@vibecodr/cli 0.1.8 → 0.2.0

package/CHANGELOG.md

@@ -1,8 +1,11 @@
 # Changelog
 
-## Unreleased
+## 0.2.0
 
 - rename the npm package to `@vibecodr/cli` while keeping `vibecodr` as the primary executable and `vibecodr-mcp` as a compatibility alias
+- add the hardened `pulse` lifecycle command group for list/get/status/run/archive/restore plus create/deploy aliases
+- redact source, descriptor, token, secret, and inline file-content fields from CLI-displayed MCP arguments and results
+- require explicit confirmation for known mutating MCP tools when invoked through the generic `call` command
 
 ## 0.1.8
 

package/README.md

@@ -25,6 +25,8 @@ Currently implemented command surface:
 - `tools`
 - `call`
 - `pulse-setup`
+- `pulse-publish`
+- `pulse`
 - `doctor`
 - `config`
 - `install`
@@ -54,6 +56,8 @@ The official production auth path is now committed in package code through the s
 
 - `https://openai.vibecodr.space/.well-known/oauth-client/vibecodr-mcp.json`
 
+Pulse lifecycle commands use the hosted MCP gateway as the authority boundary. The CLI redacts source, descriptor, token, secret, and inline file-content fields from local output, but the server still enforces OAuth, owner scoping, confirmation, no-delete policy, and model-safe response shaping for direct MCP callers.
+
 Documentation:
 
 - [docs/auth.md](docs/auth.md)

package/dist/auth/token-manager.js

@@ -23,6 +23,28 @@ function computeExpiresAt(expiresIn) {
         return undefined;
     return new Date(Date.now() + expiresIn * 1000).toISOString();
 }
+function normalizeServerUrlForSessionMatch(value) {
+    if (!value)
+        return undefined;
+    try {
+        const url = new URL(value);
+        url.hash = "";
+        url.search = "";
+        url.pathname = url.pathname.replace(/\/+$/, "") || "/";
+        return url.toString();
+    }
+    catch {
+        return value.replace(/\/+$/, "");
+    }
+}
+function sessionMatchesServer(session, serverUrl) {
+    if (!serverUrl)
+        return true;
+    const target = normalizeServerUrlForSessionMatch(serverUrl);
+    const sessionServer = normalizeServerUrlForSessionMatch(session.serverUrl);
+    const sessionResource = normalizeServerUrlForSessionMatch(session.resourceUrl);
+    return Boolean(target && (target === sessionServer || target === sessionResource));
+}
 async function startLoopbackListener(timeoutSec) {
     const callbackPath = "/oauth/callback/vibecodr";
     const server = createServer();
@@ -108,11 +130,17 @@ export class TokenManager {
         return {
             profileName: name,
             profile,
-            serverUrl: globalOptions.serverUrl || profile.serverUrl
+            serverUrl: profile.serverUrl
         };
     }
-    async getSession(profileName) {
-        return await this.secretStore.get(profileName);
+    async getSession(profileName, serverUrl) {
+        const session = await this.secretStore.get(profileName);
+        if (!session)
+            return undefined;
+        // SECURITY: Never replay a stored bearer token to a different MCP origin.
+        // Profiles may be repointed during development; the existing token remains
+        // valid only for the server/resource that issued it.
+        return sessionMatchesServer(session, serverUrl) ? session : undefined;
     }
     sessionState(session) {
         if (!session)

package/dist/bin/vibecodr-mcp.js

@@ -2,9 +2,9 @@
 import { ConfigStore } from "../storage/config-store.js";
 import { SecretStore } from "../storage/secret-store.js";
 import { TokenManager } from "../auth/token-manager.js";
-import { McpRuntimeClient } from "../core/mcp-client.js";
+import { CLIENT_INFO, McpRuntimeClient } from "../core/mcp-client.js";
 import { Output } from "../cli/output.js";
-import { parseGlobalOptions } from "../cli/parse.js";
+import { isHelpToken, isVersionToken, parseGlobalOptions } from "../cli/parse.js";
 import { CliError, EXIT_CODES } from "../cli/errors.js";
 import { runLoginCommand } from "../commands/login.js";
 import { runLogoutCommand } from "../commands/logout.js";
@@ -16,6 +16,8 @@ import { runConfigCommand } from "../commands/config.js";
 import { runInstallCommand } from "../commands/install.js";
 import { runUninstallCommand } from "../commands/uninstall.js";
 import { runPulseSetupCommand } from "../commands/pulse-setup.js";
+import { runPulsePublishCommand } from "../commands/pulse-publish.js";
+import { runPulseCommand } from "../commands/pulse.js";
 function helpText() {
     return [
         "vibecodr <command> [options]",
@@ -32,21 +34,31 @@ function helpText() {
         "  uninstall <client>",
         "  config",
         "  pulse-setup [--descriptor-setup-json <json> | --descriptor-setup-file <path>]",
+        "  pulse-publish --name <name> (--code <source> | --code-file <path>) --confirm",
+        "  pulse <list|get|status|run|archive|restore|create|deploy>",
+        "    Publishes a standalone Pulse with private source/metadata visibility by default.",
+        "    The runtime URL is still public HTTP unless the Pulse code rejects callers.",
         "",
         "Global flags:",
         "  --profile <name>",
-        "  --server-url <url>",
         "  --json",
         "  --verbose",
         "  --non-interactive"
     ].join("\n");
 }
+function versionText() {
+    return String(CLIENT_INFO.version);
+}
 async function main() {
     const { command, commandArgs, globalOptions } = parseGlobalOptions(process.argv.slice(2));
-    if (!command || command === "--help" || command === "help") {
+    if (!command || isHelpToken(command)) {
         process.stdout.write(helpText() + "\n");
         return;
     }
+    if (isVersionToken(command)) {
+        process.stdout.write(versionText() + "\n");
+        return;
+    }
     const configStore = new ConfigStore();
     const secretStore = new SecretStore();
     const tokenManager = new TokenManager(configStore, secretStore);
@@ -91,6 +103,12 @@ async function main() {
         case "pulse-setup":
             await runPulseSetupCommand(commandArgs, context);
             return;
+        case "pulse-publish":
+            await runPulsePublishCommand(commandArgs, context);
+            return;
+        case "pulse":
+            await runPulseCommand(commandArgs, context);
+            return;
         default:
             throw new CliError("usage.command", `Unknown command: ${command}`, EXIT_CODES.usage);
     }

