@ogment-ai/cli 0.3.0

package/README.md

@@ -0,0 +1,124 @@
+# Ogment CLI
+
+**Secure your AI agents' SaaS credentials.**
+
+Ogment sits between your AI agent and your SaaS tools. Your agent gets a scoped, revocable API key — your real credentials never leave Ogment.
+
+## Quick Start
+
+```bash
+# Log in (opens browser for OAuth + agent selection)
+npx ogment login
+
+# List available servers
+npx ogment servers
+
+# Call a tool
+npx ogment call <server> <tool> '{"param": "value"}'
+```
+
+## Development
+
+### Run Tests
+
+```bash
+pnpm run test          # Watch mode
+pnpm run test:run      # Single run
+pnpm run test:coverage # Coverage (text + html + lcov)
+pnpm run test:ui       # Vitest UI
+pnpm run test:changed  # Run tests related to changed files
+pnpm run test:ci       # CI profile (coverage + CI reporters)
+```
+
+## Commands
+
+### `ogment login`
+
+Authenticate with the Ogment platform. Opens your browser for OAuth sign-in, then shows an agent picker where you create or select an agent. The resulting API key is stored locally.
+
+```bash
+npx ogment login
+```
+
+### `ogment login --device`
+
+For headless or remote environments (VMs, CI servers) where a browser isn't available. Displays a short code that you enter on the Ogment dashboard from any device.
+
+```bash
+npx ogment login --device
+
+# Shows:
+#   Enter this code on the Ogment dashboard:
+#     ABCD-1234
+#   Open: https://dashboard.ogment.ai/cli/activate
+```
+
+### `ogment servers [path]`
+
+List configured servers or inspect a server's tools.
+
+```bash
+npx ogment servers                # List all servers
+npx ogment servers <path>         # Inspect tools
+npx ogment servers --json         # Machine-readable output
+```
+
+### `ogment call <server> <tool> [args]`
+
+Call a tool on an Ogment server. Always outputs JSON.
+
+```bash
+npx ogment call ecommerce-api get__health
+npx ogment call ecommerce-api get__api_products_ '{"limit":2}'
+```
+
+### `ogment logout`
+
+Delete local credentials. To revoke the API key (prevent all access), use the Ogment dashboard.
+
+```bash
+npx ogment logout
+```
+
+## Authentication Model
+
+Ogment uses **Clerk API keys** for machine authentication:
+
+1. **`ogment login`** — Human authenticates via OAuth, picks an agent → Clerk API key created
+2. **API key stored locally** — At `~/.config/ogment/credentials.json`
+3. **All requests use the API key** — Sent as `Authorization: Bearer <api-key>`
+4. **Revoke anytime** — In the Ogment dashboard → Agents tab
+
+### For Remote VMs
+
+Use the device flow (`ogment login --device`) — the human approves from their own device, the VM never sees credentials or a browser. The API key is the only credential the VM receives.
+
+## Environment Variables
+
+| Variable | Default | Description |
+|---|---|---|
+| `OGMENT_BASE_URL` | `https://dashboard.ogment.ai` | Ogment platform URL (for development) |
+| `OGMENT_API_KEY` | — | API key (alternative to `ogment login`) |
+
+## How It Works
+
+```
+AI Agent (Claude, Cursor, ChatGPT)
+    │
+    │  Clerk API key (long-lived, revocable)
+    ▼
+┌─────────────────────────────────┐
+│       Ogment MCP Proxy          │
+│  ✓ Validate API key             │
+│  ✓ Inject real credentials      │
+│  ✓ Log every tool call          │
+└──────────────┬──────────────────┘
+               │
+    ┌──────────┼──────────┐
+    ▼          ▼          ▼
+Salesforce   Linear    Snowflake
+```
+
+## License
+
+MIT

