@nforma.ai/nforma 0.2.1

package/bin/call-quorum-slot.cjs

@@ -0,0 +1,541 @@
+#!/usr/bin/env node
+'use strict';
+
+/**
+ * call-quorum-slot.cjs — bash-callable quorum slot dispatcher
+ *
+ * Usage:
+ *   echo "<prompt>" | node call-quorum-slot.cjs --slot <name> [--timeout <ms>] [--cwd <dir>]
+ *   node call-quorum-slot.cjs --slot <name> [--timeout <ms>] [--cwd <dir>] <<'EOF'
+ *   <multi-line prompt>
+ *   EOF
+ *
+ * --cwd <dir>  Set the working directory for spawned CLI processes (defaults to process.cwd()).
+ *              Pass the project repo path so CLIs auto-detect the correct git context.
+ *
+ * Reads providers.json, dispatches to the slot's CLI (subprocess) or HTTP provider,
+ * prints the response text to stdout.
+ *
+ * Used by qgsd-quorum-orchestrator (sub-agent) which cannot access MCP tools.
+ *
+ * Exit codes: 0 = success, 1 = error (message on stderr)
+ */
+
+const { spawn } = require('child_process');
+const https     = require('https');
+const http      = require('http');
+const fs        = require('fs');
+const path      = require('path');
+const os        = require('os');
+
+// ─── Utilities ──────────────────────────────────────────────────────────────
+function sleep(ms) {
+  return new Promise(resolve => setTimeout(resolve, ms));
+}
+
+// ─── Token sentinel for CLI slots (OBSV-04) ───────────────────────────────────
+function appendTokenSentinel(slotName) {
+  try {
+    const record = JSON.stringify({
+      ts:                          new Date().toISOString(),
+      session_id:                  null,
+      agent_id:                    null,
+      slot:                        slotName,
+      input_tokens:                null,
+      output_tokens:               null,
+      cache_creation_input_tokens: null,
+      cache_read_input_tokens:     null,
+    });
+    const pp = require('./planning-paths.cjs');
+    const logPath = pp.resolve(findProjectRoot(), 'token-usage');
+    fs.appendFileSync(logPath, record + '\n', 'utf8');
+  } catch (_) {} // observational — never fails
+}
+
+// ─── Telemetry logging for quorum slot dispatch (OBS-01) ─────────────────────
+function recordTelemetry(slotName, round, verdict, latencyMs, provider, providerStatus, retryCount, errorType) {
+  try {
+    const sessionId = process.env.CLAUDE_SESSION_ID || 'session-' + Date.now();
+    const record = JSON.stringify({
+      ts: new Date().toISOString(),
+      session_id: sessionId,
+      round: parseInt(round, 10) || 0,
+      slot: slotName,
+      verdict: verdict,
+      latency_ms: latencyMs,
+      provider: provider,
+      provider_status: providerStatus,
+      retry_count: retryCount,
+      error_type: errorType,
+    });
+    const pp = require('./planning-paths.cjs');
+    const logPath = pp.resolve(findProjectRoot(), 'quorum-rounds', { sessionId });
+    fs.appendFileSync(logPath, record + '\n', 'utf8');
+  } catch (_) {
+    // Fail-open: telemetry errors never block or crash the dispatch
+    // Log to stderr for observability, but do not rethrow
+    process.stderr.write('[call-quorum-slot] telemetry error (non-fatal): recordTelemetry failed\n');
+  }
+}
+
+// ─── Failure log ───────────────────────────────────────────────────────────────
+function findProjectRoot() {
+  let dir = __dirname;
+  for (let i = 0; i < 8; i++) {
+    if (fs.existsSync(path.join(dir, '.planning'))) return dir;
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  return process.cwd();
+}
+
+function writeFailureLog(slotName, errorMsg, stderrText) {
+  try {
+    const pp = require('./planning-paths.cjs');
+    const logPath = pp.resolve(findProjectRoot(), 'quorum-failures');
