@ogment-ai/cli 0.7.0 → 0.8.0

package/dist/cli.js

@@ -4,9 +4,9 @@ import { existsSync, lstatSync, mkdirSync, readFileSync, realpathSync, unlinkSyn
 import { fileURLToPath, pathToFileURL } from "node:url";
 import { execSync } from "node:child_process";
 import { join } from "node:path";
+import { createHash, randomUUID } from "node:crypto";
 import { readFile } from "node:fs/promises";
 import { homedir } from "node:os";
-import { createHash, randomUUID } from "node:crypto";
 
 //#region \0rolldown/runtime.js
 var __create = Object.create;
@@ -3061,38 +3061,6 @@ var require_commander = /* @__PURE__ */ __commonJSMin(((exports) => {
 var import_commander = /* @__PURE__ */ __toESM(require_commander(), 1);
 const { program, createCommand, createArgument, createOption, CommanderError, InvalidArgumentError, InvalidOptionArgumentError, Command, Argument, Option, Help } = import_commander.default;
 
-//#endregion
-//#region src/shared/error-codes.ts
-const ERROR_CATEGORY = {
-	auth: "auth",
-	authorization: "authorization",
-	contractMismatch: "contract_mismatch",
-	internal: "internal",
-	notFound: "not_found",
-	rateLimit: "rate_limit",
-	remote: "remote",
-	transport: "transport",
-	validation: "validation"
-};
-const ERROR_CODE = {
-	authDeviceExpired: "AUTH_DEVICE_EXPIRED",
-	authDevicePending: "AUTH_DEVICE_PENDING",
-	authInvalidCredentials: "AUTH_INVALID_CREDENTIALS",
-	authRequired: "AUTH_REQUIRED",
-	contractVersionUnsupported: "CONTRACT_VERSION_UNSUPPORTED",
-	internalUnexpected: "INTERNAL_UNEXPECTED",
-	remoteRateLimited: "REMOTE_RATE_LIMITED",
-	remoteUnavailable: "REMOTE_UNAVAILABLE",
-	toolInputSchemaViolation: "TOOL_INPUT_SCHEMA_VIOLATION",
-	toolNotFound: "TOOL_NOT_FOUND",
-	transportRequestFailed: "TRANSPORT_REQUEST_FAILED",
-	validationInvalidInput: "VALIDATION_INVALID_INPUT"
-};
-const staticErrorCodes = new Set(Object.values(ERROR_CODE));
-const isStaticErrorCode = (code) => {
-	return staticErrorCodes.has(code);
-};
-
 //#endregion
 //#region ../../node_modules/.pnpm/better-result@2.7.0/node_modules/better-result/dist/index.mjs
 /**
@@ -3806,6 +3774,65 @@ const Result = {
 	flatten
 };
 
+//#endregion
+//#region src/shared/error-codes.ts
+const ERROR_CATEGORY = {
+	auth: "auth",
+	authorization: "authorization",
+	contractMismatch: "contract_mismatch",
+	internal: "internal",
+	notFound: "not_found",
+	rateLimit: "rate_limit",
+	remote: "remote",
+	transport: "transport",
+	validation: "validation"
+};
+const ERROR_CODE = {
+	authDeviceExpired: "AUTH_DEVICE_EXPIRED",
+	authDevicePending: "AUTH_DEVICE_PENDING",
+	authInvalidCredentials: "AUTH_INVALID_CREDENTIALS",
+	authRequired: "AUTH_REQUIRED",
+	contractVersionUnsupported: "CONTRACT_VERSION_UNSUPPORTED",
+	internalUnexpected: "INTERNAL_UNEXPECTED",
+	remoteRateLimited: "REMOTE_RATE_LIMITED",
+	remoteUnavailable: "REMOTE_UNAVAILABLE",
+	toolInputSchemaViolation: "TOOL_INPUT_SCHEMA_VIOLATION",
+	toolNotFound: "TOOL_NOT_FOUND",
+	transportRequestFailed: "TRANSPORT_REQUEST_FAILED",
+	validationInvalidInput: "VALIDATION_INVALID_INPUT"
+};
+const staticErrorCodes = new Set(Object.values(ERROR_CODE));
+const isStaticErrorCode = (code) => {
+	return staticErrorCodes.has(code);
+};
+
+//#endregion
+//#region src/shared/json.ts
+const isJsonValue = (value) => {
+	if (value === null || typeof value === "boolean" || typeof value === "number" || typeof value === "string") return true;
+	if (Array.isArray(value)) return value.every((item) => isJsonValue(item));
+	if (typeof value === "object") {
+		if (value === null) return false;
+		return Object.values(value).every((item) => isJsonValue(item));
+	}
+	return false;
+};
+const isJsonObject = (value) => {
+	return typeof value === "object" && value !== null && !Array.isArray(value) && isJsonValue(value);
+};
+const toJsonValue = (value) => {
+	if (isJsonValue(value)) return value;
+	try {
+		const serialized = JSON.stringify(value);
+		if (serialized === void 0) return "[unserializable]";
+		const parsed = JSON.parse(serialized);
+		if (isJsonValue(parsed)) return parsed;
+		return "[unserializable]";
+	} catch {
+		return "[unserializable]";
+	}
+};
+
 //#endregion
 //#region src/shared/recovery.ts
 const defaultRecoveryByCode = {
@@ -3982,13 +4009,18 @@ const resolveRemoteErrorCode = (payload, diagnostics) => {
 };
 const resolveRemoteDiagnostics = (payload) => {
 	const source = payload.source ?? payload.diagnostics?.source ?? "network";
+	const httpStatus = payload.httpStatus ?? payload.status ?? payload.diagnostics?.httpStatus;
+	const mcpCode = payload.mcpCode ?? payload.diagnostics?.mcpCode;
+	const mcpData = payload.mcpData ?? payload.diagnostics?.mcpData;
+	const operation = payload.operation ?? payload.diagnostics?.operation;
+	const raw = payload.raw ?? payload.diagnostics?.raw;
 	return {
-		httpStatus: payload.httpStatus ?? payload.status ?? payload.diagnostics?.httpStatus,
-		mcpCode: payload.mcpCode ?? payload.diagnostics?.mcpCode,
-		mcpData: payload.mcpData ?? payload.diagnostics?.mcpData,
-		operation: payload.operation ?? payload.diagnostics?.operation,
-		raw: payload.raw ?? payload.diagnostics?.raw,
-		source
+		source,
+		...httpStatus === void 0 ? {} : { httpStatus },
+		...mcpCode === void 0 ? {} : { mcpCode },
+		...mcpData === void 0 ? {} : { mcpData },
+		...operation === void 0 ? {} : { operation },
+		...raw === void 0 ? {} : { raw }
 	};
 };
 const resolveRetryableRemoteError = (diagnostics, code) => {
@@ -4093,7 +4125,7 @@ const appErrorDiagnostics = (error) => {
 	if (error._tag === "NotFoundError") return { resource: error.resource };
 	if (error._tag === "UnexpectedError") {
 		if (error.cause === void 0) return {};
-		return { cause: error.cause };
+		return { cause: toJsonValue(error.cause) };
 	}
 	if (hasDetails(error) && typeof error.details === "string" && error.details.length > 0) return { details: error.details };
 	return {};
@@ -4110,58 +4142,6 @@ const formatAppError = (error) => {
 	return error.message;
 };
 
-//#endregion
-//#region src/shared/exit-codes.ts
-const EXIT_CODE = {
-	authFailed: 4,
-	authRequired: 3,
-	contractMismatch: 8,
-	internal: 9,
-	notFound: 5,
-	rateLimit: 6,
-	remote: 7,
-	success: 0,
-	validation: 2
-};
-const exitCodeForError = (error) => {
-	const { category, code } = appErrorMeta(error);
-	switch (category) {
-		case ERROR_CATEGORY.auth:
-			if (code === ERROR_CODE.authRequired) return EXIT_CODE.authRequired;
-			return EXIT_CODE.authFailed;
-		case ERROR_CATEGORY.notFound: return EXIT_CODE.notFound;
-		case ERROR_CATEGORY.rateLimit: return EXIT_CODE.rateLimit;
-		case ERROR_CATEGORY.remote:
-		case ERROR_CATEGORY.transport:
-		case ERROR_CATEGORY.authorization: return EXIT_CODE.remote;
-		case ERROR_CATEGORY.contractMismatch: return EXIT_CODE.contractMismatch;
-		case ERROR_CATEGORY.validation: return EXIT_CODE.validation;
-		case ERROR_CATEGORY.internal: return EXIT_CODE.internal;
-	}
-};
-
-//#endregion
-//#region src/commands/auth.ts
-const runAuthLoginCommand = async (context, options) => {
-	const loginOptions = (() => {
-		if (options.mode === "apiKey") return {
-			apiKey: options.apiKey,
-			mode: "apiKey"
-		};
-		return {
-			mode: "device",
-			...options.onPending === void 0 ? {} : { onPending: options.onPending }
-		};
-	})();
-	return context.services.auth.login(loginOptions);
-};
-const runAuthStatusCommand = async (context) => {
-	return context.services.auth.status(context.apiKeyOverride);
-};
-const runAuthLogoutCommand = async (context) => {
-	return context.services.auth.logout();
-};
-
 //#endregion
 //#region src/shared/guards.ts
 const formatIssues = (issues) => {
@@ -4180,22 +4160,60 @@ const parseWithSchema = (schema, payload, context, options = {}) => {
 	}));
 	return Result.ok(parsed.data);
 };
-const parseJsonUnknown = (raw, context) => {
+const parseJsonValue = (raw, context) => {
 	return Result.try({
-		catch: () => new ValidationError({
-			details: raw,
-			message: `Invalid JSON in ${context}`
-		}),
+		catch: () => {
+			return new ValidationError({
+				details: raw,
+				message: `Invalid JSON in ${context}`
+			});
+		},
 		try: () => {
-			return JSON.parse(raw);
+			return toJsonValue(JSON.parse(raw));
 		}
 	});
 };
 const isRecord$1 = (value) => {
 	return typeof value === "object" && value !== null;
 };
-const isPlainObject$2 = (value) => {
-	return isRecord$1(value) && !Array.isArray(value);
+
+//#endregion
+//#region src/shared/remote-error-details.ts
+const parseJsonDetails = (raw) => {
+	const parsed = parseJsonValue(raw, "remote error payload");
+	if (Result.isError(parsed)) return null;
+	const details = parseRemoteErrorDetails(parsed.value);
+	if (details.message === void 0 && details.mcpCode === void 0 && details.data === void 0) return null;
+	return details;
+};
+const parseRemoteErrorDetails = (payload) => {
+	if (typeof payload === "string") {
+		const trimmed = payload.trim();
+		if (trimmed.length === 0) return {};
+		const fromFullJson = parseJsonDetails(trimmed);
+		if (fromFullJson !== null) return fromFullJson;
+		const firstBraceIndex = trimmed.indexOf("{");
+		if (firstBraceIndex > 0) {
+			const fromEmbeddedJson = parseJsonDetails(trimmed.slice(firstBraceIndex));
+			if (fromEmbeddedJson !== null) return fromEmbeddedJson;
+		}
+		return { message: trimmed };
+	}
+	if (!isRecord$1(payload)) return {};
+	const directCode = payload["code"];
+	const directMessage = payload["message"];
+	if (typeof directCode === "number" || typeof directMessage === "string") return {
+		...typeof directCode === "number" ? { mcpCode: directCode } : {},
+		...typeof directMessage === "string" ? { message: directMessage } : {},
+		...Object.hasOwn(payload, "data") ? { data: toJsonValue(payload["data"]) } : {}
+	};
+	const nestedError = payload["error"];
+	if (!isRecord$1(nestedError)) return {};
+	return {
+		...typeof nestedError["code"] === "number" ? { mcpCode: nestedError["code"] } : {},
+		...typeof nestedError["message"] === "string" ? { message: nestedError["message"] } : {},
+		...Object.hasOwn(nestedError, "data") ? { data: toJsonValue(nestedError["data"]) } : {}
+	};
 };
 
 //#endregion
@@ -4213,37 +4231,24 @@ const sanitizeRemoteMessage = (value) => {
 	const normalized = trimmed.replace(/^[\w]+Error:\s*/u, "").trim();
 	return normalized.length > 0 ? normalized : void 0;
 };
-const extractMessageFromRecord = (record) => {
-	if (typeof record["message"] === "string") return sanitizeRemoteMessage(record["message"]);
-	const nested = record["error"];
-	if (isRecord$1(nested) && typeof nested["message"] === "string") return sanitizeRemoteMessage(nested["message"]);
-};
-const extractMessageFromBody = (body) => {
-	if (typeof body !== "string" || body.length === 0) return;
-	const parsed = (() => {
-		try {
-			return JSON.parse(body);
-		} catch {
-			return null;
-		}
-	})();
-	if (isRecord$1(parsed)) {
-		const fromParsed = extractMessageFromRecord(parsed);
-		if (fromParsed !== void 0) return fromParsed;
+const extractNormalizedRemoteMessage = (payload) => {
+	const details = parseRemoteErrorDetails(payload);
+	if (details.message !== void 0) {
+		const normalized = sanitizeRemoteMessage(details.message);
+		if (normalized !== void 0) return normalized;
 	}
-	return sanitizeRemoteMessage(body);
+	if (typeof payload === "string") return sanitizeRemoteMessage(payload);
 };
 const extractRemoteUserMessage = (error) => {
 	if (error.source !== "mcp_transport_http" && error.source !== "mcp_jsonrpc") return;
-	if (isRecord$1(error.raw)) {
-		const fromRaw = extractMessageFromRecord(error.raw);
-		if (fromRaw !== void 0) return fromRaw;
-	}
-	const fromBody = extractMessageFromBody(error.body);
-	if (fromBody !== void 0) return fromBody;
-	if (typeof error.mcpData === "string") {
-		const fromData = sanitizeRemoteMessage(error.mcpData);
-		if (fromData !== void 0) return fromData;
+	for (const payload of [
+		error.raw,
+		error.body,
+		error.mcpData
+	]) {
+		if (payload === void 0) continue;
+		const message = extractNormalizedRemoteMessage(payload);
+		if (message !== void 0) return message;
 	}
 };
 const resolvePrimaryCode = (error) => {
@@ -4306,36 +4311,306 @@ const presentCatalogFailureError = (error, options) => {
 	};
 };
 
