@semalt-ai/code 1.8.5 → 1.20.0

package/lib/commands/index.js

@@ -0,0 +1,268 @@
+'use strict';
+
+// createCommands — the public command surface, wired from the cohesive modules
+// this directory was split into in Task 1.5:
+//   registry.js        — slash-command registry (source of truth)
+//   history-utils.js   — pure saved-chat message helpers
+//   auth.js            — login / whoami / logout / auth set-key
+//   oneshot.js         — code / edit / shell / models / init (non-interactive)
+//   chat.js            — the interactive chat command (cmdChat)
+//   chat-session.js / chat-slash.js / chat-turn.js — cmdChat internals
+//
+// This module keeps only the shared helpers (resolveTokenLimit, ensureDefaultModel,
+// the catastrophic-shell confirm, the dry-run summary) and the dependency bags
+// passed to each group.
+
+const { CONFIG_PATH, DEFAULT_API_TIMEOUT_MS } = require('../constants');
+const { getSkippedOps } = require('../tools');
+const { keychainSet, ENV_VAR } = require('../secrets');
+const writer = require('../ui/writer');
+const msgs = require('../ui/messages');
+const dbg = require('../debug');
+const { createAuthCommands } = require('./auth');
+const { createOneshotCommands } = require('./oneshot');
+const { createTaskCommands } = require('./tasks');
+const { createChatCommand } = require('./chat');
+const { createMcpManager } = require('../mcp/client');
+const mcpCmd = require('./mcp');
+
+function createCommands({
+  getConfig,
+  setConfig,
+  permissionManager,
+  ui,
+  apiClient,
+  runAgentLoop,
+  readFileContext,
+  agentExecShell,
+  checkpointStore,
+}) {
+  const {
+    BOLD,
+    BG_SELECTED,
+    FG_BLUE,
+    FG_CYAN,
+    FG_DARK,
+    FG_GRAY,
+    FG_GREEN,
+    FG_RED,
+    FG_TEAL,
+    FG_YELLOW,
+    RST,
+    approxTokens,
+    getCols,
+    boxLine,
+    interactiveSelect,
+  } = ui;
+  const {
+    chatStream,
+    chatSync,
+    dashboardCreateChat,
+    dashboardGetChat,
+    dashboardGetModelForCli,
+    dashboardListChats,
+    dashboardListModels,
+    dashboardLogout,
+    dashboardSaveMessages,
+    dashboardWhoAmI,
+    estimateTokens,
+    getCliLoginStatus,
+    requestCliLogin,
+    setActiveModelProfile,
+  } = apiClient;
+
+  const LOGIN_POLL_INTERVAL_MS = 2000;
+  const LOGIN_TIMEOUT_MS = 5 * 60 * 1000;
+
+  function formatUserLine(label, value) {
+    return `  ${FG_CYAN}${label}:${RST} ${FG_GRAY}${value}${RST}`;
+  }
+
+  // Typo-guard confirmation for the catastrophic subset of *user-initiated*
+  // shell commands (disk wipe / fork bomb). agentExecShell calls this via the
+  // `confirm` option only when classifyShellCommand returns 'confirm'. Defaults
+  // to No and refuses outright in non-TTY contexts (no way to ask). `navOpts`
+  // supplies captureNavigation when invoked from inside the chat TUI.
