npm - @pellux/goodvibes-agent - Versions diffs - 0.1.0 - Mend

@pellux/goodvibes-agent 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (398) hide show

package/.goodvibes/GOODVIBES.md +35 -0
package/.goodvibes/agents/reviewer.md +48 -0
package/.goodvibes/skills/add-provider/SKILL.md +199 -0
package/CHANGELOG.md +25 -0
package/README.md +74 -0
package/bin/goodvibes-agent.ts +2 -0
package/docs/README.md +23 -0
package/docs/deployment-and-services.md +57 -0
package/docs/getting-started.md +53 -0
package/docs/release-and-publishing.md +46 -0
package/package.json +134 -0
package/scripts/check-bun.sh +20 -0
package/src/audio/player.ts +156 -0
package/src/audio/spoken-turn-controller.ts +203 -0
package/src/audio/spoken-turn-model-routing.ts +117 -0
package/src/audio/spoken-turn-wiring.ts +44 -0
package/src/audio/text-chunker.ts +110 -0
package/src/cli/bundle-command.ts +227 -0
package/src/cli/completion.ts +90 -0
package/src/cli/config-overrides.ts +159 -0
package/src/cli/endpoints.ts +63 -0
package/src/cli/entrypoint.ts +172 -0
package/src/cli/help.ts +299 -0
package/src/cli/index.ts +11 -0
package/src/cli/management-commands.ts +426 -0
package/src/cli/management.ts +744 -0
package/src/cli/network-posture.ts +46 -0
package/src/cli/package-verification.ts +123 -0
package/src/cli/parser.ts +369 -0
package/src/cli/provider-auth-routes.ts +22 -0
package/src/cli/provider-classification.ts +107 -0
package/src/cli/redaction.ts +105 -0
package/src/cli/service-command.ts +26 -0
package/src/cli/service-posture.ts +482 -0
package/src/cli/status.ts +383 -0
package/src/cli/surface-command.ts +247 -0
package/src/cli/tui-startup.ts +32 -0
package/src/cli/types.ts +69 -0
package/src/cli-flags.ts +21 -0
package/src/config/goodvibes-home-audit.ts +465 -0
package/src/config/index.ts +57 -0
package/src/config/provider-model.ts +23 -0
package/src/config/secret-config.ts +119 -0
package/src/config/secrets.ts +71 -0
package/src/config/surface.ts +1 -0
package/src/core/composer-state.ts +61 -0
package/src/core/conversation-rendering.ts +359 -0
package/src/core/conversation.ts +551 -0
package/src/core/history.ts +45 -0
package/src/core/orchestrator.ts +7 -0
package/src/core/system-message-router.ts +171 -0
package/src/daemon/cli.ts +55 -0
package/src/daemon/safe-serve.ts +61 -0
package/src/input/agent-workspace.ts +428 -0
package/src/input/autocomplete.ts +96 -0
package/src/input/bookmark-modal.ts +115 -0
package/src/input/command-args-hint.ts +36 -0
package/src/input/command-registry.ts +329 -0
package/src/input/commands/agent-externalized-tui.ts +73 -0
package/src/input/commands/agent-workspace-runtime.ts +17 -0
package/src/input/commands/branch-runtime.ts +72 -0
package/src/input/commands/cloudflare-runtime.ts +370 -0
package/src/input/commands/config.ts +18 -0
package/src/input/commands/control-room-runtime.ts +255 -0
package/src/input/commands/conversation-runtime.ts +207 -0
package/src/input/commands/discovery-runtime.ts +52 -0
package/src/input/commands/eval.ts +204 -0
package/src/input/commands/experience-runtime.ts +278 -0
package/src/input/commands/guidance-runtime.ts +106 -0
package/src/input/commands/health-runtime.ts +434 -0
package/src/input/commands/hooks-runtime.ts +148 -0
package/src/input/commands/incident-runtime.ts +95 -0
package/src/input/commands/integration-runtime.ts +394 -0
package/src/input/commands/intelligence-runtime.ts +223 -0
package/src/input/commands/knowledge.ts +531 -0
package/src/input/commands/local-auth-runtime.ts +105 -0
package/src/input/commands/local-provider-runtime.ts +170 -0
package/src/input/commands/local-runtime.ts +392 -0
package/src/input/commands/local-setup-review.ts +199 -0
package/src/input/commands/local-setup-transfer.ts +135 -0
package/src/input/commands/local-setup.ts +282 -0
package/src/input/commands/managed-runtime.ts +209 -0
package/src/input/commands/marketplace-runtime.ts +290 -0
package/src/input/commands/mcp-runtime.ts +432 -0
package/src/input/commands/memory-product-runtime.ts +111 -0
package/src/input/commands/memory.ts +151 -0
package/src/input/commands/notify-runtime.ts +83 -0
package/src/input/commands/onboarding-runtime.ts +14 -0
package/src/input/commands/operator-panel-runtime.ts +146 -0
package/src/input/commands/operator-runtime.ts +392 -0
package/src/input/commands/planning-runtime.ts +205 -0
package/src/input/commands/platform-access-runtime.ts +422 -0
package/src/input/commands/platform-services-runtime.ts +246 -0
package/src/input/commands/policy-dispatch.ts +339 -0
package/src/input/commands/policy.ts +17 -0
package/src/input/commands/product-runtime.ts +351 -0
package/src/input/commands/profile-sync-runtime.ts +99 -0
package/src/input/commands/provider-accounts-runtime.ts +113 -0
package/src/input/commands/provider.ts +363 -0
package/src/input/commands/qrcode-runtime.ts +20 -0
package/src/input/commands/quit-shared.ts +162 -0
package/src/input/commands/recall-bundle.ts +132 -0
package/src/input/commands/recall-capture.ts +152 -0
package/src/input/commands/recall-query.ts +229 -0
package/src/input/commands/recall-review.ts +98 -0
package/src/input/commands/recall-shared.ts +22 -0
package/src/input/commands/remote-runtime-pool.ts +106 -0
package/src/input/commands/remote-runtime-setup.ts +199 -0
package/src/input/commands/remote-runtime.ts +431 -0
package/src/input/commands/replay-runtime.ts +18 -0
package/src/input/commands/runtime-services.ts +291 -0
package/src/input/commands/schedule-runtime.ts +91 -0
package/src/input/commands/services-runtime.ts +209 -0
package/src/input/commands/session-content.ts +408 -0
package/src/input/commands/session-workflow.ts +464 -0
package/src/input/commands/session.ts +375 -0
package/src/input/commands/settings-sync-runtime.ts +174 -0
package/src/input/commands/share-runtime.ts +119 -0
package/src/input/commands/shell-core.ts +307 -0
package/src/input/commands/skills-runtime.ts +221 -0
package/src/input/commands/subscription-runtime.ts +434 -0
package/src/input/commands/tasks-runtime.ts +230 -0
package/src/input/commands/teamwork-runtime.ts +339 -0
package/src/input/commands/teleport-runtime.ts +57 -0
package/src/input/commands/tts-runtime.ts +29 -0
package/src/input/commands/work-plan-runtime.ts +169 -0
package/src/input/commands.ts +131 -0
package/src/input/feed-context-factory.ts +254 -0
package/src/input/file-picker.ts +192 -0
package/src/input/handler-command-route.ts +180 -0
package/src/input/handler-content-actions.ts +497 -0
package/src/input/handler-feed-routes.ts +648 -0
