askshepherd 0.1.42 → 0.1.45

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -1,274 +1,150 @@
1
- # AskShepherd Support CLI
1
+ # AskShepherd CLI
2
2
 
3
- Support/developer CLI for Shepherd production onboarding and MCP. Normal
4
- customers should use the Shepherd macOS app; the app bundles this same engine
5
- and installs background sync/MCP without asking customers to run `npx`.
6
-
7
- The npm package is `askshepherd`. The installed binary also exposes `shepherd`,
8
- and the support CLI uses the package name:
9
-
10
- ```sh
11
- claude "Run Shepherd customer onboarding with: npx -y askshepherd@latest agent. Ask me the onboarding questions, do not infer answers from local context, and continue through the follow-up commands it prints. After onboarding completes, ask whether to install Shepherd MCP for me into Codex, Claude Code, Cursor, any subset, or none; if I choose any, run npx -y askshepherd@latest mcp-login --install <targets>." --dangerously-skip-permissions
12
- ```
13
-
14
- ## Claude Code Onboarding Command
15
-
16
- Give this to Claude Code:
3
+ Self-serve Shepherd onboarding and memory CLI.
17
4
 
18
5
  ```sh
19
- claude "Run Shepherd customer onboarding with: npx -y askshepherd@latest agent. Ask me the onboarding questions, do not infer answers from local context, and continue through the follow-up commands it prints. After onboarding completes, ask whether to install Shepherd MCP for me into Codex, Claude Code, Cursor, any subset, or none; if I choose any, run npx -y askshepherd@latest mcp-login --install <targets>." --dangerously-skip-permissions
6
+ npx -y askshepherd@latest
20
7
  ```
21
8
 
22
- The underlying `askshepherd agent` command defaults to the customer-facing production Shepherd cloud. In coding-agent shells, it gives the agent the public onboarding checklist and follow-up commands. In a normal interactive terminal, it does not print the checklist; it points the user to the direct terminal onboarding flow instead.
23
- Claude Code onboarding asks short selection questions first: existing/new org, sources to connect, Messages skip/provide-handle, and whether to sync Coding Sessions from Codex/Claude Code. If Messages is selected, the agent runs `messages-chats`, opens a minimal searchable local webpage, and has the user select which contacts/groups to sync. If Coding Sessions is selected, onboarding installs a local LaunchAgent that syncs redacted session summaries, not full raw transcripts. Account creation/relinking always starts with Shepherd WorkOS auth. After onboarding completes, the agent asks whether to install Shepherd MCP for the signed-in customer into Codex, Claude Code, Cursor, any subset, or none.
24
- Existing-organization joins are verified from Shepherd login and company email domain; the typed org name is not trusted by itself.
25
-
26
- For experiments, pass a separate non-production API explicitly:
9
+ If the Shepherd skill is already installed, give this one line to a coding agent:
27
10
 
28
- ```sh
29
- claude "Run Shepherd customer onboarding with: npx -y askshepherd@latest agent --api https://<non-prod-brain-api>. Ask me the onboarding questions, do not infer answers from local context, and continue through the follow-up commands it prints. After onboarding completes, ask whether to install Shepherd MCP for me into Codex, Claude Code, Cursor, any subset, or none; if I choose any, run npx -y askshepherd@latest mcp-login --install <targets> --api https://<non-prod-brain-api>." --dangerously-skip-permissions
11
+ ```text
12
+ Use the Shepherd skill to onboard me to this repository before coding.
30
13
  ```
31
14
 
32
- ## Human Terminal One-liner
15
+ If the agent does not already have the skill, give it this bootstrap line:
33
16
 
34
- ```sh
35
- npx -y askshepherd@latest
17
+ ```text
18
+ Set up Shepherd for me: run `npx -y askshepherd@latest agent-setup` (installs the Codex usage skill by default; pass --install claude|all|none to change), then `npx -y askshepherd@latest guide`; follow the returned workflow, ask me where to install MCP tools, ask consent before connecting each source, then verify with `npx -y askshepherd@latest status`, `npx -y askshepherd@latest shepherd_wiki_status`, and `npx -y askshepherd@latest tools --json`.
36
19
  ```
37
20
 
