npm - @synkro-sh/cli - Versions diffs - 1.2.6 → 1.3.2 - Mend

@synkro-sh/cli 1.2.6 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/bootstrap.js CHANGED Viewed

@@ -1,6 +1,12 @@
 #!/usr/bin/env node
 var __defProp = Object.defineProperty;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
 var __esm = (fn, res) => function __init() {
   return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
 };
@@ -96,7 +102,7 @@ function removeSynkroEntries(events, eventName) {
   if (!Array.isArray(arr)) return;
   events[eventName] = arr.filter((entry) => !isSynkroEntry(entry));
 }
-function installCCHooks(settingsPath, config) {
+function installCCHooks(settingsPath, config2) {
   const settings = readSettings(settingsPath);
   settings.hooks = settings.hooks ?? {};
   removeSynkroEntries(settings.hooks, "PreToolUse");
@@ -109,11 +115,11 @@ function installCCHooks(settingsPath, config) {
   settings.hooks.SessionEnd = settings.hooks.SessionEnd ?? [];
   settings.hooks.SessionStart = settings.hooks.SessionStart ?? [];
   settings.hooks.PreToolUse.push({
-    matcher: "Bash",
+    matcher: "Bash|Read|Grep|Glob",
     hooks: [
       {
         type: "command",
-        command: config.bashJudgeScriptPath,
+        command: config2.bashJudgeScriptPath,
         timeout: 15
       }
     ],
@@ -124,7 +130,7 @@ function installCCHooks(settingsPath, config) {
     hooks: [
       {
         type: "command",
-        command: config.editPrecheckScriptPath,
+        command: config2.editPrecheckScriptPath,
         timeout: 15
       }
     ],
@@ -135,7 +141,7 @@ function installCCHooks(settingsPath, config) {
     hooks: [
       {
         type: "command",
-        command: config.editCaptureScriptPath,
+        command: config2.editCaptureScriptPath,
         timeout: 20
       }
     ],
@@ -146,7 +152,7 @@ function installCCHooks(settingsPath, config) {
     hooks: [
       {
         type: "command",
-        command: config.bashFollowupScriptPath
+        command: config2.bashFollowupScriptPath
       }
     ],
     [SYNKRO_MARKER]: true
@@ -155,7 +161,7 @@ function installCCHooks(settingsPath, config) {
     hooks: [
       {
         type: "command",
-        command: config.stopSummaryScriptPath
+        command: config2.stopSummaryScriptPath
       }
     ],
     [SYNKRO_MARKER]: true
@@ -164,7 +170,7 @@ function installCCHooks(settingsPath, config) {
     hooks: [
       {
         type: "command",
-        command: config.sessionStartScriptPath
+        command: config2.sessionStartScriptPath
       }
     ],
     [SYNKRO_MARKER]: true
@@ -232,50 +238,50 @@ function readClaudeJson() {
     throw new Error(`Failed to parse ${CC_CONFIG_PATH}: ${err.message}`);
   }
 }
-function writeClaudeJsonAtomic(config) {
+function writeClaudeJsonAtomic(config2) {
   mkdirSync2(dirname2(CC_CONFIG_PATH), { recursive: true });
   const tmpPath = `${CC_CONFIG_PATH}.synkro.tmp`;
-  writeFileSync2(tmpPath, JSON.stringify(config, null, 2) + "\n", "utf-8");
+  writeFileSync2(tmpPath, JSON.stringify(config2, null, 2) + "\n", "utf-8");
   renameSync2(tmpPath, CC_CONFIG_PATH);
 }
 function installMcpConfig(opts) {
-  const config = readClaudeJson();
-  config.mcpServers = config.mcpServers ?? {};
-  for (const [name, entry] of Object.entries(config.mcpServers)) {
-    if (entry?.[SYNKRO_MARKER2] === true) delete config.mcpServers[name];
+  const config2 = readClaudeJson();
+  config2.mcpServers = config2.mcpServers ?? {};
+  for (const [name, entry] of Object.entries(config2.mcpServers)) {
+    if (entry?.[SYNKRO_MARKER2] === true) delete config2.mcpServers[name];
   }
   const url = `${opts.gatewayUrl.replace(/\/$/, "")}/api/v1/mcp/guardrails`;
-  config.mcpServers[SYNKRO_SERVER_NAME] = {
+  config2.mcpServers[SYNKRO_SERVER_NAME] = {
     type: "http",
     url,
     headers: { Authorization: `Bearer ${opts.bearerToken}` },
     [SYNKRO_MARKER2]: true
   };
-  writeClaudeJsonAtomic(config);
+  writeClaudeJsonAtomic(config2);
   return { path: CC_CONFIG_PATH, url };
 }
 function uninstallMcpConfig() {
   if (!existsSync3(CC_CONFIG_PATH)) return false;
-  const config = readClaudeJson();
-  if (!config.mcpServers || Object.keys(config.mcpServers).length === 0) return false;
+  const config2 = readClaudeJson();
+  if (!config2.mcpServers || Object.keys(config2.mcpServers).length === 0) return false;
   let removed = false;
-  for (const [name, entry] of Object.entries(config.mcpServers)) {
+  for (const [name, entry] of Object.entries(config2.mcpServers)) {
     if (entry?.[SYNKRO_MARKER2] === true) {
-      delete config.mcpServers[name];
+      delete config2.mcpServers[name];
       removed = true;
     }
   }
   if (!removed) return false;
-  if (Object.keys(config.mcpServers).length === 0) delete config.mcpServers;
-  writeClaudeJsonAtomic(config);
+  if (Object.keys(config2.mcpServers).length === 0) delete config2.mcpServers;
+  writeClaudeJsonAtomic(config2);
   return true;
 }
 function inspectMcpConfig() {
   if (!existsSync3(CC_CONFIG_PATH)) {
     return { installed: false, configPath: CC_CONFIG_PATH };
   }
-  const config = readClaudeJson();
-  const entry = config.mcpServers?.[SYNKRO_SERVER_NAME];
+  const config2 = readClaudeJson();
+  const entry = config2.mcpServers?.[SYNKRO_SERVER_NAME];
   if (!entry || entry[SYNKRO_MARKER2] !== true) {
     return { installed: false, configPath: CC_CONFIG_PATH };
   }
@@ -336,14 +342,30 @@ if [ -z "$PAYLOAD" ]; then
   exit 0
 fi
-# Only run on Bash tool calls
+# Translate tool calls into a command string for the judge
 TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-if [ "$TOOL_NAME" != "Bash" ]; then
-  echo '{}'
-  exit 0
-fi
-COMMAND=$(echo "$PAYLOAD" | jq -r '.tool_input.command // empty' 2>/dev/null)
+case "$TOOL_NAME" in
+  Bash)
+    COMMAND=$(echo "$PAYLOAD" | jq -r '.tool_input.command // empty' 2>/dev/null)
+    ;;
+  Read)
+    FILE_PATH=$(echo "$PAYLOAD" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+    COMMAND="cat \${FILE_PATH}"
+    ;;
+  Grep)
+    PATTERN=$(echo "$PAYLOAD" | jq -r '.tool_input.pattern // empty' 2>/dev/null)
+    GREP_PATH=$(echo "$PAYLOAD" | jq -r '.tool_input.path // "."' 2>/dev/null)
+    COMMAND="grep -r '\${PATTERN}' \${GREP_PATH}"
+    ;;
+  Glob)
+    PATTERN=$(echo "$PAYLOAD" | jq -r '.tool_input.pattern // empty' 2>/dev/null)
+    COMMAND="find . -name '\${PATTERN}'"
+    ;;
+  *)
+    echo '{}'
+    exit 0
+    ;;
+esac
 if [ -z "$COMMAND" ]; then
   echo '{}'
   exit 0
@@ -364,7 +386,7 @@ TRANSCRIPT_PATH=$(echo "$PAYLOAD" | jq -r '.transcript_path // empty' 2>/dev/nul
 SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
 TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
 CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
-TOOL_INPUT=$(echo "$PAYLOAD" | jq -c '.tool_input // {}' 2>/dev/null)
+TOOL_INPUT=$(echo "$PAYLOAD" | jq -c --arg cmd "$COMMAND" '.tool_input // {} | . + {command: $cmd}' 2>/dev/null)
 # Detect git remote origin \u2192 repo identity (e.g. "owner/repo")
 GIT_REPO=""
 if command -v git >/dev/null 2>&1; then
@@ -384,11 +406,9 @@ if [ "\${SYNKRO_HEADLESS:-0}" = "1" ]; then IS_HEADLESS=1; fi
 USER_INTENT=""
 RECENT_USER_MESSAGES="[]"
+RECENT_MESSAGES="[]"
 RECENT_ACTIONS="[]"
 if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
-  # Last 5 user-role messages, oldest first. Lets the grader see consent
-  # that carried over from a recent prior turn \u2014 saying "i consent" two
-  # turns ago should not require re-prompting on this turn's command.
   RECENT_USER_MESSAGES=$(tail -400 "$TRANSCRIPT_PATH" | jq -c -s '
     [.[]
       | select(.type == "user")
@@ -399,16 +419,78 @@ if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
       | select(. != null and . != "")
     ] | .[-5:]' 2>/dev/null || echo "[]")
   USER_INTENT=$(echo "$RECENT_USER_MESSAGES" | jq -r '.[-1] // ""' 2>/dev/null || echo "")
-  # Recent agent actions (last 5 tool_use blocks)
-  RECENT_ACTIONS=$(tail -200 "$TRANSCRIPT_PATH" | jq -c -s '
+  # Interleaved assistant+user messages \u2014 lets the grader see what question
+  # each "yes" was answering (assistant text before user reply).
+  RECENT_MESSAGES=$(tail -400 "$TRANSCRIPT_PATH" | jq -c -s '
     [.[]
+      | select(.type == "assistant" or .type == "user")
+      | {
+          role: .type,
+          text: (
+            if .type == "assistant" then
+              [.message.content[]? | select(type == "object" and .type == "text") | .text // ""] | join(" ") | .[0:500]
+            else
+              (.message.content
+                | if type == "string" then .[0:500]
+                  else ([.[]? | if type == "string" then . elif (type == "object" and .type == "text") then (.text // "") else "" end] | join(" ") | .[0:500])
+                  end)
+            end
+          )
+        }
+      | select(.text != "" and .text != null and (.text | length) > 0)
+    ] | .[-10:]' 2>/dev/null || echo "[]")
+  # Recent agent actions (last 5 tool_use blocks paired with results)
+  RECENT_ACTIONS=$(tail -400 "$TRANSCRIPT_PATH" | jq -c -s '
+    # tool_result blocks live in USER messages (Anthropic API format)
+    ([ .[]
+       | select(.type == "user")
+       | .message.content[]?
