@openape/apes 0.12.6 → 0.13.0

package/dist/cli.js

@@ -61,7 +61,7 @@ import {
 } from "./chunk-6GPSKAMU.js";
 
 // src/cli.ts
-import consola27 from "consola";
+import consola28 from "consola";
 
 // src/ape-shell.ts
 import path from "path";
@@ -91,7 +91,7 @@ function rewriteApeShellArgs(argv, argv0) {
 }
 
 // src/cli.ts
-import { defineCommand as defineCommand33, runMain } from "citty";
+import { defineCommand as defineCommand34, runMain } from "citty";
 
 // src/commands/auth/login.ts
 import { Buffer } from "buffer";
@@ -256,7 +256,7 @@ async function loginWithPKCE(idp) {
   authUrl.searchParams.set("state", state);
   authUrl.searchParams.set("nonce", nonce);
   authUrl.searchParams.set("scope", "openid email profile offline_access");
-  const code = await new Promise((resolve3, reject) => {
+  const code = await new Promise((resolve4, reject) => {
     const server = createServer((req, res) => {
       const url = new URL(req.url, `http://localhost:${CALLBACK_PORT}`);
       if (url.pathname === "/callback") {
@@ -273,7 +273,7 @@ async function loginWithPKCE(idp) {
           res.writeHead(200, { "Content-Type": "text/html" });
           res.end("<h1>Login successful!</h1><p>You can close this window.</p>");
           server.close();
-          resolve3(authCode);
+          resolve4(authCode);
           return;
         }
         res.writeHead(400);
@@ -833,7 +833,7 @@ async function waitForApproval2(grantsUrl, grantId) {
     if (grant.status === "revoked") {
       throw new CliError("Grant revoked.");
     }
-    await new Promise((resolve3) => setTimeout(resolve3, interval));
+    await new Promise((resolve4) => setTimeout(resolve4, interval));
   }
   throw new CliError("Timed out waiting for approval.");
 }
@@ -2455,9 +2455,215 @@ async function runAudienceMode(audience, action, args) {
   }
 }
 
