@slock-ai/daemon 0.53.2 → 0.54.1

package/dist/cli/index.js

@@ -19,13 +19,47 @@ var CliExit = class extends Error {
 function emit(payload) {
   process.stdout.write(JSON.stringify(payload) + "\n");
 }
-function fail(code, message, exitCode = 1) {
-  process.stderr.write(JSON.stringify({ ok: false, code, message }) + "\n");
-  throw new CliExit(exitCode);
+function fail(code, message, options) {
+  const body = { ok: false, code, message };
+  if (options?.suggestedNextAction) {
+    body.suggested_next_action = options.suggestedNextAction;
+  }
+  process.stderr.write(JSON.stringify(body) + "\n");
+  throw new CliExit(options?.exitCode ?? 1);
+}
+
+// src/version.ts
+import { readFileSync } from "fs";
+var FALLBACK_VERSION = "0.0.0";
+function readVersionFrom(candidate) {
+  try {
+    const pkg = JSON.parse(readFileSync(candidate, "utf8"));
+    return typeof pkg.version === "string" && pkg.version ? pkg.version : null;
+  } catch {
+    return null;
+  }
+}
+function readCliVersion(baseUrl = import.meta.url) {
+  return (
+    // Built package and daemon-bundled CLI: dist/package.json travels with dist/index.js.
+    readVersionFrom(new URL("./package.json", baseUrl)) ?? readVersionFrom(new URL("../package.json", baseUrl)) ?? FALLBACK_VERSION
+  );
 }
 
 // src/auth/env.ts
 import fs from "fs";
+import os from "os";
+import path from "path";
+var RAW_AGENT_ENV_KEYS = [
+  "SLOCK_AGENT_ID",
+  "SLOCK_SERVER_URL",
+  "SLOCK_SERVER_ID",
+  "SLOCK_AGENT_PROXY_URL",
+  "SLOCK_AGENT_PROXY_TOKEN",
+  "SLOCK_AGENT_PROXY_TOKEN_FILE",
+  "SLOCK_AGENT_TOKEN_FILE",
+  "SLOCK_AGENT_TOKEN"
+];
 var AgentBootstrapError = class extends Error {
   constructor(code, message) {
     super(message);
@@ -33,6 +67,47 @@ var AgentBootstrapError = class extends Error {
     this.name = "AgentBootstrapError";
   }
 };
+function resolveProfileDir(slug, env = process.env) {
+  if (env.SLOCK_PROFILE_DIR) {
+    return env.SLOCK_PROFILE_DIR;
+  }
+  if (env.SLOCK_HOME) {
+    return path.join(env.SLOCK_HOME, "profiles", slug);
+  }
+  const home = env.HOME ?? os.homedir();
+  return path.join(home, ".slock", "profiles", slug);
+}
+function resolveProfileCredentialPath(slug, env) {
+  return path.join(resolveProfileDir(slug, env), "credential.json");
+}
+function readProfileCredential(slug, env) {
+  const filePath = resolveProfileCredentialPath(slug, env);
+  let raw;
+  try {
+    raw = fs.readFileSync(filePath, "utf-8");
+  } catch (err) {
+    throw new AgentBootstrapError(
+      "PROFILE_FILE_UNREADABLE",
+      `SLOCK_PROFILE=${slug} resolved to ${filePath}, which could not be read: ${err.message}. Run \`slock agent login\` to mint a credential.`
+    );
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(raw);
+  } catch (err) {
+    throw new AgentBootstrapError(
+      "PROFILE_FILE_INVALID",
+      `${filePath} is not valid JSON: ${err.message}`
+    );
+  }
+  if (!parsed || typeof parsed !== "object" || typeof parsed.apiKey !== "string" || typeof parsed.agentId !== "string" || typeof parsed.serverUrl !== "string") {
+    throw new AgentBootstrapError(
+      "PROFILE_FILE_INVALID",
+      `${filePath} is missing required fields (apiKey, agentId, serverUrl).`
+    );
+  }
+  return { filePath, data: parsed };
+}
 function readTokenFromFile(filePath) {
   let raw;
   try {
@@ -53,10 +128,32 @@ function readTokenFromFile(filePath) {
   return token;
 }
 function loadAgentContext(env = process.env) {
+  const activeCapabilities = env.SLOCK_AGENT_ACTIVE_CAPABILITIES ? env.SLOCK_AGENT_ACTIVE_CAPABILITIES.split(",").map((cap) => cap.trim()).filter(Boolean) : null;
+  const profileSlug = env.SLOCK_PROFILE;
+  if (profileSlug) {
+    const shadowed = RAW_AGENT_ENV_KEYS.filter((k) => env[k]);
+    if (shadowed.length > 0) {
+      process.stderr.write(
+        `slock: SLOCK_PROFILE=${profileSlug} active; ignoring ${shadowed.join(", ")} from env.