+       | select(type == "object" and .type == "tool_result")
+       | { (.tool_use_id): (.content // "" | tostring | .[0:300]) }
+     ] | add // {}) as $results
+    |
+    [ .[]
       | select(.type == "assistant")
       | .message.content[]?
       | select(.type == "tool_use")
-      | { tool: .name, input: (.input // {} | tostring | .[0:200]) }
+      | {
+          tool: .name,
+          input: (.input // {} | tostring | .[0:200]),
+          result: ($results[.id] // null)
+        }
     ] | .[-5:]' 2>/dev/null || echo "[]")
 fi
+CC_MODEL=""
+CC_USAGE="{}"
+if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
+  _LAST_ASSISTANT=$(tail -50 "$TRANSCRIPT_PATH" | jq -c 'select(.type == "assistant")' 2>/dev/null | tail -1)
+  if [ -n "$_LAST_ASSISTANT" ]; then
+    CC_MODEL=$(echo "$_LAST_ASSISTANT" | jq -r '.message.model // empty' 2>/dev/null)
+    CC_USAGE=$(echo "$_LAST_ASSISTANT" | jq -c '{
+      input_tokens: .message.usage.input_tokens,
+      output_tokens: .message.usage.output_tokens,
+      cache_creation_input_tokens: .message.usage.cache_creation_input_tokens,
+      cache_read_input_tokens: .message.usage.cache_read_input_tokens,
+      service_tier: .message.usage.service_tier,
+      speed: .message.usage.speed
+    }' 2>/dev/null || echo "{}")
+  fi
+fi
+# Extract session summary from CC compaction (free broad context)
+SESSION_SUMMARY=""
+if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
+  _SUMMARY_LINE=$(grep -n '"This session is being continued' "$TRANSCRIPT_PATH" 2>/dev/null | tail -1 | cut -d: -f1)
+  if [ -n "$_SUMMARY_LINE" ]; then
+    SESSION_SUMMARY=$(sed -n "\${_SUMMARY_LINE}p" "$TRANSCRIPT_PATH" | jq -r '
+      .message.content
+      | if type == "string" then .[0:2000]
+        else ([.[]? | if type == "string" then . elif (type == "object" and .type == "text") then (.text // "") else "" end] | join(" ") | .[0:2000])
+        end' 2>/dev/null || echo "")
+  fi
+fi
 # Build POST body \u2014 always emit all fields (use null for empty optionals)
 # Earlier version used \`select(length > 0)\` which made the entire object
 # evaluate to nothing when any optional was empty. Don't do that.
@@ -416,21 +498,29 @@ BODY=$(jq -n \\
   --argjson tool_input "$TOOL_INPUT" \\
   --arg user_intent "$USER_INTENT" \\
   --argjson recent_user_messages "$RECENT_USER_MESSAGES" \\
+  --argjson recent_messages "$RECENT_MESSAGES" \\
   --argjson recent_actions "$RECENT_ACTIONS" \\
   --arg session_id "$SESSION_ID" \\
   --arg tool_use_id "$TOOL_USE_ID" \\
   --arg cwd "$CWD" \\
   --arg repo "$GIT_REPO" \\
+  --arg cc_model "$CC_MODEL" \\
+  --argjson cc_usage "$CC_USAGE" \\
+  --arg session_summary "$SESSION_SUMMARY" \\
   '{
     kind: "bash_judge",
     tool_input: $tool_input,
     user_intent: (if ($user_intent | length) > 0 then $user_intent else null end),
     recent_user_messages: $recent_user_messages,
+    recent_messages: $recent_messages,
     recent_actions: $recent_actions,
     session_id: (if ($session_id | length) > 0 then $session_id else null end),
     tool_use_id: (if ($tool_use_id | length) > 0 then $tool_use_id else null end),
     cwd: (if ($cwd | length) > 0 then $cwd else null end),
-    repo: (if ($repo | length) > 0 then $repo else null end)
+    repo: (if ($repo | length) > 0 then $repo else null end),
+    cc_model: (if ($cc_model | length) > 0 then $cc_model else null end),
+    cc_usage: $cc_usage,
+    session_summary: (if ($session_summary | length) > 0 then $session_summary else null end)
   }')
 # Helper: refresh JWT via /api/auth/refresh and rewrite credentials.json.
@@ -546,23 +636,15 @@ if [ -z "$VERDICT" ]; then
 fi
 # Parse verdict \u2014 fail open on any parse error
-SEVERITY=$(echo "$VERDICT" | jq -r '.severity // "medium"' 2>/dev/null)
+SEVERITY=$(echo "$VERDICT" | jq -r '.severity // "audit"' 2>/dev/null)
 VERDICT_KIND=$(echo "$VERDICT" | jq -r '.verdict // "warn"' 2>/dev/null)
 REASONING=$(echo "$VERDICT" | jq -r '.reasoning // "matched dangerous-verb regex"' 2>/dev/null)
 ALTERNATIVE=$(echo "$VERDICT" | jq -r '.alternative // ""' 2>/dev/null)
 CATEGORY=$(echo "$VERDICT" | jq -r '.category // "destructive_command"' 2>/dev/null)
 # Severity-driven surfacing:
-#   critical \u2192 permissionDecision: "deny"  \u2014 block outright
-#   high     \u2192 permissionDecision: "ask"   \u2014 force user confirmation
-#   medium   \u2192 silent allow (echo {})      \u2014 Cerebras saw it, judged the
-#                                            intent fits, no surface
-#   low      \u2192 silent allow (echo {})      \u2014 same
-#
-# The grader is fully context-aware now (intent + recent_actions + shape
-# labels), so its severity grade is trustworthy. Low/medium decisions don't
-# need to interrupt the user \u2014 surfacing them creates alert fatigue and
-# trains the user to click-through on warnings that turn out to be benign.
+#   block \u2192 permissionDecision: "ask" (interactive) or "deny" (headless)
+#   audit \u2192 silent allow \u2014 logged but no interruption
 ALT_SUFFIX=""
 if [ -n "$ALTERNATIVE" ] && [ "$ALTERNATIVE" != "null" ]; then
@@ -570,26 +652,9 @@ if [ -n "$ALTERNATIVE" ] && [ "$ALTERNATIVE" != "null" ]; then
 fi
 case "$SEVERITY" in
-  critical)
-    synkro_log "bashGuard $CMD_SHORT \u2192 BLOCKED ($CATEGORY)"
-    PERMISSION_REASON="[synkro] BLOCKED \u2014 \${REASONING}\${ALT_SUFFIX}"
-    ADDITIONAL_CTX="Synkro safety judge (severity: critical, category: \${CATEGORY}).\${ALT_SUFFIX}"
-    jq -n \\
-      --arg ctx "$ADDITIONAL_CTX" \\
-      --arg reason "$PERMISSION_REASON" \\
-      '{
-        hookSpecificOutput: {
-          hookEventName: "PreToolUse",
-          permissionDecision: "deny",
-          permissionDecisionReason: $reason,
-          additionalContext: $ctx
-        }
-      }'
-    ;;
-  high)
-    synkro_log "bashGuard $CMD_SHORT \u2192 FLAGGED ($CATEGORY)"
+  block)
     PERMISSION_REASON="[synkro] \${REASONING}\${ALT_SUFFIX}"
-    ADDITIONAL_CTX="Synkro safety judge (severity: high, category: \${CATEGORY}).\${ALT_SUFFIX}"
+    ADDITIONAL_CTX="Synkro safety judge (severity: \${SEVERITY}, category: \${CATEGORY}). Reasoning: \${REASONING}.\${ALT_SUFFIX}"
     if [ "$IS_HEADLESS" = "1" ]; then DECISION="deny"; else DECISION="ask"; fi
     jq -n \\
       --arg ctx "$ADDITIONAL_CTX" \\
@@ -604,7 +669,7 @@ case "$SEVERITY" in
         }
       }'
     ;;
-  *)
+  audit)
     synkro_log "bashGuard $CMD_SHORT \u2192 pass ($CATEGORY): $REASONING"
     case "$CATEGORY" in
       trivial_utility)
@@ -615,6 +680,21 @@ case "$SEVERITY" in
         jq -n --arg m "[synkro] bashGuard \u2192 pass ($CATEGORY): $REASONING" '{systemMessage: $m}' ;;
     esac
     ;;
+  *)
+    synkro_log "bashGuard $CMD_SHORT \u2192 UNEXPECTED SEVERITY ($SEVERITY), blocking by default"
+    if [ "$IS_HEADLESS" = "1" ]; then DECISION="deny"; else DECISION="ask"; fi
+    jq -n \\
+      --arg decision "$DECISION" \\
+      --arg reason "[synkro] unexpected severity '\${SEVERITY}' \u2014 blocking by default. Please email team@synkro.sh to report this issue." \\
+      '{
+        hookSpecificOutput: {
+          hookEventName: "PreToolUse",
+          permissionDecision: $decision,
+          permissionDecisionReason: $reason,
+          additionalContext: "Synkro safety judge returned an unexpected severity value. This command has been blocked as a precaution. Please email team@synkro.sh with details of the command you were running."