package/dist/cli/parse.js

@@ -1,6 +1,12 @@
 import { CliError, EXIT_CODES } from "./errors.js";
 function normalizeFlagName(flag) {
-    return flag.replace(/^--/, "");
+    return flag.replace(/^-+/, "");
+}
+export function isHelpToken(token) {
+    return token === "help" || token === "--help" || token === "-h" || token === "-help";
+}
+export function isVersionToken(token) {
+    return token === "--version" || token === "-v" || token === "-version";
 }
 export function parseFlags(args, options) {
     const valueFlags = new Set(options.valueFlags || []);
@@ -46,6 +52,10 @@ export function parseGlobalOptions(argv) {
         const token = argv[index];
         if (token === undefined)
             continue;
+        if (!command && (isHelpToken(token) || isVersionToken(token))) {
+            command = token;
+            continue;
+        }
         if (token === "--profile") {
             const value = argv[index + 1];
             if (!value)
@@ -55,12 +65,9 @@ export function parseGlobalOptions(argv) {
             continue;
         }
         if (token === "--server-url") {
-            const value = argv[index + 1];
-            if (!value)
-                throw new CliError("usage.missing_server_url", "Missing value for --server-url.", EXIT_CODES.usage);
-            globalOptions.serverUrl = value;
-            index += 1;
-            continue;
+            throw new CliError("usage.unknown_global_flag", "--server-url is no longer accepted as a global runtime override.", EXIT_CODES.usage, {
+                nextStep: "Create a separate profile with `vibecodr config profile create <name> --server-url <url>` and login to that profile. Stored tokens are bound to the server they were issued for."
+            });
         }
         if (token === "--json") {
             globalOptions.json = true;

package/dist/commands/call.js

@@ -3,7 +3,19 @@ import { promptText } from "../platform/prompt.js";
 import { parseFlags } from "../cli/parse.js";
 import { CliError, EXIT_CODES } from "../cli/errors.js";
 import { renderToolResult } from "../core/renderers.js";
+import { redactForOutput } from "../core/redaction.js";
 import { promptObjectBySchema } from "../core/interactive-input.js";
+import { showHelpIfRequested } from "./help.js";
+const CONFIRMED_TOOL_NAMES = new Set([
+    "quick_publish_creation",
+    "publish_standalone_pulse",
+    "publish_draft_capsule",
+    "cancel_import_operation",
+    "update_live_vibe_metadata",
+    "run_pulse",
+    "archive_pulse",
+    "restore_pulse"
+]);
 function challengedScope(error) {
     if (!error.debugDetails || typeof error.debugDetails !== "object")
         return undefined;
@@ -32,7 +44,7 @@ async function readStdin() {
 }
 export async function callToolWithRetry(context, toolName, input, allowLogin) {
     const { profileName, serverUrl } = await context.tokenManager.resolveProfile(context.globalOptions);
-    const existingSession = await context.tokenManager.getSession(profileName);
+    const existingSession = await context.tokenManager.getSession(profileName, serverUrl);
     try {
         return {
             result: await context.runtimeClient.callTool(serverUrl, existingSession?.accessToken, toolName, input),
@@ -54,7 +66,7 @@ export async function callToolWithRetry(context, toolName, input, allowLogin) {
             await context.tokenManager.login(context.globalOptions, {
                 scope
             });
-            const nextSession = await context.tokenManager.getSession(profileName);
+            const nextSession = await context.tokenManager.getSession(profileName, serverUrl);
             return {
                 result: await context.runtimeClient.callTool(serverUrl, nextSession?.accessToken, toolName, input),
                 ...(nextSession ? { session: nextSession } : {})
@@ -65,7 +77,7 @@ export async function callToolWithRetry(context, toolName, input, allowLogin) {
 }
 async function listToolsWithRetry(context, allowLogin) {
     const { profileName, serverUrl } = await context.tokenManager.resolveProfile(context.globalOptions);
-    const existingSession = await context.tokenManager.getSession(profileName);
+    const existingSession = await context.tokenManager.getSession(profileName, serverUrl);
     try {
         return await context.runtimeClient.listTools(serverUrl, existingSession?.accessToken);
     }
@@ -80,16 +92,18 @@ async function listToolsWithRetry(context, allowLogin) {
             await context.tokenManager.login(context.globalOptions, {
                 scope: challengedScope(error)
             });
-            const nextSession = await context.tokenManager.getSession(profileName);
+            const nextSession = await context.tokenManager.getSession(profileName, serverUrl);
             return await context.runtimeClient.listTools(serverUrl, nextSession?.accessToken);
         }
         throw error;
     }
 }
 export async function runCallCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr call <tool-name> [--input-json <json>] [--input-file <path>] [--stdin] [--interactive] [--no-login] [--confirm]"))
+        return;
     const { flags, positionals } = parseFlags(args, {
         valueFlags: ["input-json", "input-file"],
-        booleanFlags: ["stdin", "interactive", "no-login"]
+        booleanFlags: ["stdin", "interactive", "no-login", "confirm"]
     });
     const toolName = positionals[0];
     if (!toolName) {
@@ -113,11 +127,17 @@ export async function runCallCommand(args, context) {
         }
         input = await promptObjectBySchema(promptText, toolName, tool.inputSchema);
     }
+    if (CONFIRMED_TOOL_NAMES.has(toolName) && flags["confirm"] !== true) {
+        throw new CliError("usage.confirmation_required", `Calling ${toolName} requires explicit confirmation. Re-run with --confirm after the user confirms.`, EXIT_CODES.usage);
+    }
+    if (CONFIRMED_TOOL_NAMES.has(toolName)) {
+        input = { ...input, confirmed: true };
+    }
     const { result } = await callToolWithRetry(context, toolName, input, !flags["no-login"]);
     context.output.success({
         schemaVersion: 1,
         tool: toolName,
-        arguments: input,
-        result
-    }, [renderToolResult(result)]);
+        arguments: redactForOutput(input),
+        result: redactForOutput(result)
+    }, [renderToolResult(redactForOutput(result))]);
 }

