npm - @posthog/wizard - Versions diffs - 2.9.0 → 2.10.0 - Mend

@posthog/wizard 2.9.0 → 2.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (731) hide show

package/dist/readiness-Dn7eq8NE.js ADDED Viewed

@@ -0,0 +1,2156 @@
+import { n as __require } from "./rolldown-runtime-B_-DWIq7.js";
+import { a as getLogFilePath, c as getUI, o as initLogFile, r as debug, s as logToFile } from "./debug-CyJ_3dTP.js";
+import { C as WIZARD_VARIANT_FLAG_KEY, S as WIZARD_VARIANTS, b as WIZARD_REMARK_EVENT_NAME, h as POSTHOG_PROPERTY_HEADER_PREFIX, n as analytics, p as POSTHOG_FLAG_HEADER_PREFIX, v as REMOTE_SKILLS_BASE_URL, x as WIZARD_USER_AGENT } from "./analytics-C4jO5Qda.js";
+import { o as getLlmGatewayUrlFromHost } from "./setup-utils-CdDnllRW.js";
+import { n as ADDITIONAL_FEATURE_PROMPTS } from "./wizard-session-Db6R023m.js";
+import { n as registerCleanup, r as wizardAbort, t as WizardError } from "./wizard-abort-7HUIsqv1.js";
+import * as fs$1 from "fs";
+import fs from "fs";
+import path from "path";
+import { z } from "zod";
+import fg from "fast-glob";
+import { execFileSync } from "child_process";
+//#region src/utils/custom-headers.ts
+/**
+* Builds a list of custom headers for ANTHROPIC_CUSTOM_HEADERS.
+*/
+function createCustomHeaders() {
+	const entries = [];
+	return {
+		add(key, value) {
+			const name = key.startsWith("x-") || key.startsWith("X-") ? key : `X-${key}`;
+			entries.push({
+				key: name,
+				value
+			});
+		},
+		addFlag(flagKey, variant) {
+			const headerName = POSTHOG_FLAG_HEADER_PREFIX + flagKey.toUpperCase();
+			entries.push({
+				key: headerName,
+				value: variant
+			});
+		},
+		encode() {
+			return entries.map(({ key, value }) => `${key}: ${value}`).join("\n");
+		}
+	};
+}
+//#endregion
+//#region src/lib/safe-tools.ts
+const LINTING_TOOLS = [
+	"codespell",
+	"cspell",
+	"git-diff-check",
+	"gitleaks",
+	"trufflehog",
+	"asl-validator",
+	"ansible-lint",
+	"pmd",
+	"biome",
+	"cfn-lint",
+	"cfnlint",
+	"checkov",
+	"trivy",
+	"test-aztemplate",
+	"shellcheck",
+	"shfmt",
+	"buildifier",
+	"cpplint",
+	"clang-format",
+	"clang-tidy",
+	"cmake-format",
+	"iwyu",
+	"pragma-once",
+	"dotnet-format",
+	"circleci",
+	"clj-kondo",
+	"coffeelint",
+	"commitlint",
+	"jscpd",
+	"stylelint",
+	"prettier",
+	"cue-fmt",
+	"dart",
+	"hadolint",
+	"dotenv-linter",
+	"editorconfig-checker",
+	"actionlint",
+	"zizmor",
+	"gofmt",
+	"gofumpt",
+	"goimports",
+	"gokart",
+	"golangci-lint",
+	"golines",
+	"semgrep",
+	"goreleaser",
+	"graphql-schema-linter",
+	"npm-groovy-lint",
+	"haml-lint",
+	"htmlhint",
+	"djlint",
+	"checkstyle",
+	"google-java-format",
+	"eslint",
+	"next lint",
+	"deno",
+	"rome",
+	"eslint-plugin-jsonc",
+	"eslint-plugin-json",
+	"eslint-plugin-jsx-a11y",
+	"eslint-plugin-react",
+	"nbqa",
+	"detekt",
+	"ktlint",
+	"kubeconform",
+	"kube-linter",
+	"chktex",
+	"luacheck",
+	"stylua",
+	"markdownlint",
+	"markdownlint-cli2",
+	"markdown-link-check",
+	"markdown-table-prettify",
+	"remark-lint",
+	"textlint",
+	"vale",
+	"nixpkgs-fmt",
+	"spectral",
+	"sort-package-json",
+	"perlcritic",
+	"perltidy",
+	"php-cs-fixer",
+	"phpcs",
+	"phpstan",
+	"psalm",
+	"oxipng",
+	"psscriptanalyzer",
+	"prisma",
+	"protolint",
+	"buf",
+	"pylint",
+	"flake8",
+	"isort",
+	"ruff",
+	"black",
+	"autopep8",
+	"bandit",
+	"mypy",
+	"pyright",
+	"sourcery",
+	"yapf",
+	"lintr",
+	"opa",
+	"regal",
+	"rubocop",
+	"brakeman",
+	"rufo",
+	"standardrb",
+	"clippy",
+	"rustfmt",
+	"scalafmt",
+	"osv-scanner",
+	"terrascan",
+	"tfsec",
+	"snakemake --lint",
+	"snakefmt",
+	"sqlfluff",
+	"sql-formatter",
+	"sqlfmt",
+	"squawk",
+	"svgo",
+	"stringslint",
+	"swiftformat",
+	"swiftlint",
+	"tflint",
+	"terraform",
+	"tofu",
+	"terragrunt",
+	"txtpbfmt",
+	"taplo",
+	"eslint-plugin-vue",
+	"xmllint",
+	"yamllint"
+];
+//#endregion
+//#region src/lib/wizard-tools.ts
+/**
+* Unified in-process MCP server for the PostHog wizard.
+*
+* Provides tools that run locally (secret values never leave the machine):
+* - check_env_keys: Check which env var keys exist in a .env file
+* - set_env_values: Create/update env vars in a .env file
+* - detect_package_manager: Detect the project's package manager(s)
+*/
+let _sdkModule$1 = null;
+async function getSDKModule$1() {
+	if (!_sdkModule$1) _sdkModule$1 = await import("@anthropic-ai/claude-agent-sdk");
+	return _sdkModule$1;
+}
+/**
+* Fetch the skill menu from the skills server.
+* Returns parsed data on success, `null` on failure.
+*/
+async function fetchSkillMenu(skillsBaseUrl) {
+	try {
+		const menuUrl = `${skillsBaseUrl}/skill-menu.json`;
+		logToFile(`fetchSkillMenu: fetching from ${menuUrl}`);
+		const resp = await fetch(menuUrl);
+		if (resp.ok) {
+			const data = await resp.json();
+			logToFile(`fetchSkillMenu: loaded (${Object.keys(data.categories).length} categories)`);
+			return data;
+		}
+		logToFile(`fetchSkillMenu: failed with HTTP ${resp.status}`);
+		return null;
+	} catch (err) {
+		logToFile(`fetchSkillMenu: error: ${err.message}`);
+		return null;
+	}
+}
+/**
+* Download and extract a skill.
+* By default installs to `<installDir>/.claude/skills/<id>/`.
+* Pass `skillsRoot` to override the base directory (e.g. `.posthog/skills`).
+*/
+function downloadSkill(skillEntry, installDir, skillsRoot) {
+	const skillDir = skillsRoot ? path.join(installDir, skillsRoot, skillEntry.id) : path.join(installDir, ".claude", "skills", skillEntry.id);
+	const tmpFile = `/tmp/posthog-skill-${skillEntry.id}.zip`;
+	try {
+		fs.mkdirSync(skillDir, { recursive: true });
+		execFileSync("curl", [
+			"-sL",
+			skillEntry.downloadUrl,
+			"-o",
+			tmpFile
+		], { timeout: 3e4 });
+		execFileSync("unzip", [
+			"-o",
+			tmpFile,
+			"-d",
+			skillDir
+		], { timeout: 3e4 });
+		try {
+			fs.unlinkSync(tmpFile);
+		} catch {}
+		logToFile(`downloadSkill: installed ${skillEntry.id} from ${skillEntry.downloadUrl}`);
+		return { success: true };
+	} catch (err) {
+		logToFile(`downloadSkill: error: ${err.message}`);
+		return {
+			success: false,
+			error: err.message
+		};
+	}
+}
+/**
+* High-level "install a skill by ID" helper. Fetches the skill menu,
+* finds the skill, downloads and extracts it. Workflows should use this
+* instead of composing fetchSkillMenu + downloadSkill themselves.
+*/
+async function installSkillById(skillId, installDir, skillsBaseUrl, skillsRoot) {
+	const menu = await fetchSkillMenu(skillsBaseUrl);
+	if (!menu) return { kind: "menu-fetch-failed" };
+	const skill = Object.values(menu.categories).flat().find((s) => s.id === skillId);
+	if (!skill) return {
+		kind: "skill-not-found",
+		skillId
+	};
+	const result = downloadSkill(skill, installDir, skillsRoot);
+	if (!result.success) return {
+		kind: "download-failed",
+		message: result.error ?? "unknown"
+	};
+	return {
+		kind: "ok",
+		path: skillsRoot ? `${skillsRoot}/${skillId}` : `.claude/skills/${skillId}`
+	};
+}
+/**
+* Resolve filePath relative to workingDirectory, rejecting path traversal.
+*/
+function resolveEnvPath(workingDirectory, filePath) {
+	const resolved = path.resolve(workingDirectory, filePath);
+	if (!resolved.startsWith(workingDirectory + path.sep) && resolved !== workingDirectory) throw new Error(`Path traversal rejected: "${filePath}" resolves outside working directory`);
+	return resolved;
+}
+/**
+* Ensure the given env file basename is covered by .gitignore in the working directory.
+* Creates .gitignore if it doesn't exist; appends the entry if missing.
+*/
+function ensureGitignoreCoverage(workingDirectory, envFileName) {
+	const gitignorePath = path.join(workingDirectory, ".gitignore");
+	if (fs.existsSync(gitignorePath)) {
+		const content = fs.readFileSync(gitignorePath, "utf8");
+		if (content.split("\n").some((line) => line.trim() === envFileName)) return;
+		const newContent = content.endsWith("\n") ? `${content}${envFileName}\n` : `${content}\n${envFileName}\n`;
+		fs.writeFileSync(gitignorePath, newContent, "utf8");
+	} else fs.writeFileSync(gitignorePath, `${envFileName}\n`, "utf8");
+}
+/**
+* Parse a .env file's content and return the set of defined key names.
+*/
+function parseEnvKeys(content) {
+	const keys = /* @__PURE__ */ new Set();
+	for (const line of content.split("\n")) {
+		const match = line.match(/^\s*([A-Za-z_][A-Za-z0-9_]*)\s*=/);
+		if (match) keys.add(match[1]);
+	}
+	return keys;
+}
+/**
+* Merge key-value pairs into existing .env content.
+* Updates existing keys in-place, appends new keys at the end.