+        }
+      }'
+    ;;
 esac
 exit 0
@@ -983,8 +1063,14 @@ if [ "$DECISION" = "deny" ]; then
   synkro_log "editGuard $FILE_SHORT \u2192 BLOCKED: $DENY_REASON"
   echo "$RESP"
 else
-  synkro_log "editGuard $FILE_SHORT \u2192 pass"
-  RESP_WITH_MSG=$(echo "$RESP" | jq --arg m "[synkro] editGuard $FILE_SHORT \u2192 pass" '. + {systemMessage: $m}')
+  VERDICT_REASON=$(echo "$RESP" | jq -r '.reason // empty' 2>/dev/null)
+  if [ -n "$VERDICT_REASON" ]; then
+    synkro_log "editGuard $FILE_SHORT \u2192 pass: $VERDICT_REASON"
+    RESP_WITH_MSG=$(echo "$RESP" | jq --arg m "[synkro] editGuard $FILE_SHORT \u2192 pass: $VERDICT_REASON" '. + {systemMessage: $m}')
+  else
+    synkro_log "editGuard $FILE_SHORT \u2192 pass"
+    RESP_WITH_MSG=$(echo "$RESP" | jq --arg m "[synkro] editGuard $FILE_SHORT \u2192 pass" '. + {systemMessage: $m}')
+  fi
   echo "$RESP_WITH_MSG"
 fi
@@ -1232,8 +1318,13 @@ if [ "$OK" = "false" ] && [ -n "$REASON" ]; then
   exit 0
 fi
-synkro_log "editScan $BASENAME \u2192 pass"
-jq -n --arg m "[synkro] editScan $BASENAME \u2192 pass" '{systemMessage: $m}'
+if [ -n "$REASON" ]; then
+  synkro_log "editScan $BASENAME \u2192 pass ($CATEGORY): $REASON"
+  jq -n --arg m "[synkro] editScan $BASENAME \u2192 pass ($CATEGORY): $REASON" '{systemMessage: $m}'
+else
+  synkro_log "editScan $BASENAME \u2192 pass"
+  jq -n --arg m "[synkro] editScan $BASENAME \u2192 pass" '{systemMessage: $m}'
+fi
 exit 0
 `;
     CC_STOP_SUMMARY_SCRIPT = `#!/bin/bash
@@ -1335,8 +1426,17 @@ if [ -z "$CWD" ]; then
   exit 0
 fi
+GIT_REPO=""
+if command -v git >/dev/null 2>&1; then
+  _REMOTE=$(git -C "\${CWD:-.}" remote get-url origin 2>/dev/null || true)
+  if [ -n "$_REMOTE" ]; then
+    GIT_REPO=$(echo "$_REMOTE" | sed -E 's|^git@[^:]+:||; s|^https?://[^/]+/||; s|\\.git$||')
+  fi
+fi
 RESP=$(curl -sS -G "\${GATEWAY_URL}/api/v1/cli/session-context" \\
   --data-urlencode "cwd=$CWD" \\
+  --data-urlencode "repo=$GIT_REPO" \\
   -H "Authorization: Bearer $JWT" \\
   --max-time 2 2>/dev/null || echo "")
@@ -2075,12 +2175,64 @@ function getAccessToken() {
   const creds = loadCredentials();
   return creds?.access_token || null;
 }
+function isTokenExpired() {
+  const creds = loadCredentials();
+  if (!creds) return true;
+  try {
+    const decoded = jwt.decode(creds.access_token);
+    if (!decoded?.exp) return true;
+    const expiresAt = decoded.exp * 1e3;
+    const buffer = 5 * 60 * 1e3;
+    return Date.now() > expiresAt - buffer;
+  } catch {
+    return true;
+  }
+}
+async function refreshToken() {
+  const creds = loadCredentials();
+  if (!creds?.refresh_token) return false;
+  try {
+    const response = await fetch(`${SYNKRO_WEB_AUTH_URL}/api/auth/refresh`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ refresh_token: creds.refresh_token })
+    });
+    if (!response.ok) return false;
+    const data = await response.json();
+    if (data.access_token) {
+      saveCredentials({
+        access_token: data.access_token,
+        refresh_token: data.refresh_token || creds.refresh_token
+      });
+      return true;
+    }
+    return false;
+  } catch {
+    return false;
+  }
+}
+async function ensureValidToken() {
+  if (!isAuthenticated()) return false;
+  if (isTokenExpired()) {
+    if (!refreshPromise) {
+      refreshPromise = refreshToken().finally(() => {
+        refreshPromise = null;
+      });
+    }
+    const refreshed = await refreshPromise;
+    if (!refreshed) {
+      clearCredentials();
+      return false;
+    }
+  }
+  return true;
+}
 function clearCredentials() {
   if (existsSync4(AUTH_FILE)) {
     unlinkSync2(AUTH_FILE);
   }
 }
-var PORT, RAW_WEB_AUTH_URL, SYNKRO_WEB_AUTH_URL, AUTH_FILE, ERROR_HTML;
+var PORT, RAW_WEB_AUTH_URL, SYNKRO_WEB_AUTH_URL, AUTH_FILE, ERROR_HTML, refreshPromise;
 var init_stub = __esm({
   "cli/auth/stub.ts"() {
     "use strict";
@@ -2128,147 +2280,550 @@ var init_stub = __esm({
 </body>
 </html>
 `;
+    refreshPromise = null;
   }
 });
-// cli/commands/install.ts
-var install_exports = {};
-__export(install_exports, {
-  installCommand: () => installCommand,
-  parseArgs: () => parseArgs
-});
-import { existsSync as existsSync5, mkdirSync as mkdirSync4, writeFileSync as writeFileSync4, chmodSync, readFileSync as readFileSync4 } from "fs";
-import { homedir as homedir4 } from "os";
-import { join as join4 } from "path";
-function sanitizeGatewayCandidate(raw) {
-  if (!raw) return void 0;
-  return /^https?:\/\//.test(raw) ? raw : void 0;
-}
-function parseArgs(argv) {
-  const opts = {};
-  for (const a of argv) {
-    if (a.startsWith("--api-key=")) opts.apiKey = a.slice("--api-key=".length);
-    else if (a.startsWith("--gateway=")) opts.gatewayUrl = a.slice("--gateway=".length);
-    else if (a === "--skip-auth") opts.skipAuth = true;
-    else if (a === "--no-mcp") opts.noMcp = true;
-    else if (a === "--force" || a === "-f") opts.force = true;
+// cli/auth/index.ts
+var init_auth = __esm({
+  "cli/auth/index.ts"() {
+    "use strict";
+    init_stub();
   }
-  if (!opts.gatewayUrl) {
-    const fromEnv = sanitizeGatewayCandidate(process.env.SYNKRO_GATEWAY_URL);
-    if (fromEnv) opts.gatewayUrl = fromEnv;
+});
+// cli/api/projects.ts
+import { config } from "dotenv";
+async function callApi(method, endpoint, body) {
+  if (!API_URL) {
+    throw new Error("SYNKRO_CRUD_URL (or SYNKRO_API_URL) is not set. Add it to your .env file.");
   }
-  return opts;
-}
-function ensureSynkroDir() {
-  mkdirSync4(SYNKRO_DIR, { recursive: true });
-  mkdirSync4(HOOKS_DIR, { recursive: true });
-  mkdirSync4(BIN_DIR, { recursive: true });
-}
-function writeGraderDaemon() {
-  writeFileSync4(GRADER_DAEMON_PATH, GRADER_DAEMON_PY, "utf-8");
-  chmodSync(GRADER_DAEMON_PATH, 493);
-  writeFileSync4(GRADER_PRIMER_EDIT_PATH, GRADER_PRIMER_EDIT, "utf-8");
-  chmodSync(GRADER_PRIMER_EDIT_PATH, 420);
-  writeFileSync4(GRADER_PRIMER_BASH_PATH, GRADER_PRIMER_BASH, "utf-8");
-  chmodSync(GRADER_PRIMER_BASH_PATH, 420);
-}
-function writeHookScripts() {
-  const bashScriptPath = join4(HOOKS_DIR, "cc-bash-judge.sh");
-  const bashFollowupScriptPath = join4(HOOKS_DIR, "cc-bash-followup.sh");
-  const editCaptureScriptPath = join4(HOOKS_DIR, "cc-edit-capture.sh");
-  const editPrecheckScriptPath = join4(HOOKS_DIR, "cc-edit-precheck.sh");
-  const stopSummaryScriptPath = join4(HOOKS_DIR, "cc-stop-summary.sh");
-  const sessionStartScriptPath = join4(HOOKS_DIR, "cc-session-start.sh");
-  writeFileSync4(bashScriptPath, CC_BASH_JUDGE_SCRIPT, "utf-8");
-  writeFileSync4(bashFollowupScriptPath, CC_BASH_FOLLOWUP_SCRIPT, "utf-8");
-  writeFileSync4(editCaptureScriptPath, CC_EDIT_CAPTURE_SCRIPT, "utf-8");
-  writeFileSync4(editPrecheckScriptPath, CC_EDIT_PRECHECK_SCRIPT, "utf-8");
-  writeFileSync4(stopSummaryScriptPath, CC_STOP_SUMMARY_SCRIPT, "utf-8");
-  writeFileSync4(sessionStartScriptPath, CC_SESSION_START_SCRIPT, "utf-8");
-  chmodSync(bashScriptPath, 493);
-  chmodSync(bashFollowupScriptPath, 493);
-  chmodSync(editCaptureScriptPath, 493);
-  chmodSync(editPrecheckScriptPath, 493);
-  chmodSync(stopSummaryScriptPath, 493);
-  chmodSync(sessionStartScriptPath, 493);
-  return {
-    bashScript: bashScriptPath,
-    bashFollowupScript: bashFollowupScriptPath,
-    editCaptureScript: editCaptureScriptPath,
-    editPrecheckScript: editPrecheckScriptPath,
-    stopSummaryScript: stopSummaryScriptPath,
-    sessionStartScript: sessionStartScriptPath
+  const url = `${API_URL}${endpoint}`;
+  const accessToken = getAccessToken();
+  const headers = {
+    "Content-Type": "application/json"
   };
+  if (accessToken) {
+    headers["Authorization"] = `Bearer ${accessToken}`;
+  }
+  const response = await fetch(url, {
+    method,
+    headers,
+    body: body ? JSON.stringify(body) : void 0
+  });
+  if (!response.ok) {
+    const error = await response.json().catch(() => ({ detail: response.statusText }));
+    throw new Error(error.detail || `API error: ${response.status}`);
+  }
+  return response.json();
 }
-function sanitizeConfigValue(raw, maxLen = 256) {
-  if (!raw) return "";
-  return raw.replace(/[^\x20-\x7E]/g, "").slice(0, maxLen);
+async function createProject(name, repos) {
+  const body = { name };
+  if (repos && repos.length > 0) body.repos = repos;
+  return callApi("POST", "/projects", body);
 }
-function shellQuoteSingle(value) {
-  return `'${value.replace(/'/g, "'\\''")}'`;
+async function listProjects() {
+  return callApi("GET", "/projects");
 }
-function writeConfigEnv(opts) {
-  const credsPath = join4(SYNKRO_DIR, "credentials.json");
-  const safeGateway = sanitizeConfigValue(opts.gatewayUrl);
-  const safeUserId = sanitizeConfigValue(opts.userId);
-  const safeOrgId = sanitizeConfigValue(opts.orgId);
-  const safeEmail = sanitizeConfigValue(opts.email);
-  const safeTier = sanitizeConfigValue(opts.tier ?? "pro", 32);
-  const lines = [
-    "# Synkro CLI config (managed by synkro install)",
-    "# JWT auth \u2014 the hook scripts read SYNKRO_CREDENTIALS_PATH at runtime",
-    "# and send Authorization: Bearer <access_token> on every gateway call.",
-    `SYNKRO_GATEWAY_URL=${shellQuoteSingle(safeGateway)}`,
-    `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
-    `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.2.6")}`
-  ];
-  if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
