@pellux/goodvibes-agent 0.1.9 → 0.1.11

package/src/input/commands/integration-runtime.ts

@@ -14,15 +14,18 @@ import {
   uninstallEcosystemCatalogEntry,
 } from '@/runtime/index.ts';
 import { requireEcosystemCatalogPaths, requirePluginPathOptions } from './runtime-services.ts';
+import { requireYesFlag, stripYesFlag } from './confirmation.ts';
 
 export function registerIntegrationRuntimeCommands(registry: CommandRegistry): void {
   registry.register({
     name: 'plugin',
     aliases: [],
     description: 'Manage plugins, trust, review, and ecosystem paths',
-    usage: 'list | dirs | inspect <name> | review | installed | catalog-review <id> | publish-local <id> <path> <summary...> | unpublish <id> | install <id> [project|user] | update <id> [project|user] | uninstall <id> [project|user] | enable <name> | disable <name> | reload',
-    argsHint: 'list | dirs | inspect | review | installed | catalog-review | publish-local | unpublish | install | update | uninstall | enable | disable | reload',
+    usage: 'list | dirs | inspect <name> | review | installed | catalog-review <id> | publish-local <id> <path> <summary...> --yes | unpublish <id> --yes | install <id> [project|user] --yes | update <id> [project|user] --yes | uninstall <id> [project|user] --yes | enable <name> --yes | disable <name> --yes | reload --yes',
+    argsHint: 'list | dirs | inspect | review | installed | catalog-review | publish-local --yes | unpublish --yes | install --yes | update --yes | uninstall --yes | enable --yes | disable --yes | reload --yes',
     async handler(args, ctx) {
+      const parsed = stripYesFlag(args);
+      const commandArgs = [...parsed.rest];
       const pluginManager = ctx.extensions.pluginManager;
       const ecosystemPaths = requireEcosystemCatalogPaths(ctx);
       const pluginPaths = requirePluginPathOptions(ctx);
@@ -30,7 +33,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         ctx.print('Plugin manager is not available in this runtime.');
         return;
       }
-      const sub = args[0];
+      const sub = commandArgs[0];
 