-// src/commands/explain.ts
+// src/commands/proxy.ts
+import { spawn as spawn2 } from "child_process";
 import { defineCommand as defineCommand22 } from "citty";
-var explainCommand = defineCommand22({
+import consola20 from "consola";
+
+// src/proxy/config.ts
+import { homedir as homedir4 } from "os";
+import { join as join2 } from "path";
+function defaultAuditPath() {
+  const xdg = process.env.XDG_STATE_HOME;
+  const stateDir = xdg && xdg.length > 0 ? xdg : join2(homedir4(), ".local", "state");
+  return join2(stateDir, "openape", "proxy-audit.jsonl");
+}
+function buildDefaultProxyConfigToml() {
+  const auditPath = defaultAuditPath();
+  return `# Auto-generated by apes proxy -- (M1a). Do not edit; this file is
+# recreated for every \`apes proxy --\` invocation and deleted on exit.
+[proxy]
+listen = "127.0.0.1:0"
+idp_url = "https://id.openape.ai"
+agent_email = "ephemeral@apes-proxy.local"
+default_action = "allow"
+audit_log = "${auditPath.replace(/"/g, '\\"')}"
+
+# Cloud / link-local metadata endpoints \u2014 never let agent traffic reach these
+# even if a downstream policy mistake would otherwise allow it.
+[[deny]]
+domain = "169.254.169.254"
+note = "AWS / DigitalOcean / Azure metadata endpoint"
+
+[[deny]]
+domain = "metadata.google.internal"
+note = "GCP metadata endpoint"
+
+[[deny]]
+domain = "*.internal"
+note = "VPC-internal hostname suffix"
+`;
+}
+
+// src/proxy/local-proxy.ts
+import { spawn } from "child_process";
+import { mkdtempSync, rmSync, writeFileSync } from "fs";
+import { createRequire } from "module";
+import { tmpdir } from "os";
+import { dirname, join as join3, resolve as resolve2 } from "path";
+var require2 = createRequire(import.meta.url);
+function findProxyBin() {
+  const pkgPath = require2.resolve("@openape/proxy/package.json");
+  const pkg = require2("@openape/proxy/package.json");
+  const binRel = pkg.bin?.["openape-proxy"];
+  if (!binRel) {
+    throw new Error("@openape/proxy is missing the openape-proxy bin entry");
+  }
+  return resolve2(dirname(pkgPath), binRel);
+}
+async function startEphemeralProxy(configToml) {
+  const tmpDir = mkdtempSync(join3(tmpdir(), "openape-proxy-"));
+  const configPath = join3(tmpDir, "config.toml");
+  writeFileSync(configPath, configToml, { mode: 384 });
+  const binPath = findProxyBin();
+  const child = spawn(process.execPath, [binPath, "-c", configPath], {
+    stdio: ["ignore", "pipe", "pipe"],
+    detached: false
+  });
+  const cleanupTmp = () => {
+    try {
+      rmSync(tmpDir, { recursive: true, force: true });
+    } catch {
+    }
+  };
+  let port;
+  try {
+    port = await waitForListenLine(child);
+  } catch (err) {
+    child.kill("SIGTERM");
+    cleanupTmp();
+    throw err;
+  }
+  child.stderr?.on("data", (chunk) => process.stderr.write(chunk));
+  return {
+    url: `http://127.0.0.1:${port}`,
+    port,
+    child,
+    close: () => new Promise((resolveClose) => {
+      const done = () => {
+        cleanupTmp();
+        resolveClose();
+      };
+      if (child.exitCode !== null || child.signalCode !== null) {
+        done();
+        return;
+      }
+      child.once("exit", done);
+      child.kill("SIGTERM");
+      setTimeout(() => {
+        if (child.exitCode === null && child.signalCode === null) {
+          child.kill("SIGKILL");
+        }
+      }, 2e3).unref();
+    })
+  };
+}
+function waitForListenLine(child) {
+  return new Promise((resolveWait, rejectWait) => {
