }
+    }
+  }
+  await walk(dir);
+  results.sort((a, b) => b.mtime - a.mtime);
+  return results.map((r) => r.path);
+}
+
+// src/commands/audit.ts
+function detectAuditType(filename) {
+  const lower = filename.toLowerCase();
+  if (lower.includes("security-audit")) return "security-audit";
+  if (lower.includes("ux-audit")) return "ux-audit";
+  return "audit";
+}
+async function autoDetectAuditFile() {
+  const cwd = process.cwd();
+  const auditsDir = path6.join(cwd, ".audits");
+  const auditFiles = await findMdFiles(auditsDir);
+  if (auditFiles.length > 0) {
+    return auditFiles[0] ?? null;
+  }
+  const candidates = ["AUDIT.md", "UX-AUDIT.md", "SECURITY-AUDIT.md"];
+  for (const name of candidates) {
+    const filePath = path6.join(cwd, name);
+    if (await fs5.pathExists(filePath)) {
+      return filePath;
+    }
+  }
+  return null;
+}
+async function auditSubmitCommand(file) {
+  const client = await getClient();
+  let filePath;
+  if (file) {
+    filePath = path6.resolve(file);
+  } else {
+    const detected = await autoDetectAuditFile();
+    if (!detected) {
+      console.error(
+        chalk13.red(
+          "No audit file found. Provide a file path or create an audit in the .audits/ directory."
+        )
+      );
+      process.exit(1);
+    }
+    filePath = detected;
+    console.log(chalk13.dim(`Auto-detected audit file: ${path6.relative(process.cwd(), filePath)}`));
+  }
+  if (!await fs5.pathExists(filePath)) {
+    console.error(chalk13.red(`File not found: ${filePath}`));
+    process.exit(1);
+  }
+  const content = await fs5.readFile(filePath, "utf-8");
+  const filename = path6.basename(filePath);
+  const auditType = detectAuditType(filename);
+  const project2 = getProjectName();
+  const branch = getGitBranch();
+  const commit = getGitCommit();
+  const repo = getGitRepository();
+  try {
+    const result = await client.audits.submit({
+      type: auditType,
+      project: project2,
+      repository: repo?.slug ?? null,
+      repositoryUrl: repo?.url ?? null,
+      branch,
+      commit,
+      content,
+      metadata: { filename }
+    });
+    console.log(chalk13.green(`
+  \u2713 Audit submitted! ID: ${result.id}
+`));
+  } catch (error) {
+    console.error(
+      chalk13.red(
+        `
+Failed to submit audit: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+async function auditListCommand(options) {
+  const client = await getClient();
+  try {
+    const body = await client.audits.list({
+      type: options.type,
+      repository: options.repository,
+      latest: options.latest,
+      limit: options.limit ? parseInt(options.limit, 10) : void 0
+    });
+    if (body.audits.length === 0) {
+      console.log(chalk13.dim("\n  No audits found.\n"));
+      return;
+    }
+    const typeLabels = {
+      audit: "Tech Audit",
+      "ux-audit": "UX Audit",
+      "security-audit": "Security"
+    };
+    if (options.latest) {
+      console.log(chalk13.bold(`
+  Latest Audits (${body.count}):
+`));
+      console.log(
+        chalk13.dim(
+          `  ${"ID".padEnd(10)} ${"TYPE".padEnd(12)} ${"REPOSITORY".padEnd(40)} ${"AGE".padEnd(10)} ${"AUTHOR".padEnd(30)} DATE`
+        )
+      );
+      console.log();
+      for (const r of body.audits) {
+        printLatestAuditRow(r, typeLabels);
+      }
+    } else {
+      console.log(chalk13.bold(`
+  Audits (${body.count}):
+`));
+      const hdr = `  ${"ID".padEnd(10)} ${"TYPE".padEnd(12)} ${"REPOSITORY".padEnd(40)} ${"AUTHOR".padEnd(30)} DATE`;
+      console.log(chalk13.dim(hdr));
+      console.log();
+      for (const r of body.audits) {
+        printAuditRow(r, typeLabels);
+      }
+    }
+    console.log();
+  } catch (error) {
+    console.error(
+      chalk13.red(
+        `Failed to list audits: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+function printLatestAuditRow(r, typeLabels) {
+  const createdAt = new Date(r.created_at ?? r.createdAt);
+  const daysAgo = Math.floor((Date.now() - createdAt.getTime()) / (1e3 * 60 * 60 * 24));
+  const date = createdAt.toLocaleDateString("en-US", {
+    month: "short",
