@vibecodr/cli 0.1.8 → 0.1.9

package/CHANGELOG.md

@@ -1,17 +1,17 @@
-# Changelog
-
-## Unreleased
-
-- rename the npm package to `@vibecodr/cli` while keeping `vibecodr` as the primary executable and `vibecodr-mcp` as a compatibility alias
-
-## 0.1.8
-
-- report the actual package version in MCP client metadata instead of a stale hardcoded value
-- publish the CLI after redeploying the hosted Vibecodr MCP gateway
-
-## 0.1.7
-
-- add the `pulse-setup` command for live Pulse setup guidance
+# Changelog
+
+## Unreleased
+
+- rename the npm package to `@vibecodr/cli` while keeping `vibecodr` as the primary executable and `vibecodr-mcp` as a compatibility alias
+
+## 0.1.8
+
+- report the actual package version in MCP client metadata instead of a stale hardcoded value
+- publish the CLI after redeploying the hosted Vibecodr MCP gateway
+
+## 0.1.7
+
+- add the `pulse-setup` command for live Pulse setup guidance
 - align CLI Pulse setup docs with the gateway runtime contract for policy-bound secrets, Stripe-first webhook helper guidance, generic HMAC presets, and provider-scoped connections
 - refresh release-lock coverage for current in-range MCP SDK, keyring, and Node type packages before publishing
 

package/README.md

@@ -3,9 +3,9 @@
 
 
 
-# Vibecodr CLI
+# Vibecodr CLI
 
-Direct terminal client for the hosted Vibecodr MCP server.
+Direct terminal client for the hosted Vibecodr MCP server.
 
 This repository is intentionally separate from the PolyForm-licensed server implementation. The CLI is a client and installer surface, not a second server. It talks to the same hosted Vibecodr MCP gateway used by Codex, Cursor, VS Code, Windsurf, ChatGPT, and other MCP-capable clients.
 
@@ -30,21 +30,21 @@ Currently implemented command surface:
 - `install`
 - `uninstall`
 
-Primary executable:
-
-- `vibecodr`
-
-Compatibility alias:
-
-- `vibecodr-mcp`
-
-Published package:
-
-- `@vibecodr/cli`
-
-Legacy package compatibility:
-
-- `@vibecodr/mcp`
+Primary executable:
+
+- `vibecodr`
+
+Compatibility alias:
+
+- `vibecodr-mcp`
+
+Published package:
+
+- `@vibecodr/cli`
+
+Legacy package compatibility:
+
+- `@vibecodr/mcp`
 
 The runtime path talks directly to `https://openai.vibecodr.space/mcp`. Editor installers are not part of the runtime path.
 

package/dist/auth/token-manager.js

@@ -23,6 +23,28 @@ function computeExpiresAt(expiresIn) {
         return undefined;
     return new Date(Date.now() + expiresIn * 1000).toISOString();
 }
+function normalizeServerUrlForSessionMatch(value) {
+    if (!value)
+        return undefined;
+    try {
+        const url = new URL(value);
+        url.hash = "";
+        url.search = "";
+        url.pathname = url.pathname.replace(/\/+$/, "") || "/";
+        return url.toString();
+    }
+    catch {
+        return value.replace(/\/+$/, "");
+    }
+}
+function sessionMatchesServer(session, serverUrl) {
+    if (!serverUrl)
+        return true;
+    const target = normalizeServerUrlForSessionMatch(serverUrl);
+    const sessionServer = normalizeServerUrlForSessionMatch(session.serverUrl);
+    const sessionResource = normalizeServerUrlForSessionMatch(session.resourceUrl);
+    return Boolean(target && (target === sessionServer || target === sessionResource));
+}
 async function startLoopbackListener(timeoutSec) {
     const callbackPath = "/oauth/callback/vibecodr";
     const server = createServer();
@@ -108,11 +130,17 @@ export class TokenManager {
         return {
             profileName: name,
             profile,
-            serverUrl: globalOptions.serverUrl || profile.serverUrl
+            serverUrl: profile.serverUrl
         };
     }
-    async getSession(profileName) {
-        return await this.secretStore.get(profileName);
+    async getSession(profileName, serverUrl) {
+        const session = await this.secretStore.get(profileName);
+        if (!session)
+            return undefined;
+        // SECURITY: Never replay a stored bearer token to a different MCP origin.
+        // Profiles may be repointed during development; the existing token remains
+        // valid only for the server/resource that issued it.
+        return sessionMatchesServer(session, serverUrl) ? session : undefined;
     }
     sessionState(session) {
         if (!session)