+
+    // Classify error type
+    let error_type;
+    if (/usage:|unknown flag|unknown option|invalid flag|unrecognized/i.test(errorMsg)) {
+      error_type = 'CLI_SYNTAX';
+    } else if (/TIMEOUT/i.test(errorMsg)) {
+      error_type = 'TIMEOUT';
+    } else if (/401|403|unauthorized|forbidden/i.test(errorMsg)) {
+      error_type = 'AUTH';
+    } else {
+      error_type = 'UNKNOWN';
+    }
+
+    // Extract pattern: first 200 chars of stderrText or errorMsg, strip ANSI codes
+    const rawPattern = (stderrText && stderrText.length > 0) ? stderrText : errorMsg;
+    const pattern = rawPattern.replace(/\x1b\[[0-9;]*m/g, '').slice(0, 200);
+
+    // Read existing log
+    let records = [];
+    if (fs.existsSync(logPath)) {
+      try {
+        records = JSON.parse(fs.readFileSync(logPath, 'utf8'));
+        if (!Array.isArray(records)) records = [];
+      } catch (_) { records = []; }
+    }
+
+    // Update or insert record
+    const existing = records.find(r => r.slot === slotName && r.error_type === error_type);
+    if (existing) {
+      existing.count++;
+      existing.last_seen = new Date().toISOString();
+    } else {
+      records.push({ slot: slotName, error_type, pattern, count: 1, last_seen: new Date().toISOString() });
+    }
+
+    fs.writeFileSync(logPath, JSON.stringify(records, null, 2), 'utf8');
+  } catch (_) { /* failure logging must never interrupt the primary flow */ }
+}
+
+// ─── Retry with exponential backoff (FAIL-01) ───────────────────────────────
+function isRetryable(error) {
+  const msg = (error && error.message) ? error.message : String(error);
+
+  // Non-retryable errors: fail immediately
+  if (/spawn error/i.test(msg)) {
+    return false;
+  }
+  if (/usage:|unknown flag|unknown option|invalid flag|unrecognized/i.test(msg)) {
+    return false;
+  }
+
+  // Retryable errors: TIMEOUT and network errors
+  if (/TIMEOUT/i.test(msg)) {
+    return true;
+  }
+  if (/ECONNREFUSED|ENOTFOUND|ECONNRESET|ETIMEDOUT/i.test(msg)) {
+    return true;
+  }
+
+  // Fail-open: unknown errors are retryable
+  return true;
+}
+
+async function retryWithBackoff(fn, slotName, maxRetries = 2, delays = [1000, 3000]) {
+  const MAX_RETRIES = maxRetries;
+  let retryAttempts = 0;
+
+  for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+    try {
+      const result = await fn();
+      return { result, retryCount: retryAttempts };
+    } catch (err) {
+      const isLastAttempt = attempt >= MAX_RETRIES;
+      const isNonRetryable = !isRetryable(err);
+
+      // Fail immediately if non-retryable or no more retries
+      if (isNonRetryable || isLastAttempt) {
+        throw err;
+      }
+
+      // Log retry attempt and sleep before next attempt
+      const delayMs = delays[attempt] ?? 3000; // default to 3s if delay not specified
+      retryAttempts++;
+      process.stderr.write(`[call-quorum-slot] retry ${attempt + 1}/${MAX_RETRIES} for slot ${slotName} after ${delayMs}ms\n`);
+      await sleep(delayMs);
+    }
+  }
+}
+
+// ─── Args ──────────────────────────────────────────────────────────────────────
+const argv = process.argv.slice(2);
+const getArg = (f) => { const i = argv.indexOf(f); return i !== -1 && argv[i + 1] ? argv[i + 1] : null; };
+
+const slot      = getArg('--slot');
+const _timeoutArg = getArg('--timeout');
+// Treat 0 / negative / NaN as "not set" — fall through to provider.quorum_timeout_ms.
+// Zero can be passed when the quorum orchestrator LLM fails to compute SLOT_TIMEOUTS,
+// causing the process to be killed in ~1 ms and logged as "TIMEOUT after 0ms".