+    day: "numeric",
+    year: "numeric"
+  });
+  const repo = r.repository ?? r.project;
+  const label = typeLabels[r.type] ?? r.type;
+  const typeColor = r.type === "ux-audit" ? chalk13.yellow : r.type === "security-audit" ? chalk13.red : chalk13.magenta;
+  const ageText = daysAgo === 0 ? "today" : `${daysAgo}d ago`;
+  const isSecurityAudit = r.type === "security-audit";
+  const ageColor = isSecurityAudit ? daysAgo <= 30 ? chalk13.green : daysAgo <= 90 ? chalk13.yellow : chalk13.red : daysAgo <= 7 ? chalk13.green : daysAgo <= 30 ? chalk13.yellow : chalk13.red;
+  console.log(
+    `  ${chalk13.dim(r.id.slice(0, 8).padEnd(10))} ${typeColor(label.padEnd(12))} ${chalk13.white(repo.padEnd(40))} ${ageColor(ageText.padEnd(10))} ${chalk13.dim(r.author.padEnd(30))} ${chalk13.dim(date)}`
+  );
+}
+function printAuditRow(r, typeLabels) {
+  const date = new Date(r.createdAt).toLocaleDateString("en-US", {
+    month: "short",
+    day: "numeric",
+    year: "numeric",
+    hour: "2-digit",
+    minute: "2-digit"
+  });
+  const repo = r.repository ?? r.project;
+  const label = typeLabels[r.type] ?? r.type;
+  const typeColor = r.type === "ux-audit" ? chalk13.yellow : r.type === "security-audit" ? chalk13.red : chalk13.magenta;
+  console.log(
+    `  ${chalk13.dim(r.id.slice(0, 8).padEnd(10))} ${typeColor(label.padEnd(12))} ${chalk13.white(repo.padEnd(40))} ${chalk13.dim(r.author.padEnd(30))} ${chalk13.dim(date)}`
+  );
+  if (r.branch && r.branch !== "main") {
+    console.log(
+      `  ${" ".padEnd(10)} ${" ".padEnd(12)} ${chalk13.dim(`branch: ${r.branch}  commit: ${r.commit ?? "N/A"}`)}`
+    );
+  }
+}
+async function auditViewCommand(id, options) {
+  const client = await getClient();
+  try {
+    const audit2 = await client.audits.get(id);
+    if (options.output) {
+      const outputPath = path6.resolve(options.output);
+      await fs5.ensureDir(path6.dirname(outputPath));
+      await fs5.writeFile(outputPath, audit2.content, "utf-8");
+      console.log(chalk13.green(`
+  \u2713 Audit saved to ${path6.relative(process.cwd(), outputPath)}
+`));
+    } else {
+      const typeLabels = {
+        audit: "Tech Audit",
+        "ux-audit": "UX Audit",
+        "security-audit": "Security Audit"
+      };
+      const label = typeLabels[audit2.type] ?? audit2.type;
+      const date = new Date(audit2.createdAt).toLocaleDateString("en-US", {
+        month: "short",
+        day: "numeric",
+        year: "numeric"
+      });
+      const repo = audit2.repository ?? audit2.project;
+      console.log();
+      console.log(chalk13.dim(`  ${label} \xB7 ${repo} \xB7 ${audit2.author} \xB7 ${date}`));
+      console.log();
+      console.log(audit2.content);
     }
+  } catch (error) {
+    console.error(
+      chalk13.red(
+        `Failed to fetch audit: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+
+// src/commands/plan.ts
+import chalk14 from "chalk";
+import fs6 from "fs-extra";
+import path7 from "path";
+function extractFrontmatterStatus(content) {
+  const match = content.match(/^---\n([\s\S]*?)\n---/);
+  if (!match) return null;
+  const statusMatch = match[1].match(/^status:\s*(.+)$/m);
+  return statusMatch ? statusMatch[1].trim() : null;
+}
+async function autoDetectPlanFile() {
+  const cwd = process.cwd();
+  const plansDir = path7.join(cwd, ".plans");
+  const mdFiles = await findMdFiles(plansDir);
+  if (mdFiles.length === 0) {
+    return null;
+  }
+  const branch = getGitBranch();
+  const ticketId = extractTicketId(branch);
+  if (ticketId) {
+    const ticketLower = ticketId.toLowerCase();
+    const match = mdFiles.find((f) => path7.basename(f).toLowerCase().includes(ticketLower));
+    if (match) {
+      return match;
+    }
+  }
+  return mdFiles[0] ?? null;
+}
+async function planSubmitCommand(file) {
+  const client = await getClient();
+  let filePath;
+  if (file) {
+    filePath = path7.resolve(file);
+  } else {
+    const detected = await autoDetectPlanFile();
+    if (!detected) {
+      console.error(
+        chalk14.red(
+          "No plan file found. Provide a file path or create a plan in the .plans/ directory."
