@mimeticinc/mim-cli 0.1.0

package/dist/chunk-BE3RRPTQ.js

@@ -0,0 +1,1181 @@
+// src/mim-cli.ts
+import { spawn } from "child_process";
+import { randomUUID } from "crypto";
+import { existsSync, mkdirSync, readFileSync, rmSync, writeFileSync } from "fs";
+import { join } from "path";
+import { pathToFileURL } from "url";
+var DEFAULT_MIM_API_BASE_URL = "https://trymimetic.com";
+var MIM_CLIENT_VERSION = "0.1.0";
+function mimUsage() {
+  return `mim
+
+TryMimetic growth context for Claude Code, Codex, and shell workflows.
+
+Commands:
+  auth login                 Authenticate this machine with TryMimetic.
+  auth login --token <token> Store an existing API token.
+  auth status                Show the active account and default project.
+  auth logout                Remove local Mimetic credentials.
+  projects                   List projects/sites available to this account.
+  context                    Print a growth context pack for a project.
+  recordings                 List recent session recording summaries.
+  replay [session_id]        Print one persisted replay insight. Defaults to latest.
+  findings                   List audit/backlog findings from TryMimetic.
+  audit start <url>          Start an audit, reusing a running/completed audit when available.
+  audit rerun <url>          Force a fresh audit for a site that was already audited.
+  audit status <audit_id>    Check audit progress.
+  audit wait <audit_id>      Poll until an audit completes or fails.
+  web-audit <url>            Run web SDK auditor locally (extracts analytics keys, dumps configs).
+  ipa-audit <path>           Run static IPA analyzer locally (SDKs, permissions, privacy).
+  fixes list                 List fixable findings and PR/review state.
+  fixes start <rank>         Queue a code fix for a finding from fixes list.
+  fixes open <rank>          Open the PR, review, preview, or workflow for a fix.
+  billing status             Show Mimetic billing status for a project.
+  billing checkout [plan]    Print a Stripe Checkout URL. Plan defaults to starter.
+  billing open [plan]        Open Stripe Checkout in your browser.
+  billing portal             Open the Stripe billing portal when available.
+  mcp                        Print MCP setup help.
+  mcp install claude         Print a Claude Code MCP install command.
+  mcp install codex          Print Codex MCP config.
+
+Common options:
+  --project <key>            Project/site key. Defaults to MIM_PROJECT or saved default.
+  --format <json|markdown>   Output format. Default: markdown for context, json for lists.
+  --limit <n>                Number of items to request, up to 100. Default: 20.
+  --api-base-url <url>       TryMimetic API origin. Default: MIM_API_BASE_URL or ${DEFAULT_MIM_API_BASE_URL}.
+  --json                     Alias for --format json.
+  --mode <slim|full>         Audit mode. Default: slim (~100 checks). full = all 57 checks + SDK intel.
+  --wait                     With audit start/rerun, poll until completion.
+  --target <kind>            With fixes open, choose review, preview, pr, diff, workflow, or report.
+  --run                      With mcp install claude, run the install command instead of printing it.
+
+Environment:
+  MIM_API_TOKEN              Overrides the locally stored access token.
+  MIM_API_BASE_URL           TryMimetic API origin.
+  MIM_PROJECT                Default project/site key.
+  MIM_CONFIG_DIR             Credential directory. Default: ~/.mim.
+  MIM_TELEMETRY=0            Disable metadata-only CLI/MCP usage events.
+  MIM_DISABLE_TELEMETRY=1    Disable metadata-only CLI/MCP usage events.
+  MIM_IOS_AUDIT_TOOL_DIR     Path to ios-audit-tool directory for web-audit and ipa-audit.
+`;
+}
+function readValue(args, index, flag) {
+  const value = args[index + 1];
+  if (!value || value.startsWith("-")) throw new Error(`${flag} requires a value`);
+  return [value, index + 1];
+}
+function homeDir(env = process.env) {
+  return env.HOME || env.USERPROFILE || "";
+}
+function mimConfigDir(env = process.env) {
+  const configured = env.MIM_CONFIG_DIR?.trim();
+  if (configured) return configured;
+  const home = homeDir(env);
+  if (!home) throw new Error("MIM_CONFIG_DIR or HOME is required to store Mimetic credentials");
+  return join(home, ".mim");
+}
+function mimConfigPath(env = process.env) {
+  return join(mimConfigDir(env), "config.json");
+}
+function loadMimConfig(env = process.env) {
+  let path = "";
+  try {
+    path = mimConfigPath(env);
+  } catch {
+    return {};
+  }
+  if (!existsSync(path)) return {};
+  try {
+    const parsed = JSON.parse(readFileSync(path, "utf8"));
+    return parsed && typeof parsed === "object" ? parsed : {};
+  } catch {
+    return {};
+  }
+}
+function saveMimConfig(config, env = process.env) {
+  const dir = mimConfigDir(env);
+  mkdirSync(dir, { recursive: true, mode: 448 });
+  const path = mimConfigPath(env);
+  writeFileSync(path, `${JSON.stringify(config, null, 2)}
+`, { mode: 384 });
+}
+function clearMimConfig(env = process.env) {
+  const path = mimConfigPath(env);
+  if (existsSync(path)) rmSync(path);
+}
+function normalizeMimApiBaseUrl(value, source = "MIM_API_BASE_URL") {
+  const raw = (value || DEFAULT_MIM_API_BASE_URL).trim().replace(/\/+$/, "");
+  let parsed;
+  try {
+    parsed = new URL(raw);
+  } catch {
+    throw new Error(`${source} must be an absolute http(s) URL`);
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    throw new Error(`${source} must use http or https`);
+  }
+  return parsed.toString().replace(/\/$/, "");
+}
+function mimApiBaseUrl(config = {}, env = process.env) {
+  return normalizeMimApiBaseUrl(env.MIM_API_BASE_URL || config.apiBaseUrl || DEFAULT_MIM_API_BASE_URL);
+}
+function mimAuthToken(config = {}, env = process.env) {
+  return env.MIM_API_TOKEN?.trim() || config.accessToken?.trim() || "";
+}
+function defaultMimProject(config = {}, env = process.env) {
+  return env.MIM_PROJECT?.trim() || config.defaultProject?.trim() || "";
+}
+function runtimeFromArgs(args) {
+  let apiBaseUrlFlag = "";
+  let project = "";
+  const kept = [];
+  const config = loadMimConfig();
+  for (let i = 0; i < args.length; i += 1) {
+    const arg = args[i];
+    if (arg === "--api-base-url") {
+      const [value, next] = readValue(args, i, arg);
+      apiBaseUrlFlag = value;
+      i = next;
+    } else if (arg === "--project") {
