claudish 7.5.0 → 7.6.0

package/dist/index.js

@@ -460,6 +460,3239 @@ var require_main = __commonJS((exports, module) => {
   module.exports = DotenvModule;
 });
 
+// src/profile-config.ts
+var exports_profile_config = {};
+__export(exports_profile_config, {
+  setProfile: () => setProfile,
+  setEndpoint: () => setEndpoint,
+  setDefaultProfile: () => setDefaultProfile,
+  setApiKey: () => setApiKey,
+  saveLocalConfig: () => saveLocalConfig,
+  saveConfig: () => saveConfig,
+  removeEndpoint: () => removeEndpoint,
+  removeApiKey: () => removeApiKey,
+  localConfigExists: () => localConfigExists,
+  loadLocalConfig: () => loadLocalConfig,
+  loadConfig: () => loadConfig,
+  listProfiles: () => listProfiles,
+  listAllProfiles: () => listAllProfiles,
+  isProjectDirectory: () => isProjectDirectory,
+  isLocalProviderEnabled: () => isLocalProviderEnabled,
+  getProfileNames: () => getProfileNames,
+  getProfile: () => getProfile,
+  getModelMapping: () => getModelMapping,
+  getLocalConfigPath: () => getLocalConfigPath,
+  getEndpoint: () => getEndpoint,
+  getDefaultProfile: () => getDefaultProfile,
+  getConfigPathForScope: () => getConfigPathForScope,
+  getConfigPath: () => getConfigPath,
+  getApiKey: () => getApiKey,
+  enableLocalProvider: () => enableLocalProvider,
+  disableLocalProvider: () => disableLocalProvider,
+  deleteProfile: () => deleteProfile,
+  createProfile: () => createProfile,
+  configExistsForScope: () => configExistsForScope,
+  configExists: () => configExists
+});
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "fs";
+import { homedir } from "os";
+import { dirname, join, parse } from "path";
+function ensureConfigDir() {
+  if (!existsSync(CONFIG_DIR)) {
+    mkdirSync(CONFIG_DIR, { recursive: true });
+  }
+}
+function loadConfig() {
+  ensureConfigDir();
+  if (!existsSync(CONFIG_FILE)) {
+    return { ...DEFAULT_CONFIG };
+  }
+  try {
+    const content = readFileSync(CONFIG_FILE, "utf-8");
+    const config = JSON.parse(content);
+    const merged = {
+      version: config.version || DEFAULT_CONFIG.version,
+      defaultProfile: config.defaultProfile || DEFAULT_CONFIG.defaultProfile,
+      profiles: config.profiles || DEFAULT_CONFIG.profiles
+    };
+    if (config.telemetry !== undefined) {
+      merged.telemetry = config.telemetry;
+    }
+    if (config.stats !== undefined) {
+      merged.stats = config.stats;
+    }
+    if (config.routing !== undefined) {
+      merged.routing = config.routing;
+    }
+    if (config.apiKeys !== undefined) {
+      merged.apiKeys = config.apiKeys;
+    }
+    if (config.endpoints !== undefined) {
+      merged.endpoints = config.endpoints;
+    }
+    if (config.onepassword !== undefined) {
+      merged.onepassword = config.onepassword;
+    }
+    if (config.onepasswordAccount !== undefined) {
+      merged.onepasswordAccount = config.onepasswordAccount;
+    }
+    if (config.localProviders !== undefined) {
+      merged.localProviders = Array.from(new Set(config.localProviders)).sort();
+    }
+    if (config.autoApproveConfirmedAt !== undefined) {
+      merged.autoApproveConfirmedAt = config.autoApproveConfirmedAt;
+    }
+    if (config.defaultProvider !== undefined) {
+      merged.defaultProvider = config.defaultProvider;
+    }
+    if (config.customEndpoints !== undefined) {
+      merged.customEndpoints = config.customEndpoints;
+    }
+    return merged;
+  } catch (error) {
+    console.error(`Warning: Failed to load config, using defaults: ${error}`);
+    return { ...DEFAULT_CONFIG };
+  }
+}
+function saveConfig(config) {
+  ensureConfigDir();
+  writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2), "utf-8");
+}
+function configExists() {
+  return existsSync(CONFIG_FILE);
+}
+function getConfigPath() {
+  return CONFIG_FILE;
+}
+function getLocalConfigPath() {
+  const home = homedir();
+  let dir = process.cwd();
+  const root = parse(dir).root;
+  while (dir !== root && dir !== home) {
+    const candidate = join(dir, LOCAL_CONFIG_FILENAME);
+    if (existsSync(candidate))
+      return candidate;
+    if (existsSync(join(dir, ".git"))) {
+      return candidate;
+    }
+    dir = dirname(dir);
+  }
+  return join(process.cwd(), LOCAL_CONFIG_FILENAME);
+}
+function localConfigExists() {
+  return existsSync(getLocalConfigPath());
+}
+function isProjectDirectory() {
+  const cwd = process.cwd();
+  return [".git", "package.json", "Cargo.toml", "go.mod", "pyproject.toml", ".claudish.json"].some((f) => existsSync(join(cwd, f)));
+}
+function loadLocalConfig() {
+  const localPath = getLocalConfigPath();
+  if (!existsSync(localPath)) {
+    return null;
+  }
+  try {
+    const content = readFileSync(localPath, "utf-8");
+    const config = JSON.parse(content);
+    return {
+      ...config,
+      version: config.version || DEFAULT_CONFIG.version,
+      defaultProfile: config.defaultProfile ?? "",
+      profiles: config.profiles ?? {}
+    };
+  } catch (error) {
+    console.error(`Warning: Failed to load local config: ${error}`);
+    return null;
+  }
+}
+function saveLocalConfig(config) {
+  const toWrite = { ...config };
+  if (toWrite.routing !== undefined && Object.keys(toWrite.routing).length === 0) {
+    delete toWrite.routing;
+  }
+  writeFileSync(getLocalConfigPath(), JSON.stringify(toWrite, null, 2), "utf-8");
+}
+function loadConfigForScope(scope) {
+  if (scope === "local") {
+    return loadLocalConfig() || { version: "1.0.0", defaultProfile: "", profiles: {} };
+  }
+  return loadConfig();
+}
+function saveConfigForScope(config, scope) {
+  if (scope === "local") {
+    saveLocalConfig(config);
+  } else {
+    saveConfig(config);
+  }
+}
+function configExistsForScope(scope) {
+  if (scope === "local") {
+    return localConfigExists();
+  }
+  return configExists();
+}
+function getConfigPathForScope(scope) {
+  if (scope === "local") {
+    return getLocalConfigPath();
+  }
+  return getConfigPath();
+}
+function getProfile(name, scope) {
+  if (scope === "local") {
+    const local2 = loadLocalConfig();
+    return local2?.profiles[name];
+  }
+  if (scope === "global") {
+    const config2 = loadConfig();
+    return config2.profiles[name];
+  }
+  const local = loadLocalConfig();
+  if (local?.profiles[name]) {
+    return local.profiles[name];
+  }
+  const config = loadConfig();
+  return config.profiles[name];
+}
+function getDefaultProfile(scope) {
+  if (scope === "local") {
+    const local2 = loadLocalConfig();
+    if (local2 && local2.defaultProfile && local2.profiles[local2.defaultProfile]) {
+      return local2.profiles[local2.defaultProfile];
+    }
+    return DEFAULT_CONFIG.profiles.default;
+  }
+  if (scope === "global") {
+    const config2 = loadConfig();
+    const profile2 = config2.profiles[config2.defaultProfile];
+    if (profile2)
+      return profile2;
+    const firstProfile2 = Object.values(config2.profiles)[0];
+    if (firstProfile2)
+      return firstProfile2;
+    return DEFAULT_CONFIG.profiles.default;
+  }
+  const local = loadLocalConfig();
+  if (local && local.defaultProfile) {
+    const profile2 = getProfile(local.defaultProfile);
+    if (profile2)
+      return profile2;
+  }
+  const config = loadConfig();
+  const profile = config.profiles[config.defaultProfile];
+  if (profile)
+    return profile;
+  const firstProfile = Object.values(config.profiles)[0];
+  if (firstProfile)
+    return firstProfile;
+  return DEFAULT_CONFIG.profiles.default;
+}
+function getProfileNames(scope) {
+  if (scope === "local") {
+    const local2 = loadLocalConfig();
+    return local2 ? Object.keys(local2.profiles) : [];
+  }
+  if (scope === "global") {
+    const config2 = loadConfig();
+    return Object.keys(config2.profiles);
+  }
+  const local = loadLocalConfig();
+  const config = loadConfig();
+  const names = new Set([
+    ...local ? Object.keys(local.profiles) : [],
+    ...Object.keys(config.profiles)
+  ]);
+  return [...names];
+}
+function setProfile(profile, scope = "global") {
+  const config = loadConfigForScope(scope);
+  const existingProfile = config.profiles[profile.name];
+  if (existingProfile) {
+    profile.createdAt = existingProfile.createdAt;
+  } else {
+    profile.createdAt = new Date().toISOString();
+  }
+  profile.updatedAt = new Date().toISOString();
+  config.profiles[profile.name] = profile;
+  saveConfigForScope(config, scope);
+}
+function deleteProfile(name, scope = "global") {
+  const config = loadConfigForScope(scope);