+  async function confirmCatastrophicShell(label, command, navOpts) {
+    if (!process.stdin.isTTY || !process.stdout.isTTY) return false;
+    const idx = await interactiveSelect(
+      ['No, cancel', 'Yes, run it anyway'],
+      (item, isSelected) => {
+        const cursor = isSelected ? `${FG_YELLOW}❯${RST}` : ' ';
+        const style = isSelected ? FG_CYAN : FG_GRAY;
+        return `  ${cursor} ${style}${item}${RST}`;
+      },
+      { initialIndex: 0, ...(navOpts || {}) },
+    );
+    return idx === 1;
+  }
+
+  async function resolveTokenLimit(model) {
+    const config = getConfig();
+    if (config.auth_token && config.dashboard_model_id) {
+      try {
+        const resp = await dashboardGetModelForCli(config.dashboard_model_id);
+        const m = resp && resp.model ? resp.model : null;
+        if (m) {
+          const limit = (Number.isInteger(m.context_length) && m.context_length > 0 ? m.context_length : null)
+            || (Number.isInteger(m.max_tokens) && m.max_tokens > 0 ? m.max_tokens : null);
+          if (limit) {
+            // Persist so chatStream's proactive trimming can use it without an extra API call.
+            if (config.context_length !== limit) {
+              setConfig({ ...config, context_length: limit });
+            }
+            return limit;
+          }
+        }
+      } catch {}
+    }
+    const localModels = Array.isArray(config.models) ? config.models : [];
+    const match = localModels.find(
+      (m) => m.model === model || (m.api_base === config.api_base && m.model === config.default_model)
+    );
+    if (match && Number.isInteger(match.context_length) && match.context_length > 0) return match.context_length;
+    if (Number.isInteger(config.context_length) && config.context_length > 0) return config.context_length;
+    return null;
+  }
+
+  // Pick the first dashboard model when the user is authenticated but has
+  // not selected one yet. Persists credentials to config and returns
+  // { name, modelId } on success; null otherwise (not logged in, already
+  // selected, empty list, or API error).
+  async function ensureDefaultModel() {
+    const config = getConfig();
+    if (!config.auth_token) return null;
+    if (config.default_model && config.dashboard_model_id) return null;
+    let response;
+    try { response = await dashboardListModels(); } catch { return null; }
+    const models = Array.isArray(response && response.models) ? response.models : [];
+    if (!models.length) return null;
+    const first = models[0];
+    let credResp;
+    try { credResp = await dashboardGetModelForCli(first.id); } catch { return null; }
+    const model = credResp && credResp.model ? credResp.model : null;
+    if (!model) return null;
+    const contextLength = (Number.isInteger(model.context_length) && model.context_length > 0 ? model.context_length : null)
+      || (Number.isInteger(model.max_tokens) && model.max_tokens > 0 ? model.max_tokens : null);
+    const updated = { ...config, api_base: model.base_url, api_key: model.api_key, default_model: model.model_id, dashboard_model_id: model.id };
+    if (contextLength !== null) updated.context_length = contextLength;
+    setConfig(updated);
+    return { name: model.name, modelId: model.model_id };
+  }
+
+  function printDryRunSummary() {
+    const ops = getSkippedOps();
+    const files = ops.filter((o) => o.category === 'file');
+    const cmds = ops.filter((o) => o.category === 'cmd');
+    const nets = ops.filter((o) => o.category === 'net');
+    const BOX_W = 40, INNER = BOX_W - 2;
+    const isTTY = process.stdout.isTTY;
+    const stripA = (s) => s.replace(/\x1b\[[^m]*m/g, '');
+    const row = (content) => { const visible = stripA(content).length; const pad = ' '.repeat(Math.max(0, INNER - visible)); return isTTY ? `${FG_TEAL}║${RST}${content}${pad}${FG_TEAL}║${RST}` : `║${stripA(content)}${pad}║`; };
+    const hr40 = (tl, fill, tr) => { const line = tl + fill.repeat(INNER) + tr; return isTTY ? `${FG_TEAL}${line}${RST}` : line; };
+    const out = [
+      '',
+      hr40('╔','═','╗'),
+      row(`  ${isTTY ? BOLD : ''}DRY-RUN SUMMARY${isTTY ? RST : ''}`),
+      hr40('╠','═','╣'),
+      row(`  ✎  Files that would change:   ${files.length}   `),
+      row(`  ▶  Commands that would run:   ${cmds.length}   `),
+      row(`  ↓  Network calls:             ${nets.length}   `),
+      hr40('╚','═','╝'),
+    ];
+    if (ops.length > 0) {
+      out.push('');
+      for (const op of ops) {
+        out.push(isTTY ? `  ${op.symbol}  ${FG_GRAY}${op.desc}${RST}` : `  ${op.symbol}  ${op.desc}`);
+      }
+    }
+    out.push('');
+    writer.scrollback(out.join('\n'));
+  }
+
+  // Dependency bag shared with the non-chat command groups. printDryRunSummary
+  // is a function declaration above (hoisting not required, but kept consistent).