+*/
+function mergeEnvValues(content, values) {
+	let result = content;
+	const updatedKeys = /* @__PURE__ */ new Set();
+	for (const [key, value] of Object.entries(values)) {
+		const regex = new RegExp(`^(\\s*${key}\\s*=).*$`, "m");
+		if (regex.test(result)) {
+			result = result.replace(regex, `$1${value}`);
+			updatedKeys.add(key);
+		}
+	}
+	const newKeys = Object.entries(values).filter(([key]) => !updatedKeys.has(key));
+	if (newKeys.length > 0) {
+		if (result.length > 0 && !result.endsWith("\n")) result += "\n";
+		for (const [key, value] of newKeys) result += `${key}=${value}\n`;
+	}
+	return result;
+}
+const SERVER_NAME = "wizard-tools";
+/**
+* Create the unified in-process MCP server with all wizard tools.
+* Must be called asynchronously because the SDK is an ESM module loaded via dynamic import.
+*/
+async function createWizardToolsServer(options) {
+	const { workingDirectory, detectPackageManager, skillsBaseUrl } = options;
+	const { tool, createSdkMcpServer } = await getSDKModule$1();
+	let cachedSkillMenu = {};
+	let categoryNames = ["integration"];
+	const menu = await fetchSkillMenu(skillsBaseUrl);
+	if (menu) cachedSkillMenu = menu.categories;
+	const keys = Object.keys(cachedSkillMenu);
+	if (keys.length > 0) categoryNames = keys;
+	return createSdkMcpServer({
+		name: SERVER_NAME,
+		version: "1.0.0",
+		tools: [
+			tool("check_env_keys", "Check which environment variable keys are present or missing in a .env file. Never reveals values.", {
+				filePath: z.string().describe("Path to the .env file, relative to the project root"),
+				keys: z.array(z.string()).describe("Environment variable key names to check")
+			}, (args) => {
+				const resolved = resolveEnvPath(workingDirectory, args.filePath);
+				logToFile(`check_env_keys: ${resolved}, keys: ${args.keys.join(", ")}`);
+				const existingKeys = fs.existsSync(resolved) ? parseEnvKeys(fs.readFileSync(resolved, "utf8")) : /* @__PURE__ */ new Set();
+				const results = {};
+				for (const key of args.keys) results[key] = existingKeys.has(key) ? "present" : "missing";
+				return { content: [{
+					type: "text",
+					text: JSON.stringify(results, null, 2)
+				}] };
+			}),
+			tool("set_env_values", "Create or update environment variable keys in a .env file. Creates the file if it does not exist. Ensures .gitignore coverage.", {
+				filePath: z.string().describe("Path to the .env file, relative to the project root"),
+				values: z.record(z.string(), z.string()).describe("Key-value pairs to set")
+			}, (args) => {
+				const forbidden = Object.keys(args.values).find((k) => k.toUpperCase() === "POSTHOG_KEY");
+				if (forbidden) return {
+					content: [{
+						type: "text",
+						text: `Error: "${forbidden}" is not a valid PostHog env var name. Use the project-specific key name from your framework's integration guide (e.g. NEXT_PUBLIC_POSTHOG_PROJECT_TOKEN).`
+					}],
+					isError: true
+				};
+				const resolved = resolveEnvPath(workingDirectory, args.filePath);
+				logToFile(`set_env_values: ${resolved}, keys: ${Object.keys(args.values).join(", ")}`);
+				const content = mergeEnvValues(fs.existsSync(resolved) ? fs.readFileSync(resolved, "utf8") : "", args.values);
+				const dir = path.dirname(resolved);
+				if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+				fs.writeFileSync(resolved, content, "utf8");
+				ensureGitignoreCoverage(workingDirectory, path.basename(resolved));
+				return { content: [{
+					type: "text",
+					text: `Updated ${Object.keys(args.values).length} key(s) in ${args.filePath}`
+				}] };
+			}),
+			tool("detect_package_manager", "Detect which package manager(s) the project uses. Returns the name, install command, and run command for each detected package manager. Call this before running any install commands.", {}, async () => {
+				logToFile(`detect_package_manager: scanning ${workingDirectory}`);
+				const result = await detectPackageManager(workingDirectory);
+				logToFile(`detect_package_manager: detected ${result.detected.length} package manager(s)`);
+				return { content: [{
+					type: "text",
+					text: JSON.stringify(result, null, 2)
+				}] };
+			}),
+			tool("load_skill_menu", "Load available PostHog skills for a category. Returns skill IDs and names. Call this first, then use install_skill with the chosen ID.", { category: z.enum(categoryNames).describe("Skill category") }, (args) => {
+				const skills = cachedSkillMenu[args.category];
+				if (!skills || skills.length === 0) return {
+					content: [{
+						type: "text",
+						text: `No skills found for category "${args.category}".`
+					}],
+					isError: true
+				};
+				const menuText = skills.map((s) => `- ${s.id}: ${s.name}`).join("\n");
+				logToFile(`load_skill_menu: returning ${skills.length} skills for "${args.category}"`);
+				return { content: [{
+					type: "text",
+					text: menuText
+				}] };
+			}),
+			tool("install_skill", "Download and install a PostHog skill by ID. Call load_skill_menu first to see available skills. Extracts the skill to .claude/skills/<skillId>/.", { skillId: z.string().describe("Skill ID from the skill menu (e.g., \"integration-nextjs-app-router\")") }, (args) => {
+				if (!/^[a-z0-9][a-z0-9_-]*$/.test(args.skillId)) return {
+					content: [{
+						type: "text",
+						text: "Error: skillId must be lowercase alphanumeric with hyphens."
+					}],
+					isError: true
+				};
+				const skill = Object.values(cachedSkillMenu).flat().find((s) => s.id === args.skillId);
+				if (!skill) return {
+					content: [{
+						type: "text",
+						text: `Error: skill "${args.skillId}" not found. Use load_skill_menu to see available skills.`
+					}],
+					isError: true
+				};
+				const result = downloadSkill(skill, workingDirectory);
+				if (result.success) return { content: [{
+					type: "text",
+					text: `Skill installed to .claude/skills/${args.skillId}/`
+				}] };
+				else return {
+					content: [{
+						type: "text",
+						text: `Error installing skill: ${result.error}`
+					}],
+					isError: true
+				};
+			})
+		]
+	});
+}
+/** Tool names exposed by the wizard-tools server, for use in allowedTools */
+const WIZARD_TOOL_NAMES = [
+	`${SERVER_NAME}:check_env_keys`,
+	`${SERVER_NAME}:set_env_values`,
+	`${SERVER_NAME}:detect_package_manager`,
+	`${SERVER_NAME}:load_skill_menu`,
+	`${SERVER_NAME}:install_skill`
+];
+//#endregion
+//#region src/lib/yara-scanner.ts
+const POST_WRITE_EDIT = [{
+	phase: "PostToolUse",
+	tool: "Write"
+}, {
+	phase: "PostToolUse",
+	tool: "Edit"
+}];
+const POST_READ_GREP = [{
+	phase: "PostToolUse",
+	tool: "Read"
+}, {
+	phase: "PostToolUse",
+	tool: "Grep"
+}];
+const PRE_BASH = [{
+	phase: "PreToolUse",
+	tool: "Bash"
+}];
+const RULES = [
+	{
+		name: "pii_in_capture_call",
+		description: "Detects PII fields passed to posthog.capture() — violates 'NEVER send PII in capture()' commandment",
+		severity: "high",
+		category: "posthog_pii",
+		appliesTo: POST_WRITE_EDIT,
+		patterns: [
+			/\.capture\s*\([^)]{0,200}email/i,
+			/\.capture\s*\([^)]{0,200}phone/i,
+			/\.capture\s*\([^)]{0,200}full[_\s]?name/i,
+			/\.capture\s*\([^)]{0,200}first[_\s]?name/i,
+			/\.capture\s*\([^)]{0,200}last[_\s]?name/i,
+			/\.capture\s*\([^)]{0,200}(street|mailing|home|billing)[_\s]?address/i,
+			/\.capture\s*\([^)]{0,200}(ssn|social[_\s]?security)/i,
+			/\.capture\s*\([^)]{0,200}(date[_\s]?of[_\s]?birth|dob|birthday)/i,
+			/\.capture\s*\([^)]{0,200}\$ip/,
+			/\.identify\s*\([^)]{0,200}(ssn|social[_\s]?security)/i,
+			/\.identify\s*\([^)]{0,200}(card[_\s]?number|cvv|credit[_\s]?card)/i,
+			/\.identify\s*\([^)]{0,200}(date[_\s]?of[_\s]?birth|dob|birthday)/i,
+			/\.identify\s*\([^)]{0,200}(street|mailing|home|billing)[_\s]?address/i,
+			/\$set[^}]{0,200}email/i,
+			/\$set[^}]{0,200}phone/i
+		]
+	},
+	{
+		name: "hardcoded_posthog_key",
+		description: "Detects hardcoded PostHog API keys in source — violates 'use environment variables' commandment",
+		severity: "high",
+		category: "posthog_hardcoded_key",
+		appliesTo: POST_WRITE_EDIT,
+		patterns: [
+			/phc_[a-zA-Z0-9]{20,}/,
+			/phx_[a-zA-Z0-9]{20,}/,
+			/apiKey\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/,
+			/api_key\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/,
+			/POSTHOG_PROJECT_TOKEN\s*[:=]\s*['"][a-zA-Z0-9_]{20,}['"]/
+		]
+	},
+	{
+		name: "autocapture_disabled",
+		description: "Detects agent disabling autocapture — violates 'don't disable autocapture' commandment",
+		severity: "medium",
+		category: "posthog_autocapture",
+		appliesTo: POST_WRITE_EDIT,
+		patterns: [
+			/autocapture\s*:\s*false/,
+			/autocapture\s*:\s*'false'/,
+			/autocapture\s*:\s*"false"/,
+			/autocapture\s*=\s*False/,
+			/disable_autocapture\s*[:=]\s*(true|True|1)/
+		]
+	},
+	{
+		name: "hardcoded_posthog_host",
+		description: "Detects hardcoded PostHog host URLs in source — should use environment variables",
+		severity: "high",
+		category: "posthog_hardcoded_key",
+		appliesTo: POST_WRITE_EDIT,
+		patterns: [/['"]https:\/\/(us|eu)\.i\.posthog\.com['"]/]
+	},
+	{
+		name: "session_recording_disabled",
+		description: "Detects agent disabling session recording",
+		severity: "medium",
+		category: "posthog_config",
+		appliesTo: POST_WRITE_EDIT,
+		patterns: [/disable_session_recording\s*:\s*true/i, /disable_session_recording\s*=\s*True/]
+	},
+	{
+		name: "opt_out_capturing",