38
- The command:
39
-
40
- - runs Shepherd WorkOS login/signup first
41
- - asks for name, organization, and an optional local Messages handle
42
- - creates or reuses the Shepherd customer account from the WorkOS-authenticated email
43
- - creates or reuses the organization, including case-insensitive and close-name matches
44
- - only reuses an existing organization when the authenticated account is allowed to join it
45
- - prints Google Workspace domain-wide delegation setup for a Workspace super admin
46
- - opens Slack authorization
47
- - opens the Granola desktop app to Settings -> Connectors -> API keys
48
- - collects the Granola API key after opening the Granola screen when Granola is enabled
49
- - asks the user to grant or confirm macOS Full Disk Access before local Messages sync
50
- - checks local Messages access and keeps prompting in interactive onboarding until Full Disk Access works
51
- - opens a minimal searchable local webpage with contact/group names and only syncs the chats selected by the user
52
- - sets up local macOS Messages raw sync with a background LaunchAgent scoped to the selected chats, including contact-name hydration for observed conversations
53
- - optionally sets up local Codex/Claude Code coding-session summary sync with a background LaunchAgent
54
- - starts raw polling/backfill for connected sources
55
- - asks the customer-facing production cloud to schedule downstream processing; wiki ingestion, memory artifacts, and document summaries run in separate brain services, not in the local CLI
56
-
57
- The command does not expose Railway, database, Redis, or internal service details to the user.
21
+ The default command starts onboarding. It authenticates the Shepherd account,
22
+ creates or selects the customer org, connects selected sources, starts backend
23
+ processing, saves local state, and prepares CLI tool auth.
58
24
 
59
- ## Check Sync Status
60
-
61
- Use this when the user asks "Check what I've enabled for Shepherd?":
25
+ After install, use the `shepherd` command:
62
26
 
63
27
  ```sh
64
- npx -y askshepherd@latest status
65
- npx -y askshepherd@latest status --json
28
+ npx -y askshepherd@latest agent-setup
29
+ shepherd guide
30
+ shepherd troubleshoot
31
+ shepherd login
32
+ shepherd onboard
33
+ shepherd continue
34
+ shepherd status
35
+ shepherd shepherd_wiki_status
36
+ shepherd tools --json
37
+ shepherd <tool_name> --args '<json_object>'
38
+ shepherd skill
66
39
  ```
67
40
 
68
- It reports the saved Shepherd account, connected cloud sources, downstream
69
- processing state, and local background sync health for Messages and Coding
70
- Sessions.
71
-
72
- Agents must not inspect the user's folders or repositories to answer setup
73
- status. Do not run `ls`, `find`, `rg`, `grep`, `cat`, `Read`, `Glob`, or
74
- `Explore` against the user's home directory, repositories, `~/.codex`,
75
- `~/.claude`, or `~/.shepherd` for Shepherd setup. Use the npm status command
76
- above; it performs the bounded local checks.
77
-
78
- ## Set Up Coding Agent Sessions
41
+ ## Onboarding
79
42
 
80
- Use this when the user asks "Help me set up coding agent sessions" or "Enable
81
- coding agent sessions locally for Shepherd":
43
+ One-line agent setup:
82
44
 
83
45
  ```sh
84
- npx -y askshepherd@latest agent --login
85
- npx -y askshepherd@latest agent --add-sources coding-sessions --name "<name>" --org "<organization>"
86
- npx -y askshepherd@latest agent --continue
87
- npx -y askshepherd@latest status
46
+ npx -y askshepherd@latest agent-setup
88
47
  ```
89
48
 
90
- The coding agent should ask for consent before enabling this source. The local
91
- collector syncs redacted Codex and Claude Code summaries, not full transcripts.
92
- The agent should run only the commands above and should not search the local
93
- filesystem for a Shepherd agent implementation.
94
-
95
- ## Customer MCP Login
96
-
97
- After raw onboarding creates the Shepherd customer account, customers can
98
- install the production MCP from the saved local onboarding session:
49
+ Agent-facing onboarding workflow:
99
50
 
