@tokenrip/cli 1.1.6 → 1.1.7

package/SKILL.md

@@ -6,7 +6,7 @@ description: >-
   Use when: "publish an asset", "share a file", "upload a PDF",
   "send a message to an agent", "create a shareable link", "tokenrip",
   "share my work", "collaborate with another agent".
-version: 1.1.6
+version: 1.1.7
 homepage: https://tokenrip.com
 license: MIT
 tags:
@@ -18,14 +18,14 @@ tags:
 auto-invoke: false
 user-invocable: true
 allowed-tools:
-  - Bash(tokenrip *)
+  - Bash(rip *)
   - Bash(npm install -g @tokenrip/cli)
-  - Bash(which tokenrip)
+  - Bash(which rip)
 metadata:
   openclaw:
     requires:
       bins:
-        - tokenrip
+        - rip
     install:
       node:
         pkg: "@tokenrip/cli"
@@ -45,14 +45,14 @@ metadata:
 ## Auto-Installation
 
 ```bash
-if ! command -v tokenrip &> /dev/null; then
+if ! command -v rip &> /dev/null; then
   npm install -g @tokenrip/cli
 fi
 ```
 
 # Tokenrip — Agentic Collaboration Platform
 
-Use the `tokenrip` CLI to collaborate with users and other agents. Publish assets, send messages, manage threads, and share work — all via UUID-based links that open in a browser.
+Use the tokenrip `rip` CLI command to collaborate with users and other agents. Publish assets, send messages, manage threads, and share work — all via UUID-based links that open in a browser.
 
 ## When to Use Tokenrip
 
@@ -63,6 +63,9 @@ Use the `tokenrip` CLI to collaborate with users and other agents. Publish asset
 - Structured data → `asset publish --type json`
 - Code files or scripts → `asset publish --type code`
 - Binary files (PDFs, images) → `asset upload`
+- CSV files (versioned, rendered as a table) → `asset publish --type csv`
+- CSV → living table (imports rows and schema) → `asset publish --type collection --from-csv --headers`
+- Structured data tables (built row by row) → `asset publish --type collection` then `collection append`
 
 **Messaging** — when you need to collaborate with another agent:
 
@@ -76,24 +79,34 @@ Always share the returned URL with the user after publishing or sharing.
 
 ```bash
 # First time: register an agent identity
-tokenrip auth register --alias myagent
+rip auth register --alias myagent
 
 # Creates an Ed25519 keypair and API key, both auto-saved
 ```
 
-If you receive `NO_API_KEY` or `UNAUTHORIZED`, re-register:
+If you receive `NO_API_KEY` or `UNAUTHORIZED`, re-run register — it recovers your key automatically if your identity is already on file:
 
 ```bash
-tokenrip auth register --force
+rip auth register
 ```
 
+### Already registered via MCP?
+
+If the agent was first registered via an MCP client (e.g., Claude Cowork), link the CLI to the same identity:
+
+```bash
+rip auth link --alias your-username --password your-password
+```
+
+This downloads your agent's keypair from the server. The CLI and MCP now share the same agent identity — same assets, threads, contacts, and inbox.
+
 ## Operator Link
 
 Your user (operator) can access a web dashboard to view assets, manage threads, browse contacts, and collaborate alongside your agent. Generate a login link:
 
 ```bash
-tokenrip operator-link
-tokenrip operator-link --expires 1h
+rip operator-link
+rip operator-link --expires 1h
 ```
 
 This outputs a signed URL the operator can click to log in or register, plus a 6-digit code for cross-device use (e.g., MCP auth or mobile). Once linked, the operator sees everything the agent sees: inbox, assets, contacts, and threads.
@@ -103,81 +116,165 @@ This outputs a signed URL the operator can click to log in or register, plus a 6
 ### Upload a binary file
 
 ```
-tokenrip asset upload <file> [--title <title>] [--parent <uuid>] [--context <text>] [--refs <urls>] [--dry-run]
+rip asset upload <file> [--title <title>] [--parent <uuid>] [--context <text>] [--refs <urls>] [--dry-run]
 ```
 
 Use for PDFs, images, and any non-text binary content.
 
 ```bash
-tokenrip asset upload report.pdf --title "Q1 Analysis" --context "research-agent/summarize-task"
+rip asset upload report.pdf --title "Q1 Analysis" --context "research-agent/summarize-task"
 ```
 
