@skillshub-labs/cli 0.1.18 → 0.1.19

package/lib/core/kit-core.mjs

@@ -29,6 +29,7 @@ function ensureDb() {
       id TEXT PRIMARY KEY,
       name TEXT NOT NULL,
       description TEXT,
+      import_source_json TEXT,
       created_at INTEGER NOT NULL,
       updated_at INTEGER NOT NULL
     );
@@ -50,6 +51,7 @@ function ensureDb() {
       description TEXT,
       policy_id TEXT NOT NULL,
       loadout_id TEXT NOT NULL,
+      managed_source_json TEXT,
       last_applied_at INTEGER,
       last_applied_target_json TEXT,
       created_at INTEGER NOT NULL,
@@ -62,10 +64,21 @@ function ensureDb() {
     CREATE INDEX IF NOT EXISTS idx_kit_presets_loadout_id
       ON kit_presets(loadout_id);
   `)
+  ensureColumn(dbInstance, 'kit_loadouts', 'import_source_json', 'TEXT')
+  ensureColumn(dbInstance, 'kit_presets', 'managed_source_json', 'TEXT')
 
   return dbInstance
 }
 
+function ensureColumn(db, tableName, columnName, definition) {
+  const columns = db.prepare(`PRAGMA table_info(${tableName})`).all()
+  if (columns.some((column) => column?.name === columnName)) {
+    return
+  }
+
+  db.exec(`ALTER TABLE ${tableName} ADD COLUMN ${columnName} ${definition}`)
+}
+
 function getDbPath() {
   return DB_PATH
 }
@@ -102,6 +115,193 @@ function toOptionalText(value) {
   return normalized || undefined
 }
 
