@tankpkg/cli 0.0.0-nightly.20260416.9bc2c8a → 0.0.0-nightly.20260416.d672db7

package/dist/bin/tank.js

@@ -1,11 +1,11 @@
 #!/usr/bin/env node
-import { a as VERSION, i as USER_AGENT, l as setConfig, n as flushLogs, o as getConfig, s as getConfigDir, t as authFlowLog } from "../debug-logger-DMCCDELn.js";
+import { a as VERSION, i as USER_AGENT, l as setConfig, n as flushLogs, o as getConfig, s as getConfigDir, t as authFlowLog } from "../debug-logger-W7tIIaFy.js";
 import { t as logger } from "../logger-BhULz3Uz.js";
 import { Command } from "commander";
 import chalk from "chalk";
-import fs from "node:fs";
-import os from "node:os";
-import path from "node:path";
+import fs, { createWriteStream } from "node:fs";
+import os, { tmpdir } from "node:os";
+import path, { join } from "node:path";
 import { z } from "zod";
 import { claudeCodeAdapter, clineAdapter, compilePackage, cursorAdapter, normalizeDirectory, opencodeAdapter, rooCodeAdapter, windsurfAdapter } from "@internals/adapters";
 import ora from "ora";
@@ -13,10 +13,14 @@ import { confirm, input } from "@inquirer/prompts";
 import crypto$1 from "node:crypto";
 import semver from "semver";
 import { buildSkillKey, checkPermissionBudget, downloadAllParallel, extractSafely, getExtractDir as getExtractDir$1, getGlobalExtractDir, getResolvedNodesInOrder, parseLockKey as parseLockKey$2, parseVersionFromLockKey, readExtractedDependencies, resolveDependencyTree, verifyExtractedDependencies, writeLockfileWithResolvedGraph } from "@tankpkg/sdk";
+import { createInterface } from "node:readline";
+import { execSync, spawn } from "node:child_process";
+import { mkdir, mkdtemp, rm, stat } from "node:fs/promises";
+import { Readable } from "node:stream";
+import { pipeline } from "node:stream/promises";
 import open from "open";
 import ignore from "ignore";
 import { create } from "tar";
-import { spawn } from "node:child_process";
 import { fileURLToPath } from "node:url";
 //#region \0rolldown/runtime.js
 var __defProp = Object.defineProperty;
@@ -313,6 +317,22 @@ z.object({
 	atoms: z.array(z.record(z.string(), z.unknown())).optional(),
 	includes: z.array(z.string()).optional()
 }).strict();
+const SKILL_SOURCES = [
+	"registry",
+	"github",
+	"clawhub",
+	"skills_sh",
+	"agentskills_il",
+	"npm",
+	"local"
+];
+const SCAN_VERDICTS = [
+	"pass",
+	"pass_with_notes",
+	"flagged",
+	"fail",
+	"error"
+];
 const lockedSkillV1Schema = z.object({
 	resolved: z.string().url(),
 	integrity: z.string().regex(/^sha512-/, "Integrity must start with sha512-"),
@@ -328,7 +348,10 @@ const lockedSkillSchema = z.object({
 	integrity: z.string().regex(/^sha512-/, "Integrity must start with sha512-"),
 	permissions: permissionsSchema,
 	audit_score: z.number().min(0).max(10).nullable(),
-	dependencies: z.record(z.string(), z.string()).optional()
+	dependencies: z.record(z.string(), z.string()).optional(),
+	source: z.enum(SKILL_SOURCES).optional(),
+	scan_verdict: z.enum(SCAN_VERDICTS).optional(),
+	scanned_at: z.string().optional()
 });
 z.object({
 	lockfileVersion: z.union([z.literal(1), z.literal(2)]),
@@ -433,7 +456,7 @@ function readLockfile$1(directory) {
 }
 //#endregion
 //#region src/commands/audit.ts
-function scoreColor$2(score) {
+function scoreColor$3(score) {
 	if (score >= 7) return chalk.green;
 	if (score >= 4) return chalk.yellow;
 	return chalk.red;
@@ -441,7 +464,7 @@ function scoreColor$2(score) {
 function formatScore(result) {
 	if (result.error) return chalk.dim("error");
 	if (result.score == null || result.status !== "completed") return chalk.dim("pending");
-	return scoreColor$2(result.score)(result.score.toFixed(1));
+	return scoreColor$3(result.score)(result.score.toFixed(1));
 }
 function formatStatus(result) {
 	if (result.error) return chalk.dim("error");
@@ -1327,6 +1350,527 @@ function prepareAgentSkillDir(options) {
 	return targetDir;
 }
 //#endregion
+//#region src/lib/scan-gate.ts
+/**
+* Security scan gate for `tank install <url>`.
