@rubytech/create-maxy-code 0.1.244 → 0.1.247

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. package/package.json +1 -1
  2. package/payload/platform/docs/superpowers/plans/2026-06-04-public-agent-knowledge-delivery.md +230 -0
  3. package/payload/platform/plugins/admin/.claude-plugin/plugin.json +1 -1
  4. package/payload/platform/plugins/admin/PLUGIN.md +4 -1
  5. package/payload/platform/plugins/admin/hooks/__tests__/pin-identity-gate.test.sh +96 -0
  6. package/payload/platform/plugins/admin/hooks/pin-identity-gate.sh +136 -0
  7. package/payload/platform/plugins/admin/mcp/dist/__tests__/admin-identity-authenticate.test.d.ts +2 -0
  8. package/payload/platform/plugins/admin/mcp/dist/__tests__/admin-identity-authenticate.test.d.ts.map +1 -0
  9. package/payload/platform/plugins/admin/mcp/dist/__tests__/admin-identity-authenticate.test.js +34 -0
  10. package/payload/platform/plugins/admin/mcp/dist/__tests__/admin-identity-authenticate.test.js.map +1 -0
  11. package/payload/platform/plugins/admin/mcp/dist/__tests__/skill-no-prescribed-role.test.d.ts +2 -0
  12. package/payload/platform/plugins/admin/mcp/dist/__tests__/skill-no-prescribed-role.test.d.ts.map +1 -0
  13. package/payload/platform/plugins/admin/mcp/dist/__tests__/skill-no-prescribed-role.test.js +50 -0
  14. package/payload/platform/plugins/admin/mcp/dist/__tests__/skill-no-prescribed-role.test.js.map +1 -0
  15. package/payload/platform/plugins/admin/mcp/dist/index.js +9 -1
  16. package/payload/platform/plugins/admin/mcp/dist/index.js.map +1 -1
  17. package/payload/platform/plugins/admin/mcp/dist/tools/admin-identity-authenticate.d.ts +6 -0
  18. package/payload/platform/plugins/admin/mcp/dist/tools/admin-identity-authenticate.d.ts.map +1 -0
  19. package/payload/platform/plugins/admin/mcp/dist/tools/admin-identity-authenticate.js +32 -0
  20. package/payload/platform/plugins/admin/mcp/dist/tools/admin-identity-authenticate.js.map +1 -0
  21. package/payload/platform/plugins/admin/skills/investigate/SKILL.md +34 -17
  22. package/payload/platform/plugins/admin/skills/platform-architecture/SKILL.md +16 -16
  23. package/payload/platform/plugins/admin/skills/public-agent-manager/SKILL.md +37 -56
  24. package/payload/platform/plugins/admin/skills/publish-site/SKILL.md +5 -0
  25. package/payload/platform/plugins/admin/skills/unzip-attachment/SKILL.md +5 -0
  26. package/payload/platform/plugins/admin/skills/update-knowledge/SKILL.md +5 -0
  27. package/payload/platform/plugins/cloudflare/.claude-plugin/plugin.json +1 -1
  28. package/payload/platform/plugins/cloudflare/PLUGIN.md +10 -7
  29. package/payload/platform/plugins/cloudflare/references/api.md +166 -0
  30. package/payload/platform/plugins/cloudflare/references/d1-data-capture.md +157 -0
  31. package/payload/platform/plugins/cloudflare/references/dashboard-guide.md +6 -6
  32. package/payload/platform/plugins/cloudflare/references/hosting-sites.md +66 -0
  33. package/payload/platform/plugins/cloudflare/references/manual-setup.md +5 -3
  34. package/payload/platform/plugins/cloudflare/skills/cloudflare/SKILL.md +72 -0
  35. package/payload/platform/plugins/docs/references/admin-identity-gate.md +81 -0
  36. package/payload/platform/plugins/docs/references/cloudflare.md +4 -4
  37. package/payload/platform/plugins/docs/references/deployment.md +1 -1
  38. package/payload/platform/plugins/memory/skills/conversation-archive-enrich/SKILL.md +1 -0
  39. package/payload/platform/plugins/memory/skills/conversational-memory/SKILL.md +5 -0
  40. package/payload/platform/plugins/workflows/skills/workflow-manager/SKILL.md +5 -0
  41. package/payload/platform/scripts/check-skill-frontmatter.mjs +139 -0
  42. package/payload/platform/scripts/setup-account.sh +21 -8
  43. package/payload/platform/services/claude-session-manager/dist/admin-identity-audit.d.ts +39 -0
  44. package/payload/platform/services/claude-session-manager/dist/admin-identity-audit.d.ts.map +1 -0
  45. package/payload/platform/services/claude-session-manager/dist/admin-identity-audit.js +133 -0
  46. package/payload/platform/services/claude-session-manager/dist/admin-identity-audit.js.map +1 -0
  47. package/payload/platform/services/claude-session-manager/dist/canonical-tool-names.generated.d.ts.map +1 -1
  48. package/payload/platform/services/claude-session-manager/dist/canonical-tool-names.generated.js +1 -0