package/dist/cli.d.ts

@@ -0,0 +1,19 @@
+#!/usr/bin/env node
+import type { CommandContext } from "./commands/context.js";
+import { OutputManager } from "./output/manager.js";
+import { type ExitCode } from "./shared/exit-codes.js";
+export interface GlobalCliOptions {
+    apiKey: string | undefined;
+    json: boolean | undefined;
+    nonInteractive: boolean | undefined;
+    quiet: boolean | undefined;
+    yes: boolean | undefined;
+}
+interface Runtime {
+    context: CommandContext;
+    output: OutputManager;
+}
+export declare const runCli: (argv?: readonly string[], runtime?: Runtime) => Promise<ExitCode>;
+export declare const executeCli: () => Promise<void>;
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAQA,OAAO,KAAK,EAAE,cAAc,EAAmB,MAAM,uBAAuB,CAAC;AAO7E,OAAO,EAAE,aAAa,EAA0B,MAAM,qBAAqB,CAAC;AAK5E,OAAO,EAAa,KAAK,QAAQ,EAAoB,MAAM,wBAAwB,CAAC;AAIpF,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;IAC3B,IAAI,EAAE,OAAO,GAAG,SAAS,CAAC;IAC1B,cAAc,EAAE,OAAO,GAAG,SAAS,CAAC;IACpC,KAAK,EAAE,OAAO,GAAG,SAAS,CAAC;IAC3B,GAAG,EAAE,OAAO,GAAG,SAAS,CAAC;CAC1B;AAED,UAAU,OAAO;IACf,OAAO,EAAE,cAAc,CAAC;IACxB,MAAM,EAAE,aAAa,CAAC;CACvB;AA4XD,eAAO,MAAM,MAAM,GACjB,OAAM,SAAS,MAAM,EAA0B,EAC/C,UAAS,OAAyB,KACjC,OAAO,CAAC,QAAQ,CAmBlB,CAAC;AAEF,eAAO,MAAM,UAAU,QAAa,OAAO,CAAC,IAAI,CAG/C,CAAC"}