+      const [value, next] = readValue(args, i, arg);
+      project = value;
+      i = next;
+    } else {
+      kept.push(arg);
+    }
+  }
+  const apiBaseUrl = normalizeMimApiBaseUrl(apiBaseUrlFlag || process.env.MIM_API_BASE_URL || config.apiBaseUrl || DEFAULT_MIM_API_BASE_URL);
+  const token = mimAuthToken(config);
+  const resolvedProject = project || defaultMimProject(config);
+  return {
+    runtime: {
+      apiBaseUrl,
+      token,
+      config,
+      traceId: randomUUID()
+    },
+    args: kept,
+    project: resolvedProject
+  };
+}
+function requireAuth(runtime) {
+  if (!runtime.token) {
+    throw new Error("not authenticated; run `mim auth login` or set MIM_API_TOKEN");
+  }
+}
+function requireProject(project) {
+  if (!project) throw new Error("--project is required; run `mim projects` or set MIM_PROJECT");
+  return project;
+}
+function projectPath(path, project) {
+  return path.replace(":project", encodeURIComponent(project));
+}
+async function mimRequest(runtime, path, options = {}, fetchImpl = fetch) {
+  const response = await fetchImpl(`${runtime.apiBaseUrl}${path}`, {
+    method: options.method || (options.body == null ? "GET" : "POST"),
+    headers: {
+      accept: options.acceptText ? "text/plain, application/json" : "application/json",
+      ...options.body == null ? {} : { "content-type": "application/json" },
+      ...runtime.token ? { authorization: `Bearer ${runtime.token}` } : {},
+      "x-mim-client": "mim-cli",
+      "x-mim-client-version": MIM_CLIENT_VERSION,
+      "x-mim-trace-id": runtime.traceId,
+      ...options.headers || {}
+    },
+    body: options.body == null ? void 0 : JSON.stringify(options.body)
+  });
+  if (!response.ok) {
+    const detail = (await response.text()).slice(0, 500);
+    throw new Error(`${path} failed with ${response.status}${detail ? `: ${detail}` : ""}`);
+  }
+  if (options.acceptText) return await response.text();
+  return await response.json();
+}
+function shouldSendMimTelemetry(env = process.env) {
+  const disabled = env.MIM_DISABLE_TELEMETRY?.trim().toLowerCase();
+  if (disabled && !["0", "false", "no", "off"].includes(disabled)) return false;
+  const value = env.MIM_TELEMETRY?.trim().toLowerCase();
+  return value == null || !["0", "false", "no", "off"].includes(value);
+}
+function sanitizeMimMetadata(value, depth = 0) {
+  if (depth > 4) return "[truncated]";
+  if (value == null || typeof value === "boolean" || typeof value === "number") return value;
+  if (typeof value === "string") return value.length > 240 ? `${value.slice(0, 237)}...` : value;
+  if (Array.isArray(value)) return value.slice(0, 20).map((item) => sanitizeMimMetadata(item, depth + 1));
+  if (typeof value === "object") {
+    const result = {};
+    for (const [key, item] of Object.entries(value).slice(0, 40)) {
+      const normalized = key.toLowerCase();
+      if (/(token|secret|authorization|password|credential|cookie|session|narrative|prompt|message|content|raw|body)/.test(normalized)) {
+        result[key] = "[redacted]";
+      } else {
+        result[key] = sanitizeMimMetadata(item, depth + 1);
+      }
+    }
+    return result;
+  }
+  return String(value);
+}
+function buildMimUsageEvent(input) {
+  return {
+    ...input,
+    client_version: MIM_CLIENT_VERSION,
+    metadata: input.metadata ? sanitizeMimMetadata(input.metadata) : void 0
+  };
+}
+async function trackMimUsageEvent(runtime, event, fetchImpl = fetch, env = process.env) {
+  if (!shouldSendMimTelemetry(env)) return;
+  const payload = buildMimUsageEvent({
+    ...event,
+    trace_id: event.trace_id || runtime.traceId
+  });
+  try {
+    await fetchImpl(`${runtime.apiBaseUrl}/api/mim/usage-events`, {
+      method: "POST",
+      headers: {
+        "content-type": "application/json",
+        ...runtime.token ? { authorization: `Bearer ${runtime.token}` } : {}
+      },
+      body: JSON.stringify(payload)
+    });
+  } catch {
+  }
+}
+function errorTelemetryMetadata(error) {
+  const name = error instanceof Error && error.name ? error.name : "Error";
+  const message = error instanceof Error ? error.message : String(error);
+  const statusMatch = message.match(/\bfailed with (\d{3})\b/);
+  return {
+    error_name: name,
+    error_status: statusMatch ? Number(statusMatch[1]) : void 0,
+    error_message: message.slice(0, 240)
+  };
+}
+async function runTrackedMimCommand(runtime, details, fn) {
+  const started = Date.now();
+  try {
+    const result = await fn();
+    await trackMimUsageEvent(runtime, {
+      event: "cli_command",
+      client: "mim-cli",
+      command: details.command,
+      project: details.project,
+      status: "success",
+      duration_ms: Date.now() - started,
+      metadata: details.metadata
+    });
+    return result;
+  } catch (error) {
+    await trackMimUsageEvent(runtime, {
+      event: "cli_command",
+      client: "mim-cli",
+      command: details.command,
+      project: details.project,
+      status: "failure",
+      duration_ms: Date.now() - started,
+      metadata: {
+        ...details.metadata || {},
+        ...errorTelemetryMetadata(error)
+      }
+    });
+    throw error;
+  }
+}
+function parseFormat(args, defaultFormat) {
+  let format = defaultFormat;
+  const kept = [];
+  for (let i = 0; i < args.length; i += 1) {
+    const arg = args[i];
+    if (arg === "--json") {
+      format = "json";
+    } else if (arg === "--format") {
+      const [value, next] = readValue(args, i, arg);
+      if (value !== "json" && value !== "markdown") throw new Error("--format must be json or markdown");
+      format = value;
+      i = next;
+    } else {
+      kept.push(arg);
+    }
+  }
+  return { format, args: kept };
+}
+var MIM_LIST_LIMIT_MAX = 100;
+function parseLimit(args, defaultLimit = 20, maxLimit = MIM_LIST_LIMIT_MAX) {
+  let limit = defaultLimit;
+  const kept = [];
+  for (let i = 0; i < args.length; i += 1) {
+    const arg = args[i];
+    if (arg === "--limit") {
+      const [value, next] = readValue(args, i, arg);
+      limit = Number(value);
+      i = next;
+    } else {
+      kept.push(arg);
+    }
+  }
+  if (!Number.isInteger(limit) || limit <= 0 || limit > maxLimit) throw new Error(`--limit must be an integer between 1 and ${maxLimit}`);
+  return { limit, args: kept };
+}
+function printJson(value) {
+  console.log(JSON.stringify(value, null, 2));
