agentspd 1.0.0 → 1.1.0

package/dist/api.js

@@ -47,6 +47,9 @@ class EmotosApiClient {
     async signup(data) {
         return this.request('POST', '/auth/signup', data, false);
     }
+    async verify(token) {
+        return this.request('POST', '/auth/verify', { token }, false);
+    }
     async logout() {
         return this.request('POST', '/auth/logout');
     }
@@ -63,6 +66,8 @@ class EmotosApiClient {
             query.set('environment', params.environment);
         if (params?.status)
             query.set('status', params.status);
+        if (params?.name)
+            query.set('name', params.name);
         if (params?.limit)
             query.set('limit', String(params.limit));
         if (params?.offset)
@@ -73,6 +78,44 @@ class EmotosApiClient {
     async getAgent(agentId) {
         return this.request('GET', `/agents/${agentId}`);
     }
+    // ── Name-based resolvers ─────────────────────────────────────────────
+    // These let CLI commands accept either a UUID or a human-readable name.
+    async resolveAgent(nameOrId) {
+        if (isUuid(nameOrId))
+            return nameOrId;
+        const result = await this.listAgents({ name: nameOrId });
+        if (result.data?.items.length === 1)
+            return result.data.items[0].id;
+        if (result.data && result.data.items.length > 1)
+            throw new Error(`Multiple agents named "${nameOrId}". Use the ID instead.`);
+        throw new Error(`Agent "${nameOrId}" not found.`);
+    }
+    async resolveWorkspace(nameOrId) {
+        if (isUuid(nameOrId))
+            return nameOrId;
+        const result = await this.listWorkspaces({ name: nameOrId });
+        if (result.data?.items) {
+            const matches = result.data.items.filter((w) => w.name === nameOrId);
+            if (matches.length === 1)
+                return matches[0].id;
+            if (matches.length > 1)
+                throw new Error(`Multiple workspaces named "${nameOrId}". Use the ID instead.`);
+        }
+        throw new Error(`Workspace "${nameOrId}" not found.`);
+    }
+    async resolvePolicy(nameOrId) {
+        if (isUuid(nameOrId))
+            return nameOrId;
+        const result = await this.listPolicies();
+        if (result.data?.policies) {
+            const matches = result.data.policies.filter((p) => p.name === nameOrId);
+            if (matches.length === 1)
+                return matches[0].id;
+            if (matches.length > 1)
+                throw new Error(`Multiple policies named "${nameOrId}". Use the ID instead.`);
+        }
+        throw new Error(`Policy "${nameOrId}" not found.`);
+    }
     async issueToken(agentId, ttlSeconds) {
         return this.request('POST', `/agents/${agentId}/token`, { ttlSeconds });
     }
@@ -167,5 +210,109 @@ class EmotosApiClient {
     async getMetrics() {
         return this.request('GET', '/metrics');
     }
+    // Workspace endpoints
+    async createWorkspace(data) {
+        const result = await this.request('POST', '/workspaces', data);
+        // API wraps response in { workspace: {...} } — unwrap for consistency
+        if (result.data?.workspace) {
+            result.data = result.data.workspace;
+        }
+        return result;
+    }
+    async listWorkspaces(params) {
+        const query = new URLSearchParams();
+        if (params?.status)
+            query.set('status', params.status);
+        if (params?.name)
+            query.set('name', params.name);
+        const queryStr = query.toString();
+        const result = await this.request('GET', `/workspaces${queryStr ? `?${queryStr}` : ''}`);
+        // API returns { workspaces: [...] } — normalize to { items: [...] }
+        if (result.data && result.data.workspaces && !result.data.items) {
+            result.data.items = result.data.workspaces;
+            delete result.data.workspaces;
+        }
+        return result;
+    }
+    async getWorkspace(workspaceId) {
+        return this.request('GET', `/workspaces/${workspaceId}`);
+    }
+    async workspaceInvite(workspaceId, data) {
+        return this.request('POST', `/workspaces/${workspaceId}/invite`, data);
+    }
+    async workspaceJoin(workspaceId, data) {
+        return this.request('POST', `/workspaces/${workspaceId}/join`, data);
+    }
+    async workspaceLeave(workspaceId, data) {
+        return this.request('POST', `/workspaces/${workspaceId}/leave`, data);
+    }
+    async closeWorkspace(workspaceId) {
+        return this.request('DELETE', `/workspaces/${workspaceId}`);
+    }
+    async workspacePostMessage(workspaceId, data) {
+        const result = await this.request('POST', `/workspaces/${workspaceId}/messages`, data);
+        // API wraps response in { message: {...} } — unwrap for consistency
+        if (result.data?.message) {
+            result.data = result.data.message;
+        }
+        return result;
+    }
+    async workspaceMessages(workspaceId, params) {
+        const query = new URLSearchParams();
+        if (params?.after)
+            query.set('after', params.after);
+        if (params?.limit)
+            query.set('limit', String(params.limit));
+        const queryStr = query.toString();
+        const result = await this.request('GET', `/workspaces/${workspaceId}/messages${queryStr ? `?${queryStr}` : ''}`);
+        // API returns { messages: [...], cursor } — normalize to { items: [...], nextCursor }
+        if (result.data && result.data.messages && !result.data.items) {
+            result.data.items = result.data.messages;
+            delete result.data.messages;
+        }
+        if (result.data && result.data.cursor !== undefined && result.data.nextCursor === undefined) {
+            result.data.nextCursor = result.data.cursor;
+            delete result.data.cursor;
+        }
+        return result;
+    }
+    async workspacePresence(workspaceId) {
+        return this.request('GET', `/workspaces/${workspaceId}/presence`);
+    }
+    async workspaceStream(workspaceId) {
+        if (!isAuthenticated())
+            return null;
+        const url = `${getApiUrl()}/v1/workspaces/${workspaceId}/stream`;
+        try {
+            const response = await fetch(url, {
+                headers: { ...getAuthHeader(), Accept: 'text/event-stream' },
+            });
+            return response.body?.getReader() ?? null;
+        }
+        catch {
+            return null;
+        }
+    }
+    async generatePolicy(data) {
+        return this.request('POST', '/policies/generate', data);
+    }
+    // ── SSE streaming ────────────────────────────────────────────────────
+    async streamEvents(path) {
+        if (!isAuthenticated())
+            return null;
+        const url = `${getApiUrl()}/v1${path}`;
+        try {
+            const response = await fetch(url, {
+                headers: { ...getAuthHeader(), Accept: 'text/event-stream' },
+            });
+            return response.body?.getReader() ?? null;
+        }
+        catch {
+            return null;
+        }
+    }
+}
+function isUuid(str) {
+    return /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(str);
 }
 export const api = new EmotosApiClient();