+    let buf = "";
+    let timer;
+    function onData(chunk) {
+      buf += chunk.toString("utf8");
+      const m = buf.match(/Listening on http:\/\/[^:\s]+:(\d+)/);
+      if (m) {
+        cleanup();
+        resolveWait(Number(m[1]));
+      }
+    }
+    function onExit(code) {
+      cleanup();
+      rejectWait(new Error(`openape-proxy exited before listening (code=${code}, stderr accumulated above)`));
+    }
+    function onError(err) {
+      cleanup();
+      rejectWait(err);
+    }
+    function cleanup() {
+      clearTimeout(timer);
+      child.stdout?.off("data", onData);
+      child.off("exit", onExit);
+      child.off("error", onError);
+    }
+    timer = setTimeout(() => {
+      cleanup();
+      rejectWait(new Error("openape-proxy startup timeout (5s)"));
+    }, 5e3);
+    timer.unref();
+    child.stdout?.on("data", onData);
+    child.once("exit", onExit);
+    child.once("error", onError);
+  });
+}
+
+// src/commands/proxy.ts
+var proxyCommand = defineCommand22({
+  meta: {
+    name: "proxy",
+    description: "Run a command with HTTPS_PROXY routed through the OpenApe egress proxy."
+  },
+  args: {
+    _: {
+      type: "positional",
+      description: "Command to execute (after --)",
+      required: false
+    }
+  },
+  async run({ rawArgs }) {
+    const wrapped = extractWrappedCommand(rawArgs ?? []);
+    if (wrapped.length === 0) {
+      throw new CliError("Usage: apes proxy -- <cmd> [args...]");
+    }
+    const reuseUrl = process.env.OPENAPE_PROXY_URL;
+    let proxyUrl;
+    let close = null;
+    if (reuseUrl) {
+      proxyUrl = reuseUrl;
+      consola20.info(`[apes proxy] reusing existing proxy at ${proxyUrl}`);
+    } else {
+      const ephemeral = await startEphemeralProxy(buildDefaultProxyConfigToml());
+      proxyUrl = ephemeral.url;
+      close = ephemeral.close;
+      consola20.info(`[apes proxy] started ephemeral proxy at ${proxyUrl}`);
+    }
+    const childEnv = {
+      ...process.env,
+      HTTPS_PROXY: proxyUrl,
+      HTTP_PROXY: proxyUrl,
+      NO_PROXY: process.env.NO_PROXY ?? "127.0.0.1,localhost"
+    };
+    const exitCode = await new Promise((resolveExit) => {
+      const child = spawn2(wrapped[0], wrapped.slice(1), {
+        stdio: "inherit",
+        env: childEnv
+      });
+      const forward = (sig) => () => child.kill(sig);
+      const onSigint = forward("SIGINT");
+      const onSigterm = forward("SIGTERM");
+      process.on("SIGINT", onSigint);
+      process.on("SIGTERM", onSigterm);
+      child.once("exit", (code, signal) => {
+        process.off("SIGINT", onSigint);
+        process.off("SIGTERM", onSigterm);
+        if (signal) resolveExit(128 + (signalNumber(signal) ?? 0));
+        else resolveExit(code ?? 0);
+      });
+      child.once("error", (err) => {
+        consola20.error(`[apes proxy] failed to spawn '${wrapped[0]}':`, err.message);
+        resolveExit(127);
+      });
+    });
+    if (close) await close();
+    if (exitCode !== 0) throw new CliExit(exitCode);
+  }
+});
+function signalNumber(signal) {
+  const map = { SIGINT: 2, SIGTERM: 15, SIGHUP: 1, SIGQUIT: 3, SIGKILL: 9 };
+  return map[signal];
+}
+
+// src/commands/explain.ts
+import { defineCommand as defineCommand23 } from "citty";
+var explainCommand = defineCommand23({
   meta: {
     name: "explain",
     description: "Show what permission a command would need"
@@ -2495,9 +2701,9 @@ var explainCommand = defineCommand22({
 });
 