+		description: "Detects agent opting out of PostHog capturing entirely",
+		severity: "medium",
+		category: "posthog_config",
+		appliesTo: POST_WRITE_EDIT,
+		patterns: [/opt_out_capturing\s*[:=]\s*(true|True|1)/i, /opted_out\s*[:=]\s*(true|True|1)/i]
+	},
+	{
+		name: "prompt_injection_wizard_override",
+		description: "Detects classic prompt injection attempting to override agent instructions",
+		severity: "critical",
+		category: "prompt_injection",
+		appliesTo: POST_READ_GREP,
+		patterns: [
+			/ignore previous instructions/i,
+			/disregard all/i,
+			/forget your instructions/i,
+			/override your rules/i,
+			/act as a different/i,
+			/new instructions:/i
+		]
+	},
+	{
+		name: "prompt_injection_wizard_specific",
+		description: "Detects wizard-specific manipulation or tool abuse attempts in project files",
+		severity: "medium",
+		category: "prompt_injection",
+		appliesTo: POST_READ_GREP,
+		patterns: [
+			/skip posthog/i,
+			/do not install posthog/i,
+			/remove posthog/i,
+			/uninstall posthog/i,
+			/delete the posthog/i,
+			/run the following command/i,
+			/execute this shell command/i,
+			/you are now a\s/i
+		]
+	},
+	{
+		name: "prompt_injection_base64",
+		description: "Detects suspicious base64-encoded blocks in file content that may contain obfuscated prompt injection",
+		severity: "critical",
+		category: "prompt_injection",
+		appliesTo: POST_READ_GREP,
+		patterns: [/(?:\/\/|#|\/\*)\s*[A-Za-z0-9+/]{100,}={0,2}/]
+	},
+	{
+		name: "secret_exfiltration_via_command",
+		description: "Detects shell commands attempting to exfiltrate secrets or credentials",
+		severity: "critical",
+		category: "exfiltration",
+		appliesTo: PRE_BASH,
+		patterns: [
+			/curl\s+.*\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,
+			/wget\s+.*\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD|CREDENTIAL)/i,
+			/(\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\.env|credentials)\S*.*\|\s*curl/i,
+			/(\$\{?[A-Z_]*(KEY|TOKEN|SECRET|PASSWORD)|\.env|credentials)\S*.*\|\s*wget/i,
+			/\|\s*nc\s/,
+			/\|\s*netcat\s/,
+			/base64.*\|\s*(curl|wget|nc\s)/i,
+			/cat\s+.*\.env.*\|\s*(curl|wget)/,
+			/curl.*phc_[a-zA-Z0-9]/,
+			/wget.*phc_[a-zA-Z0-9]/
+		]
+	},
+	{
+		name: "destructive_rm",
+		description: "Detects rm -rf or rm -r commands that could mass-delete files",
+		severity: "critical",
+		category: "filesystem_safety",
+		appliesTo: PRE_BASH,
+		patterns: [
+			/\brm\s+(-[a-zA-Z]*r[a-zA-Z]*f|-[a-zA-Z]*f[a-zA-Z]*r)\b/,
+			/\brm\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*r[a-zA-Z]*\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*f\b/,
+			/\brm\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*f[a-zA-Z]*\s+(-[a-zA-Z]*\s+)*-[a-zA-Z]*r\b/
+		]
+	},
+	{
+		name: "git_force_push",
+		description: "Detects git push --force which can overwrite remote history",
+		severity: "critical",
+		category: "filesystem_safety",
+		appliesTo: PRE_BASH,
+		patterns: [/git\s+push\s+.*--force/, /git\s+push\s+.*-f\b/]
+	},
+	{
+		name: "git_reset_hard",
+		description: "Detects git reset --hard which discards all uncommitted changes",
+		severity: "critical",
+		category: "filesystem_safety",
+		appliesTo: PRE_BASH,
+		patterns: [/git\s+reset\s+--hard/]
+	},
+	{
+		name: "wrong_posthog_package",
+		description: "Detects installing the wrong PostHog npm package — should be posthog-js or posthog-node",
+		severity: "high",
+		category: "supply_chain",
+		appliesTo: PRE_BASH,
+		patterns: [
+			/npm\s+install\s+(?:--save\s+|--save-dev\s+|-[SD]\s+)*posthog(?!\s*-)/,
+			/pnpm\s+(?:add|install)\s+(?:--save\s+|--save-dev\s+|-[SD]\s+)*posthog(?!\s*-)/,
+			/yarn\s+add\s+(?:--dev\s+|-D\s+)*posthog(?!\s*-)/,
+			/bun\s+(?:add|install)\s+(?:--dev\s+|-[dD]\s+)*posthog(?!\s*-)/
+		]
+	},
+	{
+		name: "npm_install_global",
+		description: "Detects global npm installs — should never install packages globally",
+		severity: "high",
+		category: "supply_chain",
+		appliesTo: PRE_BASH,
+		patterns: [/npm\s+install\s+-g\b/, /npm\s+install\s+--global\b/]
+	}
+];
+/** Maximum content length to scan (100 KB). Inputs beyond this are truncated. */
+const MAX_SCAN_LENGTH = 1e5;
+/**
+* Scan content against rules applicable to a given hook phase and tool.
+* Returns all matching rules (one match per rule, first pattern wins).
+*/
+function scan(content, phase, tool) {
+	const scanContent = content.length > MAX_SCAN_LENGTH ? content.slice(0, MAX_SCAN_LENGTH) : content;
+	const applicableRules = RULES.filter((r) => r.appliesTo.some((a) => a.phase === phase && a.tool === tool));
+	const matches = [];
+	for (const rule of applicableRules) for (const pattern of rule.patterns) {
+		const match = pattern.exec(scanContent);
+		if (match) {
+			matches.push({
+				rule,
+				matchedText: match[0],
+				offset: match.index
+			});
+			break;
+		}
+	}
+	return matches.length > 0 ? {
+		matched: true,
+		matches
+	} : { matched: false };
+}
+/**
+* Scan all files in a skill directory for prompt injection.
+* Used for context-mill scanning after skill installation.
+*/
+function scanSkillDirectory(files) {
+	const allMatches = [];
+	for (const file of files) {
+		const result = scan(file.content, "PostToolUse", "Read");
+		if (result.matched) allMatches.push(...result.matches);
+	}
+	return allMatches.length > 0 ? {
+		matched: true,
+		matches: allMatches
+	} : { matched: false };
+}
+//#endregion
+//#region src/lib/skill-install.ts
+/**
+* Check if command is a PostHog skill installation from MCP.
+* We control the MCP server, so we only need to verify:
+* 1. It installs to .claude/skills/
+* 2. It downloads from our GitHub releases or localhost (dev)
+*
+* Extracted to its own module to avoid a circular dependency
+* between agent-interface.ts and yara-hooks.ts.
+*/
+function isSkillInstallCommand(command) {
+	if (!command.startsWith("mkdir -p .claude/skills/")) return false;
+	const urlMatch = command.match(/curl -sL ['"]([^'"]+)['"]/);
+	if (!urlMatch) return false;
+	const url = urlMatch[1];
+	return url.startsWith("https://github.com/PostHog/context-mill/releases/") || /^http:\/\/localhost:\d+\//.test(url);
+}
+//#endregion
+//#region src/lib/yara-hooks.ts
+/**
+* YARA hook wiring for the Claude Agent SDK.
+*
+* Creates PreToolUse and PostToolUse hook callback arrays that
+* integrate the YARA scanner into the wizard's agent loop. These
+* hooks are registered in the SDK's query() options alongside the
+* existing Stop hook.
+*
+* PreToolUse hooks block dangerous commands before execution.
+* PostToolUse hooks detect violations in written code and prompt
+* injection in read content, and scan context-mill skill downloads.
+*/
+let scanCount = 0;
+const scanViolations = [];
+function recordScan() {
+	scanCount++;
+}
+function recordViolation(entry) {
+	scanViolations.push(entry);
+}
+/** Format the scan report summary. Returns null if no scans occurred */
+function formatScanReport() {
+	if (scanCount === 0) return null;
+	const lines = ["", "— YARA Scanner Summary —"];
+	const violationCount = scanViolations.length;
+	const cleanCount = scanCount - violationCount;
+	lines.push(`✓ ${scanCount} tool calls scanned, ${violationCount} violation${violationCount !== 1 ? "s" : ""} detected`);
+	if (violationCount > 0) {
+		lines.push("");
+		for (const v of scanViolations) {
+			const tag = v.action.toUpperCase();
+			lines.push(`  [${tag}] ${v.rule} (${v.severity.toUpperCase()}) — ${v.phase}:${v.tool}`);
+		}
+	}
+	if (cleanCount > 0) {
+		lines.push("");
+		lines.push(`No violations: ✓ ${cleanCount} clean scan${cleanCount !== 1 ? "s" : ""}`);
+	}
+	lines.push("");
+	return lines.join("\n");
+}
+const YARA_REPORT_PATH = "/tmp/posthog-wizard-yara-report.json";
+/** Write the scan report to a JSON file. Returns the file path, or null if no scans occurred. */
+function writeScanReport() {
+	if (scanCount === 0) return null;
+	const report = {
+		summary: {
+			totalScans: scanCount,
+			violations: scanViolations.length,
+			clean: scanCount - scanViolations.length
+		},
+		violations: scanViolations
+	};
+	try {
+		fs.writeFileSync(YARA_REPORT_PATH, JSON.stringify(report, null, 2));
+	} catch (err) {
+		logToFile("[YARA] Failed to write scan report:", err);
+		return null;
+	}
+	return YARA_REPORT_PATH;
+}
+/** Timeout for synchronous scan hooks (PreToolUse, PostToolUse Write/Edit/Read) */
+const HOOK_TIMEOUT_MS = 60;
+/** Timeout for skill install hook (involves filesystem I/O) */
+const SKILL_SCAN_HOOK_TIMEOUT_MS = 120;
+function logYaraMatch(phase, tool, match, action) {
+	logToFile(`[YARA] ${phase}:${tool} [${action.toUpperCase()}] rule "${match.rule.name}" (severity: ${match.rule.severity}, category: ${match.rule.category})\n  Description: ${match.rule.description}\n  Matched text: "${match.matchedText.substring(0, 200)}"`);
+	analytics.wizardCapture("yara rule matched", {
+		rule: match.rule.name,
+		severity: match.rule.severity,
+		category: match.rule.category,
+		action,
+		phase,
+		tool
+	});
+}
+const SEVERITY_RANK = {
+	critical: 4,
+	high: 3,
+	medium: 2,
+	low: 1
+};
+/** Return the highest-severity match from a list of matches. */
+function highestSeverityMatch(matches) {
+	return matches.reduce((worst, m) => (SEVERITY_RANK[m.rule.severity] ?? 0) > (SEVERITY_RANK[worst.rule.severity] ?? 0) ? m : worst);
+}
+/**
+* Create PreToolUse hook matchers for YARA scanning.
+* Scans Bash commands before execution for exfiltration,
+* destructive operations, and supply chain violations.