+        )
+      );
+      process.exit(1);
+    }
+    filePath = detected;
+    console.log(chalk14.dim(`Auto-detected plan file: ${path7.relative(process.cwd(), filePath)}`));
+  }
+  if (!await fs6.pathExists(filePath)) {
+    console.error(chalk14.red(`File not found: ${filePath}`));
+    process.exit(1);
+  }
+  const content = await fs6.readFile(filePath, "utf-8");
+  const filename = path7.basename(filePath);
+  const project2 = getProjectName();
+  const branch = getGitBranch();
+  const commit = getGitCommit();
+  const repo = getGitRepository();
+  const ticket = extractTicketId(branch) ?? extractTicketId(filename);
+  const status = extractFrontmatterStatus(content);
+  try {
+    const result = await client.plans.submit({
+      project: project2,
+      repository: repo?.slug ?? null,
+      repositoryUrl: repo?.url ?? null,
+      branch,
+      commit,
+      content,
+      ticket: ticket ?? null,
+      status: status ?? null,
+      metadata: { filename }
+    });
+    if (result.created) {
+      console.log(chalk14.green(`
+  \u2713 Plan submitted! ID: ${result.id}
+`));
+    } else {
+      console.log(chalk14.green(`
+  \u2713 Plan updated! ID: ${result.id}
+`));
+    }
+  } catch (error) {
+    console.error(
+      chalk14.red(
+        `Failed to submit plan: ${error instanceof Error ? error.message : "Unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+}
+async function planListCommand(options) {
+  const client = await getClient();
+  try {
+    const body = await client.plans.list({
+      repository: options.repository,
+      author: options.author,
+      limit: options.limit ? parseInt(options.limit, 10) : void 0
+    });
+    if (body.plans.length === 0) {
+      console.log(chalk14.dim("\n  No plans found.\n"));
+      return;
+    }
+    console.log(chalk14.bold(`
+  Plans (${body.count}):
+`));
+    console.log(
+      chalk14.dim(
+        `  ${"TICKET".padEnd(14)} ${"STATUS".padEnd(12)} ${"REPOSITORY".padEnd(36)} ${"AUTHOR".padEnd(30)} UPDATED`
+      )
+    );
+    console.log();
+    const statusColors = {
+      submitted: chalk14.dim,
+      approved: chalk14.cyan,
+      validated: chalk14.green,
+      reviewed: chalk14.magenta
+    };
+    for (const p of body.plans) {
+      const date = new Date(p.updatedAt).toLocaleDateString("en-US", {
+        month: "short",
+        day: "numeric",
+        year: "numeric",
+        hour: "2-digit",
+        minute: "2-digit"
+      });
+      const repo = p.repository ?? p.project;
+      const ticket = p.ticket ?? "-";
+      const colorFn = statusColors[p.status] ?? chalk14.dim;
+      console.log(
+        `  ${chalk14.white(ticket.padEnd(14))} ${colorFn(p.status.padEnd(12))} ${chalk14.white(repo.padEnd(36))} ${chalk14.dim(p.author.padEnd(30))} ${chalk14.dim(date)}`
+      );
+    }
+    console.log();
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : "Unknown error";
+    console.error(chalk14.red(`Failed to list plans: ${msg}`));
+    process.exit(1);
+  }
+}
+
+// src/index.ts
+init_update();
+
+// src/utils/debug.ts
+import chalk15 from "chalk";
+function debugLog(message) {
+  if (process.env["MELTCTL_DEBUG"]) {
+    console.error(chalk15.dim(`[debug] ${message}`));
+  }
+}
+
+// src/utils/analytics.ts
+init_version();
+async function trackCommand(command, success, errorMessage) {
+  try {
+    if (process.env["MELTCTL_NO_ANALYTICS"]) {
+      debugLog("Analytics disabled via MELTCTL_NO_ANALYTICS");
+      return;
+    }
+    const auth = await getStoredAuth();
+    if (!auth || new Date(auth.expiresAt) <= /* @__PURE__ */ new Date()) {
+      debugLog("Analytics skipped: not authenticated or token expired");
+      return;
+    }
+    const repo = getGitRepository();
+    const client = createMeltClient({ baseUrl: API_BASE, token: auth.token });
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), 3e3);
+    try {
+      await client.events.submit({
+        command,
+        project: getProjectName(),
+        repository: repo?.slug ?? null,
