basecamp-skill 1.0.0

package/README.md

@@ -0,0 +1,41 @@
+# Basecamp Skill for Claude Code
+
+Read Basecamp card tables and comments directly in Claude Code.
+
+## Requirements
+
+- Node.js 18+
+- pnpm or npm
+- A Basecamp 3 account
+
+## Installation
+
+```bash
+git clone git@github.com:dicoding-dev/basecamp-skill.git
+cd basecamp-skill
+bash install.sh
+basecamp auth
+```
+
+`basecamp auth` opens a browser to authorize your Basecamp account. Tokens are stored locally in `~/.config/basecamp/credentials` and refreshed automatically — you only need to do this once.
+
+## Usage
+
+| Command | Description |
+|---|---|
+| `/basecamp:projects` | List all active projects |
+| `/basecamp:cards <project_id>` | Show card tables in a project |
+| `/basecamp:cards <project_id> <board_id>` | Show a specific board |
+| `/basecamp:show <card_id>` | Show card detail and comments |
+
+### Example
+
+```
+/basecamp:projects
+/basecamp:cards 44666023
+/basecamp:show 9651774284
+```
+
+## How it works
+
+Each user authorizes with their own Basecamp account via OAuth — no shared tokens. The skill installs a `basecamp` CLI to `~/.local/bin/` and a `SKILL.md` to `~/.claude/skills/basecamp/` that teaches Claude when and how to call it.

package/dist/api.js

@@ -0,0 +1,62 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getCredentials = getCredentials;
+exports.apiGet = apiGet;
+const credentials_1 = require("./credentials");
+const config_1 = require("./config");
+async function refreshToken(creds) {
+    const res = await fetch('https://launchpad.37signals.com/authorization/token', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: new URLSearchParams({
+            type: 'refresh',
+            refresh_token: creds.refreshToken,
+            client_id: config_1.CLIENT_ID,
+            client_secret: config_1.CLIENT_SECRET,
+        }),
+    });
+    if (!res.ok) {
+        throw new Error(`Token refresh failed (${res.status}). Run \`basecamp auth\` to re-authorize.`);
+    }
+    const data = (await res.json());
+    const updated = {
+        ...creds,
+        accessToken: data.access_token,
+        refreshToken: data.refresh_token ?? creds.refreshToken,
+        tokenExpiresAt: Math.floor(Date.now() / 1000) + (data.expires_in ?? 7_776_000),
+    };
+    (0, credentials_1.saveCredentials)(updated);
+    return updated;
+}
+async function getCredentials() {
+    let creds = (0, credentials_1.readCredentials)();
+    if (!creds) {
+        console.error('Not authorized. Run `basecamp auth` first.');
+        process.exit(1);
+    }
+    // Refresh if expiring within 60 seconds
+    if (creds.tokenExpiresAt - Math.floor(Date.now() / 1000) < 60) {
+        creds = await refreshToken(creds);
+    }
+    return creds;
+}
+async function apiGet(path) {
+    const creds = await getCredentials();
+    const url = path.startsWith('http')
+        ? path
+        : `https://3.basecampapi.com/${creds.accountId}${path}`;
+    const res = await fetch(url, {
+        headers: {
+            Authorization: `Bearer ${creds.accessToken}`,
+            'User-Agent': config_1.USER_AGENT,
+        },
+    });
+    if (res.status === 401) {
+        console.error('Authorization expired. Run `basecamp auth` to re-authorize.');
+        process.exit(1);
+    }
+    if (!res.ok) {
+        throw new Error(`API error ${res.status} ${res.statusText} — ${url}`);
+    }
+    return res.json();
+}

