akm-cli 0.8.0-rc1 → 0.8.0-rc2

package/dist/cli.js

@@ -2080,6 +2080,10 @@ function listVaultsRecursive(listKeysFn) {
                 const canonical = deriveCanonicalAssetName("vault", vaultsDir, full);
                 if (!canonical)
                     continue;
+                // Skip sensitive vaults: presence of a sibling .sensitive marker file suppresses listing.
+                const markerPath = full.replace(/\.env$/, ".sensitive");
+                if (fs.existsSync(markerPath))
+                    continue;
                 const { keys } = listKeysFn(full);
                 result.push({ ref: makeVaultRef(canonical, source), path: full, keys });
             }
@@ -2102,6 +2106,9 @@ function splitVaultRunTarget(target) {
     if (!key) {
         throw new UsageError("Expected vault run target in the form <ref> or <ref/KEY>.");
     }
+    if (!/^[A-Za-z_][A-Za-z0-9_]*$/.test(key)) {
+        throw new UsageError(`"${key}" is not a valid environment variable name.`, "INVALID_FLAG_VALUE");
+    }
     const resolved = resolveVaultPath(refPart);
     if (!fs.existsSync(resolved.absPath)) {
         throw new NotFoundError(`Vault not found: ${makeVaultRef(resolved.name, resolved.source)}`);
@@ -2122,48 +2129,63 @@ const vaultCreateCommand = defineCommand({
     meta: { name: "create", description: "Create an empty vault file (no-op if it already exists)" },
     args: {
         name: { type: "positional", description: "Vault name (e.g. prod) — file becomes <name>.env", required: true },
+        sensitive: {
+            type: "boolean",
+            description: "Exclude this vault from vault list output and the search index",
+            default: false,
+        },
     },
     run({ args }) {
         return runWithJsonErrors(async () => {
             const { createVault } = await import("./commands/vault.js");
             const { name, absPath, source } = resolveVaultPath(args.name);
             createVault(absPath);
-            output("vault-create", { ref: makeVaultRef(name, source), path: absPath });
+            if (args.sensitive) {
+                const markerPath = absPath.replace(/\.env$/, ".sensitive");
+                if (!fs.existsSync(markerPath)) {
+                    fs.writeFileSync(markerPath, "", { mode: 0o600 });
+                }
+            }
+            output("vault-create", { ref: makeVaultRef(name, source) });
         });
     },
 });
 const vaultSetCommand = defineCommand({
     meta: {
         name: "set",
-        description: 'Set a key in a vault. Value is written to disk and never echoed back. Accepts KEY=VALUE combined form or separate KEY VALUE args. Optionally attach a comment with --comment "description".',
+        description: 'Set a key in a vault. Value is read from stdin by default (never via argv, avoiding /proc/cmdline exposure). Use --from-env <VAR> to read from an environment variable instead. Optionally attach a comment with --comment "description".',
     },
     args: {
         ref: { type: "positional", description: "Vault ref (e.g. vault:prod or just prod)", required: true },
-        key: { type: "positional", description: "Key name (e.g. DB_URL) or KEY=VALUE combined form", required: true },
-        value: {
-            type: "positional",
-            description: "Value to store (omit when using KEY=VALUE combined form)",
-            required: false,
-        },
+        key: { type: "positional", description: "Key name (e.g. DB_URL)", required: true },
         comment: { type: "string", description: "Optional comment written above the key line", required: false },
+        "from-env": {
+            type: "string",
+            description: "Read value from the named environment variable instead of stdin",
+        },
     },
     run({ args }) {
         return runWithJsonErrors(async () => {
             const { setKey } = await import("./commands/vault.js");
             const { name, absPath, source } = resolveVaultPath(args.ref);
-            let realKey;
+            const fromEnv = getHyphenatedArg(args, "from-env");
             let realValue;
-            if ((args.value === undefined || args.value === "") && args.key.includes("=")) {
-                const eqIdx = args.key.indexOf("=");
-                realKey = args.key.slice(0, eqIdx);
-                realValue = args.key.slice(eqIdx + 1);
+            if (fromEnv !== undefined) {
+                const envVal = process.env[fromEnv];
+                if (envVal === undefined) {
+                    throw new UsageError(`Environment variable "${fromEnv}" is not set.`, "INVALID_FLAG_VALUE");
+                }
+                realValue = envVal;
             }
             else {
-                realKey = args.key;
-                realValue = args.value ?? "";
+                const chunks = [];
+                for await (const chunk of Bun.stdin.stream()) {
+                    chunks.push(chunk);
+                }
+                realValue = Buffer.concat(chunks).toString("utf8").replace(/\n$/, "");
             }
-            setKey(absPath, realKey, realValue, args.comment);
-            output("vault-set", { ref: makeVaultRef(name, source), key: realKey, path: absPath });
+            setKey(absPath, args.key, realValue, args.comment);
+            output("vault-set", { ref: makeVaultRef(name, source), key: args.key });
         });
     },
 });
@@ -2181,7 +2203,7 @@ const vaultUnsetCommand = defineCommand({
                 throw new NotFoundError(`Vault not found: ${makeVaultRef(name, source)}`);
             }
             const removed = unsetKey(absPath, args.key);
-            output("vault-unset", { ref: makeVaultRef(name, source), key: args.key, removed, path: absPath });
+            output("vault-unset", { ref: makeVaultRef(name, source), key: args.key, removed });
         });
     },
 });
@@ -2237,6 +2259,15 @@ const vaultRunCommand = defineCommand({
                     mergedEnv[envKey] = envValue;
                 }
             }
+            // Emit vault access event (keys only, no values) for audit trail.
+            // Best-effort: never block vault run on event write failure.
+            appendEvent({
+                eventType: "vault_access",
+                ref: makeVaultRef(name, source),
+                metadata: {
+                    keys: key ? [key] : Object.keys(envValues),
+                },
+            });
             const result = spawnSync(command[0], command.slice(1), {
                 stdio: "inherit",
                 env: mergedEnv,

