@vm0/cli 9.82.1 → 9.83.0

package/{chunk-2KN52BP2.js → chunk-Z7ZCVASY.js}

@@ -47,7 +47,7 @@ if (DSN) {
   Sentry.init({
     dsn: DSN,
     environment: process.env.SENTRY_ENVIRONMENT ?? "production",
-    release: "9.82.1",
+    release: "9.83.0",
     sendDefaultPii: false,
     tracesSampleRate: 0,
     shutdownTimeout: 500,
@@ -66,7 +66,7 @@ if (DSN) {
     }
   });
   Sentry.setContext("cli", {
-    version: "9.82.1",
+    version: "9.83.0",
     command: process.argv.slice(2).join(" ")
   });
   Sentry.setContext("runtime", {
@@ -165,6 +165,29 @@ import { homedir } from "os";
 import { join } from "path";
 import { readFile, writeFile, mkdir, unlink } from "fs/promises";
 import { existsSync } from "fs";
+
+// src/lib/api/cli-token.ts
+function decodeCliTokenPayload(token) {
+  const raw = token ?? void 0;
+  if (!raw) return void 0;
+  const prefix = "vm0_sandbox_";
+  if (!raw.startsWith(prefix)) return void 0;
+  const jwt = raw.slice(prefix.length);
+  const parts = jwt.split(".");
+  if (parts.length !== 3) return void 0;
+  try {
+    const payload = JSON.parse(
+      Buffer.from(parts[1], "base64url").toString()
+    );
+    if (payload.scope === "cli" && payload.orgId && payload.userId) {
+      return payload;
+    }
+  } catch {
+  }
+  return void 0;
+}
+
+// src/lib/api/config.ts
 function getConfigDir() {
   return join(homedir(), ".vm0");
 }
@@ -211,6 +234,9 @@ async function getApiUrl() {
 async function getActiveOrg() {
   const zeroPayload = decodeZeroTokenPayload();
   if (zeroPayload) return zeroPayload.orgId;
+  const token = await getToken();
+  const cliPayload = decodeCliTokenPayload(token);
+  if (cliPayload) return cliPayload.orgId;
   if (process.env.VM0_ACTIVE_ORG) {
     return process.env.VM0_ACTIVE_ORG;
   }
@@ -515,7 +541,7 @@ var apifyFirewall = {
   },
   apis: [
     {
-      base: "https://api.apify.com/v2",
+      base: "https://api.apify.com",
       auth: {
         headers: {
           Authorization: "Bearer ${{ secrets.APIFY_TOKEN }}"
@@ -619,7 +645,7 @@ var brevoFirewall = {
   },
   apis: [
     {
-      base: "https://api.brevo.com/v3",
+      base: "https://api.brevo.com",
       auth: {
         headers: {
           "api-key": "${{ secrets.BREVO_TOKEN }}"
@@ -831,7 +857,7 @@ var clickupFirewall = {
   },
   apis: [
     {
-      base: "https://api.clickup.com/api/v2",
+      base: "https://api.clickup.com/api",
       auth: {
         headers: {
           Authorization: "${{ secrets.CLICKUP_TOKEN }}"
@@ -857,7 +883,7 @@ var closeFirewall = {
   },
   apis: [
     {
-      base: "https://api.close.com/api/v1",
+      base: "https://api.close.com/api",
       auth: {
         headers: {
           Authorization: "Bearer ${{ secrets.CLOSE_TOKEN }}"
@@ -1455,6 +1481,36 @@ var falFirewall = {
     FAL_TOKEN: "Vm0PlaceHolder00:sk_live_Vm0PlaceHolder00000000000000"
   },
   apis: [
+    {
+      base: "https://fal.run",
+      auth: {
+        headers: {
+          Authorization: "Key ${{ secrets.FAL_TOKEN }}"
+        }
+      },
+      permissions: [
+        {
+          name: "unrestricted",
+          description: "Allow all endpoints",
+          rules: ["ANY /{path*}"]
+        }
+      ]
+    },
+    {
+      base: "https://queue.fal.run",
+      auth: {
+        headers: {
+          Authorization: "Key ${{ secrets.FAL_TOKEN }}"
+        }
+      },
+      permissions: [
+        {
+          name: "unrestricted",
+          description: "Allow all endpoints",
+          rules: ["ANY /{path*}"]
+        }
+      ]
+    },
     {
       base: "https://api.fal.ai",
       auth: {
@@ -5208,7 +5264,7 @@ var granolaFirewall = {
   },
   apis: [
     {
-      base: "https://api.granola.ai",
+      base: "https://public-api.granola.ai",
       auth: {
         headers: {
           Authorization: "Bearer ${{ secrets.GRANOLA_TOKEN }}"
@@ -5385,6 +5441,32 @@ var imgurFirewall = {
   ]
 };
 
+// ../../packages/core/src/firewalls/instagram.generated.ts
+var instagramFirewall = {
+  name: "instagram",
+  description: "Instagram Graph API",
+  placeholders: {
+    INSTAGRAM_ACCESS_TOKEN: "vm0placeholderInstagramAccessToken00000000000000000000a"
+  },
+  apis: [
+    {
+      base: "https://graph.instagram.com",
+      auth: {
+        headers: {
+          Authorization: "Bearer ${{ secrets.INSTAGRAM_ACCESS_TOKEN }}"
+        }
+      },
+      permissions: [
+        {
+          name: "unrestricted",
+          description: "Allow all Instagram Graph API endpoints",
+          rules: ["ANY /{path*}"]
+        }
+      ]
+    }
+  ]
+};
+
 // ../../packages/core/src/firewalls/instantly.generated.ts
 var instantlyFirewall = {
   name: "instantly",
@@ -6280,7 +6362,7 @@ var loopsFirewall = {
   },
   apis: [
     {
-      base: "https://app.loops.so/api/v1",
+      base: "https://app.loops.so/api",
       auth: {
         headers: {
           Authorization: "Bearer ${{ secrets.LOOPS_TOKEN }}"
@@ -6349,6 +6431,32 @@ var mercuryFirewall = {
   ]
 };
 