       if (!sub || sub === 'open' || sub === 'panel') {
         if (ctx.showPanel) ctx.showPanel('plugins');
@@ -55,7 +58,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
           if (p.author) lines.push(`            by ${p.author}`);
         }
         lines.push('');
-        lines.push('Use /plugin enable <name> or /plugin disable <name> to toggle plugins.');
+        lines.push('Use /plugin enable <name> --yes or /plugin disable <name> --yes to toggle plugins.');
         ctx.print(lines.join('\n'));
         return;
       }
@@ -70,7 +73,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'inspect') {
-        const name = args[1];
+        const name = commandArgs[1];
         if (!name) {
           ctx.print('Usage: /plugin inspect <name>');
           return;
@@ -111,7 +114,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'browse' || sub === 'catalog') {
-        const query = args.slice(1).join(' ');
+        const query = commandArgs.slice(1).join(' ');
         const entries = query
           ? searchEcosystemCatalog('plugin', query, ecosystemPaths)
           : loadEcosystemCatalog('plugin', ecosystemPaths);
@@ -140,7 +143,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'catalog-review') {
-        const entryId = args[1];
+        const entryId = commandArgs[1];
         if (!entryId) {
           ctx.print('Usage: /plugin catalog-review <catalog-id>');
           return;
@@ -166,7 +169,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'install-hint') {
-        const entryId = args[1];
+        const entryId = commandArgs[1];
         if (!entryId) {
           ctx.print('Usage: /plugin install-hint <catalog-id>');
           return;
@@ -182,16 +185,20 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
           `  source: ${entry.source}`,
           `  tags: ${entry.tags.join(', ') || '(none)'}`,
           `  trust notes: ${entry.trustNotes ?? '(none)'}`,
-          `  install hint: ${entry.installHint ?? 'Place the plugin under a configured plugin search directory and use /plugin reload.'}`,
+          `  install hint: ${entry.installHint ?? 'Place the plugin under a configured plugin search directory and use /plugin reload --yes.'}`,
         ].join('\n'));
         return;
       }
       if (sub === 'publish-local') {
-        const entryId = args[1];
-        const sourcePath = args[2];
-        const summary = args.slice(3).join(' ').trim();
+        const entryId = commandArgs[1];
+        const sourcePath = commandArgs[2];
+        const summary = commandArgs.slice(3).join(' ').trim();
         if (!entryId || !sourcePath || !summary) {
-          ctx.print('Usage: /plugin publish-local <catalog-id> <path> <summary...>');
+          ctx.print('Usage: /plugin publish-local <catalog-id> <path> <summary...> --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `publish curated plugin ${entryId}`, '/plugin publish-local <catalog-id> <path> <summary...> --yes');
           return;
         }
         const result = upsertEcosystemCatalogEntry({
@@ -210,9 +217,13 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'unpublish') {
-        const entryId = args[1];
+        const entryId = commandArgs[1];
         if (!entryId) {
-          ctx.print('Usage: /plugin unpublish <catalog-id>');
+          ctx.print('Usage: /plugin unpublish <catalog-id> --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `unpublish curated plugin ${entryId}`, '/plugin unpublish <catalog-id> --yes');
           return;
         }
         const result = removeEcosystemCatalogEntry('plugin', entryId, ecosystemPaths);
@@ -222,10 +233,14 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'install') {
-        const entryId = args[1];
-        const scopeArg = args[2];
+        const entryId = commandArgs[1];
+        const scopeArg = commandArgs[2];
         if (!entryId) {
-          ctx.print('Usage: /plugin install <catalog-id> [project|user]');
+          ctx.print('Usage: /plugin install <catalog-id> [project|user] --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `install curated plugin ${entryId}`, '/plugin install <catalog-id> [project|user] --yes');
           return;
         }
         const scope = scopeArg === 'user' ? 'user' : 'project';
@@ -236,10 +251,14 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'update') {
-        const entryId = args[1];
-        const scopeArg = args[2];
+        const entryId = commandArgs[1];
+        const scopeArg = commandArgs[2];
         if (!entryId) {