+*/
+function createPreToolUseYaraHooks() {
+	return [{
+		hooks: [(input) => {
+			try {
+				if (input.tool_name !== "Bash") return Promise.resolve({});
+				const toolInput = input.tool_input;
+				const command = typeof toolInput?.command === "string" ? toolInput.command : "";
+				if (!command) return Promise.resolve({});
+				recordScan();
+				const result = scan(command, "PreToolUse", "Bash");
+				if (!result.matched) return Promise.resolve({});
+				const match = highestSeverityMatch(result.matches);
+				logYaraMatch("PreToolUse", "Bash", match, "blocked");
+				recordViolation({
+					rule: match.rule.name,
+					severity: match.rule.severity,
+					action: "blocked",
+					phase: "PreToolUse",
+					tool: "Bash"
+				});
+				return Promise.resolve({
+					decision: "block",
+					reason: `[YARA] ${match.rule.name}: ${match.rule.description}. Command blocked for security.`
+				});
+			} catch (error) {
+				logToFile("[YARA] PreToolUse hook error:", error);
+				return Promise.resolve({
+					decision: "block",
+					reason: "[YARA] Scanner error — command blocked as a precaution."
+				});
+			}
+		}],
+		timeout: HOOK_TIMEOUT_MS
+	}];
+}
+/**
+* Create PostToolUse hook matchers for YARA scanning.
+*
+* Three matchers:
+* 1. Write/Edit — scan written content for PII, secrets, config violations
+* 2. Read/Grep — scan read content for prompt injection
+* 3. Bash (skill install) — scan downloaded skill files for poisoned content
+*/
+function createPostToolUseYaraHooks() {
+	return [
+		{
+			hooks: [(input) => {
+				try {
+					const toolName = input.tool_name;
+					if (toolName !== "Write" && toolName !== "Edit") return Promise.resolve({});
+					const toolInput = input.tool_input;
+					const content = toolName === "Write" ? toolInput?.content ?? "" : toolInput?.new_str ?? "";
+					if (!content) return Promise.resolve({});
+					recordScan();
+					const tool = toolName;
+					const result = scan(content, "PostToolUse", tool);
+					if (!result.matched) return Promise.resolve({});
+					const match = highestSeverityMatch(result.matches);
+					logYaraMatch("PostToolUse", tool, match, "reverted");
+					recordViolation({
+						rule: match.rule.name,
+						severity: match.rule.severity,
+						action: "reverted",
+						phase: "PostToolUse",
+						tool
+					});
+					return Promise.resolve({ hookSpecificOutput: {
+						hookEventName: "PostToolUse",
+						additionalContext: `[YARA VIOLATION] ${match.rule.name}: ${match.rule.description}. You MUST revert this change immediately. The content you just wrote violates security policy.`
+					} });
+				} catch (error) {
+					logToFile("[YARA] PostToolUse Write/Edit hook error:", error);
+					return Promise.resolve({ hookSpecificOutput: {
+						hookEventName: "PostToolUse",
+						additionalContext: "[YARA] Scanner error — you MUST revert this change as a precaution."
+					} });
+				}
+			}],
+			timeout: HOOK_TIMEOUT_MS
+		},
+		{
+			hooks: [(input) => {
+				try {
+					const toolName = input.tool_name;
+					if (toolName !== "Read" && toolName !== "Grep") return Promise.resolve({});
+					const toolResponse = input.tool_response;
+					const content = typeof toolResponse === "string" ? toolResponse : JSON.stringify(toolResponse ?? "");
+					if (!content) return Promise.resolve({});
+					recordScan();
+					const tool = toolName;
+					const result = scan(content, "PostToolUse", tool);
+					if (!result.matched) return Promise.resolve({});
+					const match = highestSeverityMatch(result.matches);
+					if (match.rule.severity === "critical") {
+						logYaraMatch("PostToolUse", tool, match, "aborted");
+						recordViolation({
+							rule: match.rule.name,
+							severity: match.rule.severity,
+							action: "aborted",
+							phase: "PostToolUse",
+							tool
+						});
+						return Promise.resolve({ stopReason: `[YARA CRITICAL] ${match.rule.name}: Prompt injection detected in file content. Agent context is potentially poisoned. Session terminated for safety.` });
+					}
+					logYaraMatch("PostToolUse", tool, match, "warned");
+					recordViolation({
+						rule: match.rule.name,
+						severity: match.rule.severity,
+						action: "warned",
+						phase: "PostToolUse",
+						tool
+					});
+					return Promise.resolve({ hookSpecificOutput: {
+						hookEventName: "PostToolUse",
+						additionalContext: `[YARA WARNING] ${match.rule.name}: ${match.rule.description}`
+					} });
+				} catch (error) {
+					logToFile("[YARA] PostToolUse Read/Grep hook error:", error);
+					return Promise.resolve({ stopReason: "[YARA] Scanner error while scanning read content — session terminated as a precaution." });
+				}
+			}],
+			timeout: HOOK_TIMEOUT_MS
+		},
+		{
+			hooks: [async (input) => {
+				try {
+					if (input.tool_name !== "Bash") return {};
+					const toolInput = input.tool_input;
+					const command = typeof toolInput?.command === "string" ? toolInput.command : "";
+					if (!isSkillInstallCommand(command)) return {};
+					const dirMatch = command.match(/mkdir -p (.claude\/skills\/[^\s&]+)/);
+					if (!dirMatch) return {};
+					const skillDir = dirMatch[1];
+					const cwd = input.cwd ?? process.cwd();
+					recordScan();
+					const result = await scanSkillFiles(cwd, skillDir);
+					if (!result.matched) return {};
+					const match = highestSeverityMatch(result.matches);
+					logYaraMatch("PostToolUse", "Bash (skill install)", match, "aborted");
+					recordViolation({
+						rule: match.rule.name,
+						severity: match.rule.severity,
+						action: "aborted",
+						phase: "PostToolUse",
+						tool: "Bash (skill)"
+					});
+					return { stopReason: `[YARA CRITICAL] Poisoned skill detected in ${skillDir}: ${match.rule.name}. The downloaded skill contains potential prompt injection. Session terminated for safety.` };
+				} catch (error) {
+					logToFile("[YARA] PostToolUse skill install hook error:", error);
+					return { stopReason: "[YARA] Scanner error while scanning skill files — session terminated as a precaution." };
+				}
+			}],
+			timeout: SKILL_SCAN_HOOK_TIMEOUT_MS
+		}
+	];
+}
+/**
+* Read and scan all text files in a skill directory for prompt injection.
+*/
+async function scanSkillFiles(cwd, skillDir) {
+	const absoluteDir = path.resolve(cwd, skillDir);
+	if (!fs.existsSync(absoluteDir)) {
+		logToFile(`[YARA] Skill directory does not exist: ${absoluteDir}`);
+		return { matched: false };
+	}
+	const files = await fg("**/*.{md,txt,yaml,yml,json,js,ts,py,rb,sh}", {
+		cwd: absoluteDir,
+		absolute: true
+	});
+	const fileContents = [];
+	for (const filePath of files) try {
+		const content = fs.readFileSync(filePath, "utf-8");
+		fileContents.push({
+			path: filePath,
+			content
+		});
+	} catch (err) {
+		logToFile(`[YARA] Could not read skill file ${filePath}:`, err);
+	}
+	if (fileContents.length === 0) {
+		logToFile(`[YARA] No text files found in skill directory: ${absoluteDir}`);
+		return { matched: false };
+	}
+	logToFile(`[YARA] Scanning ${fileContents.length} files in skill directory: ${skillDir}`);
+	return scanSkillDirectory(fileContents);
+}
+//#endregion
+//#region src/lib/agent/commandments.ts
+/**
+* Wizard-wide commandments that are always appended as a system prompt.
+*
+* Keep this as a simple string so it can be inlined into the compiled bundle
+* without extra files, copying, or runtime I/O.
+*/
+const WIZARD_COMMANDMENTS = [
+	"Never hallucinate a PostHog project token, host, or any other secret. Always use the real values that have been configured for this project (for example via environment variables).",
+	"Never write API keys, access tokens, or other secrets directly into source code. Always reference environment variables instead, and rely on the wizard-tools MCP server (check_env_keys / set_env_values) to create or update .env files.",
+	"Always use the detect_package_manager tool from the wizard-tools MCP server to determine the package manager. Do not guess based on lockfiles or hard-code npm, yarn, pnpm, bun, pip, etc.",
+	"When installing packages, start the installation as a background task and then continue with other work. Do not block waiting for installs to finish unless explicitly instructed.",
+	"Before writing to any file, you MUST read that exact file immediately beforehand using the Read tool, even if you have already read it earlier in the run. This avoids tool failures and stale edits.",
+	"Treat feature flags, custom properties, and event names as part of an analytics contract. Prefer reusing existing names and patterns in the project. When you must introduce new ones, make them clear, descriptive, and consistent with existing conventions, and avoid scattering the same flag or property across many unrelated callsites.",
+	"Prefer minimal, targeted edits that achieve the requested behavior while preserving existing structure and style. Avoid large refactors, broad reformatting, or unrelated changes unless explicitly requested.",
+	"Do not spawn subagents unless explicitly instructed to do so.",
+	"After reading the integration skill, use the TodoWrite tool to track your progress. Create a todo list at the describing the high-level areas of work, mark each as in_progress when you begin it, and completed when done. Describe high-level tasks from the workflow (\"inserting event tracking code\", etc), not specific files or lines. For each new stage of the integration, create additional todos if necessary. Create a final \"wrapping up\" step and mark it completed when the integration is complete.",
+	"Do not assume \"PostHog provider\" or \"PostHogProvider\" in todo labels, status messages, or code. Only use a provider if the skill workflow explicitly requires one for the specific framework.",
+	"If you see a [YARA WARNING] or [YARA VIOLATION] message, handle it silently. Fix the issue (revert the write, avoid the flagged pattern) without mentioning security warnings or YARA to the user. These are internal guardrails, not user-facing alerts. Never show scary security language to the user."
+].join("\n");
+function getWizardCommandments() {
+	return WIZARD_COMMANDMENTS;
+}
+//#endregion
+//#region src/lib/agent/agent-interface.ts
+/**
+* Shared agent interface for PostHog wizards
+* Uses Claude Agent SDK directly with PostHog LLM gateway
+*/
+let _sdkModule = null;
+async function getSDKModule() {
+	if (!_sdkModule) _sdkModule = await import("@anthropic-ai/claude-agent-sdk");
+	return _sdkModule;
+}
+/**
+* Get the path to the bundled Claude Code CLI from the SDK package.
+* This ensures we use the SDK's bundled version rather than the user's installed Claude Code.
