caplets 0.17.1 → 0.17.3

package/README.md

@@ -77,16 +77,18 @@ You can also invoke configured Caplets directly from the CLI for agent-friendly
 ```sh
 caplets get-caplet context7
 caplets list-tools context7
-caplets get-tool context7.resolve-library-id
-caplets call-tool context7.resolve-library-id --args '{"libraryName":"react"}'
-caplets call-tool context7.resolve-library-id --args '{"libraryName":"react"}' --field result.id --format json
+caplets get-tool context7 resolve-library-id
+caplets call-tool context7 resolve-library-id --args '{"libraryName":"react"}'
+caplets call-tool context7 resolve-library-id --args '{"libraryName":"react"}' --field result.id --format json
 caplets list-resources docs
 caplets read-resource docs file:///repo/README.md
 caplets list-prompts linear
-caplets get-prompt linear.review_issue --args '{"issueId":"CAP-123"}'
+caplets get-prompt linear review_issue --args '{"issueId":"CAP-123"}'
 caplets complete docs --resource-template 'file:///repo/{path}' --argument path --value src/
 ```
 
+The older qualified form, such as `caplets call-tool context7.resolve-library-id` or `caplets get-prompt linear.review_issue`, remains supported for scripts and existing usage.
+
 Direct CLI operation commands print Markdown summaries by default. Add `--format plain` for plain text or `--format json` for machine-readable JSON (`md` is accepted as an alias for `markdown`). If a downstream tool returns `isError: true`, Caplets still exits with status code 1.
 
 ### Shell completions
@@ -117,7 +119,7 @@ caplets completion cmd > %USERPROFILE%\caplets-completion.cmd
 %USERPROFILE%\caplets-completion.cmd
 ```
 
-Completions include command names, options, common enum values, configured Caplet IDs, and cache-backed downstream names for qualified targets such as `caplets call-tool repo.<TAB>`. Downstream discovery is bounded by the `completion` config timeouts and a platform-native cache directory. Generated shell scripts suppress completion stderr; run the underlying CLI command directly when debugging completion behavior.
+Completions include command names, options, common enum values, configured Caplet IDs, and cache-backed downstream names for split targets such as `caplets call-tool repo <TAB>` and qualified targets such as `caplets call-tool repo.<TAB>`. Downstream discovery is bounded by the `completion` config timeouts and a platform-native cache directory. Generated shell scripts suppress completion stderr; run the underlying CLI command directly when debugging completion behavior.
 
 Backends that require OAuth or token auth may need `caplets auth login <server>` before live downstream completions can return richer results. Completion never starts interactive login flows.
 
@@ -546,7 +548,18 @@ This repository includes polished working examples under [`caplets/`](caplets/):
 - `linear`: Linear's hosted OAuth MCP endpoint.
 - `context7`: Context7 documentation lookup through `@upstash/context7-mcp`.
 - `repo-cli`: Read-oriented repository CLI workflows through `git` and package scripts.
-- `github-cli`: Read-oriented GitHub workflows through the `gh` CLI.
+- `ast-grep`: Structural code search, scan, rewrite, rule testing, and scaffolding through the `ast-grep` CLI.
+- `osv`: OSV.dev vulnerability lookups through explicit read-only HTTP actions.
+- `npm`: npm registry operations through npm's published OpenAPI spec URL.
+- `pypi`: PyPI project metadata, release metadata, and Simple API JSON through a curated OpenAPI spec.
+- `deepwiki`: Repository-focused documentation and architecture context through DeepWiki MCP.
+- `sourcegraph`: Cross-repository code search and navigation through Sourcegraph MCP.
+- `playwright`: Headless browser automation for frontend inspection and testing through Playwright MCP.
+- `coding-agent-toolkit`: A CapletSet that bundles high-value coding-agent examples; source children are symlinks to canonical top-level examples and installed copies are materialized as self-contained files/directories.
+- `github-cli`: Pre-existing secondary read-oriented GitHub workflows through the `gh` CLI; prefer the canonical `github` MCP example for the polished GitHub integration.