package/dist/cli.js

@@ -0,0 +1,337 @@
+#!/usr/bin/env node
+import { pathToFileURL } from "node:url";
+import { Command, CommanderError } from "commander";
+import { runCallCommand } from "./commands/call.js";
+import { runDescribeCommand } from "./commands/describe.js";
+import { runServersCommand } from "./commands/servers.js";
+import { createBrowserOpener } from "./infra/browser.js";
+import { createFileCredentialsStore } from "./infra/credentials.js";
+import { createRuntimeConfig } from "./infra/env.js";
+import { createHttpClient } from "./infra/http.js";
+import { OutputManager } from "./output/manager.js";
+import { createAccountService } from "./services/account.js";
+import { createAuthService } from "./services/auth.js";
+import { createMcpService } from "./services/mcp.js";
+import { UnexpectedError, ValidationError } from "./shared/errors.js";
+import { EXIT_CODE, exitCodeForError } from "./shared/exit-codes.js";
+import { APP_DESCRIPTION, APP_NAME, AGENT_SUCCESS_HINT, VERSION } from "./shared/constants.js";
+class CliExitError extends Error {
+    exitCode;
+    constructor(exitCode) {
+        super("CLI exit");
+        this.exitCode = exitCode;
+    }
+}
+const createRuntime = () => {
+    const runtimeConfig = createRuntimeConfig();
+    const output = new OutputManager();
+    const credentialsStore = createFileCredentialsStore({
+        configDir: runtimeConfig.configDir,
+        credentialsPath: runtimeConfig.credentialsPath,
+    });
+    const httpClient = createHttpClient();
+    const browserOpener = createBrowserOpener();
+    const services = {
+        account: createAccountService({
+            baseUrl: runtimeConfig.baseUrl,
+            httpClient,
+        }),
+        auth: createAuthService({
+            baseUrl: runtimeConfig.baseUrl,
+            browserOpener,
+            credentialsStore,
+            envApiKey: runtimeConfig.envApiKey,
+            httpClient,
+        }),
+        mcp: createMcpService({
+            baseUrl: runtimeConfig.baseUrl,
+            version: runtimeConfig.version,
+        }),
+    };
+    return {
+        context: {
+            apiKeyOverride: undefined,
+            output,
+            services,
+        },
+        output,
+    };
+};
+const asGlobalOptions = (command) => {
+    const options = command.optsWithGlobals();
+    return {
+        apiKey: options.apiKey,
+        json: options.json,
+        nonInteractive: options.nonInteractive,
+        quiet: options.quiet,
+        yes: options.yes,
+    };
+};
+const mapGlobalOutputOptions = (options) => {
+    return {
+        json: options.json,
+        nonInteractive: options.nonInteractive,
+        quiet: options.quiet,
+        yes: options.yes,
+    };
+};
+const throwCommandError = (error) => {
+    throw new CliExitError(exitCodeForError(error));
+};
+const isRecord = (value) => {
+    return typeof value === "object" && value !== null;
+};
+const ensureSuccess = (result, output) => {
+    if (result.status === "error") {
+        output.error(result.error);
+        throwCommandError(result.error);
+    }
+    return result.value;
+};
+const formatSchemaType = (property) => {
+    if (Array.isArray(property.enum) && property.enum.length > 0) {
+        return property.enum.map(String).join(" | ");
+    }
+    if (property.type === "array" && typeof property.items?.type === "string") {
+        return `${property.items.type}[]`;
+    }
+    if (typeof property.type === "string" && property.type.length > 0) {
+        return property.type;
+    }
+    return "unknown";
+};
+const renderSchemaParameters = (output, schema) => {
+    const required = new Set();
+    const requiredValue = schema["required"];
+    if (Array.isArray(requiredValue)) {
+        for (const item of requiredValue) {
+            if (typeof item === "string") {
+                required.add(item);
+            }
+        }
+    }
+    const propertiesValue = schema["properties"];
+    if (!isRecord(propertiesValue)) {
+        output.info("    Parameters: none");
+        return;
+    }
+    const entries = Object.entries(propertiesValue);
+    if (entries.length === 0) {
+        output.info("    Parameters: none");
+        return;
+    }
+    output.info("    Parameters:");
+    for (const [name, propertyValue] of entries) {
+        if (!isRecord(propertyValue)) {
+            continue;
+        }
+        const property = propertyValue;
+        const type = formatSchemaType(property);
+        const requirement = required.has(name) ? "required" : "optional";
+        const description = typeof property.description === "string" && property.description.length > 0
+            ? ` - ${property.description}`
+            : "";
+        output.info(`      ${name} (${type}, ${requirement})${description}`);
+    }
+};
+const renderSchemaBlock = (output, label, schema) => {
+    if (schema === undefined) {
+        output.info(`    ${label}: unavailable`);
+        return;
+    }
+    output.info(`    ${label}:`);
+    const lines = JSON.stringify(schema, null, 2).split("\n");
+    for (const line of lines) {
+        output.info(`      ${line}`);
+    }
+};
+const renderServersListHuman = (output, servers) => {
+    if (servers.length === 0) {
+        output.info("No servers available.");
+        return;
+    }
+    for (const server of servers) {
+        const description = typeof server.description === "string" && server.description.length > 0
+            ? ` - ${server.description}`
+            : "";
+        output.info(`${server.path} (${server.orgSlug}) ${server.name}${description}`);
+    }
+    output.info("Inspect tools with: ogment servers <path>");
+};
+const renderServerDetailsHuman = (output, payload) => {
+    output.info(`Server ${payload.server.name} (${payload.server.path}, ${payload.server.orgSlug})`);
+    if (payload.tools.length === 0) {
+        output.info("No tools available.");
+        return;
+    }
+    for (const tool of payload.tools) {
+        const description = typeof tool.description === "string" && tool.description.length > 0
+            ? ` - ${tool.description}`
+            : "";
+        output.info(`  ${tool.name}${description}`);
+        renderSchemaParameters(output, tool.inputSchema);