+function normalizeLoadoutImportSource(value) {
+  if (!value || typeof value !== 'object' || Array.isArray(value)) {
+    return undefined
+  }
+
+  const repoWebUrl = String(value.repoWebUrl || '').trim()
+  const repoUrl = String(value.repoUrl || '').trim()
+  const originalUrl = String(value.originalUrl || '').trim()
+  const branch = toOptionalText(value.branch)
+  const rootSubdir = String(value.rootSubdir || '').trim() || '/'
+  const importedAt = String(value.importedAt || '').trim()
+  const lastSourceUpdatedAt = String(value.lastSourceUpdatedAt || '').trim()
+  const lastSafetyCheck = normalizeKitSafetyCheck(value.lastSafetyCheck)
+
+  if (!repoWebUrl || !repoUrl || !originalUrl || !importedAt || !lastSourceUpdatedAt) {
+    return undefined
+  }
+
+  return {
+    repoWebUrl,
+    repoUrl,
+    originalUrl,
+    branch,
+    rootSubdir,
+    importedAt,
+    lastSourceUpdatedAt,
+    lastSafetyCheck,
+  }
+}
+
+function normalizeKitSafetyCheck(value) {
+  if (!value || typeof value !== 'object' || Array.isArray(value)) {
+    return undefined
+  }
+
+  const checkedAt = Number(value.checkedAt)
+  const status = value.status === 'warn' ? 'warn' : 'pass'
+  const scannedFiles = Number(value.scannedFiles)
+  const warnings = Array.isArray(value.warnings)
+    ? value.warnings.map((entry) => String(entry || '').trim()).filter(Boolean)
+    : []
+  const flaggedFiles = Array.isArray(value.flaggedFiles)
+    ? value.flaggedFiles.map((entry) => String(entry || '').trim()).filter(Boolean)
+    : []
+
+  if (!Number.isFinite(checkedAt) || !Number.isFinite(scannedFiles)) {
+    return undefined
+  }
+
+  return {
+    checkedAt,
+    status,
+    scannedFiles,
+    warnings,
+    flaggedFiles,
+  }
+}
+
+function normalizeManagedPolicyBaseline(value) {
+  if (!value || typeof value !== 'object' || Array.isArray(value)) {
+    return undefined
+  }
+
+  const id = String(value.id || '').trim()
+  const name = String(value.name || '').trim()
+  const content = String(value.content || '').trim()
+  const description = toOptionalText(value.description)
+
+  if (!id || !name || !content) {
+    return undefined
+  }
+
+  return {
+    id,
+    name,
+    description,
+    content,
+  }
+}
+
+function normalizeManagedLoadoutBaseline(value) {
+  if (!value || typeof value !== 'object' || Array.isArray(value)) {
+    return undefined
+  }
+
+  const id = String(value.id || '').trim()
+  const name = String(value.name || '').trim()
+  const description = toOptionalText(value.description)
+  const items = normalizeLoadoutItems(value.items || [])
+
+  if (!id || !name || items.length === 0) {
+    return undefined
+  }
+
+  return {
+    id,
+    name,
+    description,
+    items,
+  }
+}
+
+function normalizeManagedSecurityChecks(value) {
+  if (!Array.isArray(value)) {
+    return []
+  }
+
+  return value
+    .map((entry) => {
+      if (!entry || typeof entry !== 'object' || Array.isArray(entry)) {
+        return null
+      }
+
+      const sourceId = String(entry.sourceId || '').trim()
+      const sourceName = String(entry.sourceName || '').trim()
+      const check = normalizeKitSafetyCheck(entry.check)
+      if (!sourceId || !sourceName || !check) {
+        return null
+      }
+
+      return {
+        sourceId,
+        sourceName,
+        check,
+      }
+    })
+    .filter(Boolean)
+}
+
+function normalizeManagedSource(value) {
+  if (!value || typeof value !== 'object' || Array.isArray(value)) {
+    return undefined
+  }
+
+  if (String(value.kind || '').trim() !== 'official_preset') {
+    return undefined
+  }
+
+  const presetId = String(value.presetId || '').trim()
+  const presetName = String(value.presetName || '').trim()
+  const catalogVersion = Number(value.catalogVersion)
+  const installedAt = Number(value.installedAt)
+  const lastRestoredAt = value.lastRestoredAt == null ? undefined : Number(value.lastRestoredAt)
+  const restoreCount = Number(value.restoreCount)
+  const baseline = value.baseline
+
+  if (!baseline || typeof baseline !== 'object' || Array.isArray(baseline)) {
+    return undefined
+  }
+
+  const name = String(baseline.name || '').trim()
+  const description = toOptionalText(baseline.description)
+  const policy = normalizeManagedPolicyBaseline(baseline.policy)
+  const loadout = normalizeManagedLoadoutBaseline(baseline.loadout)
+  const securityChecks = normalizeManagedSecurityChecks(value.securityChecks)
+
+  if (
+    !presetId ||
+    !presetName ||
+    !name ||
+    !policy ||
+    !loadout ||
+    !Number.isFinite(catalogVersion) ||
+    !Number.isFinite(installedAt) ||
+    !Number.isFinite(restoreCount)
+  ) {
+    return undefined
+  }
+
+  return {
+    kind: 'official_preset',
+    presetId,
+    presetName,
+    catalogVersion,
+    installedAt,
+    lastRestoredAt: Number.isFinite(lastRestoredAt) ? lastRestoredAt : undefined,
+    restoreCount,
+    baseline: {
+      name,
+      description,
+      policy,
+      loadout,
+    },
+    securityChecks,
+  }
+}
+
 function normalizeLoadoutItems(items) {
   if (!Array.isArray(items)) {
     throw new Error('Skills package items must be an array')
@@ -157,6 +357,7 @@ function parseLoadoutRow(row, items) {
     name: row.name,
     description: row.description || undefined,
     items,
+    importSource: normalizeLoadoutImportSource(parseJsonSafe(row.import_source_json, undefined)),
     createdAt: row.created_at,
     updatedAt: row.updated_at,
   }
@@ -168,12 +369,13 @@ function parseKitRow(row) {
     id: row.id,
     name: row.name,
     description: row.description || undefined,
-    policyId: row.policy_id,
-    loadoutId: row.loadout_id,
+    policyId: row.policy_id || undefined,
+    loadoutId: row.loadout_id || undefined,
     lastAppliedAt: row.last_applied_at || undefined,
     lastAppliedTarget: row.last_applied_target_json
       ? parseJsonSafe(row.last_applied_target_json, undefined)
       : undefined,
+    managedSource: normalizeManagedSource(parseJsonSafe(row.managed_source_json, undefined)),
     createdAt: row.created_at,
     updatedAt: row.updated_at,
   }
@@ -302,7 +504,7 @@ function listKitLoadouts() {
   const db = ensureDb()
   const rows = db
     .prepare(
-      `SELECT id, name, description, created_at, updated_at
+      `SELECT id, name, description, import_source_json, created_at, updated_at
          FROM kit_loadouts
         ORDER BY updated_at DESC, name ASC`
     )
@@ -316,7 +518,7 @@ function getKitLoadoutById(id) {
   const db = ensureDb()
   const row = db
     .prepare(
-      `SELECT id, name, description, created_at, updated_at
+      `SELECT id, name, description, import_source_json, created_at, updated_at
          FROM kit_loadouts
         WHERE id = ?`
     )
@@ -335,12 +537,13 @@ function addKitLoadout(input) {
   const items = normalizeLoadoutItems(input?.items || [])
 