+`
+      );
+    }
+    const { filePath, data } = readProfileCredential(profileSlug, env);
+    return {
+      agentId: data.agentId,
+      serverUrl: data.serverUrl,
+      serverId: data.serverId ?? null,
+      token: data.apiKey,
+      clientMode: "self-hosted-runner",
+      secretSource: "profile-credential-file",
+      activeCapabilities,
+      profileSlug,
+      profileCredentialPath: filePath
+    };
+  }
   const agentId = env.SLOCK_AGENT_ID;
   const serverUrl = env.SLOCK_SERVER_URL;
   const serverId = env.SLOCK_SERVER_ID ?? null;
-  const activeCapabilities = env.SLOCK_AGENT_ACTIVE_CAPABILITIES ? env.SLOCK_AGENT_ACTIVE_CAPABILITIES.split(",").map((cap) => cap.trim()).filter(Boolean) : null;
   if (!agentId) throw new AgentBootstrapError("MISSING_AGENT_ID", "SLOCK_AGENT_ID is required");
   if (!serverUrl) throw new AgentBootstrapError("MISSING_SERVER_URL", "SLOCK_SERVER_URL is required");
   const agentProxyUrl = env.SLOCK_AGENT_PROXY_URL;
@@ -89,18 +186,6 @@ function loadAgentContext(env = process.env) {
       activeCapabilities
     };
   }
-  const agentCredentialFile = env.SLOCK_AGENT_CREDENTIAL_KEY_FILE;
-  if (agentCredentialFile) {
-    return {
-      agentId,
-      serverUrl,
-      serverId,
-      token: readTokenFromFile(agentCredentialFile),
-      clientMode: "self-hosted-runner",
-      secretSource: "agent-credential-file",
-      activeCapabilities
-    };
-  }
   const tokenFile = env.SLOCK_AGENT_TOKEN_FILE;
   if (tokenFile) {
     return {
@@ -127,7 +212,7 @@ function loadAgentContext(env = process.env) {
   }
   throw new AgentBootstrapError(
     "MISSING_TOKEN",
-    "Neither SLOCK_AGENT_PROXY_TOKEN_FILE, SLOCK_AGENT_PROXY_TOKEN, SLOCK_AGENT_CREDENTIAL_KEY_FILE, SLOCK_AGENT_TOKEN_FILE nor SLOCK_AGENT_TOKEN is set. The daemon should inject one of these when spawning the agent process."
+    "Neither SLOCK_AGENT_PROXY_TOKEN_FILE, SLOCK_AGENT_PROXY_TOKEN, SLOCK_AGENT_TOKEN_FILE nor SLOCK_AGENT_TOKEN is set. The daemon should inject one of these when spawning the agent process."
   );
 }
 
@@ -148,12 +233,348 @@ function registerWhoamiCommand(parent) {
         serverUrl: ctx.serverUrl,
         serverId: ctx.serverId,
         clientMode: ctx.clientMode,
-        secretSource: ctx.secretSource
+        secretSource: ctx.secretSource,
+        ...ctx.profileSlug ? { profileSlug: ctx.profileSlug } : {},
+        ...ctx.profileCredentialPath ? { profileCredentialPath: ctx.profileCredentialPath } : {}
       }
     });
   });
 }
 
+// src/commands/agent/list.ts
+import { fetch as undiciFetch } from "undici";
+
+// src/agentLogin/deviceAuthClient.ts
+import { fetch as fetch2 } from "undici";
+var DeviceCodeLoginError = class extends Error {
+  constructor(code, message) {
+    super(message);
+    this.code = code;
+    this.name = "DeviceCodeLoginError";
+  }
+};
+var ACTIONABLE_ERROR_MESSAGES = {
+  device_login_disabled: "Device login is not enabled on this Slock server. Ask an admin to set SLOCK_DEVICE_LOGIN_ENABLED=true.",
+  device_code_required: "Internal CLI bug: device_code was missing from the poll request.",
+  user_code_required: "Internal CLI bug: user_code was missing from the approve request.",
+  authorization_pending: "Still waiting for you to approve the login on the web page.",
+  expired_token: "The login code expired. Run `slock agent login` again to start a new flow.",
+  access_denied: "You denied the login request in the web approval page.",
+  device_code_consumed: "This login code has already been used. Run `slock agent login` again.",
+  device_code_invalid: "Unknown / malformed device code. Run `slock agent login` again to start a fresh flow."