package/dist/commands/config.js

@@ -1,6 +1,7 @@
 import { parseFlags } from "../cli/parse.js";
 import { CliError, EXIT_CODES } from "../cli/errors.js";
 import { defaultProfileConfig } from "../types/config.js";
+import { showHelpIfRequested } from "./help.js";
 function updateProfileKey(profile, key, value) {
     switch (key) {
         case "server-url":
@@ -37,6 +38,8 @@ async function saveConfig(context, config) {
     await context.configStore.save(config);
 }
 export async function runConfigCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr config path|show|set|unset|profile ..."))
+        return;
     const action = args[0];
     const config = await context.configStore.load();
     const currentProfileName = context.globalOptions.profile || config.currentProfile;

package/dist/commands/doctor.js

@@ -1,7 +1,10 @@
 import { parseFlags } from "../cli/parse.js";
 import { runDoctor } from "../doctor/run.js";
 import { EXIT_CODES } from "../cli/errors.js";
+import { showHelpIfRequested } from "./help.js";
 export async function runDoctorCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr doctor [--client <codex|cursor|vscode|windsurf>]"))
+        return;
     const { flags } = parseFlags(args, {
         valueFlags: ["client"]
     });

package/dist/commands/help.js

@@ -0,0 +1,7 @@
+import { isHelpToken } from "../cli/parse.js";
+export function showHelpIfRequested(args, _context, text) {
+    if (!args.some((arg) => isHelpToken(arg)))
+        return false;
+    process.stdout.write(`${text}\n`);
+    return true;
+}

package/dist/commands/install.js

@@ -5,10 +5,13 @@ import { installCodex } from "../clients/codex.js";
 import { installCursor } from "../clients/cursor.js";
 import { installVsCode } from "../clients/vscode.js";
 import { installWindsurf } from "../clients/windsurf.js";
+import { showHelpIfRequested } from "./help.js";
 function defaultName(serverUrl) {
     return serverUrl.includes("staging") ? "vibecodr-staging" : "vibecodr";
 }
 export async function runInstallCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr install <codex|cursor|vscode|windsurf> [--scope user|project] [--path <dir>] [--name <server-name>] [--open-client] [--overwrite] [--dry-run]"))
+        return;
     const client = args[0];
     if (!client || !["codex", "cursor", "vscode", "windsurf"].includes(client)) {
         throw new CliError("usage.install_client", "Usage: install <codex|cursor|vscode|windsurf> [options]", EXIT_CODES.usage);

package/dist/commands/login.js

@@ -1,5 +1,8 @@
 import { parseFlags } from "../cli/parse.js";
+import { showHelpIfRequested } from "./help.js";
 export async function runLoginCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr login [--scope <oauth-scope>] [--registration auto|preregistered|cimd|dcr|manual] [--browser open|print] [--timeout-sec <n>]"))
+        return;
     const { flags } = parseFlags(args, {
         valueFlags: ["scope", "registration", "browser", "timeout-sec"]
     });

package/dist/commands/logout.js

@@ -1,5 +1,8 @@
 import { parseFlags } from "../cli/parse.js";
+import { showHelpIfRequested } from "./help.js";
 export async function runLogoutCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr logout [--all] [--no-revoke]"))
+        return;
     const { flags } = parseFlags(args, {
         booleanFlags: ["all", "no-revoke"]
     });

package/dist/commands/pulse-publish.js

@@ -0,0 +1,93 @@
+import { readFile } from "node:fs/promises";
+import { CliError, EXIT_CODES } from "../cli/errors.js";
+import { parseFlags } from "../cli/parse.js";
+import { renderToolResult } from "../core/renderers.js";
+import { callToolWithRetry } from "./call.js";
+import { showHelpIfRequested } from "./help.js";
+const PUBLISH_STANDALONE_PULSE_TOOL_NAME = "publish_standalone_pulse";
+const PULSE_VISIBILITIES = new Set(["public", "unlisted", "private"]);
+const DEFAULT_PULSE_VISIBILITY = "private";
+function parseJsonObject(raw, source) {
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch (error) {
+        throw new CliError("usage.invalid_json", `${source} must be valid JSON: ${error instanceof Error ? error.message : String(error)}`, EXIT_CODES.usage);
+    }
+    if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+        throw new CliError("usage.invalid_json", `${source} must be a JSON object.`, EXIT_CODES.usage);
+    }
+    return parsed;
+}
+async function parsePulsePublishInput(args) {
+    const { flags } = parseFlags(args, {
+        valueFlags: ["name", "code", "code-file", "descriptor-json", "descriptor-file", "slug", "visibility"],
+        booleanFlags: ["confirm"]
+    });
+    const name = typeof flags["name"] === "string" ? flags["name"].trim() : "";
+    if (!name) {
+        throw new CliError("usage.pulse_name_required", "Usage: pulse-publish --name <name> (--code <source> | --code-file <path>) --confirm", EXIT_CODES.usage);
+    }
+    const hasCode = typeof flags["code"] === "string";
+    const hasCodeFile = typeof flags["code-file"] === "string";
+    if (hasCode === hasCodeFile) {
+        throw new CliError("usage.pulse_code_required", "Use exactly one of --code or --code-file.", EXIT_CODES.usage);
+    }
+    const code = hasCode ? String(flags["code"]) : await readFile(String(flags["code-file"]), "utf8");
+    if (!code.trim()) {
+        throw new CliError("usage.pulse_code_empty", "Pulse source code cannot be empty.", EXIT_CODES.usage);
+    }
+    const hasDescriptorJson = typeof flags["descriptor-json"] === "string";
+    const hasDescriptorFile = typeof flags["descriptor-file"] === "string";
+    if (hasDescriptorJson && hasDescriptorFile) {
+        throw new CliError("usage.duplicate_descriptor", "Use either --descriptor-json or --descriptor-file, not both.", EXIT_CODES.usage);
+    }
+    const input = {
+        name,
+        code,
+        visibility: DEFAULT_PULSE_VISIBILITY,
+        confirmed: flags["confirm"] === true
+    };
+    if (hasDescriptorJson) {
+        input["descriptor"] = parseJsonObject(String(flags["descriptor-json"]), "--descriptor-json");
+    }
+    else if (hasDescriptorFile) {
+        input["descriptor"] = parseJsonObject(await readFile(String(flags["descriptor-file"]), "utf8"), "--descriptor-file");
+    }
+    if (typeof flags["slug"] === "string" && flags["slug"].trim()) {
+        input["slug"] = flags["slug"].trim();
+    }
+    if (typeof flags["visibility"] === "string") {
+        if (!PULSE_VISIBILITIES.has(flags["visibility"])) {
+            throw new CliError("usage.invalid_visibility", "Pulse visibility must be public, unlisted, or private.", EXIT_CODES.usage);
+        }
+        input["visibility"] = flags["visibility"];
+    }
+    if (input["confirmed"] !== true) {
+        throw new CliError("usage.confirmation_required", "Publishing a standalone Pulse requires explicit confirmation. Re-run with --confirm after the user confirms.", EXIT_CODES.usage, {
+            nextStep: "Ask one clear confirmation question, then pass --confirm only after the user says yes."
+        });
+    }
+    return input;
+}
+function redactPulsePublishArguments(input) {
+    const { code: _code, descriptor: _descriptor, ...safe } = input;
+    return {
+        ...safe,
+        ...(input["descriptor"] ? { descriptorProvided: true } : {}),
+        sourceProvided: true
+    };
+}
+export async function runPulsePublishCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr pulse-publish --name <name> (--code <source> | --code-file <path>) [--descriptor-json <json> | --descriptor-file <path>] [--slug <slug>] [--visibility public|unlisted|private] --confirm"))
+        return;
+    const input = await parsePulsePublishInput(args);
+    const { result } = await callToolWithRetry(context, PUBLISH_STANDALONE_PULSE_TOOL_NAME, input, true);
+    context.output.success({
+        schemaVersion: 1,
+        tool: PUBLISH_STANDALONE_PULSE_TOOL_NAME,
+        arguments: redactPulsePublishArguments(input),
+        result
+    }, [renderToolResult(result)]);
+}