+* Calls the public scan API and enforces verdicts.
+*/
+function verdictColor$1(verdict) {
+	switch (verdict) {
+		case "pass": return chalk.green;
+		case "pass_with_notes": return chalk.yellow;
+		case "flagged": return chalk.hex("#FF8C00");
+		case "fail": return chalk.red;
+		case "error": return chalk.red;
+		default: return chalk.white;
+	}
+}
+function severityColor$1(severity) {
+	switch (severity) {
+		case "critical": return chalk.red;
+		case "high": return chalk.hex("#FF8C00");
+		case "medium": return chalk.yellow;
+		case "low": return chalk.green;
+		case "info": return chalk.blue;
+		default: return chalk.white;
+	}
+}
+function scoreColor$2(score) {
+	if (score >= 7) return chalk.green;
+	if (score >= 4) return chalk.yellow;
+	return chalk.red;
+}
+async function promptUser(question) {
+	const rl = createInterface({
+		input: process.stdin,
+		output: process.stdout
+	});
+	return new Promise((resolve) => {
+		rl.question(question, (answer) => {
+			rl.close();
+			resolve(answer.toLowerCase() === "y" || answer.toLowerCase() === "yes");
+		});
+	});
+}
+async function scanUrl(url, options) {
+	const config = getConfig();
+	const registryUrl = options?.registryUrl ?? config.registry;
+	const token = options?.token ?? config.token;
+	let res;
+	try {
+		const headers = {
+			"Content-Type": "application/json",
+			"User-Agent": USER_AGENT
+		};
+		if (token) headers.Authorization = `Bearer ${token}`;
+		res = await fetch(`${registryUrl}/api/v1/scan`, {
+			method: "POST",
+			headers,
+			body: JSON.stringify({ url }),
+			signal: AbortSignal.timeout(65e3)
+		});
+	} catch (err) {
+		return {
+			success: false,
+			verdict: "error",
+			auditScore: null,
+			findings: [],
+			durationMs: null,
+			error: `Network error: ${err instanceof Error ? err.message : String(err)}`
+		};
+	}
+	if (!res.ok) {
+		if (res.status === 429) return {
+			success: false,
+			verdict: "error",
+			auditScore: null,
+			findings: [],
+			durationMs: null,
+			error: `Rate limited (429): ${token ? "Authenticated rate limit reached (20/hr). Try again later." : "Anonymous rate limit reached (3/hr). Run `tank login` for higher limits."}`
+		};
+		if (res.status === 504) return {
+			success: false,
+			verdict: "error",
+			auditScore: null,
+			findings: [],
+			durationMs: null,
+			error: "Scan timed out (504). The skill may be too large or the scanner is overloaded."