+  if (!config.profiles[name]) {
+    return false;
+  }
+  if (scope === "global") {
+    const profileCount = Object.keys(config.profiles).length;
+    if (profileCount <= 1) {
+      throw new Error("Cannot delete the last global profile");
+    }
+  }
+  delete config.profiles[name];
+  if (config.defaultProfile === name) {
+    const remaining = Object.keys(config.profiles);
+    config.defaultProfile = remaining.length > 0 ? remaining[0] : "";
+  }
+  saveConfigForScope(config, scope);
+  return true;
+}
+function setDefaultProfile(name, scope = "global") {
+  const config = loadConfigForScope(scope);
+  if (!config.profiles[name]) {
+    throw new Error(`Profile "${name}" does not exist in ${scope} config`);
+  }
+  config.defaultProfile = name;
+  saveConfigForScope(config, scope);
+}
+function getModelMapping(profileName) {
+  const profile = profileName ? getProfile(profileName) : getDefaultProfile();
+  if (!profile) {
+    return {};
+  }
+  return profile.models;
+}
+function createProfile(name, models, description, scope = "global") {
+  const now = new Date().toISOString();
+  const profile = {
+    name,
+    description,
+    models,
+    createdAt: now,
+    updatedAt: now
+  };
+  setProfile(profile, scope);
+  return profile;
+}
+function listProfiles() {
+  const config = loadConfig();
+  return Object.values(config.profiles).map((profile) => ({
+    ...profile,
+    isDefault: profile.name === config.defaultProfile
+  }));
+}
+function listAllProfiles() {
+  const globalConfig = loadConfig();
+  const localConfig = loadLocalConfig();
+  const result = [];
+  if (localConfig) {
+    for (const profile of Object.values(localConfig.profiles)) {
+      result.push({
+        ...profile,
+        scope: "local",
+        isDefault: profile.name === localConfig.defaultProfile
+      });
+    }
+  }
+  const localNames = localConfig ? new Set(Object.keys(localConfig.profiles)) : new Set;
+  for (const profile of Object.values(globalConfig.profiles)) {
+    result.push({
+      ...profile,
+      scope: "global",
+      isDefault: profile.name === globalConfig.defaultProfile,
+      shadowed: localNames.has(profile.name)
+    });
+  }
+  return result;
+}
+function getApiKey(envVar) {
+  const config = loadConfig();
+  return config.apiKeys?.[envVar];
+}
+function setApiKey(envVar, value) {
+  const config = loadConfig();
+  if (!config.apiKeys)
+    config.apiKeys = {};
+  config.apiKeys[envVar] = value;
+  saveConfig(config);
+}
+function removeApiKey(envVar) {
+  const config = loadConfig();
+  if (config.apiKeys) {
+    delete config.apiKeys[envVar];
+    saveConfig(config);
+  }
+}
+function getEndpoint(name) {
+  const config = loadConfig();
+  return config.endpoints?.[name];
+}
+function setEndpoint(name, value) {
+  const config = loadConfig();
+  if (!config.endpoints)
+    config.endpoints = {};
+  config.endpoints[name] = value;
+  saveConfig(config);
+}
+function removeEndpoint(name) {
+  const config = loadConfig();
+  if (config.endpoints) {
+    delete config.endpoints[name];
+    saveConfig(config);
+  }
+}
+function isLocalProviderEnabled(providerName, config = loadConfig()) {
+  return (config.localProviders ?? []).includes(providerName);
+}
+function enableLocalProvider(providerName) {
+  const config = loadConfig();
+  const providers = new Set(config.localProviders ?? []);
+  providers.add(providerName);
+  config.localProviders = Array.from(providers).sort();
+  saveConfig(config);
+}
+function disableLocalProvider(providerName) {
+  const config = loadConfig();
+  const providers = new Set(config.localProviders ?? []);
+  providers.delete(providerName);
+  if (providers.size > 0) {
+    config.localProviders = Array.from(providers).sort();
+  } else {
+    delete config.localProviders;
+  }
+  saveConfig(config);
+}
+var CONFIG_DIR, CONFIG_FILE, LOCAL_CONFIG_FILENAME = ".claudish.json", DEFAULT_CONFIG;
+var init_profile_config = __esm(() => {
+  CONFIG_DIR = join(homedir(), ".claudish");
+  CONFIG_FILE = join(CONFIG_DIR, "config.json");
+  DEFAULT_CONFIG = {
+    version: "1.0.0",
+    defaultProfile: "default",
+    profiles: {
+      default: {
+        name: "default",
+        description: "Default profile - shows model selector when no model specified",
+        models: {},
+        createdAt: new Date().toISOString(),
+        updatedAt: new Date().toISOString()
+      }
+    }
+  };
+});
+
+// src/version.ts
+var VERSION = "7.6.0";
+
+// ../../node_modules/.bun/@1password+sdk-core@0.4.1-beta.1/node_modules/@1password/sdk-core/nodejs/core.js
+var require_core = __commonJS((exports, module) => {
+  var __dirname = "/home/runner/work/claudish/claudish/node_modules/.bun/@1password+sdk-core@0.4.1-beta.1/node_modules/@1password/sdk-core/nodejs";
+  var imports = {};
+  imports["__wbindgen_placeholder__"] = exports;
+  var wasm;
+  var { TextDecoder: TextDecoder2, TextEncoder: TextEncoder2 } = __require("util");
+  var cachedTextDecoder = new TextDecoder2("utf-8", { ignoreBOM: true, fatal: true });
+  cachedTextDecoder.decode();
+  var cachedUint8ArrayMemory0 = null;
+  function getUint8ArrayMemory0() {
+    if (cachedUint8ArrayMemory0 === null || cachedUint8ArrayMemory0.byteLength === 0) {
+      cachedUint8ArrayMemory0 = new Uint8Array(wasm.memory.buffer);
+    }
+    return cachedUint8ArrayMemory0;
+  }
+  function getStringFromWasm0(ptr, len) {
+    ptr = ptr >>> 0;
+    return cachedTextDecoder.decode(getUint8ArrayMemory0().subarray(ptr, ptr + len));
+  }
+  function addToExternrefTable0(obj) {
+    const idx = wasm.__externref_table_alloc();
+    wasm.__wbindgen_export_2.set(idx, obj);
+    return idx;
+  }
+  function handleError(f, args) {
+    try {
+      return f.apply(this, args);
+    } catch (e) {
+      const idx = addToExternrefTable0(e);
+      wasm.__wbindgen_exn_store(idx);
+    }
+  }
+  function isLikeNone(x) {
+    return x === undefined || x === null;
+  }
+  var WASM_VECTOR_LEN = 0;
+  var cachedTextEncoder = new TextEncoder2("utf-8");
+  var encodeString = typeof cachedTextEncoder.encodeInto === "function" ? function(arg, view) {
+    return cachedTextEncoder.encodeInto(arg, view);
+  } : function(arg, view) {
+    const buf = cachedTextEncoder.encode(arg);
+    view.set(buf);
+    return {
+      read: arg.length,
+      written: buf.length
+    };
+  };
+  function passStringToWasm0(arg, malloc, realloc) {
+    if (realloc === undefined) {
+      const buf = cachedTextEncoder.encode(arg);
+      const ptr2 = malloc(buf.length, 1) >>> 0;
+      getUint8ArrayMemory0().subarray(ptr2, ptr2 + buf.length).set(buf);
+      WASM_VECTOR_LEN = buf.length;
+      return ptr2;
+    }
+    let len = arg.length;
+    let ptr = malloc(len, 1) >>> 0;
+    const mem = getUint8ArrayMemory0();
+    let offset = 0;
+    for (;offset < len; offset++) {
+      const code = arg.charCodeAt(offset);
+      if (code > 127)
+        break;
+      mem[ptr + offset] = code;
+    }
+    if (offset !== len) {
+      if (offset !== 0) {
+        arg = arg.slice(offset);
+      }
+      ptr = realloc(ptr, len, len = offset + arg.length * 3, 1) >>> 0;
+      const view = getUint8ArrayMemory0().subarray(ptr + offset, ptr + len);
+      const ret = encodeString(arg, view);
+      offset += ret.written;
+      ptr = realloc(ptr, len, offset, 1) >>> 0;
+    }
+    WASM_VECTOR_LEN = offset;
+    return ptr;
+  }
+  var cachedDataViewMemory0 = null;
+  function getDataViewMemory0() {
+    if (cachedDataViewMemory0 === null || cachedDataViewMemory0.buffer.detached === true || cachedDataViewMemory0.buffer.detached === undefined && cachedDataViewMemory0.buffer !== wasm.memory.buffer) {
+      cachedDataViewMemory0 = new DataView(wasm.memory.buffer);
+    }
+    return cachedDataViewMemory0;
+  }
+  var CLOSURE_DTORS = typeof FinalizationRegistry === "undefined" ? { register: () => {}, unregister: () => {} } : new FinalizationRegistry((state) => {
+    wasm.__wbindgen_export_5.get(state.dtor)(state.a, state.b);
+  });
+  function makeMutClosure(arg0, arg1, dtor, f) {
+    const state = { a: arg0, b: arg1, cnt: 1, dtor };
+    const real = (...args) => {
+      state.cnt++;
+      const a = state.a;
+      state.a = 0;
+      try {
+        return f(a, state.b, ...args);
+      } finally {
+        if (--state.cnt === 0) {
+          wasm.__wbindgen_export_5.get(state.dtor)(a, state.b);
+          CLOSURE_DTORS.unregister(state);
+        } else {
+          state.a = a;
+        }
+      }