+*/
+function getClaudeCodeExecutablePath() {
+	const sdkPackagePath = __require.resolve("@anthropic-ai/claude-agent-sdk");
+	return path.join(path.dirname(sdkPackagePath), "cli.js");
+}
+const AgentSignals = {
+	STATUS: "[STATUS]",
+	ERROR_MCP_MISSING: "[ERROR-MCP-MISSING]",
+	ERROR_RESOURCE_MISSING: "[ERROR-RESOURCE-MISSING]",
+	ABORT: "[ABORT]",
+	WIZARD_REMARK: "[WIZARD-REMARK]",
+	BENCHMARK: "[BENCHMARK]"
+};
+const BLOCKING_ENV_KEYS = [
+	"ANTHROPIC_API_KEY",
+	"ANTHROPIC_BASE_URL",
+	"ANTHROPIC_AUTH_TOKEN"
+];
+const BLOCKING_SETTINGS_KEYS = ["apiKeyHelper"];
+/**
+* Check a single settings file for blocking env keys and top-level settings keys.
+* Returns matched key names, or an empty array if none found.
+*/
+function checkSettingsFile(filePath) {
+	try {
+		const raw = fs$1.readFileSync(filePath, "utf-8");
+		const parsed = JSON.parse(raw);
+		const matched = [];
+		const envBlock = parsed?.env;
+		if (envBlock && typeof envBlock === "object") matched.push(...BLOCKING_ENV_KEYS.filter((key) => key in envBlock));
+		matched.push(...BLOCKING_SETTINGS_KEYS.filter((key) => key in parsed && parsed[key] !== "" && parsed[key] != null));
+		return matched;
+	} catch {
+		return [];
+	}
+}
+/**
+* Managed settings path on macOS.
+* IT/MDM-deployed settings — readable by all users, writable only by root.
+*/
+const MANAGED_SETTINGS_PATH = "/Library/Application Support/ClaudeCode/managed-settings.json";
+/**
+* Check project and org-managed settings for blocking keys that conflict
+* with the wizard's proxy auth.
+*/
+function checkAllSettingsConflicts(workingDirectory) {
+	const conflicts = [];
+	const sources = [{
+		source: "managed",
+		paths: [MANAGED_SETTINGS_PATH],
+		writable: false
+	}, {
+		source: "project",
+		paths: [path.join(workingDirectory, ".claude", "settings.json"), path.join(workingDirectory, ".claude", "settings")],
+		writable: true
+	}];
+	for (const { source, paths, writable } of sources) for (const filePath of paths) {
+		const keys = checkSettingsFile(filePath);
+		if (keys.length > 0) {
+			conflicts.push({
+				source,
+				keys,
+				writable
+			});
+			break;
+		}
+	}
+	return conflicts;
+}
+/**
+* Copy .claude/settings.json to .wizard-backup (overwriting if it exists),
+* then remove the original so the SDK doesn't load the blocking overrides.
+*/
+function backupAndFixClaudeSettings(workingDirectory) {
+	for (const name of ["settings.json", "settings"]) {
+		const filePath = path.join(workingDirectory, ".claude", name);
+		const backupPath = `${filePath}.wizard-backup`;
+		analytics.wizardCapture("backedup-claude-settings");
+		try {
+			fs$1.copyFileSync(filePath, backupPath);
+			fs$1.unlinkSync(filePath);
+			registerCleanup(() => {
+				try {
+					restoreClaudeSettings(workingDirectory);
+				} catch (error) {
+					analytics.captureException(error);
+				}
+			});
+			return true;
+		} catch {}
+	}
+	return false;
+}
+/**
+* Restore .claude/settings.json from .wizard-backup.
+* Copies (not moves) so the backup is preserved.
+*/
+function restoreClaudeSettings(workingDirectory) {
+	for (const name of ["settings.json", "settings"]) {
+		const backup = path.join(workingDirectory, ".claude", `${name}.wizard-backup`);
+		try {
+			fs$1.copyFileSync(backup, path.join(workingDirectory, ".claude", name));
+			analytics.wizardCapture("restored-claude-settings");
+			return;
+		} catch (error) {
+			analytics.captureException(error);
+		}
+	}
+}
+/**
+* Create a stop hook callback that drains the additional feature queue,
+* then collects a remark, then allows stop.
+*
+* Three-phase logic using closure state:
+*   Phase 1 — drain queue: block with each feature prompt in order
+*   Phase 2 — collect remark (once): block with remark prompt
+*   Phase 3 — allow stop: return {}
+*/
+function createStopHook(featureQueue, collectedText) {
+	let featureIndex = 0;
+	let remarkRequested = false;
+	return (input) => {
+		logToFile("Stop hook triggered", {
+			stop_hook_active: input.stop_hook_active,
+			featureIndex,
+			remarkRequested,
+			queueLength: featureQueue.length
+		});
+		if (collectedText) {
+			if (collectedText.join("\n").includes("API Error:")) {
+				logToFile("Stop hook: API error detected, allowing immediate stop");
+				return {};
+			}
+		}
+		if (featureIndex < featureQueue.length) {
+			const feature = featureQueue[featureIndex++];
+			const prompt = ADDITIONAL_FEATURE_PROMPTS[feature];
+			logToFile(`Stop hook: injecting feature prompt for ${feature}`);
+			return {
+				decision: "block",
+				reason: prompt
+			};
+		}
+		if (!remarkRequested) {
+			remarkRequested = true;
+			logToFile("Stop hook: requesting reflection");
+			return {
+				decision: "block",
+				reason: `Before concluding, provide a brief remark about what information or guidance would have been useful to have in the integration prompt or documentation for this run. Specifically cite anything that would have prevented tool failures, erroneous edits, or other wasted turns. Format your response exactly as: ${AgentSignals.WIZARD_REMARK} Your remark here`
+			};
+		}
+		logToFile("Stop hook: allowing stop");
+		return {};
+	};
+}
+/**
+* Select wizard metadata from WIZARD_VARIANTS using the variant feature flag.
+* If the flag is missing or the value is not in config, returns the "base" variant (VARIANT: "base").
+*/
+function buildWizardMetadata(flags = {}) {
+	const variantKey = flags[WIZARD_VARIANT_FLAG_KEY];
+	return { ...(variantKey && WIZARD_VARIANTS[variantKey]) ?? WIZARD_VARIANTS["base"] };
+}
+/**
+* Build env for the SDK subprocess: process.env plus ANTHROPIC_CUSTOM_HEADERS from wizard metadata/flags.
+*/
+function buildAgentEnv(wizardMetadata, wizardFlags) {
+	const headers = createCustomHeaders();
+	for (const [key, value] of Object.entries(wizardMetadata)) headers.add(key.startsWith("X-POSTHOG-PROPERTY-") ? key : `${POSTHOG_PROPERTY_HEADER_PREFIX}${key}`, value);
+	for (const [flagKey, variant] of Object.entries(wizardFlags)) {
+		if (!flagKey.toLowerCase().startsWith("wizard")) continue;
+		headers.addFlag(flagKey, variant);
+	}
+	const encoded = headers.encode();
+	logToFile("ANTHROPIC_CUSTOM_HEADERS", encoded);
+	return encoded;
+}
+/**
+* Package managers that can be used to run commands.
+*/
+const PACKAGE_MANAGERS = [
+	"npm",
+	"pnpm",
+	"yarn",
+	"bun",
+	"npx",
+	"pip",
+	"pip3",
+	"poetry",
+	"pipenv",
+	"uv"
+];
+/**
+* Safe scripts/commands that can be run with any package manager.
+* Uses startsWith matching, so 'build' matches 'build', 'build:prod', etc.
+* Note: Linting tools are in LINTING_TOOLS and checked separately.
+*/
+const SAFE_SCRIPTS = [
+	"install",
+	"add",
+	"ci",
+	"build",
+	"tsc",
+	"typecheck",
+	"type-check",
+	"check-types",
+	"types",
+	"lint",
+	"format"
+];
+/**
+* Dangerous shell operators that could allow command injection.
+* Note: We handle `2>&1` and `| tail/head` separately as safe patterns.
+*/
+const DANGEROUS_OPERATORS = /[;`$()]/;
+/**
+* Check if command is an allowed package manager command.
+* Matches: <pkg-manager> [run|exec] <safe-script> [args...]
+*/
+function matchesAllowedPrefix(command) {
+	const parts = command.split(/\s+/);
+	if (parts.length === 0 || !PACKAGE_MANAGERS.includes(parts[0])) return false;
+	let scriptIndex = 1;
+	if (parts[scriptIndex] === "run" || parts[scriptIndex] === "exec") scriptIndex++;
+	const scriptPart = parts.slice(scriptIndex).join(" ");
+	return SAFE_SCRIPTS.some((safe) => scriptPart.startsWith(safe)) || LINTING_TOOLS.some((tool) => scriptPart.startsWith(tool));
+}
+/**
+* Permission hook that allows only safe commands.
