@phnx-labs/agents-cli 1.14.6 → 1.15.0

package/dist/lib/routines.js

@@ -350,3 +350,71 @@ export function installJobFromSource(sourcePath, name) {
         return { success: false, error: err.message };
     }
 }
+/** List all job names that have run directories. */
+export function listJobsWithRuns() {
+    const runsDir = getRunsDir();
+    if (!fs.existsSync(runsDir))
+        return [];
+    return fs.readdirSync(runsDir, { withFileTypes: true })
+        .filter((e) => e.isDirectory())
+        .map((e) => e.name);
+}
+/** Count total runs across all jobs. */
+export function countAllRuns() {
+    let total = 0;
+    for (const jobName of listJobsWithRuns()) {
+        total += listRuns(jobName).length;
+    }
+    return total;
+}
+/** Preview runs that would be pruned (keeping only the most recent `keep` per job). */
+export function previewRunsPrune(keep) {
+    const toPrune = [];
+    for (const jobName of listJobsWithRuns()) {
+        const runs = listRuns(jobName);
+        if (runs.length > keep) {
+            const toRemove = runs.slice(0, runs.length - keep);
+            for (const run of toRemove) {
+                toPrune.push({ jobName, runId: run.runId, startedAt: run.startedAt });
+            }
+        }
+    }
+    return toPrune;
+}
+/** Delete old runs, keeping only the most recent `keep` per job. Returns bytes freed and run count. */
+export function pruneRuns(keep) {
+    let deleted = 0;
+    let bytesFreed = 0;
+    for (const jobName of listJobsWithRuns()) {
+        const runs = listRuns(jobName);
+        if (runs.length <= keep)
+            continue;
+        const toRemove = runs.slice(0, runs.length - keep);
+        for (const run of toRemove) {
+            const runDir = getRunDir(jobName, run.runId);
+            bytesFreed += getDirSize(runDir);
+            fs.rmSync(runDir, { recursive: true, force: true });
+            deleted++;
+        }
+    }
+    return { deleted, bytesFreed };
+}
+function getDirSize(dirPath) {
+    if (!fs.existsSync(dirPath))
+        return 0;
+    let size = 0;
+    const entries = fs.readdirSync(dirPath, { withFileTypes: true });
+    for (const entry of entries) {
+        const fullPath = path.join(dirPath, entry.name);
+        if (entry.isDirectory()) {
+            size += getDirSize(fullPath);
+        }
+        else {
+            try {
+                size += fs.statSync(fullPath).size;
+            }
+            catch { /* ignore */ }
+        }
+    }
+    return size;
+}

package/dist/lib/runner.js

@@ -14,6 +14,7 @@ import { resolveJobPrompt, parseTimeout, writeRunMeta, getRunDir, } from './rout
 import { getRunsDir } from './state.js';
 import { prepareJobHome, buildSpawnEnv } from './sandbox.js';
 import { resolveModel, buildReasoningFlags } from './models.js';
+import { createTimer, maybeRotate, truncate } from './events.js';
 /** CLI command templates per agent, with {prompt} as a placeholder. */
 const AGENT_COMMANDS = {
     claude: ['claude', '-p', '--verbose', '{prompt}', '--output-format', 'stream-json', '--permission-mode', 'plan'],
@@ -107,6 +108,15 @@ function generateRunId() {
 }
 /** Execute a job synchronously (waits for completion or timeout before resolving). */
 export async function executeJob(config) {
+    maybeRotate();
+    const timer = createTimer('agent.run', {
+        agent: config.agent,
+        version: config.version,
+        jobName: config.name,
+        mode: config.mode,
+        prompt: truncate(config.prompt, 200),
+        schedule: config.schedule,
+    });
     const resolvedPrompt = resolveJobPrompt(config);
     const cmd = buildJobCommand(config, resolvedPrompt);
     const useSandbox = config.sandbox !== false;
@@ -138,6 +148,8 @@ export async function executeJob(config) {
             detached: true,
             env: spawnEnv,
         });
+        // Mark startup time (time from function call to process spawn)
+        timer.mark('startup');
         meta.pid = child.pid || null;
         writeRunMeta(meta);
         let settled = false;
@@ -160,6 +172,7 @@ export async function executeJob(config) {
             meta.status = 'timeout';
             meta.completedAt = new Date().toISOString();
             writeRunMeta(meta);
+            timer.end({ status: 'timeout', runId });
             const reportPath = extractAndSaveReport(stdoutPath, config.agent, runDir);
             resolve({ meta, reportPath });
         }, timeoutMs);
@@ -176,6 +189,7 @@ export async function executeJob(config) {
             meta.status = code === 0 ? 'completed' : 'failed';
             meta.completedAt = new Date().toISOString();
             writeRunMeta(meta);
+            timer.end({ status: meta.status, exitCode: code ?? undefined, runId });
             const reportPath = extractAndSaveReport(stdoutPath, config.agent, runDir);
             resolve({ meta, reportPath });
         });
@@ -191,6 +205,7 @@ export async function executeJob(config) {
             meta.status = 'failed';
             meta.completedAt = new Date().toISOString();
             writeRunMeta(meta);
+            timer.end({ status: 'failed', error: err.message, runId });
             resolve({ meta, reportPath: null });
         });
         child.unref();

