@mercuryo-ai/magicpay-cli 0.1.0

package/dist/commands/find-form.js

@@ -0,0 +1,138 @@
+import { enrichObservedFormsForUrl } from '@mercuryo-ai/magicpay-sdk/agentbrowse';
+import { observe } from '../browser-bridge/observe.js';
+import { listFillableForms } from '../fillable-form-state.js';
+import { getResolvedSubmitTarget, } from './submit-form.js';
+function normalizePurpose(purpose) {
+    return purpose ?? 'auto';
+}
+function readHost(url) {
+    if (!url) {
+        return undefined;
+    }
+    try {
+        return new URL(url).host;
+    }
+    catch {
+        return undefined;
+    }
+}
+function readString(value) {
+    return typeof value === 'string' ? value : undefined;
+}
+function toFindFormView(session, url) {
+    const runtimeForms = listFillableForms(session).filter((form) => form.presence !== 'absent');
+    const catalogByHost = 'secretCatalogByHost' in session &&
+        session.secretCatalogByHost &&
+        typeof session.secretCatalogByHost === 'object'
+        ? session.secretCatalogByHost
+        : undefined;
+    const forms = url
+        ? enrichObservedFormsForUrl(runtimeForms, catalogByHost, url)
+        : runtimeForms.map((form) => ({
+            ...form,
+            storedSecretCandidates: [],
+        }));
+    return forms.map((form) => {
+        const submitTarget = getResolvedSubmitTarget(session, form.fillRef);
+        return {
+            ...(submitTarget ? { submit: submitTarget } : {}),
+            fillRef: form.fillRef,
+            ...(form.scopeRef ? { scopeRef: form.scopeRef } : {}),
+            purpose: form.purpose,
+            presence: form.presence === 'unknown' ? 'unknown' : 'present',
+            observedAt: form.observedAt,
+            fields: form.fields.map((field) => ({
+                fieldKey: field.fieldKey,
+                targetRef: field.targetRef,
+                ...(field.label ? { label: field.label } : {}),
+                ...(typeof field.required === 'boolean' ? { required: field.required } : {}),
+                ...(field.valueHint ? { valueHint: field.valueHint } : {}),
+            })),
+            storedSecretCandidates: form.storedSecretCandidates.map((candidate) => ({
+                storedSecretRef: candidate.storedSecretRef,
+                kind: candidate.kind,
+                scope: candidate.scope,
+                displayName: candidate.displayName,
+                matchConfidence: candidate.matchConfidence,
+                intentRequired: candidate.intentRequired,
+            })),
+        };
+    });
+}
+function selectionReasonFor(purpose) {
+    return purpose === 'auto'
+        ? 'single_supported_form_on_page'
+        : 'single_matching_form_for_requested_purpose';
+}
+export async function findForm(session, options = {}) {
+    const requestedPurpose = normalizePurpose(options.purpose);
+    const observed = await observe(session);
+    const observedPageRef = readString('pageRef' in observed ? observed.pageRef : undefined);
+    const observedUrl = readString('url' in observed ? observed.url : undefined);
+    const observedTitle = readString('title' in observed ? observed.title : undefined);
+    if (!observed.success) {
+        return {
+            success: false,
+            outcomeType: 'blocked',
+            error: observed.error === 'browser_connection_failed'
+                ? 'browser_connection_failed'
+                : 'page_resolution_failed',
+            message: 'Protected form discovery could not inspect the current page.',
+            reason: observed.reason,
+            ...(observedPageRef ? { pageRef: observedPageRef } : {}),
+            nextAction: observed.error === 'browser_connection_failed' ? 'attach' : 'ask-user',
+        };
+    }
+    const forms = toFindFormView(session, observedUrl);
+    const matchingForms = requestedPurpose === 'auto'
+        ? forms
+        : forms.filter((form) => form.purpose === requestedPurpose);
+    if (matchingForms.length === 0) {
+        return {
+            success: false,
+            outcomeType: 'blocked',
+            error: 'protected_form_not_found',
+            message: 'No supported protected form was found on the current page.',
+            reason: requestedPurpose === 'auto'
+                ? 'MagicPay did not detect a supported login, identity, or payment-card form on the current page.'
+                : `MagicPay did not detect a supported ${requestedPurpose} form on the current page.`,
+            ...(observedPageRef ? { pageRef: observedPageRef } : {}),
+            ...(observedUrl ? { url: observedUrl } : {}),
+            ...(observedTitle ? { title: observedTitle } : {}),
+            purpose: requestedPurpose,
+            nextAction: 'ask-user',
+        };
+    }
+    if (matchingForms.length > 1) {
+        return {
+            success: false,
+            outcomeType: 'blocked',
+            error: 'protected_form_ambiguous',
+            message: 'Multiple supported protected forms were found, so MagicPay will not guess.',
+            reason: requestedPurpose === 'auto'
+                ? 'More than one supported protected form is currently present on the page.'
+                : `More than one supported ${requestedPurpose} form is currently present on the page.`,
+            ...(observedPageRef ? { pageRef: observedPageRef } : {}),
+            ...(observedUrl ? { url: observedUrl } : {}),
+            ...(observedTitle ? { title: observedTitle } : {}),
+            purpose: requestedPurpose,
+            forms: matchingForms,
+            nextAction: 'ask-user',
+        };
+    }
+    const selectedForm = matchingForms[0];
+    return {
+        success: true,
+        outcomeType: 'form_found',
+        pageRef: observedPageRef ?? session.runtime?.currentPageRef ?? 'p0',
+        url: observedUrl ?? '',
+        title: observedTitle ?? '',
+        ...(readHost(observedUrl) ? { host: readHost(observedUrl) } : {}),
+        purpose: requestedPurpose === 'auto' ? selectedForm.purpose : requestedPurpose,
+        formCount: matchingForms.length,
+        selectedFillRef: selectedForm.fillRef,
+        selectionReason: selectionReasonFor(requestedPurpose),
+        nextAction: 'request-secret',
+        forms: matchingForms,
+    };
+}