+
+GraphQL is intentionally skipped in this showcase batch so the examples can focus on HTTP,
+OpenAPI, MCP, CLI, and CapletSet coverage without duplicating GitHub or GitLab surfaces.
 
 Install every example from a repo's `caplets/` directory into the current project's
 `./.caplets` directory:

package/dist/index.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import { createRequire } from "node:module";
-import { accessSync, chmodSync, closeSync, constants, cpSync, existsSync, lstatSync, mkdirSync, mkdtempSync, openSync, readFileSync, readdirSync, renameSync, rmSync, statSync, watch, writeFileSync, writeSync } from "node:fs";
-import minpath, { basename, delimiter, dirname, extname, isAbsolute, join, parse, posix, relative, resolve, win32 } from "node:path";
+import { accessSync, chmodSync, closeSync, constants, copyFileSync, cpSync, existsSync, lstatSync, mkdirSync, mkdtempSync, openSync, readFileSync, readdirSync, readlinkSync, realpathSync, renameSync, rmSync, statSync, watch, writeFileSync, writeSync } from "node:fs";
+import minpath, { basename, delimiter, dirname, extname, isAbsolute, join, parse, posix, relative, resolve, sep, win32 } from "node:path";
 import { execFileSync, spawn } from "node:child_process";
 import process$1, { stdin, stdout } from "node:process";
 import { fileURLToPath } from "node:url";
@@ -4709,7 +4709,7 @@ function generatedToolInputJsonSchema() {
 	return generatedToolInputJsonSchemaForCaplet({ backend: "tool" });
 }
 //#endregion
-//#region ../core/dist/options-BqibJVxq.js
+//#region ../core/dist/options-j9p3L3r1.js
 var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
@@ -56439,8 +56439,21 @@ async function loadOpenApiSource(endpoint, authDir) {
 	if (endpoint.specPath) return endpoint.specPath;
 	if (!endpoint.specUrl) throw new CapletsError("CONFIG_INVALID", `${endpoint.server} is missing OpenAPI spec source`);
 	if (!endpoint.baseUrl) throw new CapletsError("CONFIG_INVALID", `${endpoint.server} must configure baseUrl when using remote specUrl`);
-	const response = await fetchWithLimit(endpoint.specUrl, endpoint.requestTimeoutMs, shouldSendSpecAuth(endpoint) ? authHeaders(endpoint, authDir) : {});
-	return JSON.parse(response);
+	return parseOpenApiSourceText(await fetchWithLimit(endpoint.specUrl, endpoint.requestTimeoutMs, shouldSendSpecAuth(endpoint) ? authHeaders(endpoint, authDir) : {}));
+}
+function parseOpenApiSourceText(source) {
+	let parsed;
+	try {
+		parsed = JSON.parse(source);
+	} catch (jsonError) {
+		try {
+			parsed = (0, import_dist$1.parse)(source);
+		} catch {
+			throw jsonError instanceof Error ? jsonError : new Error(String(jsonError));
+		}
+	}
+	if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) throw new Error("OpenAPI source must parse to an object");
+	return parsed;
 }
 function extractOperations(endpoint, document) {
 	const operations = [];
@@ -56458,6 +56471,7 @@ function extractOperations(endpoint, document) {
 			const requestBody = requestBodyFor(operation);
 			const outputSchema = outputSchemaFor(operation);
 			const baseUrl = endpoint.baseUrl ?? firstServerUrl(document);
+			const staticHeaders = staticHeaderDefaultsFor(endpoint, parameters);
 			validateOperationBaseUrl(endpoint, baseUrl);
 			operations.push({
 				name,
@@ -56465,15 +56479,32 @@ function extractOperations(endpoint, document) {
 				path,
 				...typeof operation.summary === "string" ? { summary: operation.summary } : {},
 				...typeof operation.description === "string" ? { description: operation.description } : {},
-				inputSchema: inputSchemaFor(parameters, requestBody),
+				inputSchema: inputSchemaFor(parameters, requestBody, staticHeaders),
 				...outputSchema ? { outputSchema } : {},
