@phnx-labs/agents-cli 1.19.1 → 1.19.2

package/README.md

@@ -414,7 +414,7 @@ agents secrets list                              # npm-tokens is already there;
 agents run claude "..." --secrets npm-tokens     # injects NPM_TOKEN automatically
 ```
 
-Under the hood, synced bundles route writes through a notarized helper app (`AgentsKeychain.app`) that holds the entitlement macOS requires for `kSecAttrSynchronizable`. Bundles created with `--no-icloud-sync` stay device-local.
+Under the hood, synced bundles route writes through a notarized helper app (`Agents CLI.app`) that holds the entitlement macOS requires for `kSecAttrSynchronizable`. Bundles created with `--no-icloud-sync` stay device-local.
 
 Bundle definitions sync via iCloud Keychain too — no `agents repo push` needed for secrets, no recreate step on each Mac. Nothing about secrets ever lives in plaintext on disk.
 

package/dist/commands/exec.js

@@ -276,7 +276,7 @@ export function registerRunCommand(program) {
                 }
                 const breakdown = Object.entries(counts).map(([k, v]) => `${v} ${k}`).join(', ');
                 console.log(chalk.gray(`[secrets] Resolved ${bundleName}: ${entries.length} keys (${breakdown})`));
-                secretsEnv = { ...secretsEnv, ...resolveBundleEnv(bundle) };
+                secretsEnv = { ...secretsEnv, ...resolveBundleEnv(bundle, { caller: `agent ${agent}` }) };
             }
             catch (err) {
                 console.error(chalk.red(err.message));

package/dist/commands/mcp.js

@@ -156,11 +156,40 @@ Examples:
   agents mcp add db-server -- uvx postgres-mcp
 `)
         .action(async (name, commandOrUrl, options) => {
+        // Registry resolution: if the user just typed `agents mcp add <name>`,
+        // try looking up `<name>` in any configured MCP registry (by default the
+        // official MCP Registry at registry.modelcontextprotocol.io) and derive
+        // the install spec automatically.
+        if (commandOrUrl.length === 0) {
+            const { getMcpServerInfo, mcpEntryToInstallSpec } = await import('../lib/registry.js');
+            const spinner = ora(`Looking up '${name}' in MCP registries…`).start();
+            try {
+                const entry = await getMcpServerInfo(name);
+                if (entry) {
+                    const spec = mcpEntryToInstallSpec(entry);
+                    if (spec?.command) {
+                        commandOrUrl = spec.command.split(' ');
+                        options.transport = spec.transport;
+                        spinner.succeed(`Resolved '${name}' → ${chalk.gray(spec.command)}`);
+                    }
+                    else {
+                        spinner.warn(`Found '${name}' in registry but could not derive an install command (likely a remote-only server).`);
+                    }
+                }
+                else {
+                    spinner.fail(`'${name}' not found in any configured MCP registry.`);
+                }
+            }
+            catch (err) {
+                spinner.fail(`Registry lookup failed: ${err.message}`);
+            }
+        }
         const transport = options.transport;
         if (commandOrUrl.length === 0) {
             console.error(chalk.red('Error: Command or URL required'));
             console.log(chalk.gray('Stdio: agents mcp add <name> -- <command...>'));
             console.log(chalk.gray('HTTP:  agents mcp add <name> <url> --transport http'));
+            console.log(chalk.gray("Or list what's discoverable: agents mcp list --available"));
             process.exit(1);
         }
         const localPath = getUserAgentsDir();

package/dist/commands/secrets.js

@@ -879,7 +879,7 @@ Examples:
             if (opts.to1password) {
                 assertOpAvailable();
                 const vault = await resolveVault(opts.vault);
-                const env = resolveBundleEnv(bundle);
+                const env = resolveBundleEnv(bundle, { caller: `1Password vault ${vault}` });
                 let created = 0;
                 let overwritten = 0;
                 let skipped = 0;
@@ -913,7 +913,7 @@ Examples:
                 console.error(chalk.red('export to a TTY requires --plaintext (prevents shoulder-surfing).'));
                 process.exit(1);
             }
-            const env = resolveBundleEnv(bundle);
+            const env = resolveBundleEnv(bundle, { caller: `export to shell` });
             const prefix = bundleToEnvPrefix(resolvedBundleName);
             for (const [k, v] of Object.entries(env)) {
                 const exportKey = isReservedEnvName(k) ? `${prefix}_${k}` : k;
@@ -941,9 +941,9 @@ Examples:
             }
             const { resolveBundleEnv } = await import('../lib/secrets/bundles.js');
             const bundle = readBundle(bundleName);
-            const secretEnv = resolveBundleEnv(bundle);
-            const { spawn } = await import('child_process');
             const [cmd, ...args] = commandParts;
+            const secretEnv = resolveBundleEnv(bundle, { caller: `command ${cmd}` });
+            const { spawn } = await import('child_process');
             const proc = spawn(cmd, args, {
                 stdio: 'inherit',
                 env: { ...process.env, ...secretEnv },

package/dist/commands/sessions.d.ts

@@ -3,14 +3,15 @@ import type { SessionMeta } from '../lib/session/types.js';
 /**
  * Build the shell command that resumes a picked session.
  *
- * Cross-version handoff: when the session was created on a different version
- * than the one the shim will launch (activeVersion), the session file lives in
- * the other version's isolated home and `--resume <id>` would silently fail to
- * find it. Fall back to a fresh session seeded with `/continue <id>`, which is
- * wired (~/.claude/commands/continue.md) to read the prior transcript via
- * `agents sessions <id>` — that reader is version-agnostic.
+ * When the session's originating version is known, uses the version-pinned
+ * binary (e.g. `claude@2.1.138`) so the resume always runs in the same
+ * isolated HOME where the JSONL was written — regardless of which version is
+ * currently the default. Falls back to the bare shim when version is unknown.
+ *
+ * If the versioned binary is missing (version was removed), the ENOENT
+ * handler in handlePickedSession retries via buildFallbackCommand.