package/dist/commands/get-secrets-catalog.d.ts

@@ -0,0 +1,13 @@
+import type { SecretCatalog } from '@mercuryo-ai/magicpay-sdk';
+import type { MagicPaySession } from '../workflow-state.js';
+export type GetSecretsCatalogResult = ({
+    success: true;
+} & SecretCatalog) | {
+    success: false;
+    error: 'workflow_session_required' | 'secret_sync_missing_url';
+    outcomeType: 'blocked';
+    message: string;
+    reason: string;
+};
+export declare function getSecretsCatalog(session: MagicPaySession, urlOrHost?: string): Promise<GetSecretsCatalogResult>;
+//# sourceMappingURL=get-secrets-catalog.d.ts.map

package/dist/commands/get-secrets-catalog.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-secrets-catalog.d.ts","sourceRoot":"","sources":["../../src/commands/get-secrets-catalog.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE/D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAM5D,MAAM,MAAM,uBAAuB,GAC/B,CAAC;IAAE,OAAO,EAAE,IAAI,CAAA;CAAE,GAAG,aAAa,CAAC,GACnC;IACE,OAAO,EAAE,KAAK,CAAC;IACf,KAAK,EAAE,2BAA2B,GAAG,yBAAyB,CAAC;IAC/D,WAAW,EAAE,SAAS,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAyBN,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,eAAe,EACxB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,uBAAuB,CAAC,CAmFlC"}