-          ctx.print('Usage: /plugin update <catalog-id> [project|user]');
+          ctx.print('Usage: /plugin update <catalog-id> [project|user] --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `update curated plugin ${entryId}`, '/plugin update <catalog-id> [project|user] --yes');
           return;
         }
         const scope = scopeArg === 'user' ? 'user' : 'project';
@@ -250,10 +269,14 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'uninstall') {
-        const entryId = args[1];
-        const scopeArg = args[2];
+        const entryId = commandArgs[1];
+        const scopeArg = commandArgs[2];
         if (!entryId) {
-          ctx.print('Usage: /plugin uninstall <catalog-id> [project|user]');
+          ctx.print('Usage: /plugin uninstall <catalog-id> [project|user] --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `uninstall curated plugin ${entryId}`, '/plugin uninstall <catalog-id> [project|user] --yes');
           return;
         }
         const scope = scopeArg === 'user' ? 'user' : 'project';
@@ -264,30 +287,46 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'enable') {
-        const name = args[1];
-        if (!name) { ctx.print('Usage: /plugin enable <name>'); return; }
+        const name = commandArgs[1];
+        if (!name) { ctx.print('Usage: /plugin enable <name> --yes'); return; }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `enable plugin ${name}`, '/plugin enable <name> --yes');
+          return;
+        }
         const result = await pluginManager.enable(name);
         ctx.print(result.ok ? `Plugin '${name}' enabled and activated.` : `Error: ${result.error}`);
         return;
       }
       if (sub === 'disable') {
-        const name = args[1];
-        if (!name) { ctx.print('Usage: /plugin disable <name>'); return; }
+        const name = commandArgs[1];
+        if (!name) { ctx.print('Usage: /plugin disable <name> --yes'); return; }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `disable plugin ${name}`, '/plugin disable <name> --yes');
+          return;
+        }
         const result = await pluginManager.disable(name);
         ctx.print(result.ok ? `Plugin '${name}' disabled.` : `Error: ${result.error}`);
         return;
       }
       if (sub === 'reload') {
+        if (!parsed.yes) {
+          requireYesFlag(ctx, 'reload plugins', '/plugin reload --yes');
+          return;
+        }
         ctx.print('Reloading plugins...');
         const { reloaded, failed } = await pluginManager.reload();
         ctx.print(`Done. ${reloaded} plugin(s) reloaded${failed > 0 ? `, ${failed} failed` : ''}.`);
         return;
       }
       if (sub === 'trust') {
-        const name = args[1];
-        const rawTier = args[2];
+        const name = commandArgs[1];
+        const rawTier = commandArgs[2];
         if (!name || !rawTier) {
-          ctx.print('Usage: /plugin trust <name> <untrusted|limited|trusted> [note]');
+          ctx.print('Usage: /plugin trust <name> <untrusted|limited|trusted> [note] --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `set plugin ${name} trust tier`, '/plugin trust <name> <untrusted|limited|trusted> [note] --yes');
           return;
         }
         if (rawTier !== 'untrusted' && rawTier !== 'limited' && rawTier !== 'trusted') {
@@ -295,7 +334,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
           return;
         }
         const tier = rawTier as 'untrusted' | 'limited' | 'trusted';
-        const note = args.slice(3).join(' ') || undefined;
+        const note = commandArgs.slice(3).join(' ') || undefined;
         if (tier === 'trusted') {
           const sigResult = pluginManager.trustSigned(name);
           if (sigResult.ok) {
@@ -311,7 +350,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'verify') {
-        const name = args[1];
+        const name = commandArgs[1];
         if (!name) { ctx.print('Usage: /plugin verify <name>'); return; }
         const result = pluginManager.verify(name);
         if (!result.ok && result.reason?.includes('not found')) {
@@ -324,7 +363,7 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'capabilities') {
-        const name = args[1];
+        const name = commandArgs[1];
         if (!name) { ctx.print('Usage: /plugin capabilities <name>'); return; }
         const info = pluginManager.capabilities(name);
         if (!info) {
@@ -344,16 +383,20 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
         if (info.blocked.length > 0) {
           lines.push('');
