@moxxy/cli 0.14.8 → 0.14.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -21,6 +21,7 @@ allowed-tools:
21
21
  - provider_test
22
22
  - vault_status
23
23
  - vault_list
24
+ - web_fetch
24
25
  ---
25
26
 
26
27
  The user wants to add a new LLM provider to moxxy so they can switch to it later (`/provider <name>` or via `provider.name` in moxxy.config.ts). Walk them through these steps; be terse and pause for confirmation between gather → register → key.
@@ -36,7 +37,7 @@ If the vendor speaks a different protocol (Anthropic-style, Google Vertex, custo
36
37
  Ask the user, or infer from their request:
37
38
 
38
39
  - **Provider slug** — short lowercase identifier (e.g. `zai`, `deepseek`, `groq`, `openrouter`). This becomes the registry key, the canonical vault entry name (`<SLUG>_API_KEY`), and what the user types in `/provider <slug>`. Must match `[a-z][a-z0-9-]*`.
39
- - **API base URL** — the vendor's OpenAI-compatible endpoint root. Examples:
40
+ - **API base URL** — the vendor's OpenAI-compatible endpoint root. Examples below may be stale — vendors rotate endpoints; always confirm via `web_fetch` against current docs before registering:
40
41
  - z.ai → `https://api.z.ai/api/coding/paas/v4`
41
42
  - deepseek → `https://api.deepseek.com`
42
43
  - groq → `https://api.groq.com/openai/v1`
@@ -46,7 +47,7 @@ Ask the user, or infer from their request:
46
47
  - mistral → `https://api.mistral.ai/v1`
47
48
  - **Default model id** — the model to use when no other is specified (you'll usually pick the vendor's "flagship" or "best general purpose" model).
48
49
 
49
- If the user hasn't given you the baseURL, look it up via WebFetch on the vendor's docs (search for "openai compatible", "base url", "endpoint") and propose it back to them for confirmation. **Do not guess.**
50
+ If the user hasn't given you the baseURL, look it up via `web_fetch` on the vendor's docs (search for "openai compatible", "base url", "endpoint") and propose it back to them for confirmation. **Do not guess.**
50
51
 
51
52
  ## 2. Discover the model list
52
53
 
@@ -54,13 +55,13 @@ You need to populate a `models` array. Each entry needs `id`, `contextWindow`, `
54
55
 
55
56
  Two paths, in order of preference:
56
57
 
57
- 1. **WebFetch the vendor's models / pricing page** to extract the current catalog. Good search prompts: `"<vendor> models pricing context window"`, `"<vendor> api models list"`. Common locations:
58
+ 1. **`web_fetch` the vendor's models / pricing page** to extract the current catalog. Good search prompts: `"<vendor> models pricing context window"`, `"<vendor> api models list"`. Common locations (may be stale — confirm against current docs):
58
59
  - z.ai → `https://docs.z.ai/guides/llm/glm-4.6`, `https://z.ai/pricing`
59
60
  - deepseek → `https://api-docs.deepseek.com/quick_start/pricing`
60
61
  - groq → `https://console.groq.com/docs/models`
61
62
  - openrouter → `https://openrouter.ai/models`
62
63
  - fireworks → `https://fireworks.ai/models`
63
- 2. **The vendor's `/v1/models` endpoint** lists canonical model ids (but not context windows). This needs the API key, which you will NOT have (see step 3 — the key goes straight into the vault, never to you). So prefer WebFetch for discovery; if you must use `/v1/models`, ask the user to run it themselves and paste the model-id list (not the key).
64
+ 2. **The vendor's `/v1/models` endpoint** lists canonical model ids (but not context windows). This needs the API key, which you will NOT have (see step 3 — the key goes straight into the vault, never to you). So prefer `web_fetch` for discovery; if you must use `/v1/models`, ask the user to run it themselves and paste the model-id list (not the key).
64
65
 
65
66
  Build the list, show it to the user as a markdown table (id / context / tools / images), and ask them to confirm or trim. **Do not invent context-window numbers.** If a model's context is unknown, ask the user or leave it out.
66
67
 