package/dist/commands/agents.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"agents.d.ts","sourceRoot":"","sources":["../../src/commands/agents.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAOpC,wBAAgB,mBAAmB,IAAI,OAAO,CA8S7C"}
+{"version":3,"file":"agents.d.ts","sourceRoot":"","sources":["../../src/commands/agents.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAOpC,wBAAgB,mBAAmB,IAAI,OAAO,CAiW7C"}

package/dist/commands/agents.js

@@ -129,9 +129,17 @@ export function createAgentsCommand() {
     agents
         .command('get <agentId>')
         .alias('show')
-        .description('Get agent details')
+        .description('Get agent details (accepts name or ID)')
         .option('--json', 'Output as JSON')
-        .action(async (agentId, options) => {
+        .action(async (agentIdOrName, options) => {
+        let agentId;
+        try {
+            agentId = await api.resolveAgent(agentIdOrName);
+        }
+        catch (e) {
+            output.error(e.message);
+            return;
+        }
         const spinner = ora('Fetching agent...').start();
         const result = await api.getAgent(agentId);
         if (result.error) {
@@ -161,10 +169,18 @@ export function createAgentsCommand() {
     agents
         .command('token <agentId>')
         .alias('issue-token')
-        .description('Issue a JWT token for an agent')
+        .description('Issue a JWT token for an agent (accepts name or ID)')
         .option('-t, --ttl <seconds>', 'Token TTL in seconds', '3600')
         .option('--json', 'Output as JSON')
-        .action(async (agentId, options) => {
+        .action(async (agentIdOrName, options) => {
+        let agentId;
+        try {
+            agentId = await api.resolveAgent(agentIdOrName);
+        }
+        catch (e) {
+            output.error(e.message);
+            return;
+        }
         const spinner = ora('Issuing token...').start();
         const result = await api.issueToken(agentId, Number.parseInt(options.ttl, 10));
         if (result.error) {
@@ -190,9 +206,17 @@ export function createAgentsCommand() {
     });
     agents
         .command('revoke <agentId>')
-        .description('Revoke an agent and all its tokens')
+        .description('Revoke an agent and all its tokens (accepts name or ID)')
         .option('-f, --force', 'Skip confirmation')
-        .action(async (agentId, options) => {
+        .action(async (agentIdOrName, options) => {
+        let agentId;
+        try {
+            agentId = await api.resolveAgent(agentIdOrName);
+        }
+        catch (e) {
+            output.error(e.message);
+            return;
+        }
         if (!options.force) {
             const answers = await inquirer.prompt([
                 {
@@ -221,9 +245,17 @@ export function createAgentsCommand() {
     });
     agents
         .command('rotate <agentId>')
-        .description('Rotate agent credentials')
+        .description('Rotate agent credentials (accepts name or ID)')
         .option('--json', 'Output as JSON')
-        .action(async (agentId, options) => {
+        .action(async (agentIdOrName, options) => {
+        let agentId;
+        try {
+            agentId = await api.resolveAgent(agentIdOrName);
+        }
+        catch (e) {
+            output.error(e.message);
+            return;
+        }
         const spinner = ora('Rotating credentials...').start();
         const result = await api.rotateCredentials(agentId);
         if (result.error) {
@@ -243,35 +275,85 @@ export function createAgentsCommand() {
     });
     agents
         .command('monitor <agentId>')
-        .description('Monitor agent activity in real-time')
+        .description('Monitor agent activity in real-time (accepts name or ID)')
         .option('-l, --limit <n>', 'Number of events to show', '10')
-        .action(async (agentId, options) => {
+        .action(async (agentIdOrName, options) => {
+        let agentId;
+        try {
+            agentId = await api.resolveAgent(agentIdOrName);
+        }
+        catch (e) {
+            output.error(e.message);
+            return;
+        }
         output.heading(`Monitoring agent: ${agentId}`);
         output.info('Press Ctrl+C to stop');
         console.log();
-        const fetchEvents = async () => {
-            const result = await api.queryAuditEvents({
-                agentId,
-                limit: Number.parseInt(options.limit, 10),
-            });
-            if (result.data && result.data.items.length > 0) {
-                output.printAuditTable(result.data.items);
-            }
-            else {
-                output.dim('No recent events');
-            }
-        };
-        // Initial fetch
-        await fetchEvents();
-        // Poll every 5 seconds
-        const interval = setInterval(fetchEvents, 5000);
-        // Handle Ctrl+C
-        process.on('SIGINT', () => {
-            clearInterval(interval);
+        // Try SSE stream first, fall back to polling
+        const reader = await api.streamEvents(`/agents/${agentId}/stream`);
+        if (reader) {
+            output.info('Connected via real-time stream');
             console.log();
-            output.info('Monitoring stopped');
-            process.exit(0);
-        });
+            const decoder = new TextDecoder();
+            let buffer = '';
+            const read = async () => {
+                try {
+                    while (true) {
+                        const { done, value } = await reader.read();
+                        if (done)
+                            break;
+                        buffer += decoder.decode(value, { stream: true });
+                        const lines = buffer.split('\n');
+                        buffer = lines.pop() ?? '';
+                        for (const line of lines) {
+                            if (line.startsWith('data: ')) {
+                                try {
+                                    const event = JSON.parse(line.slice(6));
+                                    const time = new Date().toISOString().slice(11, 19);
+                                    console.log(`${output.dim(time)} ${output.bold(event.eventType ?? 'event')} ${JSON.stringify(event).slice(0, 120)}`);
+                                }
+                                catch { /* ignore parse errors */ }
+                            }
+                        }
+                    }
+                }
+                catch (err) {
+                    if (err.name !== 'AbortError') {
+                        output.warn('Stream disconnected, falling back to polling...');
+                    }
+                }
+            };
+            read();
+            process.on('SIGINT', () => {
+                reader.cancel();
+                console.log();
+                output.info('Monitoring stopped');
+                process.exit(0);
+            });
+        }
+        else {
+            // Fallback: polling every 5 seconds
+            const fetchEvents = async () => {
+                const result = await api.queryAuditEvents({
+                    agentId,
+                    limit: Number.parseInt(options.limit, 10),
+                });
+                if (result.data && result.data.items.length > 0) {
+                    output.printAuditTable(result.data.items);
+                }
+                else {
+                    output.dim('No recent events');
+                }
+            };
+            await fetchEvents();
+            const interval = setInterval(fetchEvents, 5000);
+            process.on('SIGINT', () => {
+                clearInterval(interval);
+                console.log();
+                output.info('Monitoring stopped');
+                process.exit(0);
+            });
+        }
     });
     return agents;
 }