+// ../../packages/core/src/firewalls/meta-ads.generated.ts
+var metaAdsFirewall = {
+  name: "meta-ads",
+  description: "Meta Ads (Facebook Graph) API",
+  placeholders: {
+    META_ADS_TOKEN: "vm0placeholderMetaAdsToken0000000000000000000000000000a"
+  },
+  apis: [
+    {
+      base: "https://graph.facebook.com",
+      auth: {
+        headers: {
+          Authorization: "Bearer ${{ secrets.META_ADS_TOKEN }}"
+        }
+      },
+      permissions: [
+        {
+          name: "unrestricted",
+          description: "Allow all Meta Ads API endpoints",
+          rules: ["ANY /{path*}"]
+        }
+      ]
+    }
+  ]
+};
+
 // ../../packages/core/src/firewalls/minimax.generated.ts
 var minimaxFirewall = {
   name: "minimax",
@@ -6410,7 +6518,7 @@ var neonFirewall = {
   },
   apis: [
     {
-      base: "https://console.neon.tech/api/v2",
+      base: "https://console.neon.tech/api",
       auth: {
         headers: {
           Authorization: "Bearer ${{ secrets.NEON_TOKEN }}"
@@ -6436,7 +6544,7 @@ var notionFirewall = {
   },
   apis: [
     {
-      base: "https://api.notion.com/v1",
+      base: "https://api.notion.com",
       auth: {
         headers: {
           Authorization: "Bearer ${{ secrets.NOTION_TOKEN }}"
@@ -6451,68 +6559,73 @@ var notionFirewall = {
         {
           name: "insert_comments",
           description: "Create comments",
-          rules: ["POST /comments"]
+          rules: ["POST /v1/comments"]
         },
         {
           name: "insert_content",
           description: "Create pages, databases, blocks, data sources, and upload files",
           rules: [
-            "PATCH /blocks/{block_id}/children",
-            "POST /data_sources",
-            "POST /databases",
-            "POST /file_uploads",
-            "POST /file_uploads/{file_upload_id}/complete",
-            "POST /file_uploads/{file_upload_id}/send",
-            "POST /pages",
-            "POST /views",
-            "POST /views/{view_id}/queries"
+            "PATCH /v1/blocks/{block_id}/children",
+            "POST /v1/data_sources",
+            "POST /v1/databases",
+            "POST /v1/file_uploads",
+            "POST /v1/file_uploads/{file_upload_id}/complete",
+            "POST /v1/file_uploads/{file_upload_id}/send",
+            "POST /v1/pages",
+            "POST /v1/views",
+            "POST /v1/views/{view_id}/queries"
           ]
         },
         {
           name: "read_comments",
           description: "Read comments",
-          rules: ["GET /comments", "GET /comments/{comment_id}"]
+          rules: ["GET /v1/comments", "GET /v1/comments/{comment_id}"]
         },
         {
           name: "read_content",
           description: "Read pages, databases, blocks, data sources, and files",
           rules: [
-            "GET /blocks/{block_id}",
-            "GET /blocks/{block_id}/children",
-            "GET /data_sources/{data_source_id}",
-            "POST /data_sources/{data_source_id}/query",
-            "GET /data_sources/{data_source_id}/templates",
-            "GET /databases/{database_id}",
-            "GET /file_uploads",
-            "GET /file_uploads/{file_upload_id}",
-            "GET /pages/{page_id}",
-            "GET /pages/{page_id}/markdown",
-            "GET /pages/{page_id}/properties/{property_id}",
-            "POST /search",
-            "GET /views",
-            "GET /views/{view_id}",
-            "GET /views/{view_id}/queries/{query_id}"
+            "GET /v1/blocks/{block_id}",
+            "GET /v1/blocks/{block_id}/children",
+            "GET /v1/custom_emojis",
+            "GET /v1/data_sources/{data_source_id}",
+            "POST /v1/data_sources/{data_source_id}/query",
+            "GET /v1/data_sources/{data_source_id}/templates",
+            "GET /v1/databases/{database_id}",
+            "GET /v1/file_uploads",
+            "GET /v1/file_uploads/{file_upload_id}",
+            "GET /v1/pages/{page_id}",
+            "GET /v1/pages/{page_id}/markdown",
+            "GET /v1/pages/{page_id}/properties/{property_id}",
+            "POST /v1/search",
+            "GET /v1/views",
+            "GET /v1/views/{view_id}",
+            "GET /v1/views/{view_id}/queries/{query_id}"
           ]
         },
         {
           name: "read_users",
           description: "Read user information",
-          rules: ["GET /users", "GET /users/me", "GET /users/{user_id}"]
+          rules: [
+            "GET /v1/users",
+            "GET /v1/users/me",
+            "GET /v1/users/{user_id}"
+          ]
         },
         {
           name: "update_content",
           description: "Update and delete pages, databases, blocks, and data sources",
           rules: [
-            "PATCH /blocks/{block_id}",
-            "DELETE /blocks/{block_id}",
-            "PATCH /data_sources/{data_source_id}",
-            "PATCH /databases/{database_id}",
-            "PATCH /pages/{page_id}",
-            "PATCH /pages/{page_id}/markdown",
-            "POST /pages/{page_id}/move",
-            "PATCH /views/{view_id}",
-            "DELETE /views/{view_id}",
-            "DELETE /views/{view_id}/queries/{query_id}"
+            "PATCH /v1/blocks/{block_id}",
+            "DELETE /v1/blocks/{block_id}",
+            "PATCH /v1/data_sources/{data_source_id}",
+            "PATCH /v1/databases/{database_id}",
+            "PATCH /v1/pages/{page_id}",
+            "PATCH /v1/pages/{page_id}/markdown",
+            "POST /v1/pages/{page_id}/move",
+            "PATCH /v1/views/{view_id}",
+            "DELETE /v1/views/{view_id}",
+            "DELETE /v1/views/{view_id}/queries/{query_id}"
           ]
         }
       ]
@@ -6546,6 +6659,58 @@ var openaiFirewall = {
   ]
 };
 
+// ../../packages/core/src/firewalls/outlook-calendar.generated.ts
+var outlookCalendarFirewall = {
+  name: "outlook-calendar",
+  description: "Microsoft Graph API (Outlook Calendar)",
+  placeholders: {
+    OUTLOOK_CALENDAR_TOKEN: "vm0placeholderOutlookCalendarToken00000000000000000000a"
+  },
+  apis: [
+    {
+      base: "https://graph.microsoft.com",
+      auth: {
+        headers: {
+          Authorization: "Bearer ${{ secrets.OUTLOOK_CALENDAR_TOKEN }}"
+        }
+      },
+      permissions: [
+        {
+          name: "unrestricted",
+          description: "Allow all Microsoft Graph API endpoints",
+          rules: ["ANY /{path*}"]
+        }
+      ]
+    }
+  ]
+};
+
+// ../../packages/core/src/firewalls/outlook-mail.generated.ts
+var outlookMailFirewall = {
+  name: "outlook-mail",
+  description: "Microsoft Graph API (Outlook Mail)",
+  placeholders: {
+    OUTLOOK_MAIL_TOKEN: "vm0placeholderOutlookMailToken0000000000000000000000a"
+  },
+  apis: [
+    {
+      base: "https://graph.microsoft.com",
+      auth: {
+        headers: {
+          Authorization: "Bearer ${{ secrets.OUTLOOK_MAIL_TOKEN }}"
+        }
+      },
+      permissions: [
+        {
+          name: "unrestricted",
+          description: "Allow all Microsoft Graph API endpoints",
+          rules: ["ANY /{path*}"]
+        }
+      ]
+    }
+  ]
+};
+
 // ../../packages/core/src/firewalls/pdf4me.generated.ts
 var pdf4meFirewall = {
   name: "pdf4me",
@@ -6581,7 +6746,7 @@ var pdfcoFirewall = {
   },
   apis: [
     {
-      base: "https://api.pdf.co/v1",
+      base: "https://api.pdf.co",
       auth: {
         headers: {
           "x-api-key": "${{ secrets.PDFCO_TOKEN }}"
@@ -6769,6 +6934,32 @@ var productlaneFirewall = {
   ]
 };
 
