auramaxx 0.0.13 → 0.0.14

package/README.md

@@ -41,7 +41,7 @@ npx auramaxx get OURSECRET
 
 Agent verify prompt:
 
-`Use auramaxx to get the secret OURSECRET.`
+`Use auramaxx skill to get OURSECRET.`
 
 ## Agent Setup
 

package/docs/AGENT_SETUP.md

@@ -157,7 +157,7 @@ auramaxx get OURSECRET
 
 Then ask your agent:
 
-`Use auramaxx to get the secret OURSECRET.`
+`Use auramaxx skill to get OURSECRET.`
 
 ---
 

package/docs/AUTH.md

@@ -230,7 +230,7 @@ Rejected:
 | Profile | Permissions | Read Scopes | Write Scopes | Excluded Fields | TTL | Max Reads |
 |---------|------------|-------------|-------------|-----------------|-----|-----------|
 | `strict` | `secret:read` | `agent:primary, agent:agent` | none | `password, cvv, privateKey, seedPhrase, refresh_token` | 1 hour | 50 |
-| `dev` | `wallet:list, secret:read, secret:write, action:create, action:read, action:resolve` | `agent:*` | `agent:*` | `cvv, seedPhrase, privateKey, refresh_token` | 7 days | 500 |
+| `dev` | `wallet:list, secret:read, secret:write, action:create, action:read, action:resolve` | `agent:primary, agent:agent` | `agent:primary, agent:agent` | `cvv, seedPhrase, privateKey, refresh_token` | 7 days | 500 |
 | `admin` | `admin:*` | `*` | `*` | none | 7 days | unlimited |
 
 Strict one-shot (temp) approval claims are capped to 5 minutes (`300s`).

package/docs/MCP.md

@@ -51,6 +51,15 @@ Use this flow first. It mirrors the `WORKING_WITH_SECRETS.md` command patterns.
 
 - This returns redacted output (`"secret": "*******"`) and sets `AURA_DONTLOOK` in MCP server process scope.
 
+Explicit protected field request:
+
+```json
+{
+  "name": "DONTLOOK",
+  "field": "password"
+}
+```
+
 Command-scoped injection (recommended):
 
 ```json
@@ -90,6 +99,7 @@ Filter by name/tag/agent:
 ```json
 {
   "name": "DONTLOOK",
+  "field": "password",
   "envVar": "AURA_DONTNOTE",
   "command": ["/bin/zsh", "-lc", "printenv AURA_DONTNOTE"]
 }
@@ -164,7 +174,9 @@ Diary notes use canonical note field key `content` (`value` is accepted as a leg
 Note:
 - Typed tools (`get_secret`, `put_secret`, `del_secret`, `share_secret`, `inject_secret`, `write_diary`, `approve`) use the active MCP token directly.
 - `get_secret` and `inject_secret` are redacted by default (`secret: "*******"`). Set `dangerPlaintext: true` only for break-glass local debugging.
+- `dangerPlaintext` only controls output masking. It does not request additional credential fields and does not trigger approval by itself.
 - `get_secret` uses the default env var name `AURA_{SECRETNAME}`.
+- `get_secret` and `inject_secret` accept optional `field`. When set, MCP sends `requestedFields` to `/credentials/:id/read` so excluded-field approvals happen only for explicitly requested protected fields.
 - Both tools accept optional `command` (array of executable + args). When omitted, they return a `whatDo` guidance block and keep scope in MCP server process.
 - Typed helpers have **built-in 403 escalation** — on permission denied they automatically return a structured `requiresHumanApproval` response. You do not need to detect 403s yourself for typed tools.
 - `auth` does not auto-poll in background. It returns explicit `approveUrl` + `pollUrl` + `claim` guidance plus typed actions (`claimAction`, `retryAction`); callers must claim explicitly via `get_token`.

package/docs/SKILLS.md

@@ -116,7 +116,7 @@ auramaxx set OURSECRET "hello from the agent"
 
 Ask your agent:
 
-`Use auramaxx to get the secret OURSECRET.`
+`Use auramaxx skill to get OURSECRET.`
 
 ---
 

package/docs/api/secrets/credentials.md

@@ -74,6 +74,15 @@ Read:
 ```http
 POST /credentials/:id/read
 Authorization: Bearer <token>
+Content-Type: application/json
+
+{
+  "requestedFields": ["password"]
+}
 ```
 