@@ -128,7 +129,7 @@ Report:
128
129
  ## Don't
129
130
 
130
131
  - Don't ask the user to paste their API key to you, and don't call any tool with the key as an argument. Direct them to `/vault set <SLUG>_API_KEY <key>` so it never enters the conversation.
131
- - Don't invent baseURLs, model ids, or context windows. If you're not sure, WebFetch or ask.
132
+ - Don't invent baseURLs, model ids, or context windows. If you're not sure, `web_fetch` or ask.
132
133
  - Don't store the API key anywhere except the vault. Never write it into a file in the repo, never echo it back.
133
134
  - Don't try to handle non-OpenAI-compatible vendors here — those need a real provider plugin (`.claude/agents/provider-author.md`).
134
135
  - Don't overwrite an existing provider slug without telling the user first. Call `provider_list` if you're unsure whether the slug is taken.
@@ -1,6 +1,6 @@
1
1
  ---
2
2
  name: generative-ui
3
- description: Generate an interactive, navigable UI (a "generative UI" / "dynamic UI" / "agentic UI") for the user — rendered in their browser, backed by real data from your tools. Only when the user explicitly asks for a generative/dynamic/agentic UI.
3
+ description: Generate an interactive, navigable UI (generative/dynamic/agentic UI) in the user's browser, backed by real data from your tools. Only when the user explicitly asks for one.
4
4
  triggers: ["generative ui", "dynamic ui", "agentic ui", "generative interface", "dynamic interface", "agentic interface", "interactive ui for", "generative app", "agentic app"]
5
5
  allowed-tools: [present_view, web_fetch, browser_session]
6
6
  ---
@@ -20,9 +20,9 @@ The user wants you to commit something to long-term memory so it's available in
20
20
  1. **Distill** what the user just said into 1–2 sentences. If the original was a long ramble, summarize. If it was already terse, keep it.
21
21
  2. **Check existing memories** with `memory_recall(query)` for similar entries. If a related entry exists, prefer `memory_update` over creating a new one — don't fragment.
22
22
  3. **Save** with `memory_save({ name, type, description, body, tags })`:
23
- - `name`: slug, ≤60 chars, kebab-case
24
- - `description`: one sentence, ≤120 chars this is what shows in the index
25
- - `body`: 30 lines; the actual content
23
+ - `name`: slug, kebab-case — aim for ≤60 chars (`memory_save` hard cap 120)
24
+ - `description`: one sentence — aim for ≤120 chars (hard cap 280); this is what shows in the index
25
+ - `body`: keep it tight (~≤30 lines); the actual content
26
26
  - `tags`: optional, lowercase keywords for cross-cutting topics
27
27
 
28
28
  4. **Confirm** briefly: "Saved as `<name>`."
@@ -18,6 +18,9 @@ triggers:
18
18
  - "self-heal"
19
19
  - "self heal"
20
20
  - "repair"
21
+ # allowed-tools intentionally omitted: this skill drives a broad, evolving set of
22
+ # privileged tools (Read, Grep, Glob, bash, Edit, Write, install_plugin, mcp_*,
23
+ # synthesize_skill) — an omitted allowed-tools means "all tools", on purpose.
21
24
  ---
22
25
 
23
26
  # Self-heal — diagnose then propose ONE fix
@@ -14,6 +14,9 @@ triggers:
14
14
  - "change your code"
15
15
  - "you should be able to"
16
16
  - "can you learn to"
17
+ # allowed-tools intentionally omitted: this skill drives a broad, evolving set of
18
+ # privileged tools (self_update_*, install_plugin, Write, Edit, bash) — an omitted
19
+ # allowed-tools means "all tools", on purpose. Don't add a list that would go stale.
17
20
  ---
18
21
 
19
22
  # Self-update — author or repair a capability, safely
@@ -2,19 +2,26 @@
2
2
  name: synthesize-skill
3
3
  description: When the user request doesn't match any existing skill, draft a new one and persist it for next time.
4
4
  triggers: ["create skill", "new skill", "save this as a skill"]
5
- allowed-tools: [Write, Read]
5
+ allowed-tools: [synthesize_skill, Write, Read]
6
6
  ---
7
7
  # Synthesize a new skill
8
8
 
9
9
  The user has asked for something for which no existing skill matches. Your job is to:
10
10
 
11
11
  1. Identify the intent (one sentence).
12
- 2. Draft a Markdown skill file with YAML frontmatter:
13
- - `name`: kebab-case slug, no more than 60 chars
14
- - `description`: one sentence, < 120 chars
12
+ 2. **Prefer the `synthesize_skill` tool** pass the intent and let it draft, validate
13
+ the frontmatter against the canonical schema, pick a collision-free filename, persist
14
+ to `~/.moxxy/skills/`, and hot-swap the registry. This is the path that can't ship
15
+ invalid frontmatter or clobber an existing skill.
16
+ 3. Only hand-write the file with `Write` if the tool is unavailable. If you do, the
17
+ frontmatter MUST satisfy the schema (hard caps: `name` <=120, `description` <=240).
18
+ Aim well under those for legibility — these are style budgets, not the wall:
19
+ - `name`: kebab-case slug, aim for <=60 chars (schema hard cap 120)
20
+ - `description`: one sentence, aim for <=120 chars (schema hard cap 240)
15
21
  - `triggers`: 2–5 short phrases a user might say
16
22
  - `allowed-tools`: only the tools you need
17
- 3. The body is the instructions for future invocations: numbered steps, the minimum needed to execute reliably.
18
- 4. Save to `~/.moxxy/skills/<slug>.md` unless the user redirects to project scope.
23
+ The body is the instructions for future invocations: numbered steps, the minimum
24
+ needed to execute reliably. Save to `~/.moxxy/skills/<slug>.md` unless the user
25
+ redirects to project scope.
19
26
 
20
27
  Keep skill bodies short — under 30 lines. Long context belongs in code/files the skill reads at runtime, not in the skill itself.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@moxxy/cli",
3
- "version": "0.14.8",
3
+ "version": "0.14.9",
4
4
  "description": "moxxy command-line binary. Subcommand dispatcher consuming the moxxy SDK.",
5
5
  "keywords": [
6
6
  "moxxy",
@@ -50,7 +50,7 @@
50
50
  },
51
51
  "dependencies": {
52
52
  "zod": "^3.24.0",
53
- "@moxxy/sdk": "0.15.0"
53
+ "@moxxy/sdk": "0.15.1"
54
54
  },
55
55
  "optionalDependencies": {
56
56
  "@napi-rs/keyring": "^1.3.0",