askshepherd 0.1.42 → 0.1.45
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +80 -204
- package/bin/shepherd-onboard.js +7198 -696
- package/bin/shepherd.js +1504 -0
- package/package.json +8 -5
- package/skills/shepherd/SKILL.md +107 -0
- package/source-selection.cjs +3 -0
- package/wiki-readiness.cjs +106 -0
package/README.md
CHANGED
|
@@ -1,274 +1,150 @@
|
|
|
1
|
-
# AskShepherd
|
|
1
|
+
# AskShepherd CLI
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
customers should use the Shepherd macOS app; the app bundles this same engine
|
|
5
|
-
and installs background sync/MCP without asking customers to run `npx`.
|
|
6
|
-
|
|
7
|
-
The npm package is `askshepherd`. The installed binary also exposes `shepherd`,
|
|
8
|
-
and the support CLI uses the package name:
|
|
9
|
-
|
|
10
|
-
```sh
|
|
11
|
-
claude "Run Shepherd customer onboarding with: npx -y askshepherd@latest agent. Ask me the onboarding questions, do not infer answers from local context, and continue through the follow-up commands it prints. After onboarding completes, ask whether to install Shepherd MCP for me into Codex, Claude Code, Cursor, any subset, or none; if I choose any, run npx -y askshepherd@latest mcp-login --install <targets>." --dangerously-skip-permissions
|
|
12
|
-
```
|
|
13
|
-
|
|
14
|
-
## Claude Code Onboarding Command
|
|
15
|
-
|
|
16
|
-
Give this to Claude Code:
|
|
3
|
+
Self-serve Shepherd onboarding and memory CLI.
|
|
17
4
|
|
|
18
5
|
```sh
|
|
19
|
-
|
|
6
|
+
npx -y askshepherd@latest
|
|
20
7
|
```
|
|
21
8
|
|
|
22
|
-
|
|
23
|
-
Claude Code onboarding asks short selection questions first: existing/new org, sources to connect, Messages skip/provide-handle, and whether to sync Coding Sessions from Codex/Claude Code. If Messages is selected, the agent runs `messages-chats`, opens a minimal searchable local webpage, and has the user select which contacts/groups to sync. If Coding Sessions is selected, onboarding installs a local LaunchAgent that syncs redacted session summaries, not full raw transcripts. Account creation/relinking always starts with Shepherd WorkOS auth. After onboarding completes, the agent asks whether to install Shepherd MCP for the signed-in customer into Codex, Claude Code, Cursor, any subset, or none.
|
|
24
|
-
Existing-organization joins are verified from Shepherd login and company email domain; the typed org name is not trusted by itself.
|
|
25
|
-
|
|
26
|
-
For experiments, pass a separate non-production API explicitly:
|
|
9
|
+
If the Shepherd skill is already installed, give this one line to a coding agent:
|
|
27
10
|
|
|
28
|
-
```
|
|
29
|
-
|
|
11
|
+
```text
|
|
12
|
+
Use the Shepherd skill to onboard me to this repository before coding.
|
|
30
13
|
```
|
|
31
14
|
|
|
32
|
-
|
|
15
|
+
If the agent does not already have the skill, give it this bootstrap line:
|
|
33
16
|
|
|
34
|
-
```
|
|
35
|
-
npx -y askshepherd@latest
|
|
17
|
+
```text
|
|
18
|
+
Set up Shepherd for me: run `npx -y askshepherd@latest agent-setup` (installs the Codex usage skill by default; pass --install claude|all|none to change), then `npx -y askshepherd@latest guide`; follow the returned workflow, ask me where to install MCP tools, ask consent before connecting each source, then verify with `npx -y askshepherd@latest status`, `npx -y askshepherd@latest shepherd_wiki_status`, and `npx -y askshepherd@latest tools --json`.