 Response returns encrypted payload (never plaintext secret fields for non-admin agents).
+
+`requestedFields` is optional:
+- If omitted, excluded fields are redacted/omitted and no excluded-field approval is raised.
+- If present and it explicitly includes an excluded field (for example `cvv`), the route can return `DENY_EXCLUDED_FIELD` and one-shot approval metadata.

package/docs/external/POLICY.md

@@ -21,8 +21,8 @@ Canonical token payload shape:
   },
   "walletAccess": ["0x..."],
   "credentialAccess": {
-    "read": ["agent:*"],
-    "write": ["agent:*"],
+    "read": ["agent:primary"],
+    "write": ["agent:primary"],
     "excludeFields": ["cvv", "password"],
     "ttl": 3600,
     "maxReads": 500

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auramaxx",
-  "version": "0.0.13",
+  "version": "0.0.14",
   "description": "Securely share passwords, API keys and wallets with your agent.",
   "keywords": [
     "onepassword",

package/skills/auramaxx/SKILL.md

@@ -23,48 +23,30 @@ Always use this skill when user intent matches any of these:
 - "give me my credit card details"
 - "run this command with my <secret>"
 
-## Auth Precedence
-
-CLI auth order:
-
-1. `AURA_TOKEN` env
-2. socket bootstrap
-3. `/auth` fallback
-
-Notes:
-
-- No stored-session fallback in this chain.
-- If `--profile` / `--profile-version` are omitted, CLI resolves from `trust.localProfile` / `trust.localProfileVersion`, then seed defaults (`admin`, `v1`).
-- `AURA_AUTH_PROFILE` / `AURA_AGENT_PROFILE` are not used for CLI fallback profile selection.
-
 ## Retrieval Flow (Do This First)
 
 For login/API key/card/password requests:
 
-1. List first with a scoped query.
-2. Select the matching credential.
-3. Then run `get` (for read) or `inject` (for command execution).
+1. Use `npx auramaxx get SECRET` first to trigger the protected read.
+2. If it returns `reqId` + `approveUrl`, send the `approveUrl` to the human.
+3. After approval, claim the request by `reqId`.
+4. Retry the original read once with `--reqId`.
 
 Examples:
 
 ```bash
-aura list --name facebook --json
-aura list --name stripe --json
-aura list --name visa --json
+npx auramaxx get SECRET
+aura auth claim <reqId> --json
+npx auramaxx get SECRET --reqId <reqId>
 ```
 
-If ambiguous, narrow by field:
+If you need to find the exact credential name first, list with a scoped query:
 
 ```bash
+aura list --name facebook --json
 aura list --name facebook --field username --json
 ```
 