+    };
+    real.original = state;
+    CLOSURE_DTORS.register(real, state, state);
+    return real;
+  }
+  function debugString(val) {
+    const type = typeof val;
+    if (type == "number" || type == "boolean" || val == null) {
+      return `${val}`;
+    }
+    if (type == "string") {
+      return `"${val}"`;
+    }
+    if (type == "symbol") {
+      const description = val.description;
+      if (description == null) {
+        return "Symbol";
+      } else {
+        return `Symbol(${description})`;
+      }
+    }
+    if (type == "function") {
+      const name = val.name;
+      if (typeof name == "string" && name.length > 0) {
+        return `Function(${name})`;
+      } else {
+        return "Function";
+      }
+    }
+    if (Array.isArray(val)) {
+      const length = val.length;
+      let debug = "[";
+      if (length > 0) {
+        debug += debugString(val[0]);
+      }
+      for (let i = 1;i < length; i++) {
+        debug += ", " + debugString(val[i]);
+      }
+      debug += "]";
+      return debug;
+    }
+    const builtInMatches = /\[object ([^\]]+)\]/.exec(toString.call(val));
+    let className;
+    if (builtInMatches && builtInMatches.length > 1) {
+      className = builtInMatches[1];
+    } else {
+      return toString.call(val);
+    }
+    if (className == "Object") {
+      try {
+        return "Object(" + JSON.stringify(val) + ")";
+      } catch (_) {
+        return "Object";
+      }
+    }
+    if (val instanceof Error) {
+      return `${val.name}: ${val.message}
+${val.stack}`;
+    }
+    return className;
+  }
+  exports.invoke = function(parameters) {
+    const ptr0 = passStringToWasm0(parameters, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
+    const len0 = WASM_VECTOR_LEN;
+    const ret = wasm.invoke(ptr0, len0);
+    return ret;
+  };
+  exports.init_client = function(config) {
+    const ptr0 = passStringToWasm0(config, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
+    const len0 = WASM_VECTOR_LEN;
+    const ret = wasm.init_client(ptr0, len0);
+    return ret;
+  };
+  function takeFromExternrefTable0(idx) {
+    const value = wasm.__wbindgen_export_2.get(idx);
+    wasm.__externref_table_dealloc(idx);
+    return value;
+  }
+  exports.release_client = function(client_id) {
+    const ptr0 = passStringToWasm0(client_id, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
+    const len0 = WASM_VECTOR_LEN;
+    const ret = wasm.release_client(ptr0, len0);
+    if (ret[1]) {
+      throw takeFromExternrefTable0(ret[0]);
+    }
+  };
+  exports.invoke_sync = function(parameters) {
+    let deferred3_0;
+    let deferred3_1;
+    try {
+      const ptr0 = passStringToWasm0(parameters, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
+      const len0 = WASM_VECTOR_LEN;
+      const ret = wasm.invoke_sync(ptr0, len0);
+      var ptr2 = ret[0];
+      var len2 = ret[1];
+      if (ret[3]) {
+        ptr2 = 0;
+        len2 = 0;
+        throw takeFromExternrefTable0(ret[2]);
+      }
+      deferred3_0 = ptr2;
+      deferred3_1 = len2;
+      return getStringFromWasm0(ptr2, len2);
+    } finally {
+      wasm.__wbindgen_free(deferred3_0, deferred3_1, 1);
+    }
+  };
+  function __wbg_adapter_30(arg0, arg1) {
+    wasm._dyn_core__ops__function__FnMut_____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hb15e53e0e5133441(arg0, arg1);
+  }
+  function __wbg_adapter_33(arg0, arg1, arg2) {
+    wasm.closure2417_externref_shim(arg0, arg1, arg2);
+  }
+  function __wbg_adapter_144(arg0, arg1, arg2, arg3) {
+    wasm.closure2568_externref_shim(arg0, arg1, arg2, arg3);
+  }
+  var __wbindgen_enum_RequestCache = ["default", "no-store", "reload", "no-cache", "force-cache", "only-if-cached"];
+  var __wbindgen_enum_RequestCredentials = ["omit", "same-origin", "include"];
+  var __wbindgen_enum_RequestMode = ["same-origin", "no-cors", "cors", "navigate"];
+  exports.__wbg_abort_410ec47a64ac6117 = function(arg0, arg1) {
+    arg0.abort(arg1);
+  };
+  exports.__wbg_abort_775ef1d17fc65868 = function(arg0) {
+    arg0.abort();
+  };
+  exports.__wbg_append_8c7dd8d641a5f01b = function() {
+    return handleError(function(arg0, arg1, arg2, arg3, arg4) {
+      arg0.append(getStringFromWasm0(arg1, arg2), getStringFromWasm0(arg3, arg4));
+    }, arguments);
+  };
+  exports.__wbg_arrayBuffer_d1b44c4390db422f = function() {
+    return handleError(function(arg0) {
+      const ret = arg0.arrayBuffer();
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_buffer_609cc3eee51ed158 = function(arg0) {
+    const ret = arg0.buffer;
+    return ret;
+  };
+  exports.__wbg_call_672a4d21634d4a24 = function() {
+    return handleError(function(arg0, arg1) {
+      const ret = arg0.call(arg1);
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_call_7cccdd69e0791ae2 = function() {
+    return handleError(function(arg0, arg1, arg2) {
+      const ret = arg0.call(arg1, arg2);
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_clearTimeout_42d9ccd50822fd3a = function(arg0) {
+    const ret = clearTimeout(arg0);
+    return ret;
+  };
+  exports.__wbg_crypto_86f2631e91b51511 = function(arg0) {
+    const ret = arg0.crypto;
+    return ret;
+  };
+  exports.__wbg_done_769e5ede4b31c67b = function(arg0) {
+    const ret = arg0.done;
+    return ret;
+  };
+  exports.__wbg_fetch_509096533071c657 = function(arg0, arg1) {
+    const ret = arg0.fetch(arg1);
+    return ret;
+  };
+  exports.__wbg_fetch_6bbc32f991730587 = function(arg0) {
+    const ret = fetch(arg0);
+    return ret;
+  };
+  exports.__wbg_getFullYear_17d3c9e4db748eb7 = function(arg0) {
+    const ret = arg0.getFullYear();
+    return ret;
+  };
+  exports.__wbg_getRandomValues_b3f15fcbfabb0f8b = function() {
+    return handleError(function(arg0, arg1) {
+      arg0.getRandomValues(arg1);
+    }, arguments);
+  };
+  exports.__wbg_getTimezoneOffset_6b5752021c499c47 = function(arg0) {
+    const ret = arg0.getTimezoneOffset();
+    return ret;
+  };
+  exports.__wbg_get_67b2ba62fc30de12 = function() {
+    return handleError(function(arg0, arg1) {
+      const ret = Reflect.get(arg0, arg1);
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_has_a5ea9117f258a0ec = function() {
+    return handleError(function(arg0, arg1) {
+      const ret = Reflect.has(arg0, arg1);
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_headers_9cb51cfd2ac780a4 = function(arg0) {
+    const ret = arg0.headers;
+    return ret;
+  };
+  exports.__wbg_instanceof_Response_f2cc20d9f7dfd644 = function(arg0) {
+    let result;
+    try {
+      result = arg0 instanceof Response;
+    } catch (_) {
+      result = false;
+    }
+    const ret = result;
+    return ret;
+  };
+  exports.__wbg_instanceof_Window_def73ea0955fc569 = function(arg0) {
+    let result;
+    try {
+      result = arg0 instanceof Window;
+    } catch (_) {
+      result = false;
+    }
+    const ret = result;
+    return ret;
+  };
+  exports.__wbg_instanceof_WorkerGlobalScope_dbdbdea7e3b56493 = function(arg0) {
+    let result;
+    try {
+      result = arg0 instanceof WorkerGlobalScope;
+    } catch (_) {
+      result = false;
+    }
+    const ret = result;
+    return ret;
+  };
+  exports.__wbg_iterator_9a24c88df860dc65 = function() {
+    const ret = Symbol.iterator;
+    return ret;
+  };
+  exports.__wbg_languages_2420955220685766 = function(arg0) {
+    const ret = arg0.languages;
+    return ret;
+  };
+  exports.__wbg_languages_d8dad509faf757df = function(arg0) {
+    const ret = arg0.languages;
+    return ret;
+  };
+  exports.__wbg_length_a446193dc22c12f8 = function(arg0) {
+    const ret = arg0.length;
+    return ret;
+  };
+  exports.__wbg_msCrypto_d562bbe83e0d4b91 = function(arg0) {
+    const ret = arg0.msCrypto;
+    return ret;
+  };
+  exports.__wbg_navigator_0a9bf1120e24fec2 = function(arg0) {
+    const ret = arg0.navigator;
+    return ret;
+  };
+  exports.__wbg_navigator_1577371c070c8947 = function(arg0) {
+    const ret = arg0.navigator;
+    return ret;
+  };
+  exports.__wbg_new0_f788a2397c7ca929 = function() {
+    const ret = new Date;
+    return ret;
+  };
+  exports.__wbg_new_018dcc2d6c8c2f6a = function() {
+    return handleError(function() {
+      const ret = new Headers;
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_new_23a2665fac83c611 = function(arg0, arg1) {
+    try {
+      var state0 = { a: arg0, b: arg1 };
+      var cb0 = (arg02, arg12) => {
+        const a = state0.a;
+        state0.a = 0;