package/src/input/handler-feed.ts +452 -0
package/src/input/handler-interactions.ts +281 -0
package/src/input/handler-modal-routes.ts +418 -0
package/src/input/handler-modal-stack.ts +263 -0
package/src/input/handler-modal-token-routes.ts +329 -0
package/src/input/handler-onboarding-cloudflare.ts +391 -0
package/src/input/handler-onboarding.ts +620 -0
package/src/input/handler-picker-routes.ts +472 -0
package/src/input/handler-prompt-buffer.ts +320 -0
package/src/input/handler-shortcuts.ts +213 -0
package/src/input/handler-ui-state.ts +372 -0
package/src/input/handler.ts +729 -0
package/src/input/input-history.ts +297 -0
package/src/input/keybindings.ts +292 -0
package/src/input/mcp-workspace.ts +554 -0
package/src/input/model-picker-provider-filter.ts +28 -0
package/src/input/model-picker-types.ts +137 -0
package/src/input/model-picker.ts +797 -0
package/src/input/onboarding/handler-onboarding-routes.ts +125 -0
package/src/input/onboarding/onboarding-runtime-status.ts +87 -0
package/src/input/onboarding/onboarding-wizard-apply.ts +277 -0
package/src/input/onboarding/onboarding-wizard-cloudflare-step.ts +494 -0
package/src/input/onboarding/onboarding-wizard-cloudflare.ts +204 -0
package/src/input/onboarding/onboarding-wizard-constants.ts +158 -0
package/src/input/onboarding/onboarding-wizard-external-surface-extra-specs.ts +130 -0
package/src/input/onboarding/onboarding-wizard-external-surfaces.ts +762 -0
package/src/input/onboarding/onboarding-wizard-helpers.ts +167 -0
package/src/input/onboarding/onboarding-wizard-rules.ts +256 -0
package/src/input/onboarding/onboarding-wizard-state.ts +365 -0
package/src/input/onboarding/onboarding-wizard-steps.ts +798 -0
package/src/input/onboarding/onboarding-wizard-types.ts +195 -0
package/src/input/onboarding/onboarding-wizard.ts +711 -0
package/src/input/panel-integration-actions.ts +78 -0
package/src/input/profile-picker-modal.ts +222 -0
package/src/input/search.ts +100 -0
package/src/input/selection-modal.ts +163 -0
package/src/input/selection.ts +135 -0
package/src/input/session-picker-modal.ts +136 -0
package/src/input/settings-modal-behavior.ts +37 -0
package/src/input/settings-modal-secrets.ts +41 -0
package/src/input/settings-modal-subscriptions.ts +95 -0
package/src/input/settings-modal-types.ts +91 -0
package/src/input/settings-modal.ts +793 -0
package/src/input/submission-intent.ts +17 -0
package/src/input/submission-router.ts +59 -0
package/src/input/tts-settings-actions.ts +100 -0
package/src/main.ts +792 -0
package/src/mcp/runtime-reload.ts +81 -0
package/src/panels/agent-inspector-panel.ts +521 -0
package/src/panels/agent-inspector-shared.ts +94 -0
package/src/panels/agent-logs-panel.ts +559 -0
package/src/panels/agent-logs-shared.ts +129 -0
package/src/panels/approval-panel.ts +150 -0
package/src/panels/automation-control-panel.ts +212 -0
package/src/panels/base-panel.ts +254 -0
package/src/panels/builtin/agent.ts +117 -0
package/src/panels/builtin/development.ts +31 -0
package/src/panels/builtin/knowledge.ts +26 -0
package/src/panels/builtin/operations.ts +349 -0
package/src/panels/builtin/session.ts +129 -0
package/src/panels/builtin/shared.ts +274 -0
package/src/panels/builtin-panels.ts +23 -0
package/src/panels/cockpit-panel.ts +183 -0
package/src/panels/communication-panel.ts +153 -0
package/src/panels/confirm-state.ts +61 -0
package/src/panels/context-visualizer-panel.ts +204 -0
package/src/panels/control-plane-panel.ts +211 -0
package/src/panels/cost-tracker-panel.ts +444 -0
package/src/panels/debug-panel.ts +432 -0
package/src/panels/diff-panel.ts +520 -0
package/src/panels/docs-panel.ts +283 -0
package/src/panels/eval-panel.ts +399 -0
package/src/panels/file-explorer-panel.ts +584 -0
package/src/panels/file-preview-panel.ts +434 -0
package/src/panels/forensics-panel.ts +364 -0
package/src/panels/git-panel.ts +638 -0
package/src/panels/hooks-panel.ts +239 -0
package/src/panels/incident-review-panel.ts +197 -0
package/src/panels/index.ts +46 -0
package/src/panels/intelligence-panel.ts +176 -0
package/src/panels/knowledge-panel.ts +345 -0
package/src/panels/local-auth-panel.ts +130 -0
package/src/panels/marketplace-panel.ts +212 -0
package/src/panels/memory-panel.ts +225 -0
package/src/panels/ops-control-panel.ts +150 -0
package/src/panels/ops-strategy-panel.ts +235 -0
package/src/panels/orchestration-panel.ts +273 -0
package/src/panels/panel-list-panel.ts +509 -0
package/src/panels/panel-manager.ts +570 -0
package/src/panels/panel-picker.ts +106 -0
package/src/panels/plan-dashboard-panel.ts +274 -0
package/src/panels/plugins-panel.ts +178 -0
package/src/panels/policy-panel.ts +308 -0
package/src/panels/polish.ts +717 -0
package/src/panels/project-planning-panel.ts +711 -0
package/src/panels/provider-account-snapshot.ts +259 -0
package/src/panels/provider-accounts-panel.ts +218 -0
package/src/panels/provider-health-domains.ts +215 -0
package/src/panels/provider-health-panel.ts +727 -0
package/src/panels/provider-health-tracker.ts +115 -0
package/src/panels/provider-stats-panel.ts +366 -0
package/src/panels/qr-panel.ts +182 -0
package/src/panels/remote-panel.ts +449 -0
package/src/panels/routes-panel.ts +178 -0
package/src/panels/sandbox-panel.ts +283 -0
package/src/panels/schedule-panel.ts +329 -0
package/src/panels/scrollable-list-panel.ts +491 -0
package/src/panels/search-focus.ts +32 -0
package/src/panels/security-panel.ts +295 -0
package/src/panels/services-panel.ts +231 -0
package/src/panels/session-browser-panel.ts +400 -0
package/src/panels/session-maintenance.ts +125 -0
package/src/panels/settings-sync-panel.ts +120 -0
package/src/panels/skills-panel.ts +431 -0
package/src/panels/subscription-panel.ts +263 -0
package/src/panels/symbol-outline-panel.ts +486 -0
package/src/panels/system-messages-panel.ts +230 -0
package/src/panels/tasks-panel.ts +399 -0
package/src/panels/thinking-panel.ts +304 -0
package/src/panels/token-budget-panel.ts +475 -0
package/src/panels/tool-inspector-panel.ts +429 -0
package/src/panels/types.ts +54 -0
package/src/panels/watchers-panel.ts +193 -0
package/src/panels/work-plan-panel.ts +175 -0
package/src/panels/worktree-panel.ts +182 -0
package/src/panels/wrfc-panel.ts +609 -0
package/src/permissions/prompt.ts +165 -0
package/src/planning/project-planning-coordinator.ts +543 -0
package/src/plugins/loader.ts +15 -0
package/src/renderer/agent-detail-modal.ts +331 -0
package/src/renderer/agent-workspace.ts +238 -0
package/src/renderer/ansi-sanitize.ts +76 -0