-API equivalent:
-
-```text
-GET /credentials?q=facebook
-```
-
 ## Concrete CLI Examples
 
 ```bash
@@ -102,11 +84,11 @@ aura get FACEBOOK_LOGIN --reqId <reqId>
 
 ## 403 Handling
 
-If response includes `reqId`:
+If the denial response includes `reqId` + `approveUrl`:
 
-1. Ask human to approve.
-2. Claim token (`aura auth claim <reqId> --json`).
-3. Retry original command with same `reqId` when required.
+1. Send the human the direct `approveUrl`.
+2. Claim with `aura auth claim <reqId> --json`.
+3. Retry the original command with `--reqId <reqId>`.
 
 If 403 has no `reqId`:
 

package/skills/auramaxx/docs/AGENT_SETUP.md

@@ -146,7 +146,7 @@ auramaxx get OURSECRET
 
 Then ask your agent:
 
-`Use auramaxx to get the secret OURSECRET.`
+`Use auramaxx skill to get OURSECRET.`
 
 ---
 

package/src/app/UnlockPageClient.tsx

@@ -47,23 +47,23 @@ type LocalPolicySettings = {
   projectScopeMode: ProjectScopeMode;
 };
 
-const LOCAL_POLICY_PROFILES: LocalAgentMode[] = ['strict', 'dev', 'admin'];
+const LOCAL_POLICY_PROFILES: LocalAgentMode[] = ['admin', 'dev', 'strict'];
 const LOCAL_PROJECT_SCOPE_MODES: ProjectScopeMode[] = ['auto', 'strict', 'off'];
 const LOCAL_PROFILE_ITEM_OPTIONS = [
   {
-    value: 'strict',
-    label: 'strict',
-    description: 'Minimal local token scope with explicit allowlists.',
+    value: 'admin',
+    label: 'maxx (admin)',
+    description: 'Full access. Use only when you fully trust the agent.',
   },
   {
     value: 'dev',
-    label: 'dev',
-    description: 'Balanced local automation with scoped defaults.',
+    label: 'mid (dev)',
+    description: 'Access to most things. Human approval for stuff like CVV.',
   },
   {
-    value: 'admin',
-    label: 'admin (dangerous)',
-    description: 'Broad token scope. Use only in tightly controlled local environments.',
+    value: 'strict',
+    label: 'sus (local)',
+    description: 'Most locked down. Every request needs manual approval.',
   },
 ] as const;
 const LOCAL_PROJECT_SCOPE_ITEM_OPTIONS = [

package/src/app/api/update/route.ts

@@ -3,12 +3,13 @@ import { spawn } from 'child_process';
 import { join } from 'path';
 import { mkdirSync } from 'fs';
 import { homedir } from 'os';
-import { buildUpdateCommand, buildUpdateFallbackCommand } from '@/server/lib/update-check';
+import { buildUpdateCommand, buildUpdateFallbackCommand, buildUpdateForceCommand } from '@/server/lib/update-check';
 import { clearVersionCheckCache } from '@/server/lib/version-check-cache';
 
 export async function POST() {
   try {
     const primaryCommand = buildUpdateCommand();
+    const forceCommand = buildUpdateForceCommand();
     const fallbackCommand = buildUpdateFallbackCommand();
     const projectRoot = process.cwd();
     const cliEntrypoint = join(projectRoot, 'bin', 'auramaxx.js');
@@ -19,7 +20,6 @@ export async function POST() {
 
     const stopCommand = `${JSON.stringify(process.execPath)} ${JSON.stringify(cliEntrypoint)} stop`;
     const startCommand = `${JSON.stringify(process.execPath)} ${JSON.stringify(cliEntrypoint)} start`;
-    const uninstallCommand = 'npm uninstall -g auramaxx';
 
     // Detached worker allows update to stop/restart services without
     // depending on the current dashboard process staying alive.
@@ -28,10 +28,10 @@ const { execSync } = require('child_process');
 const fs = require('fs');
 const logPath = process.env.AURA_UPDATE_LOG;
 const primaryCommand = process.env.AURA_UPDATE_PRIMARY;
+const forceCommand = process.env.AURA_UPDATE_FORCE;
 const fallbackCommand = process.env.AURA_UPDATE_FALLBACK;
 const stopCommand = process.env.AURA_UPDATE_STOP;
 const startCommand = process.env.AURA_UPDATE_START;
-const uninstallCommand = process.env.AURA_UPDATE_UNINSTALL;
 
 function now() {
   return new Date().toISOString();
@@ -73,15 +73,14 @@ if (run(primaryCommand, { allowFailure: true })) {
   process.exit(0);
 }
 
-append(\`[\${now()}] primary install failed; retrying clean reinstall\`);
-run(uninstallCommand, { allowFailure: true });
-if (run(primaryCommand, { allowFailure: true })) {
+append(\`[\${now()}] primary install failed; retrying forced install\`);
+if (run(forceCommand, { allowFailure: true })) {
   run(startCommand, { allowFailure: true });