 				...requestBody?.contentType ? { requestBodyContentType: requestBody.contentType } : {},
-				...baseUrl ? { baseUrl } : {}
+				...baseUrl ? { baseUrl } : {},
+				...Object.keys(staticHeaders).length ? { staticHeaders } : {}
 			});
 		}
 	}
 	return operations.sort((left, right) => left.name.localeCompare(right.name));
 }
+function staticHeaderDefaultsFor(endpoint, parameters) {
+	const configuredHeaderNames = configuredAuthHeaderNames(endpoint);
+	const headers = {};
+	for (const parameter of parameters) {
+		if (parameter?.in !== "header" || typeof parameter.name !== "string") continue;
+		const normalized = parameter.name.toLowerCase();
+		if (configuredHeaderNames.has(normalized) || FORBIDDEN_ARGUMENT_HEADERS.has(normalized) && normalized !== "accept") continue;
+		const defaultValue = parameter.schema?.default;
+		if ([
+			"string",
+			"number",
+			"boolean"
+		].includes(typeof defaultValue)) headers[parameter.name] = String(defaultValue);
+	}
+	return headers;
+}
 function requestBodyFor(operation) {
 	const requestBody = operation.requestBody;
 	if (!requestBody || typeof requestBody !== "object") return;
@@ -56534,19 +56565,20 @@ function structuredOutputSchema(bodySchema) {
 		}
 	};
 }
-function inputSchemaFor(parameters, requestBody) {
+function inputSchemaFor(parameters, requestBody, staticHeaders = {}) {
 	const schema = {
 		type: "object",
 		additionalProperties: false,
 		properties: {}
 	};
 	const required = [];
+	const protectedStaticHeaders = new Set(Object.keys(staticHeaders).map((key) => key.toLowerCase()).filter((key) => FORBIDDEN_ARGUMENT_HEADERS.has(key)));
 	for (const location of [
 		"path",
 		"query",
 		"header"
 	]) {
-		const locationParameters = parameters.filter((parameter) => parameter?.in === location);
+		const locationParameters = parameters.filter((parameter) => parameter?.in === location && !(location === "header" && protectedStaticHeaders.has(parameter.name?.toLowerCase())));
 		if (locationParameters.length === 0) continue;
 		const nestedRequired = locationParameters.filter((parameter) => parameter.required === true || location === "path").map((parameter) => parameter.name);
 		schema.properties[location] = {
@@ -56585,7 +56617,8 @@ function buildRequest(endpoint, operation, args, authDir) {
 	for (const [key, value] of Object.entries(asRecord(args.query))) if (value !== void 0 && value !== null) url.searchParams.append(key, serializeHttpValue("query", key, value));
 	const headers = new Headers();
 	applyAuth(headers, endpoint, authDir);
-	const configuredHeaderNames = endpoint.auth.type === "headers" ? new Set(Object.keys(endpoint.auth.headers).map((key) => key.toLowerCase())) : /* @__PURE__ */ new Set();
+	const configuredHeaderNames = configuredAuthHeaderNames(endpoint);
+	for (const [key, value] of Object.entries(operation.staticHeaders ?? {})) if (!headers.has(key) && !configuredHeaderNames.has(key.toLowerCase())) headers.set(key, value);
 	for (const [key, value] of Object.entries(asRecord(args.header))) if (value !== void 0 && value !== null) {
 		const normalized = key.toLowerCase();
 		if (FORBIDDEN_ARGUMENT_HEADERS.has(normalized) || configuredHeaderNames.has(normalized)) throw new CapletsError("REQUEST_INVALID", `Header ${key} cannot be supplied by arguments`);
@@ -56631,6 +56664,9 @@ function asRecord(value) {
 function applyAuth(headers, endpoint, authDir) {
 	for (const [key, value] of Object.entries(authHeaders(endpoint, authDir))) headers.set(key, value);
 }
+function configuredAuthHeaderNames(endpoint) {
+	return endpoint.auth.type === "headers" ? new Set(Object.keys(endpoint.auth.headers).map((key) => key.toLowerCase())) : /* @__PURE__ */ new Set();
+}