package/src/renderer/autocomplete-overlay.ts +154 -0
package/src/renderer/block-actions.ts +76 -0
package/src/renderer/bookmark-modal.ts +101 -0
package/src/renderer/bottom-bar.ts +58 -0
package/src/renderer/buffer.ts +113 -0
package/src/renderer/code-block.ts +373 -0
package/src/renderer/compositor.ts +283 -0
package/src/renderer/context-inspector.ts +219 -0
package/src/renderer/conversation-layout.ts +67 -0
package/src/renderer/conversation-overlays.ts +140 -0
package/src/renderer/conversation-surface.ts +260 -0
package/src/renderer/diff-view.ts +132 -0
package/src/renderer/diff.ts +130 -0
package/src/renderer/file-picker-overlay.ts +101 -0
package/src/renderer/file-tree.ts +153 -0
package/src/renderer/fullscreen-primitives.ts +130 -0
package/src/renderer/fullscreen-workspace.ts +199 -0
package/src/renderer/git-status.ts +89 -0
package/src/renderer/help-overlay.ts +267 -0
package/src/renderer/history-search-overlay.ts +73 -0
package/src/renderer/layout-engine.ts +97 -0
package/src/renderer/layout.ts +32 -0
package/src/renderer/live-tail-modal.ts +156 -0
package/src/renderer/markdown.ts +635 -0
package/src/renderer/mcp-workspace.ts +237 -0
package/src/renderer/modal-factory.ts +467 -0
package/src/renderer/modal-utils.ts +24 -0
package/src/renderer/model-picker-overlay.ts +473 -0
package/src/renderer/model-workspace.ts +488 -0
package/src/renderer/onboarding/onboarding-wizard.ts +615 -0
package/src/renderer/overlay-box.ts +146 -0
package/src/renderer/overlay-viewport.ts +104 -0
package/src/renderer/panel-composite.ts +158 -0
package/src/renderer/panel-picker-overlay.ts +202 -0
package/src/renderer/panel-tab-bar.ts +69 -0
package/src/renderer/panel-workspace-bar.ts +42 -0
package/src/renderer/process-indicator.ts +96 -0
package/src/renderer/process-modal.ts +656 -0
package/src/renderer/process-summary.ts +67 -0
package/src/renderer/profile-picker-modal.ts +129 -0
package/src/renderer/progress.ts +98 -0
package/src/renderer/qr-renderer.ts +120 -0
package/src/renderer/search-overlay.ts +54 -0
package/src/renderer/selection-modal-overlay.ts +214 -0
package/src/renderer/semantic-diff.ts +369 -0
package/src/renderer/session-picker-modal.ts +127 -0
package/src/renderer/settings-modal-helpers.ts +193 -0
package/src/renderer/settings-modal.ts +537 -0
package/src/renderer/shell-surface.ts +88 -0
package/src/renderer/status-glyphs.ts +21 -0
package/src/renderer/status-token.ts +67 -0
package/src/renderer/surface-layout.ts +101 -0
package/src/renderer/syntax-highlighter.ts +542 -0
package/src/renderer/system-message.ts +83 -0
package/src/renderer/tab-strip.ts +108 -0
package/src/renderer/text-layout.ts +31 -0
package/src/renderer/thinking.ts +17 -0
package/src/renderer/tool-call.ts +234 -0
package/src/renderer/ui-factory.ts +524 -0
package/src/renderer/ui-primitives.ts +96 -0
package/src/runtime/bootstrap-command-context.ts +278 -0
package/src/runtime/bootstrap-command-parts.ts +386 -0
package/src/runtime/bootstrap-core.ts +540 -0
package/src/runtime/bootstrap-hook-bridge.ts +112 -0
package/src/runtime/bootstrap-shell.ts +283 -0
package/src/runtime/bootstrap.ts +575 -0
package/src/runtime/cloudflare-control-plane.ts +349 -0
package/src/runtime/context.ts +142 -0
package/src/runtime/diagnostics/panels/index.ts +24 -0
package/src/runtime/diagnostics/panels/ops.ts +156 -0
package/src/runtime/diagnostics/panels/panel-resources.ts +118 -0
package/src/runtime/diagnostics/panels/policy.ts +177 -0
package/src/runtime/index.ts +662 -0
package/src/runtime/onboarding/apply.ts +642 -0
package/src/runtime/onboarding/derivation.ts +534 -0
package/src/runtime/onboarding/index.ts +7 -0
package/src/runtime/onboarding/markers.ts +148 -0
package/src/runtime/onboarding/snapshot.ts +406 -0
package/src/runtime/onboarding/state.ts +141 -0
package/src/runtime/onboarding/types.ts +404 -0
package/src/runtime/onboarding/verify.ts +171 -0
package/src/runtime/operator-token-cleanup.ts +27 -0
package/src/runtime/perf/panel-contracts.ts +32 -0
package/src/runtime/perf/panel-health-monitor.ts +18 -0
package/src/runtime/sandbox-public-gaps.ts +358 -0
package/src/runtime/services.ts +670 -0
package/src/runtime/store/domains/domain-read-matrix.ts +15 -0
package/src/runtime/store/domains/index.ts +222 -0
package/src/runtime/store/domains/panels.ts +117 -0
package/src/runtime/store/domains/ui-perf.ts +103 -0
package/src/runtime/store/index.ts +305 -0
package/src/runtime/store/selectors/index.ts +359 -0
package/src/runtime/store/state.ts +145 -0
package/src/runtime/surface-feature-flags.ts +65 -0
package/src/runtime/terminal-output-guard.ts +228 -0
package/src/runtime/ui/index.ts +39 -0
package/src/runtime/ui/model-picker/data-provider.ts +182 -0
package/src/runtime/ui/model-picker/health-enrichment.ts +228 -0
package/src/runtime/ui/model-picker/index.ts +59 -0
package/src/runtime/ui/model-picker/types.ts +149 -0
package/src/runtime/ui/provider-health/data-provider.ts +244 -0
package/src/runtime/ui/provider-health/fallback-visualizer.ts +71 -0
package/src/runtime/ui/provider-health/index.ts +46 -0
package/src/runtime/ui/provider-health/types.ts +146 -0
package/src/runtime/ui-events.ts +1 -0
package/src/runtime/ui-read-model-helpers.ts +1 -0
package/src/runtime/ui-read-models-observability-maintenance.ts +1 -0
package/src/runtime/ui-read-models-observability-options.ts +1 -0
package/src/runtime/ui-read-models-observability-remote.ts +1 -0
package/src/runtime/ui-read-models-observability-security.ts +1 -0
package/src/runtime/ui-read-models-observability-system.ts +1 -0
package/src/runtime/ui-read-models-observability.ts +1 -0
package/src/runtime/ui-read-models.ts +61 -0
package/src/runtime/ui-service-queries.ts +1 -0
package/src/runtime/ui-services.ts +190 -0
package/src/scripts/process-messages.ts +42 -0
package/src/shell/blocking-input.ts +98 -0
package/src/shell/service-settings-sync.ts +273 -0
package/src/shell/ui-openers.ts +352 -0
package/src/tools/index.ts +1 -0
package/src/tools/wrfc-agent-guard.ts +49 -0
package/src/types/grid.ts +48 -0
package/src/types/sql-js.d.ts +15 -0
package/src/utils/clipboard.ts +22 -0
package/src/utils/splash-lines.ts +46 -0
package/src/utils/terminal-width.ts +185 -0
package/src/verification/live-verifier.ts +430 -0
package/src/verification/verification-ledger.ts +242 -0
package/src/version.ts +17 -0
package/src/widget/index.ts +2 -0
package/src/widget/types.ts +9 -0
package/src/widget/widget.ts +8 -0
package/src/work-plans/work-plan-store.ts +374 -0
package/tsconfig.json +18 -0