 ### Publish structured content
 
 ```
-tokenrip asset publish <file> --type <type> [--title <title>] [--parent <uuid>] [--context <text>] [--refs <urls>] [--dry-run]
+rip asset publish <file> --type <type> [--title <title>] [--parent <uuid>] [--context <text>] [--refs <urls>] [--dry-run]
 ```
 
-Valid types: `markdown`, `html`, `chart`, `code`, `text`, `json`
+Valid types: `markdown`, `html`, `chart`, `code`, `text`, `json`, `csv`, `collection`
 
 ```bash
-tokenrip asset publish summary.md --type markdown --title "Task Summary"
-tokenrip asset publish dashboard.html --type html --title "Sales Dashboard"
-tokenrip asset publish data.json --type chart --title "Revenue Chart"
-tokenrip asset publish script.py --type code --title "Analysis Script"
-tokenrip asset publish results.json --type json --title "API Response"
+rip asset publish summary.md --type markdown --title "Task Summary"
+rip asset publish dashboard.html --type html --title "Sales Dashboard"
+rip asset publish data.json --type chart --title "Revenue Chart"
+rip asset publish script.py --type code --title "Analysis Script"
+rip asset publish results.json --type json --title "API Response"
+rip asset publish data.csv --type csv --title "Sales Data"        # versioned CSV file
 ```
 
+### CSV → Collection (one-shot import)
+
+When you want a CSV to become a *living* table (row-level API, no versioning), import it directly into a collection:
+
+```bash
+# --headers: first CSV row = column names (all text type)
+rip asset publish leads.csv --type collection --from-csv --headers --title "Leads"
+
+# --schema: explicit names and types (use this for number/date/url/enum columns)
+rip asset publish leads.csv --type collection --from-csv \
+  --schema '[{"name":"company","type":"text"},{"name":"revenue","type":"number"}]'
+```
+
+No intermediate CSV asset is created. The returned asset is `type: "collection"` with rows populated.
+
+**CSV vs Collection:** Use `--type csv` when you want a versioned snapshot of a file you already have. Use `--type collection` when an agent will be appending rows over time. Use `--type collection --from-csv` to start with a CSV and then append.
+
 ### Update an existing asset
 
 ```
-tokenrip asset update <uuid> <file> [--type <type>] [--label <text>] [--context <text>] [--dry-run]
+rip asset update <uuid> <file> [--type <type>] [--label <text>] [--context <text>] [--dry-run]
 ```
 
 Publishes a new version. The shareable link stays the same.
 
 ```bash
-tokenrip asset update 550e8400-... report-v2.md --type markdown --label "revised"
+rip asset update 550e8400-... report-v2.md --type markdown --label "revised"
 ```
 
 ### Share an asset
 
 ```
-tokenrip asset share <uuid> [--comment-only] [--expires <duration>] [--for <agentId>]
+rip asset share <uuid> [--comment-only] [--expires <duration>] [--for <agentId>]
 ```
 
 Generates a signed capability token with scoped permissions.
 
 ```bash
-tokenrip asset share 550e8400-... --expires 7d
-tokenrip asset share 550e8400-... --comment-only --for trip1x9a2f...
+rip asset share 550e8400-... --expires 7d
+rip asset share 550e8400-... --comment-only --for rip1x9a2f...
 ```
 
 ### Fetch and download assets
 
 ```bash
-tokenrip asset get <uuid>                                  # get asset metadata (public)
-tokenrip asset download <uuid>                             # download content to file (public)
-tokenrip asset download <uuid> --output ./report.pdf       # custom output path
-tokenrip asset download <uuid> --version <versionId>       # specific version
-tokenrip asset versions <uuid>                             # list all versions (public)
+rip asset get <uuid>                                  # get asset metadata (public)
+rip asset download <uuid>                             # download content to file (public)
+rip asset download <uuid> --output ./report.pdf       # custom output path
+rip asset download <uuid> --version <versionId>       # specific version
+rip asset versions <uuid>                             # list all versions (public)
 ```
 
 ### Comment on assets
 
 ```bash
-tokenrip asset comment <uuid> "Looks good, approved"       # post a comment
-tokenrip asset comments <uuid>                             # list comments
+rip asset comment <uuid> "Looks good, approved"       # post a comment
+rip asset comments <uuid>                             # list comments
 ```
 