-  if (safeOrgId) lines.push(`SYNKRO_ORG_ID=${shellQuoteSingle(safeOrgId)}`);
-  if (safeEmail) lines.push(`SYNKRO_EMAIL=${shellQuoteSingle(safeEmail)}`);
-  lines.push("");
-  writeFileSync4(CONFIG_PATH, lines.join("\n"), "utf-8");
-  chmodSync(CONFIG_PATH, 384);
+async function unlinkRepo(projectId, repoId) {
+  return callApi("DELETE", `/projects/${projectId}/repos/${repoId}`);
 }
-function assertGatewayAllowed(gatewayUrl) {
-  let parsed;
-  try {
-    parsed = new URL(gatewayUrl);
-  } catch {
-    throw new Error(`Invalid gateway URL: ${gatewayUrl}`);
-  }
-  const proto = parsed.protocol;
-  const host = parsed.hostname;
-  if (proto !== "http:" && proto !== "https:") {
-    throw new Error(`Gateway URL must be http(s); got ${proto}`);
-  }
-  const isLocalhost = host === "localhost" || host === "127.0.0.1" || host === "::1";
-  const isSynkro = host === "synkro.sh" || host.endsWith(".synkro.sh");
-  if (proto === "http:" && !isLocalhost) {
-    throw new Error(`Gateway URL must be HTTPS for non-localhost hosts; got ${gatewayUrl}`);
+var API_URL;
+var init_projects = __esm({
+  "cli/api/projects.ts"() {
+    "use strict";
+    init_auth();
+    config({ quiet: true });
+    API_URL = process.env.SYNKRO_CRUD_URL || process.env.SYNKRO_API_URL;
   }
-  if (!isLocalhost && !isSynkro) {
-    throw new Error(`Gateway host not in allowlist (synkro.sh or *.synkro.sh): ${host}`);
+});
+// cli/installer/workflowTemplate.ts
+var SYNKRO_WORKFLOW_YAML, WORKFLOW_PATH;
+var init_workflowTemplate = __esm({
+  "cli/installer/workflowTemplate.ts"() {
+    "use strict";
+    SYNKRO_WORKFLOW_YAML = `name: Synkro Security Review
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      checks: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Cache npm globals
+        id: cache-npm-global
+        uses: actions/cache@v4
+        with:
+          path: ~/.npm-global
+          key: synkro-cli-\${{ runner.os }}-v1
+      - name: Install Synkro CLI + Claude Code CLI
+        run: |
+          npm config set prefix ~/.npm-global
+          npm install -g @synkro-sh/cli @anthropic-ai/claude-code
+          echo "~/.npm-global/bin" >> $GITHUB_PATH
+      - name: Run Synkro PR scan
+        run: synkro-cli scan-pr
+        env:
+          CLAUDE_CODE_OAUTH_TOKEN: \${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          SYNKRO_API_KEY: \${{ secrets.SYNKRO_API_KEY }}
+          GH_TOKEN: \${{ secrets.GITHUB_TOKEN }}
+          SYNKRO_PR_NUMBER: \${{ github.event.pull_request.number }}
+          SYNKRO_REPO: \${{ github.repository }}
+          SYNKRO_SHA: \${{ github.event.pull_request.head.sha }}
+          SYNKRO_GATEWAY_URL: \${{ vars.SYNKRO_GATEWAY_URL || 'https://api.synkro.sh' }}
+`;
+    WORKFLOW_PATH = ".github/workflows/synkro.yml";
   }
+});
+// cli/installer/githubSetup.ts
+import { existsSync as existsSync5, mkdirSync as mkdirSync4, writeFileSync as writeFileSync4 } from "fs";
+import { join as join4 } from "path";
+async function encryptSecret(publicKeyBase64, secret) {
+  const sodium = await import("libsodium-wrappers").then((m) => m.default ?? m);
+  await sodium.ready;
+  const keyBytes = sodium.from_base64(publicKeyBase64, sodium.base64_variants.ORIGINAL);
+  const messageBytes = sodium.from_string(secret);
+  const encryptedBytes = sodium.crypto_box_seal(messageBytes, keyBytes);
+  return sodium.to_base64(encryptedBytes, sodium.base64_variants.ORIGINAL);
 }
-function isAlreadyInstalled() {
-  const requiredScripts = [
-    join4(HOOKS_DIR, "cc-bash-judge.sh"),
-    join4(HOOKS_DIR, "cc-bash-followup.sh"),
-    join4(HOOKS_DIR, "cc-edit-precheck.sh"),
-    join4(HOOKS_DIR, "cc-edit-capture.sh"),
-    join4(HOOKS_DIR, "cc-stop-summary.sh"),
-    join4(HOOKS_DIR, "cc-session-start.sh")
-  ];
-  if (!requiredScripts.every((p) => existsSync5(p))) return false;
-  if (!existsSync5(CONFIG_PATH)) return false;
-  const settingsPath = join4(homedir4(), ".claude", "settings.json");
-  if (!existsSync5(settingsPath)) return false;
-  try {
-    const settings = JSON.parse(readFileSync4(settingsPath, "utf-8"));
-    const hooks = settings?.hooks;
-    if (!hooks || typeof hooks !== "object") return false;
-    const hasManaged = (kind) => Array.isArray(hooks[kind]) && hooks[kind].some((entry) => entry?.__synkro_managed__ === true);
+async function getRepoPublicKey(opts, owner, repo) {
+  const url = `https://api.github.com/repos/${owner}/${repo}/actions/secrets/public-key`;
+  const resp = await fetch(url, {
+    headers: {
+      Authorization: `Bearer ${opts.token}`,
+      Accept: "application/vnd.github+json",
+      "X-GitHub-Api-Version": "2022-11-28"
+    }
+  });
+  if (!resp.ok) {
+    const text = await resp.text().catch(() => "");
+    throw new Error(`GitHub API ${resp.status} fetching public key for ${owner}/${repo}: ${text.slice(0, 200)}`);
+  }
+  return await resp.json();
+}
+async function putRepoSecret(opts, owner, repo, secretName, secretValue, publicKey) {
+  const encryptedValue = await encryptSecret(publicKey.key, secretValue);
+  const url = `https://api.github.com/repos/${owner}/${repo}/actions/secrets/${encodeURIComponent(secretName)}`;
+  const resp = await fetch(url, {
+    method: "PUT",
+    headers: {
+      Authorization: `Bearer ${opts.token}`,
+      Accept: "application/vnd.github+json",
+      "X-GitHub-Api-Version": "2022-11-28",
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify({
+      encrypted_value: encryptedValue,
+      key_id: publicKey.key_id
+    })
+  });
+  if (!resp.ok) {
+    const text = await resp.text().catch(() => "");
+    throw new Error(`GitHub API ${resp.status} setting secret ${secretName}: ${text.slice(0, 200)}`);
+  }
+}
+async function listAccessibleRepos(opts) {
+  const repos = [];
+  let page = 1;
+  while (page <= 5) {
+    const url = `https://api.github.com/user/repos?per_page=100&page=${page}&affiliation=owner,collaborator`;
+    const resp = await fetch(url, {
+      headers: {
+        Authorization: `Bearer ${opts.token}`,
+        Accept: "application/vnd.github+json",
+        "X-GitHub-Api-Version": "2022-11-28"
+      }
+    });
+    if (!resp.ok) {
+      throw new Error(`GitHub API ${resp.status} listing repos`);
+    }
+    const data = await resp.json();
+    if (data.length === 0) break;
+    for (const r of data) {
+      repos.push({ owner: r.owner.login, repo: r.name, full_name: r.full_name });
+    }
+    if (data.length < 100) break;
+    page++;
+  }
+  return repos;
+}
+async function pushSecretsToRepo(opts, owner, repo, secrets) {
+  const pubkey = await getRepoPublicKey(opts, owner, repo);
+  await putRepoSecret(opts, owner, repo, "CLAUDE_CODE_OAUTH_TOKEN", secrets.claudeCodeOauthToken, pubkey);
+  await putRepoSecret(opts, owner, repo, "SYNKRO_API_KEY", secrets.synkroApiKey, pubkey);
+}
+function writeWorkflowFile(repoRootPath) {
+  const workflowDir = join4(repoRootPath, ".github", "workflows");
+  mkdirSync4(workflowDir, { recursive: true });
+  const workflowFile = join4(workflowDir, "synkro.yml");
+  writeFileSync4(workflowFile, SYNKRO_WORKFLOW_YAML, "utf-8");
+  return workflowFile;
+}
+function findGitRoot(startCwd) {
+  let cur = startCwd;
+  while (cur && cur !== "/") {
+    if (existsSync5(join4(cur, ".git"))) return cur;
+    const parent = join4(cur, "..");
+    if (parent === cur) break;
+    cur = parent;
+  }
+  return null;
+}
+var SECRET_NAMES, WORKFLOW_RELATIVE_PATH;
+var init_githubSetup = __esm({
+  "cli/installer/githubSetup.ts"() {
+    "use strict";
+    init_workflowTemplate();
+    SECRET_NAMES = {
+      CLAUDE_OAUTH: "CLAUDE_CODE_OAUTH_TOKEN",
+      SYNKRO_API_KEY: "SYNKRO_API_KEY"
+    };
+    WORKFLOW_RELATIVE_PATH = WORKFLOW_PATH;
+  }
+});
+// cli/commands/repoConnect.ts
+import { execSync as execSync2 } from "child_process";
+import { createServer as createServer2 } from "http";
+import { createInterface } from "readline";
+function detectGitRepo() {
+  try {
+    const remoteUrl = execSync2("git remote get-url origin", { encoding: "utf-8", timeout: 5e3 }).trim();
+    const match = remoteUrl.match(/(?:github\.com|gitlab\.com|bitbucket\.org)[:/](.+?)(?:\.git)?$/);
+    if (!match) return null;
+    const fullName = match[1];
+    return { fullName, shortName: fullName.split("/").pop() || fullName };
+  } catch {
+    return null;
+  }
+}
+function ask(rl, question) {
+  return new Promise((resolve2) => rl.question(question, resolve2));
+}
+function waitForGithubToken() {
+  return new Promise((resolve2, reject) => {
+    const server = createServer2((req, res) => {
+      if (req.method === "OPTIONS") {
+        res.writeHead(204, {
+          "Access-Control-Allow-Origin": SYNKRO_WEB_AUTH_URL2,
+          "Access-Control-Allow-Methods": "POST, OPTIONS",
+          "Access-Control-Allow-Headers": "Content-Type"
+        });
+        res.end();
+        return;
+      }
+      if (req.url !== "/auth" || req.method !== "POST") {
+        res.writeHead(404);
+        res.end();
+        return;
+      }
+      let body = "";
+      req.on("data", (chunk) => {
+        body += chunk;
+      });
+      req.on("end", () => {
+        try {
+          const parsed = JSON.parse(body);
+          if (!parsed.github_token) {
+            res.writeHead(400, {
+              "Content-Type": "application/json",