  49. package/payload/platform/services/claude-session-manager/dist/canonical-tool-names.generated.js.map +1 -1
  50. package/payload/platform/services/claude-session-manager/dist/index.js +17 -0
  51. package/payload/platform/services/claude-session-manager/dist/index.js.map +1 -1
  52. package/payload/platform/services/claude-session-manager/dist/jsonl-tail.d.ts +12 -0
  53. package/payload/platform/services/claude-session-manager/dist/jsonl-tail.d.ts.map +1 -1
  54. package/payload/platform/services/claude-session-manager/dist/jsonl-tail.js +1 -1
  55. package/payload/platform/services/claude-session-manager/dist/jsonl-tail.js.map +1 -1
  56. package/payload/platform/services/claude-session-manager/dist/pty-spawner.d.ts +1 -1
  57. package/payload/platform/services/claude-session-manager/dist/pty-spawner.d.ts.map +1 -1
  58. package/payload/platform/services/claude-session-manager/dist/pty-spawner.js +31 -5
  59. package/payload/platform/services/claude-session-manager/dist/pty-spawner.js.map +1 -1
  60. package/payload/platform/services/claude-session-manager/dist/system-prompt.d.ts +2 -1
  61. package/payload/platform/services/claude-session-manager/dist/system-prompt.d.ts.map +1 -1
  62. package/payload/platform/services/claude-session-manager/dist/system-prompt.js +39 -6
  63. package/payload/platform/services/claude-session-manager/dist/system-prompt.js.map +1 -1
  64. package/payload/platform/templates/agents/admin/IDENTITY.md +1 -1
  65. package/payload/platform/templates/specialists/agents/personal-assistant.md +2 -2
  66. package/payload/server/{chunk-SRO5RFMV.js → chunk-JMEX5NRX.js} +1 -3
  67. package/payload/server/maxy-edge.js +1 -1
  68. package/payload/server/server.js +261 -153
  69. package/payload/platform/plugins/cloudflare/skills/setup-tunnel/SKILL.md +0 -55
  70. package/payload/platform/templates/agents/public/SOUL.md +0 -19
  71. package/payload/platform/templates/agents/public/config.json +0 -8
@@ -1,55 +0,0 @@
1
- ---
2
- name: setup-tunnel
3
- description: Cloudflare Tunnel setup, diagnosis, and reset — the agent drives cloudflared directly via Bash, following the manual runbook step by step, and proves success with an external HTTP 200.
4
- ---
5
-
6
- # Cloudflare operations
7
-
8
- Every Cloudflare task — setup, diagnosis, reset, DNS edit — is driven by the agent invoking `cloudflared` directly via the Bash tool, following the numbered steps in `references/manual-setup.md`. There are no Cloudflare MCP tools; the plugin registers none. There is no shell-script wrapper, no state machine, no orchestrator. The PTY surface streams `cloudflared` stdout and stderr verbatim into chat, and the operator's own browser handles the OAuth click. The agent's job is to pick the right step from the runbook, collect the inputs it needs, run the command in Bash, relay the literal output, and verify the outcome with an external `curl`.
9
-
10
- ## Outcome contract — what "done" means
11
-
12
- A Cloudflare setup is done when, and only when, `curl -I https://<hostname>` issued from outside the local network returns `HTTP/2 200` (or `HTTP/1.1 200 OK`) and the response is surfaced verbatim in chat. No state file, no `result=ok` phase line, no "service is active" claim substitutes for the live HTTP response. If the curl returns anything other than 200, the setup is not done — diagnose with `cloudflared tunnel info <tunnelId>` and `systemctl --user status ${BRAND}-cloudflared.service` and recover per `references/manual-setup.md`.
13
-
14
- ## Inputs
15
-
16
- Four inputs come from the operator in chat: the admin FQDN, optional public FQDN, optional apex FQDN, and the admin password. `BRAND` is derived from disk — never hardcoded — with `BRAND=$(jq -r .hostname ~/.<configDir>/brand.json)`. The same install can host different brands on different ports; `brand.json.hostname` is the only authoritative source.
17
-
18
- ## Execution
19
-
20
- The agent reads `references/manual-setup.md` and executes its steps with Bash. Every `cloudflared` invocation's stdout and stderr are relayed into chat verbatim — the operator sees the same output the agent does. The OAuth URL printed by `cloudflared tunnel login` is linkified by the native PTY; the operator clicks it in their own browser. The agent does not spawn a browser, automate the Cloudflare consent page, or drive the dashboard via Playwright or Chrome DevTools.