-  append(\`[\${now()}] update workflow completed (clean reinstall)\`);
+  append(\`[\${now()}] update workflow completed (forced install)\`);
   process.exit(0);
 }
 
-append(\`[\${now()}] clean reinstall failed; falling back to npx start\`);
+append(\`[\${now()}] forced install failed; falling back to npx start\`);
 const fallbackOk = run(fallbackCommand, { allowFailure: true });
 append(\`[\${now()}] update workflow completed (\${fallbackOk ? 'npx fallback' : 'failed'})\`);
 process.exit(fallbackOk ? 0 : 1);
@@ -93,10 +92,10 @@ process.exit(fallbackOk ? 0 : 1);
         ...process.env,
         AURA_UPDATE_LOG: logPath,
         AURA_UPDATE_PRIMARY: primaryCommand,
+        AURA_UPDATE_FORCE: forceCommand,
         AURA_UPDATE_FALLBACK: fallbackCommand,
         AURA_UPDATE_STOP: stopCommand,
         AURA_UPDATE_START: startCommand,
-        AURA_UPDATE_UNINSTALL: uninstallCommand,
       },
       detached: true,
       stdio: 'ignore',
@@ -107,7 +106,7 @@ process.exit(fallbackOk ? 0 : 1);
     return NextResponse.json({
       success: true,
       deferred: true,
-      message: 'Update workflow started: stop -> install -> start, retry uninstall/install, then npx fallback.',
+      message: 'Update workflow started: stop -> install -> force-install retry -> npx fallback.',
       output: `Running in background. Log: ${logPath}`,
       logPath,
       pid: worker.pid,

package/src/app/yo/page.tsx

@@ -310,7 +310,7 @@ export default function YoPage() {
             rel="noopener noreferrer"
             className="text-[10px] text-[var(--color-text-muted,#6b7280)] hover:text-[var(--color-text,#0a0a0a)] transition-colors"
           >
-            by @hi_im_nico, with love
+            🗿 by @hi_im_nico, with love
           </a>
         </div>
       </div>

package/src/server/cli/commands/agent.ts

@@ -51,6 +51,30 @@ interface AuthSession {
   privateKeyPem?: string;
 }
 
+function decodeAgentTokenPayload(
+  token: string,
+): { permissions?: unknown } | undefined {
+  const trimmed = token.trim();
+  if (!trimmed) return undefined;
+  const [payloadSegment] = trimmed.split('.', 1);
+  if (!payloadSegment) return undefined;
+  try {
+    const decoded = Buffer.from(payloadSegment, 'base64url').toString('utf8');
+    const parsed = JSON.parse(decoded) as unknown;
+    if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) return undefined;
+    return parsed as { permissions?: unknown };
+  } catch {
+    return undefined;
+  }
+}
+
+function resolveAdminPermissionFromToken(token: string): boolean | undefined {
+  const payload = decodeAgentTokenPayload(token);
+  if (!payload) return undefined;
+  if (!Array.isArray(payload.permissions)) return false;
+  return payload.permissions.some((permission) => permission === 'admin:*');
+}
+
 async function getAuthToken(
   keypair: EphemeralKeypair,
   authSelection?: ProfileIssuanceSelection,
@@ -109,6 +133,13 @@ async function getReadToken(input: {
   authSelection?: ProfileIssuanceSelection;
   fallbackDecryptPrivateKeyPem: string;
 }): Promise<{ readToken: string; decryptPrivateKeyPem: string }> {
+  const hasAdminPermission = resolveAdminPermissionFromToken(input.authToken);
+  if (hasAdminPermission === false) {
+    // Non-admin session tokens cannot call /actions/token.
+    // Skip delegated token minting to avoid a guaranteed 403 escalation cycle.
+    return { readToken: input.authToken, decryptPrivateKeyPem: input.fallbackDecryptPrivateKeyPem };
+  }
+
   try {
     const readToken = await createReadToken(
       serverUrl(),
@@ -245,15 +276,26 @@ async function readCredential(
   options?: {
     retryCommandTemplate?: string;
     originalCommand?: string;
+    requestedFields?: string[];
   },
 ): Promise<DecryptedCredential> {
   const originalCommand = String(options?.originalCommand || '').trim();
+  const requestedFields = Array.from(new Set(
+    (options?.requestedFields || [])
+      .map((value) => String(value || '').trim())
+      .filter((value) => value.length > 0),
+  ));
+  const requestBody = requestedFields.length > 0
+    ? JSON.stringify({ requestedFields })
+    : undefined;
   const res = await fetch(`${serverUrl()}/credentials/${credentialId}/read`, {