+// ../../packages/core/src/firewalls/prisma-postgres.generated.ts
+var prismaPostgresFirewall = {
+  name: "prisma-postgres",
+  description: "Prisma Postgres Management API",
+  placeholders: {
+    PRISMA_POSTGRES_TOKEN: "vm0placeholderPrismaPostgresToken0000000000000000000a"
+  },
+  apis: [
+    {
+      base: "https://api.prisma.io",
+      auth: {
+        headers: {
+          Authorization: "Bearer ${{ secrets.PRISMA_POSTGRES_TOKEN }}"
+        }
+      },
+      permissions: [
+        {
+          name: "unrestricted",
+          description: "Allow all Prisma Postgres API endpoints",
+          rules: ["ANY /{path*}"]
+        }
+      ]
+    }
+  ]
+};
+
 // ../../packages/core/src/firewalls/pushinator.generated.ts
 var pushinatorFirewall = {
   name: "pushinator",
@@ -7041,7 +7232,7 @@ var shortioFirewall = {
       base: "https://api.short.io",
       auth: {
         headers: {
-          Authorization: "${{ secrets.SHORTIO_TOKEN }}"
+          Authorization: "Bearer ${{ secrets.SHORTIO_TOKEN }}"
         }
       },
       permissions: [
@@ -8939,8 +9130,8 @@ var builtinFirewalls = {
   confluence: confluenceFirewall,
   cronlytic: cronlyticFirewall,
   "customer-io": customerIoFirewall,
-  deepseek: deepseekFirewall,
   deel: deelFirewall,
+  deepseek: deepseekFirewall,
   devto: devtoFirewall,
   discord: discordFirewall,
   dropbox: dropboxFirewall,
@@ -8964,6 +9155,7 @@ var builtinFirewalls = {
   "hugging-face": huggingFaceFirewall,
   hume: humeFirewall,
   imgur: imgurFirewall,
+  instagram: instagramFirewall,
   instantly: instantlyFirewall,
   intercom: intercomFirewall,
   "intervals-icu": intervalsIcuFirewall,
@@ -8975,11 +9167,14 @@ var builtinFirewalls = {
   loops: loopsFirewall,
   mailsac: mailsacFirewall,
   mercury: mercuryFirewall,
+  "meta-ads": metaAdsFirewall,
   minimax: minimaxFirewall,
   monday: mondayFirewall,
   neon: neonFirewall,
   notion: notionFirewall,
   openai: openaiFirewall,
+  "outlook-calendar": outlookCalendarFirewall,
+  "outlook-mail": outlookMailFirewall,
   pdf4me: pdf4meFirewall,
   pdfco: pdfcoFirewall,
   pdforge: pdforgeFirewall,
@@ -8987,6 +9182,7 @@ var builtinFirewalls = {
   plausible: plausibleFirewall,
   podchaser: podchaserFirewall,
   posthog: posthogFirewall,
+  "prisma-postgres": prismaPostgresFirewall,
   productlane: productlaneFirewall,
   pushinator: pushinatorFirewall,
   qiita: qiitaFirewall,
@@ -9688,7 +9884,8 @@ var logsListContract = c2.router({
       name: z5.string().optional(),
       org: z5.string().optional(),
       status: logStatusSchema.optional(),
-      triggerSource: triggerSourceSchema.optional()
+      triggerSource: triggerSourceSchema.optional(),
+      scheduleId: z5.string().uuid().optional()
     }),
     responses: {
       200: logsListResponseSchema,
@@ -10909,6 +11106,34 @@ var cliAuthTokenContract = c7.router({
     summary: "Exchange device code for access token"
   }
 });
+var apiErrorResponseSchema = z11.object({
+  error: z11.object({ message: z11.string(), code: z11.string() })
+});
+var cliAuthOrgContract = c7.router({
+  /**
+   * POST /api/cli/auth/org
+   * Switch active organization and get new CLI JWT
+   */
+  switchOrg: {
+    method: "POST",
+    path: "/api/cli/auth/org",
+    headers: authHeadersSchema,
+    body: z11.object({ slug: z11.string().min(1) }),
+    responses: {
+      200: z11.object({
+        access_token: z11.string(),
+        token_type: z11.literal("Bearer"),
+        expires_in: z11.number(),
+        org_slug: z11.string()
+      }),
+      400: oauthErrorSchema,
+      401: apiErrorResponseSchema,
+      403: apiErrorResponseSchema,
+      404: apiErrorResponseSchema
+    },
+    summary: "Switch active organization and get new CLI JWT"
+  }
+});
 
 // ../../packages/core/src/contracts/auth.ts
 import { z as z12 } from "zod";
@@ -11284,10 +11509,10 @@ var MODEL_PROVIDER_TYPES = {
     defaultModel: "claude-sonnet-4.6"
   }
 };
-var HIDDEN_PROVIDER_TYPES = /* @__PURE__ */ new Set([
-  "aws-bedrock",
-  "azure-foundry"
-]);
+var HIDDEN_PROVIDER_LIST = ["aws-bedrock", "azure-foundry"];
+var HIDDEN_PROVIDER_TYPES = new Set(
+  HIDDEN_PROVIDER_LIST
+);
 function getSelectableProviderTypes() {
   return Object.keys(MODEL_PROVIDER_TYPES).filter(
     (type) => !HIDDEN_PROVIDER_TYPES.has(type)
@@ -11708,7 +11933,7 @@ var chatThreadRunsContract = c11.router({
       runId: z18.string().min(1)
     }),
     responses: {
-      204: z18.void(),
+      204: c11.noBody(),
       401: apiErrorSchema,
       404: apiErrorSchema
     },
@@ -15282,6 +15507,19 @@ var onboardingStatusContract = c15.router({
     summary: "Get onboarding status for current user"
   }
 });
+var onboardingCompleteContract = c15.router({
+  complete: {
+    method: "POST",
+    path: "/api/zero/onboarding/complete",
+    headers: authHeadersSchema,
+    body: c15.noBody(),
+    responses: {
+      200: z24.object({ ok: z24.boolean() }),
+      401: apiErrorSchema
+    },
+    summary: "Mark member onboarding as complete"
+  }
+});
 
 // ../../packages/core/src/contracts/skills.ts
 import { z as z25 } from "zod";
@@ -16112,6 +16350,24 @@ var zeroSchedulesEnableContract = c24.router({
     summary: "Disable schedule (zero proxy)"
   }
 });
+var zeroScheduleRunContract = c24.router({
+  run: {
+    method: "POST",
+    path: "/api/zero/schedules/run",
+    headers: authHeadersSchema,
+    body: z31.object({
+      scheduleId: z31.string().uuid("Invalid schedule ID")
+    }),
+    responses: {
+      201: z31.object({ runId: z31.string() }),
+      400: apiErrorSchema,
+      401: apiErrorSchema,
+      404: apiErrorSchema,
+      409: apiErrorSchema
+    },
+    summary: "Execute a schedule immediately (run now)"
+  }
+});
 
 // ../../packages/core/src/contracts/zero-model-providers.ts
 import { z as z32 } from "zod";
@@ -16462,6 +16718,30 @@ var zeroBillingAutoRechargeContract = c29.router({
     summary: "Update auto-recharge configuration"
   }
 });
+var invoiceSchema = z36.object({
+  id: z36.string(),
+  number: z36.string().nullable(),
+  date: z36.number(),
+  amount: z36.number(),
+  status: z36.string().nullable(),
+  hostedInvoiceUrl: z36.string().nullable()
+});
+var billingInvoicesResponseSchema = z36.object({
+  invoices: z36.array(invoiceSchema)
+});
+var zeroBillingInvoicesContract = c29.router({
+  get: {
+    method: "GET",
+    path: "/api/zero/billing/invoices",
+    headers: authHeadersSchema,
+    responses: {
+      200: billingInvoicesResponseSchema,
+      401: apiErrorSchema,
+      500: apiErrorSchema
+    },
+    summary: "Get invoices for current org"
+  }
+});
 