+//#endregion
+//#region src/output/envelope.ts
+const createEnvelopeBuilder = (deps = {}) => {
+	const createRequestId = deps.createRequestId ?? randomUUID;
+	const now = deps.now ?? (() => /* @__PURE__ */ new Date());
+	const toMeta = (context) => {
+		const base = { command: context.command };
+		if (context.pagination !== void 0) return {
+			...base,
+			pagination: context.pagination,
+			...context.includeDebug === true ? {
+				entity: context.entity ?? null,
+				requestId: createRequestId(),
+				timestamp: now().toISOString()
+			} : {}
+		};
+		return {
+			...base,
+			...context.includeDebug === true ? {
+				entity: context.entity ?? null,
+				requestId: createRequestId(),
+				timestamp: now().toISOString()
+			} : {}
+		};
+	};
+	return {
+		error: (error, context) => {
+			return {
+				data: null,
+				error: presentRuntimeErrorPayload(error, {
+					...context.diagnostics === void 0 ? {} : { contextDiagnostics: context.diagnostics },
+					includeDebug: context.includeDebug === true
+				}),
+				meta: toMeta(context),
+				next_actions: context.nextActions ?? [],
+				ok: false
+			};
+		},
+		parseError: (payload, context) => {
+			return {
+				data: null,
+				error: payload,
+				meta: toMeta(context),
+				next_actions: context.nextActions ?? [],
+				ok: false
+			};
+		},
+		success: (data, context) => {
+			return {
+				data,
+				error: null,
+				meta: toMeta(context),
+				next_actions: context.nextActions ?? [],
+				ok: true
+			};
+		}
+	};
+};
+
+//#endregion
+//#region src/output/manager.ts
+const toJson = (value) => {
+	return `${JSON.stringify(value, null, 2)}\n`;
+};
+const toMinimalEnvelope = (envelope) => {
+	return {
+		data: envelope.data,
+		error: envelope.error,
+		ok: envelope.ok
+	};
+};
+const mergeNextActions = (recovery, contextActions) => {
+	const merged = [...recovery === void 0 || recovery === null ? [] : [recovery], ...contextActions ?? []];
+	const deduped = [];
+	const seen = /* @__PURE__ */ new Set();
+	for (const action of merged) {
+		const key = `${action.id}::${action.command}`;
+		if (seen.has(key)) continue;
+		seen.add(key);
+		deduped.push(action);
+	}
+	return deduped;
+};
+var OutputManager = class {
+	#envelopeBuilder;
+	#mode;
+	#debug = false;
+	#stderr;
+	#stdout;
+	constructor(deps = {}) {
+		this.#stderr = deps.stderr ?? process.stderr;
+		this.#stdout = deps.stdout ?? process.stdout;
+		this.#mode = "json";
+		this.#envelopeBuilder = createEnvelopeBuilder({
+			...deps.createRequestId === void 0 ? {} : { createRequestId: deps.createRequestId },
+			...deps.now === void 0 ? {} : { now: deps.now }
+		});
+	}
+	configure(options) {
+		this.#mode = options.quiet ? "quiet" : "json";
+		this.#debug = options.debug;
+	}
+	get mode() {
+		return this.#mode;
+	}
+	get debug() {
+		return this.#debug;
+	}
+	error(error, options) {
+		const envelope = this.#envelopeBuilder.error(error, {
+			...options,
+			includeDebug: this.#debug,
+			nextActions: mergeNextActions(appErrorMeta(error).recovery, options.nextActions)
+		});
+		if (this.#mode === "json") {
+			this.#stdout.write(toJson(envelope));
+			return envelope;
+		}
+		this.#stdout.write(toJson(toMinimalEnvelope(envelope)));
+		return envelope;
+	}
+	parseError(payload, options) {
+		const envelope = this.#envelopeBuilder.parseError(payload, {
+			...options,
+			includeDebug: this.#debug
+		});
+		if (this.#mode === "json") {
+			this.#stdout.write(toJson(envelope));
+			return envelope;
+		}
+		this.#stdout.write(toJson(toMinimalEnvelope(envelope)));
+		return envelope;
+	}
+	info(message) {
+		if (this.#debug) this.#stderr.write(`${message}\n`);
+	}
+	success(data, options) {
+		const envelope = this.#envelopeBuilder.success(data, {
+			...options,
+			includeDebug: this.#debug
+		});
+		if (this.#mode === "json") {
+			this.#stdout.write(toJson(envelope));
+			return;
+		}
+		this.#stdout.write(toJson(toMinimalEnvelope(envelope)));
+	}
+	writeStdout(chunk) {
+		this.#stdout.write(chunk);
+	}
+};
+
+//#endregion
+//#region src/shared/exit-codes.ts
+const EXIT_CODE = {
+	authFailed: 4,
+	authRequired: 3,
+	contractMismatch: 8,
+	internal: 9,
+	notFound: 5,
+	rateLimit: 6,
+	remote: 7,
+	success: 0,
+	validation: 2
+};
+const exitCodeForError = (error) => {
+	const { category, code } = appErrorMeta(error);
+	switch (category) {
+		case ERROR_CATEGORY.auth:
+			if (code === ERROR_CODE.authRequired) return EXIT_CODE.authRequired;
+			return EXIT_CODE.authFailed;
+		case ERROR_CATEGORY.notFound: return EXIT_CODE.notFound;
+		case ERROR_CATEGORY.rateLimit: return EXIT_CODE.rateLimit;
+		case ERROR_CATEGORY.remote:
+		case ERROR_CATEGORY.transport:
+		case ERROR_CATEGORY.authorization: return EXIT_CODE.remote;
+		case ERROR_CATEGORY.contractMismatch: return EXIT_CODE.contractMismatch;
+		case ERROR_CATEGORY.validation: return EXIT_CODE.validation;
+		case ERROR_CATEGORY.internal: return EXIT_CODE.internal;
+	}
+};
+
+//#endregion
+//#region src/commands/auth.ts
+const runAuthLoginCommand = async (context, options) => {
+	const loginOptions = (() => {
+		if (options.mode === "apiKey") return {
+			apiKey: options.apiKey,
+			mode: "apiKey"
+		};
+		return {
+			mode: "device",
+			...options.onPending === void 0 ? {} : { onPending: options.onPending }
+		};
+	})();
+	return context.services.auth.login(loginOptions);
+};
+const runAuthStatusCommand = async (context) => {
+	return context.services.auth.status(context.apiKeyOverride);
+};
+const runAuthLogoutCommand = async (context) => {
+	return context.services.auth.logout();
+};
+
 //#endregion
 //#region src/commands/server-context.ts
+const formatCandidateSelectors = (profile, path) => {
+	return profile.orgs.flatMap((org) => {
+		return org.servers.filter((server) => server.path === path).map((server) => `${org.orgSlug}/${server.path}`);
+	});
+};
+const parseQualifiedSelector = (selector) => {
+	const firstSlash = selector.indexOf("/");
+	if (firstSlash <= 0 || firstSlash >= selector.length - 1) return null;
+	return {
+		orgSlug: selector.slice(0, firstSlash),
+		serverPath: selector.slice(firstSlash + 1)
+	};
+};
+const findByOrgAndPath = (profile, orgSlug, path) => {
+	for (const org of profile.orgs) {
+		if (org.orgSlug !== orgSlug) continue;
+		const server = org.servers.find((item) => item.path === path);
+		if (server !== void 0) return {
+			orgSlug: org.orgSlug,
+			server
+		};
+	}
+	return null;
+};
 const resolveServerState = async (context) => {
 	const apiKeyResult = await context.services.auth.resolveApiKey(context.apiKeyOverride);
 	if (Result.isError(apiKeyResult)) return apiKeyResult;
-	const serversResult = await context.services.account.listServers(apiKeyResult.value);
-	if (Result.isError(serversResult)) return serversResult;
+	const accountResult = await context.services.account.fetchAccount(apiKeyResult.value);
+	if (Result.isError(accountResult)) return accountResult;
 	return Result.ok({
 		apiKey: apiKeyResult.value,
-		servers: serversResult.value
+		profile: accountResult.value
 	});
 };
-const findServerByPath = (servers, path) => {
-	const server = servers.find((item) => item.path === path);
-	if (server === void 0) return Result.err(new NotFoundError({
-		message: `Server "${path}" not found`,
-		resource: path
+const findServerByPath = (profile, selector, options) => {
+	if (options.orgSlug !== void 0) {
+		const scoped = findByOrgAndPath(profile, options.orgSlug, selector);
+		if (scoped !== null) return Result.ok({
+			orgSlug: scoped.orgSlug,
+			server: scoped.server
+		});
+		return Result.err(new NotFoundError({
+			message: `Server "${selector}" not found in organization "${options.orgSlug}"`,
+			resource: `${options.orgSlug}/${selector}`
+		}));
+	}
+	const pathMatches = formatCandidateSelectors(profile, selector);
+	if (pathMatches.length === 1) {
+		const [candidate] = pathMatches;
+		if (candidate === void 0) return Result.err(new NotFoundError({
+			message: `Server "${selector}" not found`,
+			resource: selector
+		}));
+		const qualified = parseQualifiedSelector(candidate);
+		if (qualified === null) return Result.err(new NotFoundError({
+			message: `Server "${selector}" not found`,
+			resource: selector
+		}));
+		const resolved = findByOrgAndPath(profile, qualified.orgSlug, qualified.serverPath);
+		if (resolved !== null) return Result.ok(resolved);
+	}
+	if (pathMatches.length > 1) {
+		const sortedCandidates = pathMatches.toSorted();
+		const [firstCandidate] = sortedCandidates;
+		if (firstCandidate !== void 0) {
+			const firstCandidateParsed = parseQualifiedSelector(firstCandidate);
+			const message = options.selectorKind === "invoke" ? `Server "${selector}" is ambiguous across organizations (${sortedCandidates.join(", ")}). Re-run with --org <org-slug>.` : `Server "${selector}" is ambiguous across organizations (${sortedCandidates.join(", ")}). Use a qualified selector like "${firstCandidate}".`;
+			const recoveryCommand = options.selectorKind === "invoke" ? options.toolName === void 0 ? "ogment invoke --help" : firstCandidateParsed === null ? "ogment invoke --help" : `ogment invoke --org ${firstCandidateParsed.orgSlug} ${selector} ${options.toolName}` : `ogment catalog ${firstCandidate}`;
+			return Result.err(new ValidationError({
+				message,
+				recovery: { command: recoveryCommand }
+			}));
+		}
+	}
+	const qualifiedSelector = parseQualifiedSelector(selector);
+	if (qualifiedSelector !== null) {
+		const qualifiedMatch = findByOrgAndPath(profile, qualifiedSelector.orgSlug, qualifiedSelector.serverPath);
+		if (qualifiedMatch !== null) return Result.ok(qualifiedMatch);
+	}
+	return Result.err(new NotFoundError({
+		message: `Server "${selector}" not found`,
+		resource: selector
 	}));
-	return Result.ok(server);
 };
 