+  const shared = {
+    getConfig, setConfig, permissionManager, runAgentLoop, readFileContext, agentExecShell,
+    chatStream, chatSync, dashboardCreateChat, dashboardGetChat, dashboardGetModelForCli,
+    dashboardListChats, dashboardListModels, dashboardLogout, dashboardSaveMessages, dashboardWhoAmI,
+    estimateTokens, getCliLoginStatus, requestCliLogin, setActiveModelProfile,
+    BOLD, BG_SELECTED, FG_BLUE, FG_CYAN, FG_DARK, FG_GRAY, FG_GREEN, FG_RED, FG_TEAL, FG_YELLOW, RST,
+    approxTokens, getCols, boxLine, interactiveSelect,
+    writer, msgs, dbg,
+    keychainSet, ENV_VAR, CONFIG_PATH, DEFAULT_API_TIMEOUT_MS,
+    LOGIN_POLL_INTERVAL_MS, LOGIN_TIMEOUT_MS,
+    formatUserLine, confirmCatastrophicShell, resolveTokenLimit, ensureDefaultModel, printDryRunSummary,
+  };
+  const authCommands = createAuthCommands(shared);
+  const oneshotCommands = createOneshotCommands(shared);
+  const taskCommands = createTaskCommands(shared);
+  const { cmdChat } = createChatCommand({
+    getConfig, setConfig, permissionManager, ui, apiClient,
+    runAgentLoop, readFileContext, agentExecShell,
+    resolveTokenLimit, ensureDefaultModel, confirmCatastrophicShell,
+    checkpointStore,
+  });
+
+  // `semalt-code mcp <list|status|add|remove|auth>` — manage MCP servers and
+  // report connection status (Task 3.3).
+  async function cmdMcp(sub, argv = []) {
+    const cfg = getConfig();
+    const servers = (cfg.mcp && cfg.mcp.servers) || {};
+
+    if (!sub || sub === 'list') {
+      writer.scrollback(mcpCmd.formatServerList(servers));
+    } else if (sub === 'status') {
+      const mgr = createMcpManager({ getConfig, logger: (m) => writer.scrollback(`  ⚠ ${m}`) });
+      try {
+        const status = await mgr.connectAll();
+        writer.scrollback(mcpCmd.formatStatus(status));
+      } finally {
+        await mgr.shutdown();
+      }
+    } else if (sub === 'add') {
+      try {
+        const { name, spec } = mcpCmd.parseAddArgs(argv);
+        setConfig(mcpCmd.withServerAdded(cfg, name, spec));
+        writer.scrollback(`✓ Added MCP server "${name}".`);
+      } catch (e) { writer.scrollback(`✗ ${e.message}`); }
+    } else if (sub === 'remove') {
+      try {
+        setConfig(mcpCmd.withServerRemoved(cfg, argv[0]));
+        try { require('../mcp/oauth').clearOAuth(argv[0]); } catch { /* ignore */ }
+        writer.scrollback(`✓ Removed MCP server "${argv[0]}".`);
+      } catch (e) { writer.scrollback(`✗ ${e.message}`); }
+    } else if (sub === 'auth') {
+      const name = argv[0];
+      const spec = servers[name];
+      if (!spec) { writer.scrollback(`✗ No such MCP server: ${name}`); }
+      else if (!spec.url) { writer.scrollback(`✗ "${name}" is a stdio server; OAuth applies to http/sse servers.`); }
+      else {
+        writer.scrollback(`Starting OAuth for "${name}" — follow the URL printed below to authorize…`);
+        const oneServer = { mcp: { servers: { [name]: { ...spec, oauth: true } } } };
+        const mgr = createMcpManager({ getConfig: () => oneServer, logger: (m) => writer.scrollback(`  ⚠ ${m}`) });
+        try {
+          const status = await mgr.connectAll();
+          writer.scrollback(mcpCmd.formatStatus(status));