|
|
36
19
|
```
|
|
37
20
|
|
|
38
|
-
The command
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
- asks for name, organization, and an optional local Messages handle
|
|
42
|
-
- creates or reuses the Shepherd customer account from the WorkOS-authenticated email
|
|
43
|
-
- creates or reuses the organization, including case-insensitive and close-name matches
|
|
44
|
-
- only reuses an existing organization when the authenticated account is allowed to join it
|
|
45
|
-
- prints Google Workspace domain-wide delegation setup for a Workspace super admin
|
|
46
|
-
- opens Slack authorization
|
|
47
|
-
- opens the Granola desktop app to Settings -> Connectors -> API keys
|
|
48
|
-
- collects the Granola API key after opening the Granola screen when Granola is enabled
|
|
49
|
-
- asks the user to grant or confirm macOS Full Disk Access before local Messages sync
|
|
50
|
-
- checks local Messages access and keeps prompting in interactive onboarding until Full Disk Access works
|
|
51
|
-
- opens a minimal searchable local webpage with contact/group names and only syncs the chats selected by the user
|
|
52
|
-
- sets up local macOS Messages raw sync with a background LaunchAgent scoped to the selected chats, including contact-name hydration for observed conversations
|
|
53
|
-
- optionally sets up local Codex/Claude Code coding-session summary sync with a background LaunchAgent
|
|
54
|
-
- starts raw polling/backfill for connected sources
|
|
55
|
-
- asks the customer-facing production cloud to schedule downstream processing; wiki ingestion, memory artifacts, and document summaries run in separate brain services, not in the local CLI
|
|
56
|
-
|
|
57
|
-
The command does not expose Railway, database, Redis, or internal service details to the user.
|
|
21
|
+
The default command starts onboarding. It authenticates the Shepherd account,
|
|
22
|
+
creates or selects the customer org, connects selected sources, starts backend
|
|
23
|
+
processing, saves local state, and prepares CLI tool auth.
|
|
58
24
|
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
Use this when the user asks "Check what I've enabled for Shepherd?":
|
|
25
|
+
After install, use the `shepherd` command:
|
|
62
26
|
|
|
63
27
|
```sh
|
|
64
|
-
npx -y askshepherd@latest
|
|
65
|
-
|
|
28
|
+
npx -y askshepherd@latest agent-setup
|
|
29
|
+
shepherd guide
|
|
30
|
+
shepherd troubleshoot
|
|
31
|
+
shepherd login
|
|
32
|
+
shepherd onboard
|
|
33
|
+
shepherd continue
|
|
34
|
+
shepherd status
|
|
35
|
+
shepherd shepherd_wiki_status
|
|
36
|
+
shepherd tools --json
|
|
37
|
+
shepherd <tool_name> --args '<json_object>'
|
|
38
|
+
shepherd skill
|
|
66
39
|
```
|
|
67
40
|
|
|
68
|
-
|
|
69
|
-
processing state, and local background sync health for Messages and Coding
|
|
70
|
-
Sessions.
|
|
71
|
-
|
|
72
|
-
Agents must not inspect the user's folders or repositories to answer setup
|
|
73
|
-
status. Do not run `ls`, `find`, `rg`, `grep`, `cat`, `Read`, `Glob`, or
|
|
74
|
-
`Explore` against the user's home directory, repositories, `~/.codex`,
|
|
75
|
-
`~/.claude`, or `~/.shepherd` for Shepherd setup. Use the npm status command
|
|
76
|
-
above; it performs the bounded local checks.
|
|
77
|
-
|
|
78
|
-
## Set Up Coding Agent Sessions
|
|
41
|
+
## Onboarding
|
|
79
42
|
|
|
80
|
-
|
|
81
|
-
coding agent sessions locally for Shepherd":
|
|
43
|
+
One-line agent setup:
|
|
82
44
|
|
|
83
45
|
```sh
|
|
84
|
-
npx -y askshepherd@latest agent
|
|
85
|
-
npx -y askshepherd@latest agent --add-sources coding-sessions --name "<name>" --org "<organization>"
|
|
86
|
-
npx -y askshepherd@latest agent --continue
|
|
87
|
-
npx -y askshepherd@latest status
|
|
46
|
+
npx -y askshepherd@latest agent-setup
|
|
88
47
|
```
|
|
89
48
|
|
|
90
|
-
|
|
91
|
-
collector syncs redacted Codex and Claude Code summaries, not full transcripts.
|
|
92
|
-
The agent should run only the commands above and should not search the local
|
|
93
|
-
filesystem for a Shepherd agent implementation.