package/dist/commands/get-secrets-catalog.js

@@ -0,0 +1,103 @@
+import { exportRunStepToOtlpHttpJsonBestEffort } from '../otel-exporter.js';
+import { finishRunStep, startRunStep } from '../run-store.js';
+import { getSecretBackend } from '../secret-backend.js';
+import { saveSecretCatalog } from '../secret-state.js';
+import { saveMagicPaySession } from '../workflow-state.js';
+function getCurrentSessionPageUrl(session) {
+    const pageRef = session.runtime?.currentPageRef ?? 'p0';
+    return session.runtime?.pages?.[pageRef]?.url ?? null;
+}
+function formatUnknownError(error) {
+    if (error instanceof Error) {
+        return error.message;
+    }
+    if (typeof error === 'string') {
+        return error;
+    }
+    if (error && typeof error === 'object') {
+        try {
+            return JSON.stringify(error);
+        }
+        catch {
+            return Object.prototype.toString.call(error);
+        }
+    }
+    return String(error);
+}
+export async function getSecretsCatalog(session, urlOrHost) {
+    const pageRef = session.runtime?.currentPageRef ?? 'p0';
+    const step = session.activeRunId
+        ? startRunStep({
+            runId: session.activeRunId,
+            command: 'get-secrets-catalog',
+            input: {
+                urlOrHost: urlOrHost ?? null,
+            },
+            refs: {
+                pageRef,
+            },
+        })
+        : null;
+    const finalizeStep = async (result) => {
+        if (step) {
+            finishRunStep({
+                runId: step.runId,
+                stepId: step.stepId,
+                success: result.success,
+                ...('outcomeType' in result && result.outcomeType
+                    ? { outcomeType: result.outcomeType }
+                    : {}),
+                ...('message' in result && typeof result.message === 'string'
+                    ? { message: result.message }
+                    : {}),
+                ...('reason' in result && typeof result.reason === 'string'
+                    ? { reason: result.reason }
+                    : {}),
+            });
+            await exportRunStepToOtlpHttpJsonBestEffort(step.runId, step.stepId);
+        }
+        return result;
+    };
+    try {
+        if (!session.intentSessionId) {
+            return finalizeStep({
+                success: false,
+                error: 'workflow_session_required',
+                outcomeType: 'blocked',
+                message: 'Stored-secret sync could not start because no active workflow session is bound to this browser.',
+                reason: 'Run `magicpay start-session` first so MagicPay can scope catalog access to the current workflow session.',
+            });
+        }
+        const syncInput = urlOrHost ?? getCurrentSessionPageUrl(session);
+        if (!syncInput) {
+            return finalizeStep({
+                success: false,
+                error: 'secret_sync_missing_url',
+                outcomeType: 'blocked',
+                message: 'Stored-secret sync could not start because there is no current URL.',
+                reason: 'Provide a URL explicitly or create page context first by navigating or observing.',
+            });
+        }
+        const snapshot = await getSecretBackend().fetchSecretCatalog(session.intentSessionId, syncInput);
+        saveSecretCatalog(session, snapshot);
+        saveMagicPaySession(session);
+        return finalizeStep({
+            success: true,
+            ...snapshot,
+        });
+    }
+    catch (error) {
+        if (step) {
+            finishRunStep({
+                runId: step.runId,
+                stepId: step.stepId,
+                success: false,
+                outcomeType: 'secret_sync_failed',
+                message: 'Stored-secret sync failed.',
+                reason: formatUnknownError(error),
+            });
+            await exportRunStepToOtlpHttpJsonBestEffort(step.runId, step.stepId);
+        }
+        throw error;
+    }
+}

package/dist/commands/init.d.ts

@@ -0,0 +1,10 @@
+export interface InitResult {
+    success: true;
+    configPath: string;
+    gateway: {
+        apiKeyConfigured: true;
+        apiUrl: string;
+    };
+}
+export declare function init(apiKey: string, apiUrl?: string): InitResult;
+//# sourceMappingURL=init.d.ts.map

package/dist/commands/init.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,IAAI,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE;QACP,gBAAgB,EAAE,IAAI,CAAC;QACvB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;CACH;AAMD,wBAAgB,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,UAAU,CAwBhE"}