package/dist/commands/lint/base-linter.js

@@ -104,6 +104,23 @@ function refExistsInAnyStash(relPath, refType, refName, stashRoots) {
             if (fs.existsSync(derivedPath))
                 return true;
         }
+        // Knowledge-specific: search subdirectories like knowledge/projects/, knowledge/tools/, etc.
+        if (refType === "knowledge") {
+            try {
+                const knowledgeDir = path.join(root, "knowledge");
+                if (fs.existsSync(knowledgeDir) && fs.statSync(knowledgeDir).isDirectory()) {
+                    const entries = fs.readdirSync(knowledgeDir);
+                    for (const entry of entries) {
+                        const subPath = path.join(knowledgeDir, entry, `${refName}.md`);
+                        if (fs.existsSync(subPath))
+                            return true;
+                    }
+                }
+            }
+            catch {
+                // Ignore errors reading directory
+            }
+        }
         // Fallback: the refName may already encode the full stash-relative path
         // (e.g. knowledge:skills/foo/references/bar where the file lives at
         // <stash>/skills/foo/references/bar.md, not <stash>/knowledge/skills/...).
@@ -119,6 +136,11 @@ function refExistsInAnyStash(relPath, refType, refName, stashRoots) {
 /**
  * Returns an array of {ref, resolvedRelPath} for every local AKM ref in the
  * body that does not resolve to a real file under any of the provided stash roots.
+ *
+ * Skips false-positive patterns:
+ * - Shell variables: memory:$(cmd) or knowledge:${VAR}
+ * - ACP type notation: agent::Type (double colons are C++/ACP syntax)
+ * - Incomplete/placeholder refs: slug is single character or "**"
  */
 function checkMissingRefs(body, stashRoot, extraStashRoots = []) {
     const allRoots = [stashRoot, ...extraStashRoots];
@@ -128,6 +150,14 @@ function checkMissingRefs(body, stashRoot, extraStashRoots = []) {
     // biome-ignore lint/suspicious/noAssignInExpressions: idiomatic regex loop
     while ((match = re.exec(body)) !== null) {
         const fullRef = match[1]; // e.g. "workflow:foo" or "local//workflow:foo"
+        // Skip shell variables: memory:$(cmd) or knowledge:${VAR}
+        if (fullRef.includes("$(") || fullRef.includes("${")) {
+            continue;
+        }
+        // Skip ACP type notation: agent::Type (double colons)
+        if (fullRef.includes("::")) {
+            continue;
+        }
         // Strip leading "local//" prefix if present
         let ref = fullRef;
         if (ref.startsWith("local//")) {
@@ -147,6 +177,10 @@ function checkMissingRefs(body, stashRoot, extraStashRoots = []) {
         if (!refName || refName.startsWith("/") || refName.startsWith("~") || refName.startsWith("http")) {
             continue;
         }
+        // Skip placeholder/incomplete refs: single character slug or "**"
+        if (refName.length <= 1 || refName === "**") {
+            continue;
+        }
         const relPath = refToRelPath(refType, refName);
         if (relPath === null)
             continue; // type is skipped