package/dist/lib/secrets/bundles.js

@@ -16,6 +16,7 @@ import * as os from 'os';
 import * as path from 'path';
 import * as yaml from 'yaml';
 import { deleteKeychainToken, getKeychainToken, hasKeychainToken, listKeychainItems, parseBundleValue, resolveRef, secretsKeychainItem, setKeychainToken, } from './index.js';
+import { emit } from '../events.js';
 /** Allowed values for a secret's `type` metadata field. */
 export const SECRET_TYPES = [
     'api-key',
@@ -148,10 +149,15 @@ export function writeBundle(bundle) {
     };
     const json = JSON.stringify(payload);
     setKeychainToken(bundleMetaItem(bundle.name), json, Boolean(bundle.icloud_sync));
+    emit('secrets.set', { bundle: bundle.name });
 }
 export function deleteBundle(name) {
     validateBundleName(name);
-    return deleteKeychainToken(bundleMetaItem(name));
+    const deleted = deleteKeychainToken(bundleMetaItem(name));
+    if (deleted) {
+        emit('secrets.delete', { bundle: name });
+    }
+    return deleted;
 }
 export function listBundles() {
     let services;

package/dist/lib/secrets/index.d.ts

@@ -1,11 +1,14 @@
 /**
- * macOS Keychain integration for secure credential storage.
+ * Cross-platform secure credential storage.
  *
- * All reads/writes go through a signed Swift helper (keychain-helper.swift)
- * compiled into AgentsKeychain.app. The .app embeds a provisioning profile
- * that grants the application-identifier + keychain-access-groups entitlement
- * macOS requires for kSecAttrSynchronizable writes (iCloud Keychain).
- * For device-local writes the helper is invoked with the `nosync` arg.
+ * macOS: Uses Keychain via signed Swift helper (AgentsKeychain.app) or `security` CLI.
+ * Linux: Uses libsecret (GNOME Keyring) via `secret-tool` CLI.
+ * Windows: Not yet supported.
+ *
+ * The .app embeds a provisioning profile that grants the application-identifier
+ * + keychain-access-groups entitlement macOS requires for kSecAttrSynchronizable
+ * writes (iCloud Keychain). For device-local writes the helper is invoked with
+ * the `nosync` arg.
  */
 /** Supported secret resolution backends. */
 export type SecretProvider = 'keychain' | 'env' | 'file' | 'exec';
@@ -49,15 +52,15 @@ export interface KeychainBackend {
 }
 /** Install a custom keychain backend (test only). Returns the previous backend so callers can restore. */
 export declare function setKeychainBackendForTest(b: KeychainBackend | null): KeychainBackend | null;
-/** Check if a keychain item exists (macOS only). */
+/** Check if a keychain/keyring item exists. */
 export declare function hasKeychainToken(item: string, sync?: boolean): boolean;
-/** Retrieve a secret value from the macOS Keychain. Throws if not found. */
+/** Retrieve a secret value from the keychain/keyring. Throws if not found. */
 export declare function getKeychainToken(item: string, sync?: boolean): string;
-/** Store or update a secret value in the macOS Keychain. iCloud-synced when sync=true. */
+/** Store or update a secret value in the keychain/keyring. iCloud-synced when sync=true (macOS only). */
 export declare function setKeychainToken(item: string, value: string, sync?: boolean): void;
-/** Delete a keychain item. Returns true if it existed. */
+/** Delete a keychain/keyring item. Returns true if it existed. */
 export declare function deleteKeychainToken(item: string, sync?: boolean): boolean;
-/** Enumerate keychain item service names whose name starts with the given prefix. */
+/** Enumerate keychain/keyring item names starting with the given prefix. */
 export declare function listKeychainItems(prefix: string): string[];
 /** Options controlling how secret refs are resolved. */
 export interface ResolveOptions {