+		};
+		return {
+			success: false,
+			verdict: "error",
+			auditScore: null,
+			findings: [],
+			durationMs: null,
+			error: (await res.json().catch(() => null))?.error ?? `HTTP ${res.status}: ${res.statusText}`
+		};
+	}
+	const data = await res.json();
+	const findings = data.findings.map((f) => ({
+		severity: f.severity,
+		type: f.type,
+		description: f.description,
+		...f.location ? { location: f.location } : {}
+	}));
+	return {
+		success: true,
+		verdict: data.verdict,
+		auditScore: data.audit_score ?? null,
+		findings,
+		durationMs: data.duration_ms ?? null
+	};
+}
+function displayScanResults(result) {
+	const verdictLabel = verdictColor$1(result.verdict)(result.verdict.toUpperCase());
+	console.log("");
+	console.log(chalk.bold("Security Scan Results"));
+	console.log("");
+	console.log(`${chalk.dim("Verdict:".padEnd(14))}${verdictLabel}`);
+	if (result.auditScore !== null) {
+		const scoreLabel = scoreColor$2(result.auditScore)(result.auditScore.toFixed(1));
+		console.log(`${chalk.dim("Score:".padEnd(14))}${scoreLabel}/10`);
+	}
+	if (result.durationMs !== null) console.log(`${chalk.dim("Duration:".padEnd(14))}${(result.durationMs / 1e3).toFixed(1)}s`);
+	if (result.error) console.log(`${chalk.dim("Error:".padEnd(14))}${chalk.red(result.error)}`);
+	if (result.findings.length > 0) {
+		console.log("");
+		console.log(chalk.bold(`Findings (${result.findings.length})`));
+		const bySeverity = {
+			critical: [],
+			high: [],
+			medium: [],
+			low: [],
+			info: []
+		};
+		for (const f of result.findings) bySeverity[f.severity].push(f);
+		for (const severity of [
+			"critical",
+			"high",
+			"medium",
+			"low",
+			"info"
+		]) {
+			const group = bySeverity[severity];
+			if (group.length === 0) continue;
+			console.log("");
+			const label = severityColor$1(severity)(`${severity.toUpperCase()} (${group.length})`);
+			console.log(`  ${label}`);
+			for (const f of group) {
+				console.log(`    - ${chalk.bold(f.type)}: ${f.description}`);
+				if (f.location) console.log(`      ${chalk.dim("Location:")} ${f.location}`);
+			}
+		}
+	} else if (result.success) {
+		console.log("");
+		console.log(chalk.green("No findings. The skill looks secure."));
+	}
+	console.log("");
+}
+async function enforceVerdict(result, options) {
+	switch (result.verdict) {
+		case "pass":
+		case "pass_with_notes": return { allowed: true };
+		case "flagged": {
+			if (options?.yes) return { allowed: true };
+			const count = result.findings.length;
+			if (await promptUser(chalk.yellow(`⚠ Security scan flagged ${count} issue${count === 1 ? "" : "s"}. Install anyway? (y/N) `))) return { allowed: true };
+			return {
+				allowed: false,
+				reason: "User declined after security warnings"
+			};
+		}
+		case "fail": return {
+			allowed: false,
+			reason: "Security scan failed with critical findings"
+		};
+		case "error": return {
+			allowed: false,
+			reason: `Security scan error: ${result.error ?? "unknown"}`
+		};
+		default: return {
+			allowed: false,
+			reason: `Unknown verdict: ${result.verdict}`
+		};
+	}
+}
+//#endregion
+//#region src/lib/url-fetcher.ts
+/**
+* Fetch skills from URLs for `tank install <url>`.
+* Routes GitHub (git clone), ClawHub (zip), skills.sh, and generic tarballs
+* to temp directories with cleanup-on-failure semantics.