 // src/commands/config/get.ts
-import { defineCommand as defineCommand23 } from "citty";
-import consola20 from "consola";
-var configGetCommand = defineCommand23({
+import { defineCommand as defineCommand24 } from "citty";
+import consola21 from "consola";
+var configGetCommand = defineCommand24({
   meta: {
     name: "get",
     description: "Get a configuration value"
@@ -2517,7 +2723,7 @@ var configGetCommand = defineCommand23({
         if (idp)
           console.log(idp);
         else
-          consola20.info("No IdP configured.");
+          consola21.info("No IdP configured.");
         break;
       }
       case "email": {
@@ -2525,7 +2731,7 @@ var configGetCommand = defineCommand23({
         if (auth?.email)
           console.log(auth.email);
         else
-          consola20.info("Not logged in.");
+          consola21.info("Not logged in.");
         break;
       }
       default: {
@@ -2538,7 +2744,7 @@ var configGetCommand = defineCommand23({
           if (sectionObj && field in sectionObj) {
             console.log(sectionObj[field]);
           } else {
-            consola20.info(`Key "${key}" not set.`);
+            consola21.info(`Key "${key}" not set.`);
           }
         } else {
           throw new CliError(`Unknown key: "${key}". Use: idp, email, defaults.idp, defaults.approval, agent.key, agent.email`);
@@ -2549,9 +2755,9 @@ var configGetCommand = defineCommand23({
 });
 
 // src/commands/config/set.ts
-import { defineCommand as defineCommand24 } from "citty";
-import consola21 from "consola";
-var configSetCommand = defineCommand24({
+import { defineCommand as defineCommand25 } from "citty";
+import consola22 from "consola";
+var configSetCommand = defineCommand25({
   meta: {
     name: "set",
     description: "Set a configuration value"
@@ -2587,12 +2793,12 @@ var configSetCommand = defineCommand24({
       throw new CliError(`Unknown section: "${section}". Use: defaults, agent`);
     }
     saveConfig(config);
-    consola21.success(`Set ${key} = ${value}`);
+    consola22.success(`Set ${key} = ${value}`);
   }
 });
 
 // src/commands/fetch/index.ts
-import { defineCommand as defineCommand25 } from "citty";
+import { defineCommand as defineCommand26 } from "citty";
 async function doRequest(method, url, body, contentType, raw, showHeaders) {
   const token = getAuthToken();
   if (!token) {
@@ -2628,13 +2834,13 @@ async function doRequest(method, url, body, contentType, raw, showHeaders) {
     throw new CliError(`HTTP ${response.status} ${response.statusText}`);
   }
 }
-var fetchCommand = defineCommand25({
+var fetchCommand = defineCommand26({
   meta: {
     name: "fetch",
     description: "Make authenticated HTTP requests"
   },
   subCommands: {
-    get: defineCommand25({
+    get: defineCommand26({
       meta: {
         name: "get",
         description: "GET request with auth token"
@@ -2660,7 +2866,7 @@ var fetchCommand = defineCommand25({
         await doRequest("GET", String(args.url), void 0, "application/json", Boolean(args.raw), Boolean(args.headers));
       }
     }),
-    post: defineCommand25({
+    post: defineCommand26({
       meta: {
         name: "post",
         description: "POST request with auth token"
@@ -2699,8 +2905,8 @@ var fetchCommand = defineCommand25({
 });
 