+        } finally {
+          await mgr.shutdown();
+        }
+      }
+    } else {
+      writer.scrollback('Usage: semalt-code mcp <list|status|add|remove|auth>');
+    }
+    await writer.flush();
+  }
+
+  return {
+    cmdChat,
+    cmdMcp,
+    ...oneshotCommands, // cmdCode, cmdEdit, cmdShell, cmdModels, cmdInit
+    ...authCommands,    // cmdLogin, cmdWhoAmI, cmdLogout, cmdAuthSetKey
+    ...taskCommands,    // cmdRun, cmdTasks (Task 5.3)
+  };
+}
+
+module.exports = {
+  createCommands,
+};

package/lib/commands/mcp.js

@@ -0,0 +1,113 @@
+'use strict';
+
+// MCP management commands (Task 3.3).
+// ----------------------------------------------------------------------------
+// Backs both the CLI `semalt-code mcp <list|add|remove|auth>` subcommands and
+// the in-chat `/mcp` status view. Pure-ish: config mutation and status
+// formatting are factored so they can be unit-tested, while the connect/auth
+// side effects live in thin async wrappers.
+//
+// Config shape (under config.mcp.servers[name]):
+//   transport : 'stdio' | 'http' | 'sse'   (default: stdio, or http if `url` set)
+//   command   : string (stdio)             args: string[]   env: {}   cwd: string
+//   url       : string (http/sse)          headers: {}      oauth: bool
+//   allow     : string[]  | allowAll: bool — per-tool / whole-server approval opt-in
+//   disabled  : bool
+
+// One-line-per-server status, e.g. "● fs (stdio) — connected, 3 tools".
+function formatStatus(status) {
+  if (!status || !status.length) {
+    return 'No MCP servers configured. Add one with `semalt-code mcp add <name> <command…>`.';
+  }
+  const glyph = { connected: '●', failed: '✗', disabled: '○', connecting: '◌' };
+  const lines = ['MCP servers:'];
+  for (const s of status) {
+    const g = glyph[s.state] || '?';
+    let line = `  ${g} ${s.name} (${s.transport}) — ${s.state}`;
+    if (s.state === 'connected') line += `, ${s.tools.length} tool${s.tools.length === 1 ? '' : 's'}`;
+    if (s.error) line += ` — ${s.error}`;
+    lines.push(line);
+    if (s.state === 'connected' && s.tools.length) {
+      lines.push(`      ${s.tools.join(', ')}`);
+    }
+  }
+  return lines.join('\n');
+}
+
+// List servers straight from config (no connection), for a quick inventory.
+function formatServerList(servers) {
+  const names = Object.keys(servers || {});
+  if (!names.length) return 'No MCP servers configured.';
+  const lines = ['Configured MCP servers:'];
+  for (const name of names) {
+    const s = servers[name] || {};
+    const transport = s.transport || (s.url ? 'http' : 'stdio');
+    const target = transport === 'stdio'
+      ? `${s.command || '?'}${s.args && s.args.length ? ' ' + s.args.join(' ') : ''}`
+      : (s.url || '?');
+    const approval = s.allowAll ? ' [allowAll]' : (Array.isArray(s.allow) && s.allow.length ? ` [allow: ${s.allow.join(', ')}]` : '');
+    const flags = `${s.disabled ? ' [disabled]' : ''}${s.oauth ? ' [oauth]' : ''}${approval}`;
+    lines.push(`  ${name} (${transport}) → ${target}${flags}`);
+  }
+  return lines.join('\n');
+}
+
+// Pure: produce the next config object with a server added. Throws on bad input.