+        try {
+          return __wbg_adapter_144(a, state0.b, arg02, arg12);
+        } finally {
+          state0.a = a;
+        }
+      };
+      const ret = new Promise(cb0);
+      return ret;
+    } finally {
+      state0.a = state0.b = 0;
+    }
+  };
+  exports.__wbg_new_31a97dac4f10fab7 = function(arg0) {
+    const ret = new Date(arg0);
+    return ret;
+  };
+  exports.__wbg_new_405e22f390576ce2 = function() {
+    const ret = new Object;
+    return ret;
+  };
+  exports.__wbg_new_a12002a7f91c75be = function(arg0) {
+    const ret = new Uint8Array(arg0);
+    return ret;
+  };
+  exports.__wbg_new_e25e5aab09ff45db = function() {
+    return handleError(function() {
+      const ret = new AbortController;
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_newnoargs_105ed471475aaf50 = function(arg0, arg1) {
+    const ret = new Function(getStringFromWasm0(arg0, arg1));
+    return ret;
+  };
+  exports.__wbg_newwithbyteoffsetandlength_d97e637ebe145a9a = function(arg0, arg1, arg2) {
+    const ret = new Uint8Array(arg0, arg1 >>> 0, arg2 >>> 0);
+    return ret;
+  };
+  exports.__wbg_newwithlength_a381634e90c276d4 = function(arg0) {
+    const ret = new Uint8Array(arg0 >>> 0);
+    return ret;
+  };
+  exports.__wbg_newwithstrandinit_06c535e0a867c635 = function() {
+    return handleError(function(arg0, arg1, arg2) {
+      const ret = new Request(getStringFromWasm0(arg0, arg1), arg2);
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_next_25feadfc0913fea9 = function(arg0) {
+    const ret = arg0.next;
+    return ret;
+  };
+  exports.__wbg_next_6574e1a8a62d1055 = function() {
+    return handleError(function(arg0) {
+      const ret = arg0.next();
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_node_e1f24f89a7336c2e = function(arg0) {
+    const ret = arg0.node;
+    return ret;
+  };
+  exports.__wbg_now_807e54c39636c349 = function() {
+    const ret = Date.now();
+    return ret;
+  };
+  exports.__wbg_now_d18023d54d4e5500 = function(arg0) {
+    const ret = arg0.now();
+    return ret;
+  };
+  exports.__wbg_parse_def2e24ef1252aff = function() {
+    return handleError(function(arg0, arg1) {
+      const ret = JSON.parse(getStringFromWasm0(arg0, arg1));
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_process_3975fd6c72f520aa = function(arg0) {
+    const ret = arg0.process;
+    return ret;
+  };
+  exports.__wbg_queueMicrotask_97d92b4fcc8a61c5 = function(arg0) {
+    queueMicrotask(arg0);
+  };
+  exports.__wbg_queueMicrotask_d3219def82552485 = function(arg0) {
+    const ret = arg0.queueMicrotask;
+    return ret;
+  };
+  exports.__wbg_randomFillSync_f8c153b79f285817 = function() {
+    return handleError(function(arg0, arg1) {
+      arg0.randomFillSync(arg1);
+    }, arguments);
+  };
+  exports.__wbg_require_b74f47fc2d022fd6 = function() {
+    return handleError(function() {
+      const ret = module.require;
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_resolve_4851785c9c5f573d = function(arg0) {
+    const ret = Promise.resolve(arg0);
+    return ret;
+  };
+  exports.__wbg_self_b29ea9f89ecb0567 = function() {
+    return handleError(function() {
+      const ret = self.self;
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_setTimeout_4ec014681668a581 = function(arg0, arg1) {
+    const ret = setTimeout(arg0, arg1);
+    return ret;
+  };
+  exports.__wbg_set_65595bdd868b3009 = function(arg0, arg1, arg2) {
+    arg0.set(arg1, arg2 >>> 0);
+  };
+  exports.__wbg_setbody_5923b78a95eedf29 = function(arg0, arg1) {
+    arg0.body = arg1;
+  };
+  exports.__wbg_setcache_12f17c3a980650e4 = function(arg0, arg1) {
+    arg0.cache = __wbindgen_enum_RequestCache[arg1];
+  };
+  exports.__wbg_setcredentials_c3a22f1cd105a2c6 = function(arg0, arg1) {
+    arg0.credentials = __wbindgen_enum_RequestCredentials[arg1];
+  };
+  exports.__wbg_setheaders_834c0bdb6a8949ad = function(arg0, arg1) {
+    arg0.headers = arg1;
+  };
+  exports.__wbg_setmethod_3c5280fe5d890842 = function(arg0, arg1, arg2) {
+    arg0.method = getStringFromWasm0(arg1, arg2);
+  };
+  exports.__wbg_setmode_5dc300b865044b65 = function(arg0, arg1) {
+    arg0.mode = __wbindgen_enum_RequestMode[arg1];
+  };
+  exports.__wbg_setsignal_75b21ef3a81de905 = function(arg0, arg1) {
+    arg0.signal = arg1;
+  };
+  exports.__wbg_signal_aaf9ad74119f20a4 = function(arg0) {
+    const ret = arg0.signal;
+    return ret;
+  };
+  exports.__wbg_static_accessor_GLOBAL_88a902d13a557d07 = function() {
+    const ret = typeof global === "undefined" ? null : global;
+    return isLikeNone(ret) ? 0 : addToExternrefTable0(ret);
+  };
+  exports.__wbg_static_accessor_GLOBAL_THIS_56578be7e9f832b0 = function() {
+    const ret = typeof globalThis === "undefined" ? null : globalThis;
+    return isLikeNone(ret) ? 0 : addToExternrefTable0(ret);
+  };
+  exports.__wbg_static_accessor_SELF_37c5d418e4bf5819 = function() {
+    const ret = typeof self === "undefined" ? null : self;
+    return isLikeNone(ret) ? 0 : addToExternrefTable0(ret);
+  };
+  exports.__wbg_static_accessor_WINDOW_5de37043a91a9c40 = function() {
+    const ret = typeof window === "undefined" ? null : window;
+    return isLikeNone(ret) ? 0 : addToExternrefTable0(ret);
+  };
+  exports.__wbg_static_accessor_performance_da77b3a901a72934 = function() {
+    const ret = performance;
+    return ret;
+  };
+  exports.__wbg_status_f6360336ca686bf0 = function(arg0) {
+    const ret = arg0.status;
+    return ret;
+  };
+  exports.__wbg_stringify_f7ed6987935b4a24 = function() {
+    return handleError(function(arg0) {
+      const ret = JSON.stringify(arg0);
+      return ret;
+    }, arguments);
+  };
+  exports.__wbg_subarray_aa9065fa9dc5df96 = function(arg0, arg1, arg2) {
+    const ret = arg0.subarray(arg1 >>> 0, arg2 >>> 0);
+    return ret;
+  };
+  exports.__wbg_then_44b73946d2fb3e7d = function(arg0, arg1) {
+    const ret = arg0.then(arg1);
+    return ret;
+  };
+  exports.__wbg_then_48b406749878a531 = function(arg0, arg1, arg2) {
+    const ret = arg0.then(arg1, arg2);
+    return ret;
+  };
+  exports.__wbg_toLocaleDateString_e5424994746e8415 = function(arg0, arg1, arg2, arg3) {
+    const ret = arg0.toLocaleDateString(getStringFromWasm0(arg1, arg2), arg3);
+    return ret;
+  };
+  exports.__wbg_url_ae10c34ca209681d = function(arg0, arg1) {
+    const ret = arg1.url;
+    const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
+    const len1 = WASM_VECTOR_LEN;
+    getDataViewMemory0().setInt32(arg0 + 4 * 1, len1, true);
+    getDataViewMemory0().setInt32(arg0 + 4 * 0, ptr1, true);
+  };
+  exports.__wbg_value_cd1ffa7b1ab794f1 = function(arg0) {
+    const ret = arg0.value;
+    return ret;
+  };
+  exports.__wbg_values_99f7a68c7f313d66 = function(arg0) {
+    const ret = arg0.values();
+    return ret;
+  };
+  exports.__wbg_versions_4e31226f5e8dc909 = function(arg0) {
+    const ret = arg0.versions;
+    return ret;
+  };
+  exports.__wbg_window_aa5515e600e96252 = function() {
+    return handleError(function() {
+      const ret = window.window;
+      return ret;
+    }, arguments);
+  };
+  exports.__wbindgen_cb_drop = function(arg0) {
+    const obj = arg0.original;
+    if (obj.cnt-- == 1) {
+      obj.a = 0;
+      return true;
+    }
+    const ret = false;
+    return ret;
+  };
+  exports.__wbindgen_closure_wrapper8973 = function(arg0, arg1, arg2) {
+    const ret = makeMutClosure(arg0, arg1, 2401, __wbg_adapter_30);
+    return ret;
+  };
+  exports.__wbindgen_closure_wrapper9014 = function(arg0, arg1, arg2) {
+    const ret = makeMutClosure(arg0, arg1, 2418, __wbg_adapter_33);
+    return ret;
+  };
+  exports.__wbindgen_debug_string = function(arg0, arg1) {
+    const ret = debugString(arg1);
+    const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
+    const len1 = WASM_VECTOR_LEN;
+    getDataViewMemory0().setInt32(arg0 + 4 * 1, len1, true);
+    getDataViewMemory0().setInt32(arg0 + 4 * 0, ptr1, true);
+  };
+  exports.__wbindgen_init_externref_table = function() {
+    const table = wasm.__wbindgen_export_2;
+    const offset = table.grow(4);
+    table.set(0, undefined);
+    table.set(offset + 0, undefined);
+    table.set(offset + 1, null);
+    table.set(offset + 2, true);
+    table.set(offset + 3, false);
+  };
+  exports.__wbindgen_is_function = function(arg0) {
+    const ret = typeof arg0 === "function";
+    return ret;
+  };
+  exports.__wbindgen_is_object = function(arg0) {
+    const val = arg0;
+    const ret = typeof val === "object" && val !== null;
