autark-cli 0.4.2 → 0.5.1

package/autark.mjs

@@ -227,10 +227,6 @@ async function main() {
     if (command === 'delete') return feedbackDelete(rest)
     if (!command || command === '--help' || command === '-h') return feedbackUsage()
   }
-  if (group === 'deliverability') {
-    if (command === 'check') return deliverabilityCheck(rest)
-    if (!command || command === '--help' || command === '-h') return deliverabilityUsage()
-  }
   if (group === 'context') {
     if (!command || command === '--help' || command === '-h') return contextUsage()
     return context([command, ...rest].filter(Boolean))
@@ -782,60 +778,6 @@ function feedbackUsage() {
 autark feedback delete <feedback-id>`)
 }
 
-// ====================================================== deliverability
-
-// Pre-send email validator. Calls AgentMail's recipient-check endpoint so the
-// agent can avoid blasting a guessed/permutated address and inflating the
-// bounce rate. Falls back to a syntactic check if the endpoint is unreachable.
-async function deliverabilityCheck(rest) {
-  const opts = parseArgs(rest)
-  const email = required(opts.email || opts._[0], 'email')
-  const creds = loadCredentials() || {}
-  const token = creds.agentmail_token
-  let verdict = { email, deliverable: null, source: 'syntactic', reason: '' }
-
-  if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) {
-    verdict = { ...verdict, deliverable: false, reason: 'malformed address' }
-    console.log(JSON.stringify(verdict, null, 2))
-    process.exitCode = 1
-    return
-  }
-  if (!token) {
-    verdict.reason = 'no agentmail token; syntactic check only'
-    console.log(JSON.stringify(verdict, null, 2))
-    return
-  }
-
-  try {
-    const res = await fetch('https://api.agentmail.to/v0/deliverability/check', {
-      method: 'POST',
-      headers: { authorization: `Bearer ${token}`, 'content-type': 'application/json' },
-      body: JSON.stringify({ email }),
-    })
-    if (!res.ok) {
-      verdict.reason = `agentmail check ${res.status}; fell back to syntactic`
-      verdict.deliverable = null
-    } else {
-      const body = await res.json().catch(() => ({}))
-      verdict.source = 'agentmail'
-      verdict.deliverable = body.deliverable !== false
-      verdict.reason = body.reason || ''
-      if (body.risk) verdict.risk = body.risk
-    }
-  } catch (err) {
-    verdict.reason = `network error: ${err.message}`
-  }
-  console.log(JSON.stringify(verdict, null, 2))
-  if (verdict.deliverable === false) process.exitCode = 1
-}
-
-function deliverabilityUsage() {
-  console.log(`autark deliverability check <email>
-  Returns JSON {email, deliverable, source, reason}. Exits non-zero when the
-  address is known-undeliverable. Call this before logging an email action so
-  bounces don't tank your domain rep.`)
-}
-
 // rejectUnsendableAddress is defined near the top of the file (before main()
 // runs) so the const Sets it depends on are out of TDZ when mailSend invokes
 // it. See block tagged "address reject" up top.
@@ -856,9 +798,6 @@ async function mail(command, rest) {
   if (command === 'raw')       return mailRaw(rest)
   if (command === 'attachment') return mailAttachment(rest)
   if (command === 'request')   return mailRequest(rest)
-  if (command === 'suppress')   return mailSuppress(rest)
-  if (command === 'unsuppress') return mailUnsuppress(rest)
-  if (command === 'suppressed') return mailSuppressed(rest)
   if (command === 'lint')       return mailLint(rest)
   mailUsage()
   process.exit(1)
@@ -892,72 +831,55 @@ async function mailLint(rest) {
     'the key insight', 'what this means is', 'the answer is', 'the trick is',
     'that\'s exactly', 'that\'s precisely', 'that\'s the whole point',
   ]
+  const WHY = {
+    'structure-word':     'AI-fingerprint vocabulary. Humans don\'t write "structurally different" or "fundamentally" in cold email; LLMs reach for them when hedging or sounding profound. Describe the thing directly instead.',
+    'em-dash':            'Em-dashes in cold outreach are a strong AI tell. Real people use commas, periods, or a new line break.',
+    'body-url':           'URLs mid-paragraph read like an A/B test variant or a campaign send. The product link belongs in the signature anchor; if it\'s anywhere else, the recipient classifies the email as automated.',
+    'too-many-questions': 'Asking >1 question is hedging. Pick the one question that, if answered, gives you the most signal. The rest can wait.',
+    'compound-question':  'Compound a/b questions ("are you X or Y...") read as AI hedging across alternatives. Humans ask one specific thing. Drop the "or" and pick the more specific half.',
+    'too-long':           'Cold outreach over 400 chars (~4-6 short lines) reads as a pitch deck, not a peer note. If you wrote more, you\'re explaining instead of asking. Cut to the single sharpest sentence.',
+    'no-anchor-sig':      'Without a clickable name in the signature, the recipient has to type your name into Google to figure out who you are. The HTML <a href> / markdown [name](url) sig is the single biggest "who is this person?" mitigator. Plain "Kushal" alone is a tell.',
+  }
 
   const violations = []
   const lower = body.toLowerCase()
 
