@movermarketingai/searchlight-cli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/LICENSE.md ADDED
@@ -0,0 +1,7 @@
1
+ # Searchlight CLI License
2
+
3
+ Copyright (c) Mover Marketing Ai. All rights reserved.
4
+
5
+ This package may be downloaded and installed to access Searchlight from the command line. Use of the Searchlight service requires a provisioned Searchlight account or CLI token. Downloading the CLI does not grant access to Searchlight data, customer data, API tokens, or administrative capabilities.
6
+
7
+ You may not redistribute modified versions, reverse engineer server-side access controls, bypass token scoping, or use this CLI to access Searchlight without authorization.
package/README.md ADDED
@@ -0,0 +1,79 @@
1
+ # Searchlight CLI
2
+
3
+ Command-line access for approved Searchlight users, workers, and operators.
4
+
5
+ Anyone can download this CLI. Searchlight data access still requires a server-issued, scoped, unrevoked token. The CLI does not bundle secrets, API keys, database credentials, or customer data.
6
+
7
+ ## Install
8
+
9
+ ```bash
10
+ npm install -g @movermarketingai/searchlight-cli
11
+ ```
12
+
13
+ Then verify the binary is available:
14
+
15
+ ```bash
16
+ mmai-searchlight help
17
+ ```
18
+
19
+ The `searchlight` binary is also provided, but `mmai-searchlight` is preferred to avoid name collisions.
20
+
21
+ ## Setup
22
+
23
+ Ask your Searchlight admin for a provisioned CLI token, or create one from **Workspace Settings → CLI Access** if your account is allowed to self-serve CLI tokens.
24
+
25
+ Store the token without placing it in shell history:
26
+
27
+ ```bash
28
+ read -rsp "Searchlight CLI token: " SEARCHLIGHT_TOKEN && echo && \
29
+ printf '%s' "$SEARCHLIGHT_TOKEN" | mmai-searchlight auth store --token-stdin && \
30
+ unset SEARCHLIGHT_TOKEN
31
+ ```
32
+
33
+ Validate access:
34
+
35
+ ```bash
36
+ mmai-searchlight auth check
37
+ mmai-searchlight annotations sites --json
38
+ ```
39
+
40
+ By default, tokens are stored at `~/.config/searchlight/token` with mode `0600`. To use another path, set `SEARCHLIGHT_TOKEN_FILE`.
41
+
42
+ ## Authentication precedence
43
+
44
+ The CLI uses the first available token source:
45
+
46
+ 1. `SEARCHLIGHT_TOKEN`
47
+ 2. `SEARCHLIGHT_WORKER_TOKEN`
48
+ 3. `SEARCHLIGHT_TOKEN_FILE`, defaulting to `~/.config/searchlight/token`
49
+
50
+ Keep raw tokens in Keychain, a password manager, a locked-down machine-local file, or another approved secret store. Do not paste tokens into chat, tickets, docs, source files, screenshots, or shell history.
51
+
52
+ ## API target
53
+
54
+ Production is used by default:
55
+
56
+ ```text
57
+ https://searchlight.movermarketing.ai
58
+ ```
59
+
60
+ Set `SEARCHLIGHT_BASE_URL` only when intentionally targeting a non-production Searchlight deployment.
61
+
62
+ ## Common commands
63
+
64
+ ```bash
65
+ mmai-searchlight annotations sites --json
66
+ mmai-searchlight annotations list --site SITE --json
67
+ mmai-searchlight annotations add --site SITE --title TITLE --summary TEXT --dry-run
68
+ mmai-searchlight content-runs list --site SITE --json
69
+ mmai-searchlight tests list --site SITE --json
70
+ ```
71
+
72
+ Some operator commands, such as client onboarding, require higher-trust tokens and may be unavailable to routine users.
73
+
74
+ ## Security model
75
+
76
+ - Downloading the CLI grants no access by itself.
77
+ - The Searchlight API enforces token hashes, scopes, allowed sites, expiry, and revocation server-side.
78
+ - CLI-side command visibility is not an authorization boundary.
79
+ - Provision external or contractor tokens with the narrowest possible sites/scopes and short expiries.