           lines.push(`${info.blocked.length} high-risk capability/capabilities blocked by trust tier '${info.tier}'.`);
-          lines.push(`Use /plugin trust ${name} trusted to escalate.`);
+          lines.push(`Use /plugin trust ${name} trusted --yes to escalate.`);
         }
         ctx.print(lines.join('\n'));
         return;
       }
       if (sub === 'quarantine') {
-        const name = args[1];
-        const action = args[2] ?? 'add';
+        const name = commandArgs[1];
+        const action = commandArgs[2] ?? 'add';
         if (!name) {
-          ctx.print('Usage: /plugin quarantine <name> [add|lift] [reason]');
+          ctx.print('Usage: /plugin quarantine <name> [add|lift] [reason] --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `${action === 'lift' ? 'lift quarantine for' : 'quarantine'} plugin ${name}`, '/plugin quarantine <name> [add|lift] [reason] --yes');
           return;
         }
         if (action === 'lift') {
@@ -361,10 +404,10 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
           ctx.print(result.ok ? `Plugin '${name}' quarantine lifted. Reload to restore safe capabilities.` : `Error: ${result.error}`);
           return;
         }
-        const reason = args.slice(2).join(' ') || 'quarantined by operator';
+        const reason = (action === 'add' ? commandArgs.slice(3) : commandArgs.slice(2)).join(' ') || 'quarantined by operator';
         const result = pluginManager.quarantine(name, reason);
         ctx.print(result.ok
-          ? `Plugin '${name}' quarantined.\nReason: ${reason}\nHigh-risk capabilities revoked. Reload to fully apply. Use /plugin quarantine <name> lift to restore.`
+          ? `Plugin '${name}' quarantined.\nReason: ${reason}\nHigh-risk capabilities revoked. Reload to fully apply. Use /plugin quarantine <name> lift --yes to restore.`
           : `Error: ${result.error}`);
         return;
       }
@@ -372,22 +415,22 @@ export function registerIntegrationRuntimeCommands(registry: CommandRegistry): v
       ctx.print(
         'Usage: /plugin <subcommand>\n'
         + '  list                       — show installed plugins and their status\n'
-        + '  enable <name>              — enable a plugin\n'
-        + '  disable <name>             — disable a plugin\n'
-        + '  reload                     — reload all enabled plugins\n'
-        + '  trust <name> <tier> [note] — set trust tier (untrusted|limited|trusted)\n'
+        + '  enable <name> --yes        — enable a plugin\n'
+        + '  disable <name> --yes       — disable a plugin\n'
+        + '  reload --yes               — reload all enabled plugins\n'
+        + '  trust <name> <tier> [note] --yes — set trust tier (untrusted|limited|trusted)\n'
         + '  verify <name>              — inspect a plugin manifest signature\n'
         + '  capabilities <name>        — show capability grants and blocks\n'
         + '  browse [query]             — browse curated local-first plugin catalog entries\n'
         + '  installed                  — list curated catalog installs with provenance receipts\n'
         + '  catalog-review <id>        — review source, provenance, and risk for a curated plugin\n'
-        + '  publish-local <id> <path> <summary...> — publish a local plugin directory into the curated catalog\n'
-        + '  unpublish <id>             — remove a local curated plugin catalog entry\n'
+        + '  publish-local <id> <path> <summary...> --yes — publish a local plugin directory into the curated catalog\n'
+        + '  unpublish <id> --yes       — remove a local curated plugin catalog entry\n'
         + '  install-hint <catalog-id>  — show install guidance for a curated plugin entry\n'
-        + '  install <catalog-id> [scope]   — install a local-path curated plugin into project|user scope\n'
-        + '  uninstall <catalog-id> [scope] — remove a curated plugin install receipt and target path\n'
-        + '  quarantine <name> [reason] — quarantine a plugin (revoke high-risk caps)\n'
-        + '  quarantine <name> lift     — lift quarantine from a plugin'
+        + '  install <catalog-id> [scope] --yes   — install a local-path curated plugin into project|user scope\n'
+        + '  uninstall <catalog-id> [scope] --yes — remove a curated plugin install receipt and target path\n'
+        + '  quarantine <name> [reason] --yes — quarantine a plugin (revoke high-risk caps)\n'
+        + '  quarantine <name> lift --yes     — lift quarantine from a plugin'
       );
     },
   });