 function authHeaders(endpoint, authDir) {
 	switch (endpoint.auth.type) {
 		case "none": return {};
@@ -57625,7 +57661,7 @@ var CapletsEngine = class {
 		}
 	}
 	async completeCliWords(words) {
-		const { completeCliWords } = await Promise.resolve().then(() => completion_dbB1hc97_exports).then((n) => n.r);
+		const { completeCliWords } = await Promise.resolve().then(() => completion_Cq1z7ci2_exports).then((n) => n.r);
 		return await completeCliWords(words, {
 			config: this.registry.config,
 			managers: {
@@ -57963,8 +57999,8 @@ function hasEnv$1(value) {
 	return value !== void 0 && value.trim() !== "";
 }
 //#endregion
-//#region ../core/dist/completion-dbB1hc97.js
-var completion_dbB1hc97_exports = /* @__PURE__ */ __exportAll$1({
+//#region ../core/dist/completion-Cq1z7ci2.js
+var completion_Cq1z7ci2_exports = /* @__PURE__ */ __exportAll$1({
 	a: () => formatCapletList,
 	c: () => resolveCliConfigPaths,
 	i: () => trailingSpaceCompletionToken,
@@ -58434,9 +58470,17 @@ async function completeCliWords(words, options = {}) {
 		if (normalized.length === 1) return prefixFilter([...topLevelCommandNames], current);
 		if (normalized.length === 2 && command in cliSubcommands) return prefixFilter(cliSubcommands[command], current);
 		if (normalized.length === 2 && capletIdCommands.has(command)) return prefixFilter(promptResourceCommands.has(command) ? configuredCapletIds(options, { backend: "mcp" }) : configuredCapletIds(options), current);
-		if (normalized.length === 2 && (qualifiedToolCommands.has(command) || qualifiedPromptCommands.has(command))) {
-			if (current.includes(".")) return prefixFilter((await discoverCompletionCandidates(current.slice(0, current.indexOf(".")), qualifiedToolCommands.has(command) ? "tools" : "prompts", discoveryOptions(options))).map((candidate) => candidate.value), current);
-			return prefixFilter(configuredCapletIds(options, qualifiedPromptCommands.has(command) ? { backend: "mcp" } : void 0).map((id) => `${id}.`), current);
+		if (qualifiedToolCommands.has(command) || qualifiedPromptCommands.has(command)) {
+			const kind = qualifiedToolCommands.has(command) ? "tools" : "prompts";
+			const idFilter = qualifiedPromptCommands.has(command) ? { backend: "mcp" } : void 0;
+			if (normalized.length === 2) {
+				if (current.includes(".")) return prefixFilter((await discoverCompletionCandidates(current.slice(0, current.indexOf(".")), kind, discoveryOptions(options))).map((candidate) => candidate.value), current);
+				return prefixFilter(configuredCapletIds(options, idFilter), current);
+			}
+			if (normalized.length === 3 && subcommand && !subcommand.includes(".")) {
+				if (current.startsWith("-")) return [];
+				return prefixFilter((await discoverCompletionCandidates(subcommand, kind, discoveryOptions(options))).map((candidate) => candidate.value.replace(`${subcommand}.`, "")), current);
+			}
 		}
 		if (command === cliCommands.readResource && normalized.length === 3) return prefixFilter((await discoverCompletionCandidates(subcommand, "resources", discoveryOptions(options))).map((candidate) => candidate.value), current);
 		if (command === cliCommands.auth && ["login", "logout"].includes(subcommand) && normalized.length === 3) return prefixFilter(configuredCapletIds(options), current);
@@ -59819,7 +59863,7 @@ const EMPTY_COMPLETION_RESULT = { completion: {
 	values: [],
 	hasMore: false
 } };
-var version$1 = "0.18.1";
+var version$1 = "0.18.3";
 var CapletsMcpSession = class {
 	engine;
 	server;
@@ -63618,12 +63662,14 @@ function rejectCrossKindDestinationCollision(plan, destinationRoot) {
 function installPlan(caplet, options) {
 	const isDirectory = basename(caplet.path) === "CAPLET.md";