+function withServerAdded(cfg, name, spec) {
+  if (!name || /\s/.test(name)) throw new Error('server name must be a non-empty token with no spaces');
+  const next = { ...cfg, mcp: { servers: { ...((cfg.mcp && cfg.mcp.servers) || {}) } } };
+  if (next.mcp.servers[name]) throw new Error(`server "${name}" already exists (remove it first)`);
+  next.mcp.servers[name] = spec;
+  return next;
+}
+
+// Pure: produce the next config object with a server removed. Throws if absent.
+function withServerRemoved(cfg, name) {
+  const servers = { ...((cfg.mcp && cfg.mcp.servers) || {}) };
+  if (!servers[name]) throw new Error(`no such MCP server: ${name}`);
+  delete servers[name];
+  return { ...cfg, mcp: { servers } };
+}
+
+// Parse `mcp add` argv into a server spec.
+//   stdio:  mcp add <name> <command> [args...]
+//   remote: mcp add <name> --transport http --url <url> [--oauth] [--header K=V]...
+//   common: [--allow t1,t2 | --allow-all] [--env K=V]... [--cwd dir]
+function parseAddArgs(argv) {
+  const a = argv.slice();
+  const name = a.shift();
+  const spec = {};
+  const env = {};
+  const headers = {};
+  const rest = [];
+  while (a.length) {
+    const tok = a.shift();
+    if (tok === '--transport') spec.transport = a.shift();
+    else if (tok === '--url') { spec.url = a.shift(); if (!spec.transport) spec.transport = 'http'; }
+    else if (tok === '--oauth') spec.oauth = true;
+    else if (tok === '--cwd') spec.cwd = a.shift();
+    else if (tok === '--allow-all') spec.allowAll = true;
+    else if (tok === '--allow') spec.allow = String(a.shift() || '').split(',').map((s) => s.trim()).filter(Boolean);
+    else if (tok === '--env') { const [k, ...v] = String(a.shift() || '').split('='); if (k) env[k] = v.join('='); }
+    else if (tok === '--header') { const [k, ...v] = String(a.shift() || '').split('='); if (k) headers[k] = v.join('='); }
+    else rest.push(tok);
+  }
+  if (Object.keys(env).length) spec.env = env;
+  if (Object.keys(headers).length) spec.headers = headers;
+  // Remaining positionals: command + args for stdio.
+  if (!spec.url) {
+    if (!rest.length) throw new Error('stdio server needs a command: mcp add <name> <command> [args...]');
+    spec.transport = spec.transport || 'stdio';
+    spec.command = rest.shift();
+    if (rest.length) spec.args = rest;
+  }
+  return { name, spec };
+}
+
+module.exports = {
+  formatStatus,
+  formatServerList,
+  withServerAdded,
+  withServerRemoved,
+  parseAddArgs,
+};

package/lib/commands/oneshot.js

@@ -0,0 +1,193 @@
+'use strict';
+
+// One-shot / non-interactive CLI commands (code, edit, shell, models, init) and
+// the dry-run summary, extracted from lib/commands.js in Task 1.5. Bodies are
+// unchanged; collaborators come from the `shared` dependency bag.