   db.prepare(
-    `INSERT INTO kit_loadouts (id, name, description, created_at, updated_at)
-     VALUES (@id, @name, @description, @createdAt, @updatedAt)`
+    `INSERT INTO kit_loadouts (id, name, description, import_source_json, created_at, updated_at)
+     VALUES (@id, @name, @description, @importSourceJson, @createdAt, @updatedAt)`
   ).run({
     id,
     name,
     description: toOptionalText(input?.description) || null,
+    importSourceJson: JSON.stringify(normalizeLoadoutImportSource(input?.importSource) || null),
     createdAt: ts,
     updatedAt: ts,
   })
@@ -384,12 +587,17 @@ function updateKitLoadout(input) {
       ? existing.description || null
       : toOptionalText(input.description) || null
   const nextItems = input?.items === undefined ? existing.items : normalizeLoadoutItems(input.items)
+  const nextImportSource =
+    input?.importSource === undefined
+      ? existing.importSource || null
+      : normalizeLoadoutImportSource(input.importSource) || null
 
   const db = ensureDb()
   const updateLoadout = db.prepare(
     `UPDATE kit_loadouts
         SET name = @name,
             description = @description,
+            import_source_json = @importSourceJson,
             updated_at = @updatedAt
       WHERE id = @id`
   )
@@ -404,6 +612,7 @@ function updateKitLoadout(input) {
       id,
       name: nextName,
       description: nextDescription,
+      importSourceJson: JSON.stringify(nextImportSource),
       updatedAt: nowTs(),
     })
 
@@ -448,7 +657,7 @@ function listKits() {
   const db = ensureDb()
   const rows = db
     .prepare(
-      `SELECT id, name, description, policy_id, loadout_id, last_applied_at, last_applied_target_json,
+      `SELECT id, name, description, policy_id, loadout_id, managed_source_json, last_applied_at, last_applied_target_json,
               created_at, updated_at
          FROM kit_presets
         ORDER BY updated_at DESC, name ASC`
@@ -462,7 +671,7 @@ function getKitById(id) {
   const db = ensureDb()
   const row = db
     .prepare(
-      `SELECT id, name, description, policy_id, loadout_id, last_applied_at, last_applied_target_json,
+      `SELECT id, name, description, policy_id, loadout_id, managed_source_json, last_applied_at, last_applied_target_json,
               created_at, updated_at
          FROM kit_presets
         WHERE id = ?`
@@ -472,11 +681,11 @@ function getKitById(id) {
 }
 
 function ensureKitRefsExist(policyId, loadoutId) {
-  if (!getKitPolicyById(policyId)) {
+  if (policyId && !getKitPolicyById(policyId)) {
     throw new Error(`AGENTS.md not found: ${policyId}`)
   }
 
-  if (!getKitLoadoutById(loadoutId)) {
+  if (loadoutId && !getKitLoadoutById(loadoutId)) {
     throw new Error(`Skills package not found: ${loadoutId}`)
   }
 }
@@ -489,24 +698,25 @@ function addKit(input) {
   const name = requireName(input?.name, 'kit name')
   const policyId = String(input?.policyId || '').trim()
   const loadoutId = String(input?.loadoutId || '').trim()
-  if (!policyId || !loadoutId) {
-    throw new Error('Kit must include both AGENTS.md and Skills package')
+  if (!policyId && !loadoutId) {
+    throw new Error('Kit must include at least AGENTS.md or Skills package')
   }
 
   ensureKitRefsExist(policyId, loadoutId)
 
   db.prepare(
     `INSERT INTO kit_presets (
-      id, name, description, policy_id, loadout_id, created_at, updated_at
+      id, name, description, policy_id, loadout_id, managed_source_json, created_at, updated_at
     ) VALUES (
-      @id, @name, @description, @policyId, @loadoutId, @createdAt, @updatedAt
+      @id, @name, @description, @policyId, @loadoutId, @managedSourceJson, @createdAt, @updatedAt
     )`
   ).run({
     id,
     name,
     description: toOptionalText(input?.description) || null,
-    policyId,
-    loadoutId,
+    policyId: policyId || '',
+    loadoutId: loadoutId || '',
+    managedSourceJson: JSON.stringify(normalizeManagedSource(input?.managedSource) || null),
     createdAt: ts,
     updatedAt: ts,
   })
@@ -534,9 +744,13 @@ function updateKit(input) {
     input?.policyId === undefined ? existing.policyId : String(input.policyId || '').trim()
   const nextLoadoutId =
     input?.loadoutId === undefined ? existing.loadoutId : String(input.loadoutId || '').trim()
+  const nextManagedSource =
+    input?.managedSource === undefined
+      ? existing.managedSource || null
+      : normalizeManagedSource(input.managedSource) || null
 