package/dist/commands/pulse-setup.js

@@ -3,6 +3,7 @@ import { CliError, EXIT_CODES } from "../cli/errors.js";
 import { parseFlags } from "../cli/parse.js";
 import { renderToolResult } from "../core/renderers.js";
 import { callToolWithRetry } from "./call.js";
+import { showHelpIfRequested } from "./help.js";
 const PULSE_SETUP_TOOL_NAME = "get_pulse_setup_guidance";
 const PULSE_DESCRIPTOR_SOURCE_OF_TRUTH = "PulseDescriptor";
 function readStructuredContent(result) {
@@ -70,6 +71,8 @@ async function parsePulseSetupInput(args) {
     return {};
 }
 export async function runPulseSetupCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr pulse-setup [--descriptor-setup-json <json> | --descriptor-setup-file <path>]"))
+        return;
     const input = await parsePulseSetupInput(args);
     const { result } = await callToolWithRetry(context, PULSE_SETUP_TOOL_NAME, input, true);
     assertDescriptorSetupGuidance(result, { expectsDescriptorSetup: Boolean(input["descriptorSetup"]) });

package/dist/commands/pulse.js

@@ -0,0 +1,145 @@
+import { readFile } from "node:fs/promises";
+import { CliError, EXIT_CODES } from "../cli/errors.js";
+import { isHelpToken, parseFlags } from "../cli/parse.js";
+import { renderToolResult } from "../core/renderers.js";
+import { redactForOutput } from "../core/redaction.js";
+import { callToolWithRetry } from "./call.js";
+import { runPulsePublishCommand } from "./pulse-publish.js";
+const MAX_LIST_LIMIT = 25;
+const PULSE_ACTIONS = {
+    get: { toolName: "get_pulse", requiresConfirm: false },
+    status: { toolName: "get_pulse_status", requiresConfirm: false },
+    run: { toolName: "run_pulse", requiresConfirm: true },
+    archive: { toolName: "archive_pulse", requiresConfirm: true },
+    restore: { toolName: "restore_pulse", requiresConfirm: true }
+};
+function pulseHelpText() {
+    return [
+        "Usage: vibecodr pulse <command> [options]",
+        "",
+        "Commands:",
+        "  list [--limit <n>] [--offset <n>]",
+        "  get <pulse-id>",
+        "  status <pulse-id>",
+        "  run <pulse-id> [--input-json <json> | --input-file <path>] --confirm",
+        "  archive <pulse-id> --confirm",
+        "  restore <pulse-id> --confirm",
+        "  create --name <name> (--code <source> | --code-file <path>) --confirm",
+        "  deploy --name <name> (--code <source> | --code-file <path>) --confirm",
+        "",
+        "Delete is intentionally not exposed by the CLI; archive a Pulse instead."
+    ].join("\n");
+}
+function parseBoundedInteger(raw, name, defaultValue, maxValue) {
+    if (raw === undefined)
+        return defaultValue;
+    const value = Number(raw);
+    if (!Number.isInteger(value) || value < 0) {
+        throw new CliError("usage.invalid_number", `${name} must be a non-negative integer.`, EXIT_CODES.usage);
+    }
+    return Math.min(value, maxValue);
+}
+function parsePulseId(raw) {
+    const pulseId = typeof raw === "string" ? raw.trim() : "";
+    if (!pulseId) {
+        throw new CliError("usage.pulse_id_required", "A Pulse id is required.", EXIT_CODES.usage);
+    }
+    if (pulseId.length > 128 || !/^[A-Za-z0-9._:-]+$/.test(pulseId)) {
+        throw new CliError("usage.invalid_pulse_id", "Pulse id contains unsupported characters.", EXIT_CODES.usage);
+    }
+    return pulseId;
+}
+function parseJsonObject(raw, source) {
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch (error) {
+        throw new CliError("usage.invalid_json", `${source} must be valid JSON: ${error instanceof Error ? error.message : String(error)}`, EXIT_CODES.usage);
+    }
+    if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+        throw new CliError("usage.invalid_json", `${source} must be a JSON object.`, EXIT_CODES.usage);
+    }
+    return parsed;
+}
+async function parseRunInput(flags) {
+    const hasInputJson = typeof flags["input-json"] === "string";
+    const hasInputFile = typeof flags["input-file"] === "string";
+    if (hasInputJson && hasInputFile) {
+        throw new CliError("usage.duplicate_input", "Use either --input-json or --input-file, not both.", EXIT_CODES.usage);
+    }
+    if (hasInputJson)
+        return parseJsonObject(String(flags["input-json"]), "--input-json");
+    if (hasInputFile)
+        return parseJsonObject(await readFile(String(flags["input-file"]), "utf8"), "--input-file");
+    return undefined;
+}
+async function invokePulseTool(context, toolName, input) {
+    const { result } = await callToolWithRetry(context, toolName, input, true);
+    context.output.success({
+        schemaVersion: 1,
+        tool: toolName,
+        arguments: redactForOutput(input),
+        result
+    }, [renderToolResult(result)]);
+}
+export async function runPulseCommand(args, context) {
+    const subcommand = args[0];
+    const commandArgs = args.slice(1);
+    if (!subcommand || isHelpToken(subcommand) || commandArgs.some((arg) => isHelpToken(arg))) {
+        context.output.info(pulseHelpText());
+        return;
+    }
+    if (subcommand === "create" || subcommand === "deploy") {
+        await runPulsePublishCommand(commandArgs, context);
+        return;
+    }
+    if (subcommand === "delete") {
+        throw new CliError("usage.pulse_delete_unavailable", "The CLI does not expose Pulse deletion. Archive the Pulse instead.", EXIT_CODES.usage);
+    }