+    return ret;
+  };
+  exports.__wbindgen_is_string = function(arg0) {
+    const ret = typeof arg0 === "string";
+    return ret;
+  };
+  exports.__wbindgen_is_undefined = function(arg0) {
+    const ret = arg0 === undefined;
+    return ret;
+  };
+  exports.__wbindgen_memory = function() {
+    const ret = wasm.memory;
+    return ret;
+  };
+  exports.__wbindgen_number_new = function(arg0) {
+    const ret = arg0;
+    return ret;
+  };
+  exports.__wbindgen_string_get = function(arg0, arg1) {
+    const obj = arg1;
+    const ret = typeof obj === "string" ? obj : undefined;
+    var ptr1 = isLikeNone(ret) ? 0 : passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
+    var len1 = WASM_VECTOR_LEN;
+    getDataViewMemory0().setInt32(arg0 + 4 * 1, len1, true);
+    getDataViewMemory0().setInt32(arg0 + 4 * 0, ptr1, true);
+  };
+  exports.__wbindgen_string_new = function(arg0, arg1) {
+    const ret = getStringFromWasm0(arg0, arg1);
+    return ret;
+  };
+  exports.__wbindgen_throw = function(arg0, arg1) {
+    throw new Error(getStringFromWasm0(arg0, arg1));
+  };
+  var path = __require("path").join(__dirname, "core_bg.wasm");
+  var bytes = __require("fs").readFileSync(path);
+  var wasmModule = new WebAssembly.Module(bytes);
+  var wasmInstance = new WebAssembly.Instance(wasmModule, imports);
+  wasm = wasmInstance.exports;
+  exports.__wasm = wasm;
+  wasm.__wbindgen_start();
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/types.js
+var require_types = __commonJS((exports) => {
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.ReplacerFunc = exports.ReviverFunc = exports.UPDATE_ITEM_HISTORY = exports.UPDATE_ITEMS = exports.SEND_ITEMS = exports.REVEAL_ITEM_PASSWORD = exports.RECOVER_VAULT = exports.READ_ITEMS = exports.PRINT_ITEMS = exports.NO_ACCESS = exports.MANAGE_VAULT = exports.IMPORT_ITEMS = exports.EXPORT_ITEMS = exports.DELETE_ITEMS = exports.CREATE_ITEMS = exports.ARCHIVE_ITEMS = exports.WordListType = exports.SeparatorType = exports.VaultType = exports.AllowedRecipientType = exports.AllowedType = exports.ItemShareDuration = exports.ItemState = exports.AutofillBehavior = exports.ItemFieldType = exports.ItemCategory = exports.VaultAccessorType = exports.GroupState = exports.GroupType = undefined;
+  var GroupType;
+  (function(GroupType2) {
+    GroupType2["Owners"] = "owners";
+    GroupType2["Administrators"] = "administrators";
+    GroupType2["Recovery"] = "recovery";
+    GroupType2["ExternalAccountManagers"] = "externalAccountManagers";
+    GroupType2["TeamMembers"] = "teamMembers";
+    GroupType2["UserDefined"] = "userDefined";
+    GroupType2["Unsupported"] = "unsupported";
+  })(GroupType || (exports.GroupType = GroupType = {}));
+  var GroupState;
+  (function(GroupState2) {
+    GroupState2["Active"] = "active";
+    GroupState2["Deleted"] = "deleted";
+    GroupState2["Unsupported"] = "unsupported";
+  })(GroupState || (exports.GroupState = GroupState = {}));
+  var VaultAccessorType;
+  (function(VaultAccessorType2) {
+    VaultAccessorType2["User"] = "user";
+    VaultAccessorType2["Group"] = "group";
+  })(VaultAccessorType || (exports.VaultAccessorType = VaultAccessorType = {}));
+  var ItemCategory;
+  (function(ItemCategory2) {
+    ItemCategory2["Login"] = "Login";
+    ItemCategory2["SecureNote"] = "SecureNote";
+    ItemCategory2["CreditCard"] = "CreditCard";
+    ItemCategory2["CryptoWallet"] = "CryptoWallet";
+    ItemCategory2["Identity"] = "Identity";
+    ItemCategory2["Password"] = "Password";
+    ItemCategory2["Document"] = "Document";
+    ItemCategory2["ApiCredentials"] = "ApiCredentials";
+    ItemCategory2["BankAccount"] = "BankAccount";
+    ItemCategory2["Database"] = "Database";
+    ItemCategory2["DriverLicense"] = "DriverLicense";
+    ItemCategory2["Email"] = "Email";
+    ItemCategory2["MedicalRecord"] = "MedicalRecord";
+    ItemCategory2["Membership"] = "Membership";
+    ItemCategory2["OutdoorLicense"] = "OutdoorLicense";
+    ItemCategory2["Passport"] = "Passport";
+    ItemCategory2["Rewards"] = "Rewards";
+    ItemCategory2["Router"] = "Router";
+    ItemCategory2["Server"] = "Server";
+    ItemCategory2["SshKey"] = "SshKey";
+    ItemCategory2["SocialSecurityNumber"] = "SocialSecurityNumber";
+    ItemCategory2["SoftwareLicense"] = "SoftwareLicense";
+    ItemCategory2["Person"] = "Person";
+    ItemCategory2["Unsupported"] = "Unsupported";
+  })(ItemCategory || (exports.ItemCategory = ItemCategory = {}));
+  var ItemFieldType;
+  (function(ItemFieldType2) {
+    ItemFieldType2["Text"] = "Text";
+    ItemFieldType2["Concealed"] = "Concealed";
+    ItemFieldType2["CreditCardType"] = "CreditCardType";
+    ItemFieldType2["CreditCardNumber"] = "CreditCardNumber";
+    ItemFieldType2["Phone"] = "Phone";
+    ItemFieldType2["Url"] = "Url";
+    ItemFieldType2["Totp"] = "Totp";
+    ItemFieldType2["Email"] = "Email";
+    ItemFieldType2["Reference"] = "Reference";
+    ItemFieldType2["SshKey"] = "SshKey";
+    ItemFieldType2["Menu"] = "Menu";
+    ItemFieldType2["MonthYear"] = "MonthYear";
+    ItemFieldType2["Address"] = "Address";
+    ItemFieldType2["Date"] = "Date";
+    ItemFieldType2["Unsupported"] = "Unsupported";
+  })(ItemFieldType || (exports.ItemFieldType = ItemFieldType = {}));
+  var AutofillBehavior;
+  (function(AutofillBehavior2) {
+    AutofillBehavior2["AnywhereOnWebsite"] = "AnywhereOnWebsite";
+    AutofillBehavior2["ExactDomain"] = "ExactDomain";
+    AutofillBehavior2["Never"] = "Never";
+  })(AutofillBehavior || (exports.AutofillBehavior = AutofillBehavior = {}));
+  var ItemState;
+  (function(ItemState2) {
+    ItemState2["Active"] = "active";
+    ItemState2["Archived"] = "archived";
+  })(ItemState || (exports.ItemState = ItemState = {}));
+  var ItemShareDuration;
+  (function(ItemShareDuration2) {
+    ItemShareDuration2["OneHour"] = "OneHour";
+    ItemShareDuration2["OneDay"] = "OneDay";
+    ItemShareDuration2["SevenDays"] = "SevenDays";
+    ItemShareDuration2["FourteenDays"] = "FourteenDays";
+    ItemShareDuration2["ThirtyDays"] = "ThirtyDays";
+  })(ItemShareDuration || (exports.ItemShareDuration = ItemShareDuration = {}));
+  var AllowedType;
+  (function(AllowedType2) {
+    AllowedType2["Authenticated"] = "Authenticated";
+    AllowedType2["Public"] = "Public";
+  })(AllowedType || (exports.AllowedType = AllowedType = {}));
+  var AllowedRecipientType;
+  (function(AllowedRecipientType2) {
+    AllowedRecipientType2["Email"] = "Email";
+    AllowedRecipientType2["Domain"] = "Domain";
+  })(AllowedRecipientType || (exports.AllowedRecipientType = AllowedRecipientType = {}));
+  var VaultType;
+  (function(VaultType2) {
+    VaultType2["Personal"] = "personal";
+    VaultType2["Everyone"] = "everyone";
+    VaultType2["Transfer"] = "transfer";
+    VaultType2["UserCreated"] = "userCreated";
+    VaultType2["Unsupported"] = "unsupported";
+  })(VaultType || (exports.VaultType = VaultType = {}));
+  var SeparatorType;
+  (function(SeparatorType2) {
+    SeparatorType2["Digits"] = "digits";
+    SeparatorType2["DigitsAndSymbols"] = "digitsAndSymbols";
+    SeparatorType2["Spaces"] = "spaces";
+    SeparatorType2["Hyphens"] = "hyphens";
+    SeparatorType2["Underscores"] = "underscores";
+    SeparatorType2["Periods"] = "periods";
+    SeparatorType2["Commas"] = "commas";
+  })(SeparatorType || (exports.SeparatorType = SeparatorType = {}));
+  var WordListType;
+  (function(WordListType2) {
+    WordListType2["FullWords"] = "fullWords";
+    WordListType2["Syllables"] = "syllables";
+    WordListType2["ThreeLetters"] = "threeLetters";
+  })(WordListType || (exports.WordListType = WordListType = {}));
+  exports.ARCHIVE_ITEMS = 256;
+  exports.CREATE_ITEMS = 128;
+  exports.DELETE_ITEMS = 512;
+  exports.EXPORT_ITEMS = 4194304;
+  exports.IMPORT_ITEMS = 2097152;
+  exports.MANAGE_VAULT = 2;
+  exports.NO_ACCESS = 0;
+  exports.PRINT_ITEMS = 8388608;
+  exports.READ_ITEMS = 32;
+  exports.RECOVER_VAULT = 1;
+  exports.REVEAL_ITEM_PASSWORD = 16;
+  exports.SEND_ITEMS = 1048576;
+  exports.UPDATE_ITEMS = 64;
+  exports.UPDATE_ITEM_HISTORY = 1024;
+  var ReviverFunc = (key, value) => {
+    if (typeof value === "string" && /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d+)?Z$/.test(value) && (key === "createdAt" || key === "updatedAt")) {
+      return new Date(value);
+    }
+    if (Array.isArray(value) && value.every((v) => Number.isInteger(v) && v >= 0 && v <= 255) && value.length > 0) {