 // ../../packages/core/src/contracts/zero-usage.ts
 import { z as z37 } from "zod";
@@ -16496,6 +16776,214 @@ var zeroUsageMembersContract = c30.router({
   }
 });
 
+// ../../packages/core/src/contracts/zero-team.ts
+import { z as z38 } from "zod";
+var c31 = initContract();
+var teamComposeItemSchema = z38.object({
+  id: z38.string(),
+  displayName: z38.string().nullable(),
+  description: z38.string().nullable(),
+  sound: z38.string().nullable(),
+  headVersionId: z38.string().nullable(),
+  updatedAt: z38.string()
+});
+var zeroTeamContract = c31.router({
+  list: {
+    method: "GET",
+    path: "/api/zero/team",
+    headers: authHeadersSchema,
+    responses: {
+      200: z38.array(teamComposeItemSchema),
+      401: apiErrorSchema,
+      403: apiErrorSchema,
+      404: apiErrorSchema
+    },
+    summary: "List all agents in the user's active org"
+  }
+});
+
+// ../../packages/core/src/contracts/zero-integrations-slack.ts
+import { z as z39 } from "zod";
+var c32 = initContract();
+var slackEnvironmentSchema = z39.object({
+  requiredSecrets: z39.array(z39.string()),
+  requiredVars: z39.array(z39.string()),
+  missingSecrets: z39.array(z39.string()),
+  missingVars: z39.array(z39.string())
+});
+var slackOrgStatusSchema = z39.object({
+  isConnected: z39.boolean(),
+  isInstalled: z39.boolean().optional(),
+  workspaceName: z39.string().nullable().optional(),
+  isAdmin: z39.boolean(),
+  installUrl: z39.string().nullable().optional(),
+  connectUrl: z39.string().nullable().optional(),
+  defaultAgentName: z39.string().nullable().optional(),
+  agentOrgSlug: z39.string().nullable().optional(),
+  environment: slackEnvironmentSchema.optional()
+});
+var zeroIntegrationsSlackContract = c32.router({
+  getStatus: {
+    method: "GET",
+    path: "/api/zero/integrations/slack",
+    headers: authHeadersSchema,
+    responses: {
+      200: slackOrgStatusSchema,
+      401: apiErrorSchema
+    },
+    summary: "Get org-scoped Slack workspace info"
+  },
+  disconnect: {
+    method: "DELETE",
+    path: "/api/zero/integrations/slack",
+    headers: authHeadersSchema,
+    body: c32.noBody(),
+    query: z39.object({
+      action: z39.string().optional()
+    }),
+    responses: {
+      200: z39.object({ ok: z39.boolean() }),
+      401: apiErrorSchema,
+      403: apiErrorSchema,
+      404: apiErrorSchema
+    },
+    summary: "Disconnect or uninstall Slack workspace"
+  }
+});
+
+// ../../packages/core/src/contracts/zero-slack-connect.ts
+import { z as z40 } from "zod";
+var c33 = initContract();
+var slackConnectStatusSchema = z40.object({
+  isConnected: z40.boolean(),
+  isAdmin: z40.boolean(),
+  workspaceName: z40.string().nullable().optional(),
+  defaultAgentName: z40.string().nullable().optional()
+});
+var slackConnectResponseSchema = z40.object({
+  success: z40.boolean(),
+  connectionId: z40.string(),
+  role: z40.string()
+});
+var zeroSlackConnectContract = c33.router({
+  getStatus: {
+    method: "GET",
+    path: "/api/zero/integrations/slack/connect",
+    headers: authHeadersSchema,
+    responses: {
+      200: slackConnectStatusSchema,
+      401: apiErrorSchema
+    },
+    summary: "Check user Slack connection status"
+  },
+  connect: {
+    method: "POST",
+    path: "/api/zero/integrations/slack/connect",
+    headers: authHeadersSchema,
+    body: z40.object({
+      workspaceId: z40.string().min(1),
+      slackUserId: z40.string().min(1),
+      channelId: z40.string().optional(),
+      threadTs: z40.string().optional()
+    }),
+    responses: {
+      200: slackConnectResponseSchema,
+      400: apiErrorSchema,
+      401: apiErrorSchema,
+      403: apiErrorSchema,
+      404: apiErrorSchema
+    },
+    summary: "Connect user to Slack workspace"
+  }
+});
+
+// ../../packages/core/src/contracts/zero-slack-channels.ts
+import { z as z41 } from "zod";
+var c34 = initContract();
+var slackChannelSchema = z41.object({
+  id: z41.string(),
+  name: z41.string()
+});
+var zeroSlackChannelsContract = c34.router({
+  list: {
+    method: "GET",
+    path: "/api/zero/slack/channels",
+    headers: authHeadersSchema,
+    responses: {
+      200: z41.object({ channels: z41.array(slackChannelSchema) }),
+      401: apiErrorSchema,
+      404: apiErrorSchema
+    },
+    summary: "List Slack channels where bot is a member"
+  }
+});
+
+// ../../packages/core/src/contracts/zero-queue-position.ts
+import { z as z42 } from "zod";
+var c35 = initContract();
+var queuePositionResponseSchema = z42.object({
+  position: z42.number(),
+  total: z42.number()
+});
+var zeroQueuePositionContract = c35.router({
+  getPosition: {
+    method: "GET",
+    path: "/api/zero/queue-position",
+    headers: authHeadersSchema,
+    query: z42.object({
+      runId: z42.string().min(1, "runId is required")
+    }),
+    responses: {
+      200: queuePositionResponseSchema,
+      400: apiErrorSchema,
+      401: apiErrorSchema,
+      404: apiErrorSchema
+    },
+    summary: "Get queue position for a run"
+  }
+});
+
+// ../../packages/core/src/contracts/zero-member-credit-cap.ts
+import { z as z43 } from "zod";
+var c36 = initContract();
+var memberCreditCapResponseSchema = z43.object({
+  userId: z43.string(),
+  creditCap: z43.number().nullable(),
+  creditEnabled: z43.boolean()
+});
+var zeroMemberCreditCapContract = c36.router({
+  get: {
+    method: "GET",
+    path: "/api/zero/org/members/credit-cap",
+    headers: authHeadersSchema,
+    query: z43.object({
+      userId: z43.string().min(1, "userId is required")
+    }),
+    responses: {
+      200: memberCreditCapResponseSchema,
+      400: apiErrorSchema,
+      401: apiErrorSchema
+    },
+    summary: "Get member credit cap"
+  },
+  set: {
+    method: "PUT",
+    path: "/api/zero/org/members/credit-cap",
+    headers: authHeadersSchema,
+    body: z43.object({
+      userId: z43.string().min(1),
+      creditCap: z43.number().int().positive().nullable()
+    }),
+    responses: {
+      200: memberCreditCapResponseSchema,
+      400: apiErrorSchema,
+      401: apiErrorSchema,
+      403: apiErrorSchema
+    },
+    summary: "Set or clear member credit cap"
+  }
+});
+
 // ../../packages/core/src/storage-names.ts
 function getInstructionsStorageName(agentName) {
   return `agent-instructions@${agentName}`;
@@ -16835,6 +17323,11 @@ async function getBaseUrl() {
 async function getClientConfig() {
   const baseUrl = await getBaseUrl();
   const baseHeaders = await getHeaders();
+  const token = await getActiveToken();
+  const isJwtToken = decodeCliTokenPayload(token) ?? decodeZeroTokenPayload(token);
+  if (isJwtToken) {
+    return { baseUrl, baseHeaders, jsonQuery: false };
+  }
   const activeOrg = await getActiveOrg();
   if (!activeOrg) {
     throw new Error(
@@ -16846,10 +17339,12 @@ async function getClientConfig() {
     baseHeaders,
     jsonQuery: false,
     api: async (args) => {
-      const separator = args.path.includes("?") ? "&" : "?";
-      if (!args.path.includes("org=")) {
-        args.path = `${args.path}${separator}org=${encodeURIComponent(activeOrg)}`;
+      const [pathPart, queryPart] = args.path.split("?");
+      const params = new URLSearchParams(queryPart ?? "");
+      if (!params.has("org")) {
+        params.set("org", activeOrg);
       }
+      args.path = params.toString() ? `${pathPart}?${params.toString()}` : pathPart;
       return tsRestFetchApi(args);
     }
   };
@@ -16869,8 +17364,13 @@ function withErrorHandler(fn) {
     } catch (error) {
       if (error instanceof ApiRequestError) {
         if (error.code === "UNAUTHORIZED") {
-          console.error(chalk.red("\u2717 Not authenticated"));
-          console.error(chalk.dim("  Run: vm0 auth login"));
+          if (process.env.ZERO_TOKEN) {
+            console.error(chalk.red("\u2717 Authentication failed"));
+            console.error(chalk.dim("  ZERO_TOKEN is invalid or expired"));
+          } else {
+            console.error(chalk.red("\u2717 Not authenticated"));
+            console.error(chalk.dim("  Run: vm0 auth login"));
+          }
         } else {
           const guidance = RUN_ERROR_GUIDANCE[error.code];
           if (guidance) {
@@ -16967,80 +17467,19 @@ async function updateZeroUserPreferences(body) {
   handleError(result, "Failed to update user preferences");
 }
 