+};
+function describeDeviceCodeLoginError(code) {
+  return ACTIONABLE_ERROR_MESSAGES[code] ?? `Device login failed (code: ${code}).`;
+}
+async function runDeviceCodeLogin(options) {
+  const httpFetch = options.fetchImpl ?? fetch2;
+  const base = options.serverUrl.replace(/\/+$/, "");
+  const authorizeRes = await httpFetch(`${base}/api/auth/device/authorize`, {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify({
+      ...options.clientName ? { clientName: options.clientName } : {}
+    })
+  });
+  if (!authorizeRes.ok) {
+    const payload = await safeJson(authorizeRes);
+    throw new DeviceCodeLoginError(
+      typeof payload?.code === "string" ? payload.code : "authorize_failed",
+      describeDeviceCodeLoginError(typeof payload?.code === "string" ? payload.code : "authorize_failed")
+    );
+  }
+  const authorizeBody = await authorizeRes.json();
+  if (!authorizeBody.deviceCode || !authorizeBody.userCode || !authorizeBody.verificationUri) {
+    throw new DeviceCodeLoginError(
+      "authorize_response_invalid",
+      "Server's authorize response was missing deviceCode / userCode / verificationUri."
+    );
+  }
+  const verificationUri = authorizeBody.verificationUri.startsWith("http") ? authorizeBody.verificationUri : `${base}${authorizeBody.verificationUri}`;
+  await options.onUserAction({
+    verificationUri,
+    userCode: authorizeBody.userCode,
+    expiresInSeconds: authorizeBody.expiresIn ?? 0
+  });
+  const serverIntervalMs = (authorizeBody.interval ?? 5) * 1e3;
+  const pollIntervalMs = options.pollIntervalOverrideMs ?? serverIntervalMs;
+  const deadlineMs = Date.now() + Math.max(1, authorizeBody.expiresIn ?? 600) * 1e3;
+  while (Date.now() < deadlineMs) {
+    const tokenRes = await httpFetch(`${base}/api/auth/device/token`, {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ deviceCode: authorizeBody.deviceCode })
+    });
+    if (tokenRes.ok) {
+      const tokenBody = await tokenRes.json();
+      if (!tokenBody.accessToken || !tokenBody.refreshToken || !tokenBody.userId) {
+        throw new DeviceCodeLoginError(
+          "token_response_invalid",
+          "Server's token response was missing accessToken / refreshToken / userId."
+        );
+      }
+      return {
+        accessToken: tokenBody.accessToken,
+        refreshToken: tokenBody.refreshToken,
+        userId: tokenBody.userId
+      };
+    }
+    const tokenError = await safeJson(tokenRes);
+    const code = typeof tokenError?.code === "string" ? tokenError.code : "token_failed";
+    if (code === "authorization_pending") {
+      await delay(pollIntervalMs);
+      continue;
+    }
+    throw new DeviceCodeLoginError(code, describeDeviceCodeLoginError(code));
+  }
+  throw new DeviceCodeLoginError(
+    "expired_token",
+    describeDeviceCodeLoginError("expired_token")
+  );
+}
+async function safeJson(res) {
+  try {
+    return await res.json();
+  } catch {
+    return null;
+  }
+}
+function delay(ms) {
+  if (ms <= 0) return Promise.resolve();
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+// src/commands/agent/list.ts
+function describeListResult(reason, serverUrl) {
+  switch (reason) {
+    case "ok":
+      return `Ask the user which agent to bind to this machine, then run \`slock agent login --server ${serverUrl} --agent <id>\` with the selected agent id.`;
+    case "no_manageable_server":
+      return "You are logged in but don't have `manageAgents` on any server you're a member of. Ask a server owner or admin to grant the capability, then rerun `slock agent list`.";
+    case "no_agents_on_manageable_servers":
+      return "You have `manageAgents` on at least one server, but no agents exist on those servers yet. Ask the user to create an agent first (via web UI), then rerun `slock agent list`.";
+  }
+}
+function registerAgentListCommand(parent) {
+  parent.command("list").description(
+    "List Slock agents the user can mint credentials for (after a device-code login)."