-  if (!nextPolicyId || !nextLoadoutId) {
-    throw new Error('Kit must include both AGENTS.md and Skills package')
+  if (!nextPolicyId && !nextLoadoutId) {
+    throw new Error('Kit must include at least AGENTS.md or Skills package')
   }
 
   ensureKitRefsExist(nextPolicyId, nextLoadoutId)
@@ -548,14 +762,16 @@ function updateKit(input) {
             description = @description,
             policy_id = @policyId,
             loadout_id = @loadoutId,
+            managed_source_json = @managedSourceJson,
             updated_at = @updatedAt
       WHERE id = @id`
   ).run({
     id,
     name: nextName,
     description: nextDescription,
-    policyId: nextPolicyId,
-    loadoutId: nextLoadoutId,
+    policyId: nextPolicyId || '',
+    loadoutId: nextLoadoutId || '',
+    managedSourceJson: JSON.stringify(nextManagedSource),
     updatedAt: nowTs(),
   })
 
@@ -569,6 +785,96 @@ function deleteKit(id) {
   return result.changes > 0
 }
 
+function upsertPolicyBaseline(db, baseline, updatedAt) {
+  const existing = getKitPolicyById(baseline.id)
+  db.prepare(
+    `INSERT OR REPLACE INTO kit_policies (id, name, description, content, created_at, updated_at)
+     VALUES (@id, @name, @description, @content, @createdAt, @updatedAt)`
+  ).run({
+    id: baseline.id,
+    name: baseline.name,
+    description: baseline.description || null,
+    content: baseline.content,
+    createdAt: existing?.createdAt || updatedAt,
+    updatedAt,
+  })
+}
+
+function upsertLoadoutBaseline(db, baseline, updatedAt) {
+  const existing = getKitLoadoutById(baseline.id)
+  db.prepare(
+    `INSERT OR REPLACE INTO kit_loadouts (id, name, description, import_source_json, created_at, updated_at)
+     VALUES (@id, @name, @description, @importSourceJson, @createdAt, @updatedAt)`
+  ).run({
+    id: baseline.id,
+    name: baseline.name,
+    description: baseline.description || null,
+    importSourceJson: JSON.stringify(null),
+    createdAt: existing?.createdAt || updatedAt,
+    updatedAt,
+  })
+
+  db.prepare(`DELETE FROM kit_loadout_items WHERE loadout_id = ?`).run(baseline.id)
+  const insertItem = db.prepare(
+    `INSERT INTO kit_loadout_items (loadout_id, skill_path, mode, sort_order)
+     VALUES (@loadoutId, @skillPath, @mode, @sortOrder)`
+  )
+
+  for (const item of baseline.items) {
+    insertItem.run({
+      loadoutId: baseline.id,
+      skillPath: item.skillPath,
+      mode: item.mode,
+      sortOrder: item.sortOrder,
+    })
+  }
+}
+
+function restoreManagedKitBaseline(id) {
+  const existing = getKitById(id)
+  if (!existing) {
+    throw new Error(`Kit not found: ${id}`)
+  }
+  if (!existing.managedSource || existing.managedSource.kind !== 'official_preset') {
+    throw new Error('Only managed official kits can be restored')
+  }
+
+  const db = ensureDb()
+  const ts = nowTs()
+  const { baseline } = existing.managedSource
+  const nextManagedSource = {
+    ...existing.managedSource,
+    lastRestoredAt: ts,
+    restoreCount: Number(existing.managedSource.restoreCount || 0) + 1,
+  }
+
+  const tx = db.transaction(() => {
+    upsertPolicyBaseline(db, baseline.policy, ts)
+    upsertLoadoutBaseline(db, baseline.loadout, ts)
+    db.prepare(
+      `UPDATE kit_presets
+          SET name = @name,
+              description = @description,
+              policy_id = @policyId,
+              loadout_id = @loadoutId,
+              managed_source_json = @managedSourceJson,
+              updated_at = @updatedAt
+        WHERE id = @id`
+    ).run({
+      id,
+      name: baseline.name,
+      description: baseline.description || null,
+      policyId: baseline.policy.id,
+      loadoutId: baseline.loadout.id,
+      managedSourceJson: JSON.stringify(nextManagedSource),
+      updatedAt: ts,
+    })
+  })
+
+  tx()
+  return getKitById(id)
+}
+
 function markKitApplied(input) {
   const id = String(input?.id || '').trim()
   if (!id) {
@@ -622,5 +928,6 @@ export {
   addKit,
   updateKit,
   deleteKit,
+  restoreManagedKitBaseline,
   markKitApplied,
 }