package/src/cli/status.ts ADDED Viewed

@@ -0,0 +1,383 @@
+import type { ConfigManager } from '@pellux/goodvibes-sdk/platform/config';
+import type { OnboardingCheckMarkersState } from '../runtime/onboarding/index.ts';
+import { resolveRuntimeEndpointBinding } from './endpoints.ts';
+import { isNetworkFacing } from './network-posture.ts';
+import type { GoodVibesCliOutputFormat } from './types.ts';
+import type { CliServicePosture } from './service-posture.ts';
+import { getProviderIdFromModel } from '../config/provider-model.ts';
+export interface CliStatusOptions {
+  readonly configManager: Pick<ConfigManager, 'get'>;
+  readonly workingDirectory: string;
+  readonly homeDirectory: string;
+  readonly onboardingMarkers?: OnboardingCheckMarkersState;
+  readonly auth?: CliAuthStatus;
+  readonly service?: CliServicePosture;
+  readonly doctor?: boolean;
+  readonly outputFormat?: GoodVibesCliOutputFormat;
+}
+export interface CliAuthStatus {
+  readonly userStorePath: string;
+  readonly userStorePresent: boolean;
+  readonly bootstrapCredentialPath: string;
+  readonly bootstrapCredentialPresent: boolean;
+  readonly operatorTokenPath: string;
+  readonly operatorTokenPresent: boolean;
+}
+export interface CliDoctorFinding {
+  readonly id: string;
+  readonly area: 'auth' | 'network' | 'onboarding' | 'security' | 'service' | 'secrets';
+  readonly severity: 'warning' | 'risk';
+  readonly summary: string;
+  readonly cause: string;
+  readonly impact: string;
+  readonly action: string;
+}
+export interface CliStatusSnapshot {
+  readonly title: 'GoodVibes Agent status' | 'GoodVibes Agent doctor';
+  readonly workingDirectory: string;
+  readonly homeDirectory: string;
+  readonly provider: {
+    readonly provider: string;
+    readonly model: string;
+    readonly reasoning: string;
+  };
+  readonly auth: {
+    readonly permissionMode: unknown;
+    readonly permissionLabel: string;
+    readonly secretPolicy: unknown;
+    readonly secretPolicyLabel: string;
+    readonly localUsers: CliAuthStatus | null;
+  };
+  readonly service: {
+    readonly enabled: unknown;
+    readonly autostart: unknown;
+    readonly restartOnFailure: unknown;
+    readonly lifecycle?: CliServicePosture;
+  };
+  readonly surfaces: {
+    readonly controlPlane: ReturnType<typeof resolveRuntimeEndpointBinding> & { readonly enabled: unknown };
+    readonly httpListener: ReturnType<typeof resolveRuntimeEndpointBinding> & { readonly enabled: unknown };
+    readonly web: ReturnType<typeof resolveRuntimeEndpointBinding> & { readonly enabled: unknown };
+  };
+  readonly onboarding: {
+    readonly checked: boolean;
+    readonly scope: string;
+    readonly updatedAt: number | null;
+  };
+  readonly findings: readonly CliDoctorFinding[];
+}
+function yesNo(value: unknown): string {
+  return value === true ? 'yes' : 'no';
+}
+function permissionModeLabel(mode: unknown): string {
+  if (mode === 'prompt') return 'Ask before powerful actions';
+  if (mode === 'allow-all') return 'Allow everything';
+  if (mode === 'custom') return 'Custom rules';
+  return String(mode ?? 'unknown');
+}
+function secretPolicyLabel(policy: unknown): string {
+  if (policy === 'preferred_secure') return 'Use secure storage when available';
+  if (policy === 'require_secure') return 'Require secure storage';
+  if (policy === 'plaintext_allowed') return 'Allow plaintext storage';
+  return String(policy ?? 'unknown');
+}
+function bindLine(label: string, enabled: unknown, binding: { readonly hostMode: string; readonly host: string; readonly port: number }): string {
+  return `  ${label}: ${yesNo(enabled)} (${binding.hostMode} ${binding.host}:${binding.port})`;
+}
+export function buildCliDoctorFindings(options: CliStatusOptions): readonly CliDoctorFinding[] {
+  const config = options.configManager;
+  const serviceEnabled = config.get('service.enabled') === true;
+  const serviceAutostart = config.get('service.autostart') === true;
+  const restartOnFailure = config.get('service.restartOnFailure') === true;
+  const daemonEnabled = config.get('danger.daemon') === true;
+  const listenerEnabled = config.get('danger.httpListener') === true;
+  const webEnabled = config.get('web.enabled') === true;
+  const controlPlaneEnabled = config.get('controlPlane.enabled') === true;
+  const controlPlaneBinding = resolveRuntimeEndpointBinding(config, 'controlPlane');
+  const httpListenerBinding = resolveRuntimeEndpointBinding(config, 'httpListener');
+  const webBinding = resolveRuntimeEndpointBinding(config, 'web');
+  const permissionMode = config.get('permissions.mode');
+  const secretPolicy = config.get('storage.secretPolicy');
+  const marker = options.onboardingMarkers?.effective;
+  const serverBackedEnabled = daemonEnabled || controlPlaneEnabled || listenerEnabled || webEnabled;
+  const networkFacingSurfaces = [
+    ['control plane', controlPlaneEnabled, controlPlaneBinding],
+    ['HTTP listener', listenerEnabled, httpListenerBinding],
+    ['web surface', webEnabled, webBinding],
+  ].filter(([, enabled, binding]) => isNetworkFacing(enabled, binding as typeof controlPlaneBinding));
+  const findings: CliDoctorFinding[] = [];
+  if (serverBackedEnabled && !serviceEnabled) {
+    findings.push({
+      id: 'service-disabled-for-server-surfaces',
+      area: 'service',
+      severity: 'warning',
+      summary: 'Server-backed surfaces are enabled but service mode is off.',
+      cause: 'One or more daemon, control-plane, listener, or web settings are enabled while service.enabled is false.',
+      impact: 'The configured surfaces may not start automatically or survive restarts.',
+      action: 'Enable service mode or disable the server-backed surfaces you do not want.',
+    });
+  }
+  if (serviceEnabled && !serviceAutostart) {
+    findings.push({
+      id: 'service-autostart-disabled',
+      area: 'service',
+      severity: 'warning',
+      summary: 'Service mode is enabled but autostart is off.',
+      cause: 'service.enabled is true and service.autostart is false.',
+      impact: 'The external GoodVibes daemon may not be available after login or reboot even though service mode is selected.',
+      action: 'Enable service.autostart if the daemon/listener/web surfaces should stay available.',
+    });
+  }
+  if (serviceEnabled && !restartOnFailure) {
+    findings.push({
+      id: 'service-restart-disabled',
+      area: 'service',
+      severity: 'warning',