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function formatMimListPayload(payload, key) {
+  const items = Array.isArray(payload) ? payload : Array.isArray(payload?.[key]) ? payload[key] : [];
+  if (items.length === 0) return `No ${key.replace(/_/g, " ")} found.`;
+  return items.map((item, index) => {
+    if (!item || typeof item !== "object") return `${index + 1}. ${String(item)}`;
+    const obj = item;
+    const title = obj.name || obj.title || obj.sessionId || obj.id || obj.audit_id || obj.project || `item ${index + 1}`;
+    const status = obj.status ? ` status=${obj.status}` : "";
+    const url = obj.url || obj.startUrl || obj.start_url || "";
+    return `${index + 1}. ${title}${status}${url ? ` ${url}` : ""}`;
+  }).join("\n");
+}
+function auditId(payload) {
+  return payload.audit_id || payload.auditId || "";
+}
+function auditReportUrl(payload) {
+  return payload.report_url || payload.reportUrl || "";
+}
+function auditStatusUrl(payload) {
+  return payload.status_url || payload.statusUrl || "";
+}
+function formatAuditPayload(payload) {
+  const id = auditId(payload);
+  const lines = [
+    `Audit ${id || "(unknown)"} status=${payload.status || "unknown"}${payload.progress == null ? "" : ` progress=${payload.progress}%`}`
+  ];
+  if (payload.reused) lines.push("Reused an existing audit. Use `mim audit rerun <url>` to force a fresh audit.");
+  if (payload.message) lines.push(String(payload.message));
+  if (payload.project_key || payload.projectKey) lines.push(`Project: ${payload.project_key || payload.projectKey}`);
+  if (auditReportUrl(payload)) lines.push(`Report: ${auditReportUrl(payload)}`);
+  if (auditStatusUrl(payload)) lines.push(`Status API: ${auditStatusUrl(payload)}`);
+  return lines.join("\n");
+}
+function asRecord(value) {
+  return value && typeof value === "object" && !Array.isArray(value) ? value : {};
+}
+function decodeSlackEscapes(value) {
+  return value.replace(/&amp;/g, "&").replace(/&lt;/g, "<").replace(/&gt;/g, ">").replace(/&quot;/g, '"').replace(/&#39;/g, "'").replace(/&#x27;/gi, "'");
+}
+function displayText(value) {
+  return decodeSlackEscapes(String(value));
+}
+function firstDefined(...values) {
+  return values.find((value) => value !== void 0 && value !== null);
+}
+function stringList(value) {
+  return Array.isArray(value) ? value.map((item) => displayText(item)).filter(Boolean) : [];
+}
+function formatRecordingsPayload(payload, options = {}) {
+  const items = Array.isArray(payload) ? payload : Array.isArray(payload?.recordings) ? payload.recordings : [];
+  if (!items.length) {
+    const hint = String(payload?.hint || "").trim();
+    return hint || "No replay insights found yet.";
+  }
+  const lines = ["# Recent Recordings"];
+  for (const item of items) {
+    const recording = asRecord(item);
+    const summary = asRecord(recording.summary);
+    const id = String(recording.session_id || recording.sessionId || recording.id || "");
+    const priority = String(recording.priority || "low").toUpperCase();
+    const url = String(recording.url || recording.start_url || recording.startUrl || summary.start_url || "");
+    const duration = firstDefined(recording.duration_s, recording.durationS, summary.duration_s);
+    const events = firstDefined(recording.event_count, recording.eventCount, summary.event_count);
+    const clicks = firstDefined(recording.click_count, recording.clickCount, summary.click_count);
+    const inputs = firstDefined(recording.input_count, recording.inputCount, summary.input_count);
+    const errors = firstDefined(recording.console_error_count, recording.consoleErrorCount, summary.console_error_count);
+    const device = String(recording.device || summary.device || "");
+    const userAgent = String(recording.user_agent || recording.userAgent || summary.user_agent || "");
+    const source = String(recording.interpretation_source || recording.interpretationSource || "");
+    lines.push("", `## ${id || "session"} [${priority}]`);
+    if (url) lines.push(`URL: ${url}`);
+    const counts = [
+      duration == null ? "" : `Duration: ${duration}s`,
+      events == null ? "" : `Events: ${events}`,
+      clicks == null ? "" : `Clicks: ${clicks}`,
+      inputs == null ? "" : `Inputs: ${inputs}`,
+      errors == null ? "" : `Console errors: ${errors}`
+    ].filter(Boolean);
+    if (counts.length) lines.push(counts.join(" | "));
+    if (device) lines.push(`Device: ${device}`);
+    if (userAgent) lines.push(`User agent: ${userAgent}`);
+    if (source) lines.push(`Insight source: ${source}`);
+    const whatHappened = stringList(recording.what_happened || recording.whatHappened);
+    if (whatHappened.length) {
+      lines.push("What happened:");
+      for (const detail of whatHappened) lines.push(`- ${detail}`);
+    }
+    const likelyFriction = stringList(recording.likely_friction || recording.likelyFriction);
+    if (likelyFriction.length) {
+      lines.push("Likely friction:");
+      for (const detail of likelyFriction) lines.push(`- ${detail}`);
+    }
+    if (!whatHappened.length && !likelyFriction.length && id) {
+      lines.push(`Insight details: run mim replay ${id}.`);
+    }
+    if (id) {
+      const projectArg = options.project ? ` --project ${options.project}` : "";
+      lines.push(`Replay: mim replay ${id}${projectArg}`);
+    }
+  }
+  return lines.join("\n");
+}
+function replayInsightFromPayload(payload) {
+  const root = asRecord(payload);
+  const insight = asRecord(root.insight);
+  if (Object.keys(insight).length) return insight;
+  const recording = asRecord(root.recording);
+  if (Object.keys(recording).length) return recording;
+  return root;
+}
+function formatReplayInsightPayload(payload) {
+  const insight = replayInsightFromPayload(payload);
+  const summary = asRecord(insight.summary);
+  const sessionId = String(insight.session_id || insight.sessionId || insight.id || "");
+  const title = sessionId ? `Replay ${sessionId}` : "Replay insight";
+  const lines = [`# ${title}`];
+  const priority = insight.priority ? String(insight.priority).toUpperCase() : "";
+  const url = String(insight.url || insight.start_url || summary.start_url || "");
+  const device = String(insight.device || summary.device || "");
+  const userAgent = String(insight.user_agent || insight.userAgent || summary.user_agent || "");
+  const source = String(insight.interpretation_source || insight.interpretationSource || "");