+              "Access-Control-Allow-Origin": SYNKRO_WEB_AUTH_URL2
+            });
+            res.end(JSON.stringify({ error: "missing github_token" }));
+            return;
+          }
+          res.writeHead(200, {
+            "Content-Type": "application/json",
+            "Access-Control-Allow-Origin": SYNKRO_WEB_AUTH_URL2
+          });
+          res.end(JSON.stringify({ ok: true }));
+          setTimeout(() => server.close(), 200);
+          resolve2(parsed.github_token);
+        } catch {
+          res.writeHead(400, { "Content-Type": "application/json" });
+          res.end(JSON.stringify({ error: "invalid json" }));
+        }
+      });
+    });
+    server.on("error", (err) => {
+      if (err.code === "EADDRINUSE") {
+        reject(new Error(`Port ${GITHUB_PORT} is in use. Close other processes and try again.`));
+      } else {
+        reject(err);
+      }
+    });
+    server.listen(GITHUB_PORT);
+  });
+}
+function openBrowser2(url) {
+  const { execFile: execFile2 } = __require("child_process");
+  const plat = process.platform;
+  if (plat === "darwin") execFile2("open", [url]);
+  else if (plat === "win32") execFile2("cmd", ["/c", "start", "", url]);
+  else execFile2("xdg-open", [url]);
+}
+async function connectGithubAndSelectRepos() {
+  const url = `${SYNKRO_WEB_AUTH_URL2}/cli-github?port=${GITHUB_PORT}`;
+  console.log("  Opening browser for GitHub authorization...");
+  openBrowser2(url);
+  console.log("  Waiting for GitHub authorization...");
+  const ghToken = await waitForGithubToken();
+  console.log("  \u2713 GitHub connected\n");
+  const repos = await listAccessibleRepos({ token: ghToken });
+  if (repos.length === 0) {
+    console.log("  No accessible repos found on GitHub.");
+    return [];
+  }
+  console.log(`  Found ${repos.length} repos:
+`);
+  repos.forEach((r, i) => {
+    console.log(`    ${String(i + 1).padStart(3)}. ${r.full_name}`);
+  });
+  console.log();
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  try {
+    const selection = await ask(rl, "  Select repos (comma-separated numbers, e.g. 1,3,5): ");
+    const indices = selection.split(",").map((s) => parseInt(s.trim(), 10) - 1).filter((n) => !isNaN(n) && n >= 0 && n < repos.length);
+    if (indices.length === 0) {
+      console.log("  No repos selected.");
+      return [];
+    }
+    return indices.map((i) => ({ full_name: repos[i].full_name }));
+  } finally {
+    rl.close();
+  }
+}
+async function promptRepoConnection() {
+  const localRepo = detectGitRepo();
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  try {
+    console.log("Connect repos to Synkro:\n");
+    const options = [];
+    if (localRepo) {
+      options.push(`Link this repo (${localRepo.fullName})`);
+    }
+    options.push("Connect GitHub to select repos");
+    options.push("Skip for now");
+    options.forEach((opt, i) => {
+      console.log(`  ${i + 1}. ${opt}`);
+    });
+    console.log();
+    const choice = await ask(rl, "  Choose (number): ");
+    const choiceNum = parseInt(choice.trim(), 10);
+    console.log();
+    rl.close();
+    const localIdx = localRepo ? 1 : -1;
+    const githubIdx = localRepo ? 2 : 1;
+    const skipIdx = localRepo ? 3 : 2;
+    if (choiceNum === localIdx && localRepo) {
+      try {
+        const existing = await listProjects();
+        const alreadyLinked = existing.some(
+          (p) => p.repos?.some((r) => r.full_name === localRepo.fullName)
+        );
+        if (!alreadyLinked) {
+          await createProject(localRepo.shortName, [{ full_name: localRepo.fullName }]);
+          console.log(`  \u2713 Created project "${localRepo.shortName}" linked to ${localRepo.fullName}`);
+        } else {
+          console.log(`  \u2713 ${localRepo.fullName} is already linked to a Synkro project.`);
+        }
+      } catch (err) {
+        console.warn(`  \u26A0 Could not link repo: ${err.message}`);
+      }
+    } else if (choiceNum === githubIdx) {
+      const selectedRepos = await connectGithubAndSelectRepos();
+      if (selectedRepos.length > 0) {
+        try {
+          const existing = await listProjects();
+          const existingFullNames = new Set(
+            existing.flatMap((p) => (p.repos || []).map((r) => r.full_name))
+          );
+          const newRepos = selectedRepos.filter((r) => !existingFullNames.has(r.full_name));
+          if (newRepos.length === 0) {
+            console.log("  \u2713 All selected repos are already linked.");
+          } else {
+            const projectName = newRepos.length === 1 ? newRepos[0].full_name.split("/").pop() || "Project" : "Multi-Repo Project";
+            await createProject(projectName, newRepos);
+            console.log(`  \u2713 Linked ${newRepos.length} repo(s) to project "${projectName}"`);
+          }
+        } catch (err) {
+          console.warn(`  \u26A0 Could not link repos: ${err.message}`);
+        }
+      }
+    } else if (choiceNum === skipIdx) {
+      console.log("  Skipped. Run `synkro link` later to connect repos.");
+    } else {
+      console.log("  Invalid choice. Skipping repo connection.");
+    }
+  } catch {
+    rl.close();
+  }
+  console.log();
+}
+var RAW_WEB_AUTH_URL2, SYNKRO_WEB_AUTH_URL2, GITHUB_PORT;
+var init_repoConnect = __esm({
+  "cli/commands/repoConnect.ts"() {
+    "use strict";
+    init_projects();
+    init_githubSetup();
+    RAW_WEB_AUTH_URL2 = process.env.SYNKRO_WEB_AUTH_URL;
+    SYNKRO_WEB_AUTH_URL2 = RAW_WEB_AUTH_URL2 && /^https?:\/\//.test(RAW_WEB_AUTH_URL2) ? RAW_WEB_AUTH_URL2 : "https://app.synkro.sh";
+    GITHUB_PORT = 8101;
+  }
+});
+// cli/commands/install.ts
+var install_exports = {};
+__export(install_exports, {
+  installCommand: () => installCommand,
+  parseArgs: () => parseArgs
+});
+import { existsSync as existsSync6, mkdirSync as mkdirSync5, writeFileSync as writeFileSync5, chmodSync, readFileSync as readFileSync4, readdirSync } from "fs";
+import { homedir as homedir4 } from "os";
+import { join as join5 } from "path";
+import { execSync as execSync3 } from "child_process";
+function sanitizeGatewayCandidate(raw) {
+  if (!raw) return void 0;
+  return /^https?:\/\//.test(raw) ? raw : void 0;
+}
+function parseArgs(argv) {
+  const opts = {};
+  for (const a of argv) {
+    if (a.startsWith("--api-key=")) opts.apiKey = a.slice("--api-key=".length);
+    else if (a.startsWith("--gateway=")) opts.gatewayUrl = a.slice("--gateway=".length);
+    else if (a === "--skip-auth") opts.skipAuth = true;
+    else if (a === "--no-mcp") opts.noMcp = true;
+    else if (a === "--force" || a === "-f") opts.force = true;
+  }
+  if (!opts.gatewayUrl) {
+    const fromEnv = sanitizeGatewayCandidate(process.env.SYNKRO_GATEWAY_URL);
+    if (fromEnv) opts.gatewayUrl = fromEnv;
+  }
+  return opts;
+}
+function ensureSynkroDir() {
+  mkdirSync5(SYNKRO_DIR, { recursive: true });
+  mkdirSync5(HOOKS_DIR, { recursive: true });
+  mkdirSync5(BIN_DIR, { recursive: true });
+}
+function writeGraderDaemon() {
+  writeFileSync5(GRADER_DAEMON_PATH, GRADER_DAEMON_PY, "utf-8");
+  chmodSync(GRADER_DAEMON_PATH, 493);
+  writeFileSync5(GRADER_PRIMER_EDIT_PATH, GRADER_PRIMER_EDIT, "utf-8");
+  chmodSync(GRADER_PRIMER_EDIT_PATH, 420);
+  writeFileSync5(GRADER_PRIMER_BASH_PATH, GRADER_PRIMER_BASH, "utf-8");
+  chmodSync(GRADER_PRIMER_BASH_PATH, 420);
+}
+function writeHookScripts() {
+  const bashScriptPath = join5(HOOKS_DIR, "cc-bash-judge.sh");
+  const bashFollowupScriptPath = join5(HOOKS_DIR, "cc-bash-followup.sh");
+  const editCaptureScriptPath = join5(HOOKS_DIR, "cc-edit-capture.sh");
+  const editPrecheckScriptPath = join5(HOOKS_DIR, "cc-edit-precheck.sh");
+  const stopSummaryScriptPath = join5(HOOKS_DIR, "cc-stop-summary.sh");
+  const sessionStartScriptPath = join5(HOOKS_DIR, "cc-session-start.sh");
+  writeFileSync5(bashScriptPath, CC_BASH_JUDGE_SCRIPT, "utf-8");
+  writeFileSync5(bashFollowupScriptPath, CC_BASH_FOLLOWUP_SCRIPT, "utf-8");
+  writeFileSync5(editCaptureScriptPath, CC_EDIT_CAPTURE_SCRIPT, "utf-8");
+  writeFileSync5(editPrecheckScriptPath, CC_EDIT_PRECHECK_SCRIPT, "utf-8");
+  writeFileSync5(stopSummaryScriptPath, CC_STOP_SUMMARY_SCRIPT, "utf-8");
+  writeFileSync5(sessionStartScriptPath, CC_SESSION_START_SCRIPT, "utf-8");
+  chmodSync(bashScriptPath, 493);
+  chmodSync(bashFollowupScriptPath, 493);
+  chmodSync(editCaptureScriptPath, 493);
+  chmodSync(editPrecheckScriptPath, 493);
+  chmodSync(stopSummaryScriptPath, 493);
+  chmodSync(sessionStartScriptPath, 493);
+  return {
+    bashScript: bashScriptPath,
+    bashFollowupScript: bashFollowupScriptPath,
+    editCaptureScript: editCaptureScriptPath,
+    editPrecheckScript: editPrecheckScriptPath,
+    stopSummaryScript: stopSummaryScriptPath,
+    sessionStartScript: sessionStartScriptPath
+  };
+}
+function sanitizeConfigValue(raw, maxLen = 256) {
+  if (!raw) return "";
+  return raw.replace(/[^\x20-\x7E]/g, "").slice(0, maxLen);
+}
+function shellQuoteSingle(value) {
+  return `'${value.replace(/'/g, "'\\''")}'`;
+}
+function writeConfigEnv(opts) {
+  const credsPath = join5(SYNKRO_DIR, "credentials.json");
+  const safeGateway = sanitizeConfigValue(opts.gatewayUrl);
+  const safeUserId = sanitizeConfigValue(opts.userId);
+  const safeOrgId = sanitizeConfigValue(opts.orgId);