package/dist/bin/vibecodr-mcp.js

@@ -16,6 +16,7 @@ import { runConfigCommand } from "../commands/config.js";
 import { runInstallCommand } from "../commands/install.js";
 import { runUninstallCommand } from "../commands/uninstall.js";
 import { runPulseSetupCommand } from "../commands/pulse-setup.js";
+import { runPulsePublishCommand } from "../commands/pulse-publish.js";
 function helpText() {
     return [
         "vibecodr <command> [options]",
@@ -32,10 +33,12 @@ function helpText() {
         "  uninstall <client>",
         "  config",
         "  pulse-setup [--descriptor-setup-json <json> | --descriptor-setup-file <path>]",
+        "  pulse-publish --name <name> (--code <source> | --code-file <path>) --confirm",
+        "    Publishes a standalone Pulse with private source/metadata visibility by default.",
+        "    The runtime URL is still public HTTP unless the Pulse code rejects callers.",
         "",
         "Global flags:",
         "  --profile <name>",
-        "  --server-url <url>",
         "  --json",
         "  --verbose",
         "  --non-interactive"
@@ -91,6 +94,9 @@ async function main() {
         case "pulse-setup":
             await runPulseSetupCommand(commandArgs, context);
             return;
+        case "pulse-publish":
+            await runPulsePublishCommand(commandArgs, context);
+            return;
         default:
             throw new CliError("usage.command", `Unknown command: ${command}`, EXIT_CODES.usage);
     }

package/dist/cli/parse.js

@@ -55,12 +55,9 @@ export function parseGlobalOptions(argv) {
             continue;
         }
         if (token === "--server-url") {
-            const value = argv[index + 1];
-            if (!value)
-                throw new CliError("usage.missing_server_url", "Missing value for --server-url.", EXIT_CODES.usage);
-            globalOptions.serverUrl = value;
-            index += 1;
-            continue;
+            throw new CliError("usage.unknown_global_flag", "--server-url is no longer accepted as a global runtime override.", EXIT_CODES.usage, {
+                nextStep: "Create a separate profile with `vibecodr config profile create <name> --server-url <url>` and login to that profile. Stored tokens are bound to the server they were issued for."
+            });
         }
         if (token === "--json") {
             globalOptions.json = true;

package/dist/commands/call.js

@@ -32,7 +32,7 @@ async function readStdin() {
 }
 export async function callToolWithRetry(context, toolName, input, allowLogin) {
     const { profileName, serverUrl } = await context.tokenManager.resolveProfile(context.globalOptions);
-    const existingSession = await context.tokenManager.getSession(profileName);
+    const existingSession = await context.tokenManager.getSession(profileName, serverUrl);
     try {
         return {
             result: await context.runtimeClient.callTool(serverUrl, existingSession?.accessToken, toolName, input),
@@ -54,7 +54,7 @@ export async function callToolWithRetry(context, toolName, input, allowLogin) {
             await context.tokenManager.login(context.globalOptions, {
                 scope
             });
-            const nextSession = await context.tokenManager.getSession(profileName);
+            const nextSession = await context.tokenManager.getSession(profileName, serverUrl);
             return {
                 result: await context.runtimeClient.callTool(serverUrl, nextSession?.accessToken, toolName, input),
                 ...(nextSession ? { session: nextSession } : {})
@@ -65,7 +65,7 @@ export async function callToolWithRetry(context, toolName, input, allowLogin) {
 }
 async function listToolsWithRetry(context, allowLogin) {
     const { profileName, serverUrl } = await context.tokenManager.resolveProfile(context.globalOptions);
-    const existingSession = await context.tokenManager.getSession(profileName);
+    const existingSession = await context.tokenManager.getSession(profileName, serverUrl);
     try {
         return await context.runtimeClient.listTools(serverUrl, existingSession?.accessToken);
     }
@@ -80,7 +80,7 @@ async function listToolsWithRetry(context, allowLogin) {
             await context.tokenManager.login(context.globalOptions, {
                 scope: challengedScope(error)
             });
-            const nextSession = await context.tokenManager.getSession(profileName);
+            const nextSession = await context.tokenManager.getSession(profileName, serverUrl);
             return await context.runtimeClient.listTools(serverUrl, nextSession?.accessToken);
         }
         throw error;