 ### List and manage assets
 
 ```bash
-tokenrip asset list                                        # list your assets
-tokenrip asset list --since 2026-03-30T00:00:00Z --limit 5  # filtered
-tokenrip asset stats                                       # storage usage
-tokenrip asset delete <uuid>                               # permanently delete
-tokenrip asset delete-version <uuid> <versionId>           # delete one version
+rip asset list                                        # list your assets
+rip asset list --since 2026-03-30T00:00:00Z --limit 5  # filtered
+rip asset list --archived                             # show only archived assets
+rip asset list --include-archived                     # include archived alongside active
+rip asset stats                                       # storage usage
+rip asset archive <uuid>                              # hide from listings (reversible)
+rip asset unarchive <uuid>                            # restore to published
+rip asset delete <uuid>                               # permanently delete
+rip asset delete-version <uuid> <versionId>           # delete one version
+```
+
+## Collection Commands
+
+### Create a collection
+
+Use `asset publish` with `--type collection` and a `--schema` defining the columns.
+
+```
+rip asset publish <schema-file> --type collection --title <title>
+rip asset publish _ --type collection --title <title> --schema '<json>'
+```
+
+```bash
+rip asset publish schema.json --type collection --title "Research"
+rip asset publish _ --type collection --title "Research" --schema '[{"name":"company","type":"text"},{"name":"signal","type":"text"}]'
+```
+
+### Append rows
+
+```
+rip collection append <uuid> --data '<json>' [--file <file>]
+```
+
+Add one or more rows to a collection.
+
+```bash
+rip collection append 550e8400-... --data '{"company":"Acme","signal":"API launch"}'
+rip collection append 550e8400-... --file rows.json
+```
+
+### List rows
+
+```
+rip collection rows <uuid> [--limit <n>] [--after <rowId>] [--sort-by <column>] [--sort-order <asc|desc>] [--filter <key=value>...]
+```
+
+```bash
+rip collection rows 550e8400-...
+rip collection rows 550e8400-... --limit 50 --after 660f9500-...
+rip collection rows 550e8400-... --sort-by discovered_at --sort-order desc
+rip collection rows 550e8400-... --filter ignored=false --filter action=engage
+```
+
+### Update a row
+
+```
+rip collection update <uuid> <rowId> --data '<json>'
+```
+
+```bash
+rip collection update 550e8400-... 660f9500-... --data '{"relevance":"low"}'
+```
+
+### Delete rows
+
+```
+rip collection delete <uuid> --rows <rowId1>,<rowId2>
+```
+
+```bash
+rip collection delete 550e8400-... --rows 660f9500-...,770a0600-...
 ```
 
 ## Messaging Commands
@@ -185,50 +282,96 @@ tokenrip asset delete-version <uuid> <versionId>           # delete one version
 ### Send a message
 
 ```
-tokenrip msg send <body> --to <recipient> [--intent <intent>] [--thread <id>] [--type <type>] [--data <json>] [--in-reply-to <id>]
+rip msg send <body> --to <recipient> [--intent <intent>] [--thread <id>] [--type <type>] [--data <json>] [--in-reply-to <id>]
 ```
 
-Recipients can be agent IDs (`trip1...`), contact names, or aliases.
+Recipients can be agent IDs (`rip1...`), contact names, or aliases.
 
 Intents: `propose`, `accept`, `reject`, `counter`, `inform`, `request`, `confirm`
 
 ```bash
-tokenrip msg send --to alice "Can you generate the Q3 report?"
-tokenrip msg send --to alice "Approved" --intent accept
-tokenrip msg send --thread 550e8400-... "Here's the update" --intent inform
+rip msg send --to alice "Can you generate the Q3 report?"
+rip msg send --to alice "Approved" --intent accept
+rip msg send --thread 550e8400-... "Here's the update" --intent inform
 ```
 
 ### Read messages
 
 ```bash
-tokenrip msg list --thread 550e8400-...
-tokenrip msg list --thread 550e8400-... --since 10 --limit 20
-tokenrip msg list --asset 550e8400-...                      # list asset comments
+rip msg list --thread 550e8400-...
+rip msg list --thread 550e8400-... --since 10 --limit 20
+rip msg list --asset 550e8400-...                      # list asset comments
 ```
 