100
51
  ```sh
101
- npx -y askshepherd@latest mcp-login
52
+ shepherd guide
102
53
  ```
103
54
 
104
- The command first verifies `~/.shepherd/raw-onboarding-agent.json` against the
105
- production API and mints an MCP token for that exact customer account. If the
106
- local onboarding session is unavailable, it falls back to Shepherd WorkOS auth
107
- and still links only an existing onboarded customer account. It writes
108
- `~/.shepherd/mcp.json` and asks where Shepherd MCP should be accessible. It can
109
- install the MCP into:
110
-
111
- - Codex CLI/app
112
- - Claude Code
113
- - Cursor IDE and Cursor Agent
114
-
115
- The saved MCP state includes:
116
-
117
- - `mcpUrl`: `https://brain-api-customer-facing.up.railway.app/mcp`
118
- - `token`: bearer token for MCP clients
119
- - `account`: linked customer account metadata
120
- - `authSource`: `local_onboarding` or `workos`
121
- - `localAuth`: raw onboarding state reference when local auth was used
122
-
123
- The installed MCP server is local npm first, remote brain second. For questions
124
- like "what do I have set up on Shepherd?", "is Shepherd syncing?", or "help me
125
- set up coding agent sessions", the MCP exposes local tools such as
126
- `shepherd_status`, `shepherd_setup_coding_sessions`, and
127
- `shepherd_enable_coding_sessions` that route agents to the local
128
- `askshepherd status` / add-source flow. Production memory and wiki tools remain
129
- remote Railway-backed tools for source recall and company-memory answers.
130
- Those local MCP tools are also the permission boundary: an MCP client should not
131
- use shell or file tools to inspect the user's folders or repositories for setup.
132
-
133
- Use `--json` when an agent or setup script needs machine-readable endpoint and
134
- header details.
135
-
136
- Install an existing MCP login later:
55
+ Interactive first run:
137
56
 
138
57
  ```sh
139
- npx -y askshepherd@latest mcp-install
58
+ npx -y askshepherd@latest
140
59
  ```
141
60
 
142
- `mcp-install` refreshes missing or near-expired MCP auth from the saved local
143
- onboarding session before configuring clients, so already-onboarded customers
144
- do not need to sign in again. Local Messages continues syncing through its
145
- LaunchAgent and cloud sources continue syncing through production pollers; MCP
146
- auth only controls read access to that customer's production memory/wiki data.
147
-
148
- Install targets can also be provided non-interactively:
61
+ Agent-led setup:
149
62
 
150
63
  ```sh
151
- npx -y askshepherd@latest mcp-login --install codex,claude,cursor
152
- npx -y askshepherd@latest mcp-install --install all
153
- ```
154
-
155
- After install, customers can immediately ask their coding agent questions like:
156
-
157
- ```text
158
- Use Shepherd to catch me up on what the team discussed yesterday.
159
- Use Shepherd to search Slack, Gmail, Messages, Granola, and the wiki for launch blockers.
160
- Use Shepherd to find the last meeting where we discussed the enterprise pilot.
161
- Use Shepherd to summarize open follow-ups from this week's memory.
162
- Use Shepherd to tell me what coding agents already worked on in this repo.
64
+ shepherd login
65
+ shepherd onboard --name "<full_name>" --org "<organization>" --sources google,notion,slack,github,granola,messages,coding-sessions
66
+ shepherd continue
67
+ shepherd status
163
68
  ```
164
69
 
165
- The production MCP gives onboarded customers the same read/QA behavior that made
166
- the internal Shepherd MCP useful: summary-first answers, wiki search/read, and
167
- source drill-in. Internal local sync, admin, replay, write/delete, and cache
168
- maintenance tools are not exposed to customers.
70
+ `shepherd continue` resumes after browser auth, Google Workspace delegation,
71
+ GitHub PAT/repository entry, Granola key entry, Messages chat selection, or
72
+ local sync setup. GitHub OAuth is tools-only; use `--github-token` and
73
+ `--github-repo` with `shepherd continue` when GitHub needs webhook-backed event
74
+ sync coverage.
169
75
 