package/src/input/commands/knowledge.ts

@@ -1,5 +1,6 @@
 import type { KnowledgeService } from '@pellux/goodvibes-sdk/platform/knowledge';
 import type { CommandContext, SlashCommand } from '../command-registry.ts';
+import { requireYesFlag, stripYesFlag } from './confirmation.ts';
 
 const KNOWLEDGE_REVIEW_ACTIONS = ['accept', 'reject', 'resolve', 'reopen', 'edit', 'forget'] as const;
 
@@ -158,7 +159,7 @@ export const knowledgeCommand: SlashCommand = {
   aliases: ['know', 'kb'],
   description: 'Agent Knowledge/Wiki: isolated Agent-owned sources, graph, review queue, and compact prompt packets.',
   usage: '<subcommand> [args]',
-  argsHint: 'status|ask|ingest-url|import-bookmarks|import-urls|list|search|get|queue|review-issue|candidates|reports|schedules|lint|packet|explain|reindex|consolidate',
+  argsHint: 'status|ask|ingest-url --yes|import-bookmarks --yes|list|search|get|queue|review-issue --yes',
   handler: async (args: string[], context: CommandContext): Promise<void> => {
     const knowledge = requireAgentKnowledgeApi(context);
     if (!knowledge) {
@@ -169,7 +170,8 @@ export const knowledgeCommand: SlashCommand = {
       return;
     }
     const sub = (args[0] ?? 'status').toLowerCase();
-    const rest = args.slice(1);
+    const confirmation = stripYesFlag(args.slice(1));
+    const rest = [...confirmation.rest];
     const disallowedScopeFlag = findDisallowedKnowledgeScopeFlag(rest);
     if (disallowedScopeFlag) {
       printScopeFlagRejection(context, disallowedScopeFlag);
@@ -219,7 +221,11 @@ export const knowledgeCommand: SlashCommand = {
       case 'ingest-url': {
         const [url] = positionalArgs(rest, ['--title', '--tags', '--folder']);
         if (!url) {
-          context.print('[knowledge] Usage: /knowledge ingest-url <url> [--title <title>] [--tags <a,b>] [--folder <path>]');
+          context.print('[knowledge] Usage: /knowledge ingest-url <url> [--title <title>] [--tags <a,b>] [--folder <path>] --yes');
+          return;
+        }
+        if (!confirmation.yes) {
+          requireYesFlag(context, `ingest URL into Agent Knowledge ${url}`, '/knowledge ingest-url <url> [--title <title>] [--tags <a,b>] [--folder <path>] --yes');
           return;
         }
         const result = await knowledge.ingest.url({
@@ -240,7 +246,11 @@ export const knowledgeCommand: SlashCommand = {
       case 'import-bookmarks': {
         const [path] = positionalArgs(rest);
         if (!path) {
-          context.print('[knowledge] Usage: /knowledge import-bookmarks <path>');
+          context.print('[knowledge] Usage: /knowledge import-bookmarks <path> --yes');
+          return;
+        }
+        if (!confirmation.yes) {
+          requireYesFlag(context, `import bookmark file into Agent Knowledge ${path}`, '/knowledge import-bookmarks <path> --yes');
           return;
         }
         const result = await knowledge.ingest.bookmarksFile({ path, sessionId: context.session.runtime.sessionId });
@@ -254,7 +264,11 @@ export const knowledgeCommand: SlashCommand = {
       case 'import-urls': {
         const [path] = positionalArgs(rest);
         if (!path) {
-          context.print('[knowledge] Usage: /knowledge import-urls <path>');
+          context.print('[knowledge] Usage: /knowledge import-urls <path> --yes');
+          return;
+        }
+        if (!confirmation.yes) {
+          requireYesFlag(context, `import URL list into Agent Knowledge ${path}`, '/knowledge import-urls <path> --yes');
           return;
         }
         const result = await knowledge.ingest.urlsFile({ path, sessionId: context.session.runtime.sessionId });
@@ -401,7 +415,11 @@ export const knowledgeCommand: SlashCommand = {
         const [issueId, actionValue] = positionalArgs(rest, ['--reviewer', '--value']);
         const action = actionValue?.toLowerCase();
         if (!issueId || !action || !KNOWLEDGE_REVIEW_ACTIONS.includes(action as KnowledgeReviewAction)) {
-          context.print('[knowledge] Usage: /knowledge review-issue <issueId> <accept|reject|resolve|reopen|edit|forget> [--reviewer <name>] [--value <json-object>]');
+          context.print('[knowledge] Usage: /knowledge review-issue <issueId> <accept|reject|resolve|reopen|edit|forget> [--reviewer <name>] [--value <json-object>] --yes');
+          return;
+        }
+        if (!confirmation.yes) {
+          requireYesFlag(context, `review Agent Knowledge issue ${issueId}`, '/knowledge review-issue <issueId> <action> [--reviewer <name>] [--value <json-object>] --yes');
           return;
         }
         const value = readJsonObjectFlag(rest, '--value');
@@ -513,6 +531,10 @@ export const knowledgeCommand: SlashCommand = {
       }
 