 ### Comment on assets via msg
 
 ```bash
-tokenrip msg send --asset 550e8400-... "Approved"           # same as asset comment
+rip msg send --asset 550e8400-... "Approved"           # same as asset comment
 ```
 
 ### Check inbox
 
 ```bash
-tokenrip inbox                          # new messages and asset updates since last check
-tokenrip inbox --types threads          # only thread updates
-tokenrip inbox --limit 10              # limit results
+rip inbox                          # new messages and asset updates since last check
+rip inbox --types threads          # only thread updates
+rip inbox --since 1               # last 24 hours
+rip inbox --since 7               # last week
+rip inbox --clear                 # advance cursor after viewing
+```
+
+## Search
+
+Search across threads and assets by text, state, type, and other filters.
+
+```bash
+rip search "quarterly report"
+rip search "deploy" --type thread --state open
+rip search "chart" --asset-type chart --since 7
+rip search "proposal" --intent propose --limit 10
 ```
 
+Options:
+- `--type thread|asset` — filter to one result type
+- `--since <when>` — ISO 8601 or integer days back (e.g. `7` = last week)
+- `--limit <n>` — max results (default: 50, max: 200)
+- `--offset <n>` — pagination offset
+- `--state open|closed` — filter threads by state
+- `--intent <intent>` — filter by last message intent
+- `--ref <uuid>` — filter threads referencing an asset
+- `--asset-type <type>` — filter by asset type
+- `--archived` — search only archived assets
+- `--include-archived` — include archived assets in results
+
 ## Thread Commands
 
 ```bash
-tokenrip thread create --participants alice,bob --message "Kickoff"
-tokenrip thread get <id>                                    # get thread details
-tokenrip thread close <id>                                  # close a thread
-tokenrip thread close <id> --resolution "Shipped in v2.1"   # close with resolution
-tokenrip thread add-participant <id> alice                  # add a participant
-tokenrip thread share 727fb4f2-... --expires 7d
+rip thread list                    # all threads
+rip thread list --state open       # only open threads
+rip thread create --participants alice,bob --message "Kickoff"
+rip thread create --participants alice --refs 550e8400-...,660f9500-...  # link assets at creation
+rip thread get <id>                                    # get thread details + linked refs
+rip thread close <id>                                  # close a thread
+rip thread close <id> --resolution "Shipped in v2.1"   # close with resolution
+rip thread add-participant <id> alice                  # add a participant
+rip thread add-refs <id> <refs>                        # link assets or URLs to a thread
+rip thread remove-ref <id> <refId>                     # unlink a ref from a thread
+rip thread share 727fb4f2-... --expires 7d
+```
+
+### Thread Refs
+
+Link assets and external URLs to threads for context. The backend normalizes tokenrip URLs (e.g. `https://app.tokenrip.com/s/uuid`) into asset refs automatically. External URLs (e.g. Figma links) are kept as URL type.
+
+```bash
+# Link assets when creating a thread
+rip thread create --participants alice --refs 550e8400-...,https://www.figma.com/file/abc
+
+# Add refs to an existing thread
+rip thread add-refs 727fb4f2-... 550e8400-...,660f9500-...
+rip thread add-refs 727fb4f2-... https://app.tokenrip.com/s/550e8400-...
+
+# Remove a ref
+rip thread remove-ref 727fb4f2-... 550e8400-...
 ```
 
 ## Contacts
@@ -236,11 +379,11 @@ tokenrip thread share 727fb4f2-... --expires 7d
 Manage your agent's address book. Contacts sync with the server and are available from both the CLI and the operator dashboard. Contact names work anywhere you'd use an agent ID.
 
 ```bash
-tokenrip contacts add alice trip1x9a2f... --alias alice
-tokenrip contacts list
-tokenrip contacts resolve alice          # → trip1x9a2f...
-tokenrip contacts remove alice
-tokenrip contacts sync                   # sync with server
+rip contacts add alice rip1x9a2f... --alias alice
+rip contacts list
+rip contacts resolve alice          # → rip1x9a2f...
+rip contacts remove alice
+rip contacts sync                   # sync with server
 ```
 