+
+const fs = require('fs');
+const { resolveMaxIterations } = require('../config');
+
+function createOneshotCommands(shared) {
+  const {
+    writer, getConfig, setConfig, runAgentLoop, readFileContext, agentExecShell,
+    chatStream, chatSync, dashboardListModels, dashboardGetModelForCli,
+    interactiveSelect, msgs, dbg,
+    ensureDefaultModel, confirmCatastrophicShell, printDryRunSummary,
+    DEFAULT_API_TIMEOUT_MS, CONFIG_PATH,
+    BOLD, BG_SELECTED, FG_CYAN, FG_DARK, FG_GRAY, FG_GREEN, FG_RED, FG_TEAL, FG_YELLOW, RST,
+  } = shared;
+
+  async function cmdCode(opts, promptArgs) {
+    if (!promptArgs.length) { writer.scrollback(`  ${FG_RED}Usage: semalt-code code <prompt>${RST}`); return; }
+    if (!getConfig().auth_token) { writer.scrollback(`  ${FG_RED}✗${RST} ${FG_GRAY}Not logged in. Run semalt-code login first.${RST}\n`); return; }
+    await ensureDefaultModel();
+    // Fail-loud (memory truncation): if a loaded AGENTS.md/CLAUDE.md was cut at
+    // the cap, warn the user once — to STDERR so machine-mode stdout
+    // (json/stream-json) stays byte-pure. The memory content still loads; this
+    // only surfaces what was dropped, and never enters the model prompt.
+    try {
+      const { loadProjectMemory, memoryTruncationWarnings } = require('../memory');
+      for (const w of memoryTruncationWarnings(loadProjectMemory())) process.stderr.write(`${w}\n`);
+    } catch { /* best-effort; never block the run */ }
+    const model = opts.model || getConfig().default_model;
+    const userPrompt = promptArgs.join(' ');
+    const context = opts.file ? readFileContext(opts.file) : '';
+    const fullPrompt = context ? `Context files:\n${context}\n\nTask: ${userPrompt}` : userPrompt;
+    let resolvedSystemPrompt = null;
+    if (opts.systemPromptFile) {
+      try { resolvedSystemPrompt = fs.readFileSync(opts.systemPromptFile, 'utf8'); } catch {}
+    }
+    let messages = [{ role: 'user', content: fullPrompt }];
+
+    // Multimodal image input (Task 5.4). Read each --image through isPathSafe,
+    // size-check, base64-encode, and attach to the user turn. A clear error
+    // (unsafe path / oversize / unsupported format) aborts before any inference.
+    if (opts.image && opts.image.length) {
+      const { readImages, attachImagesToLastUser } = require('../images');
+      const { isPathSafe } = require('../tools');
+      try {
+        const imgs = readImages(opts.image, { maxBytes: getConfig().image_max_bytes, isPathSafe });
+        attachImagesToLastUser(messages, imgs);
+      } catch (err) {
+        writer.scrollback(`  ${FG_RED}✗ ${err.message}${RST}`);
+        return;
+      }
+    }
+
+    // Headless machine output (Task 2.4): json / stream-json suppress all chrome
+    // and print only the structured envelope. text (default) keeps human output.