+        renderSchemaBlock(output, "Input schema", tool.inputSchema);
+        renderSchemaBlock(output, "Output schema", tool.outputSchema);
+    }
+};
+const createProgram = (runtime) => {
+    const program = new Command();
+    program.exitOverride();
+    program.configureOutput({
+        writeErr: () => undefined,
+    });
+    program
+        .name(APP_NAME)
+        .description(APP_DESCRIPTION)
+        .version(VERSION)
+        .option("--apiKey <key>", "API key override")
+        .option("--json", "Output machine-readable JSON")
+        .option("--quiet", "Suppress non-essential output")
+        .option("--non-interactive", "Disable interactive behavior")
+        .option("--yes", "Assume yes for any confirmation")
+        .hook("preAction", (thisCommand) => {
+        const options = asGlobalOptions(thisCommand);
+        runtime.output.configure(mapGlobalOutputOptions(options));
+        runtime.context.apiKeyOverride = options.apiKey;
+    });
+    program
+        .command("login")
+        .description("Authenticate with Ogment")
+        .option("--device", "Use device flow explicitly")
+        .action(async (options) => {
+        const result = await runtime.context.services.auth.login({
+            device: options.device === true,
+            nonInteractive: runtime.output.nonInteractive,
+            onPending: ({ userCode, verificationUri }) => {
+                runtime.output.info(`Open ${verificationUri}`);
+                runtime.output.info(`Enter code: ${userCode}`);
+            },
+        });
+        const data = ensureSuccess(result, runtime.output);
+        const humanMessage = data.alreadyLoggedIn
+            ? `Already logged in as ${data.agentName}.`
+            : `Logged in as ${data.agentName}. ${AGENT_SUCCESS_HINT}`;
+        runtime.output.success(data, humanMessage);
+    });
+    program
+        .command("logout")
+        .description("Revoke token and delete local credentials")
+        .action(async () => {
+        const result = await runtime.context.services.auth.logout();
+        const data = ensureSuccess(result, runtime.output);
+        let humanMessage = "Not logged in.";
+        if (data.localCredentialsDeleted) {
+            humanMessage = data.revoked
+                ? "Logged out and revoked API key."
+                : "Local credentials deleted. Server revocation not confirmed.";
+        }
+        runtime.output.success(data, humanMessage);
+    });
+    program
+        .command("servers [path]")
+        .description("List servers or inspect tools for one server")
+        .action(async (path) => {
+        const result = await runServersCommand(runtime.context, { path });
+        const data = ensureSuccess(result, runtime.output);
+        if (runtime.output.mode === "human") {
+            if ("servers" in data) {
+                renderServersListHuman(runtime.output, data.servers);
+                return;
+            }
+            renderServerDetailsHuman(runtime.output, data);
+            return;
+        }
+        runtime.output.success(data);
+    });
+    program
+        .command("call <serverPath> <toolName> [argsJson]")
+        .description("Call a tool on an Ogment server")
+        .action(async (serverPath, toolName, argsJson) => {
+        const result = await runCallCommand(runtime.context, {
+            argsJson,
+            serverPath,
+            toolName,
+        });
+        const data = ensureSuccess(result, runtime.output);
+        if (runtime.output.mode === "human") {
+            runtime.output.json(data.result);
+            return;
+        }
+        runtime.output.success(data);
+    });
+    program
+        .command("describe")
+        .description("Describe this CLI as a tool set for agent registration")
+        .action(() => {
+        const result = runDescribeCommand();
+        const data = ensureSuccess(result, runtime.output);
+        runtime.output.json(data);
+    });
+    program.action(() => {
+        if (runtime.output.mode === "json") {
+            runtime.output.success({
+                commands: ["login", "logout", "servers", "call", "describe"],
+            });
+            return;
+        }
+        runtime.output.info(`${APP_NAME} v${VERSION}`);
+        runtime.output.info(APP_DESCRIPTION);
+        runtime.output.info("");
+        runtime.output.info("Commands:");
+        runtime.output.info("  login [--device]");
+        runtime.output.info("  servers [path]");
+        runtime.output.info("  call <serverPath> <toolName> [argsJson]");
+        runtime.output.info("  logout");
+        runtime.output.info("  describe");
+    });
+    return program;
+};
+const normalizeCommanderError = (error) => {
+    if (error instanceof CommanderError) {
+        return new ValidationError({
+            details: error.message,
+            message: "Invalid CLI usage",
+        });
+    }
+    if (error instanceof Error) {
+        return new UnexpectedError({
+            cause: error,
+            message: error.message,
+        });
+    }
+    return new UnexpectedError({
+        cause: error,
+        message: "Unexpected CLI failure",
+    });
+};
+const normalizeCliArgv = (argv) => {
+    if (argv[0] === "--") {
+        return argv.slice(1);
+    }
+    return argv;
+};
+export const runCli = async (argv = process.argv.slice(2), runtime = createRuntime()) => {
+    const program = createProgram(runtime);
+    try {
+        await program.parseAsync(normalizeCliArgv(argv), { from: "user" });
+        return EXIT_CODE.success;
+    }
+    catch (error) {
+        if (error instanceof CliExitError) {
+            return error.exitCode;
+        }
+        if (error instanceof CommanderError && error.exitCode === EXIT_CODE.success) {
+            return EXIT_CODE.success;
+        }
+        const normalized = normalizeCommanderError(error);
+        runtime.output.error(normalized);
+        return exitCodeForError(normalized);
+    }
+};
+export const executeCli = async () => {
+    const code = await runCli();
+    process.exitCode = code;
+};
+if (process.argv[1] !== undefined && import.meta.url === pathToFileURL(process.argv[1]).href) {
+    await executeCli();
+}