+  const touchedAt = insight.touched_at_ms || insight.touchedAtMs || insight.touched_at || "";
+  if (priority) lines.push(`Priority: ${priority}`);
+  if (url) lines.push(`URL: ${url}`);
+  if (device) lines.push(`Device: ${device}`);
+  if (userAgent) lines.push(`User agent: ${userAgent}`);
+  if (source) lines.push(`Insight source: ${source}`);
+  if (touchedAt) lines.push(`Touched at: ${touchedAt}`);
+  const whatHappened = stringList(insight.what_happened || insight.whatHappened);
+  if (whatHappened.length) {
+    lines.push("", "## What Happened", ...whatHappened.map((item) => `- ${item}`));
+  }
+  const likelyFriction = stringList(insight.likely_friction || insight.likelyFriction);
+  if (likelyFriction.length) {
+    lines.push("", "## Likely Friction", ...likelyFriction.map((item) => `- ${item}`));
+  }
+  const interpretation = asRecord(insight.interpretation);
+  const issues = Array.isArray(interpretation.issues) ? interpretation.issues : [];
+  if (issues.length) {
+    lines.push("", "## Interpreted Issues");
+    for (const issue of issues.slice(0, 8)) {
+      const item = asRecord(issue);
+      const severity = item.severity ? `[${String(item.severity).toUpperCase()}] ` : "";
+      const issueTitle = displayText(item.title || "Issue");
+      const wrong = item.what_went_wrong ? `: ${displayText(item.what_went_wrong)}` : "";
+      const cause = item.likely_cause ? ` Likely cause: ${displayText(item.likely_cause)}` : "";
+      lines.push(`- ${severity}${issueTitle}${wrong}${cause}`);
+    }
+  }
+  const narrative = String(insight.narrative || "").trim();
+  if (narrative) {
+    lines.push("", "## Redacted Narrative", "```csv", narrative, "```");
+  }
+  return lines.join("\n");
+}
+function openBrowser(url) {
+  const platform = process.platform;
+  const command = platform === "darwin" ? "open" : platform === "win32" ? "cmd" : "xdg-open";
+  const args = platform === "win32" ? ["/c", "start", "", url] : [url];
+  const child = spawn(command, args, { stdio: "ignore", detached: true });
+  child.unref();
+}
+async function pollDeviceToken(runtime, deviceCode, intervalSec, expiresInSec) {
+  const deadline = Date.now() + expiresInSec * 1e3;
+  while (Date.now() < deadline) {
+    await new Promise((resolve) => setTimeout(resolve, Math.max(1, intervalSec) * 1e3));
+    try {
+      return await mimRequest(runtime, "/api/mim/cli/token", {
+        method: "POST",
+        body: { device_code: deviceCode, grant_type: "urn:ietf:params:oauth:grant-type:device_code" }
+      });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "";
+      if (message.includes("428") || message.includes("authorization_pending") || message.includes("slow_down")) continue;
+      throw error;
+    }
+  }
+  throw new Error("login timed out; run `mim auth login` again");
+}
+async function runAuth(args) {
+  const [subcommand = "status", ...rest] = args;
+  const { runtime, args: kept } = runtimeFromArgs(rest);
+  if (subcommand === "logout") {
+    clearMimConfig();
+    console.log("Logged out of Mimetic.");
+    return;
+  }
+  if (subcommand === "status") {
+    const token2 = runtime.token;
+    if (!token2) {
+      console.log("Not authenticated. Run `mim auth login`.");
+      return;
+    }
+    const email = runtime.config.user?.email || "(token configured)";
+    const project = defaultMimProject(runtime.config) || "(none)";
+    console.log(`Authenticated as ${email}`);
+    console.log(`API: ${runtime.apiBaseUrl}`);
+    console.log(`Default project: ${project}`);
+    return;
+  }
+  if (subcommand !== "login") throw new Error(`unknown auth command: ${subcommand}`);
+  let token = "";
+  let noOpen = false;
+  for (let i = 0; i < kept.length; i += 1) {
+    const arg = kept[i];
+    if (arg === "--token") {
+      const [value, next] = readValue(kept, i, arg);
+      token = value;
+      i = next;
+    } else if (arg === "--no-open") {
+      noOpen = true;
+    } else {
+      throw new Error(`unknown auth login option: ${arg}`);
+    }
+  }
+  if (token) {
+    saveMimConfig({ ...runtime.config, apiBaseUrl: runtime.apiBaseUrl, accessToken: token });
+    console.log("Mimetic API token saved.");
+    return;
+  }
+  const started = await mimRequest(runtime, "/api/mim/cli/device", {
+    method: "POST",
+    body: { client: "mim-cli", version: MIM_CLIENT_VERSION }
+  });
+  const deviceCode = started.device_code || started.deviceCode || "";
+  const userCode = started.user_code || started.userCode || "";
+  const verificationUri = started.verification_uri_complete || started.verificationUriComplete || started.verification_uri || started.verificationUri || "";
+  if (!deviceCode || !verificationUri) throw new Error("TryMimetic did not return a device login URL");
+  console.log("Open this URL to finish Mimetic login:");
+  console.log(`  ${verificationUri}`);
+  if (userCode) console.log(`Code: ${userCode}`);
+  if (!noOpen) openBrowser(verificationUri);
+  const tokenResponse = await pollDeviceToken(runtime, deviceCode, started.interval || 3, started.expires_in || started.expiresIn || 600);
+  const accessToken = tokenResponse.access_token || tokenResponse.accessToken || "";
+  if (!accessToken) throw new Error("TryMimetic did not return an access token");
+  const nextConfig = {
+    ...runtime.config,
+    apiBaseUrl: runtime.apiBaseUrl,
+    accessToken,
+    refreshToken: tokenResponse.refresh_token || tokenResponse.refreshToken,
+    expiresAt: tokenResponse.expires_at || tokenResponse.expiresAt,
+    defaultProject: tokenResponse.default_project || tokenResponse.defaultProject || runtime.config.defaultProject,
+    user: tokenResponse.user || runtime.config.user
+  };
+  saveMimConfig(nextConfig);
+  console.log(`Logged in${nextConfig.user?.email ? ` as ${nextConfig.user.email}` : ""}.`);
+  if (nextConfig.defaultProject) console.log(`Default project: ${nextConfig.defaultProject}`);
+}
+async function runProjects(args) {
+  const { runtime, args: kept } = runtimeFromArgs(args);
+  requireAuth(runtime);
+  const { format, args: afterFormat } = parseFormat(kept, "json");
+  if (afterFormat.length) throw new Error(`unknown projects option: ${afterFormat[0]}`);
+  const payload = await runTrackedMimCommand(
+    runtime,
+    { command: "projects", metadata: { format } },
+    () => mimRequest(runtime, "/api/mim/projects")
+  );
+  if (format === "json") printJson(payload);