       case 'reindex': {
+        if (!confirmation.yes) {
+          requireYesFlag(context, 'reindex Agent Knowledge', '/knowledge reindex --yes');
+          return;
+        }
         const result = await knowledge.status.reindex();
         context.print([
           '[knowledge] Reindex complete',
@@ -525,6 +547,10 @@ export const knowledgeCommand: SlashCommand = {
       }
 
       case 'consolidate': {
+        if (!confirmation.yes) {
+          requireYesFlag(context, 'run Agent Knowledge consolidation', '/knowledge consolidate [light|deep] --yes');
+          return;
+        }
         const mode = (positionalArgs(rest)[0] ?? 'light').toLowerCase();
         const jobId = mode === 'deep' ? 'knowledge-deep-consolidation' : 'knowledge-light-consolidation';
         const run = await knowledge.jobs.run(jobId, { mode: 'inline' });
@@ -537,22 +563,22 @@ export const knowledgeCommand: SlashCommand = {
           'Usage: /knowledge <subcommand>',
           '  status',
           '  ask <query> [--limit <n>] [--mode <concise|standard|detailed>]',
-          '  ingest-url <url> [--title <title>] [--tags <a,b>] [--folder <path>]',
-          '  import-bookmarks <path>',
-          '  import-urls <path>',
+          '  ingest-url <url> [--title <title>] [--tags <a,b>] [--folder <path>] --yes',
+          '  import-bookmarks <path> --yes',
+          '  import-urls <path> --yes',
           '  list [--kind <sources|nodes|issues>] [--limit <n>]',
           '  search <query> [--limit <n>]',
           '  get <id>',
           '  queue [limit]',
-          '  review-issue <issueId> <accept|reject|resolve|reopen|edit|forget> [--reviewer <name>] [--value <json-object>]',
+          '  review-issue <issueId> <accept|reject|resolve|reopen|edit|forget> [--reviewer <name>] [--value <json-object>] --yes',
           '  candidates [limit]',
           '  reports [limit]',
           '  schedules',
           '  lint',
           '  packet <task...> [--scope <path> ...]',
           '  explain <task...> [--scope <path> ...]',
-          '  reindex',
-          '  consolidate [light|deep]',
+          '  reindex --yes',
+          '  consolidate [light|deep] --yes',
         ].join('\n'));
     }
   },

package/src/input/commands/local-auth-runtime.ts

@@ -1,13 +1,16 @@
 import type { CommandContext, CommandRegistry } from '../command-registry.ts';
 import { openCommandPanel, requireLocalUserAuthManager } from './runtime-services.ts';
 import { summarizeError } from '@pellux/goodvibes-sdk/platform/utils';
+import { requireYesFlag, stripYesFlag } from './confirmation.ts';
 
 function formatRoles(roles: readonly string[]): string {
   return roles.length > 0 ? roles.join(', ') : '(none)';
 }
 
 export function handleLocalAuthCommand(args: string[], ctx: CommandContext): void {
-  const sub = (args[0] ?? 'review').toLowerCase();
+  const parsed = stripYesFlag(args);
+  const commandArgs = [...parsed.rest];
+  const sub = (commandArgs[0] ?? 'review').toLowerCase();
   const auth = requireLocalUserAuthManager(ctx);
   if (sub === 'panel' || sub === 'open') {
     openCommandPanel(ctx, 'local-auth');
@@ -15,11 +18,15 @@ export function handleLocalAuthCommand(args: string[], ctx: CommandContext): voi
   }
 