 //#endregion
 //#region src/commands/catalog.ts
-const toServerSummary = (server, toolCount) => {
+const toServerSummary = (target, toolCount) => {
 	return {
 		capabilities: [],
-		description: server.description,
-		name: server.name,
-		orgSlug: server.orgSlug,
-		serverId: server.path,
+		description: target.server.description,
+		name: target.server.name,
+		orgSlug: target.orgSlug,
+		serverId: target.server.path,
 		toolCount,
 		version: null
 	};
@@ -4343,7 +4618,7 @@ const toServerSummary = (server, toolCount) => {
 const toToolSummaries = (tools) => {
 	return tools.map((tool) => {
 		return {
-			description: tool.description,
+			description: tool.description ?? null,
 			name: tool.name
 		};
 	});
@@ -4351,7 +4626,7 @@ const toToolSummaries = (tools) => {
 const listServerTools = async (context, apiKey, server) => {
 	return context.services.mcp.listTools({
 		orgSlug: server.orgSlug,
-		serverPath: server.path
+		serverPath: server.server.path
 	}, apiKey);
 };
 const TOOL_COUNT_CONCURRENCY = 4;
@@ -4359,7 +4634,7 @@ const toCatalogServerFailure = (server, error, includeDebug) => {
 	return {
 		error: presentCatalogFailureError(error, { includeDebug }),
 		orgSlug: server.orgSlug,
-		serverId: server.path
+		serverId: server.server.path
 	};
 };
 const mapWithConcurrency = async (items, concurrency, mapItem) => {
@@ -4384,11 +4659,19 @@ const mapWithConcurrency = async (items, concurrency, mapItem) => {
 const runCatalogCommand = async (context, options) => {
 	const stateResult = await resolveServerState(context);
 	if (Result.isError(stateResult)) return stateResult;
-	let targetServers = stateResult.value.servers;
+	let targetServers = stateResult.value.profile.orgs.flatMap((org) => {
+		return org.servers.map((server) => ({
+			orgSlug: org.orgSlug,
+			server
+		}));
+	});
 	if (options.serverId !== void 0) {
-		const serverResult = findServerByPath(stateResult.value.servers, options.serverId);
+		const serverResult = findServerByPath(stateResult.value.profile, options.serverId, { selectorKind: "catalog" });
 		if (Result.isError(serverResult)) return serverResult;
-		targetServers = [serverResult.value];
+		targetServers = [{
+			orgSlug: serverResult.value.orgSlug,
+			server: serverResult.value.server
+		}];
 	}
 	const serverSummaries = await mapWithConcurrency(targetServers, TOOL_COUNT_CONCURRENCY, async (server) => {
 		return {
@@ -4433,21 +4716,29 @@ const runCatalogCommand = async (context, options) => {
 const runCatalogToolsCommand = async (context, options) => {
 	const stateResult = await resolveServerState(context);
 	if (Result.isError(stateResult)) return stateResult;
-	const serverResult = findServerByPath(stateResult.value.servers, options.serverId);
+	const serverResult = findServerByPath(stateResult.value.profile, options.serverId, { selectorKind: "catalog" });
 	if (Result.isError(serverResult)) return serverResult;
-	const toolsResult = await listServerTools(context, stateResult.value.apiKey, serverResult.value);
+	const targetServer = {
+		orgSlug: serverResult.value.orgSlug,
+		server: serverResult.value.server
+	};
+	const toolsResult = await listServerTools(context, stateResult.value.apiKey, targetServer);
 	if (Result.isError(toolsResult)) return toolsResult;
 	return Result.ok({
-		server: toServerSummary(serverResult.value, toolsResult.value.length),
+		server: toServerSummary(targetServer, toolsResult.value.length),
 		tools: toToolSummaries(toolsResult.value)
 	});
 };
 const runCatalogToolDetailsCommand = async (context, options) => {
 	const stateResult = await resolveServerState(context);
 	if (Result.isError(stateResult)) return stateResult;
-	const serverResult = findServerByPath(stateResult.value.servers, options.serverId);
+	const serverResult = findServerByPath(stateResult.value.profile, options.serverId, { selectorKind: "catalog" });
 	if (Result.isError(serverResult)) return serverResult;
-	const toolsResult = await listServerTools(context, stateResult.value.apiKey, serverResult.value);
+	const targetServer = {
+		orgSlug: serverResult.value.orgSlug,
+		server: serverResult.value.server
+	};
+	const toolsResult = await listServerTools(context, stateResult.value.apiKey, targetServer);
 	if (Result.isError(toolsResult)) return toolsResult;
 	const tool = toolsResult.value.find((item) => item.name === options.toolName);
 	if (tool === void 0) return Result.err(new NotFoundError({
@@ -4455,18 +4746,18 @@ const runCatalogToolDetailsCommand = async (context, options) => {
 		resource: options.toolName
 	}));
 	return Result.ok({
-		description: tool.description,
+		description: tool.description ?? null,
 		inputSchema: tool.inputSchema,
 		name: tool.name,
 		outputSchema: tool.outputSchema ?? null,
-		server: toServerSummary(serverResult.value, toolsResult.value.length)
+		server: toServerSummary(targetServer, toolsResult.value.length)
 	});
 };
 
 //#endregion
 //#region src/commands/invoke.ts
 const mapInputFileReadError = (inputFile, cause) => {
-	const code = isRecord$1(cause) && typeof cause["code"] === "string" ? cause["code"] : void 0;
+	const code = cause instanceof Error && "code" in cause && typeof cause.code === "string" ? cause.code : void 0;
 	if (code === "ENOENT") return new ValidationError({ message: `Input file not found: ${inputFile}` });
 	if (code === "EACCES" || code === "EPERM") return new ValidationError({ message: `Input file is not readable: ${inputFile}` });
 	if (code === "EISDIR") return new ValidationError({ message: `Input path must be a file: ${inputFile}` });
@@ -4475,62 +4766,22 @@ const mapInputFileReadError = (inputFile, cause) => {
 		message: `Failed to read input file: ${inputFile}`
 	});
 };
-const parseToolErrorDetails = (payload) => {
-	if (typeof payload === "string") {
-		const trimmed = payload.trim();
-		if (trimmed.length === 0) return {};
-		const parseJsonDetails = (raw) => {
-			const parsed = parseJsonUnknown(raw, "tool error payload");
-			if (Result.isError(parsed)) return;
-			const details = parseToolErrorDetails(parsed.value);
-			if (details.message !== void 0 || details.mcpCode !== void 0 || details.mcpData !== void 0) return details;
-		};
-		const fromFullJson = parseJsonDetails(trimmed);
-		if (fromFullJson !== void 0) return fromFullJson;
-		const firstBraceIndex = trimmed.indexOf("{");
-		if (firstBraceIndex > 0) {
-			const fromEmbeddedJson = parseJsonDetails(trimmed.slice(firstBraceIndex));
-			if (fromEmbeddedJson !== void 0) return fromEmbeddedJson;
-		}
-		return { message: trimmed };
-	}
-	if (typeof payload !== "object" || payload === null) return {};
-	if (!isRecord$1(payload)) return {};
-	const record = payload;
-	const directCode = record["code"];
-	const directMessage = record["message"];
-	if (typeof directCode === "number" || typeof directMessage === "string") return {
-		...typeof directCode === "number" ? { mcpCode: directCode } : {},
-		...typeof directMessage === "string" ? { message: directMessage } : {},
-		...Object.hasOwn(record, "data") ? { mcpData: record["data"] } : {}
-	};
-	const nestedError = record["error"];
-	if (!isRecord$1(nestedError)) return {};
-	const nestedRecord = nestedError;
-	return {
-		...typeof nestedRecord["code"] === "number" ? { mcpCode: nestedRecord["code"] } : {},
-		...typeof nestedRecord["message"] === "string" ? { message: nestedRecord["message"] } : {},
-		...Object.hasOwn(nestedRecord, "data") ? { mcpData: nestedRecord["data"] } : {}
-	};
-};
-const parseTarget = (target) => {
-	const separatorIndex = target.lastIndexOf("/");
-	if (separatorIndex <= 0 || separatorIndex >= target.length - 1) return Result.err(new ValidationError({
-		details: target,
-		message: "Invoke target must be in format <server-id>/<tool-name>"
-	}));
-	const serverId = target.slice(0, separatorIndex);
-	const toolName = target.slice(separatorIndex + 1);
-	return Result.ok({
-		serverId,
-		toolName
-	});
-};
 const parseInputObject = (raw, context) => {
-	const parsed = parseJsonUnknown(raw, context);
+	const parsed = parseJsonValue(raw, context);
 	if (Result.isError(parsed)) return parsed;
-	if (!isPlainObject$2(parsed.value)) return Result.err(new ValidationError({ message: "Invoke input must be a JSON object" }));
-	return Result.ok(parsed.value);
+	const parsedValue = parsed.value;
+	if (!isJsonObject(parsedValue)) return Result.err(new ValidationError({ message: "Invoke input must be a JSON object" }));
+	return Result.ok(parsedValue);
+};
+const toToolCallStructuredContent = (result) => {
+	if (result.structuredContent !== void 0) return toJsonValue(result.structuredContent);
+	const firstContent = (Array.isArray(result.content) ? result.content : [])[0];
+	if (firstContent !== void 0 && firstContent.type === "text" && typeof firstContent.text === "string") {
+		const parsedText = parseJsonValue(firstContent.text, "MCP text content");
+		if (Result.isError(parsedText)) return firstContent.text;
+		return parsedText.value;
+	}
+	return toJsonValue(result);
 };
 const readStdin = async () => {
 	return Result.tryPromise({
@@ -4578,55 +4829,57 @@ const parseInvokeArgs = async (options, deps) => {
 	return parseInputObject(options.input, "--input");
 };
 const runInvokeCommand = async (context, options, deps = {}) => {
-	const targetResult = parseTarget(options.target);
-	if (Result.isError(targetResult)) return targetResult;
 	const argsResult = await parseInvokeArgs(options, deps);
 	if (Result.isError(argsResult)) return argsResult;
 	const stateResult = await resolveServerState(context);
 	if (Result.isError(stateResult)) return stateResult;
-	const serverResult = findServerByPath(stateResult.value.servers, targetResult.value.serverId);
+	const serverResult = findServerByPath(stateResult.value.profile, options.serverId, {
+		...options.orgSlug === void 0 ? {} : { orgSlug: options.orgSlug },
+		selectorKind: "invoke",
+		toolName: options.toolName
+	});
 	if (Result.isError(serverResult)) return serverResult;
 	const mcpTarget = {
 		orgSlug: serverResult.value.orgSlug,
-		serverPath: serverResult.value.path
+		serverPath: serverResult.value.server.path
 	};
-	const callResult = await context.services.mcp.callTool(mcpTarget, stateResult.value.apiKey, targetResult.value.toolName, argsResult.value);
+	const callResult = await context.services.mcp.callTool(mcpTarget, stateResult.value.apiKey, options.toolName, argsResult.value);
 	if (Result.isError(callResult)) {
 		if (callResult.error._tag === "RemoteRequestError") {
 			const toolsResult = await context.services.mcp.listTools(mcpTarget, stateResult.value.apiKey);
 			if (Result.isOk(toolsResult)) {
-				if (!toolsResult.value.some((tool) => tool.name === targetResult.value.toolName)) return Result.err(new NotFoundError({
-					message: `Tool "${targetResult.value.toolName}" not found`,
-					resource: targetResult.value.toolName
+				if (!toolsResult.value.some((tool) => tool.name === options.toolName)) return Result.err(new NotFoundError({
+					message: `Tool "${options.toolName}" not found`,
+					resource: options.toolName
 				}));
 			}
 		}
 		return callResult;
 	}
+	const structuredContent = toToolCallStructuredContent(callResult.value);
 	if (callResult.value.isError) {
-		const details = parseToolErrorDetails(callResult.value.structuredContent);
+		const details = parseRemoteErrorDetails(structuredContent);
 		return Result.err(new RemoteRequestError({
 			...details.mcpCode === void 0 ? {} : { mcpCode: details.mcpCode },
-			...details.mcpData === void 0 ? {} : { mcpData: details.mcpData },
+			...details.data === void 0 ? {} : { mcpData: details.data },
 			message: details.message ?? "MCP tool call returned an error result",
 			operation: "tools/call",
-			raw: callResult.value.structuredContent,
+			raw: structuredContent,
 			retryable: false,
 			source: "mcp_jsonrpc"
 		}));
 	}
 	return Result.ok({
-		result: callResult.value.structuredContent,
-		serverId: targetResult.value.serverId,
-		toolName: targetResult.value.toolName
+		result: structuredContent,
+		serverId: options.serverId,
+		toolName: options.toolName
 	});
 };
 
 //#endregion
 //#region src/commands/status.ts
 const runStatusCommand = async (options, deps) => {
-	const payload = await deps.infoService.collect(options.apiKeyOverride);
-	return Result.ok(payload);
+	return deps.infoService.collect(options.apiKeyOverride, { includeDebug: options.debug });
 };
 