package/dist/commands/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/commands/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAOpC,wBAAgB,iBAAiB,IAAI,OAAO,CA6P3C"}
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/commands/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAOpC,wBAAgB,iBAAiB,IAAI,OAAO,CAuR3C"}

package/dist/commands/auth.js

@@ -14,6 +14,9 @@ export function createAuthCommand() {
         .option('-p, --password <password>', 'Password')
         .option('-k, --api-key <key>', 'Use API key instead of email/password')
         .action(async (options) => {
+        console.log();
+        console.log(`  Or log in via browser: ${output.link('https://emotos.ai/login')}`);
+        console.log();
         if (options.apiKey) {
             setConfig('apiKey', options.apiKey);
             const spinner = ora('Verifying API key...').start();
@@ -63,14 +66,16 @@ export function createAuthCommand() {
             return;
         }
         if (result.data) {
-            setConfig('sessionToken', result.data.sessionToken);
-            setConfig('orgId', result.data.org.id);
-            setConfig('orgName', result.data.org.name);
-            setConfig('userId', result.data.user.id);
-            setConfig('userName', result.data.user.name);
-            spinner.succeed(`Logged in as ${result.data.user.name}`);
-            output.info(`Organization: ${result.data.org.name}`);
-            output.info(`Role: ${result.data.user.role}`);
+            // API returns "token" or "sessionToken" depending on version
+            const sessionToken = result.data.sessionToken || result.data.token;
+            setConfig('sessionToken', sessionToken);
+            setConfig('orgId', result.data.org?.id);
+            setConfig('orgName', result.data.org?.name);
+            setConfig('userId', result.data.user?.id);
+            setConfig('userName', result.data.user?.name);
+            spinner.succeed(`Logged in as ${result.data.user?.name ?? result.data.org?.name ?? email}`);
+            output.info(`Organization: ${result.data.org?.name ?? 'N/A'}`);
+            output.info(`Role: ${result.data.user?.role ?? 'N/A'}`);
         }
     });
     auth
@@ -79,13 +84,14 @@ export function createAuthCommand() {
         .option('-e, --email <email>', 'Email address')
         .option('-p, --password <password>', 'Password')
         .option('-n, --name <name>', 'Your name')
-        .option('-r, --role <role>', 'Role (provider or consumer)', 'provider')
         .option('-o, --org-name <name>', 'Organization name')
         .action(async (options) => {
+        console.log();
+        console.log(`  Or sign up via browser: ${output.link('https://emotos.ai/signup')}`);
+        console.log();
         let email = options.email;
         let password = options.password;
         let name = options.name;
-        let role = options.role;
         let orgName = options.orgName;
         const prompts = [];
         if (!email) {
@@ -113,17 +119,6 @@ export function createAuthCommand() {
                 validate: (input) => input.length > 0 || 'Name is required',
             });
         }
-        if (!role) {
-            prompts.push({
-                type: 'list',
-                name: 'role',
-                message: 'Select your role:',
-                choices: [
-                    { name: 'Agent Provider - I build and deploy AI agents', value: 'provider' },
-                    { name: 'Agent Consumer - I use AI agents and need to protect my systems', value: 'consumer' },
-                ],
-            });
-        }
         if (!orgName) {
             prompts.push({
                 type: 'input',
@@ -136,9 +131,9 @@ export function createAuthCommand() {
             email = email || answers.email;
             password = password || answers.password;
             name = name || answers.name;
-            role = role || answers.role;
             orgName = orgName || answers.orgName;
         }
+        const role = 'free';
         const spinner = ora('Creating account...').start();
         const result = await api.signup({ email, password, name, role, orgName: orgName || undefined });