+let timeoutMs = _timeoutArg !== null ? parseInt(_timeoutArg, 10) : null;
+if (timeoutMs !== null && (isNaN(timeoutMs) || timeoutMs <= 0)) timeoutMs = null;
+const roundNum  = getArg('--round');
+const spawnCwd  = getArg('--cwd') ?? process.cwd();
+
+if (!slot) {
+  process.stderr.write('Usage: echo "<prompt>" | node call-quorum-slot.cjs --slot <name> [--timeout <ms>] [--cwd <dir>]\n');
+  process.exit(1);
+}
+
+// ─── Find providers.json ───────────────────────────────────────────────────────
+function findProviders() {
+  const searchPaths = [
+    path.join(__dirname, 'providers.json'),                             // same dir (qgsd-bin)
+    path.join(os.homedir(), '.claude', 'qgsd-bin', 'providers.json'),  // installed fallback
+  ];
+
+  // Also derive path from unified-1 MCP server config in ~/.claude.json
+  try {
+    const claudeJson = JSON.parse(fs.readFileSync(path.join(os.homedir(), '.claude.json'), 'utf8'));
+    const u1args = claudeJson?.mcpServers?.['unified-1']?.args ?? [];
+    const serverScript = u1args.find(a => typeof a === 'string' && a.endsWith('unified-mcp-server.mjs'));
+    if (serverScript) {
+      searchPaths.unshift(path.join(path.dirname(serverScript), 'providers.json'));
+    }
+  } catch (_) { /* no claude.json — fine */ }
+
+  for (const p of searchPaths) {
+    try {
+      if (fs.existsSync(p)) {
+        return JSON.parse(fs.readFileSync(p, 'utf8')).providers;
+      }
+    } catch (_) { /* try next */ }
+  }
+  return null;
+}
+
+// ─── Read stdin ────────────────────────────────────────────────────────────────
+function readStdin() {
+  return new Promise((resolve) => {
+    let data = '';
+    process.stdin.setEncoding('utf8');
+    process.stdin.on('data', chunk => { data += chunk; });
+    process.stdin.on('end', () => resolve(data.trim()));
+    // If stdin is a TTY (no pipe), resolve immediately with empty string
+    if (process.stdin.isTTY) resolve('');
+  });
+}
+
+// ─── Subprocess dispatch ───────────────────────────────────────────────────────
+function runSubprocess(provider, prompt, timeoutMs) {
+  const args = provider.args_template.map(a => (a === '{prompt}' ? prompt : a));
+  const env  = { ...process.env, ...(provider.env ?? {}) };
+
+  return new Promise((resolve, reject) => {
+    let child;
+    try {
+      // detached: true creates a new process group — required to kill all descendants
+      // (ccr → Claude Code → node, opencode → LLM subprocess, etc.)
+      child = spawn(provider.cli, args, { env, cwd: spawnCwd, stdio: ['pipe', 'pipe', 'pipe'], detached: true });
+    } catch (err) {
+      reject(new Error(`[spawn error: ${err.message}]`));
+      return;
+    }
+
+    child.stdin.end(); // non-interactive
+
+    let stdout    = '';
+    let stderr    = '';
+    let timedOut  = false;
+    const MAX_BUF = 10 * 1024 * 1024;
+
+    // Kill entire process group, then destroy streams to force 'close' even if
+    // grandchildren keep the pipes open (the common case with ccr/opencode).
+    const killGroup = () => {
+      try { process.kill(-child.pid, 'SIGTERM'); } catch (_) { try { child.kill('SIGTERM'); } catch (_) {} }
+      setTimeout(() => {
+        try { process.kill(-child.pid, 'SIGKILL'); } catch (_) { try { child.kill('SIGKILL'); } catch (_) {} }
+        try { child.stdout.destroy(); } catch (_) {}
+        try { child.stderr.destroy(); } catch (_) {}
+      }, 2000);
+    };
+
+    const timer = setTimeout(() => {
+      timedOut = true;
+      killGroup();
+    }, timeoutMs);
+
+    child.stdout.on('data', d => {
+      if (stdout.length < MAX_BUF) stdout += d.toString().slice(0, MAX_BUF - stdout.length);
+    });
+    child.stderr.on('data', d => { stderr += d.toString().slice(0, 4096); });
+
+    child.on('close', (code) => {
+      clearTimeout(timer);
+      if (timedOut) {
+        reject(new Error(`TIMEOUT after ${timeoutMs}ms`));
+        return;
+      }
+      const output = stdout || stderr || '(no output)';
+      resolve(code !== 0 ? `${output}\n[exit code ${code}]` : output);
+    });
+
+    child.on('error', (err) => {
+      clearTimeout(timer);
+      reject(new Error(`[spawn error: ${err.message}]`));
+    });
+  });
+}
+
+// ─── OAuth account rotation ────────────────────────────────────────────────────
+function matchesRotationPattern(text, patterns) {
+  const lower = (text ?? '').toLowerCase();
+  return patterns.some(p => lower.includes(p.toLowerCase()));
+}
+
+function spawnRotateCmd(cmdArray) {