package/dist/auth.js

@@ -0,0 +1,143 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runAuth = runAuth;
+const http = __importStar(require("http"));
+const crypto = __importStar(require("crypto"));
+const child_process_1 = require("child_process");
+const config_1 = require("./config");
+const credentials_1 = require("./credentials");
+function openBrowser(url) {
+    const cmd = process.platform === 'darwin' ? 'open' : 'xdg-open';
+    (0, child_process_1.exec)(`${cmd} "${url}"`);
+}
+function waitForCallback(expectedState) {
+    return new Promise((resolve, reject) => {
+        const server = http.createServer((req, res) => {
+            const url = new URL(req.url, `http://localhost:${config_1.CALLBACK_PORT}`);
+            if (url.pathname !== '/callback') {
+                res.end('Not found');
+                return;
+            }
+            const error = url.searchParams.get('error');
+            if (error) {
+                res.writeHead(200, { 'Content-Type': 'text/html' });
+                res.end('<html><body><h2>Authorization failed.</h2><p>You can close this tab.</p></body></html>');
+                server.close();
+                reject(new Error(`OAuth error: ${error}`));
+                return;
+            }
+            if (url.searchParams.get('state') !== expectedState) {
+                res.writeHead(400, { 'Content-Type': 'text/html' });
+                res.end('<html><body><h2>Invalid state. Possible CSRF.</h2></body></html>');
+                server.close();
+                reject(new Error('OAuth state mismatch'));
+                return;
+            }
+            const code = url.searchParams.get('code');
+            res.writeHead(200, { 'Content-Type': 'text/html' });
+            res.end('<html><body><h2>Authorized!</h2><p>You can close this tab and return to your terminal.</p></body></html>');
+            server.close();
+            resolve(code);
+        });
+        server.listen(config_1.CALLBACK_PORT, 'localhost');
+        server.on('error', reject);
+        // Timeout after 5 minutes
+        setTimeout(() => {
+            server.close();
+            reject(new Error('Timed out waiting for authorization (5 minutes). Try again.'));
+        }, 5 * 60 * 1000);
+    });
+}
+async function runAuth() {
+    if (config_1.CLIENT_ID === 'YOUR_CLIENT_ID') {
+        console.error('Error: CLIENT_ID not configured.');
+        console.error('Set env var BASECAMP_CLIENT_ID or edit src/config.ts after registering at https://integrate.37signals.com');
+        process.exit(1);
+    }
+    const state = crypto.randomBytes(16).toString('hex');
+    const authUrl = `https://launchpad.37signals.com/authorization/new` +
+        `?type=web_server` +
+        `&client_id=${config_1.CLIENT_ID}` +
+        `&redirect_uri=${encodeURIComponent(config_1.REDIRECT_URI)}` +
+        `&state=${state}`;
+    console.log('Opening browser for Basecamp authorization...');
+    console.log(`If your browser does not open automatically, visit:\n${authUrl}\n`);
+    openBrowser(authUrl);
+    console.log('Waiting for authorization callback...');
+    const code = await waitForCallback(state);
+    // Exchange authorization code for tokens
+    const tokenRes = await fetch('https://launchpad.37signals.com/authorization/token', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: new URLSearchParams({
+            type: 'web_server',
+            client_id: config_1.CLIENT_ID,
+            client_secret: config_1.CLIENT_SECRET,
+            redirect_uri: config_1.REDIRECT_URI,
+            code,
+        }),
+    });
+    if (!tokenRes.ok) {
+        const body = await tokenRes.text();
+        throw new Error(`Token exchange failed (${tokenRes.status}): ${body}`);
+    }
+    const tokens = (await tokenRes.json());
+    const expiresAt = Math.floor(Date.now() / 1000) + (tokens.expires_in ?? 7_776_000);
+    // Fetch identity to get account_id and user name
+    const identityRes = await fetch('https://launchpad.37signals.com/authorization.json', {
+        headers: {
+            Authorization: `Bearer ${tokens.access_token}`,
+            'User-Agent': config_1.USER_AGENT,
+        },
+    });
+    if (!identityRes.ok) {
+        throw new Error(`Failed to fetch identity (${identityRes.status})`);
+    }
+    const identity = (await identityRes.json());
+    const account = identity.accounts.find((a) => a.product === 'bc3');
+    if (!account) {
+        throw new Error('No Basecamp 3 account found on this 37signals login.');
+    }
+    (0, credentials_1.saveCredentials)({
+        accountId: String(account.id),
+        accessToken: tokens.access_token,
+        refreshToken: tokens.refresh_token,
+        tokenExpiresAt: expiresAt,
+    });
+    const fullName = `${identity.identity.first_name} ${identity.identity.last_name}`.trim();
+    console.log(`\nAuthorized as ${fullName} (${identity.identity.email_address})`);
+    console.log(`Account: ${account.name} (${account.id})`);
+}