21
-
22
- Mutations the agent performs from the runbook (each one only after reading the relevant step):
23
-
24
- - `cloudflared tunnel login` — emits the OAuth URL; cert lands at `~/.cloudflared/cert.pem` after the operator authorises.
25
- - `cloudflared tunnel --origincert <cert> create <name>` — produces `<tunnelId>.json` credentials.
26
- - Write `~/.${BRAND}/cloudflared/config.yml` (ingress block per the runbook).
27
- - `cloudflared tunnel --origincert <cert> route dns <tunnelId> <hostname>` — one call per non-apex hostname.
28
- - For non-admin hostnames not starting with `public.`, append to `~/.${BRAND}/alias-domains.json` so `isPublicHost()` treats them as public.
29
- - Install + start the `${BRAND}-cloudflared.service` user unit (`systemctl --user daemon-reload && systemctl --user enable --now ${BRAND}-cloudflared.service`).
30
-
31
- After the service is up, the agent runs `curl -I https://<admin-hostname>` and pastes the response. The setup-done claim only fires when a `200` line appears in that response.
32
-
33
- ## Apex hostnames
34
-
35
- The CLI cannot route apex records (e.g. `maxy.chat`). When an apex is supplied, the agent quotes the `ACTION REQUIRED` block from `references/manual-setup.md` verbatim — the operator edits the apex CNAME in the Cloudflare dashboard. The Cloudflare API and SDK are banned ([[feedback_cf_api_total_eradication]]); dashboard click is the only path.
36
-
37
- ## Reset
38
-
39
- When local Cloudflare state is corrupt or the operator wants to start from a known-good cert, follow `references/reset-guide.md`. The agent issues the relevant `cloudflared tunnel delete` and `rm -rf ~/.${BRAND}/cloudflared/` commands in Bash, then re-runs the setup steps above.
40
-
41
- ## Dashboard guidance
42
-
43
- For operations only the Cloudflare dashboard can do (sign in, switch accounts, add a site, edit an apex CNAME, verify zone nameservers, delete stale CNAMEs, create URL Rewrite Rules), quote the relevant click-path from `references/dashboard-guide.md` verbatim. The operator follows it in their browser. The agent does not drive the dashboard programmatically.
44
-
45
- ## Tool discipline — binding
46
-
47
- When the operator's request touches Cloudflare, the agent's permitted actions are:
48
-
49
- - Invoke `cloudflared` via Bash, following the numbered steps in `references/manual-setup.md`.
50
- - Write `config.yml` and `alias-domains.json` per the runbook.
51
- - Install and start the brand's cloudflared user service.
52
- - Quote `references/manual-setup.md`, `references/reset-guide.md`, or `references/dashboard-guide.md` verbatim when guidance is needed.
53
- - Verify reachability via `curl -I https://<hostname>` and surface the response.
54
-
55
- The agent does not call any Cloudflare API or SDK. The agent does not drive the dashboard via Playwright or Chrome DevTools. The agent does not synthesise `cloudflared` flag combinations from web search or training — every command comes from the runbook. When a step fails, the agent reports the exact `cloudflared` output, names the recovery step from `references/reset-guide.md`, and stops. Improvisation — "let me try a different flag" or "let me check the dashboard myself" — is the behaviour this rule exists to prevent.
@@ -1,19 +0,0 @@
1
- # Soul
2
-
3
- ## Personality
4
-
5
- Helpful, precise, warm without being effusive. Speaks for a real business to a real visitor. Not a marketing voice, not a chatbot, not a simulated friend. Treats the visitor's time as the most valuable thing in the conversation.
6
-
7
- Comfortable saying "I don't know" when the answer isn't in the knowledge provided. Honest about what is on offer and what isn't. Never invents detail to fill a gap.
8
-
9
- ## Tone
10
-
11
- Plain language. British English. Plain hyphens, straight quotes, three periods. No emoji. No filler ("just", "simply", "let me", "I'll check"). No narration of internal process ("searching", "looking that up").
12
-
13
- Short answers when the question is short. Longer answers when the visitor genuinely needs the detail: a comparison, a process, a decision. Never padded.
14
-
15
- Direct without being abrupt. The visitor asked for help; help them, and stop when help is delivered.
16
-
17
- ## Greeting
18
-
19
- Open by naming the business and what is on offer. Make it clear in the same breath that the visitor is talking to AI. Natural, not bolted on. Invite the question the visitor came to ask.
@@ -1,8 +0,0 @@
1
- {
2
- "slug": "public",
3
- "displayName": "Public Agent",
4
- "model": "claude-haiku-4-5",
5
- "plugins": ["sales"],
6
- "status": "active",
7
- "knowledgeKeywords": []
8
- }