package/dist/lib/secrets/index.js

@@ -1,17 +1,21 @@
 /**
- * macOS Keychain integration for secure credential storage.
+ * Cross-platform secure credential storage.
  *
- * All reads/writes go through a signed Swift helper (keychain-helper.swift)
- * compiled into AgentsKeychain.app. The .app embeds a provisioning profile
- * that grants the application-identifier + keychain-access-groups entitlement
- * macOS requires for kSecAttrSynchronizable writes (iCloud Keychain).
- * For device-local writes the helper is invoked with the `nosync` arg.
+ * macOS: Uses Keychain via signed Swift helper (AgentsKeychain.app) or `security` CLI.
+ * Linux: Uses libsecret (GNOME Keyring) via `secret-tool` CLI.
+ * Windows: Not yet supported.
+ *
+ * The .app embeds a provisioning profile that grants the application-identifier
+ * + keychain-access-groups entitlement macOS requires for kSecAttrSynchronizable
+ * writes (iCloud Keychain). For device-local writes the helper is invoked with
+ * the `nosync` arg.
  */
 import { fileURLToPath } from 'url';
 import { execFileSync, spawnSync } from 'child_process';
 import * as fs from 'fs';
 import * as os from 'os';
 import * as path from 'path';
+import { linuxBackend } from './linux.js';
 const SERVICE_PREFIX = 'agents-cli';
 const REF_PATTERN = /^(keychain|env|file|exec):(.+)$/s;
 /** Parse a bundle value into either a literal string or a typed secret ref. */
@@ -31,11 +35,18 @@ export function parseBundleValue(raw) {
 export function serializeRef(ref) {
     return `${ref.provider}:${ref.value}`;
 }
-function assertMacOS() {
-    if (process.platform !== 'darwin') {
-        throw new Error('Keychain-based secrets require macOS. On Linux, use environment variables or .env files instead. Native Linux credential store support is planned.');
+function assertSupportedPlatform() {
+    if (process.platform !== 'darwin' && process.platform !== 'linux') {
+        throw new Error('Secure credential storage requires macOS or Linux. ' +
+            'On Windows, use environment variables or .env files instead.');
     }
 }
+function isLinux() {
+    return process.platform === 'linux';
+}
+function isMacOS() {
+    return process.platform === 'darwin';
+}
 /** Build the keychain item name for a profile provider token. */
 export function profileKeychainItem(provider) {
     return `${SERVICE_PREFIX}.${provider}.token`;
@@ -73,12 +84,14 @@ export function setKeychainBackendForTest(b) {
 // holds the keychain-access-groups entitlement macOS requires for
 // kSecAttrSynchronizable. Enumeration also goes through the .app because the
 // security CLI doesn't expose listing by service prefix.
-/** Check if a keychain item exists (macOS only). */
+/** Check if a keychain/keyring item exists. */
 export function hasKeychainToken(item, sync = false) {
     if (backend)
         return backend.has(item, sync);
-    assertMacOS();
-    // Try security first (no prompts for local items), fall back to binary for synced items.
+    assertSupportedPlatform();
+    if (isLinux())
+        return linuxBackend.has(item, sync);
+    // macOS: Try security first (no prompts for local items), fall back to binary for synced items.
     if (spawnSync('security', ['find-generic-password', '-a', os.userInfo().username, '-s', item, '-w'], {
         stdio: ['ignore', 'pipe', 'pipe'],
     }).status === 0)