 	const sourcePath = isDirectory ? dirname(caplet.path) : caplet.path;
+	const sourceBoundary = dirname(sourcePath);
 	const sourcePathRelative = relative(options.repoRoot, sourcePath);
 	const destination = isDirectory ? join(options.destinationRoot, caplet.id) : join(options.destinationRoot, `${caplet.id}.md`);
 	return {
 		id: caplet.id,
 		source: `${options.sourceId}#${sourcePathRelative}`,
 		sourcePath,
+		sourceBoundary,
 		destination,
 		kind: isDirectory ? "directory" : "file"
 	};
@@ -63685,16 +63731,40 @@ function removeInstallPath(path, label, force) {
 }
 function copyInstallPath(plan) {
 	try {
+		if (plan.kind === "directory") {
+			copyDirectoryCaplet(plan.sourcePath, plan.destination, realpathSync(plan.sourceBoundary));
+			return;
+		}
 		cpSync(plan.sourcePath, plan.destination, {
-			recursive: plan.kind === "directory",
+			recursive: false,
 			force: false,
 			errorOnExist: true
 		});
 	} catch (error) {
+		if (error instanceof CapletsError) throw error;
 		if (isFsError(error, "EEXIST") || isFsError(error, "EISDIR")) throw new CapletsError("CONFIG_EXISTS", `Caplet ${plan.id} already exists at ${plan.destination}; pass --force to overwrite it`, toSafeError(error));
 		throw new CapletsError("CONFIG_INVALID", `Could not install Caplet ${plan.id} to ${plan.destination}`, toSafeError(error));
 	}
 }
+function copyDirectoryCaplet(source, destination, sourceBoundary, seenDirectories = /* @__PURE__ */ new Set()) {
+	const resolvedSource = lstatSync(source).isSymbolicLink() ? resolveDirectoryCapletSymlink(source, sourceBoundary) : source;
+	if (statSync(resolvedSource).isDirectory()) {
+		const realDirectory = realpathSync(resolvedSource);
+		if (seenDirectories.has(realDirectory)) throw new CapletsError("CONFIG_INVALID", `Directory Caplet symlink ${source} creates a copy cycle`);
+		const childSeenDirectories = new Set(seenDirectories);
+		childSeenDirectories.add(realDirectory);
+		mkdirSync(destination);
+		for (const entry of readdirSync(resolvedSource)) copyDirectoryCaplet(join(resolvedSource, entry), join(destination, entry), sourceBoundary, childSeenDirectories);
+		return;
+	}
+	copyFileSync(resolvedSource, destination);
+}
+function resolveDirectoryCapletSymlink(source, sourceBoundary) {
+	const target = readlinkSync(source);
+	const resolvedTarget = realpathSync(isAbsolute(target) ? target : resolve(dirname(source), target));
+	if (resolvedTarget !== sourceBoundary && !resolvedTarget.startsWith(`${sourceBoundary}${sep}`)) throw new CapletsError("CONFIG_INVALID", `Directory Caplet symlink ${source} resolves outside source Caplets boundary`);
+	return resolvedTarget;
+}
 function isFsError(error, code) {
 	return typeof error === "object" && error !== null && "code" in error && error.code === code;
 }
@@ -67491,7 +67561,7 @@ function createHttpServeApp(options, engine, io = {}) {
 				}
 			});
 		}
-		return c.json(await dispatchRemoteCliRequest(request, controlContext(io, writeErr, authFlowStore, c.req.url, paths.control, options.trustProxy, (name) => c.req.header(name))));
+		return c.json(await dispatchRemoteCliRequest(request, controlContext(io, writeErr, authFlowStore, c.req.url, paths.control, options.publicOrigin, options.trustProxy, (name) => c.req.header(name))));
 	});
 	app.get(routePath(paths.control, "auth/callback/:flowId"), async (c) => {
 		const flowId = c.req.param("flowId");
@@ -67501,7 +67571,7 @@ function createHttpServeApp(options, engine, io = {}) {
 				flowId,
 				callbackUrl: c.req.url
 			}
-		}, controlContext(io, writeErr, authFlowStore, c.req.url, paths.control, options.trustProxy, (name) => c.req.header(name)));
+		}, controlContext(io, writeErr, authFlowStore, c.req.url, paths.control, options.publicOrigin, options.trustProxy, (name) => c.req.header(name)));