+  const safeEmail = sanitizeConfigValue(opts.email);
+  const safeTier = sanitizeConfigValue(opts.tier ?? "pro", 32);
+  const lines = [
+    "# Synkro CLI config (managed by synkro install)",
+    "# JWT auth \u2014 the hook scripts read SYNKRO_CREDENTIALS_PATH at runtime",
+    "# and send Authorization: Bearer <access_token> on every gateway call.",
+    `SYNKRO_GATEWAY_URL=${shellQuoteSingle(safeGateway)}`,
+    `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
+    `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
+    `SYNKRO_VERSION=${shellQuoteSingle("1.3.2")}`
+  ];
+  if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
+  if (safeOrgId) lines.push(`SYNKRO_ORG_ID=${shellQuoteSingle(safeOrgId)}`);
+  if (safeEmail) lines.push(`SYNKRO_EMAIL=${shellQuoteSingle(safeEmail)}`);
+  lines.push("");
+  writeFileSync5(CONFIG_PATH, lines.join("\n"), "utf-8");
+  chmodSync(CONFIG_PATH, 384);
+}
+function assertGatewayAllowed(gatewayUrl) {
+  let parsed;
+  try {
+    parsed = new URL(gatewayUrl);
+  } catch {
+    throw new Error(`Invalid gateway URL: ${gatewayUrl}`);
+  }
+  const proto = parsed.protocol;
+  const host = parsed.hostname;
+  if (proto !== "http:" && proto !== "https:") {
+    throw new Error(`Gateway URL must be http(s); got ${proto}`);
+  }
+  const isLocalhost = host === "localhost" || host === "127.0.0.1" || host === "::1";
+  const isSynkro = host === "synkro.sh" || host.endsWith(".synkro.sh");
+  if (proto === "http:" && !isLocalhost) {
+    throw new Error(`Gateway URL must be HTTPS for non-localhost hosts; got ${gatewayUrl}`);
+  }
+  if (!isLocalhost && !isSynkro) {
+    throw new Error(`Gateway host not in allowlist (synkro.sh or *.synkro.sh): ${host}`);
+  }
+}
+function isAlreadyInstalled() {
+  const requiredScripts = [
+    join5(HOOKS_DIR, "cc-bash-judge.sh"),
+    join5(HOOKS_DIR, "cc-bash-followup.sh"),
+    join5(HOOKS_DIR, "cc-edit-precheck.sh"),
+    join5(HOOKS_DIR, "cc-edit-capture.sh"),
+    join5(HOOKS_DIR, "cc-stop-summary.sh"),
+    join5(HOOKS_DIR, "cc-session-start.sh")
+  ];
+  if (!requiredScripts.every((p) => existsSync6(p))) return false;
+  if (!existsSync6(CONFIG_PATH)) return false;
+  const settingsPath = join5(homedir4(), ".claude", "settings.json");
+  if (!existsSync6(settingsPath)) return false;
+  try {
+    const settings = JSON.parse(readFileSync4(settingsPath, "utf-8"));
+    const hooks = settings?.hooks;
+    if (!hooks || typeof hooks !== "object") return false;
+    const hasManaged = (kind) => Array.isArray(hooks[kind]) && hooks[kind].some((entry) => entry?.__synkro_managed__ === true);
     if (!hasManaged("PreToolUse")) return false;
     if (!hasManaged("PostToolUse")) return false;
     if (!hasManaged("SessionEnd")) return false;
@@ -2324,6 +2879,7 @@ async function installCommand(opts = {}) {
     console.error("No access token available after auth.");
     process.exit(1);
   }
+  await promptRepoConnection();
   const agents = detectAgents();
   if (agents.length === 0) {
     console.error("No AI coding agents detected. Install Claude Code first: https://docs.claude.com/claude-code");
@@ -2346,7 +2902,7 @@ async function installCommand(opts = {}) {
 `);
   writeGraderDaemon();
   for (const mode of ["edit", "bash"]) {
-    const pidFile = join4(SYNKRO_DIR, "daemon", mode, "daemon.pid");
+    const pidFile = join5(SYNKRO_DIR, "daemon", mode, "daemon.pid");
     try {
       const pid = parseInt(readFileSync4(pidFile, "utf-8").trim(), 10);
       if (pid > 0) {
@@ -2417,12 +2973,115 @@ async function installCommand(opts = {}) {
   writeConfigEnv({ gatewayUrl, userId, orgId, email });
   console.log(`Wrote config to ${CONFIG_PATH}
 `);
+  try {
+    const repo = detectGitRepo2();
+    if (repo) {
+      const ingested = await ingestSessionTranscripts(gatewayUrl, token, repo);
+      if (ingested > 0) {
+        console.log(`Indexed ${ingested} session insights from Claude Code history for ${repo}.`);
+        console.log("  This helps the safety judge understand your workflow.\n");
+      }
+    }
+  } catch (err) {
+    console.warn(`  \u26A0 Session indexing skipped: ${err.message}
+`);
+  }
   console.log("\u2713 Synkro installed.");
   console.log();
   console.log("Next steps:");
   console.log("  \u2022 synkro-cli setup-github   (enable PR scanning)");
   console.log("  \u2022 synkro-cli status         (check what is configured)");
 }
+function detectGitRepo2() {
+  try {
+    const remoteUrl = execSync3("git remote get-url origin", { encoding: "utf-8", timeout: 5e3 }).trim();
+    const match = remoteUrl.match(/(?:github\.com|gitlab\.com|bitbucket\.org)[:/](.+?)(?:\.git)?$/);
+    return match ? match[1] : null;
+  } catch {
+    return null;
+  }
+}
+function getClaudeProjectsFolder() {
+  const cwd = process.cwd();
+  const sanitized = "-" + cwd.replace(/\//g, "-");
+  const projectsDir = join5(homedir4(), ".claude", "projects", sanitized);
+  return existsSync6(projectsDir) ? projectsDir : null;
+}
+function extractSessionInsights(projectsDir) {
+  const insights = [];
+  const files = readdirSync(projectsDir).filter((f) => f.endsWith(".jsonl"));
+  for (const file of files) {
+    const sessionId = file.replace(".jsonl", "");
+    const filePath = join5(projectsDir, file);
+    try {
+      const content = readFileSync4(filePath, "utf-8");
+      const lines = content.split("\n").filter(Boolean);
+      for (let i = 0; i < lines.length; i++) {
+        try {
+          const entry = JSON.parse(lines[i]);
+          if (entry.type === "user" && typeof entry.message?.content === "string" && entry.message.content.startsWith("This session is being continued")) {
+            insights.push({
+              session_id: sessionId,
+              insight_type: "summary",
+              content: entry.message.content.slice(0, 4e3),
+              metadata: { source: "compaction_summary" }
+            });
+          }
+        } catch {
+        }
+      }
+      const userMessages = [];
+      for (let i = lines.length - 1; i >= 0 && userMessages.length < 20; i--) {
+        try {
+          const entry = JSON.parse(lines[i]);
+          if (entry.type === "user") {
+            const text = typeof entry.message?.content === "string" ? entry.message.content : Array.isArray(entry.message?.content) ? entry.message.content.map((b) => b.text ?? b).filter((t) => typeof t === "string").join(" ") : null;
+            if (text && text.length > 10 && text.length < 2e3 && !text.startsWith("This session is being continued")) {
+              userMessages.push(text);
+            }
+          }
+        } catch {
+        }
+      }
+      for (const msg of userMessages.reverse()) {
+        insights.push({
+          session_id: sessionId,
+          insight_type: "user_message",
+          content: msg.slice(0, 2e3)
+        });
+      }
+    } catch {
+    }
+  }
+  return insights;
+}
+async function ingestSessionTranscripts(gatewayUrl, token, repo) {
+  const projectsDir = getClaudeProjectsFolder();
+  if (!projectsDir) return 0;
+  const insights = extractSessionInsights(projectsDir);
+  if (insights.length === 0) return 0;
+  console.log(`Found ${insights.length} session insights from Claude Code history...`);
+  let total = 0;
+  for (let i = 0; i < insights.length; i += 100) {
+    const batch = insights.slice(i, i + 100);
+    try {
+      const resp = await fetch(`${gatewayUrl}/api/v1/cli/ingest-sessions`, {
+        method: "POST",
+        headers: {
+          "Authorization": `Bearer ${token}`,
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify({ repo, sessions: batch })
+      });
+      if (resp.ok) {
+        const result = await resp.json();
+        total += result.ingested;
+      }
+    } catch {
+    }
+  }
+  return total;
+}
 var SYNKRO_DIR, HOOKS_DIR, BIN_DIR, CONFIG_PATH, GRADER_DAEMON_PATH, GRADER_PRIMER_EDIT_PATH, GRADER_PRIMER_BASH_PATH;
 var init_install = __esm({
   "cli/commands/install.ts"() {
@@ -2433,13 +3092,14 @@ var init_install = __esm({
     init_hookScripts();
     init_graderDaemon();
     init_stub();
-    SYNKRO_DIR = join4(homedir4(), ".synkro");
-    HOOKS_DIR = join4(SYNKRO_DIR, "hooks");
-    BIN_DIR = join4(SYNKRO_DIR, "bin");
-    CONFIG_PATH = join4(SYNKRO_DIR, "config.env");
-    GRADER_DAEMON_PATH = join4(BIN_DIR, "grader_daemon.py");
-    GRADER_PRIMER_EDIT_PATH = join4(SYNKRO_DIR, "grader-primer-edit.txt");
-    GRADER_PRIMER_BASH_PATH = join4(SYNKRO_DIR, "grader-primer-bash.txt");
+    init_repoConnect();
+    SYNKRO_DIR = join5(homedir4(), ".synkro");
+    HOOKS_DIR = join5(SYNKRO_DIR, "hooks");
+    BIN_DIR = join5(SYNKRO_DIR, "bin");
+    CONFIG_PATH = join5(SYNKRO_DIR, "config.env");
+    GRADER_DAEMON_PATH = join5(BIN_DIR, "grader_daemon.py");
+    GRADER_PRIMER_EDIT_PATH = join5(SYNKRO_DIR, "grader-primer-edit.txt");
+    GRADER_PRIMER_BASH_PATH = join5(SYNKRO_DIR, "grader-primer-bash.txt");
   }
 });
@@ -2515,11 +3175,11 @@ var status_exports = {};
 __export(status_exports, {
   statusCommand: () => statusCommand
 });
-import { existsSync as existsSync6, readFileSync as readFileSync5 } from "fs";
+import { existsSync as existsSync7, readFileSync as readFileSync5 } from "fs";
 import { homedir as homedir5 } from "os";
-import { join as join5 } from "path";
+import { join as join6 } from "path";