package/dist/commands/call.d.ts

@@ -0,0 +1,14 @@
+import type { Result as ResultType } from "better-result";
+import type { McpServiceError } from "../services/mcp.js";
+import { NotFoundError, ValidationError } from "../shared/errors.js";
+import type { ToolCallSuccess } from "../shared/types.js";
+import type { CommandContext } from "./context.js";
+import { type ResolveServerStateError } from "./server-context.js";
+export interface CallCommandOptions {
+    argsJson: string | undefined;
+    serverPath: string;
+    toolName: string;
+}
+export type CallCommandError = McpServiceError | NotFoundError | ResolveServerStateError | ValidationError;
+export declare const runCallCommand: (context: CommandContext, options: CallCommandOptions) => Promise<ResultType<ToolCallSuccess, CallCommandError>>;
+//# sourceMappingURL=call.d.ts.map

package/dist/commands/call.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"call.d.ts","sourceRoot":"","sources":["../../src/commands/call.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,eAAe,CAAC;AAE1D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACrE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EAGL,KAAK,uBAAuB,EAC7B,MAAM,qBAAqB,CAAC;AAE7B,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,MAAM,gBAAgB,GACxB,eAAe,GACf,aAAa,GACb,uBAAuB,GACvB,eAAe,CAAC;AAiCpB,eAAO,MAAM,cAAc,GACzB,SAAS,cAAc,EACvB,SAAS,kBAAkB,KAC1B,OAAO,CAAC,UAAU,CAAC,eAAe,EAAE,gBAAgB,CAAC,CAqCvD,CAAC"}

package/dist/commands/call.js

@@ -0,0 +1,51 @@
+import { Result } from "better-result";
+import { NotFoundError, ValidationError } from "../shared/errors.js";
+import { findServerByPath, resolveServerState, } from "./server-context.js";
+const parseArgs = (argsJson) => {
+    if (argsJson === undefined || argsJson.length === 0) {
+        return Result.ok({});
+    }
+    const parsed = Result.try({
+        catch: () => new ValidationError({
+            details: argsJson,
+            message: "Invalid JSON arguments",
+        }),
+        try: () => JSON.parse(argsJson),
+    });
+    if (Result.isError(parsed)) {
+        return parsed;
+    }
+    if (typeof parsed.value !== "object" || parsed.value === null || Array.isArray(parsed.value)) {
+        return Result.err(new ValidationError({
+            message: "Tool arguments must be a JSON object",
+        }));
+    }
+    return Result.ok(parsed.value);
+};
+export const runCallCommand = async (context, options) => {
+    const argsResult = parseArgs(options.argsJson);
+    if (Result.isError(argsResult)) {
+        return argsResult;
+    }
+    const stateResult = await resolveServerState(context);
+    if (Result.isError(stateResult)) {
+        return stateResult;
+    }
+    const targetServerResult = findServerByPath(stateResult.value.servers, options.serverPath);
+    if (Result.isError(targetServerResult)) {
+        return targetServerResult;
+    }
+    const targetServer = targetServerResult.value;
+    const callResult = await context.services.mcp.callTool({
+        orgSlug: targetServer.orgSlug,
+        serverPath: targetServer.path,
+    }, stateResult.value.apiKey, options.toolName, argsResult.value);
+    if (Result.isError(callResult)) {
+        return callResult;
+    }
+    return Result.ok({
+        result: callResult.value.structuredContent,
+        serverPath: options.serverPath,
+        toolName: options.toolName,
+    });
+};

package/dist/commands/context.d.ts

@@ -0,0 +1,15 @@
+import type { OutputManager } from "../output/manager.js";
+import type { AccountService } from "../services/account.js";
+import type { AuthService } from "../services/auth.js";
+import type { McpService } from "../services/mcp.js";
+export interface CommandServices {
+    account: AccountService;
+    auth: AuthService;
+    mcp: McpService;
+}
+export interface CommandContext {
+    apiKeyOverride: string | undefined;
+    output: OutputManager;
+    services: CommandServices;
+}
+//# sourceMappingURL=context.d.ts.map