+      summary: 'Service restart-on-failure is off.',
+      cause: 'service.enabled is true and service.restartOnFailure is false.',
+      impact: 'A crashed daemon or listener may stay down until manually restarted.',
+      action: 'Enable service.restartOnFailure for durable daemon/listener operation.',
+    });
+  }
+  if (options.service) {
+    for (const issue of options.service.issues) {
+      if (findings.some((finding) => finding.summary === issue)) continue;
+      findings.push({
+        id: `service-lifecycle-${findings.length}`,
+        area: 'service',
+        severity: 'warning',
+        summary: issue,
+        cause: 'The service lifecycle inspection found a mismatch between configured service/surface state and observed host state.',
+        impact: 'Daemon, control-plane, listener, or web availability may not match the configuration.',
+        action: 'Run goodvibes-agent service check, then manage the daemon from GoodVibes TUI or your daemon host tooling.',
+      });
+    }
+  }
+  if (!marker?.exists) {
+    findings.push({
+      id: 'onboarding-incomplete',
+      area: 'onboarding',
+      severity: 'warning',
+      summary: 'Onboarding has not been shown for this user.',
+      cause: 'No global user onboarding check marker was found.',
+      impact: 'Important service, network, provider, auth, or permission choices may still be implicit defaults.',
+      action: 'Run /onboarding in GoodVibes Agent or goodvibes-agent onboarding status to review setup state.',
+    });
+  }
+  if (networkFacingSurfaces.length > 0 && options.auth?.userStorePresent !== true) {
+    findings.push({
+      id: 'network-surface-without-local-users',
+      area: 'auth',
+      severity: 'risk',
+      summary: 'Network-facing surfaces are enabled before local users are configured.',
+      cause: `${networkFacingSurfaces.map(([name]) => name).join(', ')} are LAN/custom-bound, but no local auth user store was found.`,
+      impact: 'Remote access paths may be unusable or unsafe until local admin auth is configured.',
+      action: 'Create/verify a local admin user before exposing GoodVibes on the network.',
+    });
+  }
+  if (networkFacingSurfaces.length > 0 && options.auth?.bootstrapCredentialPresent === true) {
+    findings.push({
+      id: 'network-surface-with-bootstrap-credential',
+      area: 'auth',
+      severity: 'risk',
+      summary: 'A bootstrap credential is still present while network-facing surfaces are enabled.',
+      cause: `${networkFacingSurfaces.map(([name]) => name).join(', ')} are LAN/custom-bound and auth-bootstrap.txt exists.`,
+      impact: 'Bootstrap credentials should be treated as temporary setup material, not long-lived network access credentials.',
+      action: 'Replace bootstrap auth with a named admin user and retire the bootstrap credential.',
+    });
+  }
+  if (permissionMode === 'allow-all') {
+    findings.push({
+      id: 'allow-all-permissions',
+      area: 'security',
+      severity: 'risk',
+      summary: 'Allow everything permission mode is active.',
+      cause: 'permissions.mode is allow-all.',
+      impact: 'Powerful write, edit, network, and execution tools can run without a Human-in-the-Loop (HITL) approval prompt.',
+      action: 'Use Ask before powerful actions or Custom rules unless this is an intentionally trusted environment.',
+    });
+  }
+  if (secretPolicy === 'plaintext_allowed') {
+    findings.push({
+      id: 'plaintext-secrets-allowed',
+      area: 'secrets',
+      severity: 'risk',
+      summary: 'Plaintext secret storage is allowed.',
+      cause: 'storage.secretPolicy is plaintext_allowed.',
+      impact: 'Provider keys and surface tokens may be stored without secure backend protection.',
+      action: 'Use Require secure storage or Use secure storage when available for normal operation.',
+    });
+  }
+  if (listenerEnabled && isNetworkFacing(listenerEnabled, httpListenerBinding)) {
+    findings.push({
+      id: 'network-http-listener-enabled',
+      area: 'network',
+      severity: 'warning',
+      summary: 'The HTTP listener is reachable beyond loopback.',
+      cause: `HTTP listener is enabled on ${httpListenerBinding.host}:${httpListenerBinding.port} with ${httpListenerBinding.hostMode} binding.`,
+      impact: 'External tools and devices may be able to reach incoming event endpoints.',
+      action: 'Keep listener secrets/signature checks configured for every enabled webhook surface.',
+    });
+  }
+  return findings;
+}
+export function buildCliStatusSnapshot(options: CliStatusOptions): CliStatusSnapshot {
+  const config = options.configManager;
+  const controlPlaneBinding = resolveRuntimeEndpointBinding(config, 'controlPlane');
+  const httpListenerBinding = resolveRuntimeEndpointBinding(config, 'httpListener');
+  const webBinding = resolveRuntimeEndpointBinding(config, 'web');
+  const marker = options.onboardingMarkers?.effective;
+  const findings = buildCliDoctorFindings(options);
+  return {
+    title: options.doctor ? 'GoodVibes Agent doctor' : 'GoodVibes Agent status',
+    workingDirectory: options.workingDirectory,
+    homeDirectory: options.homeDirectory,
+    provider: {
+      provider: getProviderIdFromModel(config.get('provider.model')),
+      model: String(config.get('provider.model')),
+      reasoning: String(config.get('provider.reasoningEffort')),
+    },
+    auth: {
+      permissionMode: config.get('permissions.mode'),
+      permissionLabel: permissionModeLabel(config.get('permissions.mode')),
+      secretPolicy: config.get('storage.secretPolicy'),
+      secretPolicyLabel: secretPolicyLabel(config.get('storage.secretPolicy')),
+      localUsers: options.auth ?? null,
+    },
+    service: {
+      enabled: config.get('service.enabled'),
+      autostart: config.get('service.autostart'),
+      restartOnFailure: config.get('service.restartOnFailure'),
+      ...(options.service ? { lifecycle: options.service } : {}),
+    },
+    surfaces: {
+      controlPlane: { enabled: config.get('controlPlane.enabled'), ...controlPlaneBinding },
+      httpListener: { enabled: config.get('danger.httpListener'), ...httpListenerBinding },
+      web: { enabled: config.get('web.enabled'), ...webBinding },
+    },
+    onboarding: {
+      checked: Boolean(marker?.exists),
+      scope: marker?.scope ?? 'none',
+      updatedAt: marker?.payload?.updatedAt ?? null,
+    },
+    findings,
+  };
+}
+export function renderCliStatus(options: CliStatusOptions): string {