+  return new Promise((resolve) => {
+    const [bin, ...args] = cmdArray;
+    const child = spawn(bin, args, { stdio: ['ignore', 'pipe', 'pipe'] });
+    child.on('close', (code) => {
+      if (code !== 0) process.stderr.write(`[oauth-rotation] ${bin} exited ${code}\n`);
+      resolve(); // non-fatal — always attempt retry
+    });
+    child.on('error', (err) => {
+      process.stderr.write(`[oauth-rotation] ${bin} error: ${err.message}\n`);
+      resolve(); // non-fatal
+    });
+  });
+}
+
+async function runSubprocessWithRotation(provider, prompt, timeoutMs) {
+  const rot      = provider.oauth_rotation;
+  const max      = rot.max_retries ?? 3;
+  const patterns = rot.retry_on_patterns ?? ['quota', 'resource_exhausted', 'unauthorized', '401', '403'];
+  let lastErr    = null;
+  let totalRetryCount = 0;
+
+  for (let attempt = 0; attempt <= max; attempt++) {
+    if (attempt > 0) {
+      process.stderr.write(`[oauth-rotation] attempt ${attempt}/${max} — rotating OAuth account\n`);
+      await spawnRotateCmd(rot.rotate_cmd);
+    }
+    try {
+      // Wrap inner call with retry-with-backoff (each oauth attempt gets retry protection)
+      const retryResult = await retryWithBackoff(() => runSubprocess(provider, prompt, timeoutMs), provider.name);
+      const out = retryResult.result;
+      totalRetryCount = attempt + retryResult.retryCount;
+      if (matchesRotationPattern(out, patterns) && attempt < max) {
+        lastErr = new Error('quota/auth pattern in output');
+        continue;
+      }
+      return { result: out, retryCount: totalRetryCount };
+    } catch (err) {
+      if (matchesRotationPattern(err.message, patterns) && attempt < max) {
+        lastErr = err;
+        continue;
+      }
+      throw err;
+    }
+  }
+  throw lastErr ?? new Error('[oauth-rotation] all attempts exhausted');
+}
+
+// ─── Read per-slot env from ~/.claude.json (for HTTP PROVIDER_SLOT pattern) ───
+function loadSlotEnv(slotName) {
+  try {
+    const claudeJson = JSON.parse(fs.readFileSync(path.join(os.homedir(), '.claude.json'), 'utf8'));
+    return claudeJson?.mcpServers?.[slotName]?.env ?? {};
+  } catch (_) { return {}; }
+}
+
+// ─── HTTP dispatch ─────────────────────────────────────────────────────────────
+function runHttp(provider, prompt, timeoutMs) {
+  // HTTP slots use PROVIDER_SLOT mode: API keys live in ~/.claude.json server env,
+  // not in process.env. Load them from there, falling back to process.env.
+  const slotEnv = loadSlotEnv(provider.name);
+  const apiKey  = slotEnv['ANTHROPIC_API_KEY']
+               ?? process.env[provider.apiKeyEnv]
+               ?? process.env['ANTHROPIC_API_KEY']
+               ?? '';
+  const baseUrl = slotEnv['ANTHROPIC_BASE_URL'] ?? provider.baseUrl;
+  const model   = slotEnv['CLAUDE_DEFAULT_MODEL'] ?? provider.model;
+
+  const body   = JSON.stringify({
+    model:    model,
+    messages: [{ role: 'user', content: prompt }],
+    stream:   false,
+  });
+
+  const url       = new URL(`${baseUrl}/chat/completions`);
+  const isHttps   = url.protocol === 'https:';
+  const transport = isHttps ? https : http;
+  const options   = {
+    hostname: url.hostname,
+    port:     url.port || (isHttps ? 443 : 80),
+    path:     url.pathname + url.search,
+    method:   'POST',
+    headers:  {
+      'Content-Type':   'application/json',
+      'Authorization':  `Bearer ${apiKey}`,
+      'Content-Length': Buffer.byteLength(body),
+    },
+  };
+
+  return new Promise((resolve, reject) => {
+    let timedOut = false;
+
+    const req = transport.request(options, (res) => {
+      let data = '';
+      res.on('data', chunk => { data += chunk; });
+      res.on('end', () => {
+        if (timedOut) return;
+        clearTimeout(timer);
+        try {
+          const parsed  = JSON.parse(data);
+          const content = parsed?.choices?.[0]?.message?.content;
+          if (content) {
+            resolve(content);
+          } else {
+            reject(new Error(`[HTTP error: unexpected response] ${data.slice(0, 500)}`));
+          }
+        } catch (e) {
+          reject(new Error(`[HTTP error: JSON parse failed] ${data.slice(0, 500)}`));
+        }
+      });
+    });
+
+    const timer = setTimeout(() => {
+      timedOut = true;
+      req.destroy();
+      reject(new Error(`TIMEOUT after ${timeoutMs}ms`));
+    }, timeoutMs);
+
+    req.on('error', (err) => {
+      clearTimeout(timer);