|
|
94
|
-
|
|
95
|
-
## Customer MCP Login
|
|
96
|
-
|
|
97
|
-
After raw onboarding creates the Shepherd customer account, customers can
|
|
98
|
-
install the production MCP from the saved local onboarding session:
|
|
49
|
+
Agent-facing onboarding workflow:
|
|
99
50
|
|
|
100
51
|
```sh
|
|
101
|
-
|
|
52
|
+
shepherd guide
|
|
102
53
|
```
|
|
103
54
|
|
|
104
|
-
|
|
105
|
-
production API and mints an MCP token for that exact customer account. If the
|
|
106
|
-
local onboarding session is unavailable, it falls back to Shepherd WorkOS auth
|
|
107
|
-
and still links only an existing onboarded customer account. It writes
|
|
108
|
-
`~/.shepherd/mcp.json` and asks where Shepherd MCP should be accessible. It can
|
|
109
|
-
install the MCP into:
|
|
110
|
-
|
|
111
|
-
- Codex CLI/app
|
|
112
|
-
- Claude Code
|
|
113
|
-
- Cursor IDE and Cursor Agent
|
|
114
|
-
|
|
115
|
-
The saved MCP state includes:
|
|
116
|
-
|
|
117
|
-
- `mcpUrl`: `https://brain-api-customer-facing.up.railway.app/mcp`
|
|
118
|
-
- `token`: bearer token for MCP clients
|
|
119
|
-
- `account`: linked customer account metadata
|
|
120
|
-
- `authSource`: `local_onboarding` or `workos`
|
|
121
|
-
- `localAuth`: raw onboarding state reference when local auth was used
|
|
122
|
-
|
|
123
|
-
The installed MCP server is local npm first, remote brain second. For questions
|
|
124
|
-
like "what do I have set up on Shepherd?", "is Shepherd syncing?", or "help me
|
|
125
|
-
set up coding agent sessions", the MCP exposes local tools such as
|
|
126
|
-
`shepherd_status`, `shepherd_setup_coding_sessions`, and
|
|
127
|
-
`shepherd_enable_coding_sessions` that route agents to the local
|
|
128
|
-
`askshepherd status` / add-source flow. Production memory and wiki tools remain
|
|
129
|
-
remote Railway-backed tools for source recall and company-memory answers.
|
|
130
|
-
Those local MCP tools are also the permission boundary: an MCP client should not
|
|
131
|
-
use shell or file tools to inspect the user's folders or repositories for setup.
|
|
132
|
-
|
|
133
|
-
Use `--json` when an agent or setup script needs machine-readable endpoint and
|
|
134
|
-
header details.
|
|
135
|
-
|
|
136
|
-
Install an existing MCP login later:
|
|
55
|
+
Interactive first run:
|
|
137
56
|
|
|
138
57
|
```sh
|
|
139
|
-
npx -y askshepherd@latest
|
|
58
|
+
npx -y askshepherd@latest
|
|
140
59
|
```
|
|
141
60
|
|
|
142
|
-
|
|
143
|
-
onboarding session before configuring clients, so already-onboarded customers
|
|
144
|
-
do not need to sign in again. Local Messages continues syncing through its
|
|
145
|
-
LaunchAgent and cloud sources continue syncing through production pollers; MCP
|
|
146
|
-
auth only controls read access to that customer's production memory/wiki data.
|
|
147
|
-
|
|
148
|
-
Install targets can also be provided non-interactively:
|
|
61
|
+
Agent-led setup:
|
|
149
62
|
|
|
150
63
|
```sh
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
After install, customers can immediately ask their coding agent questions like:
|
|
156
|
-
|
|
157
|
-
```text
|
|
158
|
-
Use Shepherd to catch me up on what the team discussed yesterday.
|
|
159
|
-
Use Shepherd to search Slack, Gmail, Messages, Granola, and the wiki for launch blockers.
|
|
160
|
-
Use Shepherd to find the last meeting where we discussed the enterprise pilot.
|
|
161
|
-
Use Shepherd to summarize open follow-ups from this week's memory.