package/dist/commands/pulse-publish.js

@@ -0,0 +1,90 @@
+import { readFile } from "node:fs/promises";
+import { CliError, EXIT_CODES } from "../cli/errors.js";
+import { parseFlags } from "../cli/parse.js";
+import { renderToolResult } from "../core/renderers.js";
+import { callToolWithRetry } from "./call.js";
+const PUBLISH_STANDALONE_PULSE_TOOL_NAME = "publish_standalone_pulse";
+const PULSE_VISIBILITIES = new Set(["public", "unlisted", "private"]);
+const DEFAULT_PULSE_VISIBILITY = "private";
+function parseJsonObject(raw, source) {
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch (error) {
+        throw new CliError("usage.invalid_json", `${source} must be valid JSON: ${error instanceof Error ? error.message : String(error)}`, EXIT_CODES.usage);
+    }
+    if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+        throw new CliError("usage.invalid_json", `${source} must be a JSON object.`, EXIT_CODES.usage);
+    }
+    return parsed;
+}
+async function parsePulsePublishInput(args) {
+    const { flags } = parseFlags(args, {
+        valueFlags: ["name", "code", "code-file", "descriptor-json", "descriptor-file", "slug", "visibility"],
+        booleanFlags: ["confirm"]
+    });
+    const name = typeof flags["name"] === "string" ? flags["name"].trim() : "";
+    if (!name) {
+        throw new CliError("usage.pulse_name_required", "Usage: pulse-publish --name <name> (--code <source> | --code-file <path>) --confirm", EXIT_CODES.usage);
+    }
+    const hasCode = typeof flags["code"] === "string";
+    const hasCodeFile = typeof flags["code-file"] === "string";
+    if (hasCode === hasCodeFile) {
+        throw new CliError("usage.pulse_code_required", "Use exactly one of --code or --code-file.", EXIT_CODES.usage);
+    }
+    const code = hasCode ? String(flags["code"]) : await readFile(String(flags["code-file"]), "utf8");
+    if (!code.trim()) {
+        throw new CliError("usage.pulse_code_empty", "Pulse source code cannot be empty.", EXIT_CODES.usage);
+    }
+    const hasDescriptorJson = typeof flags["descriptor-json"] === "string";
+    const hasDescriptorFile = typeof flags["descriptor-file"] === "string";
+    if (hasDescriptorJson && hasDescriptorFile) {
+        throw new CliError("usage.duplicate_descriptor", "Use either --descriptor-json or --descriptor-file, not both.", EXIT_CODES.usage);
+    }
+    const input = {
+        name,
+        code,
+        visibility: DEFAULT_PULSE_VISIBILITY,
+        confirmed: flags["confirm"] === true
+    };
+    if (hasDescriptorJson) {
+        input["descriptor"] = parseJsonObject(String(flags["descriptor-json"]), "--descriptor-json");
+    }
+    else if (hasDescriptorFile) {
+        input["descriptor"] = parseJsonObject(await readFile(String(flags["descriptor-file"]), "utf8"), "--descriptor-file");
+    }
+    if (typeof flags["slug"] === "string" && flags["slug"].trim()) {
+        input["slug"] = flags["slug"].trim();
+    }
+    if (typeof flags["visibility"] === "string") {
+        if (!PULSE_VISIBILITIES.has(flags["visibility"])) {
+            throw new CliError("usage.invalid_visibility", "Pulse visibility must be public, unlisted, or private.", EXIT_CODES.usage);
+        }
+        input["visibility"] = flags["visibility"];
+    }
+    if (input["confirmed"] !== true) {
+        throw new CliError("usage.confirmation_required", "Publishing a standalone Pulse requires explicit confirmation. Re-run with --confirm after the user confirms.", EXIT_CODES.usage, {
+            nextStep: "Ask one clear confirmation question, then pass --confirm only after the user says yes."
+        });
+    }
+    return input;
+}
+function redactPulsePublishArguments(input) {
+    const { code: _code, descriptor: _descriptor, ...safe } = input;
+    return {
+        ...safe,
+        ...(input["descriptor"] ? { descriptorProvided: true } : {}),
+        sourceProvided: true
+    };
+}
+export async function runPulsePublishCommand(args, context) {
+    const input = await parsePulsePublishInput(args);
+    const { result } = await callToolWithRetry(context, PUBLISH_STANDALONE_PULSE_TOOL_NAME, input, true);
+    context.output.success({
+        schemaVersion: 1,
+        tool: PUBLISH_STANDALONE_PULSE_TOOL_NAME,
+        arguments: redactPulsePublishArguments(input),
+        result
+    }, [renderToolResult(result)]);
+}