package/dist/commands/init.js

@@ -0,0 +1,28 @@
+import { getConfigPath, readConfig, writeConfig } from '../config.js';
+import { DEFAULT_MAGICPAY_API_URL } from '../generated/build-config.js';
+function normalizeApiUrl(value) {
+    return value.replace(/\/$/, '');
+}
+export function init(apiKey, apiUrl) {
+    const config = readConfig();
+    const normalizedApiKey = apiKey.trim();
+    const normalizedApiUrl = apiUrl?.trim()
+        ? normalizeApiUrl(apiUrl.trim())
+        : DEFAULT_MAGICPAY_API_URL;
+    writeConfig({
+        ...config,
+        gateway: {
+            ...(config.gateway ?? {}),
+            apiKey: normalizedApiKey,
+            apiUrl: normalizedApiUrl,
+        },
+    });
+    return {
+        success: true,
+        configPath: getConfigPath(),
+        gateway: {
+            apiKeyConfigured: true,
+            apiUrl: normalizedApiUrl,
+        },
+    };
+}

package/dist/commands/launch.d.ts

@@ -0,0 +1,4 @@
+import { type LaunchOptions, type LaunchResult } from '@mercuryo-ai/agentbrowse';
+export type { LaunchOptions, LaunchResult };
+export declare function launch(url?: string, options?: LaunchOptions): Promise<LaunchResult>;
+//# sourceMappingURL=launch.d.ts.map

package/dist/commands/launch.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"launch.d.ts","sourceRoot":"","sources":["../../src/commands/launch.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,aAAa,EAClB,KAAK,YAAY,EAClB,MAAM,0BAA0B,CAAC;AAQlC,YAAY,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC;AAE5C,wBAAsB,MAAM,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC,CAOzF"}

package/dist/commands/launch.js

@@ -0,0 +1,10 @@
+import { close as closeBrowser, launch as launchBrowser, } from '@mercuryo-ai/agentbrowse';
+import { loadMagicPayBrowserSession, loadMagicPaySession, saveMagicPaySession, } from '../workflow-state.js';
+export async function launch(url, options) {
+    await closeBrowser(loadMagicPaySession() ?? loadMagicPayBrowserSession());
+    const result = await launchBrowser(url, options);
+    if (result.success) {
+        saveMagicPaySession(result.session);
+    }
+    return result;
+}

package/dist/commands/mock-approve-secret.d.ts

@@ -0,0 +1,21 @@
+export type MockApproveSecretResult = {
+    success: true;
+    requestId: string;
+    sessionId: string;
+    status: 'fulfilled';
+    updatedAt: string;
+    resolvedAt?: string;
+    expiresAt?: string;
+    message: string;
+    reason: string;
+} | {
+    success: false;
+    error: 'mock_secret_backend_disabled' | 'secret_request_not_found' | 'secret_request_expired' | 'secret_request_not_pending' | 'mock_secret_request_approval_failed';
+    outcomeType: 'blocked' | 'failed';
+    message: string;
+    reason: string;
+    requestId: string;
+    requestStatus?: string;
+};
+export declare function mockApproveSecret(requestId: string): Promise<MockApproveSecretResult>;
+//# sourceMappingURL=mock-approve-secret.d.ts.map

package/dist/commands/mock-approve-secret.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mock-approve-secret.d.ts","sourceRoot":"","sources":["../../src/commands/mock-approve-secret.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,uBAAuB,GAC/B;IACE,OAAO,EAAE,IAAI,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,WAAW,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB,GACD;IACE,OAAO,EAAE,KAAK,CAAC;IACf,KAAK,EACD,8BAA8B,GAC9B,0BAA0B,GAC1B,wBAAwB,GACxB,4BAA4B,GAC5B,qCAAqC,CAAC;IAC1C,WAAW,EAAE,SAAS,GAAG,QAAQ,CAAC;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEN,wBAAsB,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAsE3F"}