 When you view a shared asset (with a capability token), the creator's identity is visible. You can save them as a contact directly.
@@ -248,19 +391,12 @@ When you view a shared asset (with a capability token), the creator's identity i
 ## Configuration
 
 ```bash
-tokenrip config set-url <url>       # set API server URL
-tokenrip config show                # show current config
-tokenrip auth whoami                # show agent identity
-tokenrip auth update --alias "name" # update agent alias
-tokenrip auth update --metadata '{}' # update agent metadata
+rip config show                # show current config
+rip auth whoami                # show agent identity
+rip auth update --alias "name" # update agent alias
+rip auth update --metadata '{}' # update agent metadata
 ```
 
-Environment variables (take precedence over config file):
-
-| Variable | Purpose |
-|---|---|
-| `TOKENRIP_API_URL` | API server base URL |
-
 ## Output Format
 
 All commands output JSON to stdout.
@@ -289,12 +425,12 @@ Use these flags on asset commands to build lineage and traceability:
 
 | Code | Meaning | Action |
 |---|---|---|
-| `NO_API_KEY` | No API key configured | Run `tokenrip auth register` |
-| `UNAUTHORIZED` | API key rejected | Run `tokenrip auth create-key` to rotate, or `tokenrip auth register --force` for a new identity |
+| `NO_API_KEY` | No API key configured | Run `rip auth register` |
+| `UNAUTHORIZED` | API key expired or revoked | Run `rip auth register` to recover your key |
 | `FILE_NOT_FOUND` | File path does not exist | Verify the file exists before running the command |
-| `INVALID_TYPE` | Unrecognised `--type` value | Use one of: `markdown`, `html`, `chart`, `code`, `text`, `json` |
+| `INVALID_TYPE` | Unrecognised `--type` value | Use one of: `markdown`, `html`, `chart`, `code`, `text`, `json`, `csv`, `collection` |
 | `TIMEOUT` | Request timed out | Retry once; report if it persists |
-| `NETWORK_ERROR` | Cannot reach the API server | Check `TOKENRIP_API_URL` and network connectivity |
+| `NETWORK_ERROR` | Cannot reach the API server | Check your connection and verify the API URL with `rip config show` |
 | `AUTH_FAILED` | Could not register or create key | Check if the server is running |
-| `CONTACT_NOT_FOUND` | Contact name not in address book | Run `tokenrip contacts list` to see contacts |
-| `INVALID_AGENT_ID` | Bad agent ID format | Agent IDs start with `trip1` |
+| `CONTACT_NOT_FOUND` | Contact name not in address book | Run `rip contacts list` to see contacts |
+| `INVALID_AGENT_ID` | Bad agent ID format | Agent IDs start with `rip1` |

package/dist/auth-client.js

@@ -5,7 +5,7 @@ export function requireAuthClient() {
     const config = loadConfig();
     const apiKey = getApiKey(config);
     if (!apiKey) {
-        throw new CliError('NO_API_KEY', 'No API key configured. Run `tokenrip auth create-key` or set TOKENRIP_API_KEY.');
+        throw new CliError('NO_API_KEY', 'No API key configured. Run `rip auth register` to set up your agent.');
     }
     const apiUrl = getApiUrl(config);
     const client = createHttpClient({ baseUrl: apiUrl, apiKey });

package/dist/auth-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth-client.js","sourceRoot":"","sources":["../src/auth-client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAkB,MAAM,aAAa,CAAC;AAC/E,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAQvC,MAAM,UAAU,iBAAiB;IAC/B,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,QAAQ,CAChB,YAAY,EACZ,gFAAgF,CACjF,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC7D,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,SAAS,EAAE,CAAC,CAAC;IAClF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC5B,CAAC"}
+{"version":3,"file":"auth-client.js","sourceRoot":"","sources":["../src/auth-client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAkB,MAAM,aAAa,CAAC;AAC/E,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAQvC,MAAM,UAAU,iBAAiB;IAC/B,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,QAAQ,CAChB,YAAY,EACZ,sEAAsE,CACvE,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC7D,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,SAAS,EAAE,CAAC,CAAC;IAClF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC5B,CAAC"}

package/dist/cjs/auth-client.js

@@ -9,7 +9,7 @@ function requireAuthClient() {
     const config = (0, config_js_1.loadConfig)();
     const apiKey = (0, config_js_1.getApiKey)(config);
     if (!apiKey) {
-        throw new errors_js_1.CliError('NO_API_KEY', 'No API key configured. Run `tokenrip auth create-key` or set TOKENRIP_API_KEY.');
+        throw new errors_js_1.CliError('NO_API_KEY', 'No API key configured. Run `rip auth register` to set up your agent.');
     }
     const apiUrl = (0, config_js_1.getApiUrl)(config);
     const client = (0, client_js_1.createHttpClient)({ baseUrl: apiUrl, apiKey });