+      if (!timedOut) reject(new Error(`[HTTP request error: ${err.message}]`));
+    });
+
+    req.write(body);
+    req.end();
+  });
+}
+
+// ─── Main ──────────────────────────────────────────────────────────────────────
+async function main() {
+  const providers = findProviders();
+  if (!providers) {
+    process.stderr.write('[call-quorum-slot] Could not find providers.json\n');
+    process.exit(1);
+  }
+
+  if (providers.length === 0) {
+    process.stderr.write('[call-quorum-slot] No providers configured in providers.json — cannot dispatch slot\n');
+    process.exit(1);
+  }
+
+  const provider = providers.find(p => p.name === slot);
+  if (!provider) {
+    const names = providers.map(p => p.name).join(', ');
+    process.stderr.write(`[call-quorum-slot] Unknown slot: "${slot}". Available: ${names}\n`);
+    process.exit(1);
+  }
+
+  const prompt = await readStdin();
+  if (!prompt) {
+    process.stderr.write('[call-quorum-slot] No prompt received on stdin\n');
+    process.exit(1);
+  }
+
+  // timeoutMs is null when --timeout not passed → fall through to provider.quorum_timeout_ms.
+  // provider.timeout_ms (300s) is intentionally last — it's the full session timeout, not quorum.
+  // When both are set, take the minimum so provider.quorum_timeout_ms always acts as a hard cap.
+  const providerCap = provider.quorum_timeout_ms ?? null;
+  const effectiveTimeout = (timeoutMs !== null && providerCap !== null)
+    ? Math.min(timeoutMs, providerCap)
+    : (timeoutMs ?? providerCap ?? provider.timeout_ms ?? 30000);
+
+  const startMs = Date.now();
+
+  try {
+    let result;
+    let retryCount = 0;
+
+    if (provider.type === 'subprocess') {
+      if (provider.oauth_rotation?.enabled) {
+        const retryResult = await runSubprocessWithRotation(provider, prompt, effectiveTimeout);
+        result = retryResult.result;
+        retryCount = retryResult.retryCount;
+      } else {
+        const retryResult = await retryWithBackoff(() => runSubprocess(provider, prompt, effectiveTimeout), slot);
+        result = retryResult.result;
+        retryCount = retryResult.retryCount;
+      }
+    } else if (provider.type === 'http') {
+      const retryResult = await retryWithBackoff(() => runHttp(provider, prompt, effectiveTimeout), slot);
+      result = retryResult.result;
+      retryCount = retryResult.retryCount;
+    } else {
+      process.stderr.write(`[call-quorum-slot] Unknown provider type: ${provider.type}\n`);
+      writeFailureLog(slot, `Unknown provider type: ${provider.type}`, '');
+      appendTokenSentinel(slot);
+      const latencyMs = Date.now() - startMs;
+      recordTelemetry(slot, roundNum, 'FLAG', latencyMs, provider.provider || provider.name, 'unavailable', 0, 'UNKNOWN_TYPE');
+      process.exit(1);
+    }
+
+    // Extract verdict from result using regex
+    const verdict = (/APPROVE|BLOCK|FLAG/.exec(result) || [])[0] || 'UNKNOWN';
+    const latencyMs = Date.now() - startMs;
+    const providerName = provider.provider || provider.name;
+
+    recordTelemetry(slot, roundNum, verdict, latencyMs, providerName, 'available', retryCount, null);
+
+    process.stdout.write(result);
+    if (!result.endsWith('\n')) process.stdout.write('\n');
+    appendTokenSentinel(slot);
+    process.exit(0);
+  } catch (err) {
+    const latencyMs = Date.now() - startMs;
+    const providerName = provider.provider || provider.name;
+
+    // Classify error type
+    let errorType = 'UNKNOWN';
+    if (/TIMEOUT/i.test(err.message)) {
+      errorType = 'TIMEOUT';
+    } else if (/401|403|unauthorized|forbidden/i.test(err.message)) {
+      errorType = 'AUTH';
+    } else if (/spawn error/i.test(err.message)) {
+      errorType = 'SPAWN_ERROR';
+    } else if (/usage:|unknown flag/i.test(err.message)) {
+      errorType = 'CLI_SYNTAX';
+    }
+
+    recordTelemetry(slot, roundNum, 'FLAG', latencyMs, providerName, 'unavailable', 0, errorType);
+
+    process.stderr.write(`[call-quorum-slot] ${err.message}\n`);
+    writeFailureLog(slot, err.message, '');
+    appendTokenSentinel(slot);
+    process.exit(1);
+  }
+}
+
+main().catch(err => {
+  process.stderr.write(`[call-quorum-slot] Fatal: ${err.message}\n`);
+  process.exit(1);
+});

package/bin/ccr-secure-config.cjs

@@ -0,0 +1,99 @@
+#!/usr/bin/env node
+// bin/ccr-secure-config.cjs
+// Reads the 3 CCR provider API keys from keytar (qgsd service) and writes them
+// into ~/.claude-code-router/config.json with chmod 600.