  */
-export declare function buildResumeCommand(session: SessionMeta, activeVersion?: string): string[] | null;
+export declare function buildResumeCommand(session: SessionMeta): string[] | null;
 /** Filter and rank sessions by a multi-term search query across metadata and content. */
 export declare function filterSessionsByQuery(sessions: SessionMeta[], query: string | undefined): SessionMeta[];
 /** Register the `agents sessions` command with all its options and help text. */

package/dist/commands/sessions.js

@@ -22,7 +22,7 @@ import { parseSession } from '../lib/session/parse.js';
 import { renderConversationMarkdown, renderSummary, renderSummaryHeader, computeSummaryStats, renderJson, filterEvents, parseRoleList } from '../lib/session/render.js';
 import { renderMarkdown } from '../lib/markdown.js';
 import { colorAgent, resolveAgentName } from '../lib/agents.js';
-import { resolveVersion, resolveVersionAliasLoose } from '../lib/versions.js';
+import { resolveVersionAliasLoose } from '../lib/versions.js';
 import { isInteractiveTerminal, isPromptCancelled } from './utils.js';
 import { sessionPicker } from './sessions-picker.js';
 import { setHelpSections } from '../lib/help.js';
@@ -613,18 +613,12 @@ async function handlePickedSession(picked) {
     const cwd = picked.session.cwd && fs.existsSync(picked.session.cwd)
         ? picked.session.cwd
         : process.cwd();
-    const activeVersion = resolveVersion(picked.session.agent, cwd) ?? undefined;
-    const resume = buildResumeCommand(picked.session, activeVersion);
+    const resume = buildResumeCommand(picked.session);
     if (!resume) {
         console.log(chalk.yellow(`Resume is not supported for ${picked.session.agent} sessions yet. Showing summary instead.`));
         await renderSession(picked.session, 'summary', {});
         return;
     }
-    if (picked.session.version && activeVersion && picked.session.version !== activeVersion) {
-        console.log(chalk.gray(`Cross-version handoff: session is ${picked.session.agent} ${picked.session.version}, ` +
-            `default is ${activeVersion}. Starting fresh and passing /continue so the new agent ` +
-            `reads the prior transcript via 'agents sessions'.`));
-    }
     console.log(chalk.gray(`Resuming: ${resume.join(' ')} (cwd: ${cwd})`));
     await new Promise((resolve) => {
         const child = spawn(resume[0], resume.slice(1), {
@@ -633,6 +627,16 @@ async function handlePickedSession(picked) {
             shell: false,
         });
         child.on('error', (err) => {
+            if (err.code === 'ENOENT' && picked.session.version) {
+                const fallback = buildFallbackCommand(picked.session);
+                if (fallback) {
+                    console.log(chalk.gray(`Version ${picked.session.version} is not installed. Falling back to current version via /continue...`));
+                    const fb = spawn(fallback[0], fallback.slice(1), { cwd, stdio: 'inherit', shell: false });
+                    fb.on('error', (e) => { console.error(chalk.red(`Failed: ${e.message}`)); resolve(); });
+                    fb.on('close', () => resolve());
+                    return;
+                }
+            }
             console.error(chalk.red(`Failed to launch ${resume[0]}: ${err.message}`));
             if (err.code === 'ENOENT') {
                 console.error(chalk.gray(`Make sure '${resume[0]}' is on your PATH.`));
@@ -645,23 +649,23 @@ async function handlePickedSession(picked) {
 /**
  * Build the shell command that resumes a picked session.
  *
- * Cross-version handoff: when the session was created on a different version
- * than the one the shim will launch (activeVersion), the session file lives in
- * the other version's isolated home and `--resume <id>` would silently fail to
- * find it. Fall back to a fresh session seeded with `/continue <id>`, which is
- * wired (~/.claude/commands/continue.md) to read the prior transcript via
- * `agents sessions <id>` — that reader is version-agnostic.
+ * When the session's originating version is known, uses the version-pinned
+ * binary (e.g. `claude@2.1.138`) so the resume always runs in the same
+ * isolated HOME where the JSONL was written — regardless of which version is
+ * currently the default. Falls back to the bare shim when version is unknown.
+ *
+ * If the versioned binary is missing (version was removed), the ENOENT
+ * handler in handlePickedSession retries via buildFallbackCommand.
  */
-export function buildResumeCommand(session, activeVersion) {
-    const versionMismatch = !!(session.version && activeVersion && session.version !== activeVersion);
+export function buildResumeCommand(session) {
     switch (session.agent) {
         case 'claude':
-            if (versionMismatch)
-                return ['claude', `/continue ${session.id}`];
+            if (session.version)
+                return [`claude@${session.version}`, '--resume', session.id];
             return ['claude', '--resume', session.id];
         case 'codex':
-            if (versionMismatch)
-                return ['codex', `/continue ${session.id}`];
+            if (session.version)
+                return [`codex@${session.version}`, 'resume', session.id];
             return ['codex', 'resume', session.id];
         case 'opencode':
             return ['opencode', '--session', session.id];
@@ -673,6 +677,14 @@ export function buildResumeCommand(session, activeVersion) {
             return null;
     }
 }
+/** Fallback resume command when the versioned binary is unavailable (ENOENT). */
+function buildFallbackCommand(session) {
+    switch (session.agent) {
+        case 'claude': return ['claude', `/continue ${session.id}`];
+        case 'codex': return ['codex', `/continue ${session.id}`];
+        default: return null;
+    }
+}
 // ---------------------------------------------------------------------------
 // Cloud session source (--cloud)
 // ---------------------------------------------------------------------------

package/dist/commands/versions.js

@@ -7,12 +7,27 @@ import { AGENTS, ALL_AGENT_IDS, getAccountEmail, getAccountInfo, agentLabel, } f
 import { formatUsageSummary, getUsageInfoForIdentity, getUsageInfoByIdentity, getUsageLookupKey, } from '../lib/usage.js';
 import { viewAction } from './view.js';
 import { readManifest, writeManifest, createDefaultManifest } from '../lib/manifest.js';
-import { installVersion, removeVersion, listInstalledVersions, isVersionInstalled, isLatestInstalled, getGlobalDefault, setGlobalDefault, getVersionHomePath, syncResourcesToVersion, parseAgentSpec, promptResourceSelection, promptNewResourceSelection, getAvailableResources, getActuallySyncedResources, getNewResources, hasNewResources, } from '../lib/versions.js';
+import { installVersion, removeVersion, listInstalledVersions, isVersionInstalled, isLatestInstalled, getGlobalDefault, setGlobalDefault, getVersionHomePath, getVersionDir, syncResourcesToVersion, parseAgentSpec, promptResourceSelection, promptNewResourceSelection, getAvailableResources, getActuallySyncedResources, getNewResources, hasNewResources, } from '../lib/versions.js';
 import { createShim, createVersionedAlias, removeShim, shimExists, getShimsDir, getShimPath, getPathShadowingExecutable, isShimsInPath, getPathSetupInstructions, addShimsToPath, switchConfigSymlink, switchHomeFileSymlinks, } from '../lib/shims.js';
 import { isInteractiveTerminal, isPromptCancelled, requireInteractiveSelection } from './utils.js';
 import { tryAutoPull } from '../lib/git.js';
-import { getAgentsDir } from '../lib/state.js';
+import { getAgentsDir, getTrashVersionsDir } from '../lib/state.js';
 import { setHelpSections } from '../lib/help.js';
+import { updateSessionFilePaths } from '../lib/session/db.js';
+/**
+ * After removeVersion soft-deletes a version dir to trash, rewrite session
+ * file_path entries in the DB so reads still work from the new trash location.