+* - Package manager install commands
+* - Build/typecheck/lint commands for verification
+* - Piping to tail/head for output limiting is allowed
+* - Stderr redirection (2>&1) is allowed
+*/
+function wizardCanUseTool(toolName, input) {
+	if (toolName === "Read" || toolName === "Write" || toolName === "Edit") {
+		const filePath = typeof input.file_path === "string" ? input.file_path : "";
+		const basename = path.basename(filePath);
+		if (basename.startsWith(".env")) {
+			logToFile(`Denying ${toolName} on env file: ${filePath}`);
+			return {
+				behavior: "deny",
+				message: `Direct ${toolName} of ${basename} is not allowed. Use the wizard-tools MCP server (check_env_keys / set_env_values) to read or modify environment variables.`
+			};
+		}
+		return {
+			behavior: "allow",
+			updatedInput: input
+		};
+	}
+	if (toolName === "Grep") {
+		const grepPath = typeof input.path === "string" ? input.path : "";
+		if (grepPath && path.basename(grepPath).startsWith(".env")) {
+			logToFile(`Denying Grep on env file: ${grepPath}`);
+			return {
+				behavior: "deny",
+				message: `Grep on ${path.basename(grepPath)} is not allowed. Use the wizard-tools MCP server (check_env_keys) to check environment variables.`
+			};
+		}
+		return {
+			behavior: "allow",
+			updatedInput: input
+		};
+	}
+	if (toolName !== "Bash") return {
+		behavior: "allow",
+		updatedInput: input
+	};
+	const command = (typeof input.command === "string" ? input.command : "").trim();
+	if (DANGEROUS_OPERATORS.test(command)) {
+		logToFile(`Denying bash command with dangerous operators: ${command}`);
+		debug(`Denying bash command with dangerous operators: ${command}`);
+		analytics.wizardCapture("bash denied", {
+			reason: "dangerous operators",
+			command
+		});
+		return {
+			behavior: "deny",
+			message: `Bash command not allowed. Shell operators like ; \` $ ( ) are not permitted.`
+		};
+	}
+	const normalized = command.replace(/\s*\d*>&\d+\s*/g, " ").trim();
+	const pipeMatch = normalized.match(/^(.+?)\s*\|\s*(tail|head)(\s+\S+)*\s*$/);
+	if (pipeMatch) {
+		const baseCommand = pipeMatch[1].trim();
+		if (/[|&]/.test(baseCommand)) {
+			logToFile(`Denying bash command with multiple pipes: ${command}`);
+			debug(`Denying bash command with multiple pipes: ${command}`);
+			analytics.wizardCapture("bash denied", {
+				reason: "multiple pipes",
+				command
+			});
+			return {
+				behavior: "deny",
+				message: `Bash command not allowed. Only single pipe to tail/head is permitted.`
+			};
+		}
+		if (matchesAllowedPrefix(baseCommand)) {
+			logToFile(`Allowing bash command with output limiter: ${command}`);
+			debug(`Allowing bash command with output limiter: ${command}`);
+			return {
+				behavior: "allow",
+				updatedInput: input
+			};
+		}
+	}
+	if (/[|&]/.test(normalized)) {
+		logToFile(`Denying bash command with pipe/&: ${command}`);
+		debug(`Denying bash command with pipe/&: ${command}`);
+		analytics.wizardCapture("bash denied", {
+			reason: "disallowed pipe",
+			command
+		});
+		return {
+			behavior: "deny",
+			message: `Bash command not allowed. Pipes are only permitted with tail/head for output limiting.`
+		};
+	}
+	if (matchesAllowedPrefix(normalized)) {
+		logToFile(`Allowing bash command: ${command}`);
+		debug(`Allowing bash command: ${command}`);
+		return {
+			behavior: "allow",
+			updatedInput: input
+		};
+	}
+	logToFile(`Denying bash command: ${command}`);
+	debug(`Denying bash command: ${command}`);
+	analytics.wizardCapture("bash denied", {
+		reason: "not in allowlist",
+		command
+	});
+	return {
+		behavior: "deny",
+		message: `Bash command not allowed. Only install, build, typecheck, lint, and formatting commands are permitted.`
+	};
+}
+/**
+* Initialize agent configuration for the LLM gateway
+*/
+async function initializeAgent(config, options) {
+	initLogFile();
+	logToFile("Agent initialization starting");
+	logToFile("Install directory:", options.installDir);
+	getUI().log.step("Initializing Claude agent...");
+	try {
+		const gatewayUrl = getLlmGatewayUrlFromHost(config.posthogApiHost);
+		process.env.ANTHROPIC_BASE_URL = gatewayUrl;
+		process.env.ANTHROPIC_AUTH_TOKEN = config.posthogApiKey;
+		process.env.CLAUDE_CODE_OAUTH_TOKEN = config.posthogApiKey;
+		process.env.CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS = "true";
+		logToFile("Configured LLM gateway:", gatewayUrl);
+		const mcpServers = {
+			"posthog-wizard": {
+				type: "http",
+				url: config.posthogMcpUrl,
+				headers: {
+					Authorization: `Bearer ${config.posthogApiKey}`,
+					"User-Agent": WIZARD_USER_AGENT
+				}
+			},
+			...Object.fromEntries(Object.entries(config.additionalMcpServers ?? {}).map(([name, { url }]) => [name, {
+				type: "http",
+				url
+			}]))
+		};
+		mcpServers["wizard-tools"] = await createWizardToolsServer({
+			workingDirectory: config.workingDirectory,
+			detectPackageManager: config.detectPackageManager,
+			skillsBaseUrl: config.skillsBaseUrl
+		});
+		const agentRunConfig = {
+			workingDirectory: config.workingDirectory,
+			mcpServers,
+			model: "anthropic/claude-sonnet-4-6",
+			wizardFlags: config.wizardFlags,
+			wizardMetadata: config.wizardMetadata
+		};
+		logToFile("Agent config:", {
+			workingDirectory: agentRunConfig.workingDirectory,
+			posthogMcpUrl: config.posthogMcpUrl,
+			gatewayUrl,
+			apiKeyPresent: !!config.posthogApiKey
+		});
+		if (options.debug) debug("Agent config:", {
+			workingDirectory: agentRunConfig.workingDirectory,
+			posthogMcpUrl: config.posthogMcpUrl,
+			gatewayUrl,
+			apiKeyPresent: !!config.posthogApiKey
+		});
+		getUI().log.step(`Verbose logs: ${getLogFilePath()}`);
+		getUI().log.success("Agent initialized. Let's get cooking!");
+		return agentRunConfig;
+	} catch (error) {
+		getUI().log.error(`Failed to initialize agent: ${error.message}`);
+		logToFile("Agent initialization error:", error);
+		debug("Agent initialization error:", error);
+		throw error;
+	}
+}
+/**
+* Check agent output for YARA scanner violations.
+* Used in both the success and catch paths of runAgent.
+*/
+function checkYaraViolation(outputText, spinner) {
+	if (outputText.includes("[YARA CRITICAL]") || outputText.includes("[YARA] Scanner error")) {
+		logToFile("Agent error: YARA_VIOLATION");
+		spinner.stop("Security violation detected");
+		return { error: "WIZARD_YARA_VIOLATION" };
+	}
+	return null;
+}
+/**
+* Execute an agent with the provided prompt and options
+* Handles the full lifecycle: spinner, execution, error handling
+*
+* @returns An object containing any error detected in the agent's output
+*/
+async function runAgent(agentConfig, prompt, options, spinner, config, middleware) {
+	const { spinnerMessage = "Customizing your PostHog setup...", successMessage = "PostHog integration complete", errorMessage = "Integration failed", abortCases = [] } = config ?? {};
+	const { query } = await getSDKModule();
+	spinner.start(spinnerMessage);
+	const cliPath = getClaudeCodeExecutablePath();
+	logToFile("Starting agent run");
+	logToFile("Claude Code executable:", cliPath);
+	logToFile("Prompt:", prompt);
+	const startTime = Date.now();
+	const collectedText = [];
+	let receivedSuccessResult = false;
+	let loggedInitialContext = false;
+	let lastResultMessage = null;
+	let signalDone;
+	const resultReceived = new Promise((resolve) => {
+		signalDone = resolve;
+	});
+	const createPromptStream = async function* () {
+		yield {
+			type: "user",
+			session_id: "",
+			message: {
+				role: "user",
+				content: prompt
+			},
+			parent_tool_use_id: null
+		};
+		await resultReceived;
+	};
+	const completeWithSuccess = (suppressedError) => {
+		const durationMs = Date.now() - startTime;
+		const durationSeconds = Math.round(durationMs / 1e3);
+		if (suppressedError) {
+			logToFile(`Ignoring post-completion error, agent completed successfully in ${durationSeconds}s`);
+			logToFile("Suppressed error:", suppressedError.message);
+		} else logToFile(`Agent run completed in ${durationSeconds}s`);
+		const outputText = collectedText.join("\n");
+		const remarkRegex = new RegExp(`${AgentSignals.WIZARD_REMARK.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")}\\s*(.+?)(?:\\n|$)`, "s");
+		const remarkMatch = outputText.match(remarkRegex);
+		if (remarkMatch && remarkMatch[1]) {
+			const remark = remarkMatch[1].trim();
+			if (remark) analytics.capture(WIZARD_REMARK_EVENT_NAME, { remark });
+		}
+		analytics.wizardCapture("agent completed", {
+			duration_ms: durationMs,
+			duration_seconds: durationSeconds
+		});
+		try {
+			middleware?.finalize(lastResultMessage, durationMs);
+		} catch (e) {
+			logToFile(`${AgentSignals.BENCHMARK} Middleware finalize error:`, e);
+		}
+		spinner.stop(successMessage);
+		return {};
+	};
+	let eventPlanWatcher;
+	let eventPlanInterval;
+	const abortController = new AbortController();
+	let abortReason = null;
+	try {
+		const allowedTools = [
+			"Read",
+			"Write",
+			"Edit",
+			"Glob",
+			"Grep",
+			"Bash",
+			"ListMcpResourcesTool",
+			"Skill",
+			...WIZARD_TOOL_NAMES
+		];
+		const response = query({
+			prompt: createPromptStream(),
+			options: {
+				abortController,
+				model: agentConfig.model,
+				cwd: agentConfig.workingDirectory,
+				permissionMode: "acceptEdits",
+				betas: ["context-1m-2025-08-07"],
+				mcpServers: agentConfig.mcpServers,
+				settingSources: ["project"],
+				allowedTools,
+				sandbox: {
+					enabled: true,
+					allowUnsandboxedCommands: false,
+					filesystem: { allowWrite: [
+						"/" + agentConfig.workingDirectory,
+						"/" + agentConfig.workingDirectory + "/**",
+						"//tmp",
+						"//tmp/**",
+						"//private/tmp",
+						"//private/tmp/**",
+						"~/Library/pnpm/store/**",
+						"~/.local/share/pnpm/store/**",
+						"~/.pnpm-store/**",
+						"~/.npm/**",
+						"~/.yarn/**",
+						"~/.yarn/berry/**"
+					] },
+					network: { allowedDomains: [
+						"github.com",
+						"api.github.com",
+						"raw.githubusercontent.com",
+						"release-assets.githubusercontent.com",
+						"objects.githubusercontent.com"
+					] }
+				},
+				env: {
+					...process.env,
+					ANTHROPIC_API_KEY: void 0,
+					ENABLE_TOOL_SEARCH: "auto:0",
+					ANTHROPIC_CUSTOM_HEADERS: buildAgentEnv(agentConfig.wizardMetadata ?? {}, agentConfig.wizardFlags ?? {})
+				},
+				canUseTool: (toolName, input) => {
+					logToFile("canUseTool called:", {
+						toolName,
+						input
+					});