|
|
162
|
-
Use Shepherd to tell me what coding agents already worked on in this repo.
|
|
64
|
+
shepherd login
|
|
65
|
+
shepherd onboard --name "<full_name>" --org "<organization>" --sources google,notion,slack,github,granola,messages,coding-sessions
|
|
66
|
+
shepherd continue
|
|
67
|
+
shepherd status
|
|
163
68
|
```
|
|
164
69
|
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
70
|
+
`shepherd continue` resumes after browser auth, Google Workspace delegation,
|
|
71
|
+
GitHub PAT/repository entry, Granola key entry, Messages chat selection, or
|
|
72
|
+
local sync setup. GitHub OAuth is tools-only; use `--github-token` and
|
|
73
|
+
`--github-repo` with `shepherd continue` when GitHub needs webhook-backed event
|
|
74
|
+
sync coverage.
|
|
169
75
|
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
Business customers connect Google Workspace once as an admin. Employees do not create service accounts and do not each complete Google OAuth for Gmail, Calendar, Drive, Docs, Sheets, Slides, Tasks, or Contacts.
|
|
173
|
-
|
|
174
|
-
Customer-side setup in Google Admin Console:
|
|
175
|
-
|
|
176
|
-
```text
|
|
177
|
-
App name: Shepherd
|
|
178
|
-
Service account email: gigabrain-delegation@shepherd-gigabrain.iam.gserviceaccount.com
|
|
179
|
-
Domain-wide delegation OAuth Client ID: 118363960386741325727
|
|
180
|
-
```
|
|
181
|
-
|
|
182
|
-
The customer super admin authorizes that Client ID with the scopes printed by the CLI. The customer does not upload service account JSON; Shepherd stores its private service account JSON server-side in `GOOGLE_WORKSPACE_SERVICE_ACCOUNT_KEY_JSON` and requests delegated tokens with `sub=<allowed_employee_email>`.
|
|
183
|
-
|
|
184
|
-
Shepherd must still enforce selected users and groups internally before impersonating or polling employee emails.
|
|
185
|
-
|
|
186
|
-
## Options
|
|
76
|
+
If the agent is blocked or unsure which step is next, run:
|
|
187
77
|
|
|
188
78
|
```sh
|
|
189
|
-
|
|
190
|
-
--name <name> Full name
|
|
191
|
-
--org <name> Organization name
|
|
192
|
-
--granola-api-key <key> Granola API key
|
|
193
|
-
--messages-handle <value> Messages phone number or Apple ID email
|
|
194
|
-
--messages-chat-ids <ids> Comma-separated chat IDs selected from messages-chats, or `all` to watch every current and future chat
|
|
195
|
-
--messages-backfill-days Local Messages backfill window, default all selected chat history
|
|
196
|
-
--api <url> Advanced: Shepherd API URL. Use only for non-production experiments or local/staging testing.
|
|
197
|
-
--no-google Skip Google Workspace (Gmail/Drive/Docs/Calendar/Sheets/Slides/Tasks/Contacts)
|
|
198
|
-
--no-slack Skip Slack
|
|
199
|
-
--no-granola Skip Granola
|
|
200
|
-
--no-open-granola Do not open the Granola API key screen
|
|
201
|
-
--no-messages Skip local Messages
|
|
202
|
-
--coding-sessions Opt in to local Codex/Claude Code session summary sync
|
|
203
|
-
--sources <list> Exact sources to connect: google,slack,granola,messages,coding-sessions,all
|
|
204
|
-
--add-sources <list> Same as --sources, named for second-time onboarding
|
|
205
|
-
--no-open Print auth URLs instead of opening the browser
|
|
79
|
+
shepherd troubleshoot
|
|
206
80
|
```
|
|
207
81
|
|
|
208
|
-
##
|
|
82
|
+
## Tool Calls
|
|
209
83
|
|
|
210
|
-
|
|
211
|
-
Coding Sessions or by passing:
|
|
84
|
+
List tools:
|
|
212
85
|
|
|
213
86
|
```sh
|
|
214
|
-
|
|
87
|
+
shepherd tools --json
|
|
215
88
|
```
|
|
216
89
|
|
|
217
|
-
|
|
90
|
+
Call an exact Shepherd MCP tool:
|
|
218
91
|
|
|
219
92
|
```sh
|
|
220
|
-
|
|
93
|
+
shepherd <tool_name> --args '<json_object>'
|
|
221
94
|
```
|
|
222
95
|
|
|
223
|
-
The
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
Shepherd writes a concise `building/index.md` recent-work ledger plus detailed
|
|
228
|
-
session pages under `coding-sessions/` for MCP drill-in.