+ */
+function fixSessionFilePaths(agent, version, oldVersionDir) {
+    const trashAgentDir = path.join(getTrashVersionsDir(), agent, version);
+    if (!fs.existsSync(trashAgentDir))
+        return;
+    const stamps = fs.readdirSync(trashAgentDir).sort().reverse();
+    if (stamps.length === 0)
+        return;
+    const trashPath = path.join(trashAgentDir, stamps[0]);
+    updateSessionFilePaths(oldVersionDir, trashPath);
+}
 /**
  * Helper to get actual installed version for an agent.
  * Returns the latest installed version, or throws if none installed.
@@ -362,7 +377,9 @@ export function registerVersionsCommands(program) {
                         continue;
                     }
                     for (const v of toRemove) {
+                        const versionDir = getVersionDir(agent, v);
                         removeVersion(agent, v);
+                        fixSessionFilePaths(agent, v, versionDir);
                         console.log(chalk.green(`Removed ${agentLabel(agentConfig.id)}@${v}`));
                     }
                     // Check if default was removed
@@ -390,7 +407,9 @@ export function registerVersionsCommands(program) {
                     console.log(chalk.gray(`${agentLabel(agentConfig.id)}@${version} not installed`));
                 }
                 else {
+                    const versionDir = getVersionDir(agent, version);
                     removeVersion(agent, version);
+                    fixSessionFilePaths(agent, version, versionDir);
                     console.log(chalk.green(`Removed ${agentLabel(agentConfig.id)}@${version}`));
                     // Remove shim if no versions left
                     const remaining = listInstalledVersions(agent);

package/dist/lib/agents.js

@@ -335,6 +335,50 @@ export const AGENTS = {
         supportsHooks: false,
         capabilities: { hooks: false, mcp: true, allowlist: false, skills: true, commands: true, plugins: false },
     },
+    // Google Antigravity CLI (`agy`) — official replacement for Gemini CLI as of IO 2026.
+    // configDir nests inside `~/.gemini/` since agy shares the parent dir with the Gemini
+    // CLI but isolates its own state in the `antigravity-cli/` subdir. Per-version HOME
+    // isolation works because the shim's configDirName carries the full nested path.
+    antigravity: {
+        id: 'antigravity',
+        name: 'Antigravity',
+        color: 'blueBright',
+        cliCommand: 'agy',
+        npmPackage: '',
+        installScript: 'curl -fsSL https://antigravity.google/cli/install.sh | bash',
+        configDir: path.join(HOME, '.gemini', 'antigravity-cli'),
+        commandsDir: path.join(HOME, '.gemini', 'antigravity-cli', 'commands'),
+        commandsSubdir: 'commands',
+        skillsDir: path.join(HOME, '.gemini', 'antigravity-cli', 'skills'),
+        hooksDir: 'hooks',
+        instructionsFile: 'AGENTS.md',
+        format: 'markdown',
+        variableSyntax: '{{args}}',
+        supportsHooks: false,
+        nativeAgentsSkillsDir: true,
+        capabilities: { hooks: false, mcp: true, allowlist: false, skills: true, commands: true, plugins: false, rulesImports: false },
+    },
+    // xAI Grok Build CLI (`grok`) — early beta, SuperGrok Heavy. Auth via OAuth on
+    // first launch, or GROK_CODE_XAI_API_KEY env var for headless. MCP supported
+    // out of the box; exact config file path verified at first install.
+    grok: {
+        id: 'grok',
+        name: 'Grok',
+        color: 'whiteBright',
+        cliCommand: 'grok',
+        npmPackage: '',
+        installScript: 'curl -fsSL https://x.ai/cli/install.sh | bash',
+        configDir: path.join(HOME, '.grok'),
+        commandsDir: path.join(HOME, '.grok', 'commands'),
+        commandsSubdir: 'commands',
+        skillsDir: path.join(HOME, '.grok', 'skills'),
+        hooksDir: 'hooks',
+        instructionsFile: 'AGENTS.md',
+        format: 'markdown',
+        variableSyntax: '$ARGUMENTS',
+        supportsHooks: false,
+        capabilities: { hooks: false, mcp: true, allowlist: false, skills: true, commands: true, plugins: false },
+    },
 };
 /** All registered agent IDs derived from the AGENTS registry. */
 export const ALL_AGENT_IDS = Object.keys(AGENTS);
@@ -1084,6 +1128,12 @@ function getUserMcpConfigPath(agentId) {
         case 'openclaw':
             // OpenClaw uses openclaw.json
             return path.join(agent.configDir, 'openclaw.json');
+        case 'antigravity':
+            // agy uses mcp_config.json inside its nested config dir (~/.gemini/antigravity-cli/)
+            return path.join(agent.configDir, 'mcp_config.json');
+        case 'grok':
+            // grok mcp.json — exact field schema verified at first install
+            return path.join(agent.configDir, 'mcp.json');
         default:
             // Gemini and others use settings.json
             return path.join(agent.configDir, 'settings.json');
@@ -1114,6 +1164,10 @@ export function getMcpConfigPathForHome(agentId, home) {
             return path.join(home, '.config', 'goose', 'config.yaml');
         case 'roo':
             return path.join(home, '.roo', 'mcp.json');
+        case 'antigravity':
+            return path.join(home, '.gemini', 'antigravity-cli', 'mcp_config.json');
+        case 'grok':
+            return path.join(home, '.grok', 'mcp.json');
         default:
             return path.join(home, `.${agentId}`, 'settings.json');
     }
@@ -1146,6 +1200,10 @@ function getProjectMcpConfigPath(agentId, cwd = process.cwd()) {
             return path.join(cwd, '.goose', 'config.yaml');
         case 'roo':
             return path.join(cwd, '.roo', 'mcp.json');
+        case 'antigravity':
+            return path.join(cwd, '.gemini', 'antigravity-cli', 'mcp_config.json');
+        case 'grok':
+            return path.join(cwd, '.grok', 'mcp.json');
         default:
             return path.join(cwd, `.${agentId}`, 'settings.json');
     }