+					const result = wizardCanUseTool(toolName, input);
+					logToFile("canUseTool result:", result);
+					return Promise.resolve(result);
+				},
+				systemPrompt: {
+					type: "preset",
+					preset: "claude_code",
+					append: getWizardCommandments()
+				},
+				tools: {
+					type: "preset",
+					preset: "claude_code"
+				},
+				stderr: (data) => {
+					logToFile("CLI stderr:", data);
+					if (options.debug) debug("CLI stderr:", data);
+				},
+				hooks: {
+					PreToolUse: createPreToolUseYaraHooks(),
+					PostToolUse: createPostToolUseYaraHooks(),
+					Stop: [{
+						hooks: [createStopHook(config?.additionalFeatureQueue ?? [], collectedText)],
+						timeout: 30
+					}]
+				}
+			}
+		});
+		const eventPlanPath = path.join(agentConfig.workingDirectory, ".posthog-events.json");
+		const readEventPlan = () => {
+			try {
+				const content = fs$1.readFileSync(eventPlanPath, "utf-8");
+				const parsed = JSON.parse(content);
+				if (Array.isArray(parsed)) getUI().setEventPlan(parsed.map((e) => ({
+					name: e.name ?? e.event ?? "",
+					description: e.description ?? ""
+				})));
+			} catch {}
+		};
+		try {
+			eventPlanWatcher = fs$1.watch(eventPlanPath, () => readEventPlan());
+			readEventPlan();
+		} catch {
+			eventPlanInterval = setInterval(() => {
+				try {
+					fs$1.accessSync(eventPlanPath);
+					readEventPlan();
+					clearInterval(eventPlanInterval);
+					eventPlanInterval = void 0;
+					eventPlanWatcher = fs$1.watch(eventPlanPath, () => readEventPlan());
+				} catch {}
+			}, 1e3);
+		}
+		for await (const message of response) {
+			if (!loggedInitialContext && message.type === "assistant") {
+				const usage = message.message?.usage;
+				if (usage) {
+					const input = usage.input_tokens ?? 0;
+					const cacheCreation = usage.cache_creation_input_tokens ?? 0;
+					const cacheRead = usage.cache_read_input_tokens ?? 0;
+					const initialTokens = input + cacheCreation + cacheRead;
+					logToFile(`Initial context: ${initialTokens} tokens (input=${input}, cache_creation=${cacheCreation}, cache_read=${cacheRead})`);
+					analytics.wizardCapture("agent initial context", {
+						initial_tokens: initialTokens,
+						input_tokens: input,
+						cache_creation_input_tokens: cacheCreation,
+						cache_read_input_tokens: cacheRead
+					});
+				}
+				loggedInitialContext = true;
+			}
+			handleSDKMessage(message, options, spinner, collectedText, receivedSuccessResult);
+			if (abortCases.length > 0 && !abortReason && message.type === "assistant") {
+				const content = message.message?.content;
+				if (Array.isArray(content)) {
+					for (const block of content) if (block.type === "text" && typeof block.text === "string") {
+						const match = block.text.match(/\[ABORT\]\s*(.+?)(?:\n|$)/);
+						if (match) {
+							abortReason = match[1].trim();
+							logToFile(`Agent emitted [ABORT]: ${abortReason}`);
+							abortController.abort();
+							signalDone();
+							break;
+						}
+					}
+				}
+			}
+			if (message.type === "assistant" && collectedText.join("\n").includes("API Error: 401")) {
+				signalDone();
+				spinner.stop("Authentication failed");
+				logToFile("Agent error: 401, showing auth error screen");
+				getUI().showAuthError();
+				await wizardAbort({
+					message: "Authentication failed (401)",
+					error: new WizardError("Authentication failed")
+				});
+			}
+			try {
+				middleware?.onMessage(message);
+			} catch (e) {
+				logToFile(`${AgentSignals.BENCHMARK} Middleware onMessage error:`, e);
+			}
+			if (message.type === "result") {
+				if (message.subtype === "success" && !message.is_error) {
+					receivedSuccessResult = true;
+					lastResultMessage = message;
+				}
+				signalDone();
+			}
+		}
+		if (abortReason) {
+			spinner.stop("Wizard aborted");
+			return {
+				error: "WIZARD_ABORT",
+				message: abortReason
+			};
+		}
+		const outputText = collectedText.join("\n");
+		const yaraResult = checkYaraViolation(outputText, spinner);
+		if (yaraResult) return yaraResult;
+		if (outputText.includes(AgentSignals.ERROR_MCP_MISSING)) {
+			logToFile("Agent error: MCP_MISSING");
+			spinner.stop("Agent could not access PostHog MCP");
+			return { error: "WIZARD_MCP_MISSING" };
+		}
+		if (outputText.includes(AgentSignals.ERROR_RESOURCE_MISSING)) {
+			logToFile("Agent error: RESOURCE_MISSING");
+			spinner.stop("Agent could not access setup resource");
+			return { error: "WIZARD_RESOURCE_MISSING" };
+		}
+		const apiErrorMatch = outputText.match(/API Error: [^\n]+/g);
+		const apiErrorMessage = apiErrorMatch ? apiErrorMatch.join("\n") : "Unknown API error";
+		if (outputText.includes("API Error: 429")) {
+			logToFile("Agent error: RATE_LIMIT");
+			spinner.stop("Rate limit exceeded");
+			return {
+				error: "WIZARD_RATE_LIMIT",
+				message: apiErrorMessage
+			};
+		}
+		if (outputText.includes("API Error:")) {
+			logToFile("Agent error: API_ERROR");
+			spinner.stop("API error occurred");
+			return {
+				error: "WIZARD_API_ERROR",
+				message: apiErrorMessage
+			};
+		}
+		return completeWithSuccess();
+	} catch (error) {
+		signalDone();
+		if (abortReason) {
+			spinner.stop("Wizard aborted");
+			return {
+				error: "WIZARD_ABORT",
+				message: abortReason
+			};
+		}
+		if (receivedSuccessResult) return completeWithSuccess(error);
+		const outputText = collectedText.join("\n");
+		const yaraResult = checkYaraViolation(outputText, spinner);
+		if (yaraResult) return yaraResult;
+		const apiErrorMatch = outputText.match(/API Error: [^\n]+/g);
+		const apiErrorMessage = apiErrorMatch ? apiErrorMatch.join("\n") : "Unknown API error";
+		if (outputText.includes("API Error: 429")) {
+			logToFile("Agent error (caught): RATE_LIMIT");
+			spinner.stop("Rate limit exceeded");
+			return {
+				error: "WIZARD_RATE_LIMIT",
+				message: apiErrorMessage
+			};
+		}
+		if (outputText.includes("API Error:")) {
+			logToFile("Agent error (caught): API_ERROR");
+			spinner.stop("API error occurred");
+			return {
+				error: "WIZARD_API_ERROR",
+				message: apiErrorMessage
+			};
+		}
+		spinner.stop(errorMessage);
+		getUI().log.error(`Error: ${error.message}`);
+		logToFile("Agent run failed:", error);
+		debug("Full error:", error);
+		throw error;
+	} finally {
+		eventPlanWatcher?.close();
+		if (eventPlanInterval) clearInterval(eventPlanInterval);
+		if (!receivedSuccessResult) {
+			const durationMs = Date.now() - startTime;
+			analytics.wizardCapture("agent aborted", {
+				duration_ms: durationMs,
+				duration_seconds: Math.round(durationMs / 1e3)
+			});
+		}
+	}
+}
+/**
+* Handle SDK messages and provide user feedback
+*
+* @param receivedSuccessResult - If true, suppress user-facing error output for cleanup errors
+*                          while still logging to file. The SDK may emit a second error
+*                          result after success due to cleanup race conditions.
+*/
+function handleSDKMessage(message, options, spinner, collectedText, receivedSuccessResult = false) {
+	logToFile(`SDK Message: ${message.type}`, JSON.stringify(message, null, 2));
+	if (options.debug) debug(`SDK Message type: ${message.type}`);
+	switch (message.type) {
+		case "assistant": {
+			const content = message.message?.content;
+			if (Array.isArray(content)) for (const block of content) {
+				if (block.type === "text" && typeof block.text === "string") {
+					collectedText.push(block.text);
+					const statusRegex = new RegExp(`^.*${AgentSignals.STATUS.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")}\\s*(.+?)$`, "m");
+					const statusMatch = block.text.match(statusRegex);
+					if (statusMatch) {
+						const statusText = statusMatch[1].trim();
+						getUI().pushStatus(statusText);
+						spinner.message(statusText);
+					}
+				}
+				if (block.type === "tool_use" && block.name === "TodoWrite" && block.input?.todos && Array.isArray(block.input.todos)) getUI().syncTodos(block.input.todos);
+			}
+			break;
+		}
+		case "result":
+			if (message.is_error) {
+				logToFile("Agent result with error:", message.result);
+				if (typeof message.result === "string") collectedText.push(message.result);
+				if (message.errors && !receivedSuccessResult) for (const err of message.errors) {
+					getUI().log.error(`Error: ${err}`);
+					logToFile("ERROR:", err);
+				}
+			} else if (message.subtype === "success") {
+				logToFile("Agent completed successfully");
+				if (typeof message.result === "string") collectedText.push(message.result);
+			} else {
+				logToFile("Agent result with error:", message.result);
+				if (message.errors && !receivedSuccessResult) for (const err of message.errors) {
+					getUI().log.error(`Error: ${err}`);
+					logToFile("ERROR:", err);
+				}
+			}
+			break;
+		case "system":
+			if (message.subtype === "init") logToFile("Agent session initialized", {
+				model: message.model,
+				tools: message.tools?.length,
+				mcpServers: message.mcp_servers
+			});
+			break;
+		default:
+			if (options.debug) debug(`Unhandled message type: ${message.type}`);
+			break;
+	}
+}
+//#endregion
+//#region src/lib/health-checks/statuspage.ts
+function mapIndicator(v) {
+	switch (v) {
+		case "none": return "healthy";
+		case "minor": return "degraded";
+		case "major":
+		case "critical": return "down";
+		default: return "degraded";
+	}
+}
+function mapComponentRaw(v) {
+	switch (v) {
+		case "operational": return "healthy";
+		case "degraded_performance":
+		case "under_maintenance": return "degraded";
+		case "partial_outage":
+		case "major_outage": return "down";
+		default: return "degraded";
+	}
+}
+function errResult$1(error) {
+	return {
+		status: "degraded",
+		error
+	};
+}
+async function fetchStatuspageIndicator(url, timeoutMs = 5e3) {
+	try {
+		const controller = new AbortController();
+		const tid = setTimeout(() => controller.abort(), timeoutMs);
+		const res = await fetch(url, { signal: controller.signal });
+		clearTimeout(tid);
+		if (!res.ok) return errResult$1(`HTTP ${res.status}`);
+		const indicator = (await res.json()).status?.indicator ?? null;
+		return {
+			status: mapIndicator(indicator),
+			rawIndicator: indicator ?? void 0
+		};
+	} catch (e) {
+		if (e instanceof Error && e.name === "AbortError") return errResult$1("Request timed out");
+		return errResult$1(e instanceof Error ? e.message : "Unknown error");
+	}
+}
+async function fetchStatuspageSummary(url, timeoutMs = 5e3) {