+  else console.log(formatMimListPayload(payload, "projects"));
+}
+async function runContext(args) {
+  const { runtime, args: kept, project } = runtimeFromArgs(args);
+  requireAuth(runtime);
+  const resolvedProject = requireProject(project);
+  const parsedFormat = parseFormat(kept, "markdown");
+  const parsedLimit = parseLimit(parsedFormat.args, 20);
+  if (parsedLimit.args.length) throw new Error(`unknown context option: ${parsedLimit.args[0]}`);
+  const path = projectPath(`/api/mim/projects/:project/context?format=${parsedFormat.format}&limit=${parsedLimit.limit}`, resolvedProject);
+  const payload = await runTrackedMimCommand(
+    runtime,
+    { command: "context", project: resolvedProject, metadata: { format: parsedFormat.format, limit: parsedLimit.limit } },
+    () => mimRequest(runtime, path, { acceptText: parsedFormat.format === "markdown" })
+  );
+  if (parsedFormat.format === "json") printJson(payload);
+  else console.log(String(payload).trim());
+}
+async function runCollectionCommand(command, args) {
+  const { runtime, args: kept, project } = runtimeFromArgs(args);
+  requireAuth(runtime);
+  const resolvedProject = requireProject(project);
+  const parsedFormat = parseFormat(kept, command === "recordings" ? "markdown" : "json");
+  const parsedLimit = parseLimit(parsedFormat.args, 20);
+  if (parsedLimit.args.length) throw new Error(`unknown ${command} option: ${parsedLimit.args[0]}`);
+  const path = projectPath(`/api/mim/projects/:project/${command}?limit=${parsedLimit.limit}`, resolvedProject);
+  const payload = await runTrackedMimCommand(
+    runtime,
+    { command, project: resolvedProject, metadata: { format: parsedFormat.format, limit: parsedLimit.limit } },
+    () => mimRequest(runtime, path)
+  );
+  if (parsedFormat.format === "json") printJson(payload);
+  else if (command === "recordings") console.log(formatRecordingsPayload(payload, { project: resolvedProject }));
+  else console.log(formatMimListPayload(payload, command));
+}
+async function runReplay(args) {
+  const { runtime, args: kept, project } = runtimeFromArgs(args);
+  requireAuth(runtime);
+  const resolvedProject = requireProject(project);
+  const parsedFormat = parseFormat(kept, "markdown");
+  let sessionId = "";
+  let latest = false;
+  for (let i = 0; i < parsedFormat.args.length; i += 1) {
+    const arg = parsedFormat.args[i];
+    if (arg === "--latest") {
+      latest = true;
+    } else if (arg === "--session" || arg === "--session-id") {
+      const [value, next] = readValue(parsedFormat.args, i, arg);
+      sessionId = value;
+      i = next;
+    } else if (!sessionId) {
+      sessionId = arg;
+    } else {
+      throw new Error(`unknown replay option: ${arg}`);
+    }
+  }
+  if (!sessionId || sessionId === "latest") {
+    sessionId = "latest";
+    latest = true;
+  }
+  const path = projectPath(`/api/mim/projects/:project/recordings/${encodeURIComponent(sessionId)}`, resolvedProject);
+  const payload = await runTrackedMimCommand(
+    runtime,
+    { command: "replay", project: resolvedProject, metadata: { format: parsedFormat.format, session_id: latest ? "latest" : sessionId } },
+    () => mimRequest(runtime, path)
+  );
+  if (parsedFormat.format === "json") printJson(payload);
+  else console.log(formatReplayInsightPayload(payload));
+}
+async function pollAuditCompletion(runtime, id, initial, format, pollIntervalSec) {
+  let payload = initial || await mimRequest(runtime, `/api/mim/audits/${encodeURIComponent(id)}/status`);
+  while (payload.status === "running" || payload.status === "pending") {
+    await sleep(pollIntervalSec * 1e3);
+    payload = await mimRequest(runtime, `/api/mim/audits/${encodeURIComponent(id)}/status`);
+    if (format !== "json") {
+      const progress = payload.progress == null ? "" : ` ${payload.progress}%`;
+      process.stderr.write(`audit ${id}: ${payload.status || "unknown"}${progress}
+`);
+    }
+  }
+  return payload;
+}
+async function runAudit(args) {
+  const [subcommand, ...rest] = args;
+  if (!subcommand) throw new Error("audit command must be start, rerun, status, or wait");
+  const { runtime, args: kept } = runtimeFromArgs(rest);
+  requireAuth(runtime);
+  const parsedFormat = parseFormat(kept, "markdown");
+  if (subcommand === "status" || subcommand === "wait") {
+    let id = "";
+    let pollIntervalSec2 = 5;
+    for (let i = 0; i < parsedFormat.args.length; i += 1) {
+      const arg = parsedFormat.args[i];
+      if (arg === "--poll-interval") {
+        const [value, next] = readValue(parsedFormat.args, i, arg);
+        pollIntervalSec2 = Number(value);
+        i = next;
+      } else if (!id) {
+        id = arg;
+      } else {
+        throw new Error(`unknown audit ${subcommand} option: ${arg}`);
+      }
+    }
+    if (!id) throw new Error(`audit ${subcommand} requires an audit_id`);
+    if (!Number.isFinite(pollIntervalSec2) || pollIntervalSec2 < 1 || pollIntervalSec2 > 60) {
+      throw new Error("--poll-interval must be a number between 1 and 60");
+    }
+    const payload2 = await runTrackedMimCommand(
+      runtime,
+      { command: `audit ${subcommand}`, metadata: { audit_id: id, format: parsedFormat.format, wait: subcommand === "wait" } },
+      async () => {
+        const current = await mimRequest(runtime, `/api/mim/audits/${encodeURIComponent(id)}/status`);
+        return subcommand === "wait" ? pollAuditCompletion(runtime, id, current, parsedFormat.format, pollIntervalSec2) : current;
+      }
+    );
+    if (parsedFormat.format === "json") printJson(payload2);
+    else console.log(formatAuditPayload(payload2));
+    return;
+  }
+  if (subcommand !== "start" && subcommand !== "rerun") throw new Error(`unknown audit command: ${subcommand}`);
+  let url = "";
+  let email = "";
+  let mode = "slim";
+  let force = subcommand === "rerun";
+  let wait = false;
+  let pollIntervalSec = 5;
+  for (let i = 0; i < parsedFormat.args.length; i += 1) {
+    const arg = parsedFormat.args[i];
+    if (arg === "--force" || arg === "--reaudit") {
+      force = true;
+    } else if (arg === "--wait") {
+      wait = true;
+    } else if (arg === "--email") {
+      const [value, next] = readValue(parsedFormat.args, i, arg);
+      email = value;
+      i = next;
+    } else if (arg === "--mode") {
+      const [value, next] = readValue(parsedFormat.args, i, arg);