@@ -1275,6 +1333,14 @@ export const AGENT_NAME_ALIASES = {
     roo: 'roo',
     'roo-code': 'roo',
     roocode: 'roo',
+    antigravity: 'antigravity',
+    'google-antigravity': 'antigravity',
+    agy: 'antigravity',
+    ag: 'antigravity',
+    grok: 'grok',
+    'grok-build': 'grok',
+    'xai-grok': 'grok',
+    gk: 'grok',
 };
 /** Resolve a user-provided agent name (alias, shorthand, or canonical) to its AgentId. */
 export function resolveAgentName(input) {

package/dist/lib/browser/chrome.js

@@ -110,7 +110,7 @@ isElectron = false) {
     if (secrets && bundleExists(secrets)) {
         try {
             const bundle = readBundle(secrets);
-            const bundleEnv = resolveBundleEnv(bundle);
+            const bundleEnv = resolveBundleEnv(bundle, { caller: 'browser profile' });
             env = { ...env, ...bundleEnv };
         }
         catch {

package/dist/lib/exec.js

@@ -197,6 +197,27 @@ export const AGENT_COMMANDS = {
         },
         modelFlag: '--model',
     },
+    antigravity: {
+        base: ['agy'],
+        promptFlag: 'positional',
+        modeFlags: {
+            plan: [],
+            edit: [],
+            full: [],
+        },
+        modelFlag: '--model',
+    },
+    grok: {
+        base: ['grok'],
+        promptFlag: '-p',
+        modeFlags: {
+            plan: [],
+            edit: [],
+            full: [],
+        },
+        jsonFlags: ['--output-format', 'streaming-json'],
+        modelFlag: '--model',
+    },
 };
 /** Assemble the full CLI argument array for an agent invocation. */
 export function buildExecCommand(options) {

package/dist/lib/registry.d.ts

@@ -24,6 +24,24 @@ export declare function searchMcpRegistries(query: string, options?: {
     registry?: string;
     limit?: number;
 }): Promise<RegistrySearchResult[]>;
+/**
+ * Convert an MCP server registry entry into an install spec suitable for
+ * writing into `manifest.mcp`. Returns `null` if the entry has no package we
+ * know how to launch (e.g. only remote endpoints, which the current manifest
+ * shape supports via `url`+`transport: 'http'` but isn't yet wired to the
+ * registry's `remotes` field).
+ *
+ * Supported package shapes:
+ *   - npm / runtime=node      → `npx -y <name>`
+ *   - pypi / runtime=python   → `uvx <name>`
+ *   - runtime=docker          → `docker run --rm -i <name>`
+ *   - runtime=binary          → `<name>` (assumed to be on PATH)
+ */
+export declare function mcpEntryToInstallSpec(entry: McpServerEntry): {
+    command?: string;
+    url?: string;
+    transport: 'stdio' | 'http';
+} | null;
 /** Look up detailed info for an MCP server by exact name. */
 export declare function getMcpServerInfo(serverName: string, registryName?: string): Promise<McpServerEntry | null>;
 /** Search skill registries for entries matching a query string. */

package/dist/lib/registry.js

@@ -113,6 +113,50 @@ export async function searchMcpRegistries(query, options) {
     }
     return results;
 }
+/**
+ * Convert an MCP server registry entry into an install spec suitable for
+ * writing into `manifest.mcp`. Returns `null` if the entry has no package we
+ * know how to launch (e.g. only remote endpoints, which the current manifest
+ * shape supports via `url`+`transport: 'http'` but isn't yet wired to the
+ * registry's `remotes` field).
+ *
+ * Supported package shapes:
+ *   - npm / runtime=node      → `npx -y <name>`
+ *   - pypi / runtime=python   → `uvx <name>`
+ *   - runtime=docker          → `docker run --rm -i <name>`
+ *   - runtime=binary          → `<name>` (assumed to be on PATH)
+ */
+export function mcpEntryToInstallSpec(entry) {
+    const pkg = entry.packages?.[0];
+    if (!pkg)
+        return null;
+    // Remote transports (sse / streamable-http) need a URL the registry doesn't
+    // currently expose in this client's type. Skip for now; caller can fall back
+    // to manual --transport http with an explicit URL.
+    if (pkg.transport === 'sse' || pkg.transport === 'streamable-http') {
+        return null;
+    }
+    const reg = pkg.registry_name?.toLowerCase();
+    const runtime = pkg.runtime;
+    const name = pkg.name;
+    if (!name)
+        return null;
+    if (reg === 'npm' || runtime === 'node') {
+        return { command: `npx -y ${name}`, transport: 'stdio' };
+    }
+    if (reg === 'pypi' || runtime === 'python') {
+        return { command: `uvx ${name}`, transport: 'stdio' };
+    }
+    if (runtime === 'docker') {
+        return { command: `docker run --rm -i ${name}`, transport: 'stdio' };
+    }
+    if (runtime === 'binary') {
+        return { command: name, transport: 'stdio' };
+    }
+    // Unknown registry/runtime — fall back to bare name so the user gets *something*
+    // to inspect via `agents mcp view`, rather than a silent miss.
+    return { command: name, transport: 'stdio' };
+}
 /** Look up detailed info for an MCP server by exact name. */
 export async function getMcpServerInfo(serverName, registryName) {
     const registries = getEnabledRegistries('mcp');

package/dist/lib/resources/mcp.js

@@ -15,7 +15,7 @@ import * as yaml from 'yaml';
 import * as TOML from 'smol-toml';
 import { getSystemMcpDir, getUserMcpDir, getProjectAgentsDir, getEnabledExtraRepos, } from '../state.js';
 /** Agents from resources/types.ts that support MCP. */
-const MCP_CAPABLE_AGENTS = ['claude', 'codex', 'gemini', 'cursor', 'opencode', 'openclaw'];
+const MCP_CAPABLE_AGENTS = ['claude', 'codex', 'gemini', 'cursor', 'opencode', 'openclaw', 'antigravity', 'grok'];
 /**
  * Parse an MCP YAML file into an McpItem.
  */
@@ -119,6 +119,11 @@ export function getMcpConfigPath(agent, versionHome) {
             return path.join(versionHome, '.gemini', 'settings.json');
         case 'openclaw':
             return path.join(versionHome, '.openclaw', 'openclaw.json');
+        case 'antigravity':
+            // agy nests under ~/.gemini/antigravity-cli/ (shared parent with Gemini, distinct subdir).