package/dist/commands/mock-approve-secret.js

@@ -0,0 +1,69 @@
+import { approveMockSecretRequest, SecretBackendDisabledError, } from '../secret-backend.js';
+export async function mockApproveSecret(requestId) {
+    try {
+        const result = approveMockSecretRequest(requestId);
+        return {
+            success: true,
+            requestId: result.requestId,
+            sessionId: result.sessionId,
+            status: 'fulfilled',
+            updatedAt: result.updatedAt,
+            ...(result.resolvedAt ? { resolvedAt: result.resolvedAt } : {}),
+            ...(result.expiresAt ? { expiresAt: result.expiresAt } : {}),
+            message: 'Mock secret request is approved and ready to fill.',
+            reason: 'MagicPay CLI marked the local mock secret request as fulfilled.',
+        };
+    }
+    catch (error) {
+        if (error instanceof SecretBackendDisabledError) {
+            return {
+                success: false,
+                error: 'mock_secret_backend_disabled',
+                outcomeType: 'blocked',
+                message: 'Mock secret approval is unavailable.',
+                reason: error.message,
+                requestId,
+            };
+        }
+        const reason = error instanceof Error ? error.message : String(error);
+        if (reason === 'secret_request_not_found') {
+            return {
+                success: false,
+                error: 'secret_request_not_found',
+                outcomeType: 'blocked',
+                message: 'Mock secret approval failed because the request does not exist.',
+                reason: 'MagicPay mock storage did not find a secret request for the provided request ID.',
+                requestId,
+            };
+        }
+        if (reason === 'secret_request_expired') {
+            return {
+                success: false,
+                error: 'secret_request_expired',
+                outcomeType: 'blocked',
+                message: 'Mock secret approval failed because the request already expired.',
+                reason: 'MagicPay mock storage already considers this secret request expired.',
+                requestId,
+            };
+        }
+        if (reason.startsWith('secret_request_not_pending:')) {
+            return {
+                success: false,
+                error: 'secret_request_not_pending',
+                outcomeType: 'blocked',
+                message: 'Mock secret approval failed because the request is no longer pending.',
+                reason: 'MagicPay mock storage can only approve pending secret requests.',
+                requestId,
+                requestStatus: reason.slice('secret_request_not_pending:'.length),
+            };
+        }
+        return {
+            success: false,
+            error: 'mock_secret_request_approval_failed',
+            outcomeType: 'failed',
+            message: 'Mock secret approval failed.',
+            reason,
+            requestId,
+        };
+    }
+}

package/dist/commands/mock-deny-secret.d.ts

@@ -0,0 +1,21 @@
+export type MockDenySecretResult = {
+    success: true;
+    requestId: string;
+    sessionId: string;
+    status: 'denied';
+    updatedAt: string;
+    resolvedAt?: string;
+    expiresAt?: string;
+    message: string;
+    reason: string;
+} | {
+    success: false;
+    error: 'mock_secret_backend_disabled' | 'secret_request_not_found' | 'secret_request_expired' | 'secret_request_not_pending' | 'mock_secret_request_denial_failed';
+    outcomeType: 'blocked' | 'failed';
+    message: string;
+    reason: string;
+    requestId: string;
+    requestStatus?: string;
+};
+export declare function mockDenySecret(requestId: string): Promise<MockDenySecretResult>;
+//# sourceMappingURL=mock-deny-secret.d.ts.map

package/dist/commands/mock-deny-secret.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mock-deny-secret.d.ts","sourceRoot":"","sources":["../../src/commands/mock-deny-secret.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,oBAAoB,GAC5B;IACE,OAAO,EAAE,IAAI,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,QAAQ,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB,GACD;IACE,OAAO,EAAE,KAAK,CAAC;IACf,KAAK,EACD,8BAA8B,GAC9B,0BAA0B,GAC1B,wBAAwB,GACxB,4BAA4B,GAC5B,mCAAmC,CAAC;IACxC,WAAW,EAAE,SAAS,GAAG,QAAQ,CAAC;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEN,wBAAsB,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAsErF"}