 // src/commands/mcp/index.ts
-import { defineCommand as defineCommand26 } from "citty";
-var mcpCommand = defineCommand26({
+import { defineCommand as defineCommand27 } from "citty";
+var mcpCommand = defineCommand27({
   meta: {
     name: "mcp",
     description: "Start MCP server for AI agents"
@@ -2723,25 +2929,25 @@ var mcpCommand = defineCommand26({
     if (transport !== "stdio" && transport !== "sse") {
       throw new Error('Transport must be "stdio" or "sse"');
     }
-    const { startMcpServer } = await import("./server-RP56MNWI.js");
+    const { startMcpServer } = await import("./server-QGNNBQHT.js");
     await startMcpServer(transport, port);
   }
 });
 
 // src/commands/init/index.ts
-import { existsSync as existsSync3, copyFileSync, writeFileSync } from "fs";
+import { existsSync as existsSync3, copyFileSync, writeFileSync as writeFileSync2 } from "fs";
 import { randomBytes } from "crypto";
 import { execFileSync as execFileSync3 } from "child_process";
-import { join as join2 } from "path";
-import { defineCommand as defineCommand27 } from "citty";
-import consola22 from "consola";
+import { join as join4 } from "path";
+import { defineCommand as defineCommand28 } from "citty";
+import consola23 from "consola";
 var DEFAULT_IDP_URL = "https://id.openape.at";
 async function downloadTemplate(repo, targetDir) {
   const { downloadTemplate: gigetDownload } = await import("giget");
   await gigetDownload(`gh:${repo}`, { dir: targetDir, force: false });
 }
 function installDeps(dir) {
-  const hasLockFile = (name) => existsSync3(join2(dir, name));
+  const hasLockFile = (name) => existsSync3(join4(dir, name));
   if (hasLockFile("pnpm-lock.yaml")) {
     execFileSync3("pnpm", ["install"], { cwd: dir, stdio: "inherit" });
   } else if (hasLockFile("bun.lockb")) {
@@ -2751,20 +2957,20 @@ function installDeps(dir) {
   }
 }
 async function promptChoice(message, choices) {
-  const result = await consola22.prompt(message, { type: "select", options: choices });
+  const result = await consola23.prompt(message, { type: "select", options: choices });
   if (typeof result === "symbol") {
     throw new CliExit(0);
   }
   return result;
 }
 async function promptText(message, defaultValue) {
-  const result = await consola22.prompt(message, { type: "text", default: defaultValue, placeholder: defaultValue });
+  const result = await consola23.prompt(message, { type: "text", default: defaultValue, placeholder: defaultValue });
   if (typeof result === "symbol") {
     throw new CliExit(0);
   }
   return result || defaultValue || "";
 }
-var initCommand = defineCommand27({
+var initCommand = defineCommand28({
   meta: {
     name: "init",
     description: "Scaffold a new OpenApe project"
@@ -2806,23 +3012,23 @@ var initCommand = defineCommand27({
 });
 async function initSP(targetDir) {
   const dir = targetDir || "my-app";
-  if (existsSync3(join2(dir, "package.json"))) {
+  if (existsSync3(join4(dir, "package.json"))) {
     throw new CliError(`Directory "${dir}" already contains a project.`);
   }
-  consola22.start("Scaffolding SP starter...");
+  consola23.start("Scaffolding SP starter...");
   await downloadTemplate("openape-ai/openape-sp-starter", dir);
-  consola22.success("Scaffolded from openape-sp-starter");
-  consola22.start("Installing dependencies...");
+  consola23.success("Scaffolded from openape-sp-starter");
+  consola23.start("Installing dependencies...");
   installDeps(dir);
-  consola22.success("Dependencies installed");
-  const envExample = join2(dir, ".env.example");
-  const envFile = join2(dir, ".env");
+  consola23.success("Dependencies installed");
+  const envExample = join4(dir, ".env.example");
+  const envFile = join4(dir, ".env");
   if (existsSync3(envExample) && !existsSync3(envFile)) {
     copyFileSync(envExample, envFile);
-    consola22.success(`\`.env\` created (using Free IdP at ${DEFAULT_IDP_URL})`);
+    consola23.success(`\`.env\` created (using Free IdP at ${DEFAULT_IDP_URL})`);
   }
   console.log("");
-  consola22.box([
+  consola23.box([
     `cd ${dir}`,
     "npm run dev",
     "",
@@ -2831,7 +3037,7 @@ async function initSP(targetDir) {
 }
 async function initIdP(targetDir) {
   const dir = targetDir || "my-idp";
-  if (existsSync3(join2(dir, "package.json"))) {
+  if (existsSync3(join4(dir, "package.json"))) {
     throw new CliError(`Directory "${dir}" already contains a project.`);
   }
   const domain = await promptText("Domain for the IdP", "localhost");
@@ -2841,15 +3047,15 @@ async function initIdP(targetDir) {
     "s3 (S3-compatible)"
   ]);
   const adminEmail = await promptText("Admin email");
-  consola22.start("Scaffolding IdP starter...");
+  consola23.start("Scaffolding IdP starter...");
   await downloadTemplate("openape-ai/openape-idp-starter", dir);
-  consola22.success("Scaffolded from openape-idp-starter");
-  consola22.start("Installing dependencies...");
+  consola23.success("Scaffolded from openape-idp-starter");
+  consola23.start("Installing dependencies...");
   installDeps(dir);
-  consola22.success("Dependencies installed");
+  consola23.success("Dependencies installed");
   const sessionSecret = randomBytes(32).toString("hex");
   const managementToken = randomBytes(32).toString("hex");
-  consola22.success("Secrets generated");
+  consola23.success("Secrets generated");
   const isLocalhost = domain === "localhost";
   const origin = isLocalhost ? "http://localhost:3000" : `https://${domain}`;
   const envContent = [
@@ -2863,11 +3069,11 @@ async function initIdP(targetDir) {
     `NUXT_OPENAPE_RP_ID=${domain}`,
     `NUXT_OPENAPE_RP_ORIGIN=${origin}`
   ].join("\n");
-  writeFileSync(join2(dir, ".env"), `${envContent}
+  writeFileSync2(join4(dir, ".env"), `${envContent}
 `, { mode: 384 });
-  consola22.success(".env created");
+  consola23.success(".env created");
   console.log("");
-  consola22.box([
+  consola23.box([
     `cd ${dir}`,
     "npm run dev",
     "",
@@ -2884,19 +3090,19 @@ async function initIdP(targetDir) {
 