 //#endregion
@@ -4650,8 +4903,8 @@ const deriveType = (schema) => {
 	if (isRecord(schema["properties"])) return "object";
 	if (schema["items"] !== void 0) return "array";
 };
-const baseScalarExample = (typeName) => {
-	switch (typeName) {
+const baseScalarExample = (_typeName) => {
+	switch (_typeName) {
 		case "string": return EXAMPLE_PLACEHOLDER;
 		case "integer": return EXAMPLE_PLACEHOLDER;
 		case "number": return EXAMPLE_PLACEHOLDER;
@@ -4726,11 +4979,34 @@ const cliCommands = {
 		return `ogment ${scope} --help`;
 	},
 	invoke: {
-		command: (target) => `ogment invoke ${target}`,
-		inlineJson: (target) => `ogment invoke ${target} --input <json>`,
-		stdin: (target) => `ogment invoke ${target} --input -`,
-		withInputValue: (target, value) => {
-			return `ogment invoke ${target} --input ${value}`;
+		command: (serverId, toolName, orgSlug) => [
+			"ogment invoke",
+			...orgSlug === void 0 ? [] : [`--org ${orgSlug}`],
+			serverId,
+			toolName
+		].join(" "),
+		inlineJson: (serverId, toolName, orgSlug) => [
+			"ogment invoke",
+			...orgSlug === void 0 ? [] : [`--org ${orgSlug}`],
+			serverId,
+			toolName,
+			"--input <json>"
+		].join(" "),
+		stdin: (serverId, toolName, orgSlug) => [
+			"ogment invoke",
+			...orgSlug === void 0 ? [] : [`--org ${orgSlug}`],
+			serverId,
+			toolName,
+			"--input -"
+		].join(" "),
+		withInputValue: (serverId, toolName, value, orgSlug) => {
+			return [
+				"ogment invoke",
+				...orgSlug === void 0 ? [] : [`--org ${orgSlug}`],
+				serverId,
+				toolName,
+				`--input ${value}`
+			].join(" ");
 		}
 	},
 	root: {
@@ -4743,7 +5019,7 @@ const cliCommands = {
 				"catalog",
 				"catalog <server-id>",
 				"catalog <server-id> <tool-name>",
-				"invoke <server-id>/<tool-name>",
+				"invoke <server-id> <tool-name>",
 				"status"
 			];
 		},
@@ -4796,7 +5072,7 @@ const nextActionsForCatalogSummary = (payload, context) => {
 	if (targetServer !== void 0) actions.push(nextAction("inspect_tools", "Inspect tools", cliCommands.catalog.server(targetServer.serverId), `${targetServer.serverId} has ${targetServer.toolCount} available tools.`, "if_tool_count_gt_0"));
 	if (context.nextCursor !== null) actions.push(nextAction("next_catalog_page", "Load next page", cliCommands.catalog.summary({
 		cursor: context.nextCursor,
-		limit: context.limit ?? void 0
+		...context.limit === null ? {} : { limit: context.limit }
 	}), `More servers are available after cursor ${context.nextCursor}.`, "if_more_servers"));
 	return actions;
 };
@@ -4811,7 +5087,7 @@ const toInlineJsonTemplateArgument = (value) => {
 };
 const nextActionsForCatalogToolDetails = (payload, exampleInput) => {
 	const inputArgument = toInlineJsonTemplateArgument(exampleInput);
-	return [nextAction("invoke_tool", "Invoke this tool", cliCommands.invoke.withInputValue(`${payload.server.serverId}/${payload.name}`, inputArgument), `Replace every ... placeholder with real JSON values, then invoke ${payload.server.serverId}/${payload.name}.`, "after_tool_inspection")];
+	return [nextAction("invoke_tool", "Invoke this tool", cliCommands.invoke.withInputValue(payload.server.serverId, payload.name, inputArgument), `Replace every ... placeholder with real JSON values, then invoke ${payload.server.serverId} ${payload.name}.`, "after_tool_inspection")];
 };
 const nextActionsForInvoke = (payload) => {
 	return [nextAction("inspect_tool", "Inspect tool schema", cliCommands.catalog.tool(payload.serverId, payload.toolName, { example: false }), `Review ${payload.serverId}/${payload.toolName} schema for the next invocation.`, "after_invoke")];
@@ -4820,15 +5096,12 @@ const nextActionsForStatus = (payload) => {
 	if (!payload.auth.apiKeyPresent) return [nextAction("login", "Authenticate", cliCommands.auth.login(), "Status detected no API key; authenticate first.", "immediate")];
 	return [nextAction("discover_servers", "Discover servers", cliCommands.catalog.command(), `Connectivity is ${payload.summary.status}; discover available servers.`, "after_status")];
 };
-const runLoginFlow = async (runtime, mode, apiKey) => {
-	const { commandOptions, invokedCommand } = (() => {
-		if (mode === "api_key") return {
-			commandOptions: {
-				apiKey: apiKey ?? "",
-				mode: "apiKey"
-			},
-			invokedCommand: cliCommands.auth.loginWithApiKeyRedacted()
-		};
+const runLoginFlow = async (runtime, options) => {
+	const { commandOptions, invokedCommand, mode } = options.mode === "apiKey" ? {
+		commandOptions: options,
+		invokedCommand: cliCommands.auth.loginWithApiKeyRedacted(),
+		mode: "apiKey"
+	} : (() => {
 		const deviceCommand = cliCommands.auth.login();
 		return {
 			commandOptions: {
@@ -4846,7 +5119,7 @@ const runLoginFlow = async (runtime, mode, apiKey) => {
 						command: deviceCommand,
 						entity: {
 							event: "auth_login.pending",
-							mode,
+							mode: "device",
 							verification: {
 								userCode,
 								verificationUri
@@ -4856,7 +5129,8 @@ const runLoginFlow = async (runtime, mode, apiKey) => {
 					});
 				}
 			},
-			invokedCommand: deviceCommand
+			invokedCommand: deviceCommand,
+			mode: "device"
 		};
 	})();
 	const data = ensureSuccess(await runAuthLoginCommand(runtime.context, commandOptions), runtime, {
@@ -4881,10 +5155,13 @@ const runLoginFlow = async (runtime, mode, apiKey) => {
 };
 const executeAuthLoginInvocation = async (runtime, invocation) => {
 	if (invocation.apiKey !== void 0) {
-		await runLoginFlow(runtime, "api_key", invocation.apiKey);
+		await runLoginFlow(runtime, {
+			apiKey: invocation.apiKey,
+			mode: "apiKey"
+		});
 		return;
 	}
-	await runLoginFlow(runtime, "device");
+	await runLoginFlow(runtime, { mode: "device" });
 };
 const executeAuthStatusInvocation = async (runtime) => {
 	const command = cliCommands.auth.status();
@@ -4901,144 +5178,177 @@ const executeAuthStatusInvocation = async (runtime) => {
 const executeAuthLogoutInvocation = async (runtime) => {
 	const command = cliCommands.auth.logout();
 	const data = ensureSuccess(await runAuthLogoutCommand(runtime.context), runtime, { command });
-	runtime.output.success(data, {
-		command,
-		entity: {
-			localCredentialsDeleted: data.localCredentialsDeleted,
-			revoked: data.revoked
-		},
-		nextActions: [nextAction("login", "Authenticate again", cliCommands.auth.login(), "Logout completed; authenticate again before further tool calls.", "after_logout")]
-	});
-};
-const executeCatalogInvocation = async (runtime, invocation) => {
-	const parsedLimit = invocation.limit;
-	if (invocation.serverId === void 0) {
-		if (invocation.example) throw new ValidationError({
-			details: "--example without <server-id> <tool-name>",
-			message: "Invalid catalog options. --example requires <server-id> <tool-name>.",
-			recovery: { command: cliCommands.catalog.command() }
-		});
-		const command = cliCommands.catalog.summary({
-			cursor: invocation.cursor,
-			limit: parsedLimit
-		});
-		const data = ensureSuccess(await runCatalogCommand(runtime.context, {
-			cursor: invocation.cursor,
-			includeDebug: runtime.output.debug,
-			limit: parsedLimit
-		}), runtime, {
-			command,
-			entity: {
-				cursor: invocation.cursor ?? null,
-				limit: parsedLimit ?? null
-			}
-		});
-		const outputData = {
-			failures: data.failures,
-			servers: data.servers
-		};
-		runtime.output.success(outputData, {
-			command,
-			entity: {
-				cursor: invocation.cursor ?? null,
-				failedServerCount: data.failures.length,
-				limit: parsedLimit ?? null,
-				serverCount: data.servers.length
-			},
-			nextActions: nextActionsForCatalogSummary(outputData, {
-				limit: parsedLimit ?? null,
-				nextCursor: data.nextCursor
-			}),
-			pagination: { nextCursor: data.nextCursor }
-		});
-		return;
-	}
-	if (invocation.toolName === void 0) {
-		if (invocation.cursor !== void 0 || parsedLimit !== void 0) throw new ValidationError({
-			details: `${invocation.cursor === void 0 ? "" : `--cursor ${invocation.cursor} `}${parsedLimit === void 0 ? "" : `--limit ${parsedLimit}`}`.trim(),
-			message: "Invalid catalog options. --cursor and --limit are only valid for `ogment catalog`.",
-			recovery: { command: cliCommands.catalog.command() }
-		});
-		if (invocation.example) throw new ValidationError({
-			details: `--example without tool name for ${invocation.serverId}`,
-			message: "Invalid catalog options. --example requires <tool-name>.",
-			recovery: { command: cliCommands.catalog.server(invocation.serverId) }
-		});
-		const serverId = invocation.serverId;
-		const command = cliCommands.catalog.server(serverId);
-		const data = ensureSuccess(await runCatalogToolsCommand(runtime.context, { serverId }), runtime, {
-			command,
-			entity: { serverId }
-		});
-		runtime.output.success(data, {
-			command,
-			entity: {
-				serverId: data.server.serverId,
-				toolCount: data.tools.length
-			},
-			nextActions: nextActionsForCatalogTools(data)
-		});
-		return;
-	}
-	if (invocation.cursor !== void 0 || parsedLimit !== void 0) throw new ValidationError({
-		details: `${invocation.cursor === void 0 ? "" : `--cursor ${invocation.cursor} `}${parsedLimit === void 0 ? "" : `--limit ${parsedLimit}`}`.trim(),
-		message: "Invalid catalog options. --cursor and --limit are only valid for `ogment catalog`.",
-		recovery: { command: cliCommands.catalog.tool(invocation.serverId, invocation.toolName, { example: invocation.example }) }
-	});
-	const serverId = invocation.serverId;
-	const toolName = invocation.toolName;
-	const command = cliCommands.catalog.tool(serverId, toolName, { example: invocation.example });
-	const data = ensureSuccess(await runCatalogToolDetailsCommand(runtime.context, {
-		serverId,
-		toolName
-	}), runtime, {
-		command,
-		entity: {
-			serverId,
-			toolName
-		}
-	});
-	const exampleInput = buildJsonSchemaExample(data.inputSchema);
-	const outputData = invocation.example ? {
-		...data,
-		exampleInput
-	} : data;
-	runtime.output.success(outputData, {
+	runtime.output.success(data, {
 		command,
 		entity: {
-			serverId: data.server.serverId,
-			toolName: data.name
+			localCredentialsDeleted: data.localCredentialsDeleted,
+			revoked: data.revoked
 		},
-		nextActions: nextActionsForCatalogToolDetails(data, exampleInput)
+		nextActions: [nextAction("login", "Authenticate again", cliCommands.auth.login(), "Logout completed; authenticate again before further tool calls.", "after_logout")]
 	});
 };
+const executeCatalogInvocation = async (runtime, invocation) => {
+	const formatPaginationDetails = () => {
+		return `${invocation.cursor === void 0 ? "" : `--cursor ${invocation.cursor} `}${invocation.limit === void 0 ? "" : `--limit ${invocation.limit}`}`.trim();
+	};
+	const toCatalogExecutionPlan = () => {
+		if (invocation.serverId === void 0) {
+			if (invocation.example) return Result.err(new ValidationError({
+				details: "--example without <server-id> <tool-name>",
+				message: "Invalid catalog options. --example requires <server-id> <tool-name>.",
+				recovery: { command: cliCommands.catalog.command() }
+			}));
+			return Result.ok({
+				cursor: invocation.cursor,
+				kind: "summary",
+				limit: invocation.limit
+			});
+		}
+		if (invocation.toolName === void 0) {
+			if (invocation.cursor !== void 0 || invocation.limit !== void 0) return Result.err(new ValidationError({
+				details: formatPaginationDetails(),
+				message: "Invalid catalog options. --cursor and --limit are only valid for `ogment catalog`.",
+				recovery: { command: cliCommands.catalog.command() }
+			}));
+			if (invocation.example) return Result.err(new ValidationError({
+				details: `--example without tool name for ${invocation.serverId}`,
+				message: "Invalid catalog options. --example requires <tool-name>.",
+				recovery: { command: cliCommands.catalog.server(invocation.serverId) }
+			}));
+			return Result.ok({
+				kind: "tools",
+				serverId: invocation.serverId
+			});
+		}
+		if (invocation.cursor !== void 0 || invocation.limit !== void 0) return Result.err(new ValidationError({
+			details: formatPaginationDetails(),
+			message: "Invalid catalog options. --cursor and --limit are only valid for `ogment catalog`.",
+			recovery: { command: cliCommands.catalog.tool(invocation.serverId, invocation.toolName, { example: invocation.example }) }
+		}));
+		return Result.ok({
+			example: invocation.example,
+			kind: "tool",
+			serverId: invocation.serverId,
+			toolName: invocation.toolName
+		});
+	};
+	const planResult = toCatalogExecutionPlan();
+	if (Result.isError(planResult)) throw planResult.error;
+	switch (planResult.value.kind) {
+		case "summary": {
+			const plan = planResult.value;
+			const command = cliCommands.catalog.summary({
+				...plan.cursor === void 0 ? {} : { cursor: plan.cursor },
+				...plan.limit === void 0 ? {} : { limit: plan.limit }
+			});
+			const data = ensureSuccess(await runCatalogCommand(runtime.context, {
+				...plan.cursor === void 0 ? {} : { cursor: plan.cursor },
+				includeDebug: runtime.output.debug,
+				...plan.limit === void 0 ? {} : { limit: plan.limit }
+			}), runtime, {
+				command,
+				entity: {
+					cursor: plan.cursor ?? null,
+					limit: plan.limit ?? null
+				}
+			});
+			const outputData = {
+				failures: data.failures,
+				servers: data.servers
+			};
+			runtime.output.success(outputData, {
+				command,
+				entity: {
+					cursor: plan.cursor ?? null,
+					failedServerCount: data.failures.length,
+					limit: plan.limit ?? null,
+					serverCount: data.servers.length
+				},
+				nextActions: nextActionsForCatalogSummary(outputData, {
+					limit: plan.limit ?? null,
+					nextCursor: data.nextCursor
+				}),
+				pagination: { nextCursor: data.nextCursor }
+			});
+			return;
+		}
+		case "tools": {
+			const command = cliCommands.catalog.server(planResult.value.serverId);
+			const data = ensureSuccess(await runCatalogToolsCommand(runtime.context, { serverId: planResult.value.serverId }), runtime, {
+				command,
+				entity: { serverId: planResult.value.serverId }
+			});
+			runtime.output.success(data, {
+				command,
+				entity: {
+					serverId: data.server.serverId,
+					toolCount: data.tools.length
+				},
+				nextActions: nextActionsForCatalogTools(data)
+			});
+			return;
+		}
+		case "tool": {
+			const command = cliCommands.catalog.tool(planResult.value.serverId, planResult.value.toolName, { example: planResult.value.example });
+			const data = ensureSuccess(await runCatalogToolDetailsCommand(runtime.context, {
+				serverId: planResult.value.serverId,
+				toolName: planResult.value.toolName
+			}), runtime, {
+				command,
+				entity: {
+					serverId: planResult.value.serverId,
+					toolName: planResult.value.toolName
+				}
+			});
+			const exampleInput = toJsonValue(buildJsonSchemaExample(data.inputSchema));
+			const outputData = planResult.value.example ? {
+				...data,
+				exampleInput
+			} : data;
+			runtime.output.success(outputData, {
+				command,
+				entity: {
+					serverId: data.server.serverId,
+					toolName: data.name
+				},
+				nextActions: nextActionsForCatalogToolDetails(data, exampleInput)
+			});
+			return;
+		}
+	}
+};
 const executeInvokeInvocation = async (runtime, invocation) => {
 	let inputSource = "none";
-	let command = cliCommands.invoke.command(invocation.target);
+	let command = cliCommands.invoke.command(invocation.serverId, invocation.toolName, invocation.orgSlug);
 	if (invocation.input !== void 0) if (invocation.input === "-") {
 		inputSource = "stdin";
-		command = cliCommands.invoke.stdin(invocation.target);
+		command = cliCommands.invoke.stdin(invocation.serverId, invocation.toolName, invocation.orgSlug);
 	} else if (invocation.input.startsWith("@")) {
 		inputSource = "file";
-		command = cliCommands.invoke.withInputValue(invocation.target, invocation.input);
+		command = cliCommands.invoke.withInputValue(invocation.serverId, invocation.toolName, invocation.input, invocation.orgSlug);
 	} else {
 		inputSource = "inline_json";
-		command = cliCommands.invoke.inlineJson(invocation.target);
+		command = cliCommands.invoke.inlineJson(invocation.serverId, invocation.toolName, invocation.orgSlug);
 	}
 	const data = ensureSuccess(await runInvokeCommand(runtime.context, {
 		input: invocation.input,
-		target: invocation.target
+		...invocation.orgSlug === void 0 ? {} : { orgSlug: invocation.orgSlug },
+		serverId: invocation.serverId,
+		toolName: invocation.toolName
 	}), runtime, {
 		command,
 		entity: {
 			inputSource,
-			target: invocation.target
+			...invocation.orgSlug === void 0 ? {} : { orgSlug: invocation.orgSlug },
+			serverId: invocation.serverId,
+			toolName: invocation.toolName
 		}
 	});
 	runtime.output.success(data, {
 		command,
 		entity: {
 			inputSource,
+			...invocation.orgSlug === void 0 ? {} : { orgSlug: invocation.orgSlug },
 			serverId: data.serverId,
 			toolName: data.toolName
 		},
@@ -5047,8 +5357,10 @@ const executeInvokeInvocation = async (runtime, invocation) => {
 };
 const executeStatusInvocation = async (runtime) => {
 	const command = cliCommands.status.command();
-	if (runtime.infoService === void 0) throw new UnexpectedError({ message: "Info service is not configured" });
-	const data = ensureSuccess(await runStatusCommand({ apiKeyOverride: runtime.context.apiKeyOverride }, { infoService: runtime.infoService }), runtime, { command });
+	const data = await runStatusCommand({
+		apiKeyOverride: runtime.context.apiKeyOverride,
+		debug: runtime.output.debug
+	}, { infoService: runtime.infoService });
 	runtime.output.success(data, {
 		command,
 		entity: { summaryStatus: data.summary.status },
@@ -5062,39 +5374,28 @@ const executeRootInvocation = (runtime) => {
 		nextActions: [nextAction("login", "Authenticate", cliCommands.auth.login(), "Authenticate first so catalog and invoke commands can run.", "immediate"), nextAction("catalog", "Discover servers", cliCommands.catalog.command(), "List accessible servers and tool counts.", "after_auth")]
 	});
 };
-const invocationHandlers = {
-	auth_login: executeAuthLoginInvocation,
-	auth_logout: async (runtime) => executeAuthLogoutInvocation(runtime),
-	auth_status: async (runtime) => executeAuthStatusInvocation(runtime),
-	catalog: executeCatalogInvocation,
-	invoke: executeInvokeInvocation,
-	root: async (runtime) => {
-		executeRootInvocation(runtime);
-	},
-	status: async (runtime) => executeStatusInvocation(runtime)
-};
 const executeInvocation = async (runtime, invocation) => {
 	switch (invocation.kind) {
 		case "auth_login":
-			await invocationHandlers.auth_login(runtime, invocation);
+			await executeAuthLoginInvocation(runtime, invocation);
 			return;
 		case "auth_logout":
-			await invocationHandlers.auth_logout(runtime, invocation);
+			await executeAuthLogoutInvocation(runtime);
 			return;
 		case "auth_status":
-			await invocationHandlers.auth_status(runtime, invocation);
+			await executeAuthStatusInvocation(runtime);
 			return;
 		case "catalog":
-			await invocationHandlers.catalog(runtime, invocation);
+			await executeCatalogInvocation(runtime, invocation);
 			return;
 		case "invoke":
-			await invocationHandlers.invoke(runtime, invocation);
+			await executeInvokeInvocation(runtime, invocation);
 			return;
 		case "root":
-			await invocationHandlers.root(runtime, invocation);
+			executeRootInvocation(runtime);
 			return;
 		case "status":
-			await invocationHandlers.status(runtime, invocation);
+			await executeStatusInvocation(runtime);
 			return;
 	}
 };
@@ -9383,78 +9684,6 @@ const readPackageJson = () => {
 const packageJson = readPackageJson();
 const VERSION = packageJson.version;
 