+*/
+const HOST_MAP = [
+	[/github\.com/i, "github"],
+	[/clawhub\.ai/i, "clawhub"],
+	[/skills\.sh/i, "skills_sh"],
+	[/agentskills\.co\.il/i, "agentskills_il"],
+	[/registry\.npmjs\.org/i, "npm"]
+];
+function detectSourceType(url) {
+	for (const [pattern, sourceType] of HOST_MAP) if (pattern.test(url)) return sourceType;
+	return "unknown";
+}
+/** Returns true if the input looks like a URL rather than a package name. */
+function isUrl(input) {
+	if (input.startsWith("http://") || input.startsWith("https://")) return true;
+	for (const [pattern] of HOST_MAP) if (pattern.test(input)) return true;
+	return false;
+}
+/** Best-effort skill name extraction from a URL. */
+function inferSkillName(url) {
+	try {
+		const segments = new URL(url.startsWith("http") ? url : `https://${url}`).pathname.replace(/\.git$/, "").split("/").filter(Boolean);
+		switch (detectSourceType(url)) {
+			case "github": {
+				if (segments.length < 2) return null;
+				const treeIdx = segments.indexOf("tree");
+				if (treeIdx !== -1 && segments.length > treeIdx + 2) return segments[segments.length - 1] ?? null;
+				return segments[1] ?? null;
+			}
+			case "clawhub": return segments[1] ?? null;
+			case "skills_sh": return segments[2] ?? segments[1] ?? null;
+			case "agentskills_il": return segments[1] ?? null;
+			case "npm": return segments[segments.length - 1] ?? null;
+			default: return segments[segments.length - 1] ?? null;
+		}
+	} catch {
+		return null;
+	}
+}
+async function createTempDir() {
+	return mkdtemp(join(tmpdir(), "tank-fetch-"));
+}
+async function cleanupDir(dir) {
+	try {
+		await rm(dir, {
+			recursive: true,
+			force: true
+		});
+	} catch {}
+}
+function ensureGitInstalled() {
+	try {
+		execSync("git --version", { stdio: "ignore" });
+	} catch {
+		throw new Error("Git is not installed. Install git and try again.");
+	}
+}
+function gitCloneShallow(repoUrl, dest) {
+	try {
+		execSync(`git clone --depth 1 ${repoUrl} ${dest}`, {
+			stdio: "pipe",
+			timeout: 6e4
+		});
+	} catch (err) {
+		const msg = err instanceof Error ? err.message : String(err);
+		if (msg.includes("Repository not found") || msg.includes("not found")) throw new Error(`Repository not found: ${repoUrl}`);
+		if (msg.includes("timed out") || msg.includes("ETIMEDOUT")) throw new Error(`Network timeout cloning ${repoUrl}`);
+		throw new Error(`Git clone failed: ${msg}`);
+	}
+}
+function gitRevParseHead(dir) {
+	try {
+		return execSync("git rev-parse HEAD", {
+			cwd: dir,
+			stdio: "pipe"
+		}).toString().trim();
+	} catch {
+		return null;
+	}
+}
+async function downloadFile(url, dest) {
+	const res = await fetch(url, { signal: AbortSignal.timeout(6e4) });
+	if (!res.ok) {
+		if (res.status === 404) throw new Error(`Not found: ${url}`);
+		throw new Error(`HTTP ${res.status} downloading ${url}`);
+	}
+	if (!res.body) throw new Error(`Empty response body from ${url}`);
+	await pipeline(Readable.fromWeb(res.body), createWriteStream(dest));
+}
+async function extractZip(zipPath, dest) {
+	try {
+		execSync(`unzip -o -q "${zipPath}" -d "${dest}"`, {
+			stdio: "pipe",
+			timeout: 3e4
+		});
+	} catch (err) {
+		const msg = err instanceof Error ? err.message : String(err);
+		throw new Error(`Zip extraction failed: ${msg}`);
+	}
+}
+async function extractTarball(tarPath, dest) {
+	try {
+		execSync(`tar xzf "${tarPath}" -C "${dest}"`, {
+			stdio: "pipe",
+			timeout: 3e4
+		});
+	} catch (err) {
+		const msg = err instanceof Error ? err.message : String(err);
+		throw new Error(`Tarball extraction failed: ${msg}`);
+	}
+}
+function parseGitHubUrl(url) {
+	try {
+		const segments = new URL(url.startsWith("http") ? url : `https://${url}`).pathname.replace(/\.git$/, "").split("/").filter(Boolean);