package/dist/commands/status.js

@@ -27,7 +27,7 @@ export async function runStatusCommand(args, context) {
         booleanFlags: ["probe", "show-installs"]
     });
     const { profileName, profile, serverUrl } = await context.tokenManager.resolveProfile(context.globalOptions);
-    const session = await context.tokenManager.getSession(profileName);
+    const session = await context.tokenManager.getSession(profileName, serverUrl);
     const sessionState = context.tokenManager.sessionState(session);
     const installs = flags["show-installs"]
         ? await Promise.all((await new InstallManifestStore().find(() => true)).map((entry) => inspectInstall(entry)))

package/dist/commands/tools.js

@@ -9,7 +9,7 @@ function challengedScope(error) {
 }
 async function loadToolsWithRetry(context, allowLogin) {
     const { profileName, serverUrl } = await context.tokenManager.resolveProfile(context.globalOptions);
-    const existingSession = await context.tokenManager.getSession(profileName);
+    const existingSession = await context.tokenManager.getSession(profileName, serverUrl);
     try {
         return {
             tools: await context.runtimeClient.listTools(serverUrl, existingSession?.accessToken),
@@ -30,7 +30,7 @@ async function loadToolsWithRetry(context, allowLogin) {
             await context.tokenManager.login(context.globalOptions, {
                 scope: challengedScope(error)
             });
-            const nextSession = await context.tokenManager.getSession(profileName);
+            const nextSession = await context.tokenManager.getSession(profileName, serverUrl);
             return {
                 tools: await context.runtimeClient.listTools(serverUrl, nextSession?.accessToken),
                 ...(nextSession ? { session: nextSession } : {})