-//#endregion
-//#region ../../packages/shared/src/cli/common.ts
-const jsonObjectSchema = record(string(), unknown());
-const cliErrorSchema = object({
-	code: string().min(1),
-	message: string().min(1)
-}).strict();
-const cliErrorEnvelopeSchema = object({ error: cliErrorSchema }).strict();
-const cliSuccessEnvelopeSchema = (dataSchema) => {
-	return object({ data: dataSchema }).strict();
-};
-
-//#endregion
-//#region ../../packages/shared/src/cli/account.ts
-const cliServerSchema = object({
-	createdAt: string().nullable(),
-	description: string().nullable(),
-	enabled: boolean(),
-	enabledToolCount: number$1().int().nonnegative(),
-	id: string(),
-	name: string(),
-	path: string(),
-	readOnlyEnabledToolCount: number$1().int().nonnegative(),
-	toolCount: number$1().int().nonnegative()
-}).strict();
-const cliOrgSchema = object({
-	orgId: string(),
-	orgName: string(),
-	orgSlug: string(),
-	role: string(),
-	servers: array(cliServerSchema)
-}).strict();
-const cliMeDataSchema = object({
-	email: string().nullable(),
-	imageUrl: string().nullable(),
-	name: string().nullable(),
-	orgs: array(cliOrgSchema),
-	userId: string()
-}).strict();
-const accountMeSchema = cliSuccessEnvelopeSchema(cliMeDataSchema);
-
-//#endregion
-//#region ../../packages/shared/src/cli/auth.ts
-const deviceCodeStartDataSchema = object({
-	deviceCode: string().min(1),
-	expiresIn: number$1().int().positive(),
-	interval: number$1().int().positive(),
-	userCode: string().min(1),
-	verificationUri: string().url()
-}).strict();
-const deviceCodeStartSchema = cliSuccessEnvelopeSchema(deviceCodeStartDataSchema);
-const deviceTokenPendingDataSchema = object({ status: literal("authorization_pending") }).strict();
-const deviceTokenApprovedDataSchema = object({
-	agentName: string().min(1),
-	apiKey: string().min(1),
-	status: literal("approved")
-}).strict();
-const deviceTokenDataSchema = discriminatedUnion("status", [deviceTokenPendingDataSchema, deviceTokenApprovedDataSchema]);
-const deviceTokenSchema = cliSuccessEnvelopeSchema(deviceTokenDataSchema);
-const deviceTokenApprovedSchema = cliSuccessEnvelopeSchema(deviceTokenApprovedDataSchema);
-const revokeSelfDataSchema = object({ success: literal(true) }).strict();
-const revokeSelfSchema = cliSuccessEnvelopeSchema(revokeSelfDataSchema);
-
-//#endregion
-//#region ../../packages/shared/src/cli/endpoints.ts
-const cliEndpoints = {
-	accountMe: "/api/v1/cli/me",
-	cliRevokeSelf: "/api/v1/cli/revoke-self",
-	deviceCode: "/api/v1/cli/device-code",
-	deviceToken: "/api/v1/cli/device-token"
-};
-
 //#endregion
 //#region src/shared/schemas.ts
 const credentialsFileSchema = object({
@@ -9470,7 +9699,7 @@ const deleteIfExists = (path, existsSyncFn, unlinkSyncFn) => {
 const normalizeCredentials = (value) => {
 	const parsed = parseWithSchema(credentialsFileSchema, value, "credentials file");
 	if (Result.isError(parsed)) return null;
-	if (typeof parsed.value.apiKey === "string" && parsed.value.apiKey.length > 0) {
+	if (parsed.value.apiKey !== void 0) {
 		const credentials = { apiKey: parsed.value.apiKey };
 		if (typeof parsed.value.agentName === "string") credentials.agentName = parsed.value.agentName;
 		return credentials;
@@ -9529,11 +9758,22 @@ const createFileCredentialsStore = (deps) => {
 