+    if (subcommand === "logs") {
+        throw new CliError("usage.pulse_logs_unavailable", "Pulse logs are not exposed through the hardened CLI lifecycle surface yet.", EXIT_CODES.usage, { nextStep: "Use `vibecodr pulse status <pulse-id>` for deploy state, or inspect platform telemetry through the owner dashboard." });
+    }
+    if (subcommand === "list") {
+        const { flags, positionals } = parseFlags(commandArgs, {
+            valueFlags: ["limit", "offset"],
+            booleanFlags: []
+        });
+        if (positionals.length > 0) {
+            throw new CliError("usage.unexpected_argument", `Unexpected argument: ${positionals[0]}`, EXIT_CODES.usage);
+        }
+        await invokePulseTool(context, "list_pulses", {
+            limit: parseBoundedInteger(flags["limit"], "--limit", 10, MAX_LIST_LIMIT),
+            offset: parseBoundedInteger(flags["offset"], "--offset", 0, 10_000)
+        });
+        return;
+    }
+    const action = PULSE_ACTIONS[subcommand];
+    if (!action) {
+        throw new CliError("usage.command", `Unknown pulse command: ${subcommand}`, EXIT_CODES.usage);
+    }
+    const { flags, positionals } = parseFlags(commandArgs, {
+        valueFlags: ["input-json", "input-file"],
+        booleanFlags: ["confirm"]
+    });
+    const pulseId = parsePulseId(positionals[0]);
+    if (positionals.length > 1) {
+        throw new CliError("usage.unexpected_argument", `Unexpected argument: ${positionals[1]}`, EXIT_CODES.usage);
+    }
+    if (action.requiresConfirm && flags["confirm"] !== true) {
+        throw new CliError("usage.confirmation_required", `Pulse ${subcommand} requires explicit confirmation. Re-run with --confirm after the user confirms.`, EXIT_CODES.usage);
+    }
+    const input = {
+        pulseId,
+        ...(action.requiresConfirm ? { confirmed: true } : {})
+    };
+    if (subcommand === "run") {
+        const runInput = await parseRunInput(flags);
+        if (runInput !== undefined)
+            input["input"] = runInput;
+    }
+    else if (flags["input-json"] !== undefined || flags["input-file"] !== undefined) {
+        throw new CliError("usage.unknown_flag", "--input-json and --input-file are only valid for pulse run.", EXIT_CODES.usage);
+    }
+    await invokePulseTool(context, action.toolName, input);
+}

package/dist/commands/status.js

@@ -1,5 +1,6 @@
 import { access } from "node:fs/promises";
 import { parseFlags } from "../cli/parse.js";
+import { showHelpIfRequested } from "./help.js";
 import { InstallManifestStore } from "../storage/install-manifest.js";
 async function inspectInstall(entry) {
     if (entry.method !== "file") {
@@ -23,11 +24,13 @@ async function inspectInstall(entry) {
     }
 }
 export async function runStatusCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr status [--probe] [--show-installs]"))
+        return;
     const { flags } = parseFlags(args, {
         booleanFlags: ["probe", "show-installs"]
     });
     const { profileName, profile, serverUrl } = await context.tokenManager.resolveProfile(context.globalOptions);
-    const session = await context.tokenManager.getSession(profileName);
+    const session = await context.tokenManager.getSession(profileName, serverUrl);
     const sessionState = context.tokenManager.sessionState(session);
     const installs = flags["show-installs"]
         ? await Promise.all((await new InstallManifestStore().find(() => true)).map((entry) => inspectInstall(entry)))

package/dist/commands/tools.js

@@ -1,6 +1,7 @@
 import { formatJson, summarizeToolSchema } from "../core/renderers.js";
 import { parseFlags } from "../cli/parse.js";
 import { CliError, EXIT_CODES } from "../cli/errors.js";
+import { showHelpIfRequested } from "./help.js";
 function challengedScope(error) {
     if (!error.debugDetails || typeof error.debugDetails !== "object")
         return undefined;
@@ -9,7 +10,7 @@ function challengedScope(error) {
 }
 async function loadToolsWithRetry(context, allowLogin) {
     const { profileName, serverUrl } = await context.tokenManager.resolveProfile(context.globalOptions);
-    const existingSession = await context.tokenManager.getSession(profileName);
+    const existingSession = await context.tokenManager.getSession(profileName, serverUrl);
     try {
         return {
             tools: await context.runtimeClient.listTools(serverUrl, existingSession?.accessToken),
@@ -30,7 +31,7 @@ async function loadToolsWithRetry(context, allowLogin) {
             await context.tokenManager.login(context.globalOptions, {
                 scope: challengedScope(error)
             });
-            const nextSession = await context.tokenManager.getSession(profileName);
+            const nextSession = await context.tokenManager.getSession(profileName, serverUrl);
             return {
                 tools: await context.runtimeClient.listTools(serverUrl, nextSession?.accessToken),
                 ...(nextSession ? { session: nextSession } : {})
@@ -40,6 +41,8 @@ async function loadToolsWithRetry(context, allowLogin) {
     }
 }
 export async function runToolsCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr tools [<tool-name>] [--search <text>] [--schema] [--no-login]"))
+        return;
     const { flags, positionals } = parseFlags(args, {
         valueFlags: ["search"],
         booleanFlags: ["schema", "no-login"]