-// src/lib/api/core/http.ts
-async function appendOrgParam(path) {
-  const activeOrg = await getActiveOrg();
-  if (!activeOrg) {
-    throw new Error(
-      "No active organization configured. Run: zero org use <slug>"
-    );
-  }
-  const queryStart = path.indexOf("?");
-  if (queryStart !== -1) {
-    const params = new URLSearchParams(path.slice(queryStart));
-    if (params.has("org")) {
-      return path;
-    }
-    return `${path}&org=${encodeURIComponent(activeOrg)}`;
-  }
-  return `${path}?org=${encodeURIComponent(activeOrg)}`;
-}
-async function getRawHeaders() {
-  const token = await getActiveToken();
-  if (!token) {
-    throw new Error("Not authenticated. Run: vm0 auth login");
-  }
-  const headers = {
-    Authorization: `Bearer ${token}`
-  };
-  const bypassSecret = process.env.VERCEL_AUTOMATION_BYPASS_SECRET;
-  if (bypassSecret) {
-    headers["x-vercel-protection-bypass"] = bypassSecret;
-  }
-  return headers;
-}
-async function httpPost(path, body) {
-  const baseUrl = await getBaseUrl();
-  const headers = await getRawHeaders();
-  const orgPath = await appendOrgParam(path);
-  return fetch(`${baseUrl}${orgPath}`, {
-    method: "POST",
-    headers: {
-      ...headers,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(body)
-  });
-}
-
 // src/lib/api/domains/skills.ts
+import { initClient as initClient3 } from "@ts-rest/core";
 import chalk2 from "chalk";
-function isResolveSkillsResponse(value) {
-  if (typeof value !== "object" || value === null) return false;
-  const obj = value;
-  return typeof obj.resolved === "object" && obj.resolved !== null && Array.isArray(obj.unresolved);
-}
 async function resolveSkills(skillUrls) {
   try {
-    const response = await httpPost("/api/skills/resolve", {
-      skills: skillUrls
-    });
-    if (!response.ok) {
-      console.error(
-        chalk2.dim("  Skill resolve unavailable, downloading all skills")
-      );
-      return { resolved: {}, unresolved: skillUrls };
-    }
-    const body = await response.json();
-    if (!isResolveSkillsResponse(body)) {
-      console.error(
-        chalk2.dim(
-          "  Skill resolve returned unexpected format, downloading all skills"
-        )
-      );
-      return { resolved: {}, unresolved: skillUrls };
-    }
-    return body;
+    const config = await getClientConfig();
+    const client = initClient3(skillsResolveContract, config);
+    const result = await client.resolve({ body: { skills: skillUrls } });
+    if (result.status === 200) return result.body;
+    console.error(
+      chalk2.dim("  Skill resolve unavailable, downloading all skills")
+    );
+    return { resolved: {}, unresolved: skillUrls };
   } catch {
     console.error(
       chalk2.dim("  Skill resolve unavailable, downloading all skills")
@@ -17050,12 +17489,12 @@ async function resolveSkills(skillUrls) {
 }
 
 // src/lib/api/domains/zero-orgs.ts
-import { initClient as initClient3 } from "@ts-rest/core";
+import { initClient as initClient4 } from "@ts-rest/core";
 async function getUserTokenClientConfig() {
   const baseUrl = await getBaseUrl();
   const token = await getToken();
   if (!token) {
-    throw new Error("Not authenticated. Run: vm0 auth login");
+    throw new ApiRequestError("Not authenticated", "UNAUTHORIZED", 401);
   }
   const headers = {
     Authorization: `Bearer ${token}`
@@ -17068,7 +17507,7 @@ async function getUserTokenClientConfig() {
 }
 async function getZeroOrg() {
   const config = await getClientConfig();
-  const client = initClient3(zeroOrgContract, config);
+  const client = initClient4(zeroOrgContract, config);
   const result = await client.get({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17077,7 +17516,7 @@ async function getZeroOrg() {
 }
 async function updateZeroOrg(body) {
   const config = await getClientConfig();
-  const client = initClient3(zeroOrgContract, config);
+  const client = initClient4(zeroOrgContract, config);
   const result = await client.update({ body });
   if (result.status === 200) {
     return result.body;
@@ -17086,7 +17525,7 @@ async function updateZeroOrg(body) {
 }
 async function listZeroOrgs() {
   const config = await getUserTokenClientConfig();
-  const client = initClient3(zeroOrgListContract, config);
+  const client = initClient4(zeroOrgListContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17095,7 +17534,7 @@ async function listZeroOrgs() {
 }
 async function getZeroOrgMembers() {
   const config = await getClientConfig();
-  const client = initClient3(zeroOrgMembersContract, config);
+  const client = initClient4(zeroOrgMembersContract, config);
   const result = await client.members({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17104,7 +17543,7 @@ async function getZeroOrgMembers() {
 }
 async function inviteZeroOrgMember(email) {
   const config = await getClientConfig();
-  const client = initClient3(zeroOrgInviteContract, config);
+  const client = initClient4(zeroOrgInviteContract, config);
   const result = await client.invite({
     body: { email }
   });
@@ -17115,7 +17554,7 @@ async function inviteZeroOrgMember(email) {
 }
 async function removeZeroOrgMember(email) {
   const config = await getClientConfig();
-  const client = initClient3(zeroOrgMembersContract, config);
+  const client = initClient4(zeroOrgMembersContract, config);
   const result = await client.removeMember({
     body: { email }
   });
@@ -17126,7 +17565,7 @@ async function removeZeroOrgMember(email) {
 }
 async function leaveZeroOrg() {
   const config = await getClientConfig();
-  const client = initClient3(zeroOrgLeaveContract, config);
+  const client = initClient4(zeroOrgLeaveContract, config);
   const result = await client.leave({
     body: {}
   });
@@ -17137,7 +17576,7 @@ async function leaveZeroOrg() {
 }
 async function deleteZeroOrg(slug) {
   const config = await getClientConfig();
-  const client = initClient3(zeroOrgDeleteContract, config);
+  const client = initClient4(zeroOrgDeleteContract, config);
   const result = await client.delete({
     body: { slug }
   });
@@ -17146,12 +17585,24 @@ async function deleteZeroOrg(slug) {
   }
   handleError(result, "Failed to delete organization");
 }
+async function switchZeroOrg(slug) {
+  const config = await getUserTokenClientConfig();
+  const client = initClient4(cliAuthOrgContract, config);
+  const result = await client.switchOrg({
+    headers: { authorization: `Bearer ${await getToken()}` },
+    body: { slug }
+  });
+  if (result.status === 200) {
+    return result.body;
+  }
+  handleError(result, "Failed to switch organization");
+}
 