 		if (!result.ok) writeErr(`Caplets authentication failed for flow ${flowId}: ${result.error.message}\n`);
 		return result.ok ? c.text("Caplets authentication complete. You can return to your terminal.") : c.text("Caplets authentication failed. Check server logs for details.", 400);
 	});
@@ -67515,12 +67585,12 @@ function createHttpServeApp(options, engine, io = {}) {
 	if (options.warnUnauthenticatedNetwork) writeErr(`Warning: Caplets MCP HTTP server is listening on ${options.host} without authentication.\n`);
 	return app;
 }
-function controlContext(io, writeErr, authFlowStore, requestUrl, controlPath, trustProxy, header) {
+function controlContext(io, writeErr, authFlowStore, requestUrl, controlPath, publicOrigin, trustProxy, header) {
 	return {
 		...io.control,
 		projectCapletsRoot: io.control?.projectCapletsRoot ?? resolveProjectCapletsRoot(),
 		authFlowStore,
-		controlCallbackBaseUrl: new URL(controlPath, publicRequestOrigin(requestUrl, trustProxy, header)).toString(),
+		controlCallbackBaseUrl: new URL(controlPath, publicOrigin ?? publicRequestOrigin(requestUrl, trustProxy, header)).toString(),
 		writeErr
 	};
 }
@@ -67685,6 +67755,7 @@ function resolveServeOptions(raw, env = process.env) {
 		host,
 		port,
 		path,
+		...serverUrl ? { publicOrigin: serverUrl.origin } : {},
 		auth,
 		warnUnauthenticatedNetwork: !loopback && !auth.enabled,
 		loopback,
@@ -67874,9 +67945,12 @@ function createProgram(io = {}) {
 			suggestions = remote ? await remote.request("complete_cli", {
 				shell,
 				words: completionWords
-			}) : await completeCliWords(completionWords, configPath ? { configPath } : {});
+			}) : await completeCliWordsLocally(completionWords, {
+				...configPath ? { configPath } : {},
+				...io.authDir ? { authDir: io.authDir } : {}
+			});
 		} catch {
-			suggestions = [];
+			suggestions = remote ? [] : await completeCliWords(completionWords, configPath ? { configPath } : {});
 		}
 		if (suggestions.length > 0) writeOut(`${suggestions.join("\n")}\n`);
 	});
@@ -68070,8 +68144,8 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.getTool).description("Print one downstream tool schema.").argument("<caplet.tool>", "qualified target, split on the first dot").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (target, options) => {
-		const { caplet, tool } = parseQualifiedTarget(target);
+	program.command(cliCommands.getTool).description("Print one downstream tool schema.").argument("<caplet-or-target>", "Caplet ID or qualified <caplet.tool> target").argument("[tool]", "downstream tool name when caplet is provided separately").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, toolArgument, options) => {
+		const { caplet, tool } = parseQualifiedTarget(capletOrTarget, toolArgument);
 		await executeOperation(caplet, {
 			operation: "get_tool",
 			tool
@@ -68085,8 +68159,8 @@ function createProgram(io = {}) {
 			format: options.format
 		});
 	});
-	program.command(cliCommands.callTool).description("Call one downstream tool.").argument("<caplet.tool>", "qualified target, split on the first dot").option("--args <json-object>", "JSON object of downstream tool arguments").option("--field <path>", "project a field from structured output", collect, []).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (target, options) => {
-		const { caplet, tool } = parseQualifiedTarget(target);
+	program.command(cliCommands.callTool).description("Call one downstream tool.").argument("<caplet-or-target>", "Caplet ID or qualified <caplet.tool> target").argument("[tool]", "downstream tool name when caplet is provided separately").option("--args <json-object>", "JSON object of downstream tool arguments").option("--field <path>", "project a field from structured output", collect, []).option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, toolArgument, options) => {