-  // 1. structure-words
   for (const w of STRUCTURE_WORDS) {
-    if (lower.includes(w)) violations.push({ rule: 'structure-word', detail: w })
+    if (lower.includes(w)) violations.push({ rule: 'structure-word', detail: w, why: WHY['structure-word'] })
   }
-  // 2. em-dash
-  if (/—/.test(body)) violations.push({ rule: 'em-dash', detail: 'use a period or comma instead' })
-  // 3. URLs in body (allow only inside markdown anchor [text](url) or HTML <a href>)
+  if (/—/.test(body)) violations.push({ rule: 'em-dash', detail: 'em-dash detected', why: WHY['em-dash'] })
   const urlMatches = body.match(/https?:\/\/[^\s<>"')]+/g) || []
   for (const u of urlMatches) {
     const idx = body.indexOf(u)
     const before = body.slice(Math.max(0, idx - 40), idx)
-    const after = body.slice(idx + u.length, idx + u.length + 10)
     const insideMdAnchor = /\]\(\s*$/.test(before)
     const insideHtmlAnchor = /href\s*=\s*["'][^"']*$/.test(before) || /<a\b[^>]*$/.test(before)
-    if (!insideMdAnchor && !insideHtmlAnchor) violations.push({ rule: 'body-url', detail: u })
+    if (!insideMdAnchor && !insideHtmlAnchor) violations.push({ rule: 'body-url', detail: u, why: WHY['body-url'] })
   }
-  // 4. multiple question marks (more than one ? in the body)
   const qmarks = (body.match(/\?/g) || []).length
-  if (qmarks > 1) violations.push({ rule: 'too-many-questions', detail: `${qmarks} question marks; cold outreach gets one max` })
-  // 5. compound question with "or" connecting clauses
+  if (qmarks > 1) violations.push({ rule: 'too-many-questions', detail: `${qmarks} question marks`, why: WHY['too-many-questions'] })
   const compoundQ = /\b(are|is|do|does|did|will|would|can|could|should|have|has)\b[^?]{0,200}\bor\b[^?]{0,200}\?/i
-  if (compoundQ.test(body)) violations.push({ rule: 'compound-question', detail: 'a/b question with "or" splits attention; ask one thing' })
-  // 6. body length (excluding signature heuristically)
+  if (compoundQ.test(body)) violations.push({ rule: 'compound-question', detail: 'a/b question with "or"', why: WHY['compound-question'] })
   const sigSplit = body.split(/\n\s*\n(?:best|thanks|cheers|—|-)[\s,]*\n/i)[0] || body
   const len = sigSplit.trim().length
-  if (len > 400) violations.push({ rule: 'too-long', detail: `${len} chars of body; cold outreach should fit in ~400` })
-  // 7. signature presence: should have `- <name>` and an anchor (md or html)
+  if (len > 400) violations.push({ rule: 'too-long', detail: `${len} chars`, why: WHY['too-long'] })
   const hasMdAnchor = /\[[^\]]+\]\(https?:\/\/[^)]+\)/.test(body)
   const hasHtmlAnchor = /<a\b[^>]*href\s*=\s*["']https?:\/\/[^"']+["'][^>]*>[^<]+<\/a>/i.test(body)
-  if (!hasMdAnchor && !hasHtmlAnchor) {
-    violations.push({ rule: 'no-anchor-sig', detail: 'signature must include a clickable link via [name](url) or <a href="url">name</a>' })
-  }
+  if (!hasMdAnchor && !hasHtmlAnchor) violations.push({ rule: 'no-anchor-sig', detail: 'no clickable name in signature', why: WHY['no-anchor-sig'] })
 
   if (violations.length === 0) {
     console.log(JSON.stringify({ clean: true, length: len }, null, 2))
     return
   }
-  console.error(JSON.stringify({ clean: false, length: len, violations }, null, 2))
+  console.error(JSON.stringify({
+    clean: false,
+    length: len,
+    violations,
+    next: 'Rewrite the draft so each violation\'s "why" is internalized, not just regex-fixed. If you can\'t make it pass after 2 rewrites, abstain — re-read ~/.claude/skills/outreach/SKILL.md AI-tells section and ask whether you should send this at all.',
+  }, null, 2))
   process.exit(1)
 }
 