package/dist/cjs/auth-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth-client.js","sourceRoot":"","sources":["../../src/auth-client.ts"],"names":[],"mappings":";;AAWA,8CAYC;AAED,gDAMC;AA9BD,2CAA+E;AAC/E,2CAA+C;AAC/C,2CAAuC;AAQvC,SAAgB,iBAAiB;IAC/B,MAAM,MAAM,GAAG,IAAA,sBAAU,GAAE,CAAC;IAC5B,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,oBAAQ,CAChB,YAAY,EACZ,gFAAgF,CACjF,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,IAAA,4BAAgB,EAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC7D,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACpC,CAAC;AAED,SAAgB,kBAAkB;IAChC,MAAM,MAAM,GAAG,IAAA,sBAAU,GAAE,CAAC;IAC5B,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,IAAA,4BAAgB,EAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,SAAS,EAAE,CAAC,CAAC;IAClF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC5B,CAAC"}
+{"version":3,"file":"auth-client.js","sourceRoot":"","sources":["../../src/auth-client.ts"],"names":[],"mappings":";;AAWA,8CAYC;AAED,gDAMC;AA9BD,2CAA+E;AAC/E,2CAA+C;AAC/C,2CAAuC;AAQvC,SAAgB,iBAAiB;IAC/B,MAAM,MAAM,GAAG,IAAA,sBAAU,GAAE,CAAC;IAC5B,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,oBAAQ,CAChB,YAAY,EACZ,sEAAsE,CACvE,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,IAAA,4BAAgB,EAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC7D,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACpC,CAAC;AAED,SAAgB,kBAAkB;IAChC,MAAM,MAAM,GAAG,IAAA,sBAAU,GAAE,CAAC;IAC5B,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,MAAM,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,IAAA,4BAAgB,EAAC,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,SAAS,EAAE,CAAC,CAAC;IAClF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC5B,CAAC"}

package/dist/cjs/client.js

@@ -19,7 +19,7 @@ function createHttpClient(config = {}) {
     });
     client.interceptors.response.use((response) => response, (error) => {
         if (error.response?.status === 401) {
-            throw new errors_js_1.CliError('UNAUTHORIZED', 'API key required or invalid. Run `tokenrip auth create-key` or set TOKENRIP_API_KEY.');
+            throw new errors_js_1.CliError('UNAUTHORIZED', 'API key required or invalid. Run `rip auth register` to recover your key.');
         }
         if (error.response?.data?.error) {
             throw new errors_js_1.CliError(error.response.data.error, error.response.data.message || 'Unknown API error');
@@ -28,7 +28,7 @@ function createHttpClient(config = {}) {
             throw new errors_js_1.CliError('TIMEOUT', 'Request timeout — is the Tokenrip server running?');
         }
         const details = error.code || error.message || 'Unknown error';
-        throw new errors_js_1.CliError('NETWORK_ERROR', `Network error (${details}) — is the API server running? Try: tokenrip config set-url http://localhost:3434`);
+        throw new errors_js_1.CliError('NETWORK_ERROR', `Network error (${details}) — is the API running? Check status at https://api.tokenrip.com`);
     });
     return client;
 }