     method: 'POST',
     headers: {
       'Authorization': `Bearer ${readToken}`,
+      ...(requestBody ? { 'Content-Type': 'application/json' } : {}),
       ...(originalCommand ? { 'X-Aura-Original-Command': originalCommand } : {}),
     },
+    ...(requestBody ? { body: requestBody } : {}),
     signal: AbortSignal.timeout(8_000),
   });
   if (!res.ok) {
@@ -1250,9 +1292,13 @@ export async function runAgentCli(args: string[]): Promise<number> {
       if (!readAuthContext) return 1;
 
       try {
+        const requestedFields = [
+          getCredentialPrimaryFieldKey(normalizeCredentialType(target.type)),
+        ];
         const decrypted = await readCredential(target.id, readAuthContext.readToken, readAuthContext.privateKeyPem, {
           retryCommandTemplate,
           originalCommand,
+          requestedFields,
         });
         const primarySecret = resolvePrimarySecretField(
           normalizeCredentialType(decrypted.type || target.type),
@@ -1299,11 +1345,23 @@ export async function runAgentCli(args: string[]): Promise<number> {
       });
       if (!readAuthContext) return 1;
 
+      const resolvedTargetType = normalizeCredentialType(target.type);
+      const requestedReadFields = flagJson
+        ? (fieldName
+            ? [canonicalizeCredentialFieldKey(resolvedTargetType, fieldName)]
+            : ['*'])
+        : execCommand.length > 0
+          ? [getCredentialPrimaryFieldKey(resolvedTargetType)]
+          : fieldName
+            ? [canonicalizeCredentialFieldKey(resolvedTargetType, fieldName)]
+            : [getCredentialPrimaryFieldKey(resolvedTargetType)];
+
       let decrypted: DecryptedCredential;
       try {
         decrypted = await readCredential(target.id, readAuthContext.readToken, readAuthContext.privateKeyPem, {
           retryCommandTemplate,
           originalCommand,
+          requestedFields: requestedReadFields,
         });
       } finally {
         finalizeReadAuthContext(readAuthContext);

package/src/server/cli/commands/init.ts

@@ -335,30 +335,30 @@ async function readPasswordFromStdin(timeoutMs = 15_000): Promise<string> {
 }
 
 async function configureLocalSocketTrust(token: string): Promise<void> {
-  printSection('Local Agent Trust', 'Choose default local agent mode.');
+  printSection('Local Agent Trust', 'How much do you trust your agent?');
 
   const profile = resolveLocalAgentModeChoice(
     await promptSelect(
-      '  Local agent mode',
+      '  How much do you trust your agent?',
       [
-        { value: 'dev', label: 'dev', aliases: ['1', 'recommended'] },
-        { value: 'strict', label: 'strict', aliases: ['2'] },
-        { value: 'admin', label: 'admin', aliases: ['3', 'dangerous'] },
+        { value: 'admin', label: 'maxx (admin)', aliases: ['1', 'default', 'maxx', 'work'] },
+        { value: 'dev', label: 'mid (dev)', aliases: ['2', 'mid', 'dev', 'recommended'] },
+        { value: 'strict', label: 'sus (local)', aliases: ['3', 'sus', 'local', 'strict'] },
       ],
-      'dev',
+      'admin',
     ),
   );
   await persistLocalAgentTrustDefaults(token, profile);
 
   if (profile === 'strict') {
-    console.log('  ✓ Strict mode enabled. Local auto-approve is OFF; agent requests require manual approval.\n');
+    console.log('  ✓ Sus mode enabled. Local auto-approve is OFF; agent requests require manual approval.\n');
     return;
   }
   if (profile === 'admin') {
-    console.log('  ✓ Admin mode enabled. WARNING: local agents get broad access.\n');
+    console.log('  ✓ Maxx mode enabled. WARNING: local agents get broad access.\n');
     return;
   }
-  console.log('  ✓ Dev mode enabled. Local auto-approve remains ON with scoped profile.\n');
+  console.log('  ✓ Mid mode enabled. Local auto-approve remains ON with scoped profile.\n');
 }
 
 async function configureApiKey(

package/src/server/cli/lib/credential-resolve.ts

@@ -146,10 +146,23 @@ export async function readCredential(
   readToken: string,
   credentialId: string,
   decryptFn: (encrypted: string) => string,
+  requestedFields?: string[],
 ): Promise<DecryptedCredential> {
+  const normalizedRequestedFields = Array.from(new Set(
+    (requestedFields || [])