package/dist/commands/uninstall.js

@@ -5,7 +5,10 @@ import { uninstallCodex } from "../clients/codex.js";
 import { uninstallCursor } from "../clients/cursor.js";
 import { uninstallVsCode } from "../clients/vscode.js";
 import { uninstallWindsurf } from "../clients/windsurf.js";
+import { showHelpIfRequested } from "./help.js";
 export async function runUninstallCommand(args, context) {
+    if (showHelpIfRequested(args, context, "Usage: vibecodr uninstall <codex|cursor|vscode|windsurf> [--scope user|project] [--path <dir>] [--name <server-name>] [--dry-run]"))
+        return;
     const client = args[0];
     if (!client || !["codex", "cursor", "vscode", "windsurf"].includes(client)) {
         throw new CliError("usage.uninstall_client", "Usage: uninstall <codex|cursor|vscode|windsurf> [options]", EXIT_CODES.usage);

package/dist/core/redaction.js

@@ -0,0 +1,44 @@
+const REDACTED = "[redacted]";
+const SENSITIVE_KEY_PATTERNS = [
+    /^authorization$/i,
+    /^cookie$/i,
+    /^set-cookie$/i,
+    /(^|[-_])token$/i,
+    /(^|[-_])secret($|[-_])/i,
+    /password/i,
+    /credential/i,
+    /^api[-_]?key$/i,
+    /(^|[-_])api[-_]?key$/i,
+    /^private[-_]?key$/i,
+    /^refresh[-_]?token$/i,
+    /^access[-_]?token$/i,
+    /^fileBase64$/i,
+    /^code$/i,
+    /^content$/i,
+    /^descriptor$/i
+];
+const SENSITIVE_STRING_PATTERNS = [
+    /\bBearer\s+[A-Za-z0-9._~+/=-]+/i,
+    /\btok_[A-Za-z0-9._-]+/i,
+    /\bsk-[A-Za-z0-9._-]+/i,
+    /\b(token|secret|api[-_ ]?key)\s*[:=]\s*\S+/i
+];
+function isSensitiveKey(key) {
+    return SENSITIVE_KEY_PATTERNS.some((pattern) => pattern.test(key));
+}
+export function redactForOutput(value, keyHint) {
+    if (keyHint && isSensitiveKey(keyHint))
+        return REDACTED;
+    if (Array.isArray(value))
+        return value.map((item) => redactForOutput(item));
+    if (typeof value === "string" && SENSITIVE_STRING_PATTERNS.some((pattern) => pattern.test(value))) {
+        return REDACTED;
+    }
+    if (!value || typeof value !== "object")
+        return value;
+    const output = {};
+    for (const [key, nested] of Object.entries(value)) {
+        output[key] = redactForOutput(nested, key);
+    }
+    return output;
+}

package/docs/architecture.md

@@ -1,35 +1,35 @@
-# Architecture
-
-The Vibecodr CLI is a client of the hosted Vibecodr MCP gateway.
-
-## Boundary
-
-- hosted MCP gateway/server repo: `Vibecodr-MCP`
-- CLI client repo: `Vibecodr-MCP-CLI`
-- CLI package: `@vibecodr/cli`
-- primary executable: `vibecodr`
-- compatibility executable: `vibecodr-mcp`
-- legacy package compatibility: `@vibecodr/mcp`
-- default MCP URL: `https://openai.vibecodr.space/mcp`
-
-This repo does not run the hosted server. It installs client config, performs CLI-owned OAuth, discovers the live tool catalog, and calls tools over Streamable HTTP MCP.
-
-## Auth Ownership
-
-`vibecodr login` stores OAuth tokens for the CLI profile only.
-
-Codex, Cursor, VS Code, Windsurf, ChatGPT, and other MCP clients own separate OAuth sessions. Installing MCP config into those clients points them at the same server, but it does not copy CLI tokens into them.
-
-## Why The Repos Are Separate
-
-The CLI is permissively licensed and safe to distribute as a public client package. The hosted gateway implementation is source-available under a different license because it contains server-side orchestration, OAuth gateway behavior, Cloudflare deployment wiring, and Vibecodr API integration code.
-
-The package name is `@vibecodr/cli` because this repo distributes the user-facing command-line client. The older `@vibecodr/mcp` package name is kept only as a compatibility/deprecation surface; the bare `vibecodr` executable remains the canonical user command.
-
-Local config directories and secure-token service names intentionally keep their historical `vibecodr-mcp` / `@vibecodr/mcp` identifiers during this migration. Those names are storage compatibility keys, not the public npm package identity.
-
-Keeping the repos separate makes the contract clear:
-
-- users can use the hosted service normally
-- users can install and inspect the CLI freely under this repo license
-- commercial reuse of the gateway implementation remains governed by the server repo license
+# Architecture
+
+The Vibecodr CLI is a client of the hosted Vibecodr MCP gateway.
+
+## Boundary
+
+- hosted MCP gateway/server repo: `Vibecodr-MCP`
+- CLI client repo: `Vibecodr-MCP-CLI`
+- CLI package: `@vibecodr/cli`
+- primary executable: `vibecodr`
+- compatibility executable: `vibecodr-mcp`
+- legacy package compatibility: `@vibecodr/mcp`
+- default MCP URL: `https://openai.vibecodr.space/mcp`
+
+This repo does not run the hosted server. It installs client config, performs CLI-owned OAuth, discovers the live tool catalog, and calls tools over Streamable HTTP MCP.
+
+## Auth Ownership
+
+`vibecodr login` stores OAuth tokens for the CLI profile only.
+
+Codex, Cursor, VS Code, Windsurf, ChatGPT, and other MCP clients own separate OAuth sessions. Installing MCP config into those clients points them at the same server, but it does not copy CLI tokens into them.
+
+## Why The Repos Are Separate
+
+The CLI is permissively licensed and safe to distribute as a public client package. The hosted gateway implementation is source-available under a different license because it contains server-side orchestration, OAuth gateway behavior, Cloudflare deployment wiring, and Vibecodr API integration code.
+
+The package name is `@vibecodr/cli` because this repo distributes the user-facing command-line client. The older `@vibecodr/mcp` package name is kept only as a compatibility/deprecation surface; the bare `vibecodr` executable remains the canonical user command.
+
+Local config directories and secure-token service names intentionally keep their historical `vibecodr-mcp` / `@vibecodr/mcp` identifiers during this migration. Those names are storage compatibility keys, not the public npm package identity.
+
+Keeping the repos separate makes the contract clear:
+
+- users can use the hosted service normally
+- users can install and inspect the CLI freely under this repo license
+- commercial reuse of the gateway implementation remains governed by the server repo license