         if (result.error) {
@@ -147,20 +142,38 @@ export function createAuthCommand() {
             return;
         }
         if (result.data) {
-            setConfig('sessionToken', result.data.sessionToken);
-            setConfig('orgId', result.data.org.id);
-            setConfig('orgName', result.data.org.name);
-            setConfig('userId', result.data.user.id);
-            setConfig('userName', result.data.user.name);
+            const data = result.data;
+            // API may return a verification-required response (no session yet)
+            if (data.requiresVerification) {
+                spinner.succeed('Account created — email verification required');
+                output.info(`Email: ${data.email}`);
+                if (data.orgApiKey) {
+                    setConfig('apiKey', data.orgApiKey);
+                    output.info(`Org API Key saved (use for auth until verified)`);
+                }
+                console.log();
+                output.info('Next steps:');
+                console.log('  1. Verify your email (check inbox or API logs in dev mode)');
+                console.log(`  2. Then log in at: ${output.link('https://emotos.ai/login')}`);
+                console.log('  3. Or run: agentspd auth login');
+                return;
+            }
+            // Full session response (legacy / auto-verified flow)
+            const sessionToken = data.sessionToken || data.token;
+            setConfig('sessionToken', sessionToken);
+            setConfig('orgId', data.org?.id);
+            setConfig('orgName', data.org?.name);
+            setConfig('userId', data.user?.id);
+            setConfig('userName', data.user?.name);
             spinner.succeed('Account created successfully!');
-            output.info(`Welcome, ${result.data.user.name}!`);
-            output.info(`Organization: ${result.data.org.name}`);
-            output.info(`Role: ${result.data.user.role}`);
+            output.info(`Welcome, ${data.user?.name ?? email}!`);
+            output.info(`Organization: ${data.org?.name ?? orgName ?? 'N/A'}`);
             console.log();
             output.info('Next steps:');
-            console.log('  1. Create a security policy: emotos policies create');
-            console.log('  2. Register an agent: emotos agents create');
-            console.log('  3. Connect your agent via the MCP proxy');
+            console.log(`  Dashboard:            ${output.link('https://emotos.ai')}`);
+            console.log('  1. Run the quickstart: agentspd init');
+            console.log('  2. Or manually: agentspd policies create && agentspd agents create');
+            console.log('  3. Point your agent at: wss://emotos.ai/v1/mcp');
         }
     });
     auth
@@ -178,6 +191,7 @@ export function createAuthCommand() {
     });
     auth
         .command('whoami')
+        .alias('me')
         .description('Show current user information')
         .action(async () => {
         if (!isAuthenticated()) {
@@ -194,14 +208,17 @@ export function createAuthCommand() {
         spinner.stop();
         if (result.data) {
             output.heading('Current User');
-            output.printKeyValue([
-                ['Name', result.data.user.name],
-                ['Email', result.data.user.email],
-                ['Role', result.data.user.role],
-                ['Organization', result.data.org.name],
-                ['Org ID', result.data.org.id],
-                ['Tier', result.data.org.tier],
-            ]);
+            const pairs = [];
+            if (result.data.user) {
+                pairs.push(['Name', result.data.user.name], ['Email', result.data.user.email], ['Role', result.data.user.role]);
+            }
+            else {
+                pairs.push(['Auth', 'Org API Key']);
+            }
+            if (result.data.org) {
+                pairs.push(['Organization', result.data.org.name], ['Org ID', result.data.org.id], ['Tier', result.data.org.tier]);
+            }
+            output.printKeyValue(pairs);
         }
     });
     auth