+  const config = options.configManager;
+  const snapshot = buildCliStatusSnapshot(options);
+  const serviceEnabled = snapshot.service.enabled;
+  const serviceAutostart = snapshot.service.autostart;
+  const restartOnFailure = snapshot.service.restartOnFailure;
+  const controlPlaneEnabled = snapshot.surfaces.controlPlane.enabled;
+  const listenerEnabled = snapshot.surfaces.httpListener.enabled;
+  const webEnabled = snapshot.surfaces.web.enabled;
+  const controlPlaneBinding = snapshot.surfaces.controlPlane;
+  const httpListenerBinding = snapshot.surfaces.httpListener;
+  const webBinding = snapshot.surfaces.web;
+  const marker = options.onboardingMarkers?.effective;
+  const findings = snapshot.findings;
+  if (options.outputFormat === 'json') return JSON.stringify(snapshot, null, 2);
+  const lines = [
+    snapshot.title,
+    `  workingDir: ${options.workingDirectory}`,
+    `  homeDir: ${options.homeDirectory}`,
+    '',
+    'Provider:',
+    `  provider: ${getProviderIdFromModel(config.get('provider.model'))}`,
+    `  model: ${String(config.get('provider.model'))}`,
+    `  reasoning: ${String(config.get('provider.reasoningEffort'))}`,
+    '',
+    'Auth:',
+    `  permissions: ${permissionModeLabel(config.get('permissions.mode'))} (${String(config.get('permissions.mode'))})`,
+    `  secretPolicy: ${secretPolicyLabel(config.get('storage.secretPolicy'))} (${String(config.get('storage.secretPolicy'))})`,
+    options.auth
+      ? `  localUsers: ${options.auth.userStorePresent ? 'present' : 'missing'} (${options.auth.userStorePath})`
+      : '  localUsers: unknown',
+    options.auth
+      ? `  bootstrapCredential: ${options.auth.bootstrapCredentialPresent ? 'present' : 'missing'} (${options.auth.bootstrapCredentialPath})`
+      : '  bootstrapCredential: unknown',
+    options.auth
+      ? `  operatorTokens: ${options.auth.operatorTokenPresent ? 'present' : 'missing'} (${options.auth.operatorTokenPath})`
+      : '  operatorTokens: unknown',
+    '',
+    'Service:',
+    `  enabled: ${yesNo(serviceEnabled)}`,
+    `  autostart: ${yesNo(serviceAutostart)}`,
+    `  restartOnFailure: ${yesNo(restartOnFailure)}`,
+    ...(options.service ? [
+      `  platform: ${options.service.managed.platform}`,
+      `  installed: ${yesNo(options.service.managed.installed)}`,
+      `  running: ${yesNo(options.service.managed.running)}`,
+      `  pid: ${options.service.managed.pid ?? 'n/a'}`,
+      `  definition: ${options.service.managed.path}`,
+      `  log: ${options.service.log.path ?? 'n/a'} (${options.service.log.exists ? 'present' : 'missing'})`,
+    ] : []),
+    '',
+    'Surfaces:',
+    bindLine('controlPlane', controlPlaneEnabled, controlPlaneBinding),
+    bindLine('httpListener', listenerEnabled, httpListenerBinding),
+    bindLine('web', webEnabled, webBinding),
+    '',
+    'Onboarding:',
+    `  checked: ${marker?.exists ? 'yes' : 'no'}`,
+    `  scope: ${marker?.scope ?? 'none'}`,
+    `  updatedAt: ${marker?.payload ? new Date(marker.payload.updatedAt).toISOString() : 'n/a'}`,
+  ];
+  if (options.doctor) {
+    lines.push('', 'Warnings:');
+    if (findings.length === 0) {
+      lines.push('  none');
+    } else {
+      for (const finding of findings) {
+        lines.push(
+          `  - [${finding.severity}:${finding.area}:${finding.id}] ${finding.summary}`,
+          `    cause: ${finding.cause}`,
+          `    impact: ${finding.impact}`,
+          `    action: ${finding.action}`,
+        );
+      }
+    }
+  }
+  return lines.join('\n');
+}
+export function renderOnboardingCliStatus(options: CliStatusOptions): string {
+  const marker = options.onboardingMarkers?.effective;
+  return [
+    'GoodVibes onboarding status',
+    `  checked: ${marker?.exists ? 'yes' : 'no'}`,
+    `  scope: ${marker?.scope ?? 'none'}`,
+    `  source: ${marker?.payload?.source ?? 'n/a'}`,
+    `  mode: ${marker?.payload?.mode ?? 'n/a'}`,
+    `  updatedAt: ${marker?.payload ? new Date(marker.payload.updatedAt).toISOString() : 'n/a'}`,
+    `  workingDir: ${options.workingDirectory}`,
+  ].join('\n');
+}

package/src/cli/surface-command.ts ADDED Viewed

@@ -0,0 +1,247 @@
+import type { ConfigKey } from '../config/index.ts';
+import {
+  GOODVIBES_NTFY_AGENT_TOPIC,
+  GOODVIBES_NTFY_CHAT_TOPIC,
+  GOODVIBES_NTFY_REMOTE_TOPIC,
+  resolveGoodVibesNtfyTopics,
+} from '@pellux/goodvibes-sdk/platform/integrations';
+import { getMissingSurfaceFeatureFlags } from '../runtime/surface-feature-flags.ts';
+import { resolveRuntimeEndpointBinding } from './endpoints.ts';
+import { classifyBindPosture, isNetworkFacing } from './network-posture.ts';
+import type { CliCommandRuntime } from './management.ts';
+import {
+  formatJsonOrText,
+  isPresentConfigValue,
+  probeTcp,
+  readAuthPaths,
+  yesNo,
+} from './management.ts';
+export const SURFACE_CONFIGS = [
+  ['slack', 'Slack', ['surfaces.slack.signingSecret', 'surfaces.slack.botToken']],
+  ['discord', 'Discord', ['surfaces.discord.publicKey', 'surfaces.discord.botToken', 'surfaces.discord.applicationId']],
+  ['telegram', 'Telegram', ['surfaces.telegram.botToken']],
+  ['webhook', 'Webhook', ['surfaces.webhook.secret']],
+  ['ntfy', 'ntfy', ['surfaces.ntfy.baseUrl']],
+  ['googleChat', 'Google Chat', ['surfaces.googleChat.webhookUrl']],
+  ['signal', 'Signal', ['surfaces.signal.bridgeUrl', 'surfaces.signal.account']],
+  ['whatsapp', 'WhatsApp', ['surfaces.whatsapp.accessToken', 'surfaces.whatsapp.phoneNumberId']],
+  ['imessage', 'iMessage', ['surfaces.imessage.bridgeUrl', 'surfaces.imessage.account']],
+  ['msteams', 'Microsoft Teams', ['surfaces.msteams.appId', 'surfaces.msteams.appPassword']],
+  ['bluebubbles', 'BlueBubbles', ['surfaces.bluebubbles.serverUrl', 'surfaces.bluebubbles.password']],
+  ['mattermost', 'Mattermost', ['surfaces.mattermost.baseUrl', 'surfaces.mattermost.botToken']],
+  ['matrix', 'Matrix', ['surfaces.matrix.homeserverUrl', 'surfaces.matrix.accessToken', 'surfaces.matrix.userId']],
+] as const;
+export async function handleSurfacesCommand(runtime: CliCommandRuntime): Promise<{ readonly output: string; readonly exitCode: number }> {
+  const config = runtime.configManager;
+  const [sub = 'list', ...rest] = runtime.cli.commandArgs;
+  const target = rest[0];
+  if (sub === 'enable' || sub === 'disable') {
+    if (!target) return { output: `Usage: goodvibes-agent surfaces ${sub} <web|listener|control-plane|surfaceId>`, exitCode: 2 };
+    const text = [