+            return path.join(versionHome, '.gemini', 'antigravity-cli', 'mcp_config.json');
+        case 'grok':
+            return path.join(versionHome, '.grok', 'mcp.json');
         default:
             return null;
     }

package/dist/lib/resources/types.d.ts

@@ -5,7 +5,7 @@
  * - Union: All resources from all layers are combined
  * - Override on name conflict: Higher layer wins (project > user > system)
  */
-export type AgentId = 'claude' | 'codex' | 'gemini' | 'cursor' | 'opencode' | 'openclaw';
+export type AgentId = 'claude' | 'codex' | 'gemini' | 'cursor' | 'opencode' | 'openclaw' | 'antigravity' | 'grok';
 export type Layer = 'system' | 'user' | 'project';
 export type ResourceKind = 'command' | 'hook' | 'skill' | 'rule' | 'mcp' | 'permission' | 'subagent' | 'workflow';
 /** A resolved resource with its origin layer. */

package/dist/lib/secrets/{AgentsKeychain.app/Contents/Info.plist → Agents CLI.app/Contents/Info.plist }

@@ -5,9 +5,11 @@
   <key>CFBundleIdentifier</key>
   <string>com.phnx-labs.agents-keychain</string>
   <key>CFBundleName</key>
-  <string>AgentsKeychain</string>
+  <string>Agents CLI</string>
+  <key>CFBundleDisplayName</key>
+  <string>Agents CLI</string>
   <key>CFBundleExecutable</key>
-  <string>AgentsKeychain</string>
+  <string>Agents CLI</string>
   <key>CFBundlePackageType</key>
   <string>APPL</string>
   <key>CFBundleVersion</key>

package/dist/lib/secrets/bundles.d.ts

@@ -71,7 +71,17 @@ export interface BundleEntryInfo {
     detail: string;
 }
 export declare function describeBundle(bundle: SecretsBundle): BundleEntryInfo[];
-export declare function resolveBundleEnv(bundle: SecretsBundle): Record<string, string>;
+/** Options for resolveBundleEnv. */
+export interface ResolveBundleOptions {
+    /**
+     * Human-readable label for who is requesting the secrets. Shown to the
+     * user under the Touch ID prompt so they know what's about to read.
+     * Example: "agent claude", "command curl", "browser profile".
+     * When omitted the prompt only names the bundle.
+     */
+    caller?: string;
+}
+export declare function resolveBundleEnv(bundle: SecretsBundle, opts?: ResolveBundleOptions): Record<string, string>;
 export declare function keychainRef(key: string): string;
 /** Options for rotateBundleSecret. */
 export interface RotateOptions {

package/dist/lib/secrets/bundles.js

@@ -15,7 +15,7 @@ import * as fs from 'fs';
 import * as os from 'os';
 import * as path from 'path';
 import * as yaml from 'yaml';
-import { deleteKeychainToken, getKeychainToken, hasKeychainToken, listKeychainItems, parseBundleValue, resolveRef, secretsKeychainItem, setKeychainToken, } from './index.js';
+import { deleteKeychainToken, getKeychainToken, getKeychainTokensBatch, hasKeychainToken, listKeychainItems, parseBundleValue, resolveRef, secretsKeychainItem, setKeychainToken, } from './index.js';
 import { emit } from '../events.js';
 /** Allowed values for a secret's `type` metadata field. */
 export const SECRET_TYPES = [
@@ -253,19 +253,48 @@ function stampLastUsed(bundle) {
         // Swallow — telemetry must never block secret resolution.
     }
 }
-// Walk the bundle and produce a flat env map. Keychain refs are translated via
-// the bundle-scoped naming scheme so two bundles with the same short ID never
-// collide. Throws on the first missing secret so `agents run` fails loudly
-// rather than silently injecting empty strings.
-export function resolveBundleEnv(bundle) {
+export function resolveBundleEnv(bundle, opts = {}) {
     stampLastUsed(bundle);
-    const env = {};
+    const parsedByKey = new Map();
+    const keychainItemsToFetch = [];
+    const keychainItemToKey = new Map();
     for (const [key, raw] of Object.entries(bundle.vars)) {
         const parsed = parseBundleValue(raw);
+        parsedByKey.set(key, parsed);
+        if ('ref' in parsed && parsed.ref.provider === 'keychain') {
+            const item = secretsKeychainItem(bundle.name, parsed.ref.value);
+            keychainItemsToFetch.push(item);
+            keychainItemToKey.set(item, key);
+        }
+    }
+    // Build the localizedReason shown under the Touch ID prompt. Lowercase verb
+    // phrase per Apple HIG — the system prepends "<App> is required to ".
+    const reason = opts.caller
+        ? `read ${bundle.name} secrets (for ${opts.caller})`
+        : `read ${bundle.name} secrets`;
+    // Single helper invocation, one biometric prompt.
+    const fetched = keychainItemsToFetch.length > 0
+        ? getKeychainTokensBatch(keychainItemsToFetch, bundle.icloud_sync, reason)
+        : new Map();
+    // Second pass: assemble env. Keychain values come from the batch; everything
+    // else is resolved inline (literals and env/file/exec refs don't prompt).
+    const env = {};
+    for (const [key, raw] of Object.entries(bundle.vars)) {
+        const parsed = parsedByKey.get(key);
         if ('literal' in parsed) {
             env[key] = parsed.literal;
             continue;
         }
+        if (parsed.ref.provider === 'keychain') {
+            const item = secretsKeychainItem(bundle.name, parsed.ref.value);
+            const value = fetched.get(item);
+            if (value === undefined) {
+                throw new Error(`Bundle '${bundle.name}' key '${key}': keychain item '${item}' not found. ` +
+                    `Run: agents secrets add ${bundle.name} ${key}`);
+            }
+            env[key] = value;
+            continue;
+        }
         try {
             env[key] = resolveRef(parsed.ref, {
                 allowExec: bundle.allow_exec,
@@ -274,11 +303,7 @@ export function resolveBundleEnv(bundle) {
             });
         }
         catch (err) {
-            const msg = err.message;
-            if (parsed.ref.provider === 'keychain' && /not found/.test(msg)) {
-                throw new Error(`${msg} Run: agents secrets add ${bundle.name} ${key}`);
-            }
-            throw new Error(`Bundle '${bundle.name}' key '${key}': ${msg}`);
+            throw new Error(`Bundle '${bundle.name}' key '${key}': ${err.message}`);
         }
     }
     return env;

package/dist/lib/secrets/index.d.ts

@@ -1,7 +1,7 @@
 /**
  * Cross-platform secure credential storage.
  *
- * macOS: Uses Keychain via signed Swift helper (AgentsKeychain.app) or `security` CLI.
+ * macOS: Uses Keychain via signed Swift helper (Agents CLI.app) or `security` CLI.
  * Linux: Uses libsecret (GNOME Keyring) via `secret-tool` CLI.
  * Windows: Not yet supported.