+        branch: getGitBranch(),
+        version: CLI_VERSION,
+        success,
+        errorMessage: errorMessage?.slice(0, 500) ?? null
+      });
+      debugLog(`Analytics event sent for "${command}"`);
+    } catch (e) {
+      debugLog(`Analytics error: ${e instanceof Error ? e.message : e}`);
+    }
+    clearTimeout(timeout);
+  } catch (e) {
+    debugLog(`Analytics error: ${e instanceof Error ? e.message : e}`);
+  }
+}
+
+// src/index.ts
+init_version();
+var program = new Command();
+program.name("meltctl").description(
+  "Set up AI-first development standards (AGENTS.md, Claude skills, Cursor commands, OpenCode commands, MCP config) in your project.\n\nRequires a @meltstudio.co Google Workspace account. Run `npx @meltstudio/meltctl@latest login` first, then `npx @meltstudio/meltctl@latest project init` in your repo."
+).version(CLI_VERSION).addHelpText("beforeAll", () => {
+  printBanner();
+  return "";
+}).addHelpText(
+  "after",
+  `
+${chalk16.bold("AI Skills")} ${chalk16.dim("(run these in your AI coding tool, not the CLI):")}
+${chalk16.dim("  /melt-setup            Analyze the project and customize AGENTS.md")}
+${chalk16.dim("  /melt-link             Connect and verify ticket tracker + browser testing")}
+${chalk16.dim("  /melt-plan             Design an implementation approach before writing code")}
+${chalk16.dim("  /melt-validate         Run the validation plan and verify end-to-end")}
+${chalk16.dim("  /melt-review           Review changes against project standards")}
+${chalk16.dim("  /melt-pr               Create a well-structured pull request")}
+${chalk16.dim("  /melt-debug            Systematically investigate and fix bugs")}
+${chalk16.dim("  /melt-audit            Run a project compliance audit")}
+${chalk16.dim("  /melt-ux-audit         Review UI against usability heuristics")}
+${chalk16.dim("  /melt-security-audit   Run a security posture audit across the platform")}
+${chalk16.dim("  /melt-update           Update Melt skills to the latest version")}
+${chalk16.dim("  /melt-help             Answer questions about the development playbook")}
+`
+).hook("preAction", async () => {
+  await checkAndEnforceUpdate();
+}).hook("postAction", async (_thisCommand, actionCommand) => {
+  try {
+    const parts = [];
+    let cmd = actionCommand;
+    while (cmd && cmd.name() !== "meltctl") {
+      parts.unshift(cmd.name());
+      cmd = cmd.parent;
+    }
+    await trackCommand(parts.join(" "), true);
+  } catch {
+  }
+});
+program.command("login").description("authenticate with Google Workspace (opens browser)").action(async () => {
+  await loginCommand();
+});
+program.command("logout").description("clear stored credentials from ~/.meltctl/").action(async () => {
+  await logoutCommand();
+});
+var project = program.command("project").description("manage project configuration").addHelpText(
+  "after",
+  `
+${chalk16.dim("Related skills (run in your AI coding tool after init):")}
+${chalk16.dim("  /melt-setup    Analyze the project and customize AGENTS.md")}
+${chalk16.dim("  /melt-link     Connect and verify ticket tracker + browser testing")}
+${chalk16.dim("  /melt-update   Update Melt skills to the latest version")}
+`
+);
+project.command("init").description(
+  "scaffold Melt development tools into the current directory (AGENTS.md, .claude/, .cursor/, .opencode/, .mcp.json)"
+).option("--force", "overwrite existing files if already initialized").option("--claude", "generate Claude Code configuration").option("--cursor", "generate Cursor configuration").option("--opencode", "generate OpenCode configuration").action((options) => {
+  return initCommand({
+    force: options.force,
+    claude: options.claude,
+    cursor: options.cursor,
+    opencode: options.opencode
+  });
+});
+project.command("templates").description("fetch latest templates to a temp directory (for /melt-update)").action(async () => {
+  await templatesCommand();
+});