+      'GoodVibes Agent does not mutate daemon, listener, web, or channel surface posture.',
+      'Configure those surfaces from GoodVibes TUI or the externally managed daemon host, then use `goodvibes-agent surfaces check` for read-only diagnostics.',
+    ].join(' ');
+    return {
+      output: formatJsonOrText(runtime.cli)({
+        ok: false,
+        kind: 'daemon_lifecycle_external',
+        action: `surfaces.${sub}`,
+        target,
+        error: text,
+      }, text),
+      exitCode: 2,
+    };
+  }
+  if (sub !== 'list' && sub !== 'status' && sub !== 'check' && sub !== 'show') {
+    return { output: 'Usage: goodvibes-agent surfaces [list|check|show <surfaceId>]', exitCode: 2 };
+  }
+  const controlPlane = resolveRuntimeEndpointBinding(config, 'controlPlane');
+  const web = resolveRuntimeEndpointBinding(config, 'web');
+  const httpListener = resolveRuntimeEndpointBinding(config, 'httpListener');
+  const includeProbe = sub === 'check';
+  const targetExternalSurface = target && SURFACE_CONFIGS.some(([id]) => id === target);
+  const shouldProbeControlPlane = includeProbe && !target;
+  const shouldProbeWeb = includeProbe && !target;
+  const shouldProbeListener = includeProbe && (!target || targetExternalSurface);
+  const [controlPlaneReachable, webReachable, listenerReachable] = includeProbe
+    ? await Promise.all([
+      shouldProbeControlPlane ? probeTcp(controlPlane.host, controlPlane.port) : Promise.resolve(undefined),
+      shouldProbeWeb ? probeTcp(web.host, web.port) : Promise.resolve(undefined),
+      shouldProbeListener ? probeTcp(httpListener.host, httpListener.port) : Promise.resolve(undefined),
+    ])
+    : [undefined, undefined, undefined];
+  const externalSurfaces = SURFACE_CONFIGS.map(([id, label, requiredKeys]) => {
+    const enabled = config.get(`surfaces.${id}.enabled` as ConfigKey);
+    const missing = requiredKeys.filter((key) => !isPresentConfigValue(config.get(key as ConfigKey)));
+    const missingFeatureFlags = enabled === true ? getMissingSurfaceFeatureFlags(config, id) : [];
+    return {
+      id,
+      label,
+      enabled,
+      ready: !enabled || (missing.length === 0 && missingFeatureFlags.length === 0),
+      missing,
+      missingFeatureFlags,
+    };
+  });
+  const filteredSurfaces = target ? externalSurfaces.filter((surface) => surface.id === target) : externalSurfaces;
+  if (target && filteredSurfaces.length === 0) return { output: `Unknown surface: ${target}`, exitCode: 1 };
+  const ntfyTopics = resolveGoodVibesNtfyTopics({
+    chatTopic: String(config.get('surfaces.ntfy.chatTopic' as ConfigKey) || GOODVIBES_NTFY_CHAT_TOPIC),
+    agentTopic: String(config.get('surfaces.ntfy.agentTopic' as ConfigKey) || GOODVIBES_NTFY_AGENT_TOPIC),
+    remoteTopic: String(config.get('surfaces.ntfy.remoteTopic' as ConfigKey) || GOODVIBES_NTFY_REMOTE_TOPIC),
+  });
+  const readinessIssues: string[] = [];
+  if (shouldProbeControlPlane && config.get('controlPlane.enabled') === true && !controlPlaneReachable) {
+    readinessIssues.push(`Control plane is enabled but not reachable on ${controlPlane.host}:${controlPlane.port}.`);
+  }
+  if (shouldProbeWeb && config.get('web.enabled') === true && !webReachable) {
+    readinessIssues.push(`Web surface is enabled but not reachable on ${web.host}:${web.port}.`);
+  }
+  if (shouldProbeListener && config.get('danger.httpListener') === true && !listenerReachable) {
+    readinessIssues.push(`HTTP listener is enabled but not reachable on ${httpListener.host}:${httpListener.port}.`);
+  }
+  for (const surface of filteredSurfaces) {
+    if (surface.enabled !== true) continue;
+    if (config.get('danger.httpListener') !== true) {
+      readinessIssues.push(`${surface.label} is enabled but the HTTP listener is disabled.`);
+    }
+    if (surface.missing.length > 0) {
+      readinessIssues.push(`${surface.label} is enabled but missing ${surface.missing.join(', ')}.`);
+    }
+    if (surface.missingFeatureFlags.length > 0) {
+      readinessIssues.push(`${surface.label} is enabled but feature gates are disabled: ${surface.missingFeatureFlags.join(', ')}.`);
+    }
+  }
+  const value = {
+    controlPlane: {
+      enabled: config.get('controlPlane.enabled'),
+      hostMode: controlPlane.hostMode,
+      configuredHost: controlPlane.configuredHost,
+      host: controlPlane.host,
+      port: controlPlane.port,
+      reachable: controlPlaneReachable,
+    },
+    web: {
+      enabled: config.get('web.enabled'),
+      hostMode: web.hostMode,
+      configuredHost: web.configuredHost,
+      host: web.host,
+      port: web.port,
+      reachable: webReachable,
+    },
+    httpListener: {
+      enabled: config.get('danger.httpListener'),
+      hostMode: httpListener.hostMode,
+      configuredHost: httpListener.configuredHost,
+      host: httpListener.host,
+      port: httpListener.port,
+      reachable: listenerReachable,
+    },
+    surfaces: filteredSurfaces,
+    readinessIssues,
+  };
+  const output = formatJsonOrText(runtime.cli)(value, [
+    'GoodVibes Agent surfaces',
+    `  control-plane: ${yesNo(value.controlPlane.enabled)} (${value.controlPlane.hostMode} ${value.controlPlane.host}:${value.controlPlane.port})${includeProbe ? ` reachable=${yesNo(value.controlPlane.reachable)}` : ''}`,
+    `  web: ${yesNo(value.web.enabled)} (${value.web.hostMode} ${value.web.host}:${value.web.port})${includeProbe ? ` reachable=${yesNo(value.web.reachable)}` : ''}`,
+    `  http-listener: ${yesNo(value.httpListener.enabled)} (${value.httpListener.hostMode} ${value.httpListener.host}:${value.httpListener.port})${includeProbe ? ` reachable=${yesNo(value.httpListener.reachable)}` : ''}`,
+    '',
+    'External surfaces:',
+    ...value.surfaces.map((surface) => `  ${surface.label.padEnd(16)} enabled=${yesNo(surface.enabled)} ready=${yesNo(surface.ready)}${surface.enabled && surface.missing.length > 0 ? ` missing=${surface.missing.join(',')}` : ''}${surface.enabled && surface.missingFeatureFlags.length > 0 ? ` featureGates=${surface.missingFeatureFlags.join(',')}` : ''}`),
+    ...(filteredSurfaces.some((surface) => surface.id === 'ntfy') ? [
+      '',
+      'ntfy inbound topics:',
+      `  chat: ${ntfyTopics.chatTopic}`,
+      `  agent: ${ntfyTopics.agentTopic}`,
+      `  daemon-only remote: ${ntfyTopics.remoteTopic}`,
+      `  default delivery topic: ${String(config.get('surfaces.ntfy.topic') || '(none)')}`,
+    ] : []),
+    ...(includeProbe ? [