  *
@@ -56,6 +56,20 @@ export declare function setKeychainBackendForTest(b: KeychainBackend | null): Ke
 export declare function hasKeychainToken(item: string, sync?: boolean): boolean;
 /** Retrieve a secret value from the keychain/keyring. Throws if not found. */
 export declare function getKeychainToken(item: string, sync?: boolean): string;
+/**
+ * Batch-read multiple keychain items behind a single LocalAuthentication
+ * prompt. macOS shows ONE Touch ID prompt and every requested item is
+ * unlocked in the same process. Returns a Map keyed by item name. Missing
+ * items are absent from the map (caller decides whether that's an error).
+ *
+ * `reason` is shown to the user under the Touch ID prompt — e.g.
+ * "read 'hetzner.com' secrets for agent 'claude'". Apple's HIG recommends
+ * a lowercase verb phrase that completes the sentence "X is required to ___".
+ *
+ * On Linux or when a test backend is installed, falls back to individual
+ * `get` calls — no biometric prompt path on those platforms.
+ */
+export declare function getKeychainTokensBatch(items: string[], _sync?: boolean, reason?: string): Map<string, string>;
 /** Store or update a secret value in the keychain/keyring. iCloud-synced when sync=true (macOS only). */
 export declare function setKeychainToken(item: string, value: string, sync?: boolean): void;
 /** Delete a keychain/keyring item. Returns true if it existed. */

package/dist/lib/secrets/index.js

@@ -1,7 +1,7 @@
 /**
  * Cross-platform secure credential storage.
  *
- * macOS: Uses Keychain via signed Swift helper (AgentsKeychain.app) or `security` CLI.
+ * macOS: Uses Keychain via signed Swift helper (Agents CLI.app) or `security` CLI.
  * Linux: Uses libsecret (GNOME Keyring) via `secret-tool` CLI.
  * Windows: Not yet supported.
  *
@@ -55,7 +55,7 @@ export function profileKeychainItem(provider) {
 export function secretsKeychainItem(bundle, key) {
     return `${SERVICE_PREFIX}.secrets.${bundle}.${key}`;
 }
-// Resolve the bundled, signed-and-notarized AgentsKeychain.app shipped
+// Resolve the bundled, signed-and-notarized Agents CLI.app shipped
 // alongside the compiled JS. The .app embeds a provisioning profile that
 // grants the application-identifier + keychain-access-groups entitlements
 // macOS requires for kSecAttrSynchronizable writes. Bare CLI binaries
@@ -64,7 +64,7 @@ export function secretsKeychainItem(bundle, key) {
 // be prebuilt by `scripts/build-keychain-helper.sh` and shipped.
 function ensureKeychainHelper() {
     const here = path.dirname(fileURLToPath(import.meta.url));
-    const binPath = path.join(here, 'AgentsKeychain.app', 'Contents', 'MacOS', 'AgentsKeychain');
+    const binPath = path.join(here, 'Agents CLI.app', 'Contents', 'MacOS', 'Agents CLI');
     if (!fs.existsSync(binPath)) {
         throw new Error(`Keychain helper missing at ${binPath}. ` +
             'This npm package was built without the signed helper bundle. Reinstall agents-cli.');
@@ -118,7 +118,9 @@ export function getKeychainToken(item, sync = false) {
         if (token)
             return token;
     }
-    // Fallback: binary searches both synced and non-synced via kSecAttrSynchronizableAny
+    // Fallback: binary searches both synced and non-synced via kSecAttrSynchronizableAny.
+    // `get` is the unauthenticated path — no LocalAuthentication prompt. Used by
+    // profiles.ts (OAuth refresh) where biometric on every API call is too noisy.
     const bin = ensureKeychainHelper();
     const result = spawnSync(bin, ['get', item, os.userInfo().username], {
         stdio: ['ignore', 'pipe', 'pipe'],
@@ -134,6 +136,87 @@ export function getKeychainToken(item, sync = false) {
         throw new Error(`Keychain item '${item}' exists but is empty.`);
     return token;
 }
+/**
+ * Batch-read multiple keychain items behind a single LocalAuthentication
+ * prompt. macOS shows ONE Touch ID prompt and every requested item is
+ * unlocked in the same process. Returns a Map keyed by item name. Missing
+ * items are absent from the map (caller decides whether that's an error).
+ *
+ * `reason` is shown to the user under the Touch ID prompt — e.g.
+ * "read 'hetzner.com' secrets for agent 'claude'". Apple's HIG recommends
+ * a lowercase verb phrase that completes the sentence "X is required to ___".
+ *
+ * On Linux or when a test backend is installed, falls back to individual
+ * `get` calls — no biometric prompt path on those platforms.
+ */
+export function getKeychainTokensBatch(items, _sync = false, reason) {
+    const result = new Map();
+    if (items.length === 0)
+        return result;
+    if (backend) {
+        for (const item of items) {
+            try {
+                result.set(item, backend.get(item, _sync));
+            }
+            catch { /* missing — skip */ }
+        }
+        return result;
+    }
+    assertSupportedPlatform();
+    if (isLinux()) {
+        for (const item of items) {
+            try {
+                result.set(item, linuxBackend.get(item, _sync));
+            }
+            catch { /* missing — skip */ }
+        }
+        return result;
+    }
+    // macOS: single helper invocation with Touch ID gate.
+    const bin = ensureKeychainHelper();
+    const helperArgs = ['get-batch', os.userInfo().username];
+    if (reason)
+        helperArgs.push('--reason', reason);
+    helperArgs.push(...items);
+    const child = spawnSync(bin, helperArgs, {
+        stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    if (child.status !== 0) {
+        const msg = child.stderr?.toString().trim();
+        throw new Error(msg || `Failed to batch-read ${items.length} keychain items.`);
+    }
+    const out = child.stdout?.toString() ?? '';
+    // Parser. Output is a sequence of records:
+    //   "V <service>\n<value>\n"   (present)
+    //   "M <service>\n"            (missing)
+    // Service names cannot contain '\n' (validated at write time); values are
+    // also newline-free (rejected by setKeychainToken). So splitting on '\n'
+    // and walking line-by-line is unambiguous.
+    const lines = out.split('\n');
+    // Last entry from split is the empty string after a trailing newline.