package/dist/cli.js

@@ -0,0 +1,96 @@
+#!/usr/bin/env node
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+const [, , command, ...args] = process.argv;
+async function main() {
+    switch (command) {
+        case 'auth': {
+            const { runAuth } = await Promise.resolve().then(() => __importStar(require('./auth')));
+            await runAuth();
+            break;
+        }
+        case 'projects': {
+            const { runProjects } = await Promise.resolve().then(() => __importStar(require('./commands/projects')));
+            await runProjects();
+            break;
+        }
+        case 'cards': {
+            const { runCards } = await Promise.resolve().then(() => __importStar(require('./commands/cards')));
+            await runCards(args[0], args[1]);
+            break;
+        }
+        case 'setup': {
+            const skillSrc = path.join(__dirname, '../skill/SKILL.md');
+            const skillDest = path.join(os.homedir(), '.claude', 'skills', 'basecamp', 'SKILL.md');
+            if (!fs.existsSync(skillSrc)) {
+                console.error('Error: SKILL.md not found in package. Try reinstalling.');
+                process.exit(1);
+            }
+            fs.mkdirSync(path.dirname(skillDest), { recursive: true });
+            fs.copyFileSync(skillSrc, skillDest);
+            console.log(`Installed SKILL.md to ${skillDest}`);
+            console.log("Run 'basecamp auth' to connect your Basecamp account.");
+            break;
+        }
+        case 'show': {
+            if (!args[0]) {
+                console.error('Usage: basecamp show <card_id> [project_id]');
+                process.exit(1);
+            }
+            const { runShow } = await Promise.resolve().then(() => __importStar(require('./commands/show')));
+            await runShow(args[0], args[1]);
+            break;
+        }
+        default:
+            console.log('Usage: basecamp <command> [args]');
+            console.log('');
+            console.log('Commands:');
+            console.log('  auth                         Authorize your Basecamp account');
+            console.log('  projects                     List active projects');
+            console.log('  cards [project_id]           Show card table for a project');
+            console.log('  show <card_id> [project_id]  Show card detail and comments');
+            console.log('  setup                        Install Claude Code skill to ~/.claude/skills/');
+            if (command)
+                process.exit(1);
+    }
+}
+main().catch((err) => {
+    console.error(`Error: ${err.message}`);
+    process.exit(1);
+});

package/dist/commands/cards.js

@@ -0,0 +1,53 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runCards = runCards;
+const api_1 = require("../api");
+async function runCards(projectId, boardId) {
+    const creds = await (0, api_1.getCredentials)();
+    const pid = projectId ?? creds.defaultProject;
+    if (!pid) {
+        console.error('No project ID provided. Usage: basecamp cards <project_id> [board_id]');
+        console.error('Run `basecamp projects` to find your project ID.');
+        process.exit(1);
+    }
+    const project = await (0, api_1.apiGet)(`/projects/${pid}.json`);
+    const boards = project.dock.filter((d) => d.name === 'kanban_board' && d.enabled);
+    if (boards.length === 0) {
+        console.log('No card tables (kanban boards) found in this project.');
+        return;
+    }
+    // If multiple boards and no board_id specified, list them
+    if (boards.length > 1 && !boardId) {
+        console.log(`## Card Tables in ${project.name}\n`);
+        console.log('Multiple boards found. Use: basecamp cards <project_id> <board_id>\n');
+        console.log('| ID | Name |');
+        console.log('|---|---|');
+        for (const b of boards) {
+            console.log(`| ${b.id} | ${b.title} |`);
+        }
+        return;
+    }
+    const board = boardId
+        ? boards.find((b) => String(b.id) === boardId)
+        : boards[0];
+    if (!board) {
+        console.error(`Board ID ${boardId} not found. Run \`basecamp cards ${pid}\` to list boards.`);
+        process.exit(1);
+    }
+    const table = await (0, api_1.apiGet)(board.url);
+    console.log(`## ${table.title}\n`);
+    for (const column of table.lists) {
+        console.log(`### ${column.title}`);
+        if (column.cards_count === 0) {
+            console.log('_(empty)_\n');
+            continue;
+        }
+        const cards = await (0, api_1.apiGet)(`/buckets/${pid}/card_tables/lists/${column.id}/cards.json`);
+        for (const card of cards) {
+            const assignees = card.assignees?.map((a) => `@${a.name}`).join(', ') || 'unassigned';
+            const due = card.due_on ? ` — due ${card.due_on}` : '';
+            console.log(`- [#${card.id}] ${card.title} — ${assignees}${due}`);
+        }
+        console.log('');
+    }
+}