package/docs/auth.md

@@ -1,33 +1,33 @@
 # Auth
 
-`vibecodr login` authenticates the CLI itself to the hosted Vibecodr MCP server. It does not log Codex, Cursor, VS Code, Windsurf, ChatGPT, or any other MCP client into MCP.
+`vibecodr login` authenticates the CLI itself to the hosted Vibecodr MCP server. It does not log Codex, Cursor, VS Code, Windsurf, ChatGPT, or any other MCP client into MCP.
+
+Vibecodr has one hosted MCP gateway. The CLI is one client of that gateway, with its own local OAuth token store.
 
-Vibecodr has one hosted MCP gateway. The CLI is one client of that gateway, with its own local OAuth token store.
-
-Compatibility alias:
-
-- `vibecodr-mcp login`
+Compatibility alias:
+
+- `vibecodr-mcp login`
 
 ## Implemented now
 
 - protected-resource and authorization-server discovery against the MCP server
 - PKCE S256 enforcement
 - loopback callback on `127.0.0.1`
-- secure token storage in the OS credential store via `@napi-rs/keyring`
-- proactive refresh before protected runtime commands when a refresh token is available
-- `logout` local token deletion plus best-effort revocation
-
-The plaintext file secret store is for local automated tests only. It is ignored unless both `VIBECDR_MCP_INSECURE_SECRET_STORE_PATH` and `VIBECDR_MCP_ENABLE_INSECURE_SECRET_STORE=true` are set.
-
-The local config and secure-token storage keys intentionally keep their historical `vibecodr-mcp` / `@vibecodr/mcp` names during the `@vibecodr/cli` package rename. That preserves existing CLI sessions instead of forcing users to re-authenticate for a package-name migration.
-
-Supported OS credential stores:
-
-- macOS: Keychain
-- Windows: Credential Manager
-- Linux: Secret Service through a desktop keyring such as GNOME Keyring or KWallet
-
-Linux systems need a running, unlocked keyring on the current D-Bus session. Headless Linux should use a real Secret Service setup for persistent CLI login, or let the target MCP client own its own OAuth flow instead of storing CLI tokens.
+- secure token storage in the OS credential store via `@napi-rs/keyring`
+- proactive refresh before protected runtime commands when a refresh token is available
+- `logout` local token deletion plus best-effort revocation
+
+The plaintext file secret store is for local automated tests only. It is ignored unless both `VIBECDR_MCP_INSECURE_SECRET_STORE_PATH` and `VIBECDR_MCP_ENABLE_INSECURE_SECRET_STORE=true` are set.
+
+The local config and secure-token storage keys intentionally keep their historical `vibecodr-mcp` / `@vibecodr/mcp` names during the `@vibecodr/cli` package rename. That preserves existing CLI sessions instead of forcing users to re-authenticate for a package-name migration.
+
+Supported OS credential stores:
+
+- macOS: Keychain
+- Windows: Credential Manager
+- Linux: Secret Service through a desktop keyring such as GNOME Keyring or KWallet
+
+Linux systems need a running, unlocked keyring on the current D-Bus session. Headless Linux should use a real Secret Service setup for persistent CLI login, or let the target MCP client own its own OAuth flow instead of storing CLI tokens.
 
 ## Registration modes
 

package/docs/commands.md

@@ -7,11 +7,14 @@ This page documents the command surface implemented in the current repo.
 All commands accept:
 
 - `--profile <name>`
-- `--server-url <url>`
 - `--json`
 - `--verbose`
 - `--non-interactive`
 
+Alternate MCP servers are profile-scoped, not runtime overrides. Use
+`vibecodr config profile create <name> --server-url <url>` and then login to
+that profile; stored tokens are bound to the server that issued them.
+
 ## Commands
 
 ### `login`
@@ -55,12 +58,14 @@ This always reads the live tool catalog from the MCP server.
 
 Syntax:
 
-`vibecodr call <tool-name> [--input-json <json>] [--input-file <path>] [--stdin] [--interactive] [--no-login]`
+`vibecodr call <tool-name> [--input-json <json>] [--input-file <path>] [--stdin] [--interactive] [--no-login] [--confirm]`
 
 `--interactive` currently supports top-level scalar object fields.
 
 For `quick_publish_creation` with `payload.importMode: "direct_files"`, pass file paths as normal slash-separated project paths such as `src/main.tsx` or `src/server/binding-proof.js`. Do not pre-encode slashes as `%2F`; the hosted MCP gateway encodes each URL segment when it writes files to Vibecodr.
 
+Known mutating tools require explicit confirmation through `--confirm`. The CLI redacts secret, token, source, descriptor, and inline file-content fields from displayed arguments and results; the MCP gateway remains the authority boundary for OAuth, owner checks, confirmation, and output shaping.
+
 ### `pulse-setup`
 
 Syntax:
@@ -73,6 +78,31 @@ The CLI does not maintain separate Pulse setup copy; it reads MCP output derived
 
 The returned guidance should stay capability-shaped: `env.fetch` is Vibecodr policy-mediated fetch, `env.secrets.bearer/header/query/verifyHmac` are policy-bound secret helpers, `env.webhooks.verify("stripe")` is the first certified provider helper rather than the whole webhook model, non-Stripe signed webhooks use generic HMAC format presets such as `github-sha256`, `shopify-hmac-sha256`, and `slack-v0` until fixture-backed helpers exist, `env.connections.use(provider).fetch` is provider-scoped connected-account access, `env.log` is structured logging, `env.request` is sanitized request access, `env.runtime` is safe correlation metadata, and `env.waitUntil` is best-effort after-response work. The CLI must not introduce separate cleanup, platform-binding, dispatch, raw-token, raw-authorization, or physical-storage guidance.
 