+      if (value !== "slim" && value !== "full") throw new Error("--mode must be slim or full");
+      mode = value;
+      i = next;
+    } else if (arg === "--poll-interval") {
+      const [value, next] = readValue(parsedFormat.args, i, arg);
+      pollIntervalSec = Number(value);
+      i = next;
+    } else if (!url) {
+      url = arg;
+    } else {
+      throw new Error(`unknown audit ${subcommand} option: ${arg}`);
+    }
+  }
+  if (!url) throw new Error(`audit ${subcommand} requires a URL`);
+  if (!Number.isFinite(pollIntervalSec) || pollIntervalSec < 1 || pollIntervalSec > 60) {
+    throw new Error("--poll-interval must be a number between 1 and 60");
+  }
+  const payload = await runTrackedMimCommand(
+    runtime,
+    { command: subcommand === "rerun" ? "audit rerun" : "audit start", metadata: { force, wait, mode, format: parsedFormat.format } },
+    async () => {
+      const startedPayload = await mimRequest(runtime, "/api/mim/audits", {
+        method: "POST",
+        body: { url, force, mode, ...email ? { email } : {} }
+      });
+      if (!wait) return startedPayload;
+      const id = auditId(startedPayload);
+      if (!id) throw new Error("TryMimetic did not return an audit_id");
+      return pollAuditCompletion(runtime, id, startedPayload, parsedFormat.format, pollIntervalSec);
+    }
+  );
+  if (parsedFormat.format === "json") printJson(payload);
+  else console.log(formatAuditPayload(payload));
+}
+function fixesFromPayload(payload) {
+  return Array.isArray(payload.fixes) ? payload.fixes.filter((item) => item && typeof item === "object") : [];
+}
+function fixState(item) {
+  return item.fix_state && typeof item.fix_state === "object" ? item.fix_state : {};
+}
+function fixUrl(item, target, payload) {
+  const state = fixState(item);
+  const byTarget = {
+    review: String(item.review_url || state.review_url || ""),
+    preview: String(item.preview_url || state.preview_url || ""),
+    pr: String(item.pr_url || state.pr_url || ""),
+    diff: String(item.diff_url || state.diff_url || ""),
+    workflow: String(item.workflow_run_url || state.workflow_run_url || ""),
+    report: String(payload?.report_url || "")
+  };
+  if (target) return byTarget[target] || "";
+  return byTarget.review || byTarget.preview || byTarget.pr || byTarget.diff || byTarget.workflow || byTarget.report || "";
+}
+function resolveFixItem(payload, identifier) {
+  const fixes = fixesFromPayload(payload);
+  const trimmed = identifier.trim();
+  const numeric = Number(trimmed);
+  let item;
+  if (Number.isInteger(numeric)) {
+    item = fixes.find((candidate) => candidate.rank === numeric) || fixes.find((candidate) => candidate.finding_index === numeric - 1) || fixes.find((candidate) => candidate.finding_index === numeric);
+  }
+  item || (item = fixes.find((candidate) => candidate.id === trimmed));
+  if (!item) throw new Error(`fix ${identifier} was not found; run \`mim fixes list\``);
+  return item;
+}
+function formatFixesPayload(payload) {
+  const project = payload.project || {};
+  const name = project.name || project.key || "project";
+  const lines = [`# Fixes: ${name}`];
+  if (project.url) lines.push(`Site: ${project.url}`);
+  if (payload.report_url) lines.push(`Report: ${payload.report_url}`);
+  if (!payload.can_start_fix) {
+    const missing = [
+      payload.fixes_enabled ? "" : "fixes disabled",
+      payload.fix_runner_configured ? "" : "fix runner not configured",
+      payload.github_connected ? "" : "GitHub not connected"
+    ].filter(Boolean);
+    if (missing.length) lines.push(`Start fix unavailable: ${missing.join(", ")}`);
+  }
+  const fixes = fixesFromPayload(payload);
+  if (!fixes.length) {
+    lines.push("", "No fixes found.");
+    return lines.join("\n");
+  }
+  for (const item of fixes) {
+    const state = fixState(item);
+    const rank = item.rank || (typeof item.finding_index === "number" ? item.finding_index + 1 : fixes.indexOf(item) + 1);
+    const severity = String(item.severity || "medium").toUpperCase();
+    const label = state.label || state.status || "Not requested";
+    lines.push("", `${rank}. [${severity}] ${item.title || `Finding ${rank}`}`);
+    lines.push(`   State: ${label}`);
+    if (item.status) lines.push(`   Finding status: ${item.status}`);
+    const review = fixUrl(item, "review", payload);
+    const preview = fixUrl(item, "preview", payload);
+    const pr = fixUrl(item, "pr", payload);
+    const diff = fixUrl(item, "diff", payload);
+    const workflow = fixUrl(item, "workflow", payload);
+    if (review) lines.push(`   Review: ${review}`);
+    if (preview) lines.push(`   Preview: ${preview}`);
+    if (pr) lines.push(`   PR: ${pr}`);
+    if (diff) lines.push(`   Diff: ${diff}`);
+    if (workflow) lines.push(`   Workflow: ${workflow}`);
+  }
+  return lines.join("\n");
+}
+function formatFixStartPayload(payload) {
+  const root = asRecord(payload);
+  const lines = [String(root.message || "Fix request submitted.")];
+  const issue = asRecord(root.issue);
+  if (issue.title) lines.push(`Issue: ${issue.title}`);
+  if (issue.rank) lines.push(`Rank: ${issue.rank}`);
+  if (root.workflow_url) lines.push(`Workflow: ${root.workflow_url}`);
+  return lines.join("\n");
+}
+function parseFixTarget(args) {
+  let target = "";
+  const kept = [];
+  const valid = /* @__PURE__ */ new Set(["review", "preview", "pr", "diff", "workflow", "report"]);
+  for (let i = 0; i < args.length; i += 1) {
+    const arg = args[i];
+    if (arg === "--target") {
+      const [value, next] = readValue(args, i, arg);
+      if (!valid.has(value)) throw new Error("--target must be review, preview, pr, diff, workflow, or report");
+      target = value;
+      i = next;
+    } else if (arg === "--review" || arg === "--preview" || arg === "--pr" || arg === "--diff" || arg === "--workflow" || arg === "--report") {
+      target = arg.slice(2);
+    } else {
+      kept.push(arg);
+    }
+  }
+  return { target, args: kept };
+}
+async function fetchFixes(runtime, project, limit) {
+  const path = projectPath(`/api/mim/projects/:project/fixes?limit=${limit}`, project);
+  return mimRequest(runtime, path);
+}
+async function runFixes(args) {
+  const [subcommand = "list", ...rest] = args;
+  const { runtime, args: kept, project } = runtimeFromArgs(rest);
+  requireAuth(runtime);
+  const resolvedProject = requireProject(project);
+  if (subcommand === "list" || subcommand === "status") {