+program.command("standup").description("submit your daily standup report").addOption(new Option("--yesterday <text>").hideHelp()).addOption(new Option("--today <text>").hideHelp()).addOption(new Option("--blockers <text>").hideHelp()).action(async (options) => {
+  await standupCommand(options);
+});
+program.command("feedback").description("send feedback and coins to a teammate").addOption(new Option("--to <userId>").hideHelp()).addOption(new Option("--coins <amount>").hideHelp()).addOption(new Option("--description <text>").hideHelp()).action(async (options) => {
+  await feedbackCommand(options);
+});
+program.command("coins").description("check your coin balance or the team leaderboard").option("--leaderboard", "show the team leaderboard").action(async (options) => {
+  await coinsCommand(options);
+});
+var audit = program.command("audit").description("submit and list audits").addHelpText(
+  "after",
+  `
+${chalk16.dim("Related skills (run in your AI coding tool):")}
+${chalk16.dim("  /melt-audit            Run a project compliance audit")}
+${chalk16.dim("  /melt-ux-audit         Review UI against usability heuristics")}
+${chalk16.dim("  /melt-security-audit   Run a security posture audit across the platform")}
+`
+);
+audit.command("submit").description("submit an audit report from a markdown file").argument("[file]", "path to the audit file (auto-detects from .audits/ if omitted)").action(async (file) => {
+  await auditSubmitCommand(file);
+});
+audit.command("list").description("list submitted audits (Team Managers only)").option("--type <type>", "filter by type (audit, ux-audit, security-audit)").option("--repository <repo>", "filter by repository (owner/repo)").option("--latest", "show only the latest audit per project and type").option("--limit <n>", "max results (default 50, max 200)").action(async (options) => {
+  await auditListCommand(options);
+});
+audit.command("view").description("view a submitted audit by ID (Team Managers only)").argument("<id>", "audit ID").option("-o, --output <file>", "save to file instead of printing").action(async (id, options) => {
+  await auditViewCommand(id, options);
+});
+var plan = program.command("plan").description("submit and list plans").addHelpText(
+  "after",
+  `
+${chalk16.dim("Related skill (run in your AI coding tool):")}
+${chalk16.dim("  /melt-plan   Design an implementation approach before writing code")}
+`
+);
+plan.command("submit").description("submit or update a plan from a markdown file").argument("[file]", "path to the plan file (auto-detects from .plans/ if omitted)").action(async (file) => {
+  await planSubmitCommand(file);
+});
+plan.command("list").description("list submitted plans (Team Managers only)").option("--repository <repo>", "filter by repository (owner/repo)").option("--author <email>", "filter by author email").option("--limit <n>", "max results (default 50, max 200)").action(async (options) => {
+  await planListCommand(options);
+});
+program.command("update").description("update meltctl to the latest version").action(async () => {
+  await updateCommand();
+});
+program.command("version").description("show current version").option("--check", "also check for available updates").action(async (options) => {
+  if (options.check) {
+    await versionCheckCommand();
+  } else {
+    console.log(CLI_VERSION);
+  }
 });
 program.parseAsync(process.argv).catch((error) => {
-    const message = error instanceof Error ? error.message : 'An unexpected error occurred';
-    const commandName = process.argv
-        .slice(2)
-        .filter(a => !a.startsWith('-'))
-        .join(' ') || 'unknown';
-    trackCommand(commandName, false, message);
-    console.error(chalk.red(message));
-    process.exit(1);
+  const message = error instanceof Error ? error.message : "An unexpected error occurred";
+  const commandName = process.argv.slice(2).filter((a) => !a.startsWith("-")).join(" ") || "unknown";
+  trackCommand(commandName, false, message);
+  console.error(chalk16.red(message));
+  process.exit(1);
 });