 // src/lib/api/domains/zero-secrets.ts
-import { initClient as initClient4 } from "@ts-rest/core";
+import { initClient as initClient5 } from "@ts-rest/core";
 async function listZeroSecrets() {
   const config = await getClientConfig();
-  const client = initClient4(zeroSecretsContract, config);
+  const client = initClient5(zeroSecretsContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17160,7 +17611,7 @@ async function listZeroSecrets() {
 }
 async function setZeroSecret(body) {
   const config = await getClientConfig();
-  const client = initClient4(zeroSecretsContract, config);
+  const client = initClient5(zeroSecretsContract, config);
   const result = await client.set({ body });
   if (result.status === 200 || result.status === 201) {
     return result.body;
@@ -17169,7 +17620,7 @@ async function setZeroSecret(body) {
 }
 async function deleteZeroSecret(name) {
   const config = await getClientConfig();
-  const client = initClient4(zeroSecretsByNameContract, config);
+  const client = initClient5(zeroSecretsByNameContract, config);
   const result = await client.delete({
     params: { name }
   });
@@ -17180,10 +17631,10 @@ async function deleteZeroSecret(name) {
 }
 
 // src/lib/api/domains/zero-variables.ts
-import { initClient as initClient5 } from "@ts-rest/core";
+import { initClient as initClient6 } from "@ts-rest/core";
 async function listZeroVariables() {
   const config = await getClientConfig();
-  const client = initClient5(zeroVariablesContract, config);
+  const client = initClient6(zeroVariablesContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17192,7 +17643,7 @@ async function listZeroVariables() {
 }
 async function setZeroVariable(body) {
   const config = await getClientConfig();
-  const client = initClient5(zeroVariablesContract, config);
+  const client = initClient6(zeroVariablesContract, config);
   const result = await client.set({ body });
   if (result.status === 200 || result.status === 201) {
     return result.body;
@@ -17201,7 +17652,7 @@ async function setZeroVariable(body) {
 }
 async function deleteZeroVariable(name) {
   const config = await getClientConfig();
-  const client = initClient5(zeroVariablesByNameContract, config);
+  const client = initClient6(zeroVariablesByNameContract, config);
   const result = await client.delete({
     params: { name }
   });
@@ -17212,10 +17663,10 @@ async function deleteZeroVariable(name) {
 }
 
 // src/lib/api/domains/zero-connectors.ts
-import { initClient as initClient6 } from "@ts-rest/core";
+import { initClient as initClient7 } from "@ts-rest/core";
 async function listZeroConnectors() {
   const config = await getClientConfig();
-  const client = initClient6(zeroConnectorsMainContract, config);
+  const client = initClient7(zeroConnectorsMainContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17224,7 +17675,7 @@ async function listZeroConnectors() {
 }
 async function getZeroConnector(type) {
   const config = await getClientConfig();
-  const client = initClient6(zeroConnectorsByTypeContract, config);
+  const client = initClient7(zeroConnectorsByTypeContract, config);
   const result = await client.get({
     params: { type }
   });
@@ -17238,7 +17689,7 @@ async function getZeroConnector(type) {
 }
 async function deleteZeroConnector(type) {
   const config = await getClientConfig();
-  const client = initClient6(zeroConnectorsByTypeContract, config);
+  const client = initClient7(zeroConnectorsByTypeContract, config);
   const result = await client.delete({
     params: { type }
   });
@@ -17249,7 +17700,7 @@ async function deleteZeroConnector(type) {
 }
 async function createZeroConnectorSession(type) {
   const config = await getClientConfig();
-  const client = initClient6(zeroConnectorSessionsContract, config);
+  const client = initClient7(zeroConnectorSessionsContract, config);
   const result = await client.create({
     params: { type },
     body: {}
@@ -17261,7 +17712,7 @@ async function createZeroConnectorSession(type) {
 }
 async function getZeroConnectorSession(type, sessionId) {
   const config = await getClientConfig();
-  const client = initClient6(zeroConnectorSessionByIdContract, config);
+  const client = initClient7(zeroConnectorSessionByIdContract, config);
   const result = await client.get({
     params: { type, sessionId }
   });
@@ -17272,7 +17723,7 @@ async function getZeroConnectorSession(type, sessionId) {
 }
 async function createZeroComputerConnector() {
   const config = await getClientConfig();
-  const client = initClient6(zeroComputerConnectorContract, config);
+  const client = initClient7(zeroComputerConnectorContract, config);
   const result = await client.create({
     body: {}
   });
@@ -17283,7 +17734,7 @@ async function createZeroComputerConnector() {
 }
 async function deleteZeroComputerConnector() {
   const config = await getClientConfig();
-  const client = initClient6(zeroComputerConnectorContract, config);
+  const client = initClient7(zeroComputerConnectorContract, config);
   const result = await client.delete({});
   if (result.status === 204) {
     return;
@@ -17292,10 +17743,10 @@ async function deleteZeroComputerConnector() {
 }
 
 // src/lib/api/domains/runs.ts
-import { initClient as initClient7 } from "@ts-rest/core";
+import { initClient as initClient8 } from "@ts-rest/core";
 async function createRun(body) {
   const config = await getClientConfig();
-  const client = initClient7(runsMainContract, config);
+  const client = initClient8(runsMainContract, config);
   const result = await client.create({ body });
   if (result.status === 201) {
     return result.body;
@@ -17304,7 +17755,7 @@ async function createRun(body) {
 }
 async function getEvents(runId, options) {
   const config = await getClientConfig();
-  const client = initClient7(runEventsContract, config);
+  const client = initClient8(runEventsContract, config);
   const result = await client.getEvents({
     params: { id: runId },
     query: {
@@ -17319,7 +17770,7 @@ async function getEvents(runId, options) {
 }
 async function listRuns(params) {
   const config = await getClientConfig();
-  const client = initClient7(runsMainContract, config);
+  const client = initClient8(runsMainContract, config);
   const result = await client.list({
     query: {
       status: params?.status,
@@ -17336,7 +17787,7 @@ async function listRuns(params) {
 }
 async function getRunQueue() {
   const config = await getClientConfig();
-  const client = initClient7(runsQueueContract, config);
+  const client = initClient8(runsQueueContract, config);
   const result = await client.getQueue({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17345,7 +17796,7 @@ async function getRunQueue() {
 }
 async function cancelRun(runId) {
   const config = await getClientConfig();
-  const client = initClient7(runsCancelContract, config);
+  const client = initClient8(runsCancelContract, config);
   const result = await client.cancel({
     params: { id: runId }
   });
@@ -17356,10 +17807,10 @@ async function cancelRun(runId) {
 }
 