 //#endregion
 //#region src/infra/env.ts
+const baseUrlSchema = url().transform((value) => {
+	return value.endsWith("/") ? value.slice(0, -1) : value;
+});
 const createRuntimeConfig = (env = process.env, homeDirectory = homedir()) => {
 	const configDir = join(homeDirectory, ".config", "ogment");
-	const hasBaseUrlOverride = typeof env["OGMENT_BASE_URL"] === "string";
+	const envBaseUrl = env["OGMENT_BASE_URL"];
+	const hasBaseUrlOverride = typeof envBaseUrl === "string";
 	return {
-		baseUrl: env["OGMENT_BASE_URL"] ?? DEFAULT_OGMENT_BASE_URL,
+		baseUrl: hasBaseUrlOverride ? (() => {
+			const parsed = baseUrlSchema.safeParse(envBaseUrl);
+			if (!parsed.success) throw new ValidationError({
+				details: envBaseUrl,
+				message: "Invalid OGMENT_BASE_URL. Expected a full URL (for example, https://dashboard.ogment.ai)."
+			});
+			return parsed.data;
+		})() : DEFAULT_OGMENT_BASE_URL,
 		baseUrlSource: hasBaseUrlOverride ? "env" : "default",
 		configDir,
 		credentialsPath: join(configDir, "credentials.json"),
@@ -9616,193 +9856,135 @@ const createHttpClient = (deps = {}) => {
 		cleanupCallbacks.push(() => {
 			clearTimeout(timeoutId);
 		});
-		return Result.tryPromise({
-			catch: (cause) => new RemoteRequestError({
-				message: isAbortError(cause) ? "HTTP request timed out" : "HTTP request failed",
-				...options?.operation === void 0 ? {} : { operation: options.operation },
-				raw: cause instanceof Error ? {
-					message: cause.message,
-					name: cause.name,
-					stack: cause.stack
-				} : cause,
-				retryable: isAbortError(cause),
-				source: "network"
-			}),
-			try: async () => fetchFn(input, {
-				...init,
-				signal: abortController.signal
-			})
-		}).finally(() => {
-			for (const cleanup of cleanupCallbacks) cleanup();
-		});
-	} };
-};
-const readResponseText = async (response) => {
-	return Result.tryPromise({
-		catch: () => "",
-		try: async () => response.text()
-	}).then((result) => {
-		if (Result.isError(result)) return "";
-		return result.value;
-	});
-};
-
-//#endregion
-//#region src/output/envelope.ts
-const createEnvelopeBuilder = (deps = {}) => {
-	const createRequestId = deps.createRequestId ?? randomUUID;
-	const now = deps.now ?? (() => /* @__PURE__ */ new Date());
-	const toMeta = (context) => {
-		const base = { command: context.command };
-		if (context.pagination !== void 0) return {
-			...base,
-			pagination: context.pagination,
-			...context.includeDebug === true ? {
-				entity: context.entity ?? null,
-				requestId: createRequestId(),
-				timestamp: now().toISOString()
-			} : {}
-		};
-		return {
-			...base,
-			...context.includeDebug === true ? {
-				entity: context.entity ?? null,
-				requestId: createRequestId(),
-				timestamp: now().toISOString()
-			} : {}
-		};
-	};
-	return {
-		error: (error, context) => {
-			return {
-				data: null,
-				error: presentRuntimeErrorPayload(error, {
-					...context.diagnostics === void 0 ? {} : { contextDiagnostics: context.diagnostics },
-					includeDebug: context.includeDebug === true
-				}),
-				meta: toMeta(context),
-				next_actions: context.nextActions ?? [],
-				ok: false
-			};
-		},
-		parseError: (payload, context) => {
-			return {
-				data: null,
-				error: payload,
-				meta: toMeta(context),
-				next_actions: context.nextActions ?? [],
-				ok: false
-			};
-		},
-		success: (data, context) => {
-			return {
-				data,
-				error: null,
-				meta: toMeta(context),
-				next_actions: context.nextActions ?? [],
-				ok: true
-			};
-		}
-	};
-};
-
-//#endregion
-//#region src/output/manager.ts
-const toJson = (value) => {
-	return `${JSON.stringify(value, null, 2)}\n`;
-};
-const toMinimalEnvelope = (envelope) => {
-	return {
-		data: envelope.data,
-		error: envelope.error,
-		ok: envelope.ok
-	};
-};
-const mergeNextActions = (recovery, contextActions) => {
-	const merged = [...recovery === void 0 || recovery === null ? [] : [recovery], ...contextActions ?? []];
-	const deduped = [];
-	const seen = /* @__PURE__ */ new Set();
-	for (const action of merged) {
-		const key = `${action.id}::${action.command}`;
-		if (seen.has(key)) continue;
-		seen.add(key);
-		deduped.push(action);
-	}
-	return deduped;
-};
-var OutputManager = class {
-	#envelopeBuilder;
-	#mode;
-	#debug = false;
-	#stderr;
-	#stdout;
-	constructor(deps = {}) {
-		this.#stderr = deps.stderr ?? process.stderr;
-		this.#stdout = deps.stdout ?? process.stdout;
-		this.#mode = "json";
-		this.#envelopeBuilder = createEnvelopeBuilder({
-			...deps.createRequestId === void 0 ? {} : { createRequestId: deps.createRequestId },
-			...deps.now === void 0 ? {} : { now: deps.now }
-		});
-	}
-	configure(options) {
-		this.#mode = options.quiet === true ? "quiet" : "json";
-		this.#debug = options.debug === true;
-	}
-	get mode() {
-		return this.#mode;
-	}
-	get debug() {
-		return this.#debug;
-	}
-	error(error, options) {
-		const envelope = this.#envelopeBuilder.error(error, {
-			...options,
-			includeDebug: this.#debug,
-			nextActions: mergeNextActions(appErrorMeta(error).recovery, options.nextActions)
-		});
-		if (this.#mode === "json") {
-			this.#stdout.write(toJson(envelope));
-			return envelope;
-		}
-		this.#stdout.write(toJson(toMinimalEnvelope(envelope)));
-		return envelope;
-	}
-	parseError(payload, options) {
-		const envelope = this.#envelopeBuilder.parseError(payload, {
-			...options,
-			includeDebug: this.#debug
+		return Result.tryPromise({
+			catch: (cause) => new RemoteRequestError({
+				message: isAbortError(cause) ? "HTTP request timed out" : "HTTP request failed",
+				...options?.operation === void 0 ? {} : { operation: options.operation },
+				raw: toJsonValue(cause instanceof Error ? {
+					message: cause.message,
+					name: cause.name,
+					stack: cause.stack
+				} : cause),
+				retryable: isAbortError(cause),
+				source: "network"
+			}),
+			try: async () => fetchFn(input, {
+				...init,
+				signal: abortController.signal
+			})
+		}).finally(() => {
+			for (const cleanup of cleanupCallbacks) cleanup();
 		});
-		if (this.#mode === "json") {
-			this.#stdout.write(toJson(envelope));
-			return envelope;
-		}
-		this.#stdout.write(toJson(toMinimalEnvelope(envelope)));
-		return envelope;
-	}
-	info(message) {
-		if (this.#debug) this.#stderr.write(`${message}\n`);
-	}
-	json(value) {
-		this.#stdout.write(toJson(value));
-	}
-	success(data, options) {
-		const envelope = this.#envelopeBuilder.success(data, {
-			...options,
-			includeDebug: this.#debug
+	} };
+};
+const readResponseText = async (response) => {
+	return Result.tryPromise({
+		catch: () => "",
+		try: async () => response.text()
+	}).then((result) => {
+		if (Result.isError(result)) return "";
+		return result.value;
+	});
+};
+const requestJson = async (httpClient, input, schema, init, options) => {
+	const responseResult = await httpClient.request(input, init, { operation: options.operation });
+	if (Result.isError(responseResult)) return responseResult;
+	const response = responseResult.value;
+	if (!response.ok) {
+		const body = await readResponseText(response);
+		const statusError = options.mapStatusError?.(response, body) ?? new RemoteRequestError({
+			body,
+			httpStatus: response.status,
+			message: `Request failed for ${options.operation}`,
+			operation: options.operation,
+			raw: body,
+			source: "http"
 		});
-		if (this.#mode === "json") {
-			this.#stdout.write(toJson(envelope));
-			return;
-		}
-		this.#stdout.write(toJson(toMinimalEnvelope(envelope)));
-	}
-	writeStdout(chunk) {
-		this.#stdout.write(chunk);
-	}
-	writeStderr(chunk) {
-		this.#stderr.write(chunk);
-	}
+		return Result.err(statusError);
+	}
+	const jsonResult = await Result.tryPromise({
+		catch: () => new RemoteRequestError({
+			httpStatus: response.status,
+			message: `Failed to parse JSON response for ${options.operation}`,
+			operation: options.operation,
+			source: "http"
+		}),
+		try: async () => response.json()
+	});
+	if (Result.isError(jsonResult)) return jsonResult;
+	return parseWithSchema(schema, jsonResult.value, options.context);
+};
+
+//#endregion
+//#region ../../packages/shared/src/cli/common.ts
+const jsonObjectSchema = record(string(), unknown());
+const cliErrorSchema = object({
+	code: string().min(1),
+	message: string().min(1)
+}).strict();
+const cliErrorEnvelopeSchema = object({ error: cliErrorSchema }).strict();
+const cliSuccessEnvelopeSchema = (dataSchema) => {
+	return object({ data: dataSchema }).strict();
+};
+
+//#endregion
+//#region ../../packages/shared/src/cli/account.ts
+const cliServerSchema = object({
+	createdAt: string().nullable(),
+	description: string().nullable(),
+	enabled: boolean(),
+	enabledToolCount: number$1().int().nonnegative(),
+	id: string(),
+	name: string(),
+	path: string(),
+	readOnlyEnabledToolCount: number$1().int().nonnegative(),
+	toolCount: number$1().int().nonnegative()
+}).strict();
+const cliOrgSchema = object({
+	orgId: string(),
+	orgName: string(),
+	orgSlug: string(),
+	role: string(),
+	servers: array(cliServerSchema)
+}).strict();
+const cliMeDataSchema = object({
+	email: string().nullable(),
+	imageUrl: string().nullable(),
+	name: string().nullable(),
+	orgs: array(cliOrgSchema),
+	userId: string()
+}).strict();
+const accountMeSchema = cliSuccessEnvelopeSchema(cliMeDataSchema);
+
+//#endregion
+//#region ../../packages/shared/src/cli/auth.ts
+const deviceCodeStartDataSchema = object({
+	deviceCode: string().min(1),
+	expiresIn: number$1().int().positive(),
+	interval: number$1().int().positive(),
+	userCode: string().min(1),
+	verificationUri: string().url()
+}).strict();
+const deviceCodeStartSchema = cliSuccessEnvelopeSchema(deviceCodeStartDataSchema);
+const deviceTokenPendingDataSchema = object({ status: literal("authorization_pending") }).strict();
+const deviceTokenApprovedDataSchema = object({
+	agentName: string().min(1),
+	apiKey: string().min(1),
+	status: literal("approved")
+}).strict();
+const deviceTokenDataSchema = discriminatedUnion("status", [deviceTokenPendingDataSchema, deviceTokenApprovedDataSchema]);
+const deviceTokenSchema = cliSuccessEnvelopeSchema(deviceTokenDataSchema);
+const deviceTokenApprovedSchema = cliSuccessEnvelopeSchema(deviceTokenApprovedDataSchema);
+const revokeSelfDataSchema = object({ success: literal(true) }).strict();
+const revokeSelfSchema = cliSuccessEnvelopeSchema(revokeSelfDataSchema);
+
+//#endregion
+//#region ../../packages/shared/src/cli/endpoints.ts
+const cliEndpoints = {
+	accountMe: "/api/v1/cli/me",
+	cliRevokeSelf: "/api/v1/cli/revoke-self",
+	deviceCode: "/api/v1/cli/device-code",
+	deviceToken: "/api/v1/cli/device-token"
 };
 
 //#endregion
@@ -9814,58 +9996,68 @@ const toEndpointUrl$1 = (baseUrl, endpoint) => {
 	return `${baseUrl}${endpoint}`;
 };
 const createAccountService = (deps) => {
-	const fetchAccountOnce = async (apiKey) => {
-		const responseResult = await deps.httpClient.request(toEndpointUrl$1(deps.baseUrl, cliEndpoints.accountMe), { headers: authHeader(apiKey) });
-		if (Result.isError(responseResult)) return responseResult;
-		if (!responseResult.value.ok) {
-			if (responseResult.value.status === 401) return Result.err(new AuthError({
-				code: ERROR_CODE.authInvalidCredentials,
-				message: "Authentication failed. Run `ogment auth login` again.",
-				recovery: { command: "ogment auth login" }
-			}));
-			const body = await readResponseText(responseResult.value);
-			return Result.err(new RemoteRequestError({
-				body,
-				httpStatus: responseResult.value.status,
-				message: "Failed to fetch account details",
-				operation: "account/fetch",
-				raw: body,
-				source: "http"
-			}));
-		}
-		const jsonResult = await Result.tryPromise({
-			catch: () => new RemoteRequestError({
-				httpStatus: responseResult.value.status,
-				message: "Failed to parse account response JSON",
-				operation: "account/fetch",
-				source: "http"
-			}),
-			try: async () => responseResult.value.json()
+	const fetchAccount = async (apiKey) => {
+		const payloadResult = await requestJson(deps.httpClient, toEndpointUrl$1(deps.baseUrl, cliEndpoints.accountMe), accountMeSchema, { headers: authHeader(apiKey) }, {
+			context: "account response",
+			mapStatusError: (response, body) => {
+				if (response.status === 401) return new AuthError({
+					code: ERROR_CODE.authInvalidCredentials,
+					message: "Authentication failed. Run `ogment auth login` again.",
+					recovery: { command: "ogment auth login" }
+				});
+				return new RemoteRequestError({
+					body,
+					httpStatus: response.status,
+					message: "Failed to fetch account details",
+					operation: "account/fetch",
+					raw: body,
+					source: "http"
+				});
+			},
+			operation: "account/fetch"
 		});
-		if (Result.isError(jsonResult)) return jsonResult;
-		const parsed = parseWithSchema(accountMeSchema, jsonResult.value, "account response");
-		if (Result.isError(parsed)) return parsed;
-		return Result.ok(parsed.value.data);
+		if (Result.isError(payloadResult)) return payloadResult;
+		return Result.ok(payloadResult.value.data);
+	};
+	return { fetchAccount };
+};
+
+//#endregion
+//#region src/services/api-key-resolution.ts
+const isNonEmptyString = (value) => {
+	return typeof value === "string" && value.length > 0;
+};
+const resolveApiKey = (options) => {
+	if (isNonEmptyString(options.apiKeyOverride)) return {
+		agentName: null,
+		apiKey: options.apiKeyOverride,
+		loadError: null,
+		source: "apiKeyOption"
+	};
+	if (isNonEmptyString(options.envApiKey)) return {
+		agentName: null,
+		apiKey: options.envApiKey,
+		loadError: null,
+		source: "env"
+	};
+	const storedCredentials = options.credentialsStore.load();
+	if (Result.isError(storedCredentials)) return {
+		agentName: null,
+		apiKey: null,
+		loadError: storedCredentials.error,
+		source: "credentialsError"
+	};
+	if (storedCredentials.value !== null) return {
+		agentName: storedCredentials.value.agentName ?? null,
+		apiKey: storedCredentials.value.apiKey,
+		loadError: null,
+		source: "credentialsFile"
 	};
-	const fetchAccount = async (apiKey) => fetchAccountOnce(apiKey);
 	return {
-		fetchAccount,
-		listServers: async (apiKey) => {
-			const profileResult = await fetchAccount(apiKey);
-			if (Result.isError(profileResult)) return profileResult;
-			const servers = profileResult.value.orgs.flatMap((organization) => {
-				return organization.servers.map((server) => {
-					return {
-						description: server.description,
-						enabled: server.enabled,
-						name: server.name,
-						orgSlug: organization.orgSlug,
-						path: server.path
-					};
-				});
-			});
-			return Result.ok(servers);
-		}
+		agentName: null,
+		apiKey: null,
+		loadError: null,
+		source: "none"
 	};
 };
 