+      readinessIssues.length === 0 ? 'Readiness: ready' : 'Readiness: needs attention',
+      ...readinessIssues.map((issue) => `  - ${issue}`),
+    ] : []),
+  ].join('\n'));
+  return { output, exitCode: includeProbe && readinessIssues.length > 0 ? 1 : 0 };
+}
+export interface ListenerTestResult {
+  readonly enabled: unknown;
+  readonly hostMode: string;
+  readonly configuredHost: string;
+  readonly host: string;
+  readonly port: number;
+  readonly posture: ReturnType<typeof classifyBindPosture>;
+  readonly reachable: boolean;
+  readonly service: {
+    readonly enabled: unknown;
+    readonly autostart: unknown;
+    readonly restartOnFailure: unknown;
+  };
+  readonly auth: ReturnType<typeof readAuthPaths>;
+  readonly surfaces: readonly {
+    readonly id: string;
+    readonly label: string;
+    readonly enabled: unknown;
+    readonly ready: boolean;
+    readonly missing: readonly string[];
+    readonly missingFeatureFlags: readonly string[];
+  }[];
+  readonly issues: readonly string[];
+}
+export async function buildListenerTestResult(runtime: CliCommandRuntime): Promise<ListenerTestResult> {
+  const enabled = runtime.configManager.get('danger.httpListener');
+  const binding = resolveRuntimeEndpointBinding(runtime.configManager, 'httpListener');
+  const posture = classifyBindPosture(binding);
+  const reachable = enabled === true ? await probeTcp(binding.host, binding.port) : false;
+  const auth = readAuthPaths(runtime);
+  const service = {
+    enabled: runtime.configManager.get('service.enabled'),
+    autostart: runtime.configManager.get('service.autostart'),
+    restartOnFailure: runtime.configManager.get('service.restartOnFailure'),
+  };
+  const surfaces = SURFACE_CONFIGS.map(([id, label, requiredKeys]) => {
+    const surfaceEnabled = runtime.configManager.get(`surfaces.${id}.enabled` as ConfigKey);
+    const missing = requiredKeys.filter((key) => !isPresentConfigValue(runtime.configManager.get(key as ConfigKey)));
+    const missingFeatureFlags = surfaceEnabled === true ? getMissingSurfaceFeatureFlags(runtime.configManager, id) : [];
+    return {
+      id,
+      label,
+      enabled: surfaceEnabled,
+      ready: surfaceEnabled !== true || (missing.length === 0 && missingFeatureFlags.length === 0),
+      missing,
+      missingFeatureFlags,
+    };
+  }).filter((surface) => surface.enabled === true);
+  const issues: string[] = [];
+  if (enabled !== true) issues.push('HTTP listener is disabled.');
+  if (enabled === true && service.enabled !== true) issues.push('HTTP listener is enabled but service mode is off.');
+  if (enabled === true && service.autostart !== true) issues.push('HTTP listener is enabled but service autostart is off.');
+  if (enabled === true && service.restartOnFailure !== true) issues.push('HTTP listener is enabled but service restart-on-failure is off.');
+  if (isNetworkFacing(enabled, binding) && !auth.userStorePresent) issues.push('Network-facing listener has no local auth user store.');
+  if (isNetworkFacing(enabled, binding) && auth.bootstrapCredentialPresent) issues.push('Network-facing listener still has a bootstrap credential file.');
+  for (const surface of surfaces) {
+    if (surface.missing.length > 0) issues.push(`${surface.label} is enabled but missing ${surface.missing.join(', ')}.`);
+    if (surface.missingFeatureFlags.length > 0) issues.push(`${surface.label} is enabled but feature gates are disabled: ${surface.missingFeatureFlags.join(', ')}.`);
+  }
+  return { enabled, ...binding, posture, reachable, service, auth, surfaces, issues };
+}
+export function formatListenerTestResult(runtime: CliCommandRuntime, value: ListenerTestResult): string {
+  return formatJsonOrText(runtime.cli)(value, [
+    'GoodVibes Agent listener test',
+    `  enabled: ${yesNo(value.enabled)}`,
+    `  endpoint: ${value.hostMode} ${value.host}:${value.port}`,
+    `  bind posture: ${value.posture.label}`,
+    `  reachable: ${yesNo(value.reachable)}`,
+    `  service: enabled=${yesNo(value.service.enabled)} autostart=${yesNo(value.service.autostart)} restartOnFailure=${yesNo(value.service.restartOnFailure)}`,
+    `  local auth users: ${value.auth.userStorePresent ? 'present' : 'missing'}`,
+    `  bootstrap credential: ${value.auth.bootstrapCredentialPresent ? 'present' : 'missing'}`,
+    value.surfaces.length === 0 ? '  enabled webhook surfaces: none' : '  enabled webhook surfaces:',
+    ...value.surfaces.map((surface) => `    ${surface.label}: ready=${yesNo(surface.ready)}${surface.missing.length > 0 ? ` missing=${surface.missing.join(',')}` : ''}${surface.missingFeatureFlags.length > 0 ? ` featureGates=${surface.missingFeatureFlags.join(',')}` : ''}`),
+    value.issues.length === 0 ? '  readiness: ready' : '  readiness: needs attention',
+    ...value.issues.map((issue) => `    - ${issue}`),
+  ].join('\n'));
+}

package/src/cli/tui-startup.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import type { CommandContext, CommandRegistry } from '../input/command-registry.ts';
+import type { InputHandler } from '../input/handler.ts';
+import { readOnboardingCheckMarker } from '../runtime/onboarding/index.ts';
+import type { GoodVibesCliParseResult } from './types.ts';
+export function applyInitialTuiCliState(options: {
+  readonly cli: GoodVibesCliParseResult;
+  readonly input: InputHandler;
+  readonly commandRegistry: CommandRegistry;
+  readonly commandContext: CommandContext;
+  readonly shellPaths: Parameters<typeof readOnboardingCheckMarker>[0];
+  readonly render: () => void;
+}): void {
+  const { cli, input, commandRegistry, commandContext, shellPaths, render } = options;
+  const globalOnboardingMarker = readOnboardingCheckMarker(shellPaths, 'user');
+  if (cli.command === 'onboarding') {
+    input.openOnboardingWizard({ mode: 'edit', reset: true });
+  } else if (cli.command === 'sessions' && cli.commandArgs[0] === 'resume') {
+    const target = cli.commandArgs.slice(1).join(' ').trim();
+    if (target) {
+      void commandRegistry.execute('session', ['resume', target], commandContext).then(() => render());
+    }
+  } else if (!globalOnboardingMarker.exists) {
+    input.openOnboardingWizard({ mode: 'new', reset: true });
+  }
+  const seededPrompt = cli.flags.prompt ?? (cli.rawCommand === undefined && cli.positionals.length > 0 ? cli.positionals.join(' ') : undefined);
+  if (seededPrompt) {
+    input.prompt = seededPrompt;
+    input.cursorPos = seededPrompt.length;
+  }
+}