+      .map((value) => String(value || '').trim())
+      .filter((value) => value.length > 0),
+  ));
+  const requestBody = normalizedRequestedFields.length > 0
+    ? JSON.stringify({ requestedFields: normalizedRequestedFields })
+    : undefined;
   const res = await fetch(`${baseUrl}/credentials/${credentialId}/read`, {
     method: 'POST',
-    headers: { Authorization: `Bearer ${readToken}` },
+    headers: {
+      Authorization: `Bearer ${readToken}`,
+      ...(requestBody ? { 'Content-Type': 'application/json' } : {}),
+    },
+    ...(requestBody ? { body: requestBody } : {}),
     signal: AbortSignal.timeout(5000),
   });
   if (!res.ok) {
@@ -190,9 +203,13 @@ export async function resolveMappings(
   }
 
   const uniqueTargets = new Map<string, AuraMapping>();
+  const requestedFieldsByTarget = new Map<string, Set<string>>();
   for (const mapping of mappings) {
     const key = `${(mapping.agent || '').toLowerCase()}::${mapping.credentialName.toLowerCase()}`;
     if (!uniqueTargets.has(key)) uniqueTargets.set(key, mapping);
+    const requested = requestedFieldsByTarget.get(key) || new Set<string>();
+    requested.add(mapping.field);
+    requestedFieldsByTarget.set(key, requested);
   }
 
   const targetList = [...uniqueTargets.values()];
@@ -228,11 +245,13 @@ export async function resolveMappings(
         }
 
         try {
+          const requestedFields = Array.from(requestedFieldsByTarget.get(cacheKey) || []);
           const decrypted = await readCredential(
             baseUrl,
             readToken,
             meta.id,
             decryptFn,
+            requestedFields,
           );
           credentialCache.set(cacheKey, decrypted);
         } catch (err) {

package/src/server/cli/lib/local-agent-trust.ts

@@ -9,9 +9,10 @@ export interface LocalAgentTrustDefaults {
 
 export function resolveLocalAgentModeChoice(input: string): LocalAgentProfileMode {
   const normalized = input.trim().toLowerCase();
-  if (normalized === '2' || normalized === 'strict') return 'strict';
-  if (normalized === '3' || normalized === 'admin') return 'admin';
-  return 'dev';
+  if (normalized === '1' || normalized === 'admin' || normalized === 'maxx' || normalized === 'work') return 'admin';
+  if (normalized === '3' || normalized === 'strict' || normalized === 'sus' || normalized === 'local') return 'strict';
+  if (normalized === '2' || normalized === 'dev' || normalized === 'mid' || normalized === 'recommended') return 'dev';
+  return 'admin';
 }
 
 export function toLocalAgentTrustDefaults(profile: LocalAgentProfileMode): LocalAgentTrustDefaults {

package/src/server/lib/agent-profiles.ts

@@ -94,13 +94,14 @@ const BUILTIN_PROFILES: AgentPolicyProfileV1[] = [
     rationale: 'Use for day-to-day local dev workflows without granting financial operations.',
     permissions: ['wallet:list', 'secret:read', 'secret:write', 'action:create', 'action:read', 'action:resolve'],
     credentialAccess: {
-      readScopes: ['agent:*'],
-      writeScopes: ['agent:*'],
+      // Keep legacy `agent` alias for migrated installs while scoping to primary-only access.
+      readScopes: ['agent:primary', 'agent:agent'],
+      writeScopes: ['agent:primary', 'agent:agent'],
       excludeFields: ['cvv', 'seedPhrase', 'privateKey', 'refresh_token'],
       maxReads: 500,
     },
     tokenDefaults: { ttlSeconds: 7 * 24 * 60 * 60, maxReads: 500 },
-    warnings: ['Includes secret:write. Prefer dedicated non-primary agents for agent-managed credentials.'],
+    warnings: ['Includes secret:write. Credential scope is limited to the primary agent (legacy alias included).'],
   },
   {
     id: 'admin',

package/src/server/lib/update-check.ts

@@ -34,6 +34,10 @@ export function buildUpdateCommand(packageName = 'auramaxx'): string {
   return `npm install -g ${packageName} --foreground-scripts`;
 }
 
+export function buildUpdateForceCommand(packageName = 'auramaxx'): string {
+  return `${buildUpdateCommand(packageName)} --force`;
+}
+
 export function buildNpxLatestCommand(packageName = 'auramaxx', args: string[] = []): string {
   const suffix = args.length > 0 ? ` ${args.join(' ')}` : '';
   return `npx --yes ${packageName}@latest${suffix}`;