+    const parsedFormat = parseFormat(kept, "markdown");
+    const parsedLimit = parseLimit(parsedFormat.args, 20);
+    if (parsedLimit.args.length) throw new Error(`unknown fixes ${subcommand} option: ${parsedLimit.args[0]}`);
+    const payload = await runTrackedMimCommand(
+      runtime,
+      { command: `fixes ${subcommand}`, project: resolvedProject, metadata: { format: parsedFormat.format, limit: parsedLimit.limit } },
+      () => fetchFixes(runtime, resolvedProject, parsedLimit.limit)
+    );
+    if (parsedFormat.format === "json") printJson(payload);
+    else console.log(formatFixesPayload(payload));
+    return;
+  }
+  if (subcommand === "start") {
+    const parsedFormat = parseFormat(kept, "markdown");
+    const [identifier, ...unknown] = parsedFormat.args;
+    if (!identifier) throw new Error("fixes start requires a rank or finding id");
+    if (unknown.length) throw new Error(`unknown fixes start option: ${unknown[0]}`);
+    const payload = await runTrackedMimCommand(
+      runtime,
+      { command: "fixes start", project: resolvedProject, metadata: { format: parsedFormat.format, identifier } },
+      async () => {
+        const fixes = await fetchFixes(runtime, resolvedProject, 100);
+        const item = resolveFixItem(fixes, identifier);
+        if (typeof item.finding_index !== "number") throw new Error(`fix ${identifier} is missing a finding index`);
+        const path = projectPath(`/api/mim/projects/:project/fixes/${item.finding_index}/start`, resolvedProject);
+        return mimRequest(runtime, path, { method: "POST", body: {} });
+      }
+    );
+    if (parsedFormat.format === "json") printJson(payload);
+    else console.log(formatFixStartPayload(payload));
+    return;
+  }
+  if (subcommand === "open") {
+    const parsedTarget = parseFixTarget(kept);
+    const [identifier, ...unknown] = parsedTarget.args;
+    if (!identifier) throw new Error("fixes open requires a rank or finding id");
+    if (unknown.length) throw new Error(`unknown fixes open option: ${unknown[0]}`);
+    const { url } = await runTrackedMimCommand(
+      runtime,
+      { command: "fixes open", project: resolvedProject, metadata: { identifier, target: parsedTarget.target || "best" } },
+      async () => {
+        const fixes = await fetchFixes(runtime, resolvedProject, 100);
+        const item = resolveFixItem(fixes, identifier);
+        const selectedUrl = fixUrl(item, parsedTarget.target, fixes);
+        if (!selectedUrl) {
+          const target = parsedTarget.target ? `${parsedTarget.target} ` : "";
+          throw new Error(`no ${target}URL is available for fix ${identifier}`);
+        }
+        return { url: selectedUrl };
+      }
+    );
+    openBrowser(url);
+    console.log(url);
+    return;
+  }
+  throw new Error(`unknown fixes command: ${subcommand}`);
+}
+function formatBillingStatus(payload) {
+  const billing = payload.billing || {};
+  const lines = [
+    `Billing: ${billing.paid ? "active" : "not active"}`,
+    `Project: ${billing.project_key || "(unknown)"}`,
+    `Plan: ${billing.plan || "free"}`,
+    `Status: ${billing.status || "none"}`,
+    `Enforced: ${billing.enforced ? "yes" : "no"}`
+  ];
+  if (billing.current_period_end) lines.push(`Current period ends: ${billing.current_period_end}`);
+  if (billing.cancel_at_period_end) lines.push("Cancel at period end: yes");
+  if (billing.checkout_url && !billing.paid) lines.push(`Checkout: ${billing.checkout_url}`);
+  if (billing.portal_url && billing.paid) lines.push(`Portal: ${billing.portal_url}`);
+  return lines.join("\n");
+}
+async function runBilling(args) {
+  const [subcommand = "status", ...rest] = args;
+  const { runtime, args: kept, project } = runtimeFromArgs(rest);
+  requireAuth(runtime);
+  const resolvedProject = requireProject(project);
+  if (subcommand === "status") {
+    const parsedFormat = parseFormat(kept, "markdown");
+    if (parsedFormat.args.length) throw new Error(`unknown billing status option: ${parsedFormat.args[0]}`);
+    const payload = await runTrackedMimCommand(
+      runtime,
+      { command: "billing status", project: resolvedProject, metadata: { format: parsedFormat.format } },
+      () => mimRequest(runtime, projectPath("/api/mim/projects/:project/billing", resolvedProject))
+    );
+    if (parsedFormat.format === "json") printJson(payload);
+    else console.log(formatBillingStatus(payload));
+    return;
+  }
+  if (subcommand === "checkout" || subcommand === "open") {
+    const parsedFormat = parseFormat(kept, "markdown");
+    const [plan = "starter", ...unknown] = parsedFormat.args;
+    if (unknown.length) throw new Error(`unknown billing ${subcommand} option: ${unknown[0]}`);
+    const payload = await runTrackedMimCommand(
+      runtime,
+      { command: `billing ${subcommand}`, project: resolvedProject, metadata: { plan, format: parsedFormat.format } },
+      () => mimRequest(
+        runtime,
+        projectPath("/api/mim/projects/:project/billing/checkout", resolvedProject),
+        { method: "POST", body: { plan } }
+      )
+    );
+    if (!payload.checkout_url) throw new Error("checkout URL was not returned");
+    if (subcommand === "open") openBrowser(payload.checkout_url);
+    if (parsedFormat.format === "json") printJson(payload);
+    else console.log(payload.checkout_url);
+    return;
+  }
+  if (subcommand === "portal") {
+    const parsedFormat = parseFormat(kept, "markdown");
+    if (parsedFormat.args.length) throw new Error(`unknown billing portal option: ${parsedFormat.args[0]}`);
+    const payload = await runTrackedMimCommand(
+      runtime,
+      { command: "billing portal", project: resolvedProject, metadata: { format: parsedFormat.format } },
+      () => mimRequest(runtime, projectPath("/api/mim/projects/:project/billing", resolvedProject))
+    );
+    const portalUrl = payload.billing?.portal_url;
+    if (!portalUrl) throw new Error("billing portal is not available yet; run `mim billing checkout` first");
+    openBrowser(portalUrl);
+    if (parsedFormat.format === "json") printJson({ portal_url: portalUrl });
+    else console.log(portalUrl);
+    return;
+  }
+  throw new Error(`unknown billing command: ${subcommand}`);
+}
+function claudeMcpInstallCommand(project) {
+  return [
+    "claude",
+    "mcp",
+    "add",
+    "--transport",
+    "stdio",
+    "mim",
+    "--",
+    "npx",
+    "-y",
+    "--package",