 function readConfigEnv() {
-  if (!existsSync6(CONFIG_PATH2)) return {};
+  if (!existsSync7(CONFIG_PATH2)) return {};
   const out = {};
   const raw = readFileSync5(CONFIG_PATH2, "utf-8");
   for (const line of raw.split("\n")) {
@@ -2545,21 +3205,21 @@ function statusCommand() {
     console.log("Authentication: \u2717 not logged in (run: synkro-cli login)");
   }
   console.log();
-  const config = readConfigEnv();
+  const config2 = readConfigEnv();
   console.log("Config:");
-  console.log(`  gateway:     ${config.SYNKRO_GATEWAY_URL ?? "(unset)"}`);
-  console.log(`  credentials: ${config.SYNKRO_CREDENTIALS_PATH ?? "(unset)"}`);
-  console.log(`  tier:        ${config.SYNKRO_TIER ?? "(unset)"}`);
+  console.log(`  gateway:     ${config2.SYNKRO_GATEWAY_URL ?? "(unset)"}`);
+  console.log(`  credentials: ${config2.SYNKRO_CREDENTIALS_PATH ?? "(unset)"}`);
+  console.log(`  tier:        ${config2.SYNKRO_TIER ?? "(unset)"}`);
   const info2 = getUserInfo();
-  const userId = info2?.id ?? config.SYNKRO_USER_ID ?? "default";
-  const tierCacheFile = join5(SYNKRO_DIR2, `.tier-cache-${userId}`);
-  let inferenceTier = config.SYNKRO_INFERENCE_TIER || null;
-  if (!inferenceTier && existsSync6(tierCacheFile)) {
+  const userId = info2?.id ?? config2.SYNKRO_USER_ID ?? "default";
+  const tierCacheFile = join6(SYNKRO_DIR2, `.tier-cache-${userId}`);
+  let inferenceTier = config2.SYNKRO_INFERENCE_TIER || null;
+  if (!inferenceTier && existsSync7(tierCacheFile)) {
     inferenceTier = readFileSync5(tierCacheFile, "utf-8").trim() || null;
   }
   const tierLabel = inferenceTier === "fast" ? "'fast' (server-side grading)" : inferenceTier === "free" ? "'free' (local daemon grading)" : "(unknown \u2014 fires on next hook)";
   console.log(`  inference:   ${tierLabel}`);
-  console.log(`  version:     ${config.SYNKRO_VERSION ?? "(unset)"}`);
+  console.log(`  version:     ${config2.SYNKRO_VERSION ?? "(unset)"}`);
   console.log();
   const agents = detectAgents();
   console.log("Detected agents:");
@@ -2582,19 +3242,19 @@ function statusCommand() {
     }
   }
   console.log();
-  const bashScript = join5(SYNKRO_DIR2, "hooks", "cc-bash-judge.sh");
-  const bashFollowupScript = join5(SYNKRO_DIR2, "hooks", "cc-bash-followup.sh");
-  const editPrecheckScript = join5(SYNKRO_DIR2, "hooks", "cc-edit-precheck.sh");
-  const editCaptureScript = join5(SYNKRO_DIR2, "hooks", "cc-edit-capture.sh");
-  const stopSummaryScript = join5(SYNKRO_DIR2, "hooks", "cc-stop-summary.sh");
-  const sessionStartScript = join5(SYNKRO_DIR2, "hooks", "cc-session-start.sh");
+  const bashScript = join6(SYNKRO_DIR2, "hooks", "cc-bash-judge.sh");
+  const bashFollowupScript = join6(SYNKRO_DIR2, "hooks", "cc-bash-followup.sh");
+  const editPrecheckScript = join6(SYNKRO_DIR2, "hooks", "cc-edit-precheck.sh");
+  const editCaptureScript = join6(SYNKRO_DIR2, "hooks", "cc-edit-capture.sh");
+  const stopSummaryScript = join6(SYNKRO_DIR2, "hooks", "cc-stop-summary.sh");
+  const sessionStartScript = join6(SYNKRO_DIR2, "hooks", "cc-session-start.sh");
   console.log("Hook scripts:");
-  console.log(`  ${existsSync6(bashScript) ? "\u2713" : "\u2717"} ${bashScript}`);
-  console.log(`  ${existsSync6(bashFollowupScript) ? "\u2713" : "\u2717"} ${bashFollowupScript}`);
-  console.log(`  ${existsSync6(editPrecheckScript) ? "\u2713" : "\u2717"} ${editPrecheckScript}`);
-  console.log(`  ${existsSync6(editCaptureScript) ? "\u2713" : "\u2717"} ${editCaptureScript}`);
-  console.log(`  ${existsSync6(stopSummaryScript) ? "\u2713" : "\u2717"} ${stopSummaryScript}`);
-  console.log(`  ${existsSync6(sessionStartScript) ? "\u2713" : "\u2717"} ${sessionStartScript}`);
+  console.log(`  ${existsSync7(bashScript) ? "\u2713" : "\u2717"} ${bashScript}`);
+  console.log(`  ${existsSync7(bashFollowupScript) ? "\u2713" : "\u2717"} ${bashFollowupScript}`);
+  console.log(`  ${existsSync7(editPrecheckScript) ? "\u2713" : "\u2717"} ${editPrecheckScript}`);
+  console.log(`  ${existsSync7(editCaptureScript) ? "\u2713" : "\u2717"} ${editCaptureScript}`);
+  console.log(`  ${existsSync7(stopSummaryScript) ? "\u2713" : "\u2717"} ${stopSummaryScript}`);
+  console.log(`  ${existsSync7(sessionStartScript) ? "\u2713" : "\u2717"} ${sessionStartScript}`);
   console.log();
   const mcp = inspectMcpConfig();
   console.log("Guardrails MCP server (Claude Code):");
@@ -2614,165 +3274,88 @@ var init_status = __esm({
     init_agentDetect();
     init_ccHookConfig();
     init_mcpConfig();
-    SYNKRO_DIR2 = join5(homedir5(), ".synkro");
-    CONFIG_PATH2 = join5(SYNKRO_DIR2, "config.env");
+    SYNKRO_DIR2 = join6(homedir5(), ".synkro");
+    CONFIG_PATH2 = join6(SYNKRO_DIR2, "config.env");
   }
 });
-// cli/installer/workflowTemplate.ts
-var SYNKRO_WORKFLOW_YAML, WORKFLOW_PATH;
-var init_workflowTemplate = __esm({
-  "cli/installer/workflowTemplate.ts"() {
+// cli/commands/link.ts
+var link_exports = {};
+__export(link_exports, {
+  linkCommand: () => linkCommand
+});
+async function linkCommand() {
+  if (!isAuthenticated()) {
+    console.error("Not authenticated. Run `synkro install` or `synkro login` first.");
+    process.exit(1);
+  }
+  await ensureValidToken();
+  await promptRepoConnection();
+}
+var init_link = __esm({
+  "cli/commands/link.ts"() {
     "use strict";
-    SYNKRO_WORKFLOW_YAML = `name: Synkro Security Review
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-jobs:
-  scan:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
-      checks: write
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Cache npm globals
-        id: cache-npm-global
-        uses: actions/cache@v4
-        with:
-          path: ~/.npm-global
-          key: synkro-cli-\${{ runner.os }}-v1
-      - name: Install Synkro CLI + Claude Code CLI
-        run: |
-          npm config set prefix ~/.npm-global
-          npm install -g @synkro-sh/cli @anthropic-ai/claude-code
-          echo "~/.npm-global/bin" >> $GITHUB_PATH
-      - name: Run Synkro PR scan
-        run: synkro-cli scan-pr
-        env:
-          CLAUDE_CODE_OAUTH_TOKEN: \${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          SYNKRO_API_KEY: \${{ secrets.SYNKRO_API_KEY }}
-          GH_TOKEN: \${{ secrets.GITHUB_TOKEN }}
-          SYNKRO_PR_NUMBER: \${{ github.event.pull_request.number }}
-          SYNKRO_REPO: \${{ github.repository }}
-          SYNKRO_SHA: \${{ github.event.pull_request.head.sha }}
-          SYNKRO_GATEWAY_URL: \${{ vars.SYNKRO_GATEWAY_URL || 'https://api.synkro.sh' }}
-`;
-    WORKFLOW_PATH = ".github/workflows/synkro.yml";
+    init_stub();
+    init_repoConnect();
   }
 });
-// cli/installer/githubSetup.ts
-import { existsSync as existsSync7, mkdirSync as mkdirSync5, writeFileSync as writeFileSync5 } from "fs";
-import { join as join6 } from "path";
-async function encryptSecret(publicKeyBase64, secret) {
-  const sodium = await import("libsodium-wrappers").then((m) => m.default ?? m);
-  await sodium.ready;
-  const keyBytes = sodium.from_base64(publicKeyBase64, sodium.base64_variants.ORIGINAL);
-  const messageBytes = sodium.from_string(secret);
-  const encryptedBytes = sodium.crypto_box_seal(messageBytes, keyBytes);
-  return sodium.to_base64(encryptedBytes, sodium.base64_variants.ORIGINAL);
+// cli/commands/unlink.ts
+var unlink_exports = {};
+__export(unlink_exports, {
+  unlinkCommand: () => unlinkCommand
+});
+import { createInterface as createInterface2 } from "readline";
+function ask2(rl, question) {
+  return new Promise((resolve2) => rl.question(question, resolve2));
 }
-async function getRepoPublicKey(opts, owner, repo) {
-  const url = `https://api.github.com/repos/${owner}/${repo}/actions/secrets/public-key`;
-  const resp = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${opts.token}`,
-      Accept: "application/vnd.github+json",
-      "X-GitHub-Api-Version": "2022-11-28"
+async function unlinkCommand() {
+  if (!isAuthenticated()) {
+    console.error("Not authenticated. Run `synkro install` or `synkro login` first.");
+    process.exit(1);
+  }
+  await ensureValidToken();
+  const projects = await listProjects();
+  const linked = [];
+  for (const p of projects) {
+    for (const r of p.repos || []) {
+      if (r.full_name && r.id) {
+        linked.push({ projectId: p.id, projectName: p.name, repoId: r.id, fullName: r.full_name });
+      }
     }
-  });
-  if (!resp.ok) {
-    const text = await resp.text().catch(() => "");
-    throw new Error(`GitHub API ${resp.status} fetching public key for ${owner}/${repo}: ${text.slice(0, 200)}`);
   }
-  return await resp.json();
-}
-async function putRepoSecret(opts, owner, repo, secretName, secretValue, publicKey) {
-  const encryptedValue = await encryptSecret(publicKey.key, secretValue);
-  const url = `https://api.github.com/repos/${owner}/${repo}/actions/secrets/${encodeURIComponent(secretName)}`;
-  const resp = await fetch(url, {
-    method: "PUT",
-    headers: {
-      Authorization: `Bearer ${opts.token}`,
-      Accept: "application/vnd.github+json",
-      "X-GitHub-Api-Version": "2022-11-28",
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify({
-      encrypted_value: encryptedValue,
-      key_id: publicKey.key_id
-    })
-  });
-  if (!resp.ok) {
-    const text = await resp.text().catch(() => "");