 // src/commands/enroll.ts
 import { Buffer as Buffer2 } from "buffer";
-import { existsSync as existsSync4, readFileSync as readFileSync2, writeFileSync as writeFileSync2, mkdirSync } from "fs";
+import { existsSync as existsSync4, readFileSync as readFileSync2, writeFileSync as writeFileSync3, mkdirSync } from "fs";
 import { execFile as execFile2 } from "child_process";
 import { generateKeyPairSync, sign } from "crypto";
-import { dirname, resolve as resolve2 } from "path";
-import { homedir as homedir4 } from "os";
-import { defineCommand as defineCommand28 } from "citty";
-import consola23 from "consola";
+import { dirname as dirname2, resolve as resolve3 } from "path";
+import { homedir as homedir5 } from "os";
+import { defineCommand as defineCommand29 } from "citty";
+import consola24 from "consola";
 var DEFAULT_IDP_URL2 = "https://id.openape.at";
 var DEFAULT_KEY_PATH = "~/.ssh/id_ed25519";
 var POLL_INTERVAL = 3e3;
 var POLL_TIMEOUT = 3e5;
 function resolvePath2(p) {
-  return resolve2(p.replace(/^~/, homedir4()));
+  return resolve3(p.replace(/^~/, homedir5()));
 }
 function openBrowser2(url) {
   const cmd = process.platform === "darwin" ? "open" : process.platform === "win32" ? "start" : "xdg-open";
@@ -2922,13 +3128,13 @@ function readPublicKey(keyPath) {
 }
 function generateAndSaveKey(keyPath) {
   const resolved = resolvePath2(keyPath);
-  const dir = dirname(resolved);
+  const dir = dirname2(resolved);
   if (!existsSync4(dir)) {
     mkdirSync(dir, { recursive: true });
   }
   const { publicKey, privateKey } = generateKeyPairSync("ed25519");
   const privatePem = privateKey.export({ type: "pkcs8", format: "pem" });
-  writeFileSync2(resolved, privatePem, { mode: 384 });
+  writeFileSync3(resolved, privatePem, { mode: 384 });
   const jwk = publicKey.export({ format: "jwk" });
   const pubBytes = Buffer2.from(jwk.x, "base64url");
   const keyTypeStr = "ssh-ed25519";
@@ -2938,7 +3144,7 @@ function generateAndSaveKey(keyPath) {
   pubKeyLen.writeUInt32BE(pubBytes.length);
   const blob = Buffer2.concat([keyTypeLen, Buffer2.from(keyTypeStr), pubKeyLen, pubBytes]);
   const pubKeyStr = `ssh-ed25519 ${blob.toString("base64")}`;
-  writeFileSync2(`${resolved}.pub`, `${pubKeyStr}
+  writeFileSync3(`${resolved}.pub`, `${pubKeyStr}
 `, { mode: 420 });
   return pubKeyStr;
 }
@@ -2971,11 +3177,11 @@ async function pollForEnrollment(idp, agentEmail, keyPath) {
       }
     } catch {
     }
-    await new Promise((resolve3) => setTimeout(resolve3, POLL_INTERVAL));
+    await new Promise((resolve4) => setTimeout(resolve4, POLL_INTERVAL));
   }
   throw new Error("Enrollment timed out. Please check the browser and try again.");
 }
-var enrollCommand = defineCommand28({
+var enrollCommand = defineCommand29({
   meta: {
     name: "enroll",
     description: "Enroll an agent with an Identity Provider"
@@ -2995,18 +3201,18 @@ var enrollCommand = defineCommand28({
     }
   },
   async run({ args }) {
-    const idp = args.idp || await consola23.prompt("IdP URL", { type: "text", default: DEFAULT_IDP_URL2, placeholder: DEFAULT_IDP_URL2 }).then((r) => {
+    const idp = args.idp || await consola24.prompt("IdP URL", { type: "text", default: DEFAULT_IDP_URL2, placeholder: DEFAULT_IDP_URL2 }).then((r) => {
       if (typeof r === "symbol") throw new CliExit(0);
       return r;
     }) || DEFAULT_IDP_URL2;
-    const agentName = args.name || await consola23.prompt("Agent name", { type: "text", placeholder: "deploy-bot" }).then((r) => {
+    const agentName = args.name || await consola24.prompt("Agent name", { type: "text", placeholder: "deploy-bot" }).then((r) => {
       if (typeof r === "symbol") throw new CliExit(0);
       return r;
     });
     if (!agentName) {
       throw new CliError("Agent name is required.");
     }
-    const keyPath = args.key || await consola23.prompt("Ed25519 key", { type: "text", default: DEFAULT_KEY_PATH, placeholder: DEFAULT_KEY_PATH }).then((r) => {
+    const keyPath = args.key || await consola24.prompt("Ed25519 key", { type: "text", default: DEFAULT_KEY_PATH, placeholder: DEFAULT_KEY_PATH }).then((r) => {
       if (typeof r === "symbol") throw new CliExit(0);
       return r;
     }) || DEFAULT_KEY_PATH;
@@ -3014,19 +3220,19 @@ var enrollCommand = defineCommand28({
     let publicKey;
     if (existsSync4(resolvedKey)) {
       publicKey = readPublicKey(resolvedKey);
-      consola23.success(`Using existing key ${keyPath}`);
+      consola24.success(`Using existing key ${keyPath}`);
     } else {
-      consola23.start(`Generating Ed25519 key pair at ${keyPath}...`);
+      consola24.start(`Generating Ed25519 key pair at ${keyPath}...`);
       publicKey = generateAndSaveKey(keyPath);
-      consola23.success(`Key pair generated at ${keyPath}`);
+      consola24.success(`Key pair generated at ${keyPath}`);
     }
     const encodedKey = encodeURIComponent(publicKey);
     const enrollUrl = `${idp}/enroll?name=${encodeURIComponent(agentName)}&key=${encodedKey}`;
-    consola23.info("Opening browser for enrollment...");
-    consola23.info(`\u2192 ${idp}/enroll`);
+    consola24.info("Opening browser for enrollment...");
+    consola24.info(`\u2192 ${idp}/enroll`);
     openBrowser2(enrollUrl);
     console.log("");
-    const agentEmail = await consola23.prompt(
+    const agentEmail = await consola24.prompt(
       "Agent email (shown in browser after enrollment)",
       { type: "text", placeholder: `agent+${agentName}@...` }
     ).then((r) => {
@@ -3036,7 +3242,7 @@ var enrollCommand = defineCommand28({
     if (!agentEmail) {
       throw new CliError("Agent email is required to verify enrollment.");
     }
-    consola23.start("Verifying enrollment...");
+    consola24.start("Verifying enrollment...");
     const { token, expiresIn } = await pollForEnrollment(idp, agentEmail, keyPath);
     saveAuth({
       idp,
@@ -3048,18 +3254,18 @@ var enrollCommand = defineCommand28({
     config.defaults = { ...config.defaults, idp };
     config.agent = { key: keyPath, email: agentEmail };
     saveConfig(config);
-    consola23.success(`Agent enrolled as ${agentEmail}`);
-    consola23.success("Config saved to ~/.config/apes/");
+    consola24.success(`Agent enrolled as ${agentEmail}`);
+    consola24.success("Config saved to ~/.config/apes/");
     console.log("");
-    consola23.info("Verify with: apes whoami");
+    consola24.info("Verify with: apes whoami");
   }
 });
 