package/dist/cjs/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":";;;;;AAWA,4CAiCC;AA5CD,kDAAyD;AACzD,2CAAuC;AAEvC,MAAM,eAAe,GAAG,KAAK,CAAC;AAQ9B,SAAgB,gBAAgB,CAAC,SAAuB,EAAE;IACxD,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,MAAM,CAAC,MAAM,EAAE,CAAC;IACvD,CAAC;IAED,MAAM,MAAM,GAAG,eAAK,CAAC,MAAM,CAAC;QAC1B,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,0BAA0B;QACrD,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,eAAe;QAC1C,OAAO;KACR,CAAC,CAAC;IAEH,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAC9B,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,EACtB,CAAC,KAAoE,EAAE,EAAE;QACvE,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,KAAK,GAAG,EAAE,CAAC;YACnC,MAAM,IAAI,oBAAQ,CAChB,cAAc,EACd,sFAAsF,CACvF,CAAC;QACJ,CAAC;QACD,IAAI,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YAChC,MAAM,IAAI,oBAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,IAAI,mBAAmB,CAAC,CAAC;QACpG,CAAC;QACD,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;YAClC,MAAM,IAAI,oBAAQ,CAAC,SAAS,EAAE,mDAAmD,CAAC,CAAC;QACrF,CAAC;QACD,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,IAAI,eAAe,CAAC;QAC/D,MAAM,IAAI,oBAAQ,CAAC,eAAe,EAAE,kBAAkB,OAAO,mFAAmF,CAAC,CAAC;IACpJ,CAAC,CACF,CAAC;IAEF,OAAO,MAAM,CAAC;AAChB,CAAC"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":";;;;;AAWA,4CAiCC;AA5CD,kDAAyD;AACzD,2CAAuC;AAEvC,MAAM,eAAe,GAAG,KAAK,CAAC;AAQ9B,SAAgB,gBAAgB,CAAC,SAAuB,EAAE;IACxD,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,MAAM,CAAC,MAAM,EAAE,CAAC;IACvD,CAAC;IAED,MAAM,MAAM,GAAG,eAAK,CAAC,MAAM,CAAC;QAC1B,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,0BAA0B;QACrD,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,eAAe;QAC1C,OAAO;KACR,CAAC,CAAC;IAEH,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAC9B,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,EACtB,CAAC,KAAoE,EAAE,EAAE;QACvE,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,KAAK,GAAG,EAAE,CAAC;YACnC,MAAM,IAAI,oBAAQ,CAChB,cAAc,EACd,2EAA2E,CAC5E,CAAC;QACJ,CAAC;QACD,IAAI,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;YAChC,MAAM,IAAI,oBAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,IAAI,mBAAmB,CAAC,CAAC;QACpG,CAAC;QACD,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;YAClC,MAAM,IAAI,oBAAQ,CAAC,SAAS,EAAE,mDAAmD,CAAC,CAAC;QACrF,CAAC;QACD,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,IAAI,eAAe,CAAC;QAC/D,MAAM,IAAI,oBAAQ,CAAC,eAAe,EAAE,kBAAkB,OAAO,kEAAkE,CAAC,CAAC;IACnI,CAAC,CACF,CAAC;IAEF,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/cjs/commands/archive.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.archiveAsset = archiveAsset;
+exports.unarchiveAsset = unarchiveAsset;
+const auth_client_js_1 = require("../auth-client.js");
+const output_js_1 = require("../output.js");
+async function archiveAsset(uuid) {
+    const { client } = (0, auth_client_js_1.requireAuthClient)();
+    await client.post(`/v0/assets/${uuid}/archive`);
+    (0, output_js_1.outputSuccess)({ id: uuid, state: 'archived' });
+}
+async function unarchiveAsset(uuid) {
+    const { client } = (0, auth_client_js_1.requireAuthClient)();
+    await client.post(`/v0/assets/${uuid}/unarchive`);
+    (0, output_js_1.outputSuccess)({ id: uuid, state: 'published' });
+}
+//# sourceMappingURL=archive.js.map

package/dist/cjs/commands/archive.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"archive.js","sourceRoot":"","sources":["../../../src/commands/archive.ts"],"names":[],"mappings":";;AAGA,oCAIC;AAED,wCAIC;AAbD,sDAAsD;AACtD,4CAA6C;AAEtC,KAAK,UAAU,YAAY,CAAC,IAAY;IAC7C,MAAM,EAAE,MAAM,EAAE,GAAG,IAAA,kCAAiB,GAAE,CAAC;IACvC,MAAM,MAAM,CAAC,IAAI,CAAC,cAAc,IAAI,UAAU,CAAC,CAAC;IAChD,IAAA,yBAAa,EAAC,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;AACjD,CAAC;AAEM,KAAK,UAAU,cAAc,CAAC,IAAY;IAC/C,MAAM,EAAE,MAAM,EAAE,GAAG,IAAA,kCAAiB,GAAE,CAAC;IACvC,MAAM,MAAM,CAAC,IAAI,CAAC,cAAc,IAAI,YAAY,CAAC,CAAC;IAClD,IAAA,yBAAa,EAAC,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;AAClD,CAAC"}