   if (sub === 'add-user') {
-    const username = args[1];
-    const password = args[2];
-    const roles = args[3]?.split(',').map((value) => value.trim()).filter(Boolean) ?? ['admin'];
+    const username = commandArgs[1];
+    const password = commandArgs[2];
+    const roles = commandArgs[3]?.split(',').map((value) => value.trim()).filter(Boolean) ?? ['admin'];
     if (!username || !password) {
-      ctx.print('Usage: /auth local add-user <username> <password> [roles]');
+      ctx.print('Usage: /auth local add-user <username> <password> [roles] --yes');
+      return;
+    }
+    if (!parsed.yes) {
+      requireYesFlag(ctx, `add local auth user ${username}`, '/auth local add-user <username> <password> [roles] --yes');
       return;
     }
     try {
@@ -32,9 +39,13 @@ export function handleLocalAuthCommand(args: string[], ctx: CommandContext): voi
   }
 
   if (sub === 'delete-user') {
-    const username = args[1];
+    const username = commandArgs[1];
     if (!username) {
-      ctx.print('Usage: /auth local delete-user <username>');
+      ctx.print('Usage: /auth local delete-user <username> --yes');
+      return;
+    }
+    if (!parsed.yes) {
+      requireYesFlag(ctx, `delete local auth user ${username}`, '/auth local delete-user <username> --yes');
       return;
     }
     try {
@@ -47,10 +58,14 @@ export function handleLocalAuthCommand(args: string[], ctx: CommandContext): voi
   }
 
   if (sub === 'rotate-password') {
-    const username = args[1];
-    const password = args[2];
+    const username = commandArgs[1];
+    const password = commandArgs[2];
     if (!username || !password) {
-      ctx.print('Usage: /auth local rotate-password <username> <password>');
+      ctx.print('Usage: /auth local rotate-password <username> <password> --yes');
+      return;
+    }
+    if (!parsed.yes) {
+      requireYesFlag(ctx, `rotate password for local auth user ${username}`, '/auth local rotate-password <username> <password> --yes');
       return;
     }
     try {
@@ -63,9 +78,13 @@ export function handleLocalAuthCommand(args: string[], ctx: CommandContext): voi
   }
 
   if (sub === 'revoke-session') {
-    const token = args[1];
+    const token = commandArgs[1];
     if (!token) {
-      ctx.print('Usage: /auth local revoke-session <token-or-fingerprint>');
+      ctx.print('Usage: /auth local revoke-session <token-or-fingerprint> --yes');
+      return;
+    }
+    if (!parsed.yes) {
+      requireYesFlag(ctx, 'revoke local auth session', '/auth local revoke-session <token-or-fingerprint> --yes');
       return;
     }
     ctx.print(auth.revokeSession(token) ? `Revoked session ${token.slice(0, 12)}…` : `Unknown session token or fingerprint: ${token}`);
@@ -73,6 +92,10 @@ export function handleLocalAuthCommand(args: string[], ctx: CommandContext): voi
   }
 
   if (sub === 'clear-bootstrap-file') {
+    if (!parsed.yes) {
+      requireYesFlag(ctx, 'clear the local auth bootstrap credential file', '/auth local clear-bootstrap-file --yes');
+      return;
+    }
     ctx.print(auth.clearBootstrapCredentialFile()
       ? 'Removed bootstrap credential file.'
       : 'No bootstrap credential file was present.');
@@ -97,7 +120,7 @@ export function registerLocalAuthRuntimeCommands(registry: CommandRegistry): voi
     name: 'local-auth',
     aliases: ['auth-local'],
     description: 'Inspect and manage local daemon/listener auth users, sessions, and bootstrap credentials',
-    usage: '[review|panel|add-user <username> <password> [roles]|delete-user <username>|rotate-password <username> <password>|revoke-session <token-or-fingerprint>|clear-bootstrap-file]',
+    usage: '[review|panel|add-user <username> <password> [roles] --yes|delete-user <username> --yes|rotate-password <username> <password> --yes|revoke-session <token-or-fingerprint> --yes|clear-bootstrap-file --yes]',
     handler(args, ctx) {
       handleLocalAuthCommand(args, ctx);
     },