-    throw new Error(`GitHub API ${resp.status} setting secret ${secretName}: ${text.slice(0, 200)}`);
+  if (linked.length === 0) {
+    console.log("No linked repos found.");
+    return;
   }
-}
-async function listAccessibleRepos(opts) {
-  const repos = [];
-  let page = 1;
-  while (page <= 5) {
-    const url = `https://api.github.com/user/repos?per_page=100&page=${page}&affiliation=owner,collaborator`;
-    const resp = await fetch(url, {
-      headers: {
-        Authorization: `Bearer ${opts.token}`,
-        Accept: "application/vnd.github+json",
-        "X-GitHub-Api-Version": "2022-11-28"
-      }
-    });
-    if (!resp.ok) {
-      throw new Error(`GitHub API ${resp.status} listing repos`);
+  console.log("\nLinked repos:\n");
+  linked.forEach((r, i) => {
+    console.log(`  ${i + 1}. ${r.fullName} (${r.projectName})`);
+  });
+  console.log();
+  const rl = createInterface2({ input: process.stdin, output: process.stdout });
+  try {
+    const selection = await ask2(rl, "  Select repos to unlink (comma-separated numbers): ");
+    const indices = selection.split(",").map((s) => parseInt(s.trim(), 10) - 1).filter((n) => !isNaN(n) && n >= 0 && n < linked.length);
+    if (indices.length === 0) {
+      console.log("  No repos selected.");
+      return;
     }
-    const data = await resp.json();
-    if (data.length === 0) break;
-    for (const r of data) {
-      repos.push({ owner: r.owner.login, repo: r.name, full_name: r.full_name });
+    for (const idx of indices) {
+      const r = linked[idx];
+      await unlinkRepo(r.projectId, r.repoId);
+      console.log(`  \u2713 Unlinked ${r.fullName} from ${r.projectName}`);
     }
-    if (data.length < 100) break;
-    page++;
-  }
-  return repos;
-}
-async function pushSecretsToRepo(opts, owner, repo, secrets) {
-  const pubkey = await getRepoPublicKey(opts, owner, repo);
-  await putRepoSecret(opts, owner, repo, "CLAUDE_CODE_OAUTH_TOKEN", secrets.claudeCodeOauthToken, pubkey);
-  await putRepoSecret(opts, owner, repo, "SYNKRO_API_KEY", secrets.synkroApiKey, pubkey);
-}
-function writeWorkflowFile(repoRootPath) {
-  const workflowDir = join6(repoRootPath, ".github", "workflows");
-  mkdirSync5(workflowDir, { recursive: true });
-  const workflowFile = join6(workflowDir, "synkro.yml");
-  writeFileSync5(workflowFile, SYNKRO_WORKFLOW_YAML, "utf-8");
-  return workflowFile;
-}
-function findGitRoot(startCwd) {
-  let cur = startCwd;
-  while (cur && cur !== "/") {
-    if (existsSync7(join6(cur, ".git"))) return cur;
-    const parent = join6(cur, "..");
-    if (parent === cur) break;
-    cur = parent;
+  } finally {
+    rl.close();
   }
-  return null;
+  console.log();
 }
-var SECRET_NAMES, WORKFLOW_RELATIVE_PATH;
-var init_githubSetup = __esm({
-  "cli/installer/githubSetup.ts"() {
+var init_unlink = __esm({
+  "cli/commands/unlink.ts"() {
     "use strict";
-    init_workflowTemplate();
-    SECRET_NAMES = {
-      CLAUDE_OAUTH: "CLAUDE_CODE_OAUTH_TOKEN",
-      SYNKRO_API_KEY: "SYNKRO_API_KEY"
-    };
-    WORKFLOW_RELATIVE_PATH = WORKFLOW_PATH;
+    init_stub();
+    init_projects();
   }
 });
@@ -2781,7 +3364,7 @@ var setupGithub_exports = {};
 __export(setupGithub_exports, {
   setupGithubCommand: () => setupGithubCommand
 });
-import { createInterface } from "readline/promises";
+import { createInterface as createInterface3 } from "readline/promises";
 import { stdin as input, stdout as output } from "process";
 import { existsSync as existsSync8, readFileSync as readFileSync6 } from "fs";
 import { homedir as homedir6 } from "os";
@@ -2832,8 +3415,8 @@ async function setupGithubCommand() {
     console.error("Not authenticated. Run `synkro-cli login` first.");
     process.exit(1);
   }
-  const config = readConfig();
-  const gatewayUrl = (config.SYNKRO_GATEWAY_URL || process.env.SYNKRO_GATEWAY_URL || "https://api.synkro.sh").replace(/\/$/, "");
+  const config2 = readConfig();
+  const gatewayUrl = (config2.SYNKRO_GATEWAY_URL || process.env.SYNKRO_GATEWAY_URL || "https://api.synkro.sh").replace(/\/$/, "");
   const jwt2 = getAccessToken();
   if (!jwt2) {
     console.error("Could not load access token from ~/.synkro/credentials.json. Run `synkro-cli login`.");
@@ -2862,7 +3445,7 @@ async function setupGithubCommand() {
     console.error(`Failed to mint CI API key: ${err.message}`);
     process.exit(1);
   }
-  const rl = createInterface({ input, output });
+  const rl = createInterface3({ input, output });
   console.log("Synkro PR scan setup\n");
   console.log("Requirements:");
   console.log("  \u2022 Claude Code Pro or Max subscription (for `claude setup-token`)");
@@ -2969,7 +3552,7 @@ var scanPr_exports = {};
 __export(scanPr_exports, {
   scanPrCommand: () => scanPrCommand
 });
-import { execSync as execSync2, spawn } from "child_process";
+import { execSync as execSync4, spawn } from "child_process";
 function parseMatchSpec(condition) {
   if (!condition.startsWith("match_spec:")) return null;
   try {
@@ -3075,7 +3658,7 @@ function shouldSkipFile(filename) {
   return SKIP_FILE_PATTERNS.some((p) => p.test(filename));
 }
 function ghJson(args2) {
-  const out = execSync2(`gh ${args2.map((a) => `'${a.replace(/'/g, "'\\''")}'`).join(" ")}`, {
+  const out = execSync4(`gh ${args2.map((a) => `'${a.replace(/'/g, "'\\''")}'`).join(" ")}`, {
     encoding: "utf-8",
     maxBuffer: 16 * 1024 * 1024
   });
@@ -3191,7 +3774,7 @@ ${finding.description}
 **Fix:** ${finding.fix}`;
   try {
-    execSync2(
+    execSync4(
       `gh api -X POST /repos/${repo}/pulls/${prNumber}/comments -f body=${JSON.stringify(body)} -f commit_id=${sha} -f path=${JSON.stringify(finding.file)} -F line=${finding.line} -f side=RIGHT`,
       { encoding: "utf-8", stdio: ["ignore", "ignore", "pipe"] }
     );
@@ -3213,7 +3796,7 @@ function postCheckRun(repo, sha, conclusion, findings) {
     }
   });
   try {
-    execSync2(`gh api -X POST /repos/${repo}/check-runs --input -`, {
+    execSync4(`gh api -X POST /repos/${repo}/check-runs --input -`, {
       encoding: "utf-8",
       input: body,
       stdio: ["pipe", "ignore", "pipe"]
@@ -3431,6 +4014,43 @@ var init_disconnect = __esm({
   }
 });
+// cli/commands/uninstall.ts
+var uninstall_exports = {};
+__export(uninstall_exports, {
+  uninstallCommand: () => uninstallCommand
+});
+function uninstallCommand() {
+  console.log("Uninstalling Synkro...\n");
+  disconnectCommand(["--purge"]);
+  console.log("\nTo reinstall later: synkro install");
+}
+var init_uninstall = __esm({
+  "cli/commands/uninstall.ts"() {
+    "use strict";
+    init_disconnect();
+  }
+});
+// cli/commands/reinstall.ts
+var reinstall_exports = {};
+__export(reinstall_exports, {
+  reinstallCommand: () => reinstallCommand
+});
+async function reinstallCommand() {
+  console.log("Reinstalling Synkro...\n");
+  disconnectCommand(["--purge"]);
+  console.log("");
+  await installCommand({ force: true });
+  console.log("\n\u2713 Synkro reinstalled.");
+}
+var init_reinstall = __esm({
+  "cli/commands/reinstall.ts"() {
+    "use strict";
+    init_disconnect();
+    init_install();
+  }
+});
 // cli/bootstrap.js
 import { readFileSync as readFileSync7, existsSync as existsSync10 } from "fs";
 import { resolve } from "path";
@@ -3466,10 +4086,14 @@ Commands:
   login                Authenticate with Synkro (browser OAuth via WorkOS)
   logout               Clear local credentials
   status               Show current setup state
+  link                 Link repos to a Synkro project (local git or GitHub OAuth)
+  unlink               Remove repo links from Synkro projects
   setup-github         Configure GitHub PR scanning (push secrets + workflow file)
   scan-pr              Run a PR scan (used by GitHub Actions, not for direct invocation)
   update               Refresh hook configs and judge prompts
   disconnect [--purge] Remove Synkro hooks from agents (--purge also removes ~/.synkro)
+  uninstall            Fully remove Synkro from this machine
+  reinstall            Clean uninstall + fresh install
   help                 Show this message
 Quick start:
@@ -3502,6 +4126,16 @@ async function main() {
       statusCommand2();
       break;
     }
+    case "link": {
+      const { linkCommand: linkCommand2 } = await Promise.resolve().then(() => (init_link(), link_exports));
+      await linkCommand2();
+      break;
+    }
+    case "unlink": {
+      const { unlinkCommand: unlinkCommand2 } = await Promise.resolve().then(() => (init_unlink(), unlink_exports));
+      await unlinkCommand2();
+      break;
+    }
     case "setup-github": {
       const { setupGithubCommand: setupGithubCommand2 } = await Promise.resolve().then(() => (init_setupGithub(), setupGithub_exports));
       await setupGithubCommand2();
@@ -3522,6 +4156,16 @@ async function main() {
       disconnectCommand2(subArgs);
       break;
     }
+    case "uninstall": {
+      const { uninstallCommand: uninstallCommand2 } = await Promise.resolve().then(() => (init_uninstall(), uninstall_exports));
+      uninstallCommand2();
+      break;
+    }
+    case "reinstall": {
+      const { reinstallCommand: reinstallCommand2 } = await Promise.resolve().then(() => (init_reinstall(), reinstall_exports));
+      await reinstallCommand2();
+      break;
+    }
     case "help":
     case "--help":
     case "-h":