package/docs/architecture.md

@@ -1,35 +1,35 @@
-# Architecture
-
-The Vibecodr CLI is a client of the hosted Vibecodr MCP gateway.
-
-## Boundary
-
-- hosted MCP gateway/server repo: `Vibecodr-MCP`
-- CLI client repo: `Vibecodr-MCP-CLI`
-- CLI package: `@vibecodr/cli`
-- primary executable: `vibecodr`
-- compatibility executable: `vibecodr-mcp`
-- legacy package compatibility: `@vibecodr/mcp`
-- default MCP URL: `https://openai.vibecodr.space/mcp`
-
-This repo does not run the hosted server. It installs client config, performs CLI-owned OAuth, discovers the live tool catalog, and calls tools over Streamable HTTP MCP.
-
-## Auth Ownership
-
-`vibecodr login` stores OAuth tokens for the CLI profile only.
-
-Codex, Cursor, VS Code, Windsurf, ChatGPT, and other MCP clients own separate OAuth sessions. Installing MCP config into those clients points them at the same server, but it does not copy CLI tokens into them.
-
-## Why The Repos Are Separate
-
-The CLI is permissively licensed and safe to distribute as a public client package. The hosted gateway implementation is source-available under a different license because it contains server-side orchestration, OAuth gateway behavior, Cloudflare deployment wiring, and Vibecodr API integration code.
-
-The package name is `@vibecodr/cli` because this repo distributes the user-facing command-line client. The older `@vibecodr/mcp` package name is kept only as a compatibility/deprecation surface; the bare `vibecodr` executable remains the canonical user command.
-
-Local config directories and secure-token service names intentionally keep their historical `vibecodr-mcp` / `@vibecodr/mcp` identifiers during this migration. Those names are storage compatibility keys, not the public npm package identity.
-
-Keeping the repos separate makes the contract clear:
-
-- users can use the hosted service normally
-- users can install and inspect the CLI freely under this repo license
-- commercial reuse of the gateway implementation remains governed by the server repo license
+# Architecture
+
+The Vibecodr CLI is a client of the hosted Vibecodr MCP gateway.
+
+## Boundary
+
+- hosted MCP gateway/server repo: `Vibecodr-MCP`
+- CLI client repo: `Vibecodr-MCP-CLI`
+- CLI package: `@vibecodr/cli`
+- primary executable: `vibecodr`
+- compatibility executable: `vibecodr-mcp`
+- legacy package compatibility: `@vibecodr/mcp`
+- default MCP URL: `https://openai.vibecodr.space/mcp`
+
+This repo does not run the hosted server. It installs client config, performs CLI-owned OAuth, discovers the live tool catalog, and calls tools over Streamable HTTP MCP.
+
+## Auth Ownership
+
+`vibecodr login` stores OAuth tokens for the CLI profile only.
+
+Codex, Cursor, VS Code, Windsurf, ChatGPT, and other MCP clients own separate OAuth sessions. Installing MCP config into those clients points them at the same server, but it does not copy CLI tokens into them.
+
+## Why The Repos Are Separate
+
+The CLI is permissively licensed and safe to distribute as a public client package. The hosted gateway implementation is source-available under a different license because it contains server-side orchestration, OAuth gateway behavior, Cloudflare deployment wiring, and Vibecodr API integration code.
+
+The package name is `@vibecodr/cli` because this repo distributes the user-facing command-line client. The older `@vibecodr/mcp` package name is kept only as a compatibility/deprecation surface; the bare `vibecodr` executable remains the canonical user command.
+
+Local config directories and secure-token service names intentionally keep their historical `vibecodr-mcp` / `@vibecodr/mcp` identifiers during this migration. Those names are storage compatibility keys, not the public npm package identity.
+
+Keeping the repos separate makes the contract clear:
+
+- users can use the hosted service normally
+- users can install and inspect the CLI freely under this repo license
+- commercial reuse of the gateway implementation remains governed by the server repo license

package/docs/auth.md

@@ -1,33 +1,33 @@
 # Auth
 
-`vibecodr login` authenticates the CLI itself to the hosted Vibecodr MCP server. It does not log Codex, Cursor, VS Code, Windsurf, ChatGPT, or any other MCP client into MCP.
+`vibecodr login` authenticates the CLI itself to the hosted Vibecodr MCP server. It does not log Codex, Cursor, VS Code, Windsurf, ChatGPT, or any other MCP client into MCP.
+
+Vibecodr has one hosted MCP gateway. The CLI is one client of that gateway, with its own local OAuth token store.
 