package/dist/commands/index.d.ts

@@ -6,4 +6,6 @@ export { createThreatsCommand } from './threats.js';
 export { createWebhooksCommand } from './webhooks.js';
 export { createConfigCommand } from './config-cmd.js';
 export { createInitCommand } from './init.js';
+export { createWorkspacesCommand, createPolicyGenerateCommand, createPolicyRefineCommand } from './workspaces.js';
+export { createOpenClawCommand } from './openclaw.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/commands/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAChD,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAChD,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,2BAA2B,EAAE,yBAAyB,EAAE,MAAM,iBAAiB,CAAC;AAClH,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC"}

package/dist/commands/index.js

@@ -6,3 +6,5 @@ export { createThreatsCommand } from './threats.js';
 export { createWebhooksCommand } from './webhooks.js';
 export { createConfigCommand } from './config-cmd.js';
 export { createInitCommand } from './init.js';
+export { createWorkspacesCommand, createPolicyGenerateCommand, createPolicyRefineCommand } from './workspaces.js';
+export { createOpenClawCommand } from './openclaw.js';

package/dist/commands/init.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAuLpC,wBAAgB,iBAAiB,IAAI,OAAO,CA+H3C"}
+{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAmOpC,wBAAgB,iBAAiB,IAAI,OAAO,CA4K3C"}