 // src/commands/register-user.ts
 import { existsSync as existsSync5, readFileSync as readFileSync3 } from "fs";
-import { defineCommand as defineCommand29 } from "citty";
-import consola24 from "consola";
-var registerUserCommand = defineCommand29({
+import { defineCommand as defineCommand30 } from "citty";
+import consola25 from "consola";
+var registerUserCommand = defineCommand30({
   meta: {
     name: "register-user",
     description: "Register a sub-user with SSH key"
@@ -3114,15 +3320,15 @@ var registerUserCommand = defineCommand29({
         ...userType ? { type: userType } : {}
       }
     });
-    consola24.success(`User registered: ${result.email} (type: ${result.type}, owner: ${result.owner})`);
+    consola25.success(`User registered: ${result.email} (type: ${result.type}, owner: ${result.owner})`);
   }
 });
 
 // src/commands/dns-check.ts
-import { defineCommand as defineCommand30 } from "citty";
-import consola25 from "consola";
+import { defineCommand as defineCommand31 } from "citty";
+import consola26 from "consola";
 import { resolveDDISA as resolveDDISA2 } from "@openape/core";
-var dnsCheckCommand = defineCommand30({
+var dnsCheckCommand = defineCommand31({
   meta: {
     name: "dns-check",
     description: "Validate DDISA DNS TXT records for a domain"
@@ -3136,7 +3342,7 @@ var dnsCheckCommand = defineCommand30({
   },
   async run({ args }) {
     const domain = args.domain;
-    consola25.start(`Checking _ddisa.${domain}...`);
+    consola26.start(`Checking _ddisa.${domain}...`);
     try {
       const result = await resolveDDISA2(domain);
       if (!result) {
@@ -3145,7 +3351,7 @@ var dnsCheckCommand = defineCommand30({
         console.log(`  _ddisa.${domain} TXT "v=ddisa1 idp=https://id.${domain}"`);
         throw new CliError(`No DDISA record found for ${domain}`);
       }
-      consola25.success(`_ddisa.${domain} \u2192 ${result.idp}`);
+      consola26.success(`_ddisa.${domain} \u2192 ${result.idp}`);
       console.log("");
       console.log(`  Version:  ${result.version || "ddisa1"}`);
       console.log(`  IdP URL:  ${result.idp}`);
@@ -3154,14 +3360,14 @@ var dnsCheckCommand = defineCommand30({
       if (result.priority !== void 0)
         console.log(`  Priority: ${result.priority}`);
       console.log("");
-      consola25.start(`Verifying IdP at ${result.idp}...`);
+      consola26.start(`Verifying IdP at ${result.idp}...`);
       const discoResp = await fetch(`${result.idp}/.well-known/openid-configuration`);
       if (!discoResp.ok) {
-        consola25.warn(`IdP discovery failed (${discoResp.status}). Is the IdP running at ${result.idp}?`);
+        consola26.warn(`IdP discovery failed (${discoResp.status}). Is the IdP running at ${result.idp}?`);
         return;
       }
       const disco = await discoResp.json();
-      consola25.success(`IdP is reachable`);
+      consola26.success(`IdP is reachable`);
       console.log(`  Issuer:   ${disco.issuer}`);
       console.log(`  DDISA:    v${disco.ddisa_version || "?"}`);
       if (disco.ddisa_auth_methods_supported) {
@@ -3179,7 +3385,7 @@ var dnsCheckCommand = defineCommand30({
 // src/commands/health.ts
 import { exec } from "child_process";
 import { promisify } from "util";
-import { defineCommand as defineCommand31 } from "citty";
+import { defineCommand as defineCommand32 } from "citty";
 var execAsync = promisify(exec);
 async function resolveApeShellPath() {
   try {
@@ -3215,7 +3421,7 @@ async function bestEffortGrantCount(idp) {
   }
 }
 async function runHealth(args) {
-  const version = true ? "0.12.6" : "0.0.0";
+  const version = true ? "0.13.0" : "0.0.0";
   const auth = loadAuth();
   if (!auth) {
     throw new CliError("Not logged in. Run `apes login` first.", 1);
@@ -3278,7 +3484,7 @@ async function runHealth(args) {
     throw new CliError(`IdP ${auth.idp} unreachable: ${idpProbe.error}`, 1);
   }
 }
-var healthCommand = defineCommand31({
+var healthCommand = defineCommand32({
   meta: {
     name: "health",
     description: "Report CLI diagnostic state (auth, IdP, grants, binaries)"
@@ -3296,8 +3502,8 @@ var healthCommand = defineCommand31({
 });
 