+  ).requiredOption("--server <url>", "Slock server base URL, e.g. https://slock.example.com").option("--client-name <label>", "Human-readable label shown on the web approval page").action(async (options) => {
+    let userSession;
+    try {
+      userSession = await runDeviceCodeLogin({
+        serverUrl: options.server,
+        ...options.clientName ? { clientName: options.clientName } : {},
+        onUserAction: ({ verificationUri, userCode, expiresInSeconds }) => {
+          process.stderr.write(
+            `Open ${verificationUri} in your browser, enter code ${userCode} (expires in ~${Math.max(0, Math.floor(expiresInSeconds / 60))}m).
+`
+          );
+        }
+      });
+    } catch (err) {
+      if (err instanceof DeviceCodeLoginError) {
+        fail(err.code, err.message);
+      }
+      throw err;
+    }
+    const res = await undiciFetch(
+      `${options.server.replace(/\/+$/, "")}/api/agents/manageable`,
+      {
+        method: "GET",
+        headers: {
+          "content-type": "application/json",
+          authorization: `Bearer ${userSession.accessToken}`
+        }
+      }
+    );
+    if (!res.ok) {
+      let body = null;
+      try {
+        body = await res.json();
+      } catch {
+      }
+      fail(
+        body?.code ?? `list_failed_${res.status}`,
+        body?.error ?? `Failed to list manageable agents (status ${res.status}).`
+      );
+    }
+    const payload = await res.json();
+    const agents = payload.data?.agents ?? [];
+    const reason = payload.data?.reason ?? (agents.length > 0 ? "ok" : "no_agents_on_manageable_servers");
+    const suggestedNextAction = describeListResult(reason, options.server);
+    emit({
+      ok: true,
+      data: {
+        agents,
+        reason,
+        ...typeof payload.data?.manageable_server_count === "number" ? { manageable_server_count: payload.data.manageable_server_count } : {},
+        suggested_next_action: suggestedNextAction
+      }
+    });
+  });
+}
+
+// src/commands/agent/login.ts
+import { mkdir, stat, writeFile } from "fs/promises";
+import path2 from "path";
+import { fetch as undiciFetch2 } from "undici";
+function registerAgentLoginCommand(parent) {
+  parent.command("login").description(
+    "Sign this CLI in as a specific Slock agent via the device-code login grant."
+  ).requiredOption("--server <url>", "Slock server base URL, e.g. https://slock.example.com").requiredOption("--agent <agentId>", "Agent id to log in as").option("--client-name <label>", "Human-readable label shown on the web approval page").option("--profile-slug <slug>", "Slug to save the new profile under (defaults to the agent id). Distinct from root `slock --profile`, which selects an existing profile to use.").option("--profile-dir <path>", "Override the profile directory root (default resolution: SLOCK_HOME/profiles/<slug> when SLOCK_HOME is set, else ~/.slock/profiles/<slug>)").action(async (options) => {
+    const invalidShape = describeInvalidAgentIdShape(options.agent);
+    if (invalidShape) {
+      fail("INVALID_AGENT_ID", invalidShape, {
+        suggestedNextAction: `Run \`slock agent list --server ${options.server}\` to see valid agent ids, then rerun login with --agent <id>.`
+      });
+    }
+    const profileSlug = options.profileSlug ?? options.agent;
+    const profileDir = options.profileDir ?? resolveProfileDir(profileSlug);
+    const credentialPath = path2.join(profileDir, "credential.json");
+    if (await profileFileExists(credentialPath)) {
+      fail(
+        "PROFILE_ALREADY_EXISTS",
+        `Profile '${profileSlug}' already has a credential at ${credentialPath}.`,
+        {
+          suggestedNextAction: `Use a different \`--profile-slug <slug>\` to mint a coexistent credential, OR manually delete ${credentialPath} and rerun login. Note: the existing sk_agent_* on the server is NOT revoked by deleting the local file \u2014 it remains valid until it expires or is explicitly revoked from the agent settings UI.`
+        }
+      );
+    }
+    let userSession;
+    try {
+      userSession = await runDeviceCodeLogin({
+        serverUrl: options.server,
+        ...options.clientName ? { clientName: options.clientName } : {},
+        onUserAction: ({ verificationUri, userCode, expiresInSeconds }) => {
+          process.stderr.write(
+            `Open ${verificationUri} in your browser, enter code ${userCode} (expires in ~${Math.max(0, Math.floor(expiresInSeconds / 60))}m).