+      return new Uint8Array(value);
+    }
+    return value;
+  };
+  exports.ReviverFunc = ReviverFunc;
+  var ReplacerFunc = (key, value) => {
+    if (value instanceof Date) {
+      return value.toISOString();
+    }
+    if (value instanceof Uint8Array) {
+      return Array.from(value);
+    }
+    return value;
+  };
+  exports.ReplacerFunc = ReplacerFunc;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/errors.js
+var require_errors = __commonJS((exports) => {
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.throwError = exports.RateLimitExceededError = exports.DesktopSessionExpiredError = undefined;
+
+  class DesktopSessionExpiredError extends Error {
+    constructor(message) {
+      super();
+      this.message = message;
+    }
+  }
+  exports.DesktopSessionExpiredError = DesktopSessionExpiredError;
+
+  class RateLimitExceededError extends Error {
+    constructor(message) {
+      super();
+      this.message = message;
+    }
+  }
+  exports.RateLimitExceededError = RateLimitExceededError;
+  var throwError = (errString) => {
+    let err;
+    try {
+      err = JSON.parse(errString);
+    } catch (e) {
+      throw new Error(errString);
+    }
+    switch (err.name) {
+      case "DesktopSessionExpired":
+        throw new DesktopSessionExpiredError(err.message);
+      case "RateLimitExceeded":
+        throw new RateLimitExceededError(err.message);
+      default:
+        throw new Error(err.message);
+    }
+  };
+  exports.throwError = throwError;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/core.js
+var require_core2 = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.InnerClient = exports.SharedCore = exports.WasmCore = undefined;
+  var sdk_core_1 = require_core();
+  var types_1 = require_types();
+  var errors_1 = require_errors();
+  var messageLimit = 50 * 1024 * 1024;
+
+  class WasmCore {
+    initClient(config) {
+      return __awaiter(this, undefined, undefined, function* () {
+        try {
+          return yield (0, sdk_core_1.init_client)(config);
+        } catch (e) {
+          (0, errors_1.throwError)(e);
+        }
+      });
+    }
+    invoke(config) {
+      return __awaiter(this, undefined, undefined, function* () {
+        try {
+          return yield (0, sdk_core_1.invoke)(config);
+        } catch (e) {
+          (0, errors_1.throwError)(e);
+        }
+      });
+    }
+    releaseClient(clientId) {
+      try {
+        (0, sdk_core_1.release_client)(clientId);
+      } catch (e) {
+        console.warn("failed to release client:", e);
+      }
+    }
+  }
+  exports.WasmCore = WasmCore;
+
+  class SharedCore {
+    constructor() {
+      this.inner = new WasmCore;
+    }
+    setInner(core) {
+      this.inner = core;
+    }
+    initClient(config) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const serializedConfig = JSON.stringify(config);
+        return this.inner.initClient(serializedConfig);
+      });
+    }
+    invoke(config) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const serializedConfig = JSON.stringify(config, types_1.ReplacerFunc);
+        if (new TextEncoder().encode(serializedConfig).length > messageLimit) {
+          (0, errors_1.throwError)(`message size exceeds the limit of ${messageLimit} bytes, please contact 1Password at support@1password.com or https://developer.1password.com/joinslack if you need help."`);
+        }
+        return this.inner.invoke(serializedConfig);
+      });
+    }
+    invoke_sync(config) {
+      const serializedConfig = JSON.stringify(config, types_1.ReplacerFunc);
+      if (new TextEncoder().encode(serializedConfig).length > messageLimit) {
+        (0, errors_1.throwError)(`message size exceeds the limit of ${messageLimit} bytes, please contact 1Password at support@1password.com or https://developer.1password.com/joinslack if you need help.`);
+      }
+      return (0, sdk_core_1.invoke_sync)(serializedConfig);
+    }
+    releaseClient(clientId) {
+      const serializedId = JSON.stringify(clientId);
+      this.inner.releaseClient(serializedId);
+    }
+  }
+  exports.SharedCore = SharedCore;
+
+  class InnerClient {
+    constructor(id, core, config) {
+      this.id = id;
+      this.core = core;
+      this.config = config;
+    }
+    invoke(config) {
+      return __awaiter(this, undefined, undefined, function* () {
+        try {
+          return yield this.core.invoke(config);
+        } catch (err) {
+          if (err instanceof errors_1.DesktopSessionExpiredError) {
+            const newId = yield this.core.initClient(this.config);
+            this.id = parseInt(newId, 10);
+            config.invocation.clientId = this.id;
+            return yield this.core.invoke(config);
+          }
+          throw err;
+        }
+      });
+    }
+  }
+  exports.InnerClient = InnerClient;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/version.js
+var require_version = __commonJS((exports) => {
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.SDK_BUILD_NUMBER = exports.SDK_VERSION = undefined;
+  exports.SDK_VERSION = "0.4.1-beta.1";
+  exports.SDK_BUILD_NUMBER = "0040101";
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/configuration.js
+var require_configuration = __commonJS((exports) => {
+  var __importDefault = exports && exports.__importDefault || function(mod) {
+    return mod && mod.__esModule ? mod : { default: mod };
+  };
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.getOsName = exports.clientAuthConfig = exports.DesktopAuth = exports.VERSION = exports.LANGUAGE = undefined;
+  var os_1 = __importDefault(__require("os"));
+  var version_js_1 = require_version();
+  exports.LANGUAGE = "JS";
+  exports.VERSION = version_js_1.SDK_BUILD_NUMBER;
+
+  class DesktopAuth {
+    constructor(accountName) {
+      this.accountName = accountName;
+    }
+  }
+  exports.DesktopAuth = DesktopAuth;
+  var clientAuthConfig = (userConfig) => {
+    const defaultOsVersion = "0.0.0";
+    let serviceAccountToken;
+    let accountName;
+    if (typeof userConfig.auth === "string") {
+      serviceAccountToken = userConfig.auth;
+    } else if (userConfig.auth instanceof DesktopAuth) {
+      accountName = userConfig.auth.accountName;
+    }
+    return {
+      serviceAccountToken: serviceAccountToken !== null && serviceAccountToken !== undefined ? serviceAccountToken : "",
+      accountName,
+      programmingLanguage: exports.LANGUAGE,
+      sdkVersion: exports.VERSION,
+      integrationName: userConfig.integrationName,
+      integrationVersion: userConfig.integrationVersion,
+      requestLibraryName: "Fetch API",
+      requestLibraryVersion: "Fetch API",
+      os: (0, exports.getOsName)(),
+      osVersion: defaultOsVersion,
+      architecture: os_1.default.arch()
+    };
+  };
+  exports.clientAuthConfig = clientAuthConfig;
+  var getOsName = () => {
+    const os_name = os_1.default.type().toLowerCase();
+    if (os_name === "windows_nt") {
+      return "windows";
+    }
+    return os_name;
+  };
+  exports.getOsName = getOsName;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/secrets.js
+var require_secrets = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  var __classPrivateFieldSet = exports && exports.__classPrivateFieldSet || function(receiver, state, value, kind, f) {
+    if (kind === "m")
+      throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value), value;
+  };
+  var __classPrivateFieldGet = exports && exports.__classPrivateFieldGet || function(receiver, state, kind, f) {
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+  };
+  var _Secrets_inner;
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.Secrets = undefined;
+  var core_js_1 = require_core2();
+  var types_js_1 = require_types();
+
+  class Secrets {
+    constructor(inner) {
+      _Secrets_inner.set(this, undefined);
+      __classPrivateFieldSet(this, _Secrets_inner, inner, "f");
+    }
+    resolve(secretReference) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Secrets_inner, "f").id,
+            parameters: {
+              name: "SecretsResolve",
+              parameters: {
+                secret_reference: secretReference
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Secrets_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    resolveAll(secretReferences) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Secrets_inner, "f").id,
+            parameters: {
+              name: "SecretsResolveAll",