package/dist/commands/context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/commands/context.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,cAAc,CAAC;IACxB,IAAI,EAAE,WAAW,CAAC;IAClB,GAAG,EAAE,UAAU,CAAC;CACjB;AAED,MAAM,WAAW,cAAc;IAC7B,cAAc,EAAE,MAAM,GAAG,SAAS,CAAC;IACnC,MAAM,EAAE,aAAa,CAAC;IACtB,QAAQ,EAAE,eAAe,CAAC;CAC3B"}

package/dist/commands/context.js

@@ -0,0 +1 @@
+export {};

package/dist/commands/describe.d.ts

@@ -0,0 +1,4 @@
+import type { Result as ResultType } from "better-result";
+import type { DescribePayload } from "../shared/schemas.js";
+export declare const runDescribeCommand: () => ResultType<DescribePayload, never>;
+//# sourceMappingURL=describe.d.ts.map

package/dist/commands/describe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"describe.d.ts","sourceRoot":"","sources":["../../src/commands/describe.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,eAAe,CAAC;AAI1D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAiH5D,eAAO,MAAM,kBAAkB,QAAO,UAAU,CAAC,eAAe,EAAE,KAAK,CAItE,CAAC"}

package/dist/commands/describe.js

@@ -0,0 +1,94 @@
+import { Result } from "better-result";
+import { z } from "zod";
+import { zodToJsonSchema } from "zod-to-json-schema";
+const asObjectRecord = (value) => {
+    if (typeof value === "object" && value !== null) {
+        return value;
+    }
+    return {};
+};
+const toJsonSchemaObject = (schema, title) => {
+    return asObjectRecord(zodToJsonSchema(schema, title));
+};
+const commandDefinitions = () => {
+    const loginInputSchema = z.object({
+        device: z.boolean().optional(),
+    });
+    const loginOutputSchema = z.object({
+        agentName: z.string(),
+        alreadyLoggedIn: z.boolean(),
+    });
+    const serversInputSchema = z.object({
+        path: z.string().optional(),
+    });
+    const serversOutputSchema = z.object({
+        server: z
+            .object({
+            enabled: z.boolean(),
+            name: z.string(),
+            orgSlug: z.string(),
+            path: z.string(),
+        })
+            .optional(),
+        servers: z
+            .array(z.object({
+            enabled: z.boolean(),
+            name: z.string(),
+            orgSlug: z.string(),
+            path: z.string(),
+        }))
+            .optional(),
+        tools: z
+            .array(z.object({
+            description: z.string().nullable(),
+            inputSchema: z.record(z.string(), z.unknown()),
+            name: z.string(),
+        }))
+            .optional(),
+    });
+    const callInputSchema = z.object({
+        args: z.record(z.string(), z.unknown()).optional(),
+        serverPath: z.string(),
+        toolName: z.string(),
+    });
+    const callOutputSchema = z.object({
+        result: z.unknown(),
+        serverPath: z.string(),
+        toolName: z.string(),
+    });
+    const logoutOutputSchema = z.object({
+        localCredentialsDeleted: z.boolean(),
+        revoked: z.boolean(),
+    });
+    return [
+        {
+            description: "Authenticate with Ogment. Uses browser-assisted device flow by default.",
+            name: "ogment_login",
+            outputSchema: toJsonSchemaObject(loginOutputSchema, "ogmentLoginOutput"),
+            parameters: toJsonSchemaObject(loginInputSchema, "ogmentLoginInput"),
+        },
+        {
+            description: "List available servers or inspect one server's tools.",
+            name: "ogment_servers",
+            outputSchema: toJsonSchemaObject(serversOutputSchema, "ogmentServersOutput"),
+            parameters: toJsonSchemaObject(serversInputSchema, "ogmentServersInput"),
+        },
+        {
+            description: "Call a tool on a server.",
+            name: "ogment_call",
+            outputSchema: toJsonSchemaObject(callOutputSchema, "ogmentCallOutput"),
+            parameters: toJsonSchemaObject(callInputSchema, "ogmentCallInput"),
+        },
+        {
+            description: "Revoke current session and delete local credentials.",
+            name: "ogment_logout",
+            outputSchema: toJsonSchemaObject(logoutOutputSchema, "ogmentLogoutOutput"),
+            parameters: toJsonSchemaObject(z.object({}), "ogmentLogoutInput"),
+        },
+    ];
+};
+export const runDescribeCommand = () => {
+    return Result.ok({
+        tools: commandDefinitions(),
+    });
+};