+    let i = 0;
+    while (i < lines.length) {
+        const line = lines[i];
+        if (line === '' && i === lines.length - 1)
+            break;
+        if (line.startsWith('V ')) {
+            const service = line.slice(2);
+            const value = lines[i + 1] ?? '';
+            result.set(service, value);
+            i += 2;
+        }
+        else if (line.startsWith('M ')) {
+            i += 1;
+        }
+        else if (line === '') {
+            i += 1;
+        }
+        else {
+            throw new Error(`Malformed get-batch output line: ${JSON.stringify(line)}`);
+        }
+    }
+    return result;
+}
 /** Store or update a secret value in the keychain/keyring. iCloud-synced when sync=true (macOS only). */
 export function setKeychainToken(item, value, sync = false) {
     if (backend) {
@@ -151,28 +234,23 @@ export function setKeychainToken(item, value, sync = false) {
         linuxBackend.set(item, value, sync);
         return;
     }
-    // macOS path
-    if (sync) {
-        const bin = ensureKeychainHelper();
-        const result = spawnSync(bin, ['set', item, os.userInfo().username], {
-            input: value,
-            stdio: ['pipe', 'pipe', 'pipe'],
-        });
-        if (result.status !== 0) {
-            const msg = result.stderr?.toString().trim();
-            throw new Error(msg || `Failed to write keychain item '${item}'.`);
-        }
-        return;
-    }
-    // `security -i` keeps the value out of argv (and `ps`).
-    const user = os.userInfo().username;
-    const cmd = `add-generic-password -a ${quoteForSecurityCli(user)} -s ${quoteForSecurityCli(item)} -w ${quoteForSecurityCli(value)} -T ${quoteForSecurityCli('')} -U\n`;
-    const result = spawnSync('security', ['-i'], {
-        input: cmd,
+    // macOS path. Both sync and non-sync writes go through the .app helper so
+    // the item picks up our SecAccess ACL (helper as trusted reader). That ACL
+    // is what stops macOS from showing the legacy "enter password" sheet on
+    // subsequent reads. The helper takes an optional `nosync` arg for
+    // device-local writes; sync writes get kSecAttrSynchronizable=true by
+    // default.
+    const bin = ensureKeychainHelper();
+    const args = ['set', item, os.userInfo().username];
+    if (!sync)
+        args.push('nosync');
+    const result = spawnSync(bin, args, {
+        input: value,
         stdio: ['pipe', 'pipe', 'pipe'],
     });
     if (result.status !== 0) {
-        throw new Error(`Failed to write keychain item '${item}' (exit ${result.status}).`);
+        const msg = result.stderr?.toString().trim();
+        throw new Error(msg || `Failed to write keychain item '${item}'.`);
     }
 }
 /** Delete a keychain/keyring item. Returns true if it existed. */
@@ -193,9 +271,6 @@ export function deleteKeychainToken(item, sync = false) {
         stdio: ['ignore', 'pipe', 'pipe'],
     }).status === 0;
 }
-function quoteForSecurityCli(s) {
-    return '"' + s.replace(/\\/g, '\\\\').replace(/"/g, '\\"') + '"';
-}
 /** Enumerate keychain/keyring item names starting with the given prefix. */
 export function listKeychainItems(prefix) {
     if (backend)

package/dist/lib/session/db.d.ts

@@ -157,5 +157,15 @@ export declare function getRowCount(): {
 };
 /** Count sessions older than the given timestamp (for dry-run previews). */
 export declare function countSessionsOlderThan(cutoffMs: number): number;
+/**
+ * Rewrite file_path for all sessions whose path starts with oldPrefix, replacing
+ * it with newPrefix + the unchanged suffix. Also clears the matching scan_ledger
+ * entries so they are re-indexed from the new location on the next scan.
+ *
+ * Used by removeVersion after soft-deleting a version directory to trash, so
+ * that session reads (transcript view, /continue) still work from the trash path.
+ * Returns the number of session rows updated.
+ */
+export declare function updateSessionFilePaths(oldPrefix: string, newPrefix: string): number;
 /** Delete sessions older than the given timestamp. Returns the number of rows deleted. */
 export declare function deleteSessionsOlderThan(cutoffMs: number): number;

package/dist/lib/session/db.js

@@ -749,6 +749,32 @@ export function countSessionsOlderThan(cutoffMs) {
     const row = db.prepare(`SELECT COUNT(*) AS n FROM sessions WHERE timestamp < ?`).get(cutoffIso);
     return row.n;
 }
+/**
+ * Rewrite file_path for all sessions whose path starts with oldPrefix, replacing
+ * it with newPrefix + the unchanged suffix. Also clears the matching scan_ledger
+ * entries so they are re-indexed from the new location on the next scan.
+ *
+ * Used by removeVersion after soft-deleting a version directory to trash, so
+ * that session reads (transcript view, /continue) still work from the trash path.
+ * Returns the number of session rows updated.
+ */
+export function updateSessionFilePaths(oldPrefix, newPrefix) {
+    const db = getDB();
+    const rows = db
+        .prepare(`SELECT id, file_path FROM sessions WHERE file_path LIKE ?`)
+        .all(oldPrefix + '%');
+    if (rows.length === 0)
+        return 0;
+    const txn = db.transaction(() => {
+        for (const { id, file_path } of rows) {
+            const newPath = newPrefix + file_path.slice(oldPrefix.length);
+            db.prepare(`UPDATE sessions SET file_path = ? WHERE id = ?`).run(newPath, id);
+            db.prepare(`DELETE FROM scan_ledger WHERE file_path = ?`).run(canonicalLedgerKey(file_path));
+        }
+    });
+    txn();
+    return rows.length;
+}
 /** Delete sessions older than the given timestamp. Returns the number of rows deleted. */
 export function deleteSessionsOlderThan(cutoffMs) {
     const db = getDB();

package/dist/lib/shims.d.ts

@@ -55,8 +55,12 @@ export interface ConflictInfo {
  *   v12 — helper calls inside generated shims use the absolute agents-cli
  *         entrypoint instead of PATH-resolved `agents`.
  *   v13 — validate agents.yaml version strings before constructing binary paths.
+ *   v14 — derive `configDirName` from `agentConfig.configDir` relative to $HOME
+ *         instead of hardcoding `.${agent}`. Backwards-compatible for every
+ *         existing agent (their configDir is `~/.{agent}`); enables nested
+ *         layouts like Antigravity's `~/.gemini/antigravity-cli/`.
  */
-export declare const SHIM_SCHEMA_VERSION = 13;
+export declare const SHIM_SCHEMA_VERSION = 14;
 /**
  * Generate the full bash shim script for the given agent. The returned string
  * is written to ~/.agents/shims/{cliCommand} and made executable.

package/dist/lib/shims.js

@@ -179,8 +179,12 @@ async function promptConflictStrategy(conflictInfos) {
  *   v12 — helper calls inside generated shims use the absolute agents-cli
  *         entrypoint instead of PATH-resolved `agents`.