+`
+          );
+        }
+      });
+    } catch (err) {
+      if (err instanceof DeviceCodeLoginError) {
+        fail(err.code, err.message);
+      }
+      throw err;
+    }
+    const mintRes = await undiciFetch2(
+      `${options.server.replace(/\/+$/, "")}/api/agents/${encodeURIComponent(options.agent)}/credentials`,
+      {
+        method: "POST",
+        headers: {
+          "content-type": "application/json",
+          authorization: `Bearer ${userSession.accessToken}`
+        },
+        body: JSON.stringify({})
+      }
+    );
+    if (!mintRes.ok) {
+      const body = await safeJson2(mintRes);
+      const code = body?.code ?? `mint_failed_${mintRes.status}`;
+      const detail = describeMintError(code, options.server);
+      fail(
+        code,
+        detail?.message ?? body?.error ?? `Failed to mint agent credential (status ${mintRes.status}).`,
+        detail?.suggestedNextAction ? { suggestedNextAction: detail.suggestedNextAction } : void 0
+      );
+    }
+    const minted = await mintRes.json();
+    if (!minted.apiKey || !minted.agentId || !minted.serverId) {
+      fail(
+        "mint_response_invalid",
+        "Server mint response was missing apiKey / agentId / serverId."
+      );
+    }
+    await mkdir(profileDir, { recursive: true, mode: 448 });
+    await writeFile(
+      credentialPath,
+      JSON.stringify(
+        {
+          schemaVersion: 1,
+          serverUrl: options.server,
+          agentId: minted.agentId,
+          agentName: minted.agentName,
+          serverId: minted.serverId,
+          credentialId: minted.credentialId,
+          scopes: minted.scopes,
+          apiKey: minted.apiKey,
+          createdAt: (/* @__PURE__ */ new Date()).toISOString()
+        },
+        null,
+        2
+      ) + "\n",
+      { mode: 384 }
+    );
+    emit({
+      ok: true,
+      data: {
+        agentId: minted.agentId,
+        agentName: minted.agentName,
+        serverId: minted.serverId,
+        credentialId: minted.credentialId,
+        scopes: minted.scopes,
+        profileSlug,
+        credentialPath
+      }
+    });
+  });
+}
+async function safeJson2(res) {
+  try {
+    return await res.json();
+  } catch {
+    return null;
+  }
+}
+async function profileFileExists(filePath) {
+  try {
+    await stat(filePath);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function describeInvalidAgentIdShape(input) {
+  const trimmed = input.trim();
+  if (trimmed.length === 0) {
+    return "--agent must not be empty.";
+  }
+  if (trimmed.startsWith("@")) {
+    return "--agent expects an agent id (an opaque server-issued identifier), not an @handle.";
+  }
+  if (trimmed.startsWith("#")) {
+    return "--agent expects an agent id, not a #channel name.";
+  }
+  if (/^https?:\/\//i.test(trimmed) || trimmed.includes("/")) {
+    return "--agent expects an agent id, not a URL or path.";
+  }
+  return null;
+}
+function describeMintError(code, serverUrl) {
+  switch (code) {
+    case "device_login_disabled":
+      return { message: describeDeviceCodeLoginError(code) ?? code };
+    case "agent_missing":
+      return {
+        message: "Agent id is not known on this server, or the user you approved with isn't a member of the agent's server.",
+        suggestedNextAction: `Run \`slock agent list --server ${serverUrl}\` to see manageable agents, then rerun login with --agent <id>.`
+      };
+    case "insufficient_role":
+      return {
+        message: "The user you approved with isn't a server owner or admin on the agent's server, so they can't mint agent credentials.",
+        suggestedNextAction: "Ask a server owner or admin to grant you the `manageAgents` capability on this server, then rerun login."