|
|
96
|
+
The CLI dynamically lists/calls the same production MCP memory/wiki/evidence
|
|
97
|
+
tools available to the authenticated customer, plus local setup/status tools.
|
|
98
|
+
Do not pass `--env` for normal customer setup or tool calls; the default is the
|
|
99
|
+
Production Customer `deploy` lane.
|
|
229
100
|
|
|
230
|
-
|
|
101
|
+
For authenticated `askshepherd.ai` accounts only, target another deployed
|
|
102
|
+
environment for tool listing, tool execution, and backend data together:
|
|
231
103
|
|
|
232
104
|
```sh
|
|
233
|
-
|
|
234
|
-
|
|
105
|
+
shepherd mcp-login --env canary --no-install
|
|
106
|
+
shepherd tools --env canary --json
|
|
107
|
+
shepherd <tool_name> --env customer-facing --args '<json_object>'
|
|
235
108
|
```
|
|
236
109
|
|
|
237
|
-
|
|
110
|
+
Check wiki readiness explicitly before memory/wiki answers when setup just
|
|
111
|
+
finished or readiness is uncertain:
|
|
238
112
|
|
|
239
|
-
|
|
113
|
+
```sh
|
|
114
|
+
shepherd shepherd_wiki_status
|
|
115
|
+
```
|
|
240
116
|
|
|
241
|
-
|
|
242
|
-
|
|
117
|
+
If it returns `status: "wiki_not_ready"`, agents should report progress/ETA and
|
|
118
|
+
wait instead of answering from incomplete memory.
|
|
243
119
|
|
|
244
|
-
|
|
120
|
+
## Skill
|
|
245
121
|
|
|
246
|
-
|
|
122
|
+
Print the bundled agent skill:
|
|
247
123
|
|
|
248
124
|
```sh
|
|
249
|
-
|
|
125
|
+
shepherd skill
|
|
250
126
|
```
|
|
251
127
|
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
The browser selector displays the first page of recent chats and lets the user search contacts or groups loaded from local Messages. It also has an explicit "Sync all current and future chats" option for users who want Shepherd to backfill every current local Messages chat and keep watching chats that appear later. Do not use this option by default; it is for explicit user approval.
|
|
255
|
-
|
|
256
|
-
Pass the selected chat IDs when finishing onboarding:
|
|
128
|
+
Install it into Codex:
|
|
257
129
|
|
|
258
130
|
```sh
|
|
259
|
-
|
|
131
|
+
shepherd skill --install codex
|
|
260
132
|
```
|
|
261
133
|
|
|
262
|
-
|
|
134
|
+
Install it into Claude Code, or both Codex and Claude Code:
|
|
263
135
|
|
|
264
136
|
```sh
|
|
265
|
-
|
|
137
|
+
shepherd skill --install claude
|
|
138
|
+
shepherd skill --install all
|
|
266
139
|
```
|
|
267
140
|
|
|
268
|
-
|
|
141
|
+
The skill is usage-focused: it teaches agents how to check setup and wiki
|
|
142
|
+
readiness, use exact Shepherd tools, avoid local filesystem probing for
|
|
143
|
+
Shepherd setup, and handle broad memory questions with iMessage-agent-style
|
|
144
|
+
evidence behavior. Onboarding instructions come from `shepherd guide`.
|
|
269
145
|
|
|
270
|
-
|
|
146
|
+
## Runtime Internals
|
|
271
147
|
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
148
|
+
The package still ships the `shepherd-onboard` engine binary for local runtime
|
|
149
|
+
entrypoints used by MCP clients, Messages sync, Coding Sessions sync, and the
|
|
150
|
+
macOS app. The public user-facing CLI is `shepherd`.
|