package/lib/core/kit-types.ts

@@ -6,11 +6,23 @@ export interface KitLoadoutItem {
   sortOrder: number
 }
 
+export interface KitLoadoutImportSource {
+  repoWebUrl: string
+  repoUrl: string
+  originalUrl: string
+  branch?: string
+  rootSubdir: string
+  importedAt: string
+  lastSourceUpdatedAt: string
+  lastSafetyCheck?: KitSafetyCheck
+}
+
 export interface KitLoadoutRecord {
   id: string
   name: string
   description?: string
   items: KitLoadoutItem[]
+  importSource?: KitLoadoutImportSource
   createdAt: number
   updatedAt: number
 }
@@ -24,17 +36,63 @@ export interface KitPolicyRecord {
   updatedAt: number
 }
 
+export interface KitSafetyCheck {
+  checkedAt: number
+  status: 'pass' | 'warn'
+  scannedFiles: number
+  warnings: string[]
+  flaggedFiles: string[]
+}
+
+export interface ManagedKitPolicyBaseline {
+  id: string
+  name: string
+  description?: string
+  content: string
+}
+
+export interface ManagedKitLoadoutBaseline {
+  id: string
+  name: string
+  description?: string
+  items: KitLoadoutItem[]
+}
+
+export interface ManagedKitSecurityCheck {
+  sourceId: string
+  sourceName: string
+  check: KitSafetyCheck
+}
+
+export interface ManagedKitSource {
+  kind: 'official_preset'
+  presetId: string
+  presetName: string
+  catalogVersion: number
+  installedAt: number
+  lastRestoredAt?: number
+  restoreCount: number
+  baseline: {
+    name: string
+    description?: string
+    policy: ManagedKitPolicyBaseline
+    loadout: ManagedKitLoadoutBaseline
+  }
+  securityChecks: ManagedKitSecurityCheck[]
+}
+
 export interface KitRecord {
   id: string
   name: string
   description?: string
-  policyId: string
-  loadoutId: string
+  policyId?: string
+  loadoutId?: string
   lastAppliedAt?: number
   lastAppliedTarget?: {
     projectPath: string
     agentName: string
   }
+  managedSource?: ManagedKitSource
   createdAt: number
   updatedAt: number
 }
@@ -50,10 +108,77 @@ export interface KitApplySkillResult {
 export interface KitApplyResult {
   kitId: string
   kitName: string
-  policyPath: string
+  policyPath?: string
+  policyFileName?: string
   projectPath: string
   agentName: string
   appliedAt: number
   overwroteAgentsMd?: boolean
   loadoutResults: KitApplySkillResult[]
 }
+
+export interface KitLoadoutImportResult {
+  loadout: KitLoadoutRecord
+  loadoutStatus: 'created' | 'updated'
+  importedSkillPaths: string[]
+  overwrittenCount: number
+  removedCount: number
+  discoveredCount: number
+  source: KitLoadoutImportSource
+}
+
+export interface OfficialPresetSummary {
+  id: string
+  name: string
+  description?: string
+  policyName: string
+  sourceCount: number
+  skillCount: number
+}
+
+export interface OfficialPresetSource {
+  id: string
+  name: string
+  url: string
+  description?: string
+  selectedSkillDetails?: Array<{
+    name: string
+    description?: string
+  }>
+  selectedSkills: string[]
+}
+
+export interface OfficialPresetDetail {
+  id: string
+  name: string
+  description?: string
+  policy: {
+    name: string
+    description?: string
+    template: string
+  }
+  sources: OfficialPresetSource[]
+  skillCount: number
+}
+
+export interface OfficialPresetInstallResult {
+  preset: {
+    id: string
+    name: string
+    description?: string
+  }
+  policy: KitPolicyRecord
+  loadout: KitLoadoutRecord
+  kit: KitRecord
+  importedSources: Array<{
+    id: string
+    name: string
+    loadoutId: string
+    importedSkillCount: number
+    selectedSkillCount: number
+  }>
+}
+
+export interface OfficialPresetBatchInstallResult {
+  installed: OfficialPresetInstallResult[]
+}