+      };
+    case "scopes_invalid":
+    case "scopes_empty":
+    case "name_invalid":
+      return {
+        message: "Invalid request body for the agent credential mint. Re-run with default flags."
+      };
+  }
+  return void 0;
+}
+
 // ../shared/src/tracing/index.ts
 var DEFAULT_TRACE_FLAGS = "00";
 var TRACE_ID_HEX_LENGTH = 32;
@@ -1007,10 +1428,10 @@ function mergeDefs(...defs) {
 function cloneDef(schema) {
   return mergeDefs(schema._zod.def);
 }
-function getElementAtPath(obj, path2) {
-  if (!path2)
+function getElementAtPath(obj, path4) {
+  if (!path4)
     return obj;
-  return path2.reduce((acc, key) => acc?.[key], obj);
+  return path4.reduce((acc, key) => acc?.[key], obj);
 }
 function promiseAllObject(promisesObj) {
   const keys = Object.keys(promisesObj);
@@ -1393,11 +1814,11 @@ function aborted(x, startIndex = 0) {
   }
   return false;
 }
-function prefixIssues(path2, issues) {
+function prefixIssues(path4, issues) {
   return issues.map((iss) => {
     var _a2;
     (_a2 = iss).path ?? (_a2.path = []);
-    iss.path.unshift(path2);
+    iss.path.unshift(path4);
     return iss;
   });
 }
@@ -1580,7 +2001,7 @@ function formatError(error48, mapper = (issue2) => issue2.message) {
 }
 function treeifyError(error48, mapper = (issue2) => issue2.message) {
   const result = { errors: [] };
-  const processError = (error49, path2 = []) => {
+  const processError = (error49, path4 = []) => {
     var _a2, _b;
     for (const issue2 of error49.issues) {
       if (issue2.code === "invalid_union" && issue2.errors.length) {
@@ -1590,7 +2011,7 @@ function treeifyError(error48, mapper = (issue2) => issue2.message) {
       } else if (issue2.code === "invalid_element") {
         processError({ issues: issue2.issues }, issue2.path);
       } else {
-        const fullpath = [...path2, ...issue2.path];
+        const fullpath = [...path4, ...issue2.path];
         if (fullpath.length === 0) {
           result.errors.push(mapper(issue2));
           continue;
@@ -1622,8 +2043,8 @@ function treeifyError(error48, mapper = (issue2) => issue2.message) {
 }
 function toDotPath(_path) {
   const segs = [];
-  const path2 = _path.map((seg) => typeof seg === "object" ? seg.key : seg);
-  for (const seg of path2) {
+  const path4 = _path.map((seg) => typeof seg === "object" ? seg.key : seg);
+  for (const seg of path4) {
     if (typeof seg === "number")
       segs.push(`[${seg}]`);
     else if (typeof seg === "symbol")
@@ -13600,13 +14021,13 @@ function resolveRef(ref, ctx) {
   if (!ref.startsWith("#")) {
     throw new Error("External $ref is not supported, only local refs (#/...) are allowed");
   }
-  const path2 = ref.slice(1).split("/").filter(Boolean);
-  if (path2.length === 0) {
+  const path4 = ref.slice(1).split("/").filter(Boolean);
+  if (path4.length === 0) {
     return ctx.rootSchema;
   }
   const defsKey = ctx.version === "draft-2020-12" ? "$defs" : "definitions";
-  if (path2[0] === defsKey) {
-    const key = path2[1];
+  if (path4[0] === defsKey) {
+    const key = path4[1];
     if (!key || !ctx.defs[key]) {
       throw new Error(`Reference not found: ${ref}`);
     }
@@ -14038,13 +14459,16 @@ var agentCreateOperationSchema = external_exports.object({
   name: external_exports.string().trim().min(1).max(60),
   description: external_exports.string().trim().max(500).optional(),
   /**
-   * Agent can only suggest semantic intent (name + description). Technical
-   * configuration (which computer / runtime / model / reasoning effort) is
-   * a user prerogative — the human picks those in the create dialog when
-   * they click "Create Agent" on the card. Per stdrc 2026-05-10
-   * #proj-approval msg=ae4ecedd: "为什么 computer、runtime 和 model 还是
-   * 帮用户选了？" — don't let the agent prefill those.