+	try {
+		const controller = new AbortController();
+		const tid = setTimeout(() => controller.abort(), timeoutMs);
+		const res = await fetch(url, { signal: controller.signal });
+		clearTimeout(tid);
+		if (!res.ok) return errResult$1(`HTTP ${res.status}`);
+		const data = await res.json();
+		const indicator = data.status?.indicator ?? null;
+		const overall = mapIndicator(indicator);
+		const affected = (data.components ?? []).map((c) => ({
+			name: c.name,
+			status: mapComponentRaw(c.status),
+			rawStatus: c.status
+		})).filter((c) => c.status !== "healthy");
+		return {
+			status: affected.length > 0 ? "degraded" : overall,
+			rawIndicator: indicator ?? void 0,
+			degradedOrDownComponents: affected.length > 0 ? affected : void 0
+		};
+	} catch (e) {
+		if (e instanceof Error && e.name === "AbortError") return errResult$1("Request timed out");
+		return errResult$1(e instanceof Error ? e.message : "Unknown error");
+	}
+}
+const checkAnthropicHealth = () => fetchStatuspageIndicator("https://status.claude.com/api/v2/status.json");
+const checkGithubHealth = () => fetchStatuspageIndicator("https://www.githubstatus.com/api/v2/status.json");
+const checkNpmOverallHealth = () => fetchStatuspageIndicator("https://status.npmjs.org/api/v2/status.json");
+const checkNpmComponentHealth = () => fetchStatuspageSummary("https://status.npmjs.org/api/v2/summary.json");
+const checkCloudflareOverallHealth = () => fetchStatuspageIndicator("https://www.cloudflarestatus.com/api/v2/status.json");
+const checkCloudflareComponentHealth = () => fetchStatuspageSummary("https://www.cloudflarestatus.com/api/v2/summary.json");
+//#endregion
+//#region src/lib/health-checks/incidentio.ts
+function mapIncidentImpact(impact) {
+	switch (impact) {
+		case "full_outage": return "down";
+		case "partial_outage":
+		case "degraded_performance": return "degraded";
+		default: return "degraded";
+	}
+}
+function mapComponentStatus(status) {
+	switch (status) {
+		case "operational": return "healthy";
+		case "full_outage": return "down";
+		case "partial_outage":
+		case "degraded_performance": return "degraded";
+		default: return "degraded";
+	}
+}
+function errResult(error) {
+	return {
+		status: "degraded",
+		error
+	};
+}
+const POSTHOG_STATUS_URL = "https://www.posthogstatus.com/api/v1/summary";
+async function fetchPosthogStatus(timeoutMs = 5e3) {
+	try {
+		const controller = new AbortController();
+		const tid = setTimeout(() => controller.abort(), timeoutMs);
+		const res = await fetch(POSTHOG_STATUS_URL, { signal: controller.signal });
+		clearTimeout(tid);
+		if (!res.ok) {
+			const err = errResult(`HTTP ${res.status}`);
+			return {
+				overall: err,
+				components: err
+			};
+		}
+		const incidents = (await res.json()).ongoing_incidents ?? [];
+		if (incidents.length === 0) return {
+			overall: { status: "healthy" },
+			components: { status: "healthy" }
+		};
+		let worstOverall = "degraded";
+		const affected = [];
+		for (const incident of incidents) {
+			if (mapIncidentImpact(incident.current_worst_impact) === "down") worstOverall = "down";
+			for (const comp of incident.affected_components ?? []) {
+				const compStatus = mapComponentStatus(comp.current_status);
+				if (compStatus !== "healthy") affected.push({
+					name: comp.group_name ? `${comp.group_name} — ${comp.name}` : comp.name,
+					status: compStatus,
+					rawStatus: comp.current_status
+				});
+			}
+		}
+		return {
+			overall: { status: worstOverall },
+			components: {
+				status: affected.length > 0 ? "degraded" : worstOverall,
+				degradedOrDownComponents: affected.length > 0 ? affected : void 0
+			}
+		};
+	} catch (e) {
+		if (e instanceof Error && e.name === "AbortError") {
+			const err = errResult("Request timed out");
+			return {
+				overall: err,
+				components: err
+			};
+		}
+		const err = errResult(e instanceof Error ? e.message : "Unknown error");
+		return {
+			overall: err,
+			components: err
+		};
+	}
+}
+let _cache = null;
+function getPosthogHealth() {
+	if (!_cache) _cache = fetchPosthogStatus();
+	return _cache;
+}
+const checkPosthogOverallHealth = async () => (await getPosthogHealth()).overall;
+const checkPosthogComponentHealth = async () => (await getPosthogHealth()).components;
+//#endregion
+//#region src/lib/health-checks/endpoints.ts
+function downResult(error) {
+	return {
+		status: "down",
+		error
+	};
+}
+async function fetchEndpointHealth(url, timeoutMs = 5e3, expectedStatus = 200) {
+	try {
+		const controller = new AbortController();
+		const tid = setTimeout(() => controller.abort(), timeoutMs);
+		const res = await fetch(url, { signal: controller.signal });
+		clearTimeout(tid);
+		if (res.status === expectedStatus) return {
+			status: "healthy",
+			rawIndicator: `HTTP ${res.status}`
+		};
+		return downResult(`HTTP ${res.status}`);
+	} catch (e) {
+		if (e instanceof Error && e.name === "AbortError") return downResult("Request timed out");
+		return downResult(e instanceof Error ? e.message : "Unknown error");
+	}
+}
+const checkLlmGatewayHealth = () => fetchEndpointHealth("https://gateway.us.posthog.com/_liveness");
+const checkMcpHealth = () => fetchEndpointHealth("https://mcp.posthog.com/");
+const checkGithubReleasesHealth = () => fetchEndpointHealth(`${REMOTE_SKILLS_BASE_URL}/skill-menu.json`);
+//#endregion
+//#region src/lib/health-checks/readiness.ts
+const SERVICE_LABELS = {
+	anthropic: "Anthropic",
+	posthogOverall: "PostHog",
+	posthogComponents: "PostHog (components)",
+	github: "GitHub",
+	npmOverall: "npm",
+	npmComponents: "npm (components)",
+	cloudflareOverall: "Cloudflare",
+	cloudflareComponents: "Cloudflare (components)",
+	llmGateway: "LLM Gateway",
+	mcp: "MCP",
+	githubReleases: "GitHub Releases"
+};
+/**
+* See README section "Health checks" for the full rationale.
+* Adjust these arrays to change what blocks a wizard run.
+*/
+const DEFAULT_WIZARD_READINESS_CONFIG = {
+	downBlocksRun: [
+		"anthropic",
+		"npmOverall",
+		"llmGateway",
+		"mcp",
+		"githubReleases"
+	],
+	degradedBlocksRun: ["anthropic"]
+};
+async function checkAllExternalServices() {
+	const [anthropic, posthogOverall, posthogComponents, github, npmOverall, npmComponents, cloudflareOverall, cloudflareComponents, llmGateway, mcp, githubReleases] = await Promise.all([
+		checkAnthropicHealth(),
+		checkPosthogOverallHealth(),
+		checkPosthogComponentHealth(),
+		checkGithubHealth(),
+		checkNpmOverallHealth(),
+		checkNpmComponentHealth(),
+		checkCloudflareOverallHealth(),
+		checkCloudflareComponentHealth(),
+		checkLlmGatewayHealth(),
+		checkMcpHealth(),
+		checkGithubReleasesHealth()
+	]);
+	return {
+		anthropic,
+		posthogOverall,
+		posthogComponents,
+		github,
+		npmOverall,
+		npmComponents,
+		cloudflareOverall,
+		cloudflareComponents,
+		llmGateway,
+		mcp,
+		githubReleases
+	};
+}
+function describeResult(label, h) {
+	const parts = [`${label}: ${h.status}`];
+	if (h.rawIndicator) parts.push(`indicator=${h.rawIndicator}`);
+	if (h.error) parts.push(h.error);
+	return parts.join(" — ");
+}
+const MAX_COMPONENT_NAMES = 8;
+function describeComponents(label, h) {
+	const affected = h.degradedOrDownComponents;
+	if (!affected || affected.length === 0) return `${label} components: all operational`;
+	const shown = affected.slice(0, MAX_COMPONENT_NAMES).map((c) => `${c.name} (${c.status})`);
+	const suffix = affected.length > MAX_COMPONENT_NAMES ? `, +${affected.length - MAX_COMPONENT_NAMES} more` : "";
+	return `${label} components impacted: ${shown.join(", ")}${suffix}`;
+}
+const READINESS_TIMEOUT_MS = 1e4;
+async function evaluateWizardReadiness(config = DEFAULT_WIZARD_READINESS_CONFIG) {
+	try {
+		const health = await Promise.race([checkAllExternalServices(), new Promise((resolve) => setTimeout(() => resolve(allUnknown("Health check timed out")), READINESS_TIMEOUT_MS))]);
+		const reasons = [];
+		for (const key of Object.keys(health)) {
+			const result = health[key];
+			const label = SERVICE_LABELS[key];
+			reasons.push(describeResult(label, result));
+			if ("degradedOrDownComponents" in result) reasons.push(describeComponents(label, result));
+		}
+		const blockingKeys = getBlockingServiceKeys(health, config);
+		if (blockingKeys.length > 0) {
+			logToFile(`[health-checks] blocked by: ${blockingKeys.join(", ")}`);
+			return {
+				decision: "no",
+				health,
+				reasons
+			};
+		}
+		if (Object.values(health).some((h) => h.status !== "healthy")) return {
+			decision: "yes_with_warnings",
+			health,
+			reasons
+		};
+		return {
+			decision: "yes",
+			health,
+			reasons
+		};
+	} catch (err) {
+		logToFile(`[health-checks] error: ${err instanceof Error ? err.message : err}`);
+		return {
+			decision: "yes",
+			health: allUnknown("Unexpected error"),
+			reasons: ["Health check failed unexpectedly — proceeding anyway"]
+		};
+	}
+}
+/** Keys that are component-level detail, not top-level services. */
+const COMPONENT_KEYS = [
+	"posthogComponents",
+	"npmComponents",
+	"cloudflareComponents"
+];
+/**
+* Get the keys of services that would block a wizard run per the given config.
+*/
+function getBlockingServiceKeys(health, config = DEFAULT_WIZARD_READINESS_CONFIG) {
+	return Object.keys(health).filter((key) => {
+		if (COMPONENT_KEYS.includes(key)) return false;
+		const result = health[key];
+		if (config.downBlocksRun.includes(key) && result.status === "down") return true;
+		if ((config.degradedBlocksRun ?? []).includes(key) && result.status !== "healthy") return true;
+		return false;
+	});
+}
+/** Build an AllServicesHealth where every service is Degraded with the given error. */
+function allUnknown(error) {
+	const base = {
+		status: "degraded",
+		error
+	};
+	return {
+		anthropic: base,
+		posthogOverall: base,
+		posthogComponents: { ...base },
+		github: base,
+		npmOverall: base,
+		npmComponents: { ...base },
+		cloudflareOverall: base,
+		cloudflareComponents: { ...base },
+		llmGateway: base,
+		mcp: base,
+		githubReleases: base
+	};
+}
+//#endregion
+export { backupAndFixClaudeSettings as a, initializeAgent as c, formatScanReport as d, writeScanReport as f, installSkillById as h, AgentSignals as i, restoreClaudeSettings as l, fetchSkillMenu as m, evaluateWizardReadiness as n, buildWizardMetadata as o, downloadSkill as p, getBlockingServiceKeys as r, checkAllSettingsConflicts as s, SERVICE_LABELS as t, runAgent as u };
+//# sourceMappingURL=readiness-Dn7eq8NE.js.map