-Vibecodr has one hosted MCP gateway. The CLI is one client of that gateway, with its own local OAuth token store.
-
-Compatibility alias:
-
-- `vibecodr-mcp login`
+Compatibility alias:
+
+- `vibecodr-mcp login`
 
 ## Implemented now
 
 - protected-resource and authorization-server discovery against the MCP server
 - PKCE S256 enforcement
 - loopback callback on `127.0.0.1`
-- secure token storage in the OS credential store via `@napi-rs/keyring`
-- proactive refresh before protected runtime commands when a refresh token is available
-- `logout` local token deletion plus best-effort revocation
-
-The plaintext file secret store is for local automated tests only. It is ignored unless both `VIBECDR_MCP_INSECURE_SECRET_STORE_PATH` and `VIBECDR_MCP_ENABLE_INSECURE_SECRET_STORE=true` are set.
-
-The local config and secure-token storage keys intentionally keep their historical `vibecodr-mcp` / `@vibecodr/mcp` names during the `@vibecodr/cli` package rename. That preserves existing CLI sessions instead of forcing users to re-authenticate for a package-name migration.
-
-Supported OS credential stores:
-
-- macOS: Keychain
-- Windows: Credential Manager
-- Linux: Secret Service through a desktop keyring such as GNOME Keyring or KWallet
-
-Linux systems need a running, unlocked keyring on the current D-Bus session. Headless Linux should use a real Secret Service setup for persistent CLI login, or let the target MCP client own its own OAuth flow instead of storing CLI tokens.
+- secure token storage in the OS credential store via `@napi-rs/keyring`
+- proactive refresh before protected runtime commands when a refresh token is available
+- `logout` local token deletion plus best-effort revocation
+
+The plaintext file secret store is for local automated tests only. It is ignored unless both `VIBECDR_MCP_INSECURE_SECRET_STORE_PATH` and `VIBECDR_MCP_ENABLE_INSECURE_SECRET_STORE=true` are set.
+
+The local config and secure-token storage keys intentionally keep their historical `vibecodr-mcp` / `@vibecodr/mcp` names during the `@vibecodr/cli` package rename. That preserves existing CLI sessions instead of forcing users to re-authenticate for a package-name migration.
+
+Supported OS credential stores:
+
+- macOS: Keychain
+- Windows: Credential Manager
+- Linux: Secret Service through a desktop keyring such as GNOME Keyring or KWallet
+
+Linux systems need a running, unlocked keyring on the current D-Bus session. Headless Linux should use a real Secret Service setup for persistent CLI login, or let the target MCP client own its own OAuth flow instead of storing CLI tokens.
 
 ## Registration modes
 

package/docs/commands.md

@@ -4,13 +4,16 @@ This page documents the command surface implemented in the current repo.
 
 ## Global flags
 
-All commands accept:
-
-- `--profile <name>`
-- `--server-url <url>`
-- `--json`
-- `--verbose`
-- `--non-interactive`
+All commands accept:
+
+- `--profile <name>`
+- `--json`
+- `--verbose`
+- `--non-interactive`
+
+Alternate MCP servers are profile-scoped, not runtime overrides. Use
+`vibecodr config profile create <name> --server-url <url>` and then login to
+that profile; stored tokens are bound to the server that issued them.
 
 ## Commands
 

package/docs/install.md

@@ -15,14 +15,14 @@ node dist/bin/vibecodr-mcp.js install codex --json
 After the package is published:
 
 ```bash
-npx -y -p @vibecodr/cli vibecodr install codex
+npx -y -p @vibecodr/cli vibecodr install codex
 ```
 
 Direct CLI-only usage:
 
 ```bash
-npx -y -p @vibecodr/cli vibecodr login
-npx -y -p @vibecodr/cli vibecodr tools --json
+npx -y -p @vibecodr/cli vibecodr login
+npx -y -p @vibecodr/cli vibecodr tools --json
 ```
 