+              parameters: {
+                secret_references: secretReferences
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Secrets_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    static validateSecretReference(secretReference) {
+      const sharedCore = new core_js_1.SharedCore;
+      const invocationConfig = {
+        invocation: {
+          parameters: {
+            name: "ValidateSecretReference",
+            parameters: {
+              secret_reference: secretReference
+            }
+          }
+        }
+      };
+      sharedCore.invoke_sync(invocationConfig);
+    }
+    static generatePassword(recipe) {
+      const sharedCore = new core_js_1.SharedCore;
+      const invocationConfig = {
+        invocation: {
+          parameters: {
+            name: "GeneratePassword",
+            parameters: {
+              recipe
+            }
+          }
+        }
+      };
+      return JSON.parse(sharedCore.invoke_sync(invocationConfig), types_js_1.ReviverFunc);
+    }
+  }
+  exports.Secrets = Secrets;
+  _Secrets_inner = new WeakMap;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/items_shares.js
+var require_items_shares = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  var __classPrivateFieldSet = exports && exports.__classPrivateFieldSet || function(receiver, state, value, kind, f) {
+    if (kind === "m")
+      throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value), value;
+  };
+  var __classPrivateFieldGet = exports && exports.__classPrivateFieldGet || function(receiver, state, kind, f) {
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+  };
+  var _ItemsShares_inner;
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.ItemsShares = undefined;
+  var types_js_1 = require_types();
+
+  class ItemsShares {
+    constructor(inner) {
+      _ItemsShares_inner.set(this, undefined);
+      __classPrivateFieldSet(this, _ItemsShares_inner, inner, "f");
+    }
+    getAccountPolicy(vaultId, itemId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _ItemsShares_inner, "f").id,
+            parameters: {
+              name: "ItemsSharesGetAccountPolicy",
+              parameters: {
+                vault_id: vaultId,
+                item_id: itemId
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _ItemsShares_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    validateRecipients(policy, recipients) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _ItemsShares_inner, "f").id,
+            parameters: {
+              name: "ItemsSharesValidateRecipients",
+              parameters: {
+                policy,
+                recipients
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _ItemsShares_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    create(item, policy, params) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _ItemsShares_inner, "f").id,
+            parameters: {
+              name: "ItemsSharesCreate",
+              parameters: {
+                item,
+                policy,
+                params
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _ItemsShares_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+  }
+  exports.ItemsShares = ItemsShares;
+  _ItemsShares_inner = new WeakMap;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/items_files.js
+var require_items_files = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  var __classPrivateFieldSet = exports && exports.__classPrivateFieldSet || function(receiver, state, value, kind, f) {
+    if (kind === "m")
+      throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value), value;
+  };
+  var __classPrivateFieldGet = exports && exports.__classPrivateFieldGet || function(receiver, state, kind, f) {
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+  };
+  var _ItemsFiles_inner;
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.ItemsFiles = undefined;
+  var types_js_1 = require_types();
+
+  class ItemsFiles {
+    constructor(inner) {
+      _ItemsFiles_inner.set(this, undefined);
+      __classPrivateFieldSet(this, _ItemsFiles_inner, inner, "f");
+    }
+    attach(item, fileParams) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _ItemsFiles_inner, "f").id,
+            parameters: {
+              name: "ItemsFilesAttach",
+              parameters: {
+                item,
+                file_params: fileParams
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _ItemsFiles_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    read(vaultId, itemId, attr) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _ItemsFiles_inner, "f").id,
+            parameters: {
+              name: "ItemsFilesRead",
+              parameters: {
+                vault_id: vaultId,
+                item_id: itemId,
+                attr
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _ItemsFiles_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    delete(item, sectionId, fieldId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _ItemsFiles_inner, "f").id,
+            parameters: {
+              name: "ItemsFilesDelete",
+              parameters: {
+                item,
+                section_id: sectionId,
+                field_id: fieldId
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _ItemsFiles_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    replaceDocument(item, docParams) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _ItemsFiles_inner, "f").id,
+            parameters: {
+              name: "ItemsFilesReplaceDocument",
+              parameters: {
+                item,
+                doc_params: docParams
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _ItemsFiles_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+  }
+  exports.ItemsFiles = ItemsFiles;
+  _ItemsFiles_inner = new WeakMap;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/items.js
+var require_items = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  var __classPrivateFieldSet = exports && exports.__classPrivateFieldSet || function(receiver, state, value, kind, f) {
+    if (kind === "m")
+      throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value), value;
+  };
+  var __classPrivateFieldGet = exports && exports.__classPrivateFieldGet || function(receiver, state, kind, f) {
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+  };
+  var _Items_inner;
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.Items = undefined;
+  var types_js_1 = require_types();
+  var items_shares_js_1 = require_items_shares();
+  var items_files_js_1 = require_items_files();
+
+  class Items {
+    constructor(inner) {
+      _Items_inner.set(this, undefined);
+      __classPrivateFieldSet(this, _Items_inner, inner, "f");
+      this.shares = new items_shares_js_1.ItemsShares(inner);
+      this.files = new items_files_js_1.ItemsFiles(inner);
+    }
+    create(params) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsCreate",
+              parameters: {
+                params
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    createAll(vaultId, params) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsCreateAll",
+              parameters: {
+                vault_id: vaultId,
+                params
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    get(vaultId, itemId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsGet",
+              parameters: {
+                vault_id: vaultId,
+                item_id: itemId
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    getAll(vaultId, itemIds) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsGetAll",
+              parameters: {
+                vault_id: vaultId,
+                item_ids: itemIds
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    put(item) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsPut",
+              parameters: {
+                item
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    delete(vaultId, itemId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsDelete",
+              parameters: {
+                vault_id: vaultId,
+                item_id: itemId
+              }
+            }
+          }
+        };
+        yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig);
+      });
+    }
+    deleteAll(vaultId, itemIds) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsDeleteAll",
+              parameters: {
+                vault_id: vaultId,
+                item_ids: itemIds