+		if (segments.length < 2) return null;
+		const owner = segments[0];
+		const repo = segments[1];
+		let branch = null;
+		let subpath = null;
+		if (segments[2] === "tree" && segments.length > 3) {
+			branch = segments[3];
+			if (segments.length > 4) subpath = segments.slice(4).join("/");
+		}
+		return {
+			owner,
+			repo,
+			branch,
+			subpath
+		};
+	} catch {
+		return null;
+	}
+}
+async function fetchFromGitHub(url, tempDir) {
+	ensureGitInstalled();
+	const parts = parseGitHubUrl(url);
+	if (!parts) throw new Error(`Invalid GitHub URL: ${url}`);
+	const cloneUrl = `https://github.com/${parts.owner}/${parts.repo}.git`;
+	const cloneDest = join(tempDir, parts.repo);
+	logger.info(`Cloning ${parts.owner}/${parts.repo}...`);
+	gitCloneShallow(cloneUrl, cloneDest);
+	if (parts.branch) try {
+		execSync(`git checkout ${parts.branch}`, {
+			cwd: cloneDest,
+			stdio: "pipe",
+			timeout: 1e4
+		});
+	} catch {}
+	const commitSha = gitRevParseHead(cloneDest);
+	let localPath = cloneDest;
+	if (parts.subpath) {
+		const subDir = join(cloneDest, parts.subpath);
+		try {
+			if ((await stat(subDir)).isDirectory()) localPath = subDir;
+		} catch {
+			throw new Error(`Subpath not found in repo: ${parts.subpath}`);
+		}
+	}
+	return {
+		localPath,
+		sourceType: "github",
+		sourceUrl: url,
+		commitSha,
+		inferredName: parts.subpath ? parts.subpath.split("/").pop() ?? parts.repo : parts.repo,
+		cleanup: () => cleanupDir(tempDir)
+	};
+}
+function parseClawHubUrl(url) {
+	try {
+		const segments = new URL(url.startsWith("http") ? url : `https://${url}`).pathname.split("/").filter(Boolean);
+		if (segments.length < 2) return null;
+		return {
+			owner: segments[0],
+			skillName: segments[1]
+		};
+	} catch {
+		return null;
+	}
+}
+async function fetchFromClawHub(url, tempDir) {
+	const parts = parseClawHubUrl(url);
+	if (!parts) throw new Error(`Invalid ClawHub URL: ${url}`);
+	logger.info(`Fetching ${parts.owner}/${parts.skillName} from ClawHub...`);
+	const pageUrl = url.startsWith("http") ? url : `https://${url}`;
+	const pageRes = await fetch(pageUrl, { signal: AbortSignal.timeout(3e4) });
+	if (!pageRes.ok) {
+		if (pageRes.status === 404) throw new Error(`Skill not found on ClawHub: ${parts.skillName}`);
+		throw new Error(`HTTP ${pageRes.status} fetching ClawHub page`);
+	}
+	const html = await pageRes.text();
+	const downloadUrlMatch = html.match(/https?:\/\/[^\s"']+\.convex\.cloud[^\s"']*download[^\s"']*/i) ?? html.match(/https?:\/\/[^\s"']+\.zip/i);
+	if (!downloadUrlMatch) throw new Error("Could not find download URL on ClawHub page. The skill may not have a downloadable archive.");
+	const zipPath = join(tempDir, `${parts.skillName}.zip`);
+	await downloadFile(downloadUrlMatch[0], zipPath);
+	const extractDir = join(tempDir, parts.skillName);
+	await mkdir(extractDir, { recursive: true });
+	await extractZip(zipPath, extractDir);
+	return {
+		localPath: extractDir,
+		sourceType: "clawhub",
+		sourceUrl: url,
+		commitSha: null,
+		inferredName: parts.skillName,
+		cleanup: () => cleanupDir(tempDir)
+	};
+}
+function parseSkillsShUrl(url) {
+	try {
+		const segments = new URL(url.startsWith("http") ? url : `https://${url}`).pathname.split("/").filter(Boolean);
+		if (segments.length < 2) return null;
+		return {
+			owner: segments[0],
+			repo: segments[1],
+			skillName: segments[2] ?? null
+		};
+	} catch {
+		return null;
+	}
+}
+async function fetchFromSkillsSh(url, tempDir) {
+	ensureGitInstalled();
+	const parts = parseSkillsShUrl(url);
+	if (!parts) throw new Error(`Invalid skills.sh URL: ${url}`);