 ## Client commands

package/docs/licensing.md

@@ -1,20 +1,20 @@
 # Licensing
 
-This repository is the public Vibecodr CLI surface.
-
-- Package name: `@vibecodr/cli`
-- Primary executable name: `vibecodr`
-- Compatibility executable name: `vibecodr-mcp`
-- Legacy package compatibility: `@vibecodr/mcp`
+This repository is the public Vibecodr CLI surface.
+
+- Package name: `@vibecodr/cli`
+- Primary executable name: `vibecodr`
+- Compatibility executable name: `vibecodr-mcp`
+- Legacy package compatibility: `@vibecodr/mcp`
 - Repo scope: direct CLI runtime, auth, diagnostics, and later thin installer adapters
 - License: Apache-2.0
 
-The hosted MCP gateway/server remains separate from this repo. That separation keeps hosted-service use distinct from any source-code reuse terms applied to the server implementation repo.
-
-Practical split:
-
-- this CLI repo governs distribution, modification, and reuse of the public client code
-- the hosted Vibecodr MCP service remains governed by Vibecodr service terms for account holders
-- the server implementation repo can carry different source-available terms without changing whether a commercial team may use the hosted service
+The hosted MCP gateway/server remains separate from this repo. That separation keeps hosted-service use distinct from any source-code reuse terms applied to the server implementation repo.
 
-See [`architecture.md`](./architecture.md) for the client/server boundary.
+Practical split:
+
+- this CLI repo governs distribution, modification, and reuse of the public client code
+- the hosted Vibecodr MCP service remains governed by Vibecodr service terms for account holders
+- the server implementation repo can carry different source-available terms without changing whether a commercial team may use the hosted service
+
+See [`architecture.md`](./architecture.md) for the client/server boundary.

package/docs/troubleshooting.md

@@ -30,15 +30,15 @@ Run:
 vibecodr doctor --json
 ```
 
-If the `secret-store` check fails, the CLI cannot safely store tokens yet.
-
-The plaintext file secret store is intentionally test-only. If `VIBECDR_MCP_INSECURE_SECRET_STORE_PATH` is set without `VIBECDR_MCP_ENABLE_INSECURE_SECRET_STORE=true`, the CLI refuses to start rather than silently storing tokens outside the OS credential store.
-
-Platform notes:
-
-- macOS uses Keychain. Unlock the login keychain and approve Terminal or Node access if prompted.
-- Windows uses Credential Manager. Run from a normal signed-in desktop session with Credential Manager available.
-- Linux uses Secret Service. Install libsecret support and run from a session with an unlocked GNOME Keyring or KWallet. Headless Linux needs an explicit Secret Service setup for persistent CLI login.
+If the `secret-store` check fails, the CLI cannot safely store tokens yet.
+
+The plaintext file secret store is intentionally test-only. If `VIBECDR_MCP_INSECURE_SECRET_STORE_PATH` is set without `VIBECDR_MCP_ENABLE_INSECURE_SECRET_STORE=true`, the CLI refuses to start rather than silently storing tokens outside the OS credential store.
+
+Platform notes:
+
+- macOS uses Keychain. Unlock the login keychain and approve Terminal or Node access if prompted.
+- Windows uses Credential Manager. Run from a normal signed-in desktop session with Credential Manager available.
+- Linux uses Secret Service. Install libsecret support and run from a session with an unlocked GNOME Keyring or KWallet. Headless Linux needs an explicit Secret Service setup for persistent CLI login.
 
 ## Proxy or TLS issues
 
@@ -81,9 +81,9 @@ The CLI writes the native path.
 
 Codex config install and CLI login are separate.
 
-- `install codex` configures Codex
-- `login` authenticates the Vibecodr CLI only
-- Codex will still own its own OAuth behavior when you use the server inside Codex
+- `install codex` configures Codex
+- `login` authenticates the Vibecodr CLI only
+- Codex will still own its own OAuth behavior when you use the server inside Codex
 
 ## VS Code CLI not found
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vibecodr/cli",
-  "version": "0.1.8",
+  "version": "0.1.9",
   "description": "Vibecodr CLI for login, live MCP tool discovery, and live tool invocation.",
   "license": "Apache-2.0",
   "type": "module",