@@ -9891,87 +10083,62 @@ const revokeUrl = (baseUrl) => {
 const createAuthService = (deps) => {
 	const now = deps.now ?? Date.now;
 	const sleep = deps.sleep ?? defaultSleep;
-	const requestRemote = async (input, init) => {
-		return deps.httpClient.request(input, init);
-	};
 	const loginWithDevice = async (options) => {
-		const startFlowResponse = await requestRemote(deviceCodeUrl(deps.baseUrl), {
+		const startPayload = await requestJson(deps.httpClient, deviceCodeUrl(deps.baseUrl), deviceCodeStartSchema, {
 			headers: { "Content-Type": "application/json" },
 			method: "POST"
-		});
-		if (Result.isError(startFlowResponse)) return startFlowResponse;
-		if (!startFlowResponse.value.ok) {
-			const body = await readResponseText(startFlowResponse.value);
-			return Result.err(new RemoteRequestError({
+		}, {
+			context: "device login start response",
+			mapStatusError: (response, body) => new RemoteRequestError({
 				body,
-				httpStatus: startFlowResponse.value.status,
+				httpStatus: response.status,
 				message: "Failed to start device login",
 				operation: "auth/device/start",
 				raw: body,
 				source: "http"
-			}));
-		}
-		const startPayload = await Result.tryPromise({
-			catch: () => new RemoteRequestError({
-				httpStatus: startFlowResponse.value.status,
-				message: "Failed to parse device login start payload",
-				operation: "auth/device/start",
-				source: "http"
 			}),
-			try: async () => startFlowResponse.value.json()
+			operation: "auth/device/start"
 		});
 		if (Result.isError(startPayload)) return startPayload;
-		const parsedStartPayload = parseWithSchema(deviceCodeStartSchema, startPayload.value, "device login start response");
-		if (Result.isError(parsedStartPayload)) return parsedStartPayload;
 		options.onPending?.({
-			userCode: parsedStartPayload.value.data.userCode,
-			verificationUri: parsedStartPayload.value.data.verificationUri
+			userCode: startPayload.value.data.userCode,
+			verificationUri: startPayload.value.data.verificationUri
 		});
-		const deadline = now() + parsedStartPayload.value.data.expiresIn * 1e3;
-		const interval = parsedStartPayload.value.data.interval * 1e3;
+		const deadline = now() + startPayload.value.data.expiresIn * 1e3;
+		const interval = startPayload.value.data.interval * 1e3;
 		while (now() < deadline) {
 			await sleep(interval);
-			const pollResponse = await requestRemote(deviceTokenUrl(deps.baseUrl), {
-				body: JSON.stringify({ deviceCode: parsedStartPayload.value.data.deviceCode }),
+			const pollPayload = await requestJson(deps.httpClient, deviceTokenUrl(deps.baseUrl), deviceTokenSchema, {
+				body: JSON.stringify({ deviceCode: startPayload.value.data.deviceCode }),
 				headers: { "Content-Type": "application/json" },
 				method: "POST"
-			});
-			if (Result.isError(pollResponse)) return pollResponse;
-			if (pollResponse.value.status === 410) return Result.err(new AuthError({
-				code: ERROR_CODE.authDeviceExpired,
-				message: "Device login code expired. Run `ogment auth login` again.",
-				recovery: { command: "ogment auth login" }
-			}));
-			if (pollResponse.value.status === 404) return Result.err(new AuthError({
-				code: ERROR_CODE.authInvalidCredentials,
-				message: "Invalid device login code. Run `ogment auth login` again.",
-				recovery: { command: "ogment auth login" }
-			}));
-			if (!pollResponse.value.ok) {
-				const body = await readResponseText(pollResponse.value);
-				return Result.err(new RemoteRequestError({
-					body,
-					httpStatus: pollResponse.value.status,
-					message: "Failed to poll device login status",
-					operation: "auth/device/poll",
-					raw: body,
-					source: "http"
-				}));
-			}
-			const pollPayload = await Result.tryPromise({
-				catch: () => new RemoteRequestError({
-					httpStatus: pollResponse.value.status,
-					message: "Failed to parse device login poll payload",
-					operation: "auth/device/poll",
-					source: "http"
-				}),
-				try: async () => pollResponse.value.json()
+			}, {
+				context: "device login poll response",
+				mapStatusError: (response, body) => {
+					if (response.status === 410) return new AuthError({
+						code: ERROR_CODE.authDeviceExpired,
+						message: "Device login code expired. Run `ogment auth login` again.",
+						recovery: { command: "ogment auth login" }
+					});
+					if (response.status === 404) return new AuthError({
+						code: ERROR_CODE.authInvalidCredentials,
+						message: "Invalid device login code. Run `ogment auth login` again.",
+						recovery: { command: "ogment auth login" }
+					});
+					return new RemoteRequestError({
+						body,
+						httpStatus: response.status,
+						message: "Failed to poll device login status",
+						operation: "auth/device/poll",
+						raw: body,
+						source: "http"
+					});
+				},
+				operation: "auth/device/poll"
 			});
 			if (Result.isError(pollPayload)) return pollPayload;
-			const parsedTokenPayload = parseWithSchema(deviceTokenSchema, pollPayload.value, "device login poll response");
-			if (Result.isError(parsedTokenPayload)) return parsedTokenPayload;
-			if (parsedTokenPayload.value.data.status === "authorization_pending") continue;
-			const approvedPayload = parsedTokenPayload.value.data;
+			if (pollPayload.value.data.status === "authorization_pending") continue;
+			const approvedPayload = pollPayload.value.data;
 			const saveResult = deps.credentialsStore.save({
 				agentName: approvedPayload.agentName,
 				apiKey: approvedPayload.apiKey
@@ -10024,7 +10191,7 @@ const createAuthService = (deps) => {
 				localCredentialsDeleted: false,
 				revoked: false
 			});
-			const revokeResult = await requestRemote(revokeUrl(deps.baseUrl), {
+			const revokeResult = await deps.httpClient.request(revokeUrl(deps.baseUrl), {
 				headers: { Authorization: `Bearer ${stored.value.apiKey}` },
 				method: "POST"
 			});
@@ -10037,11 +10204,13 @@ const createAuthService = (deps) => {
 			});
 		},
 		resolveApiKey: async (overrideApiKey) => {
-			if (typeof overrideApiKey === "string" && overrideApiKey.length > 0) return Result.ok(overrideApiKey);
-			if (typeof deps.envApiKey === "string" && deps.envApiKey.length > 0) return Result.ok(deps.envApiKey);
-			const stored = deps.credentialsStore.load();
-			if (Result.isError(stored)) return stored;
-			if (stored.value !== null) return Result.ok(stored.value.apiKey);
+			const resolution = resolveApiKey({
+				apiKeyOverride: overrideApiKey,
+				credentialsStore: deps.credentialsStore,
+				envApiKey: deps.envApiKey
+			});
+			if (resolution.apiKey !== null) return Result.ok(resolution.apiKey);
+			if (resolution.source === "credentialsError" && resolution.loadError) return Result.err(resolution.loadError);
 			return Result.err(new AuthError({
 				code: ERROR_CODE.authRequired,
 				message: "Not logged in. Run `ogment auth login` or set OGMENT_API_KEY.",
@@ -10049,26 +10218,21 @@ const createAuthService = (deps) => {
 			}));
 		},
 		status: async (overrideApiKey) => {
-			if (typeof overrideApiKey === "string" && overrideApiKey.length > 0) return Result.ok({
-				agentName: null,
-				apiKeySource: "apiKeyOption",
-				loggedIn: true
-			});
-			if (typeof deps.envApiKey === "string" && deps.envApiKey.length > 0) return Result.ok({
-				agentName: null,
-				apiKeySource: "env",
-				loggedIn: true
+			const resolution = resolveApiKey({
+				apiKeyOverride: overrideApiKey,
+				credentialsStore: deps.credentialsStore,
+				envApiKey: deps.envApiKey
 			});
-			const stored = deps.credentialsStore.load();
-			if (Result.isError(stored)) return stored;
-			if (stored.value === null) return Result.ok({
+			if (resolution.source === "credentialsError" && resolution.loadError) return Result.err(resolution.loadError);
+			if (resolution.apiKey === null) return Result.ok({
 				agentName: null,
 				apiKeySource: "none",
 				loggedIn: false
 			});
+			const apiKeySource = resolution.source === "credentialsFile" ? "credentialsFile" : resolution.source === "apiKeyOption" ? "apiKeyOption" : "env";
 			return Result.ok({
-				agentName: stored.value.agentName ?? null,
-				apiKeySource: "credentialsFile",
+				agentName: resolution.agentName,
+				apiKeySource,
 				loggedIn: true
 			});
 		}
@@ -10081,44 +10245,19 @@ const maskApiKey = (apiKey) => {
 	if (apiKey.length <= 8) return `*** (sha256:${createHash("sha256").update(apiKey).digest("hex").slice(0, 12)})`;
 	return `${apiKey.slice(0, 4)}...${apiKey.slice(-4)} (sha256:${createHash("sha256").update(apiKey).digest("hex").slice(0, 12)})`;
 };
-const resolveApiKey = (apiKeyOverride, envApiKey, credentialsStore) => {
-	if (typeof apiKeyOverride === "string" && apiKeyOverride.length > 0) return {
-		loadError: null,
-		source: "apiKeyOption",
-		value: apiKeyOverride
-	};
-	if (typeof envApiKey === "string" && envApiKey.length > 0) return {
-		loadError: null,
-		source: "env",
-		value: envApiKey
-	};
-	const storedCredentials = credentialsStore.load();
-	if (Result.isError(storedCredentials)) return {
-		loadError: storedCredentials.error.message,
-		source: "credentialsError",
-		value: null
-	};
-	if (storedCredentials.value !== null) return {
-		loadError: null,
-		source: "credentialsFile",
-		value: storedCredentials.value.apiKey
-	};
+const nextActionByIssueCode = (includeDebug) => {
 	return {
-		loadError: null,
-		source: "none",
-		value: null
+		auth_failed: "Run `ogment auth login` to refresh credentials.",
+		credentials_load_failed: "Check file permissions and contents of `~/.config/ogment/credentials.json`.",
+		no_api_key: "Run `ogment auth login` or set `OGMENT_API_KEY`.",
+		unreachable: includeDebug ? "Verify `OGMENT_BASE_URL` and network connectivity." : "Verify network connectivity."
 	};
 };
-const nextActionByIssueCode = {
-	auth_failed: "Run `ogment auth login` to refresh credentials.",
-	credentials_load_failed: "Check file permissions and contents of `~/.config/ogment/credentials.json`.",
-	no_api_key: "Run `ogment auth login` or set `OGMENT_API_KEY`.",
-	unreachable: "Verify `OGMENT_BASE_URL` and network connectivity."
-};
-const toSummary = (issues) => {
+const toSummary = (issues, includeDebug) => {
+	const issueActions = nextActionByIssueCode(includeDebug);
 	const nextActions = /* @__PURE__ */ new Set();
 	for (const issue of issues) {
-		const nextAction = nextActionByIssueCode[issue.code];
+		const nextAction = issueActions[issue.code];
 		if (nextAction !== void 0) nextActions.add(nextAction);
 	}
 	nextActions.add("Run `ogment catalog` to inspect available servers.");
@@ -10142,9 +10281,14 @@ const createInfoService = (deps) => {
 	const detectEnvironment = deps.detectExecutionEnvironmentFn ?? detectExecutionEnvironment;
 	const existsSyncFn = deps.existsSyncFn ?? existsSync;
 	const now = deps.now ?? Date.now;
-	return { collect: async (apiKeyOverride) => {
-		const apiKeyResolution = resolveApiKey(apiKeyOverride, deps.envApiKey, deps.credentialsStore);
-		const selectedApiKey = apiKeyResolution.value;
+	return { collect: async (apiKeyOverride, options) => {
+		const includeDebug = options?.includeDebug === true;
+		const apiKeyResolution = resolveApiKey({
+			apiKeyOverride,
+			credentialsStore: deps.credentialsStore,
+			envApiKey: deps.envApiKey
+		});
+		const selectedApiKey = apiKeyResolution.apiKey;
 		const credentialsFileExists = existsSyncFn(deps.credentialsPath);
 		const endpoint = `${deps.baseUrl}${cliEndpoints.accountMe}`;
 		const pingHeaders = typeof selectedApiKey === "string" ? { Authorization: `Bearer ${selectedApiKey}` } : void 0;
@@ -10238,7 +10382,7 @@ const createInfoService = (deps) => {
 		});
 		if (apiKeyResolution.source === "credentialsError" && apiKeyResolution.loadError !== null) issues.push({
 			code: "credentials_load_failed",
-			message: `Failed to load credentials file: ${apiKeyResolution.loadError}`
+			message: `Failed to load credentials file: ${apiKeyResolution.loadError.message}`
 		});
 		if (account.status === "auth_error") issues.push({
 			code: "auth_failed",
@@ -10262,7 +10406,7 @@ const createInfoService = (deps) => {
 				apiKeyPreview: selectedApiKey === null ? null : maskApiKey(selectedApiKey),
 				apiKeySource: apiKeyResolution.source,
 				credentialsFileExists,
-				credentialsFileLoadError: apiKeyResolution.loadError
+				credentialsFileLoadError: apiKeyResolution.loadError?.message ?? null
 			},
 			config: {
 				baseUrl: deps.baseUrl,
@@ -10275,7 +10419,7 @@ const createInfoService = (deps) => {
 					"--api-key option",
 					"OGMENT_API_KEY environment variable",
 					"~/.config/ogment/credentials.json",
-					"default base URL when OGMENT_BASE_URL is unset"
+					...includeDebug ? ["default base URL when OGMENT_BASE_URL is unset"] : []
 				],
 				quickCommands: [
 					"ogment status",
@@ -10283,7 +10427,7 @@ const createInfoService = (deps) => {
 					"ogment catalog",
 					"ogment catalog <server-id>",
 					"ogment catalog <server-id> <tool-name>",
-					"ogment invoke <server-id>/<tool-name> --input '{}'"
+					"ogment invoke <server-id> <tool-name> --input '{}'"
 				]
 			},
 			generatedAt: new Date(now()).toISOString(),
@@ -10298,7 +10442,7 @@ const createInfoService = (deps) => {
 				platform: process.platform,
 				processArch: process.arch
 			},
-			summary: toSummary(issues)
+			summary: toSummary(issues, includeDebug)
 		};
 	} };
 };
@@ -20915,33 +21059,12 @@ var StreamableHTTPClientTransport = class {
 //#endregion
 //#region src/services/mcp-error-mapping.ts
 const toSerializable = (value) => {
-	if (value instanceof Error) return {
+	if (value instanceof Error) return toJsonValue({
 		message: value.message,
 		name: value.name,
 		stack: value.stack
-	};
-	try {
-		return structuredClone(value);
-	} catch {
-		return String(value);
-	}
-};
-const toJsonRpcErrorPayload = (payload) => {
-	if (isJSONRPCErrorResponse(payload)) return {
-		code: payload.error.code,
-		data: payload.error.data,
-		raw: toSerializable(payload)
-	};
-	if (!isRecord$1(payload) || !Object.hasOwn(payload, "error")) return null;
-	const errorRecord = payload["error"];
-	if (!isRecord$1(errorRecord)) return null;
-	const code = errorRecord["code"];
-	if (typeof code !== "number") return null;
-	return {
-		code,
-		data: errorRecord["data"],
-		raw: toSerializable(payload)
-	};
+	});
+	return toJsonValue(value);
 };
 const extractStreamableBody = (message) => {
 	const markerIndex = message.indexOf("Error POSTing to endpoint:");
@@ -20951,24 +21074,15 @@ const extractStreamableBody = (message) => {
 };
 const mapStreamableHttpError = (error) => {
 	const body = extractStreamableBody(error.message);
-	const parsedBody = body === void 0 ? null : (() => {
-		const parsed = Result.try({
-			catch: () => null,
-			try: () => {
-				return JSON.parse(body);
-			}
-		});
-		return Result.isError(parsed) ? null : parsed.value;
-	})();
-	const jsonRpcPayload = parsedBody === null ? null : toJsonRpcErrorPayload(parsedBody);
+	const details = body === void 0 ? {} : parseRemoteErrorDetails(body);
 	const httpStatus = typeof error.code === "number" && error.code >= 100 ? error.code : void 0;
 	const retryable = httpStatus === void 0 ? void 0 : httpStatus === 429 || httpStatus >= 500 || httpStatus === 408;
 	return {
 		...body === void 0 ? {} : { body },
 		...httpStatus === void 0 ? {} : { httpStatus },
-		...jsonRpcPayload === null ? {} : { mcpCode: jsonRpcPayload.code },
-		...jsonRpcPayload === null ? {} : { mcpData: jsonRpcPayload.data },
-		raw: jsonRpcPayload?.raw ?? toSerializable(parsedBody ?? error),
+		...details.mcpCode === void 0 ? {} : { mcpCode: details.mcpCode },
+		...details.data === void 0 ? {} : { mcpData: details.data },
+		raw: toSerializable(body ?? error),
 		...retryable === void 0 ? {} : { retryable },
 		source: "mcp_transport_http"
 	};
@@ -21024,45 +21138,13 @@ const MCP_DISCOVERY_TIMEOUT_MS = 1e4;
 const MCP_INVOKE_TIMEOUT_MS = 45e3;
 const defaultCreateClient = (version) => {
 	return new Client({
-		name: "ogment-cli",
+		name: APP_NAME,
 		version
 	}, { capabilities: {} });
 };
 const defaultCreateTransport = (url, apiKey) => {
 	return new StreamableHTTPClientTransport(url, { requestInit: { headers: { Authorization: `Bearer ${apiKey}` } } });
 };
-const parseToolCallContent = (result) => {
-	const parsedResult = parseWithSchema(CompatibilityCallToolResultSchema, result, "MCP tool call result", {
-		code: ERROR_CODE.toolInputSchemaViolation,
-		recovery: { command: "ogment catalog" }
-	});
-	if (Result.isError(parsedResult)) return parsedResult;
-	const payload = parsedResult.value;
-	if ("toolResult" in payload) return Result.ok({
-		isError: false,
-		structuredContent: payload.toolResult
-	});
-	if (payload.structuredContent !== void 0) return Result.ok({
-		isError: payload.isError === true,
-		structuredContent: payload.structuredContent
-	});
-	const firstContent = payload.content[0];
-	if (firstContent?.type === "text") {
-		const parsedText = parseJsonUnknown(firstContent.text, "MCP text content");
-		if (Result.isError(parsedText)) return Result.ok({
-			isError: payload.isError === true,
-			structuredContent: firstContent.text
-		});
-		return Result.ok({
-			isError: payload.isError === true,
-			structuredContent: parsedText.value
-		});
-	}
-	return Result.ok({
-		isError: payload.isError === true,
-		structuredContent: payload
-	});
-};
 const createMcpService = (deps) => {
 	const createClient = deps.createClient ?? (() => defaultCreateClient(deps.version));
 	const createTransport = deps.createTransport ?? defaultCreateTransport;
@@ -21109,32 +21191,17 @@ const createMcpService = (deps) => {
 					return client.callTool({
 						arguments: args,
 						name: toolName
-					}, CompatibilityCallToolResultSchema, { timeout: MCP_INVOKE_TIMEOUT_MS });
+					}, CallToolResultSchema, { timeout: MCP_INVOKE_TIMEOUT_MS });
 				}, "MCP tool call failed", "tools/call");
 				if (Result.isError(toolCallResult)) return toolCallResult;
-				return parseToolCallContent(toolCallResult.value);
+				return Result.ok(toolCallResult.value);
 			});
 		},
 		listTools: async (target, apiKey) => {
 			return withClient(target, apiKey, async (client) => {
 				const toolsResult = await withRemoteCall(async () => client.listTools(void 0, { timeout: MCP_DISCOVERY_TIMEOUT_MS }), "MCP tools/list failed", "tools/list");
 				if (Result.isError(toolsResult)) return toolsResult;
-				const parsedToolsResult = parseWithSchema(ListToolsResultSchema, toolsResult.value, "MCP tools/list response", {
-					code: ERROR_CODE.toolInputSchemaViolation,
-					recovery: { command: "ogment catalog" }
-				});
-				if (Result.isError(parsedToolsResult)) return parsedToolsResult;
-				const parsedTools = [];
-				for (const tool of parsedToolsResult.value.tools) {
-					const normalizedTool = {
-						description: tool.description ?? null,
-						inputSchema: tool.inputSchema,
-						name: tool.name
-					};
-					if (tool.outputSchema !== void 0) normalizedTool.outputSchema = tool.outputSchema;
-					parsedTools.push(normalizedTool);
-				}
-				return Result.ok(parsedTools);
+				return Result.ok(toolsResult.value.tools);
 			});
 		}
 	};
@@ -21191,24 +21258,21 @@ const asGlobalOptions = (command) => {
 	const options = command.optsWithGlobals();
 	return {
 		apiKey: options.apiKey,
-		debug: options.debug,
-		quiet: options.quiet,
-		yes: options.yes
+		debug: Boolean(options.debug),
+		quiet: Boolean(options.quiet)
 	};
 };
 const mapGlobalOutputOptions = (options) => {
 	return {
 		debug: options.debug,
-		quiet: options.quiet,
-		yes: options.yes
+		quiet: options.quiet
 	};
 };
 const parseOutputOptionsFromArgv = (argv) => {
 	const hasFlag = (flag) => argv.includes(flag);
 	return {
 		debug: hasFlag("--debug"),
-		quiet: hasFlag("--quiet"),
-		yes: hasFlag("--yes")
+		quiet: hasFlag("--quiet")
 	};
 };
 