package/dist/commands/mock-deny-secret.js

@@ -0,0 +1,69 @@
+import { denyMockSecretRequest, SecretBackendDisabledError, } from '../secret-backend.js';
+export async function mockDenySecret(requestId) {
+    try {
+        const result = denyMockSecretRequest(requestId);
+        return {
+            success: true,
+            requestId: result.requestId,
+            sessionId: result.sessionId,
+            status: 'denied',
+            updatedAt: result.updatedAt,
+            ...(result.resolvedAt ? { resolvedAt: result.resolvedAt } : {}),
+            ...(result.expiresAt ? { expiresAt: result.expiresAt } : {}),
+            message: 'Mock secret request is denied and cannot be used.',
+            reason: 'MagicPay CLI marked the local mock secret request as denied.',
+        };
+    }
+    catch (error) {
+        if (error instanceof SecretBackendDisabledError) {
+            return {
+                success: false,
+                error: 'mock_secret_backend_disabled',
+                outcomeType: 'blocked',
+                message: 'Mock secret denial is unavailable.',
+                reason: error.message,
+                requestId,
+            };
+        }
+        const reason = error instanceof Error ? error.message : String(error);
+        if (reason === 'secret_request_not_found') {
+            return {
+                success: false,
+                error: 'secret_request_not_found',
+                outcomeType: 'blocked',
+                message: 'Mock secret denial failed because the request does not exist.',
+                reason: 'MagicPay mock storage did not find a secret request for the provided request ID.',
+                requestId,
+            };
+        }
+        if (reason === 'secret_request_expired') {
+            return {
+                success: false,
+                error: 'secret_request_expired',
+                outcomeType: 'blocked',
+                message: 'Mock secret denial failed because the request already expired.',
+                reason: 'MagicPay mock storage already considers this secret request expired.',
+                requestId,
+            };
+        }
+        if (reason.startsWith('secret_request_not_pending:')) {
+            return {
+                success: false,
+                error: 'secret_request_not_pending',
+                outcomeType: 'blocked',
+                message: 'Mock secret denial failed because the request is no longer pending.',
+                reason: 'MagicPay mock storage can only deny pending secret requests.',
+                requestId,
+                requestStatus: reason.slice('secret_request_not_pending:'.length),
+            };
+        }
+        return {
+            success: false,
+            error: 'mock_secret_request_denial_failed',
+            outcomeType: 'failed',
+            message: 'Mock secret denial failed.',
+            reason,
+            requestId,
+        };
+    }
+}

package/dist/commands/navigate.d.ts

@@ -0,0 +1,4 @@
+import { type BrowserSessionState, type NavigateResult } from '@mercuryo-ai/agentbrowse';
+export type { NavigateResult };
+export declare function navigate(session: BrowserSessionState, url: string): Promise<NavigateResult>;
+//# sourceMappingURL=navigate.d.ts.map

package/dist/commands/navigate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"navigate.d.ts","sourceRoot":"","sources":["../../src/commands/navigate.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,mBAAmB,EACxB,KAAK,cAAc,EACpB,MAAM,0BAA0B,CAAC;AAGlC,YAAY,EAAE,cAAc,EAAE,CAAC;AAE/B,wBAAsB,QAAQ,CAC5B,OAAO,EAAE,mBAAmB,EAC5B,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,cAAc,CAAC,CAMzB"}

package/dist/commands/navigate.js

@@ -0,0 +1,9 @@
+import { navigate as navigatePrimitive, } from '@mercuryo-ai/agentbrowse';
+import { saveMagicPaySession } from '../workflow-state.js';
+export async function navigate(session, url) {
+    const result = await navigatePrimitive(session, url);
+    if (result.success) {
+        saveMagicPaySession(session);
+    }
+    return result;
+}

package/dist/commands/observe.d.ts

@@ -0,0 +1,5 @@
+import { type BrowserSessionState, type ObserveResult } from '@mercuryo-ai/agentbrowse';
+import { type MagicPaySession } from '../workflow-state.js';
+export type { ObserveResult };
+export declare function observe(session: BrowserSessionState | MagicPaySession, instruction?: string): Promise<ObserveResult>;
+//# sourceMappingURL=observe.d.ts.map