+	const cloneUrl = `https://github.com/${parts.owner}/${parts.repo}.git`;
+	const cloneDest = join(tempDir, parts.repo);
+	logger.info(`Cloning ${parts.owner}/${parts.repo} (via skills.sh)...`);
+	gitCloneShallow(cloneUrl, cloneDest);
+	const commitSha = gitRevParseHead(cloneDest);
+	let localPath = cloneDest;
+	const inferredName = parts.skillName ?? parts.repo;
+	if (parts.skillName) {
+		const candidates = [
+			join(cloneDest, "skills", parts.skillName),
+			join(cloneDest, "src", "skills", parts.skillName),
+			join(cloneDest, parts.skillName)
+		];
+		let found = false;
+		for (const candidate of candidates) try {
+			if ((await stat(candidate)).isDirectory()) {
+				localPath = candidate;
+				found = true;
+				break;
+			}
+		} catch {}
+		if (!found) throw new Error(`Skill "${parts.skillName}" not found in ${parts.repo}. Searched: skills/${parts.skillName}, src/skills/${parts.skillName}, ${parts.skillName}`);
+	}
+	return {
+		localPath,
+		sourceType: "skills_sh",
+		sourceUrl: url,
+		commitSha,
+		inferredName,
+		cleanup: () => cleanupDir(tempDir)
+	};
+}
+async function fetchFromGenericUrl(url, tempDir) {
+	const fullUrl = url.startsWith("http") ? url : `https://${url}`;
+	logger.info(`Downloading from ${fullUrl}...`);
+	const isTarball = /\.(tar\.gz|tgz)(\?|$)/i.test(fullUrl);
+	const isZip = /\.zip(\?|$)/i.test(fullUrl);
+	if (!isTarball && !isZip) {
+		const archivePath = join(tempDir, "skill.tar.gz");
+		await downloadFile(fullUrl, archivePath);
+		const extractDir = join(tempDir, "skill");
+		await mkdir(extractDir, { recursive: true });
+		try {
+			await extractTarball(archivePath, extractDir);
+		} catch {
+			try {
+				await extractZip(archivePath, extractDir);
+			} catch {
+				throw new Error(`Failed to extract archive from ${fullUrl}. Expected .tar.gz or .zip format.`);
+			}
+		}
+		return {
+			localPath: extractDir,
+			sourceType: detectSourceType(url),
+			sourceUrl: url,
+			commitSha: null,
+			inferredName: inferSkillName(url),
+			cleanup: () => cleanupDir(tempDir)
+		};
+	}
+	const archivePath = join(tempDir, `skill.${isTarball ? "tar.gz" : "zip"}`);
+	await downloadFile(fullUrl, archivePath);
+	const extractDir = join(tempDir, "skill");
+	await mkdir(extractDir, { recursive: true });
+	if (isTarball) await extractTarball(archivePath, extractDir);
+	else await extractZip(archivePath, extractDir);
+	return {
+		localPath: extractDir,
+		sourceType: detectSourceType(url),
+		sourceUrl: url,
+		commitSha: null,
+		inferredName: inferSkillName(url),
+		cleanup: () => cleanupDir(tempDir)
+	};
+}
+/** Fetch a skill from a URL to a local temp directory. */
+async function fetchFromUrl(url) {
+	const sourceType = detectSourceType(url);
+	let tempDir = null;
+	try {
+		tempDir = await createTempDir();
+		let result;
+		switch (sourceType) {
+			case "github":
+				result = await fetchFromGitHub(url, tempDir);
+				break;
+			case "clawhub":
+				result = await fetchFromClawHub(url, tempDir);
+				break;
+			case "skills_sh":
+				result = await fetchFromSkillsSh(url, tempDir);
+				break;
+			default:
+				result = await fetchFromGenericUrl(url, tempDir);
+				break;
+		}
+		return {
+			success: true,
+			...result
+		};
+	} catch (err) {
+		if (tempDir) await cleanupDir(tempDir);
+		return {
+			success: false,
+			error: err instanceof Error ? err.message : String(err)
+		};
+	}
+}
+//#endregion
 //#region src/commands/install.ts
 function createRegistryFetcher(registry, headers) {
 	const versionsCache = /* @__PURE__ */ new Map();
@@ -1755,6 +2299,149 @@ async function installAll(options) {
 function buildIntegrity(buffer) {
 	return `sha512-${crypto$1.createHash("sha512").update(buffer).digest("base64")}`;
 }