@@ -21221,11 +21285,6 @@ const parseCatalogLimitOption = (value) => {
 	if (!Number.isSafeInteger(parsed) || parsed < 1) throw new InvalidArgumentError("Expected a positive integer.");
 	return parsed;
 };
-const parseInvokeTarget = (value) => {
-	const separatorIndex = value.lastIndexOf("/");
-	if (separatorIndex <= 0 || separatorIndex >= value.length - 1 || /\s/.test(value)) throw new InvalidArgumentError("Expected <server-id>/<tool-name>.");
-	return value;
-};
 const createProgram = (runtime, parseState) => {
 	const program = new Command();
 	let invocation = null;
@@ -21257,12 +21316,12 @@ const createProgram = (runtime, parseState) => {
 			"Examples:",
 			"  $ ogment auth login",
 			"  $ ogment catalog billing create_invoice --example",
-			"  $ ogment invoke billing/create_invoice --input '{\"amount\":100}'",
+			"  $ ogment invoke billing create_invoice --input '{\"amount\":100}'",
 			"",
 			"Run `ogment help <command>` for command-specific usage."
 		].join("\n");
 	});
-	program.name(APP_NAME).description(APP_DESCRIPTION).version(VERSION).optionsGroup("Connection Options:").option("--api-key <key>", "API key override").optionsGroup("Output Options:").option("--debug", "Include debug metadata and diagnostics in JSON output").option("--quiet", "Emit minimal JSON output (ok + data/error)").optionsGroup("Automation Options:").option("--yes", "Assume yes for any confirmation").hook("preAction", (thisCommand) => {
+	program.name(APP_NAME).description(APP_DESCRIPTION).version(VERSION).optionsGroup("Connection Options:").option("--api-key <key>", "API key override").optionsGroup("Output Options:").option("--debug", "Include debug metadata and diagnostics in JSON output").option("--quiet", "Emit minimal JSON output (ok + data/error)").hook("preAction", (thisCommand) => {
 		const options = asGlobalOptions(thisCommand);
 		runtime.output.configure(mapGlobalOutputOptions(options));
 		runtime.context.apiKeyOverride = options.apiKey;
@@ -21291,19 +21350,21 @@ const createProgram = (runtime, parseState) => {
 	});
 	program.command("catalog [serverId] [toolName]").summary("Discover servers and inspect tools").description("Discover servers and tools with progressive disclosure").helpGroup("Discovery Commands:").addOption(new Option("--cursor <cursor>", "Pagination cursor (catalog summary only)").conflicts("example")).addOption(new Option("--limit <limit>", "Maximum servers to return (catalog summary only)").argParser(parseCatalogLimitOption).conflicts("example")).addOption(new Option("--example", "Include a generated example input payload (tool details only)").conflicts(["cursor", "limit"])).action((serverId, toolName, options) => {
 		setInvocation({
-			cursor: options.cursor,
 			example: options.example === true,
 			kind: "catalog",
-			limit: options.limit,
-			serverId,
-			toolName
+			...options.cursor === void 0 ? {} : { cursor: options.cursor },
+			...options.limit === void 0 ? {} : { limit: options.limit },
+			...serverId === void 0 ? {} : { serverId },
+			...toolName === void 0 ? {} : { toolName }
 		});
 	});
-	program.command("invoke").summary("Invoke a tool by <server-id>/<tool-name>").description("Invoke a tool using <server-id>/<tool-name>").helpGroup("Execution Commands:").argument("<target>", "Target tool in the form <server-id>/<tool-name>", parseInvokeTarget).option("--input <value>", "Input payload: inline JSON object, @path, or - for stdin").action((target, options) => {
+	program.command("invoke").summary("Invoke a tool by <server-id> <tool-name>").description("Invoke a tool using <server-id> <tool-name>").helpGroup("Execution Commands:").argument("<serverId>", "Server id").argument("<toolName>", "Tool name").addOption(new Option("--org <orgSlug>", "Organization slug").hideHelp()).option("--input <value>", "Input payload: inline JSON object, @path, or - for stdin").action((serverId, toolName, options) => {
 		setInvocation({
 			input: options.input,
 			kind: "invoke",
-			target
+			...options.org === void 0 ? {} : { orgSlug: options.org },
+			serverId,
+			toolName
 		});
 	});
 	program.command("status").summary("Show runtime diagnostics").description("Show runtime configuration and connectivity diagnostics").helpGroup("Diagnostics Commands:").action(() => {
@@ -21329,22 +21390,36 @@ const commandFromArgv = (argv) => {
 	if (normalized.length === 0) return "ogment";
 	return `ogment ${normalized.join(" ")}`;
 };
-const runCli = async (argv = process.argv.slice(2), runtime = createRuntime()) => {
+const runCli = async (argv = process.argv.slice(2), runtime = void 0) => {
 	const normalizedArgv = normalizeCliArgv(argv);
-	runtime.output.configure(parseOutputOptionsFromArgv(normalizedArgv));
+	const outputOptions = parseOutputOptionsFromArgv(normalizedArgv);
+	let resolvedRuntime;
+	try {
+		resolvedRuntime = runtime ?? createRuntime();
+	} catch (error) {
+		const output = new OutputManager();
+		output.configure(outputOptions);
+		const normalized = normalizeCliRuntimeError(error);
+		output.error(normalized, {
+			command: commandFromArgv(argv),
+			entity: null
+		});
+		return exitCodeForError(normalized);
+	}
+	resolvedRuntime.output.configure(outputOptions);
 	const parseState = createCommanderParseState();
-	const { program, readInvocation } = createProgram(runtime, parseState);
+	const { program, readInvocation } = createProgram(resolvedRuntime, parseState);
 	try {
 		await program.parseAsync(normalizedArgv, { from: "user" });
 		const invocation = readInvocation();
-		if (invocation !== null) await executeInvocation(runtime, invocation);
+		if (invocation !== null) await executeInvocation(resolvedRuntime, invocation);
 		return EXIT_CODE.success;
 	} catch (error) {
 		if (error instanceof CliExitError) return error.exitCode;
 		if (error instanceof CommanderError) {
 			if (error.exitCode === EXIT_CODE.success) return EXIT_CODE.success;
-			const parseError = toParseCliError(error, parseState, { includeDebug: runtime.output.debug });
-			runtime.output.parseError(parseError.payload, {
+			const parseError = toParseCliError(error, parseState, { includeDebug: resolvedRuntime.output.debug });
+			resolvedRuntime.output.parseError(parseError.payload, {
 				command: commandFromArgv(argv),
 				entity: null,
 				nextActions: parseError.nextActions
@@ -21352,7 +21427,7 @@ const runCli = async (argv = process.argv.slice(2), runtime = createRuntime()) =
 			return EXIT_CODE.validation;
 		}
 		const normalized = normalizeCliRuntimeError(error);
-		runtime.output.error(normalized, {
+		resolvedRuntime.output.error(normalized, {
 			command: commandFromArgv(argv),
 			entity: null
 		});
@@ -21380,5 +21455,4 @@ const shouldExecuteCli = (importMetaUrl, argv1) => {
 if (shouldExecuteCli(import.meta.url, process.argv[1])) await executeCli();
 
 //#endregion
-export { executeCli, runCli, shouldExecuteCli };
-//# sourceMappingURL=cli.js.map
+export { executeCli, runCli, shouldExecuteCli };