package/dist/commands/vault.js

@@ -176,6 +176,9 @@ export function buildShellExportScript(vaultPath) {
  */
 export function setKey(vaultPath, key, value, comment) {
     validateKeyName(key);
+    if (comment !== undefined && /[\r\n]/.test(comment)) {
+        throw new Error("Vault key comment cannot contain newline characters.");
+    }
     ensureParentDir(vaultPath);
     const existing = fs.existsSync(vaultPath) ? fs.readFileSync(vaultPath, "utf8") : "";
     const lines = existing.length > 0 ? existing.split(/\r?\n/) : [];
@@ -246,7 +249,7 @@ export function unsetKey(vaultPath, key) {
     let out = kept.join("\n");
     if (out.length > 0 && !out.endsWith("\n"))
         out += "\n";
-    writeFileAtomic(vaultPath, out);
+    writeFileAtomic(vaultPath, out, 0o600);
     return true;
 }
 /** Create an empty vault file (does nothing if it already exists). */
@@ -254,7 +257,7 @@ export function createVault(vaultPath) {
     ensureParentDir(vaultPath);
     if (fs.existsSync(vaultPath))
         return;
-    writeFileAtomic(vaultPath, "");
+    writeFileAtomic(vaultPath, "", 0o600);
 }
 /**
  * Characters that are safe in an UNquoted dotenv value AND are not
@@ -303,5 +306,5 @@ function validateKeyName(key) {
 function ensureParentDir(filePath) {
     const dir = path.dirname(filePath);
     if (!fs.existsSync(dir))
-        fs.mkdirSync(dir, { recursive: true });
+        fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
 }

package/dist/core/asset-ref.js

@@ -67,6 +67,10 @@ function validateName(name) {
     if (normalized === ".." || normalized.startsWith("../")) {
         throw new UsageError("Path traversal in asset name.", "MISSING_REQUIRED_ARGUMENT");
     }
+    const segments = normalized.split("/");
+    if (segments.some((seg) => seg === "." || seg === "..")) {
+        throw new UsageError("Asset name cannot contain relative path segments.", "MISSING_REQUIRED_ARGUMENT");
+    }
 }
 function normalizeName(name) {
     return path.posix.normalize(name.replace(/\\/g, "/"));

package/dist/core/common.js

@@ -40,9 +40,9 @@ export function isAssetType(type) {
 export function writeFileAtomic(target, content, mode) {
     const tmp = `${target}.tmp.${process.pid}.${Math.random().toString(36).slice(2)}`;
     fs.writeFileSync(tmp, content, "utf8");
-    fs.renameSync(tmp, target);
     if (mode !== undefined)
-        fs.chmodSync(target, mode);
+        fs.chmodSync(tmp, mode);
+    fs.renameSync(tmp, target);
 }
 /**
  * Resolve the stash directory using a three-level fallback chain:

package/dist/indexer/db.js

@@ -1175,6 +1175,7 @@ export function getAllEntriesForEmbedding(db) {
         .prepare(`
       SELECT e.id, e.search_text AS searchText, e.entry_key AS entryKey, e.file_path AS filePath FROM entries e
       WHERE NOT EXISTS (SELECT 1 FROM embeddings b WHERE b.id = e.id)
+        AND e.entry_type != 'vault'
     `)
         .all();
 }

package/dist/indexer/metadata.js

@@ -440,6 +440,12 @@ export function shouldIndexStashFile(stashRoot, file, options) {
     const segments = relPath.split(/[\\/]+/).filter(Boolean);
     if (segments.length === 0)
         return true;
+    // Skip vault .env files that have a sibling .sensitive marker file.
+    if (segments[0] === "vaults" && (file.endsWith(".env") || path.basename(file) === ".env")) {
+        const markerPath = file.replace(/\.env$/, ".sensitive");
+        if (fs.existsSync(markerPath))
+            return false;
+    }
     if (options?.treatStashRootAsWikiRoot) {
         return !(segments.length === 1 && WIKI_INFRA_FILES.has(segments[0]));
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "akm-cli",
-  "version": "0.8.0-rc1",
+  "version": "0.8.0-rc2",
   "type": "module",
   "description": "akm (Agent Kit Manager) — A package manager for AI agent skills, commands, tools, and knowledge. Works with Claude Code, OpenCode, Cursor, and any AI coding assistant.",
   "keywords": [