+    const mode = opts.outputFormat || 'text';
+    const maxIter = resolveMaxIterations(getConfig().max_iterations);
+    if (mode === 'json' || mode === 'stream-json') {
+      const { runHeadless } = require('../headless');
+      await runHeadless({
+        runAgentLoop, messages, model, tokenLimit: null, mode, maxIterations: maxIter,
+        priceOverrides: getConfig().pricing || {},
+        agentOpts: {
+          debug: false,
+          systemPrompt: resolvedSystemPrompt,
+          systemPromptMode: getConfig().system_prompt_mode || 'system_role',
+          planMode: !!opts.plan,
+          noVerify: !!opts.noVerify,
+        },
+      });
+      return;
+    }
+
+    writer.scrollback(`  ${FG_GRAY}◆ ${model}${RST}`);
+    const codeResult = await runAgentLoop(messages, model, maxIter, null, {
+      debug: dbg.isActive(),
+      systemPrompt: resolvedSystemPrompt,
+      systemPromptMode: getConfig().system_prompt_mode || 'system_role',
+      planMode: !!opts.plan,
+      noVerify: !!opts.noVerify,
+    });
+    messages = codeResult.messages;
+    writer.scrollback('\n');
+    if (codeResult.metrics) writer.scrollback(codeResult.metrics.summary());
+    if (opts.dryRun) printDryRunSummary();
+  }
+
+  async function cmdEdit(opts, filePath, instructionArgs) {
+    if (!filePath) { writer.scrollback(`  ${FG_RED}Usage: semalt-code edit <file> <instruction>${RST}`); return; }
+    if (!getConfig().auth_token) { writer.scrollback(`  ${FG_RED}✗${RST} ${FG_GRAY}Not logged in. Run semalt-code login first.${RST}\n`); return; }
+    if (!fs.existsSync(filePath)) { writer.scrollback(`  ${FG_RED}✗ File not found: ${filePath}${RST}`); return; }
+    await ensureDefaultModel();
+    const content = fs.readFileSync(filePath, 'utf8');
+    const instruction = instructionArgs.join(' ');
+    const messages = [
+      { role: 'system', content: 'You are Semalt.AI. Output ONLY the modified file. No explanations, no fences.' },
+      { role: 'user', content: `File: ${filePath}\n\n\`\`\`\n${content}\n\`\`\`\n\nInstruction: ${instruction}` },
+    ];
+    writer.scrollback(`  ${FG_GRAY}Editing ${filePath}...${RST}`);
+    let result = await chatSync(messages, { model: opts.model });
+    if (result && !opts.dryRun) {
+      if (result.startsWith('```')) { const lines = result.split('\n'); result = lines.at(-1).trim() === '```' ? lines.slice(1, -1).join('\n') : lines.slice(1).join('\n'); }
+      fs.writeFileSync(filePath, result);
+      writer.scrollback(`  ${FG_GREEN}✓ Saved: ${filePath}${RST}`);
+    } else if (opts.dryRun) {
+      writer.scrollback(`  ${FG_YELLOW}⚠ Dry run — not modified${RST}`);
+    }
+  }
+
+  async function cmdShell(opts, commandArgs) {
+    const command = commandArgs.join(' ');
+    if (!command) { writer.scrollback(`  ${FG_RED}Usage: semalt-code shell <command>${RST}`); return; }
+    const result = await agentExecShell(command, {
+      initiator: 'user',
+      confirm: (label, cmd) => {
+        writer.scrollback(`\n  ${FG_YELLOW}${BOLD}⚠ Catastrophic command (${label})${RST}\n  ${FG_GRAY}${cmd}${RST}`);
+        return confirmCatastrophicShell(label, cmd);
+      },
+    });
+    if (opts.analyze) {
+      if (!getConfig().auth_token) { writer.scrollback(`  ${FG_RED}✗${RST} ${FG_GRAY}Not logged in. Run semalt-code login first.${RST}\n`); return; }
+      await ensureDefaultModel();
+      const messages = [
+        { role: 'system', content: 'You are Semalt.AI. Analyze the command output concisely.' },
+        { role: 'user', content: `Command: ${command}\nExit: ${result.exit_code}\nStdout:\n${result.stdout}\nStderr:\n${result.stderr}` },
+      ];
+      writer.scrollback(`\n  ${FG_TEAL}${BOLD}◆ Semalt.AI${RST}\n`);
+      // audit: allowed — non-TUI streaming prefix, must precede StreamRenderer sync writes.