-async function mailSuppress(rest) {
-  const opts = parseArgs(rest)
-  const entry = required(opts.email || opts._[0], 'email')
-  const reason = opts.reason || 'manual'
-  const result = await api('POST', '/v1/suppression', { entry, reason })
-  printJson(result)
-}
-
-async function mailUnsuppress(rest) {
-  const opts = parseArgs(rest)
-  const entry = required(opts.email || opts._[0], 'email')
-  const result = await api('DELETE', `/v1/suppression/${encodeURIComponent(entry)}`)
-  printJson(result)
-}
-
-async function mailSuppressed(rest) {
-  const opts = parseArgs(rest)
-  const limit = opts.limit ? Number(opts.limit) : 100
-  const result = await api('GET', `/v1/suppression?limit=${limit}`)
-  printJson(result)
-}
 
 async function mailSetup(rest) {
   const opts = parseArgs(rest)
@@ -990,10 +912,9 @@ async function mailSend(rest) {
   rejectUnsendableAddress(to)
   const subject = opts.subject || ''
   const body = mailBody(opts, { to, subject })
-  const anchor = readAnchorOpts(opts)
   const dryRun = opts['dry-run'] === true || opts.dry_run === true
   if (dryRun) {
-    printJson({ dry_run: true, would_send: { inbox: creds.inboxId, to, subject, body, anchor } })
+    printJson({ dry_run: true, would_send: { inbox: creds.inboxId, to, subject, body } })
     return
   }
   const result = await agentmailRequest('POST', `/inboxes/${encodeURIComponent(creds.inboxId)}/messages/send`, body)
@@ -1003,30 +924,10 @@ async function mailSend(rest) {
     recipient: to.join(','),
     subject,
     response: result,
-    metadata: anchor ? { anchor_quote: anchor.quote, anchor_url: anchor.url } : {},
   })
   printJson({ ...result, autark_action_id: action?.id })
 }
 
-// Optional anchor-quote primitive. The cold-outreach skill recommends that
-// every send carry a verbatim quote from the recipient's public surface
-// (HN comment, GitHub issue, tweet) plus the URL it was lifted from. The
-// CLI doesn't (yet) enforce — when both are present they're validated and
-// logged into the action's metadata; when absent the send still goes
-// through. Flip to required once the prompt-side discipline catches up.
-function readAnchorOpts(opts) {
-  let quote = opts['anchor-quote'] || opts.anchor_quote
-  const url = opts['anchor-url'] || opts.anchor_url
-  if (quote && String(quote).startsWith('@')) {
-    quote = fs.readFileSync(String(quote).slice(1), 'utf8').trim()
-  }
-  if (!quote && !url) return null
-  if (!quote || !url) throw new Error('--anchor-quote and --anchor-url must both be provided (or both omitted)')
-  if (String(quote).length < 30) throw new Error(`--anchor-quote too short (${String(quote).length} chars); need >=30 chars of verbatim recipient text`)
-  if (!/^https?:\/\//.test(String(url))) throw new Error(`--anchor-url must be a full URL, got: ${url}`)
-  return { quote: String(quote).trim(), url: String(url).trim() }
-}
-
 async function mailReply(rest, mode) {
   const opts = parseArgs(rest)
   const creds = requireAgentmailCredentials()
@@ -1425,7 +1326,6 @@ function mailUsage() {
 
   setup       --prefix <name> [--force]
   send        --to <email[,email]> --subject <s> --text @body.txt [--run-id <id>] [--dry-run]
-              [--anchor-quote @./q.txt --anchor-url <url>]   record the recipient's verbatim public quote
   reply       --message-id <id> --text @reply.txt [--run-id <id>]
   reply-all   --message-id <id> --text @reply.txt [--run-id <id>]
   forward     --message-id <id> --to <email> [--text @body.txt] [--run-id <id>]
@@ -1436,15 +1336,11 @@ function mailUsage() {
   raw         <message_id>
   attachment  --message-id <id> --attachment-id <id> [--out file]
   request     <METHOD> <path> [--body @json] [--raw]
-  suppress    <email> [--reason "<text>"]    add to org-wide send-block list
-  unsuppress  <email>                         remove from send-block list
-  suppressed  [--limit N]                     list blocked addresses
   lint        --body @draft.txt | <stdin>     grade a draft for AI-tells; exit 1 on violations
 
-Mail uses the inbox-scoped token in ~/.autark/credentials.json. Suppression
-verbs proxy through the autark worker (org-scoped). --dry-run prints the
-payload without hitting SES. lint is fully local — runs the outreach skill's
-hard-fail checks against a draft.`)
+Mail uses the inbox-scoped token in ~/.autark/credentials.json. --dry-run
+prints the payload without hitting SES. lint is fully local — runs the
+outreach skill's hard-fail checks against a draft.`)
 }
 
 function usage() {
@@ -1462,7 +1358,6 @@ function usage() {
   log action                 record one outreach touch
   action escalate            flag an action for human attention
   feedback record|delete     leave a free-text nudge on a hypothesis
-  deliverability check       pre-send check for an email address
   context [<slug>|...]       pull product or hypothesis context
 
   mail setup|send|reply|...  send/read mail via your AgentMail inbox

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "autark-cli",
-  "version": "0.4.2",
+  "version": "0.5.1",
   "description": "CLI for autark \u2014 hypothesis-driven product runbooks. Track products, hypotheses, runs, and actions from the terminal.",
   "type": "module",
   "license": "MIT",