+   * Optional computer placement contract. Agents may only set this when the
+   * human request is explicitly computer-bound; server prepare resolves the
+   * name/UUID and stores the UUID-only form. `suggestedComputer` preselects
+   * the dialog when available; `requiredComputer` prevents silent fallback to
+   * any other computer.
+   *
+   * Runtime / model / reasoning effort remain human-picked technical fields.
    */
+  suggestedComputer: idOrHandleSchema.optional(),
+  requiredComputer: idOrHandleSchema.optional(),
   draftHint: draftHintSchema
 });
 var channelAddMemberOperationSchema = external_exports.object({
@@ -14067,6 +14491,11 @@ var actionCardActionSchema = external_exports.discriminatedUnion("type", [
   channelAddMemberOperationSchema
 ]);
 function validateActionCardAction(action) {
+  if (action.type === "agent:create") {
+    if (action.suggestedComputer && action.requiredComputer) {
+      return "agent:create must include only one of suggestedComputer or requiredComputer";
+    }
+  }
   if (action.type === "channel:add_member") {
     const total = (action.humans?.length ?? 0) + (action.agents?.length ?? 0);
     if (total === 0) {
@@ -15004,11 +15433,11 @@ ${opts.heldAction} Review the bounded context shown here, then choose one path.$
 
 // src/commands/message/_continueDraftState.ts
 import fs2 from "fs";
-import os from "os";
-import path from "path";
+import os2 from "os";
+import path3 from "path";
 var DEFAULT_LOCAL_DRAFT_TTL_MS = 10 * 60 * 1e3;
 function stateFilePath(agentId) {
-  return path.join(process.env.SLOCK_CLI_DRAFT_STATE_DIR ?? os.tmpdir(), "slock-cli-attested-send", agentId, "continue-state.json");
+  return path3.join(process.env.SLOCK_CLI_DRAFT_STATE_DIR ?? os2.tmpdir(), "slock-cli-attested-send", agentId, "continue-state.json");
 }
 function readState(agentId) {
   const filePath = stateFilePath(agentId);
@@ -15022,7 +15451,7 @@ function readState(agentId) {
 }
 function writeState(agentId, state) {
   const filePath = stateFilePath(agentId);
-  fs2.mkdirSync(path.dirname(filePath), { recursive: true });
+  fs2.mkdirSync(path3.dirname(filePath), { recursive: true });
   fs2.writeFileSync(filePath, JSON.stringify(state), "utf8");
 }
 function getSavedDraft(agentId, target) {
@@ -15305,8 +15734,8 @@ async function drainInbox(ctx, opts) {
   const query = [];
   if (opts.block) query.push("block=true");
   if (opts.block && opts.timeoutMs !== void 0) query.push(`timeout=${opts.timeoutMs}`);
-  const path2 = query.length > 0 ? `${agentPath}/receive?${query.join("&")}` : `${agentPath}/receive`;
-  const res = await client.request("GET", path2);
+  const path4 = query.length > 0 ? `${agentPath}/receive?${query.join("&")}` : `${agentPath}/receive`;
+  const res = await client.request("GET", path4);
   if (!res.ok) {
     const code = res.status >= 500 ? "SERVER_5XX" : failCode;
     fail(code, res.error ?? `HTTP ${res.status}`);
@@ -15481,7 +15910,7 @@ function registerReactCommand(parent) {
 }
 
 // src/commands/attachment/upload.ts
-import { existsSync, statSync, readFileSync } from "fs";
+import { existsSync, statSync, readFileSync as readFileSync2 } from "fs";
 import { basename } from "path";
 var MAX_ATTACHMENT_UPLOAD_BYTES = 50 * 1024 * 1024;
 var MAX_ATTACHMENT_UPLOAD_LABEL = "50MB";
@@ -15581,12 +16010,12 @@ function registerAttachmentUploadCommand(parent) {
     if (!existsSync(opts.path)) {
       fail("INVALID_ARG", `--path does not exist: ${opts.path}`);
     }
-    const stat = statSync(opts.path);
-    if (!stat.isFile()) {
+    const stat2 = statSync(opts.path);
+    if (!stat2.isFile()) {
       fail("INVALID_ARG", `--path is not a regular file: ${opts.path}`);
     }
     try {