+// Designed to be called at session start and on-demand. Fail-silent when keytar
+// is unavailable or keys are not yet stored.
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+const { execFileSync } = require('child_process');
+
+const CONFIG_PATH = path.join(os.homedir(), '.claude-code-router', 'config.json');
+
+// Locate secrets.cjs — try installed global path first, then local dev path.
+function findSecrets() {
+  const candidates = [
+    path.join(os.homedir(), '.claude', 'qgsd-bin', 'secrets.cjs'), // installed path
+    path.join(__dirname, 'secrets.cjs'),                             // local dev path
+  ];
+  for (const p of candidates) {
+    try {
+      if (fs.existsSync(p)) {
+        return require(p);
+      }
+    } catch (_) {}
+  }
+  return null;
+}
+
+async function main() {
+  const secrets = findSecrets();
+  if (!secrets) {
+    process.stderr.write('[ccr-secure-config] secrets.cjs not found — skipping CCR config population\n');
+    process.exit(0);
+  }
+
+  let akashKey, togetherKey, fireworksKey;
+  try {
+    akashKey    = await secrets.get('qgsd', 'AKASHML_API_KEY');
+    togetherKey = await secrets.get('qgsd', 'TOGETHER_API_KEY');
+    fireworksKey = await secrets.get('qgsd', 'FIREWORKS_API_KEY');
+  } catch (e) {
+    process.stderr.write('[ccr-secure-config] keytar unavailable: ' + e.message + '\n');
+    process.exit(0);
+  }
+
+  if (!akashKey && !togetherKey && !fireworksKey) {
+    process.stderr.write('[ccr-secure-config] No CCR provider keys found in keytar — run manage-agents (option 9) to set them\n');
+    process.exit(0);
+  }
+
+  let config;
+  try {
+    const raw = fs.readFileSync(CONFIG_PATH, 'utf8');
+    config = JSON.parse(raw);
+  } catch (e) {
+    process.stderr.write('[ccr-secure-config] Could not read ' + CONFIG_PATH + ': ' + e.message + '\n');
+    process.exit(1);
+  }
+
+  if (!Array.isArray(config.providers)) {
+    process.stderr.write('[ccr-secure-config] config.json has no providers array\n');
+    process.exit(1);
+  }
+
+  const providerKeyMap = {
+    akashml:   akashKey,
+    together:  togetherKey,
+    fireworks: fireworksKey,
+  };
+
+  let patched = 0;
+  for (const provider of config.providers) {
+    if (!provider.name) continue;
+    const keyName = provider.name.toLowerCase();
+    if (keyName in providerKeyMap && providerKeyMap[keyName]) {
+      provider.api_key = providerKeyMap[keyName];
+      patched++;
+    }
+  }
+
+  // Write config back with restrictive permissions
+  fs.writeFileSync(CONFIG_PATH, JSON.stringify(config, null, 2), { mode: 0o600 });
+
+  // Enforce permissions on existing file (writeFileSync mode only applies to new files on some systems)
+  try {
+    execFileSync('chmod', ['600', CONFIG_PATH]);
+  } catch (_) {}
+
+  console.log('[ccr-secure-config] Populated ' + patched + ' provider key(s)');
+}
+
+main().catch((e) => {
+  process.stderr.write('[ccr-secure-config] Unexpected error: ' + e.message + '\n');
+  process.exit(1);
+});