+/** Map url-fetcher source types to lockfile SkillSource values. */
+function mapSourceType(urlSourceType) {
+	switch (urlSourceType) {
+		case "github": return "github";
+		case "clawhub": return "clawhub";
+		case "skills_sh": return "skills_sh";
+		case "agentskills_il": return "agentskills_il";
+		case "npm": return "npm";
+		default: return "local";
+	}
+}
+/** Compute SHA-512 integrity hash over all files in a directory (sorted by path). */
+function computeDirectoryIntegrity(dir) {
+	const files = [];
+	function walkDir(current) {
+		const entries = fs.readdirSync(current, { withFileTypes: true });
+		for (const entry of entries) {
+			if (entry.name === ".git") continue;
+			const fullPath = path.join(current, entry.name);
+			if (entry.isDirectory()) walkDir(fullPath);
+			else if (entry.isFile()) files.push(fullPath);
+		}
+	}
+	walkDir(dir);
+	files.sort();
+	const hash = crypto$1.createHash("sha512");
+	for (const file of files) hash.update(fs.readFileSync(file));
+	return `sha512-${hash.digest("base64")}`;
+}
+/** Read a manifest (tank.json or skills.json) from a directory, returning null if missing/invalid. */
+function readManifestFromDir(dir) {
+	for (const filename of ["tank.json", "skills.json"]) {
+		const manifestPath = path.join(dir, filename);
+		if (fs.existsSync(manifestPath)) try {
+			return JSON.parse(fs.readFileSync(manifestPath, "utf-8"));
+		} catch {
+			return null;
+		}
+	}
+	return null;
+}
+async function installFromUrl(url, options) {
+	const { global = false, yes = false } = options;
+	const resolvedHome = os.homedir();
+	const directory = process.cwd();
+	const spinner = ora(`Fetching from URL...`).start();
+	let fetchResult;
+	try {
+		const output = await fetchFromUrl(url);
+		if (!output.success) {
+			spinner.fail("Fetch failed");
+			logger.error(output.error);
+			process.exit(1);
+		}
+		fetchResult = output;
+		spinner.text = "Scanning for security issues...";
+	} catch (err) {
+		spinner.fail("Fetch failed");
+		const msg = err instanceof Error ? err.message : String(err);
+		logger.error(msg);
+		process.exit(1);
+	}
+	try {
+		const scanResult = await scanUrl(url);
+		displayScanResults(scanResult);
+		const enforcement = await enforceVerdict(scanResult, { yes });
+		if (!enforcement.allowed) {
+			spinner.fail(enforcement.reason ?? "Install blocked by security scan");
+			await fetchResult.cleanup();
+			process.exit(1);
+		}
+		const skillMdPath = path.join(fetchResult.localPath, "SKILL.md");
+		if (!fs.existsSync(skillMdPath)) throw new Error("No SKILL.md found. This doesn't appear to be a valid skill.");
+		const existingManifest = readManifestFromDir(fetchResult.localPath);
+		const skillName = existingManifest?.name ?? fetchResult.inferredName ?? path.basename(fetchResult.localPath);
+		const skillVersion = existingManifest?.version ?? "0.0.0";
+		const skillDescription = existingManifest?.description ?? "";
+		if (!existingManifest) {
+			const generatedManifest = {
+				name: skillName,
+				version: skillVersion,
+				description: skillDescription
+			};
+			fs.writeFileSync(path.join(fetchResult.localPath, "tank.json"), `${JSON.stringify(generatedManifest, null, 2)}\n`);
+			logger.info("Generated tank.json (no manifest found in source)");
+		}
+		spinner.text = `Installing ${skillName}...`;
+		const installDir = global ? path.join(resolvedHome, ".tank", "skills", skillName) : path.join(directory, ".tank", "skills", skillName);
+		if (fs.existsSync(installDir)) fs.rmSync(installDir, {
+			recursive: true,
+			force: true
+		});
+		fs.mkdirSync(path.dirname(installDir), { recursive: true });
+		fs.cpSync(fetchResult.localPath, installDir, { recursive: true });