+### `pulse-publish`
+
+Syntax:
+
+`vibecodr pulse-publish --name <name> (--code <source> | --code-file <path>) [--descriptor-json <json> | --descriptor-file <path>] [--slug <slug>] [--visibility public|unlisted|private] --confirm`
+
+Calls `publish_standalone_pulse`. Standalone Pulse source/metadata visibility defaults to private. Private visibility does not add runtime authentication to the public Pulse URL. The CLI does not echo source code or descriptors in successful output.
+
+### `pulse`
+
+Syntax:
+
+- `vibecodr pulse list [--limit <n>] [--offset <n>]`
+- `vibecodr pulse get <pulse-id>`
+- `vibecodr pulse status <pulse-id>`
+- `vibecodr pulse run <pulse-id> [--input-json <json> | --input-file <path>] --confirm`
+- `vibecodr pulse archive <pulse-id> --confirm`
+- `vibecodr pulse restore <pulse-id> --confirm`
+- `vibecodr pulse create --name <name> (--code <source> | --code-file <path>) --confirm`
+- `vibecodr pulse deploy --name <name> (--code <source> | --code-file <path>) --confirm`
+
+`create` and `deploy` are aliases for the standalone publish flow. `run`, `archive`, and `restore` require explicit confirmation. `delete` is intentionally unavailable; archive a Pulse instead. `logs` are not exposed through the hardened lifecycle surface yet.
+
+The CLI forwards lifecycle calls to MCP tools owned by the hosted gateway: `list_pulses`, `get_pulse`, `get_pulse_status`, `run_pulse`, `archive_pulse`, and `restore_pulse`. These server tools are hidden from default discovery but callable by exact name for owner recovery and CLI use.
+
 ### `doctor`
 
 Syntax:

package/docs/install.md

@@ -15,14 +15,14 @@ node dist/bin/vibecodr-mcp.js install codex --json
 After the package is published:
 
 ```bash
-npx -y -p @vibecodr/cli vibecodr install codex
+npx -y -p @vibecodr/cli vibecodr install codex
 ```
 
 Direct CLI-only usage:
 
 ```bash
-npx -y -p @vibecodr/cli vibecodr login
-npx -y -p @vibecodr/cli vibecodr tools --json
+npx -y -p @vibecodr/cli vibecodr login
+npx -y -p @vibecodr/cli vibecodr tools --json
 ```
 
 ## Client commands

package/docs/licensing.md

@@ -1,20 +1,20 @@
 # Licensing
 
-This repository is the public Vibecodr CLI surface.
-
-- Package name: `@vibecodr/cli`
-- Primary executable name: `vibecodr`
-- Compatibility executable name: `vibecodr-mcp`
-- Legacy package compatibility: `@vibecodr/mcp`
+This repository is the public Vibecodr CLI surface.
+
+- Package name: `@vibecodr/cli`
+- Primary executable name: `vibecodr`
+- Compatibility executable name: `vibecodr-mcp`
+- Legacy package compatibility: `@vibecodr/mcp`
 - Repo scope: direct CLI runtime, auth, diagnostics, and later thin installer adapters
 - License: Apache-2.0
 
-The hosted MCP gateway/server remains separate from this repo. That separation keeps hosted-service use distinct from any source-code reuse terms applied to the server implementation repo.
-
-Practical split:
-
-- this CLI repo governs distribution, modification, and reuse of the public client code
-- the hosted Vibecodr MCP service remains governed by Vibecodr service terms for account holders
-- the server implementation repo can carry different source-available terms without changing whether a commercial team may use the hosted service
+The hosted MCP gateway/server remains separate from this repo. That separation keeps hosted-service use distinct from any source-code reuse terms applied to the server implementation repo.
 
-See [`architecture.md`](./architecture.md) for the client/server boundary.
+Practical split:
+
+- this CLI repo governs distribution, modification, and reuse of the public client code
+- the hosted Vibecodr MCP service remains governed by Vibecodr service terms for account holders
+- the server implementation repo can carry different source-available terms without changing whether a commercial team may use the hosted service
+
+See [`architecture.md`](./architecture.md) for the client/server boundary.

package/docs/troubleshooting.md

@@ -30,15 +30,15 @@ Run:
 vibecodr doctor --json
 ```
 
-If the `secret-store` check fails, the CLI cannot safely store tokens yet.
-
-The plaintext file secret store is intentionally test-only. If `VIBECDR_MCP_INSECURE_SECRET_STORE_PATH` is set without `VIBECDR_MCP_ENABLE_INSECURE_SECRET_STORE=true`, the CLI refuses to start rather than silently storing tokens outside the OS credential store.
-
-Platform notes:
-
-- macOS uses Keychain. Unlock the login keychain and approve Terminal or Node access if prompted.
-- Windows uses Credential Manager. Run from a normal signed-in desktop session with Credential Manager available.
-- Linux uses Secret Service. Install libsecret support and run from a session with an unlocked GNOME Keyring or KWallet. Headless Linux needs an explicit Secret Service setup for persistent CLI login.
+If the `secret-store` check fails, the CLI cannot safely store tokens yet.
+
+The plaintext file secret store is intentionally test-only. If `VIBECDR_MCP_INSECURE_SECRET_STORE_PATH` is set without `VIBECDR_MCP_ENABLE_INSECURE_SECRET_STORE=true`, the CLI refuses to start rather than silently storing tokens outside the OS credential store.
+
+Platform notes:
+
+- macOS uses Keychain. Unlock the login keychain and approve Terminal or Node access if prompted.
+- Windows uses Credential Manager. Run from a normal signed-in desktop session with Credential Manager available.
+- Linux uses Secret Service. Install libsecret support and run from a session with an unlocked GNOME Keyring or KWallet. Headless Linux needs an explicit Secret Service setup for persistent CLI login.
 
 ## Proxy or TLS issues
 
@@ -81,9 +81,9 @@ The CLI writes the native path.
 
 Codex config install and CLI login are separate.
 
-- `install codex` configures Codex
-- `login` authenticates the Vibecodr CLI only
-- Codex will still own its own OAuth behavior when you use the server inside Codex
+- `install codex` configures Codex
+- `login` authenticates the Vibecodr CLI only
+- Codex will still own its own OAuth behavior when you use the server inside Codex
 
 ## VS Code CLI not found
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vibecodr/cli",
-  "version": "0.1.8",
+  "version": "0.2.0",
   "description": "Vibecodr CLI for login, live MCP tool discovery, and live tool invocation.",
   "license": "Apache-2.0",
   "type": "module",