@@ -89,12 +102,14 @@ export function hasKeychainToken(item, sync = false) {
         stdio: ['ignore', 'pipe', 'pipe'],
     }).status === 0;
 }
-/** Retrieve a secret value from the macOS Keychain. Throws if not found. */
+/** Retrieve a secret value from the keychain/keyring. Throws if not found. */
 export function getKeychainToken(item, sync = false) {
     if (backend)
         return backend.get(item, sync);
-    assertMacOS();
-    // Try security first (no prompts for local items)
+    assertSupportedPlatform();
+    if (isLinux())
+        return linuxBackend.get(item, sync);
+    // macOS: Try security first (no prompts for local items)
     const secResult = spawnSync('security', ['find-generic-password', '-a', os.userInfo().username, '-s', item, '-w'], {
         stdio: ['ignore', 'pipe', 'pipe'],
     });
@@ -119,17 +134,24 @@ export function getKeychainToken(item, sync = false) {
         throw new Error(`Keychain item '${item}' exists but is empty.`);
     return token;
 }
-/** Store or update a secret value in the macOS Keychain. iCloud-synced when sync=true. */
+/** Store or update a secret value in the keychain/keyring. iCloud-synced when sync=true (macOS only). */
 export function setKeychainToken(item, value, sync = false) {
     if (backend) {
         backend.set(item, value, sync);
         return;
     }
-    assertMacOS();
+    assertSupportedPlatform();
     if (!value || !value.trim())
         throw new Error('Secret value is empty.');
     if (/[\r\n]/.test(value))
         throw new Error('Secret value contains newlines, which are not supported.');
+    if (/[\x00=\r\n]/.test(item))
+        throw new Error('Secret item name contains invalid characters.');
+    if (isLinux()) {
+        linuxBackend.set(item, value, sync);
+        return;
+    }
+    // macOS path
     if (sync) {
         const bin = ensureKeychainHelper();
         const result = spawnSync(bin, ['set', item, os.userInfo().username], {
@@ -153,11 +175,14 @@ export function setKeychainToken(item, value, sync = false) {
         throw new Error(`Failed to write keychain item '${item}' (exit ${result.status}).`);
     }
 }
-/** Delete a keychain item. Returns true if it existed. */
+/** Delete a keychain/keyring item. Returns true if it existed. */
 export function deleteKeychainToken(item, sync = false) {
     if (backend)
         return backend.delete(item, sync);
-    assertMacOS();
+    assertSupportedPlatform();
+    if (isLinux())
+        return linuxBackend.delete(item, sync);
+    // macOS path
     if (sync) {
         const bin = ensureKeychainHelper();
         return spawnSync(bin, ['delete', item, os.userInfo().username], {
@@ -171,11 +196,14 @@ export function deleteKeychainToken(item, sync = false) {
 function quoteForSecurityCli(s) {
     return '"' + s.replace(/\\/g, '\\\\').replace(/"/g, '\\"') + '"';
 }
-/** Enumerate keychain item service names whose name starts with the given prefix. */
+/** Enumerate keychain/keyring item names starting with the given prefix. */
 export function listKeychainItems(prefix) {
     if (backend)
         return backend.list(prefix);
-    assertMacOS();
+    assertSupportedPlatform();
+    if (isLinux())
+        return linuxBackend.list(prefix);
+    // macOS path
     const bin = ensureKeychainHelper();
     const result = spawnSync(bin, ['list', prefix], {
         stdio: ['ignore', 'pipe', 'pipe'],