  *   v13 — validate agents.yaml version strings before constructing binary paths.
+ *   v14 — derive `configDirName` from `agentConfig.configDir` relative to $HOME
+ *         instead of hardcoding `.${agent}`. Backwards-compatible for every
+ *         existing agent (their configDir is `~/.{agent}`); enables nested
+ *         layouts like Antigravity's `~/.gemini/antigravity-cli/`.
  */
-export const SHIM_SCHEMA_VERSION = 13;
+export const SHIM_SCHEMA_VERSION = 14;
 /** Internal marker string used to embed the schema version in shim scripts. */
 const SHIM_VERSION_MARKER = 'agents-shim-version:';
 function shellQuote(value) {
@@ -196,7 +200,11 @@ function getAgentsBinForGeneratedShim() {
 export function generateShimScript(agent) {
     const agentConfig = AGENTS[agent];
     const cliCommand = agentConfig.cliCommand;
-    const configDirName = `.${agent}`;
+    // Derive the relative config-dir path from the registry. For most agents
+    // this is just `.${agent}` (e.g., `.claude`, `.codex`); for nested layouts
+    // like Antigravity (`~/.gemini/antigravity-cli`) it carries the full
+    // subpath so per-version HOME symlinks reach the right place.
+    const configDirName = path.relative(os.homedir(), agentConfig.configDir);
     const agentsBin = shellQuote(getAgentsBinForGeneratedShim());
     const managedEnv = agent === 'claude'
         ? `
@@ -504,7 +512,9 @@ function assertSafeVersion(version) {
 export function generateVersionedAliasScript(agent, version) {
     assertSafeVersion(version);
     const agentConfig = AGENTS[agent];
-    const configDirName = `.${agent}`;
+    // Same derivation as `generateShimScript` so nested layouts (e.g.,
+    // Antigravity's `~/.gemini/antigravity-cli`) land in the right place.
+    const configDirName = path.relative(os.homedir(), agentConfig.configDir);
     const managedEnv = agent === 'claude'
         ? `
 # Claude stores OAuth credentials in the macOS keychain. Scope them to this
@@ -637,7 +647,9 @@ function getAgentConfigPath(agent) {
 function getVersionConfigPath(agent, version) {
     const agentConfig = AGENTS[agent];
     const versionsDir = getVersionsDir();
-    const configDirName = `.${agent}`; // .claude, .codex, etc.
+    // Carry the agent's full configDir subpath so nested layouts work.
+    // e.g., antigravity → `.gemini/antigravity-cli`, claude → `.claude`.
+    const configDirName = path.relative(os.homedir(), agentConfig.configDir);
     return path.join(versionsDir, agent, version, 'home', configDirName);
 }
 /**
@@ -709,6 +721,7 @@ export async function switchConfigSymlink(agent, version) {
             }
             // Different target - update it
             fs.unlinkSync(configPath);
+            fs.mkdirSync(path.dirname(configPath), { recursive: true });
             fs.symlinkSync(versionConfigPath, configPath);
             return { success: true };
         }
@@ -721,7 +734,7 @@ export async function switchConfigSymlink(agent, version) {
             const finalBackupPath = path.join(agentBackupDir, String(timestamp));
             fs.mkdirSync(agentBackupDir, { recursive: true });
             fs.renameSync(configPath, finalBackupPath);
-            // Create symlink
+            // Create symlink (parent already exists since the dir we just moved was here)
             fs.symlinkSync(versionConfigPath, configPath);
             return { success: true, backupPath: finalBackupPath };
         }
@@ -731,7 +744,10 @@ export async function switchConfigSymlink(agent, version) {
     }
     catch (err) {
         if (err.code === 'ENOENT') {
-            // Config path doesn't exist - create symlink
+            // Config path doesn't exist - create symlink.
+            // For nested layouts (e.g., ~/.gemini/antigravity-cli) the parent dir
+            // may also be missing if the parent agent (Gemini) is not installed.
+            fs.mkdirSync(path.dirname(configPath), { recursive: true });
             fs.symlinkSync(versionConfigPath, configPath);
             return { success: true };
         }

package/dist/lib/types.d.ts

@@ -6,7 +6,7 @@
  * formats for each supported agent.
  */
 /** Unique identifier for a supported AI coding agent. */
-export type AgentId = 'claude' | 'codex' | 'gemini' | 'cursor' | 'opencode' | 'openclaw' | 'copilot' | 'amp' | 'kiro' | 'goose' | 'roo';
+export type AgentId = 'claude' | 'codex' | 'gemini' | 'cursor' | 'opencode' | 'openclaw' | 'copilot' | 'amp' | 'kiro' | 'goose' | 'roo' | 'antigravity' | 'grok';
 /** How `agents run <agent>` chooses an installed version when none is pinned. */
 export type RunStrategy = 'pinned' | 'available' | 'balanced';
 /** Preview features that users can opt into via `agents beta`. */

package/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@phnx-labs/agents-cli",
-  "version": "1.19.0",
+  "version": "1.19.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@phnx-labs/agents-cli",
-      "version": "1.19.0",
+      "version": "1.19.2",
       "hasInstallScript": true,
       "license": "MIT",
       "dependencies": {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@phnx-labs/agents-cli",
-  "version": "1.19.1",
+  "version": "1.19.2",
   "description": "One CLI for all your AI coding agents - versions, config, cloud dispatch, sessions, and teams",
   "type": "module",
   "main": "dist/index.js",
@@ -23,7 +23,7 @@
   "files": [
     "dist/**/*.js",
     "dist/**/*.d.ts",
-    "dist/lib/secrets/AgentsKeychain.app/**",
+    "dist/lib/secrets/Agents CLI.app/**",
     "npm-shrinkwrap.json",
     "scripts/postinstall.js",
     "CHANGELOG.md",
@@ -42,7 +42,7 @@
     "url": "https://github.com/phnx-labs/agents-cli/issues"
   },
   "scripts": {
-    "build": "tsc && rm -rf dist/lib/secrets/AgentsKeychain.app && ([ \"$(uname)\" = \"Darwin\" ] && cp -R bin/AgentsKeychain.app dist/lib/secrets/AgentsKeychain.app || true)",
+    "build": "tsc && rm -rf 'dist/lib/secrets/AgentsKeychain.app' 'dist/lib/secrets/Agents CLI.app' && ([ \"$(uname)\" = \"Darwin\" ] && cp -R 'bin/Agents CLI.app' 'dist/lib/secrets/Agents CLI.app' || true)",
     "prepack": "scripts/verify-keychain-helper.sh",
     "postinstall": "node scripts/postinstall.js",
     "dev": "tsx src/index.ts",