+		const { caplet, tool } = parseQualifiedTarget(capletOrTarget, toolArgument);
 		await executeOperation(caplet, {
 			operation: "call_tool",
 			tool,
@@ -68182,8 +68256,8 @@ function createProgram(io = {}) {
 		remote: remoteClientForCli(io),
 		format: options.format
 	}));
-	program.command(cliCommands.getPrompt).description("Get one MCP prompt by name.").argument("<caplet.prompt>", "qualified target, split on the first dot").option("--args <json-object>", "JSON object of prompt arguments").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (target, options) => {
-		const { caplet, tool: prompt } = parseQualifiedTarget(target);
+	program.command(cliCommands.getPrompt).description("Get one MCP prompt by name.").argument("<caplet-or-target>", "MCP Caplet ID or qualified <caplet.prompt> target").argument("[prompt]", "prompt name when caplet is provided separately").option("--args <json-object>", "JSON object of prompt arguments").option("--format <format>", "output format: markdown, md, plain, or json", parseOutputFormat).action(async (capletOrTarget, promptArgument, options) => {
+		const { caplet, tool: prompt } = parseQualifiedTarget(capletOrTarget, promptArgument);
 		await executeOperation(caplet, {
 			operation: "get_prompt",
 			prompt,
@@ -68348,14 +68422,33 @@ function parseOutputFormat(value) {
 		default: throw new CapletsError("REQUEST_INVALID", `Expected output format markdown, md, plain, or json; got ${value}`);
 	}
 }
-function parseQualifiedTarget(target) {
-	const dot = target.indexOf(".");
-	if (dot <= 0 || dot === target.length - 1) throw new CapletsError("REQUEST_INVALID", "Expected qualified target in the form <caplet>.<tool>");
+function parseQualifiedTarget(capletOrTarget, toolArgument) {
+	if (toolArgument !== void 0) {
+		if (capletOrTarget.length === 0 || toolArgument.length === 0) throw new CapletsError("REQUEST_INVALID", "Expected target in the form <caplet> <tool> or <caplet>.<tool>");
+		return {
+			caplet: capletOrTarget,
+			tool: toolArgument
+		};
+	}
+	const dot = capletOrTarget.indexOf(".");
+	if (dot <= 0 || dot === capletOrTarget.length - 1) throw new CapletsError("REQUEST_INVALID", "Expected target in the form <caplet> <tool> or <caplet>.<tool>");
 	return {
-		caplet: target.slice(0, dot),
-		tool: target.slice(dot + 1)
+		caplet: capletOrTarget.slice(0, dot),
+		tool: capletOrTarget.slice(dot + 1)
 	};
 }
+async function completeCliWordsLocally(words, options) {
+	const engine = new CapletsEngine({
+		...options.configPath ? { configPath: options.configPath } : {},
+		...options.authDir ? { authDir: options.authDir } : {},
+		watch: false
+	});
+	try {
+		return await engine.completeCliWords(words);
+	} finally {
+		await engine.close();
+	}
+}
 function parseCallToolArgs(value) {
 	if (value === void 0) return {};
 	let parsed;
@@ -68780,7 +68873,7 @@ function writeAddResult(writeOut, label, result) {
 }
 //#endregion
 //#region package.json
-var version = "0.17.1";
+var version = "0.17.3";
 //#endregion
 //#region src/index.ts
 async function main() {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "caplets",
-  "version": "0.17.1",
+  "version": "0.17.3",
   "description": "Progressive disclosure gateway CLI for MCP servers and native Caplets adapters.",
   "keywords": [
     "caplets",
@@ -34,7 +34,7 @@
   },
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.29.0",
-    "@caplets/core": "0.18.1"
+    "@caplets/core": "0.18.3"
   },
   "devDependencies": {
     "@types/node": "^25.9.1",