package/dist/commands/projects.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runProjects = runProjects;
+const api_1 = require("../api");
+async function runProjects() {
+    const projects = await (0, api_1.apiGet)('/projects.json');
+    const active = projects.filter((p) => p.status === 'active');
+    if (active.length === 0) {
+        console.log('No active projects found.');
+        return;
+    }
+    console.log('## Active Projects\n');
+    console.log('| ID | Name | Description |');
+    console.log('|---|---|---|');
+    for (const p of active) {
+        const desc = (p.description ?? '').replace(/\n/g, ' ').slice(0, 80);
+        console.log(`| ${p.id} | ${p.name} | ${desc} |`);
+    }
+}

package/dist/commands/show.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runShow = runShow;
+const api_1 = require("../api");
+function stripHtml(html) {
+    return html
+        .replace(/<br\s*\/?>/gi, '\n')
+        .replace(/<\/p>/gi, '\n')
+        .replace(/<[^>]+>/g, '')
+        .replace(/&amp;/g, '&')
+        .replace(/&lt;/g, '<')
+        .replace(/&gt;/g, '>')
+        .replace(/&quot;/g, '"')
+        .replace(/&#39;/g, "'")
+        .trim();
+}
+async function runShow(cardId, projectId) {
+    const creds = await (0, api_1.getCredentials)();
+    const pid = projectId ?? creds.defaultProject;
+    if (!pid) {
+        console.error('No project ID provided. Usage: basecamp show <card_id> <project_id>');
+        console.error('Run `basecamp projects` to find your project ID.');
+        process.exit(1);
+    }
+    const card = await (0, api_1.apiGet)(`/buckets/${pid}/card_tables/cards/${cardId}.json`);
+    const assignees = card.assignees?.map((a) => `@${a.name}`).join(', ') || 'unassigned';
+    const column = card.parent?.title ?? 'Unknown';
+    console.log(`## [#${card.id}] ${card.title}\n`);
+    console.log(`**Column:** ${column}`);
+    console.log(`**Assignees:** ${assignees}`);
+    if (card.due_on)
+        console.log(`**Due:** ${card.due_on}`);
+    const rawDesc = card.description ?? card.content;
+    if (rawDesc) {
+        console.log('\n### Description');
+        console.log(stripHtml(rawDesc));
+    }
+    const comments = await (0, api_1.apiGet)(`/buckets/${pid}/recordings/${cardId}/comments.json`);
+    if (comments.length > 0) {
+        console.log('\n### Comments');
+        for (const c of comments) {
+            const date = c.created_at.slice(0, 10);
+            console.log(`**${c.creator.name}** (${date}): ${stripHtml(c.content)}`);
+        }
+    }
+}

package/dist/config.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.USER_AGENT = exports.CALLBACK_PORT = exports.REDIRECT_URI = exports.CLIENT_SECRET = exports.CLIENT_ID = void 0;
+// Register your OAuth app at https://integrate.37signals.com
+// Set redirect URI to: http://localhost:45678/callback
+// Then replace the placeholders below, or set env vars.
+exports.CLIENT_ID = process.env.BASECAMP_CLIENT_ID ?? '172b13548acf0011660e7dec23a9e73def9081c1';
+exports.CLIENT_SECRET = process.env.BASECAMP_CLIENT_SECRET ?? '65a61b2c383483ba625b26f2cf61742f316423a6';
+exports.REDIRECT_URI = 'http://localhost:45678/callback';
+exports.CALLBACK_PORT = 45678;
+exports.USER_AGENT = 'BasecampSkill (hasbi@dicoding.com)';