170
- ## Google Workspace Domain-wide Delegation
171
-
172
- Business customers connect Google Workspace once as an admin. Employees do not create service accounts and do not each complete Google OAuth for Gmail, Calendar, Drive, Docs, Sheets, Slides, Tasks, or Contacts.
173
-
174
- Customer-side setup in Google Admin Console:
175
-
176
- ```text
177
- App name: Shepherd
178
- Service account email: gigabrain-delegation@shepherd-gigabrain.iam.gserviceaccount.com
179
- Domain-wide delegation OAuth Client ID: 118363960386741325727
180
- ```
181
-
182
- The customer super admin authorizes that Client ID with the scopes printed by the CLI. The customer does not upload service account JSON; Shepherd stores its private service account JSON server-side in `GOOGLE_WORKSPACE_SERVICE_ACCOUNT_KEY_JSON` and requests delegated tokens with `sub=<allowed_employee_email>`.
183
-
184
- Shepherd must still enforce selected users and groups internally before impersonating or polling employee emails.
185
-
186
- ## Options
76
+ If the agent is blocked or unsure which step is next, run:
187
77
 
188
78
  ```sh
189
- --email <email> Advanced: must match the WorkOS-authenticated email
190
- --name <name> Full name
191
- --org <name> Organization name
192
- --granola-api-key <key> Granola API key
193
- --messages-handle <value> Messages phone number or Apple ID email
194
- --messages-chat-ids <ids> Comma-separated chat IDs selected from messages-chats, or `all` to watch every current and future chat
195
- --messages-backfill-days Local Messages backfill window, default all selected chat history
196
- --api <url> Advanced: Shepherd API URL. Use only for non-production experiments or local/staging testing.
197
- --no-google Skip Google Workspace (Gmail/Drive/Docs/Calendar/Sheets/Slides/Tasks/Contacts)
198
- --no-slack Skip Slack
199
- --no-granola Skip Granola
200
- --no-open-granola Do not open the Granola API key screen
201
- --no-messages Skip local Messages
202
- --coding-sessions Opt in to local Codex/Claude Code session summary sync
203
- --sources <list> Exact sources to connect: google,slack,granola,messages,coding-sessions,all
204
- --add-sources <list> Same as --sources, named for second-time onboarding
205
- --no-open Print auth URLs instead of opening the browser
79
+ shepherd troubleshoot
206
80
  ```
207
81
 
208
- ## Coding Sessions
82
+ ## Tool Calls
209
83
 
210
- Customers can add coding-session sync during first onboarding by selecting
211
- Coding Sessions or by passing:
84
+ List tools:
212
85
 
213
86
  ```sh
214
- npx -y askshepherd@latest agent --sources coding-sessions --name "<name>" --org "<organization>"
87
+ shepherd tools --json
215
88
  ```
216
89
 
217
- Already-onboarded customers can add it later:
90
+ Call an exact Shepherd MCP tool:
218
91
 
219
92
  ```sh
220
- npx -y askshepherd@latest agent --add-sources coding-sessions --name "<name>" --org "<organization>"
93
+ shepherd <tool_name> --args '<json_object>'
221
94
  ```
222
95
 
223
- The local collector reads Codex session JSONL under `~/.codex/sessions` and
224
- Claude Code JSONL under `~/.claude/projects`, redacts sensitive values locally,
225
- and uploads bounded summaries with repo, command, file, verification, and
226
- follow-up metadata. It does not upload full raw transcripts. In production,
227
- Shepherd writes a concise `building/index.md` recent-work ledger plus detailed
228
- session pages under `coding-sessions/` for MCP drill-in.
96
+ The CLI dynamically lists/calls the same production MCP memory/wiki/evidence
97
+ tools available to the authenticated customer, plus local setup/status tools.
98
+ Do not pass `--env` for normal customer setup or tool calls; the default is the
99
+ Production Customer `deploy` lane.
229
100
 