+		const integrity = computeDirectoryIntegrity(installDir);
+		const resolvedLock = resolveLockfilePath(global ? path.join(resolvedHome, ".tank") : directory);
+		const lockPath = resolvedLock.exists ? resolvedLock.path : global ? path.join(resolvedHome, ".tank", LOCKFILE_FILENAME) : path.join(directory, LOCKFILE_FILENAME);
+		const lock = readLockOrFresh(lockPath);
+		const lockKey = `${skillName}@${skillVersion}`;
+		const skillPermissions = existingManifest?.permissions ?? {};
+		lock.skills[lockKey] = {
+			resolved: url.startsWith("http") ? url : `https://${url}`,
+			integrity,
+			permissions: skillPermissions,
+			audit_score: scanResult.auditScore ?? null,
+			source: mapSourceType(fetchResult.sourceType),
+			scan_verdict: scanResult.verdict,
+			scanned_at: (/* @__PURE__ */ new Date()).toISOString()
+		};
+		lock.lockfileVersion = 2;
+		fs.mkdirSync(path.dirname(lockPath), { recursive: true });
+		fs.writeFileSync(lockPath, `${JSON.stringify(lock, null, 2)}\n`);
+		const linkedAgents = [];
+		try {
+			const agentSkillsBaseDir = global ? getGlobalAgentSkillsDir(resolvedHome) : path.join(directory, ".tank", "agent-skills");
+			const linksDir = global ? path.join(resolvedHome, ".tank") : path.join(directory, ".tank");
+			const linkResult = linkSkillToAgents({
+				skillName,
+				sourceDir: prepareAgentSkillDir({
+					skillName,
+					extractDir: installDir,
+					agentSkillsBaseDir,
+					description: skillDescription
+				}),
+				linksDir,
+				source: global ? "global" : "local"
+			});
+			linkedAgents.push(...linkResult.linked);
+			if (linkResult.failed.length > 0) for (const failedLink of linkResult.failed) logger.warn(`Failed to link to ${failedLink.agentId}: ${failedLink.error}`);
+		} catch {
+			logger.warn("Agent linking skipped (non-fatal)");
+		}
+		if (detectInstalledAgents().length === 0) logger.warn("No agents detected for linking");
+		await fetchResult.cleanup();
+		spinner.succeed(`Installed ${skillName} from ${fetchResult.sourceType}`);
+		if (linkedAgents.length > 0) logger.info(`Linked to ${linkedAgents.join(", ")}`);
+		logger.info(`Locked (${integrity.slice(0, 20)}..., scanned ${(/* @__PURE__ */ new Date()).toISOString().split("T")[0]})`);
+	} catch (err) {
+		await fetchResult.cleanup();
+		spinner.fail("Install failed");
+		throw err;
+	}
+}
 //#endregion
 //#region src/commands/link.ts
 async function linkCommand(options = {}) {
@@ -3399,9 +4086,13 @@ program.command("publish").alias("pub").description("Pack and publish a skill to
 		process.exit(1);
 	}
 });
-program.command("install").alias("i").description("Install a skill from the Tank registry, or all skills from lockfile").argument("[name]", "Skill name (e.g., @org/skill-name). Omit to install from lockfile.").argument("[version-range]", "Semver range (default: *)", "*").option("-g, --global", "Install skill globally (available to all projects)").action(async (name, versionRange, opts) => {
+program.command("install").alias("i").description("Install a skill from the Tank registry, a URL, or all skills from lockfile").argument("[name]", "Skill name or URL (e.g., @org/skill-name or https://github.com/owner/repo). Omit to install from lockfile.").argument("[version-range]", "Semver range (default: *)", "*").option("-g, --global", "Install skill globally (available to all projects)").option("-y, --yes", "Auto-accept flagged scan verdicts").action(async (name, versionRange, opts) => {
 	try {
-		if (name) await installCommand({
+		if (name && isUrl(name)) await installFromUrl(name, {
+			global: opts.global,
+			yes: opts.yes
+		});
+		else if (name) await installCommand({
 			name,
 			versionRange,
 			global: opts.global