package/dist/lib/secrets/linux.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Linux secret storage via libsecret (GNOME Keyring / Secret Service API).
+ *
+ * Uses `secret-tool` CLI which is part of libsecret-tools package.
+ * On Ubuntu: apt install libsecret-tools
+ *
+ * Secrets are stored with:
+ *   service = "agents-cli"
+ *   account = username
+ *   item = the secret identifier
+ */
+import type { KeychainBackend } from './index.js';
+/**
+ * secret-tool lookup attributes:
+ *   service=agents-cli account=<user> item=<itemName>
+ */
+export declare function hasSecretToolToken(item: string): boolean;
+export declare function getSecretToolToken(item: string): string;
+export declare function setSecretToolToken(item: string, value: string): void;
+export declare function deleteSecretToolToken(item: string): boolean;
+/**
+ * List secrets by prefix. secret-tool doesn't have a list command,
+ * so we use secret-tool search which outputs in a specific format.
+ */
+export declare function listSecretToolItems(prefix: string): string[];
+/** KeychainBackend implementation for Linux using secret-tool */
+export declare const linuxBackend: KeychainBackend;

package/dist/lib/secrets/linux.js

@@ -0,0 +1,161 @@
+/**
+ * Linux secret storage via libsecret (GNOME Keyring / Secret Service API).
+ *
+ * Uses `secret-tool` CLI which is part of libsecret-tools package.
+ * On Ubuntu: apt install libsecret-tools
+ *
+ * Secrets are stored with:
+ *   service = "agents-cli"
+ *   account = username
+ *   item = the secret identifier
+ */
+import { spawnSync } from 'child_process';
+import * as os from 'os';
+const SERVICE = 'agents-cli';
+function secretToolAvailable() {
+    const result = spawnSync('which', ['secret-tool'], {
+        stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    return result.status === 0;
+}
+let checkedAvailability = false;
+let isAvailable = false;
+function ensureSecretTool() {
+    if (!checkedAvailability) {
+        isAvailable = secretToolAvailable();
+        checkedAvailability = true;
+    }
+    if (!isAvailable) {
+        throw new Error('secret-tool not found. Install libsecret-tools:\n' +
+            '  Ubuntu/Debian: sudo apt install libsecret-tools\n' +
+            '  Fedora: sudo dnf install libsecret\n' +
+            '  Arch: sudo pacman -S libsecret');
+    }
+}
+/**
+ * secret-tool lookup attributes:
+ *   service=agents-cli account=<user> item=<itemName>
+ */
+export function hasSecretToolToken(item) {
+    ensureSecretTool();
+    const user = os.userInfo().username;
+    const result = spawnSync('secret-tool', [
+        'lookup',
+        'service', SERVICE,
+        'account', user,
+        'item', item,
+    ], {
+        stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    return result.status === 0 && result.stdout?.toString().trim().length > 0;
+}
+export function getSecretToolToken(item) {
+    ensureSecretTool();
+    const user = os.userInfo().username;
+    const result = spawnSync('secret-tool', [
+        'lookup',
+        'service', SERVICE,
+        'account', user,
+        'item', item,
+    ], {
+        stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    if (result.status !== 0) {
+        throw new Error(`Secret '${item}' not found in keyring.`);
+    }
+    const token = result.stdout?.toString().trim();
+    if (!token) {
+        throw new Error(`Secret '${item}' exists but is empty.`);
+    }
+    return token;
+}
+export function setSecretToolToken(item, value) {
+    ensureSecretTool();
+    if (!value || !value.trim())
+        throw new Error('Secret value is empty.');
+    const user = os.userInfo().username;
+    const label = `agents-cli: ${item}`;
+    // secret-tool store reads value from stdin
+    const result = spawnSync('secret-tool', [
+        'store',
+        '--label', label,
+        'service', SERVICE,
+        'account', user,
+        'item', item,
+    ], {
+        input: value,
+        stdio: ['pipe', 'pipe', 'pipe'],
+    });
+    if (result.status !== 0) {
+        const stderr = result.stderr?.toString().trim();
+        throw new Error(`Failed to store secret '${item}': ${stderr || 'unknown error'}\n` +
+            'Make sure GNOME Keyring or another Secret Service provider is running.');
+    }
+}
+export function deleteSecretToolToken(item) {
+    ensureSecretTool();
+    const user = os.userInfo().username;
+    const result = spawnSync('secret-tool', [
+        'clear',
+        'service', SERVICE,
+        'account', user,
+        'item', item,
+    ], {
+        stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    // secret-tool clear returns 0 whether the item existed or not.
+    // This matches the macOS behavior where delete is idempotent.
+    return result.status === 0;
+}
+/**
+ * List secrets by prefix. secret-tool doesn't have a list command,
+ * so we use secret-tool search which outputs in a specific format.
+ */
+export function listSecretToolItems(prefix) {
+    ensureSecretTool();
+    // secret-tool search outputs attributes, one item per block
+    const result = spawnSync('secret-tool', [
+        'search',
+        '--all',
+        'service', SERVICE,
+    ], {
+        stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    if (result.status !== 0) {
+        return [];
+    }
+    const output = result.stdout?.toString() || '';
+    const items = [];
+    // Parse output format:
+    // [/org/freedesktop/secrets/collection/login/1]
+    // label = agents-cli: myitem
+    // ...
+    // attribute.item = myitem
+    const itemRegex = /attribute\.item\s*=\s*(.+)/g;
+    let match;
+    while ((match = itemRegex.exec(output)) !== null) {
+        const itemName = match[1].trim();
+        if (itemName.startsWith(prefix)) {
+            items.push(itemName);
+        }
+    }
+    return [...new Set(items)]; // dedupe
+}
+/** KeychainBackend implementation for Linux using secret-tool */
+export const linuxBackend = {
+    has(item, _sync) {
+        return hasSecretToolToken(item);
+    },
+    get(item, _sync) {
+        return getSecretToolToken(item);
+    },
+    set(item, value, _sync) {
+        setSecretToolToken(item, value);
+    },
+    delete(item, _sync) {
+        return deleteSecretToolToken(item);
+    },
+    list(prefix) {
+        return listSecretToolItems(prefix);
+    },
+};