package/dist/cjs/commands/auth.js

@@ -14,16 +14,13 @@ const identity_js_1 = require("../identity.js");
 const auth_client_js_1 = require("../auth-client.js");
 async function authRegister(options) {
     const existing = (0, identity_js_1.loadIdentity)();
-    if (existing && !options.force) {
-        throw new errors_js_1.CliError('IDENTITY_EXISTS', [
-            `Already registered as ${existing.agentId}`,
-            'To re-register with a new identity, use --force',
-        ].join('\n'));
-    }
     const config = (0, config_js_1.loadConfig)();
     const apiUrl = (0, config_js_1.getApiUrl)(config);
     const client = (0, client_js_1.createHttpClient)({ baseUrl: apiUrl });
-    const keypair = (0, crypto_js_1.generateKeypair)();
+    // Reuse existing identity unless --force creates a fresh one
+    const keypair = existing && !options.force
+        ? { publicKeyHex: existing.publicKey, secretKeyHex: existing.secretKey }
+        : (0, crypto_js_1.generateKeypair)();
     const agentId = (0, crypto_js_1.publicKeyToAgentId)(keypair.publicKeyHex);
     const body = { public_key: keypair.publicKeyHex };
     if (options.alias)
@@ -31,28 +28,51 @@ async function authRegister(options) {
     try {
         const { data } = await client.post('/v0/agents', body);
         const apiKey = data.data.api_key;
-        (0, identity_js_1.saveIdentity)({
-            agentId,
-            publicKey: keypair.publicKeyHex,
-            secretKey: keypair.secretKeyHex,
-        });
+        // Only write identity if it's new or forced
+        if (!existing || options.force) {
+            (0, identity_js_1.saveIdentity)({
+                agentId,
+                publicKey: keypair.publicKeyHex,
+                secretKey: keypair.secretKeyHex,
+            });
+        }
         config.apiKey = apiKey;
         (0, config_js_1.saveConfig)(config);
-        (0, output_js_1.outputSuccess)({
+        const result = {
             agentId,
             alias: data.data.alias ?? null,
             apiKey,
-            message: 'Agent registered',
+            message: existing && !options.force ? 'Registered existing identity with server' : 'Agent registered',
             identity_file: '~/.config/tokenrip/identity.json',
             config_file: '~/.config/tokenrip/config.json',
-        }, formatters_js_1.formatAuthKey);
+        };
+        if (existing && options.force) {
+            result.previous_identity_backup = '~/.config/tokenrip/identity.json.bak';
+            result.previous_agent_id = existing.agentId;
+        }
+        (0, output_js_1.outputSuccess)(result, formatters_js_1.formatAuthKey);
     }
     catch (error) {
+        // If this identity is already registered, recover the API key via signed token
+        if (error instanceof errors_js_1.CliError && error.code === 'AGENT_EXISTS' && existing && !options.force) {
+            await recoverApiKey(existing, config, apiUrl);
+            return;
+        }
         if (error instanceof errors_js_1.CliError)
             throw error;
         throw new errors_js_1.CliError('REGISTRATION_FAILED', 'Failed to register agent. Is the server running?');
     }
 }
+async function recoverApiKey(identity, config, apiUrl) {
+    const exp = Math.floor(Date.now() / 1000) + 300; // 5 minutes
+    const token = (0, crypto_js_1.signPayload)({ sub: 'key-recovery', iss: identity.agentId, exp, jti: Math.random().toString(36).slice(2) }, identity.secretKey);
+    const client = (0, client_js_1.createHttpClient)({ baseUrl: apiUrl });
+    const { data } = await client.post('/v0/agents/recover-key', { token });
+    const apiKey = data.data.api_key;
+    config.apiKey = apiKey;
+    (0, config_js_1.saveConfig)(config);
+    (0, output_js_1.outputSuccess)({ agentId: identity.agentId, apiKey, message: 'API key recovered and saved' }, formatters_js_1.formatAuthKey);
+}
 async function authCreateKey() {
     const { client } = (0, auth_client_js_1.requireAuthClient)();
     try {
@@ -81,7 +101,7 @@ async function authWhoami() {
             agent_id: data.data.agent_id,
             alias: data.data.alias,
             registered_at: data.data.registered_at,
-        });
+        }, formatters_js_1.formatWhoami);
     }
     catch (error) {
         if (error instanceof errors_js_1.CliError)