 // src/commands/workflows.ts
-import { defineCommand as defineCommand32 } from "citty";
-import consola26 from "consola";
+import { defineCommand as defineCommand33 } from "citty";
+import consola27 from "consola";
 
 // src/guides/index.ts
 var guides = [
@@ -3347,7 +3553,7 @@ var guides = [
 ];
 
 // src/commands/workflows.ts
-var workflowsCommand = defineCommand32({
+var workflowsCommand = defineCommand33({
   meta: {
     name: "workflows",
     description: "Discover workflow guides"
@@ -3368,7 +3574,7 @@ var workflowsCommand = defineCommand32({
     if (args.id) {
       const guide = guides.find((g) => g.id === String(args.id));
       if (!guide) {
-        consola26.info(`Available: ${guides.map((g) => g.id).join(", ")}`);
+        consola27.info(`Available: ${guides.map((g) => g.id).join(", ")}`);
         throw new CliError(`Guide not found: ${args.id}`);
       }
       if (args.json) {
@@ -3417,10 +3623,10 @@ if (shellRewrite) {
   if (shellRewrite.action === "rewrite") {
     process.argv = shellRewrite.argv;
   } else if (shellRewrite.action === "version") {
-    console.log(`ape-shell ${"0.12.6"} (OpenApe DDISA shell wrapper)`);
+    console.log(`ape-shell ${"0.13.0"} (OpenApe DDISA shell wrapper)`);
     process.exit(0);
   } else if (shellRewrite.action === "help") {
-    console.log(`ape-shell ${"0.12.6"} \u2014 OpenApe DDISA shell wrapper`);
+    console.log(`ape-shell ${"0.13.0"} \u2014 OpenApe DDISA shell wrapper`);
     console.log("");
     console.log("Usage:");
     console.log("  ape-shell                 Start interactive grant-mediated REPL");
@@ -3444,7 +3650,7 @@ if (shellRewrite) {
   }
 }
 var debug = process.argv.includes("--debug");
-var grantsCommand = defineCommand33({
+var grantsCommand = defineCommand34({
   meta: {
     name: "grants",
     description: "Grant management"
@@ -3465,7 +3671,7 @@ var grantsCommand = defineCommand33({
     "delegation-revoke": delegationRevokeCommand
   }
 });
-var configCommand = defineCommand33({
+var configCommand = defineCommand34({
   meta: {
     name: "config",
     description: "Configuration management"
@@ -3475,10 +3681,10 @@ var configCommand = defineCommand33({
     set: configSetCommand
   }
 });
-var main = defineCommand33({
+var main = defineCommand34({
   meta: {
     name: "apes",
-    version: "0.12.6",
+    version: "0.13.0",
     description: "Unified CLI for OpenApe"
   },
   subCommands: {
@@ -3493,6 +3699,7 @@ var main = defineCommand33({
     grants: grantsCommand,
     admin: adminCommand,
     run: runCommand,
+    proxy: proxyCommand,
     explain: explainCommand,
     adapter: adapterCommand,
     config: configCommand,
@@ -3506,13 +3713,13 @@ runMain(main).catch((err) => {
     process.exit(err.exitCode);
   }
   if (err instanceof CliError) {
-    consola27.error(err.message);
+    consola28.error(err.message);
     process.exit(err.exitCode);
   }
   if (debug) {
-    consola27.error(err);
+    consola28.error(err);
   } else {
-    consola27.error(err instanceof ApiError ? err.message : err instanceof Error ? err.message : String(err));
+    consola28.error(err instanceof ApiError ? err.message : err instanceof Error ? err.message : String(err));
   }
   process.exit(1);
 });