 // src/lib/api/domains/sessions.ts
-import { initClient as initClient8 } from "@ts-rest/core";
+import { initClient as initClient9 } from "@ts-rest/core";
 async function getSession(sessionId) {
   const config = await getClientConfig();
-  const client = initClient8(sessionsByIdContract, config);
+  const client = initClient9(sessionsByIdContract, config);
   const result = await client.getById({
     params: { id: sessionId }
   });
@@ -17372,7 +17823,7 @@ async function getSession(sessionId) {
 }
 async function getCheckpoint(checkpointId) {
   const config = await getClientConfig();
-  const client = initClient8(checkpointsByIdContract, config);
+  const client = initClient9(checkpointsByIdContract, config);
   const result = await client.getById({
     params: { id: checkpointId }
   });
@@ -17383,10 +17834,10 @@ async function getCheckpoint(checkpointId) {
 }
 
 // src/lib/api/domains/storages.ts
-import { initClient as initClient9 } from "@ts-rest/core";
+import { initClient as initClient10 } from "@ts-rest/core";
 async function prepareStorage(body) {
   const config = await getClientConfig();
-  const client = initClient9(storagesPrepareContract, config);
+  const client = initClient10(storagesPrepareContract, config);
   const result = await client.prepare({ body });
   if (result.status === 200) {
     return result.body;
@@ -17395,7 +17846,7 @@ async function prepareStorage(body) {
 }
 async function commitStorage(body) {
   const config = await getClientConfig();
-  const client = initClient9(storagesCommitContract, config);
+  const client = initClient10(storagesCommitContract, config);
   const result = await client.commit({ body });
   if (result.status === 200) {
     return result.body;
@@ -17404,7 +17855,7 @@ async function commitStorage(body) {
 }
 async function getStorageDownload(query) {
   const config = await getClientConfig();
-  const client = initClient9(storagesDownloadContract, config);
+  const client = initClient10(storagesDownloadContract, config);
   const result = await client.download({
     query: {
       name: query.name,
@@ -17419,7 +17870,7 @@ async function getStorageDownload(query) {
 }
 async function listStorages(query) {
   const config = await getClientConfig();
-  const client = initClient9(storagesListContract, config);
+  const client = initClient10(storagesListContract, config);
   const result = await client.list({ query });
   if (result.status === 200) {
     return result.body;
@@ -17428,10 +17879,10 @@ async function listStorages(query) {
 }
 
 // src/lib/api/domains/zero-org-secrets.ts
-import { initClient as initClient10 } from "@ts-rest/core";
+import { initClient as initClient11 } from "@ts-rest/core";
 async function listZeroOrgSecrets() {
   const config = await getClientConfig();
-  const client = initClient10(zeroSecretsContract, config);
+  const client = initClient11(zeroSecretsContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17440,7 +17891,7 @@ async function listZeroOrgSecrets() {
 }
 async function setZeroOrgSecret(body) {
   const config = await getClientConfig();
-  const client = initClient10(zeroSecretsContract, config);
+  const client = initClient11(zeroSecretsContract, config);
   const result = await client.set({ body });
   if (result.status === 200 || result.status === 201) {
     return result.body;
@@ -17449,7 +17900,7 @@ async function setZeroOrgSecret(body) {
 }
 async function deleteZeroOrgSecret(name) {
   const config = await getClientConfig();
-  const client = initClient10(zeroSecretsByNameContract, config);
+  const client = initClient11(zeroSecretsByNameContract, config);
   const result = await client.delete({
     params: { name }
   });
@@ -17460,10 +17911,10 @@ async function deleteZeroOrgSecret(name) {
 }
 
 // src/lib/api/domains/zero-org-variables.ts
-import { initClient as initClient11 } from "@ts-rest/core";
+import { initClient as initClient12 } from "@ts-rest/core";
 async function listZeroOrgVariables() {
   const config = await getClientConfig();
-  const client = initClient11(zeroVariablesContract, config);
+  const client = initClient12(zeroVariablesContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17472,7 +17923,7 @@ async function listZeroOrgVariables() {
 }
 async function setZeroOrgVariable(body) {
   const config = await getClientConfig();
-  const client = initClient11(zeroVariablesContract, config);
+  const client = initClient12(zeroVariablesContract, config);
   const result = await client.set({ body });
   if (result.status === 200 || result.status === 201) {
     return result.body;
@@ -17481,7 +17932,7 @@ async function setZeroOrgVariable(body) {
 }
 async function deleteZeroOrgVariable(name) {
   const config = await getClientConfig();
-  const client = initClient11(zeroVariablesByNameContract, config);
+  const client = initClient12(zeroVariablesByNameContract, config);
   const result = await client.delete({
     params: { name }
   });
@@ -17492,10 +17943,10 @@ async function deleteZeroOrgVariable(name) {
 }
 
 // src/lib/api/domains/zero-org-model-providers.ts
-import { initClient as initClient12 } from "@ts-rest/core";
+import { initClient as initClient13 } from "@ts-rest/core";
 async function listZeroOrgModelProviders() {
   const config = await getClientConfig();
-  const client = initClient12(zeroModelProvidersMainContract, config);
+  const client = initClient13(zeroModelProvidersMainContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17504,7 +17955,7 @@ async function listZeroOrgModelProviders() {
 }
 async function upsertZeroOrgModelProvider(body) {
   const config = await getClientConfig();
-  const client = initClient12(zeroModelProvidersMainContract, config);
+  const client = initClient13(zeroModelProvidersMainContract, config);
   const result = await client.upsert({ body });
   if (result.status === 200 || result.status === 201) {
     return result.body;
@@ -17513,7 +17964,7 @@ async function upsertZeroOrgModelProvider(body) {
 }
 async function deleteZeroOrgModelProvider(type) {
   const config = await getClientConfig();
-  const client = initClient12(zeroModelProvidersByTypeContract, config);
+  const client = initClient13(zeroModelProvidersByTypeContract, config);
   const result = await client.delete({
     params: { type }
   });
@@ -17524,7 +17975,7 @@ async function deleteZeroOrgModelProvider(type) {
 }
 async function setZeroOrgModelProviderDefault(type) {
   const config = await getClientConfig();
-  const client = initClient12(zeroModelProvidersDefaultContract, config);
+  const client = initClient13(zeroModelProvidersDefaultContract, config);
   const result = await client.setDefault({
     params: { type }
   });
@@ -17535,7 +17986,7 @@ async function setZeroOrgModelProviderDefault(type) {
 }
 async function updateZeroOrgModelProviderModel(type, selectedModel) {
   const config = await getClientConfig();
-  const client = initClient12(zeroModelProvidersUpdateModelContract, config);
+  const client = initClient13(zeroModelProvidersUpdateModelContract, config);
   const result = await client.updateModel({
     params: { type },
     body: { selectedModel }
@@ -17547,52 +17998,52 @@ async function updateZeroOrgModelProviderModel(type, selectedModel) {
 }
 