230
- Check local and production sync health:
101
+ For authenticated `askshepherd.ai` accounts only, target another deployed
102
+ environment for tool listing, tool execution, and backend data together:
231
103
 
232
104
  ```sh
233
- npx -y askshepherd@latest coding-sessions-status
234
- npx -y askshepherd@latest coding-sessions-status --json
105
+ shepherd mcp-login --env canary --no-install
106
+ shepherd tools --env canary --json
107
+ shepherd <tool_name> --env customer-facing --args '<json_object>'
235
108
  ```
236
109
 
237
- ## Messages Chat Selection
110
+ Check wiki readiness explicitly before memory/wiki answers when setup just
111
+ finished or readiness is uncertain:
238
112
 
239
- Local Messages sync on macOS needs Full Disk Access. During onboarding, Shepherd asks the user to grant or confirm Full Disk Access for:
113
+ ```sh
114
+ shepherd shepherd_wiki_status
115
+ ```
240
116
 
241
- - the app running onboarding, such as Terminal, iTerm, Claude Code, or Codex
242
- - the Node.js binary used by the background LaunchAgent
117
+ If it returns `status: "wiki_not_ready"`, agents should report progress/ETA and
118
+ wait instead of answering from incomplete memory.
243
119
 
244
- The Messages selector validates access to `~/Library/Messages/chat.db`, opens System Settings -> Privacy & Security -> Full Disk Access if access is missing, and keeps checking in interactive onboarding until access works. Background sync install also checks that launchd can start the Messages agent. Contacts permission may also appear when Shepherd resolves local contact names. The background agent reloads Contacts on startup, watches AddressBook changes when available, and runs a periodic fallback sync so renamed contacts can hydrate prior ingested Messages rows for that customer account.
120
+ ## Skill
245
121
 
246
- Open the local Messages chat selector:
122
+ Print the bundled agent skill:
247
123
 
248
124
  ```sh
249
- npx -y askshepherd@latest messages-chats
125
+ shepherd skill
250
126
  ```
251
127
 
252
- Use `--json` for machine-readable chat metadata, or `--text` for a terminal list.
253
-
254
- The browser selector displays the first page of recent chats and lets the user search contacts or groups loaded from local Messages. It also has an explicit "Sync all current and future chats" option for users who want Shepherd to backfill every current local Messages chat and keep watching chats that appear later. Do not use this option by default; it is for explicit user approval.
255
-
256
- Pass the selected chat IDs when finishing onboarding:
128
+ Install it into Codex:
257
129
 
258
130
  ```sh
259
- npx -y askshepherd@latest agent --continue --messages-handle "<phone_or_apple_id>" --messages-chat-ids "<id1>,<id2>"
131
+ shepherd skill --install codex
260
132
  ```
261
133
 
262
- Or, with explicit approval to sync all local Messages chats:
134
+ Install it into Claude Code, or both Codex and Claude Code:
263
135
 
264
136
  ```sh
265
- npx -y askshepherd@latest agent --continue --messages-handle "<phone_or_apple_id>" --messages-chat-ids all
137
+ shepherd skill --install claude
138
+ shepherd skill --install all
266
139
  ```
267
140
 
268
- ## Granola API Keys
141
+ The skill is usage-focused: it teaches agents how to check setup and wiki
142
+ readiness, use exact Shepherd tools, avoid local filesystem probing for
143
+ Shepherd setup, and handle broad memory questions with iMessage-agent-style
144
+ evidence behavior. Onboarding instructions come from `shepherd guide`.
269
145
 
270
- If Granola does not land on the API keys page, run:
146
+ ## Runtime Internals
271
147
 
272
- ```sh
273
- npx -y askshepherd@latest granola-api-keys
274
- ```
148
+ The package still ships the `shepherd-onboard` engine binary for local runtime
149
+ entrypoints used by MCP clients, Messages sync, Coding Sessions sync, and the
150
+ macOS app. The public user-facing CLI is `shepherd`.