+      process.stdout.write('  ');
+      try {
+        await chatStream(messages, { model: opts.model });
+      } catch (err) {
+        msgs.netError(err.message);
+      }
+      writer.scrollback('\n');
+    }
+  }
+
+  async function cmdModels() {
+    const config = getConfig();
+    let response;
+    try { response = await dashboardListModels(); }
+    catch (err) { writer.scrollback(`  ${FG_RED}✗${RST} ${FG_GRAY}${err.message}${RST}\n`); return { model: config.default_model, dbId: config.dashboard_model_id }; }
+    const models = Array.isArray(response && response.models) ? response.models : [];
+    if (!models.length) { writer.scrollback(`  ${FG_RED}✗${RST} ${FG_GRAY}No models available.${RST}\n`); return { model: config.default_model, dbId: config.dashboard_model_id }; }
+    writer.scrollback(`\n  ${FG_TEAL}${BOLD}◆ Your Models${RST}\n  ${FG_DARK}${'─'.repeat(60)}${RST}`);
+    const activeIndex = models.findIndex((m) => m.base_url === config.api_base && m.model_id === config.default_model);
+    const selectedIndex = await interactiveSelect(models, (model, isSelected, isFinal) => {
+      const active = model.base_url === config.api_base && model.model_id === config.default_model;
+      const marker = active ? `${FG_GREEN}●${RST}` : `${FG_DARK}○${RST}`;
+      const cursor = isSelected ? `${FG_TEAL}❯${RST}` : ' ';
+      const nameStyle = isSelected && !isFinal ? `${BG_SELECTED}${FG_CYAN}` : (isSelected ? FG_CYAN : FG_GRAY);
+      return `  ${marker} ${cursor} ${nameStyle}${model.name} · ${model.model_id} @ ${model.base_url}${RST}`;
+    }, { initialIndex: Math.max(0, activeIndex) });
+    if (selectedIndex === null) { writer.scrollback(`  ${FG_DARK}Cancelled${RST}\n`); return { model: config.default_model, dbId: config.dashboard_model_id }; }
+    const selectedModel = models[selectedIndex];
+    let credentialsResponse;
+    try { credentialsResponse = await dashboardGetModelForCli(selectedModel.id); }
+    catch (err) { writer.scrollback(`  ${FG_RED}✗${RST} ${FG_GRAY}${err.message}${RST}\n`); return { model: config.default_model, dbId: config.dashboard_model_id }; }
+    const model = credentialsResponse && credentialsResponse.model ? credentialsResponse.model : null;
+    if (!model) { writer.scrollback(`  ${FG_RED}✗${RST} ${FG_GRAY}Unable to load selected model.${RST}\n`); return { model: config.default_model, dbId: config.dashboard_model_id }; }
+    const contextLength = (Number.isInteger(model.context_length) && model.context_length > 0 ? model.context_length : null) || (Number.isInteger(model.max_tokens) && model.max_tokens > 0 ? model.max_tokens : null);
+    const updatedConfig = { ...config, api_base: model.base_url, api_key: model.api_key, default_model: model.model_id, dashboard_model_id: model.id };
+    if (contextLength !== null) updatedConfig.context_length = contextLength;
+    setConfig(updatedConfig);
+    writer.scrollback(`  ${FG_GREEN}✓${RST} ${FG_GRAY}Current model → ${model.name} (${model.model_id})${RST}\n`);
+    return { model: model.model_id, dbId: model.id };
+  }
+
+  function cmdInit(opts) {
+    const current = getConfig();
+    const cfg = {
+      api_base: opts.apiBase || 'http://127.0.0.1:8800',
+      api_key: opts.apiKey || 'any',
+      dashboard_url: opts.dashboardUrl || current.dashboard_url,
+      auth_token: current.auth_token || '',
+      default_model: opts.defaultModel || '',
+      temperature: 0.7,
+      request_timeout_ms: DEFAULT_API_TIMEOUT_MS,
+      stream: true,
+      models: current.models,
+    };
+    setConfig(cfg);
+    writer.scrollback(`\n  ${FG_GREEN}✓${RST} Config saved to ${CONFIG_PATH}\n  ${FG_GRAY}${JSON.stringify(cfg, null, 2)}${RST}\n`);
+  }
+
+  return { cmdCode, cmdEdit, cmdShell, cmdModels, cmdInit };
+}
+
+module.exports = { createOneshotCommands };