 // src/lib/api/domains/zero-agents.ts
-import { initClient as initClient13 } from "@ts-rest/core";
+import { initClient as initClient14 } from "@ts-rest/core";
 async function createZeroAgent(body) {
   const config = await getClientConfig();
-  const client = initClient13(zeroAgentsMainContract, config);
+  const client = initClient14(zeroAgentsMainContract, config);
   const result = await client.create({ body });
   if (result.status === 201) return result.body;
   handleError(result, "Failed to create zero agent");
 }
 async function listZeroAgents() {
   const config = await getClientConfig();
-  const client = initClient13(zeroAgentsMainContract, config);
+  const client = initClient14(zeroAgentsMainContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) return result.body;
   handleError(result, "Failed to list zero agents");
 }
 async function getZeroAgent(id) {
   const config = await getClientConfig();
-  const client = initClient13(zeroAgentsByIdContract, config);
+  const client = initClient14(zeroAgentsByIdContract, config);
   const result = await client.get({ params: { id } });
   if (result.status === 200) return result.body;
   handleError(result, `Zero agent "${id}" not found`);
 }
 async function updateZeroAgent(id, body) {
   const config = await getClientConfig();
-  const client = initClient13(zeroAgentsByIdContract, config);
+  const client = initClient14(zeroAgentsByIdContract, config);
   const result = await client.update({ params: { id }, body });
   if (result.status === 200) return result.body;
   handleError(result, `Failed to update zero agent "${id}"`);
 }
 async function deleteZeroAgent(id) {
   const config = await getClientConfig();
-  const client = initClient13(zeroAgentsByIdContract, config);
+  const client = initClient14(zeroAgentsByIdContract, config);
   const result = await client.delete({ params: { id } });
   if (result.status === 204) return;
   handleError(result, `Zero agent "${id}" not found`);
 }
 async function getZeroAgentInstructions(id) {
   const config = await getClientConfig();
-  const client = initClient13(zeroAgentInstructionsContract, config);
+  const client = initClient14(zeroAgentInstructionsContract, config);
   const result = await client.get({ params: { id } });
   if (result.status === 200) return result.body;
   handleError(result, `Failed to get instructions for zero agent "${id}"`);
 }
 async function updateZeroAgentInstructions(id, content) {
   const config = await getClientConfig();
-  const client = initClient13(zeroAgentInstructionsContract, config);
+  const client = initClient14(zeroAgentInstructionsContract, config);
   const result = await client.update({
     params: { id },
     body: { content }
@@ -17602,10 +18053,10 @@ async function updateZeroAgentInstructions(id, content) {
 }
 
 // src/lib/api/domains/integrations-slack.ts
-import { initClient as initClient14 } from "@ts-rest/core";
+import { initClient as initClient15 } from "@ts-rest/core";
 async function sendSlackMessage(body) {
   const config = await getClientConfig();
-  const client = initClient14(integrationsSlackMessageContract, config);
+  const client = initClient15(integrationsSlackMessageContract, config);
   const result = await client.sendMessage({ body, headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17614,10 +18065,10 @@ async function sendSlackMessage(body) {
 }
 
 // src/lib/api/domains/zero-schedules.ts
-import { initClient as initClient15 } from "@ts-rest/core";
+import { initClient as initClient16 } from "@ts-rest/core";
 async function deployZeroSchedule(body) {
   const config = await getClientConfig();
-  const client = initClient15(zeroSchedulesMainContract, config);
+  const client = initClient16(zeroSchedulesMainContract, config);
   const result = await client.deploy({ body });
   if (result.status === 200 || result.status === 201) {
     return result.body;
@@ -17626,7 +18077,7 @@ async function deployZeroSchedule(body) {
 }
 async function listZeroSchedules() {
   const config = await getClientConfig();
-  const client = initClient15(zeroSchedulesMainContract, config);
+  const client = initClient16(zeroSchedulesMainContract, config);
   const result = await client.list({ headers: {} });
   if (result.status === 200) {
     return result.body;
@@ -17635,7 +18086,7 @@ async function listZeroSchedules() {
 }
 async function deleteZeroSchedule(params) {
   const config = await getClientConfig();
-  const client = initClient15(zeroSchedulesByNameContract, config);
+  const client = initClient16(zeroSchedulesByNameContract, config);
   const result = await client.delete({
     params: { name: params.name },
     query: { agentId: params.agentId }
@@ -17647,7 +18098,7 @@ async function deleteZeroSchedule(params) {
 }
 async function enableZeroSchedule(params) {
   const config = await getClientConfig();
-  const client = initClient15(zeroSchedulesEnableContract, config);
+  const client = initClient16(zeroSchedulesEnableContract, config);
   const result = await client.enable({
     params: { name: params.name },
     body: { agentId: params.agentId }
@@ -17659,7 +18110,7 @@ async function enableZeroSchedule(params) {
 }
 async function disableZeroSchedule(params) {
   const config = await getClientConfig();
-  const client = initClient15(zeroSchedulesEnableContract, config);
+  const client = initClient16(zeroSchedulesEnableContract, config);
   const result = await client.disable({
     params: { name: params.name },
     body: { agentId: params.agentId }
@@ -17783,32 +18234,23 @@ async function promptPassword(message) {
 
 export {
   configureGlobalProxyFromEnv,
+  decodeCliTokenPayload,
   decodeZeroTokenPayload,
   loadConfig,
   saveConfig,
   getToken,
-  getActiveToken,
   getApiUrl,
   getActiveOrg,
   clearConfig,
   extractAndGroupVariables,
   volumeConfigSchema,
   agentDefinitionSchema,
-  composesMainContract,
-  composesByIdContract,
-  composesVersionsContract,
   ALL_RUN_STATUSES,
-  runsMainContract,
-  runEventsContract,
   runSystemLogContract,
   runMetricsContract,
   runAgentEventsContract,
   runNetworkLogsContract,
   logsSearchContract,
-  storagesPrepareContract,
-  storagesCommitContract,
-  storagesDownloadContract,
-  storagesListContract,
   MODEL_PROVIDER_TYPES,
   getSelectableProviderTypes,
   hasAuthMethods,
@@ -17820,8 +18262,6 @@ export {
   hasModelSelection,
   allowsCustomModel,
   getCustomModelPlaceholder,
-  sessionsByIdContract,
-  checkpointsByIdContract,
   CONNECTOR_TYPES,
   connectorTypeSchema,
   getConnectorDerivedNames,
@@ -17869,6 +18309,7 @@ export {
   removeZeroOrgMember,
   leaveZeroOrg,
   deleteZeroOrg,
+  switchZeroOrg,
   listZeroSecrets,
   setZeroSecret,
   deleteZeroSecret,
@@ -17913,4 +18354,4 @@ export {
   promptSelect,
   promptPassword
 };
-//# sourceMappingURL=chunk-2KN52BP2.js.map
+//# sourceMappingURL=chunk-Z7ZCVASY.js.map