package/src/input/commands/local-provider-runtime.ts

@@ -7,6 +7,7 @@ import type { CustomProviderConfig } from '@pellux/goodvibes-sdk/platform/provid
 import { requireProviderApi, requireShellPaths } from './runtime-services.ts';
 import { summarizeError } from '@pellux/goodvibes-sdk/platform/utils';
 import { GOODVIBES_AGENT_SURFACE_ROOT } from '../../config/surface.ts';
+import { requireYesFlag, stripYesFlag } from './confirmation.ts';
 
 function isValidProviderName(name: string): boolean {
   return /^[a-zA-Z0-9_-]+$/.test(name);
@@ -17,17 +18,23 @@ export function registerLocalProviderRuntimeCommands(registry: CommandRegistry):
     name: 'provider',
     aliases: ['p'],
     description: 'Switch provider or manage custom providers (add/remove)',
-    usage: '[add <name> <baseURL> [apiKey] | remove <name> | <provider-name>]',
-    argsHint: '[add|remove|name]',
+    usage: '[add <name> <baseURL> [apiKey] --yes | remove <name> --yes | <provider-name>]',
+    argsHint: '[name|add --yes|remove --yes]',
     async handler(args, ctx) {
+      const parsed = stripYesFlag(args);
+      const commandArgs = [...parsed.rest];
       const shellPaths = requireShellPaths(ctx);
-      if (args[0] === 'add') {
-        const addArgs = args.slice(1);
+      if (commandArgs[0] === 'add') {
+        const addArgs = commandArgs.slice(1);
         if (addArgs.length < 2) {
-          ctx.print('Usage: /provider add <name> <baseURL> [apiKey]\nExample: /provider add my-server http://192.168.0.85:8001/v1');
+          ctx.print('Usage: /provider add <name> <baseURL> [apiKey] --yes\nExample: /provider add my-server http://192.168.0.85:8001/v1 --yes');
           return;
         }
         const [name, baseURL, apiKey] = addArgs;
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `add custom provider ${name}`, '/provider add <name> <baseURL> [apiKey] --yes');
+          return;
+        }
         if (!isValidProviderName(name)) {
           ctx.print('Error: Provider name must contain only letters, numbers, hyphens, and underscores.');
           return;
@@ -42,7 +49,7 @@ export function registerLocalProviderRuntimeCommands(registry: CommandRegistry):
         const providersDir = shellPaths.resolveUserPath(GOODVIBES_AGENT_SURFACE_ROOT, 'providers');
         const providerFile = join(providersDir, `${name}.json`);
         if (existsSync(providerFile)) {
-          ctx.print(`Error: Provider '${name}' already exists at ${providerFile}\nRemove it first with: /provider remove ${name}`);
+          ctx.print(`Error: Provider '${name}' already exists at ${providerFile}\nRemove it first with: /provider remove ${name} --yes`);
           return;
         }
 
@@ -111,10 +118,14 @@ export function registerLocalProviderRuntimeCommands(registry: CommandRegistry):
         return;
       }
 
-      if (args[0] === 'remove' || args[0] === 'rm') {
-        const name = args[1];
+      if (commandArgs[0] === 'remove' || commandArgs[0] === 'rm') {
+        const name = commandArgs[1];
         if (!name) {
-          ctx.print('Usage: /provider remove <name>');
+          ctx.print('Usage: /provider remove <name> --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `remove custom provider ${name}`, '/provider remove <name> --yes');
           return;
         }
         if (!isValidProviderName(name)) {
@@ -135,7 +146,7 @@ export function registerLocalProviderRuntimeCommands(registry: CommandRegistry):
         return;
       }
 
-      if (args.length === 0) {
+      if (commandArgs.length === 0) {
         if (ctx.openProviderPicker) {
           ctx.openProviderPicker();
           return;
@@ -145,7 +156,7 @@ export function registerLocalProviderRuntimeCommands(registry: CommandRegistry):
         return;
       }
 
-      const providerName = args[0];
+      const providerName = commandArgs[0];
       const providerApi = requireProviderApi(ctx);
       const selectable = await providerApi.listModels({
         providerId: providerName,