+    "@mimeticinc/rerun",
+    "mim-mcp",
+    ...project ? ["--project", project] : []
+  ];
+}
+function codexMcpConfig(project) {
+  const args = ["-y", "--package", "@mimeticinc/rerun", "mim-mcp", ...project ? ["--project", project] : []];
+  return `[mcp_servers.mim]
+command = "npx"
+args = ${JSON.stringify(args)}
+`;
+}
+async function runMcp(args) {
+  const [subcommand, target, ...rest] = args;
+  const { project, args: kept } = runtimeFromArgs(rest);
+  if (!subcommand) {
+    console.log("Use `mim mcp install claude` or `mim mcp install codex`.");
+    console.log("The MCP server exposes project-scoped growth context and recording review briefs without raw replay event dumps.");
+    return;
+  }
+  if (subcommand !== "install") throw new Error(`unknown mcp command: ${subcommand}`);
+  let runInstall = false;
+  for (const arg of kept) {
+    if (arg === "--run") runInstall = true;
+    else throw new Error(`unknown mcp install option: ${arg}`);
+  }
+  if (target === "claude") {
+    const command = claudeMcpInstallCommand(project);
+    if (!runInstall) {
+      console.log(command.map((part) => /\s/.test(part) ? JSON.stringify(part) : part).join(" "));
+      return;
+    }
+    await new Promise((resolve, reject) => {
+      const child = spawn(command[0], command.slice(1), { stdio: "inherit" });
+      child.on("error", reject);
+      child.on("close", (code) => code === 0 ? resolve() : reject(new Error(`claude mcp add failed with exit code ${code}`)));
+    });
+    return;
+  }
+  if (target === "codex") {
+    console.log(codexMcpConfig(project));
+    return;
+  }
+  throw new Error("mcp install target must be claude or codex");
+}
+function resolveIosAuditToolDir() {
+  const configured = process.env.MIM_IOS_AUDIT_TOOL_DIR?.trim();
+  if (configured) return configured;
+  const home = homeDir();
+  const candidates = [
+    join(home, "pet-animator", "ios-audit-tool"),
+    join(home, "ios-audit-tool")
+  ];
+  for (const candidate of candidates) {
+    if (existsSync(candidate)) return candidate;
+  }
+  throw new Error(
+    "ios-audit-tool directory not found. Set MIM_IOS_AUDIT_TOOL_DIR or clone it to ~/ios-audit-tool"
+  );
+}
+function spawnLocalTool(command, args, cwd) {
+  return new Promise((resolve, reject) => {
+    const child = spawn(command, args, { stdio: "inherit", cwd });
+    child.on(
+      "error",
+      (err) => reject(new Error(`failed to start ${command}: ${err.message}`))
+    );
+    child.on(
+      "close",
+      (code) => code === 0 ? resolve() : reject(new Error(`${command} exited with code ${code}`))
+    );
+  });
+}
+async function runWebAudit(args) {
+  const toolDir = resolveIosAuditToolDir();
+  const scriptPath = join(toolDir, "web_auditor.py");
+  if (!existsSync(scriptPath)) throw new Error(`web_auditor.py not found at ${scriptPath}`);
+  let url = "";
+  const passthrough = [];
+  for (let i = 0; i < args.length; i += 1) {
+    const arg = args[i];
+    if (arg === "--output" || arg === "-o") {
+      const [value, next] = readValue(args, i, arg);
+      passthrough.push("--output", value);
+      i = next;
+    } else if (arg === "--deep") {
+      passthrough.push("--deep");
+    } else if (arg === "--batch") {
+      const [value, next] = readValue(args, i, arg);
+      passthrough.push("--batch", value);
+      i = next;
+    } else if (arg === "--help" || arg === "-h") {
+      passthrough.push("--help");
+    } else if (!url && !arg.startsWith("-")) {
+      url = arg;
+    } else {
+      passthrough.push(arg);
+    }
+  }
+  const pyArgs = [scriptPath];
+  if (url) pyArgs.push(url);
+  pyArgs.push(...passthrough);
+  if (!url && !passthrough.includes("--batch") && !passthrough.includes("--help")) {
+    throw new Error("web-audit requires a URL or --batch <file>");
+  }
+  console.log(`Running web_auditor.py${url ? ` on ${url}` : ""}...`);
+  await spawnLocalTool("python3", pyArgs, toolDir);
+}
+async function runIpaAudit(args) {
+  const toolDir = resolveIosAuditToolDir();
+  const scriptPath = join(toolDir, "ipa_analyzer.py");
+  if (!existsSync(scriptPath)) throw new Error(`ipa_analyzer.py not found at ${scriptPath}`);
+  const paths = [];
+  const passthrough = [];
+  for (const arg of args) {
+    if (arg === "--help" || arg === "-h") {
+      passthrough.push("--help");
+    } else if (!arg.startsWith("-")) {
+      paths.push(arg);
+    } else {
+      passthrough.push(arg);
+    }
+  }
+  if (!paths.length && !passthrough.includes("--help")) {
+    throw new Error("ipa-audit requires one or more .ipa file paths");
+  }
+  const pyArgs = [scriptPath, ...paths, ...passthrough];
+  console.log(`Running ipa_analyzer.py on ${paths.join(", ") || "..."}...`);
+  await spawnLocalTool("python3", pyArgs, toolDir);
+}
+async function mimMain(argv = process.argv.slice(2)) {
+  const [command, ...args] = argv;
+  if (!command || command === "-h" || command === "--help") {
+    console.log(mimUsage());
+    return;
+  }
+  if (command === "auth") return runAuth(args);
+  if (command === "projects") return runProjects(args);
+  if (command === "context") return runContext(args);
+  if (command === "recordings") return runCollectionCommand("recordings", args);
+  if (command === "replay") return runReplay(args);
+  if (command === "findings") return runCollectionCommand("findings", args);
+  if (command === "audit") return runAudit(args);
+  if (command === "web-audit") return runWebAudit(args);
+  if (command === "ipa-audit") return runIpaAudit(args);
+  if (command === "fixes") return runFixes(args);
+  if (command === "billing") return runBilling(args);
+  if (command === "mcp") return runMcp(args);
+  throw new Error(`unknown command: ${command}`);
+}
+if (process.argv[1] && import.meta.url === pathToFileURL(process.argv[1]).href) {
+  mimMain().catch((error) => {
+    console.error(`mim: ${error instanceof Error ? error.message : String(error)}`);
+    process.exit(1);
+  });
+}
+
+export {
+  mimUsage,
+  mimConfigDir,
+  mimConfigPath,
+  loadMimConfig,
+  saveMimConfig,
+  clearMimConfig,
+  normalizeMimApiBaseUrl,
+  mimApiBaseUrl,
+  mimAuthToken,
+  defaultMimProject,
+  shouldSendMimTelemetry,
+  sanitizeMimMetadata,
+  buildMimUsageEvent,
+  trackMimUsageEvent,
+  formatMimListPayload,
+  formatRecordingsPayload,
+  formatReplayInsightPayload,
+  formatFixesPayload,
+  claudeMcpInstallCommand,
+  codexMcpConfig,
+  mimMain
+};