package/dist/lib/session/db.d.ts

@@ -137,3 +137,7 @@ export declare function getRowCount(): {
     sessions: number;
     textRows: number;
 };
+/** Count sessions older than the given timestamp (for dry-run previews). */
+export declare function countSessionsOlderThan(cutoffMs: number): number;
+/** Delete sessions older than the given timestamp. Returns the number of rows deleted. */
+export declare function deleteSessionsOlderThan(cutoffMs: number): number;

package/dist/lib/session/db.js

@@ -638,3 +638,29 @@ export function getRowCount() {
     const textRows = db.prepare(`SELECT COUNT(*) AS c FROM session_text`).get().c;
     return { sessions, textRows };
 }
+/** Count sessions older than the given timestamp (for dry-run previews). */
+export function countSessionsOlderThan(cutoffMs) {
+    const db = getDB();
+    const cutoffIso = new Date(cutoffMs).toISOString();
+    const row = db.prepare(`SELECT COUNT(*) AS n FROM sessions WHERE timestamp < ?`).get(cutoffIso);
+    return row.n;
+}
+/** Delete sessions older than the given timestamp. Returns the number of rows deleted. */
+export function deleteSessionsOlderThan(cutoffMs) {
+    const db = getDB();
+    const cutoffIso = new Date(cutoffMs).toISOString();
+    const rows = db.prepare(`SELECT id, file_path FROM sessions WHERE timestamp < ?`).all(cutoffIso);
+    if (rows.length === 0)
+        return 0;
+    const txn = db.transaction(() => {
+        for (const { id, file_path } of rows) {
+            db.prepare(`DELETE FROM session_text WHERE session_id = ?`).run(id);
+            db.prepare(`DELETE FROM sessions WHERE id = ?`).run(id);
+            if (file_path) {
+                db.prepare(`DELETE FROM scan_ledger WHERE file_path = ?`).run(canonicalLedgerKey(file_path));
+            }
+        }
+    });
+    txn();
+    return rows.length;
+}

package/dist/lib/skills.js

@@ -13,6 +13,7 @@ import * as yaml from 'yaml';
 import { SKILLS_CAPABLE_AGENTS, ensureSkillsDir } from './agents.js';
 import { getUserSkillsDir, getSkillsDir as getSystemSkillsDir, getProjectAgentsDir, getEnabledExtraRepos } from './state.js';
 import { getEffectiveHome, getVersionHomePath, listInstalledVersions } from './versions.js';
+import { emit } from './events.js';
 const HOME = os.homedir();
 /** User-scoped skills dir (~/.agents/skills/). Used for installs. */
 export function getSkillsDir() {
@@ -255,6 +256,7 @@ export function installSkill(sourcePath, skillName, agents, method = 'symlink')
             };
         }
     }
+    emit('skill.install', { skill: skillName, agents });
     return { success: true };
 }
 /**
@@ -555,6 +557,7 @@ export function installSkillToVersion(agent, version, skillName, method = 'copy'
             // Best-effort; failure here shouldn't unwind the install
         }
     }
+    emit('skill.install', { skill: skillName, agent, version });
     return { success: true };
 }
 /**
@@ -616,6 +619,7 @@ export function uninstallSkill(skillName) {
     catch {
         // Ignore removal errors
     }
+    emit('skill.remove', { skill: skillName });
     return { success: true };
 }
 export function listInstalledSkills() {

package/dist/lib/usage.d.ts

@@ -79,7 +79,7 @@ export declare function getUsageInfoForIdentity(input: UsageIdentityInput): Prom
 export declare function formatUsageSummary(plan: string | null, snapshot: UsageSnapshot | null, planWidth?: number): string;
 /** Format a multi-line usage section for detailed agent views. */
 export declare function formatUsageSection(usage: UsageInfo): string[];
-/** Load Claude OAuth credentials from the macOS Keychain. */
+/** Load Claude OAuth credentials from the system keychain/keyring. */
 export declare function loadClaudeOauth(home?: string): Promise<ClaudeOauthCredentials | null>;
 /**
  * Derive the Keychain service name for a Claude home directory.