-      validateUploadFileSize(stat.size);
+      validateUploadFileSize(stat2.size);
     } catch (err) {
       if (err instanceof AttachmentUploadArgError) fail(err.code, err.message);
       throw err;
@@ -15609,7 +16038,7 @@ function registerAttachmentUploadCommand(parent) {
       fail(code, resolved.error ?? `Could not resolve channel: ${opts.channel}`);
     }
     const channelId = resolved.data.channelId;
-    const buffer = readFileSync(opts.path);
+    const buffer = readFileSync2(opts.path);
     const filename = basename(opts.path);
     let explicitMimeType;
     try {
@@ -16011,7 +16440,7 @@ function registerProfileShowCommand(parent) {
 
 // src/commands/profile/update.ts
 import { basename as basename2 } from "path";
-import { existsSync as existsSync2, readFileSync as readFileSync2, statSync as statSync2 } from "fs";
+import { existsSync as existsSync2, readFileSync as readFileSync3, statSync as statSync2 } from "fs";
 var MAX_PROFILE_AVATAR_BYTES = 2 * 1024 * 1024;
 var PROFILE_AVATAR_MIME_TYPES = /* @__PURE__ */ new Set([
   "image/jpeg",
@@ -16050,17 +16479,17 @@ function readAvatarFile(avatarFile) {
   if (!existsSync2(avatarFile)) {
     fail("PROFILE_FILE_NOT_FOUND", `Avatar file does not exist: ${avatarFile}`);
   }
-  const stat = statSync2(avatarFile);
-  if (!stat.isFile()) {
+  const stat2 = statSync2(avatarFile);
+  if (!stat2.isFile()) {
     fail("PROFILE_FILE_NOT_FOUND", `Avatar file is not a regular file: ${avatarFile}`);
   }
-  if (stat.size > MAX_PROFILE_AVATAR_BYTES) {
+  if (stat2.size > MAX_PROFILE_AVATAR_BYTES) {
     fail(
       "PROFILE_AVATAR_TOO_LARGE",
-      `Avatar file is ${stat.size} bytes; max size is ${MAX_PROFILE_AVATAR_BYTES} bytes`
+      `Avatar file is ${stat2.size} bytes; max size is ${MAX_PROFILE_AVATAR_BYTES} bytes`
     );
   }
-  const buffer = readFileSync2(avatarFile);
+  const buffer = readFileSync3(avatarFile);
   const filename = basename2(avatarFile);
   const mimeType = inferImageMimeType(filename, buffer);
   if (!mimeType || !PROFILE_AVATAR_MIME_TYPES.has(mimeType)) {
@@ -16683,10 +17112,22 @@ function registerReminderLogCommand(parent) {
 // src/index.ts
 var program = new Command();
 program.name("slock").description(
-  "Agent-facing execution interface for Slock. Invoked by daemon-spawned agent processes \u2014 not a user-facing CLI product."
-).version("0.0.1");
+  "Agent-facing CLI for Slock. Two entry shapes: (A) self-managed agent via `slock agent login --profile-slug <slug>` to create a profile, then `slock --profile <slug>` (or SLOCK_PROFILE=<slug>) to use it; (B) daemon-injected runner, where the local `slock` wrapper sets the SLOCK_AGENT_* env vars for you."
+).option(
+  "-p, --profile <slug>",
+  "Use the credential at $SLOCK_HOME/profiles/<slug>/credential.json (or ~/.slock/profiles/<slug>/credential.json when SLOCK_HOME is unset). Equivalent to setting SLOCK_PROFILE=<slug>. To create a new profile, use `slock agent login --profile-slug <slug>`."
+).version(readCliVersion());
+program.hook("preAction", () => {
+  const opts = program.opts();
+  if (opts.profile) {
+    process.env.SLOCK_PROFILE = opts.profile;
+  }
+});
 var authCmd = program.command("auth").description("Auth introspection");
 registerWhoamiCommand(authCmd);
+var agentCmd = program.command("agent").description("Self-managed agent onboarding (device-code login \u2192 sk_agent_* mint \u2192 ~/.slock/profiles/<slug>/credential.json)");
+registerAgentLoginCommand(agentCmd);
+registerAgentListCommand(agentCmd);
 var channelCmd = program.command("channel").description("Channel membership operations");
 registerChannelMembersCommand(channelCmd);
 registerChannelJoinCommand(channelCmd);