package/dist/commands/observe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"observe.d.ts","sourceRoot":"","sources":["../../src/commands/observe.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,mBAAmB,EAExB,KAAK,aAAa,EACnB,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAuB,KAAK,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAEjF,YAAY,EAAE,aAAa,EAAE,CAAC;AAmC9B,wBAAsB,OAAO,CAC3B,OAAO,EAAE,mBAAmB,GAAG,eAAe,EAC9C,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,aAAa,CAAC,CAyBxB"}

package/dist/commands/observe.js

@@ -0,0 +1,53 @@
+import { observe as observePrimitive, } from '@mercuryo-ai/agentbrowse';
+import { enrichObservedFormsForUrl } from '@mercuryo-ai/magicpay-sdk/agentbrowse';
+import { listFillableForms } from '../fillable-form-state.js';
+import { saveMagicPaySession } from '../workflow-state.js';
+async function ensureAssistiveRuntime() {
+    const { ensureMagicPayAgentbrowseAssistiveRuntime } = await import('../agentbrowse-assistive.js');
+    ensureMagicPayAgentbrowseAssistiveRuntime();
+}
+function toObservedFillableForms(forms) {
+    return forms
+        .filter((form) => form.presence !== 'absent')
+        .map((form) => ({
+        fillRef: form.fillRef,
+        scopeRef: form.scopeRef,
+        purpose: form.purpose,
+        presence: form.presence === 'unknown' ? 'unknown' : 'present',
+        fields: form.fields.map((field) => ({
+            fieldKey: field.fieldKey,
+            targetRef: field.targetRef,
+            label: field.label,
+            required: field.required,
+            valueHint: field.valueHint,
+        })),
+        storedSecretCandidates: form.storedSecretCandidates.map((candidate) => ({
+            storedSecretRef: candidate.storedSecretRef,
+            kind: candidate.kind,
+            scope: candidate.scope,
+            displayName: candidate.displayName,
+            matchConfidence: candidate.matchConfidence,
+            intentRequired: candidate.intentRequired,
+        })),
+    }));
+}
+export async function observe(session, instruction) {
+    await ensureAssistiveRuntime();
+    const result = await observePrimitive(session, instruction);
+    if (result.success) {
+        saveMagicPaySession(session);
+    }
+    if (!result.success || !Array.isArray(result.fillableForms) || !result.url) {
+        return result;
+    }
+    try {
+        const runtimeFillableForms = listFillableForms(session);
+        return {
+            ...result,
+            fillableForms: toObservedFillableForms(enrichObservedFormsForUrl(runtimeFillableForms, 'secretCatalogByHost' in session ? session.secretCatalogByHost : undefined, result.url)),
+        };
+    }
+    catch {
+        return result;
+    }
+}

package/dist/commands/poll-secret.d.ts

@@ -0,0 +1,13 @@
+import { type MagicPaySession } from '../workflow-state.js';
+export type PollSecretResult = ({
+    success: true;
+} & Record<string, unknown>) | {
+    success: false;
+    error: 'workflow_session_required' | 'secret_request_not_found' | 'secret_request_lookup_failed';
+    outcomeType: 'blocked';
+    message: string;
+    reason: string;
+    requestId: string;
+};
+export declare function pollSecret(session: MagicPaySession, requestId: string): Promise<PollSecretResult>;
+//# sourceMappingURL=poll-secret.d.ts.map

package/dist/commands/poll-secret.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"poll-secret.d.ts","sourceRoot":"","sources":["../../src/commands/poll-secret.ts"],"names":[],"mappings":"AAMA,OAAO,EAAuB,KAAK,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAEjF,MAAM,MAAM,gBAAgB,GACxB,CAAC;IAAE,OAAO,EAAE,IAAI,CAAA;CAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,GAC7C;IACE,OAAO,EAAE,KAAK,CAAC;IACf,KAAK,EACD,2BAA2B,GAC3B,0BAA0B,GAC1B,8BAA8B,CAAC;IACnC,WAAW,EAAE,SAAS,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC;AAEN,wBAAsB,UAAU,CAC9B,OAAO,EAAE,eAAe,EACxB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,gBAAgB,CAAC,CA0F3B"}