package/dist/credentials.js

@@ -0,0 +1,78 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readCredentials = readCredentials;
+exports.saveCredentials = saveCredentials;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const CREDENTIALS_DIR = path.join(os.homedir(), '.config', 'basecamp');
+const CREDENTIALS_FILE = path.join(CREDENTIALS_DIR, 'credentials');
+function readCredentials() {
+    if (!fs.existsSync(CREDENTIALS_FILE))
+        return null;
+    const content = fs.readFileSync(CREDENTIALS_FILE, 'utf-8');
+    const data = {};
+    for (const line of content.split('\n')) {
+        if (line.startsWith('#') || !line.includes('='))
+            continue;
+        const eq = line.indexOf('=');
+        data[line.slice(0, eq).trim()] = line.slice(eq + 1).trim();
+    }
+    if (!data.BASECAMP_ACCESS_TOKEN || !data.BASECAMP_ACCOUNT_ID)
+        return null;
+    return {
+        accountId: data.BASECAMP_ACCOUNT_ID,
+        accessToken: data.BASECAMP_ACCESS_TOKEN,
+        refreshToken: data.BASECAMP_REFRESH_TOKEN ?? '',
+        tokenExpiresAt: parseInt(data.BASECAMP_TOKEN_EXPIRES_AT ?? '0', 10),
+        defaultProject: data.BASECAMP_DEFAULT_PROJECT,
+    };
+}
+function saveCredentials(creds) {
+    if (!fs.existsSync(CREDENTIALS_DIR)) {
+        fs.mkdirSync(CREDENTIALS_DIR, { recursive: true });
+    }
+    const lines = [
+        `BASECAMP_ACCOUNT_ID=${creds.accountId}`,
+        `BASECAMP_ACCESS_TOKEN=${creds.accessToken}`,
+        `BASECAMP_REFRESH_TOKEN=${creds.refreshToken}`,
+        `BASECAMP_TOKEN_EXPIRES_AT=${creds.tokenExpiresAt}`,
+    ];
+    if (creds.defaultProject) {
+        lines.push(`BASECAMP_DEFAULT_PROJECT=${creds.defaultProject}`);
+    }
+    fs.writeFileSync(CREDENTIALS_FILE, lines.join('\n') + '\n', { mode: 0o600 });
+}

package/dist/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/package.json

@@ -0,0 +1,24 @@
+{
+  "name": "basecamp-skill",
+  "version": "1.0.0",
+  "description": "Claude Code skill for reading Basecamp card tables and comments",
+  "bin": {
+    "basecamp": "./dist/cli.js"
+  },
+  "files": [
+    "dist",
+    "skill"
+  ],
+  "dependencies": {},
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.5.3"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "scripts": {
+    "build": "tsc && node -e \"const fs=require('fs');const f='dist/cli.js';fs.writeFileSync(f,'#!/usr/bin/env node\\n'+fs.readFileSync(f,'utf8'));require('fs').chmodSync(f,0o755);\"",
+    "dev": "node --loader ts-node/esm src/cli.ts"
+  }
+}

package/skill/SKILL.md

@@ -0,0 +1,67 @@
+---
+name: basecamp
+description: Read Basecamp card tables and card comments. Requires `basecamp auth` on first use.
+---
+
+# Basecamp Skill
+
+Read Basecamp 3 Card Tables, cards, and comments using the `basecamp` CLI.
+
+## First-time setup
+
+If credentials are missing or the user gets an authorization error, instruct them to run:
+
+```bash
+basecamp auth
+```
+
+This opens a browser to authorize their Basecamp account. It only needs to be done once. Tokens are stored in `~/.config/basecamp/credentials` and refreshed automatically.
+
+## Commands
+
+### `/basecamp:auth`
+
+Use when the user wants to connect their Basecamp account, or when any command reports "Not authorized".
+
+```bash
+basecamp auth
+```
+
+### `/basecamp:projects`
+
+List all active Basecamp projects the user has access to. Always run this first if the user does not know their project ID.
+
+```bash
+basecamp projects
+```
+
+Output is a markdown table with project IDs, names, and descriptions. The ID is needed for `cards` and `show`.
+
+### `/basecamp:cards [project_id]`
+
+Show the card table for a project, grouped by column. If the user has set `BASECAMP_DEFAULT_PROJECT` in their credentials file, the project ID can be omitted.
+
+```bash
+basecamp cards <project_id>
+```
+
+Present results as organized lists grouped by column (status). Each card shows its ID, title, assignees, and due date if set.
+
+### `/basecamp:show <card_id>`
+
+Show full card detail: metadata, description, and all comments in chronological order.
+
+```bash
+basecamp show <card_id> [project_id]
+```
+
+Present the card clearly — metadata up top, description next, then comments. Reference card IDs as `#42` in conversation.
+
+## Error handling
+
+| Error message | Action |
+|---|---|
+| `Not authorized. Run basecamp auth first.` | Ask user to run `basecamp auth` |
+| `No project ID provided` | Ask user to run `basecamp projects` and pick an ID |
+| `API error 404` | The card or project ID may be wrong — verify with `basecamp projects` |
+| `Token refresh failed` | Ask user to run `basecamp auth` again |