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    archive(vaultId, itemId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsArchive",
+              parameters: {
+                vault_id: vaultId,
+                item_id: itemId
+              }
+            }
+          }
+        };
+        yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig);
+      });
+    }
+    list(vaultId, ...filters) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Items_inner, "f").id,
+            parameters: {
+              name: "ItemsList",
+              parameters: {
+                vault_id: vaultId,
+                filters
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Items_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+  }
+  exports.Items = Items;
+  _Items_inner = new WeakMap;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/vaults.js
+var require_vaults = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  var __classPrivateFieldSet = exports && exports.__classPrivateFieldSet || function(receiver, state, value, kind, f) {
+    if (kind === "m")
+      throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value), value;
+  };
+  var __classPrivateFieldGet = exports && exports.__classPrivateFieldGet || function(receiver, state, kind, f) {
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+  };
+  var _Vaults_inner;
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.Vaults = undefined;
+  var types_js_1 = require_types();
+
+  class Vaults {
+    constructor(inner) {
+      _Vaults_inner.set(this, undefined);
+      __classPrivateFieldSet(this, _Vaults_inner, inner, "f");
+    }
+    create(params) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsCreate",
+              parameters: {
+                params
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    list(params) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsList",
+              parameters: {
+                params
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    getOverview(vaultId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsGetOverview",
+              parameters: {
+                vault_id: vaultId
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    get(vaultId, vaultParams) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsGet",
+              parameters: {
+                vault_id: vaultId,
+                vault_params: vaultParams
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    update(vaultId, params) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsUpdate",
+              parameters: {
+                vault_id: vaultId,
+                params
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+    delete(vaultId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsDelete",
+              parameters: {
+                vault_id: vaultId
+              }
+            }
+          }
+        };
+        yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig);
+      });
+    }
+    grantGroupPermissions(vaultId, groupPermissionsList) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsGrantGroupPermissions",
+              parameters: {
+                vault_id: vaultId,
+                group_permissions_list: groupPermissionsList
+              }
+            }
+          }
+        };
+        yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig);
+      });
+    }
+    updateGroupPermissions(groupPermissionsList) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsUpdateGroupPermissions",
+              parameters: {
+                group_permissions_list: groupPermissionsList
+              }
+            }
+          }
+        };
+        yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig);
+      });
+    }
+    revokeGroupPermissions(vaultId, groupId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Vaults_inner, "f").id,
+            parameters: {
+              name: "VaultsRevokeGroupPermissions",
+              parameters: {
+                vault_id: vaultId,
+                group_id: groupId
+              }
+            }
+          }
+        };
+        yield __classPrivateFieldGet(this, _Vaults_inner, "f").invoke(invocationConfig);
+      });
+    }
+  }
+  exports.Vaults = Vaults;
+  _Vaults_inner = new WeakMap;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/environments.js
+var require_environments = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  var __classPrivateFieldSet = exports && exports.__classPrivateFieldSet || function(receiver, state, value, kind, f) {
+    if (kind === "m")
+      throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value), value;
+  };
+  var __classPrivateFieldGet = exports && exports.__classPrivateFieldGet || function(receiver, state, kind, f) {
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+  };
+  var _Environments_inner;
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.Environments = undefined;
+  var types_js_1 = require_types();
+
+  class Environments {
+    constructor(inner) {
+      _Environments_inner.set(this, undefined);
+      __classPrivateFieldSet(this, _Environments_inner, inner, "f");
+    }
+    getVariables(environmentId) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Environments_inner, "f").id,
+            parameters: {
+              name: "EnvironmentsGetVariables",
+              parameters: {
+                environment_id: environmentId
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Environments_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+  }
+  exports.Environments = Environments;
+  _Environments_inner = new WeakMap;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/groups.js
+var require_groups = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  var __classPrivateFieldSet = exports && exports.__classPrivateFieldSet || function(receiver, state, value, kind, f) {
+    if (kind === "m")
+      throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value), value;
+  };
+  var __classPrivateFieldGet = exports && exports.__classPrivateFieldGet || function(receiver, state, kind, f) {
+    if (kind === "a" && !f)
+      throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
+      throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+  };
+  var _Groups_inner;
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.Groups = undefined;
+  var types_js_1 = require_types();
+
+  class Groups {
+    constructor(inner) {
+      _Groups_inner.set(this, undefined);
+      __classPrivateFieldSet(this, _Groups_inner, inner, "f");
+    }
+    get(groupId, groupParams) {
+      return __awaiter(this, undefined, undefined, function* () {
+        const invocationConfig = {
+          invocation: {
+            clientId: __classPrivateFieldGet(this, _Groups_inner, "f").id,
+            parameters: {
+              name: "GroupsGet",
+              parameters: {
+                group_id: groupId,
+                group_params: groupParams
+              }
+            }
+          }
+        };
+        return JSON.parse(yield __classPrivateFieldGet(this, _Groups_inner, "f").invoke(invocationConfig), types_js_1.ReviverFunc);
+      });
+    }
+  }
+  exports.Groups = Groups;
+  _Groups_inner = new WeakMap;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/client.js
+var require_client = __commonJS((exports) => {
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.Client = undefined;
+  var secrets_js_1 = require_secrets();
+  var items_js_1 = require_items();
+  var vaults_js_1 = require_vaults();
+  var environments_js_1 = require_environments();
+  var groups_js_1 = require_groups();
+
+  class Client {
+    constructor(innerClient) {
+      this.secrets = new secrets_js_1.Secrets(innerClient);
+      this.items = new items_js_1.Items(innerClient);
+      this.vaults = new vaults_js_1.Vaults(innerClient);
+      this.environments = new environments_js_1.Environments(innerClient);
+      this.groups = new groups_js_1.Groups(innerClient);
+    }
+  }
+  exports.Client = Client;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/shared_lib_core.js
+var require_shared_lib_core = __commonJS((exports) => {
+  var __createBinding = exports && exports.__createBinding || (Object.create ? function(o, m, k, k2) {
+    if (k2 === undefined)
+      k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() {
+        return m[k];
+      } };
+    }
+    Object.defineProperty(o, k2, desc);
+  } : function(o, m, k, k2) {
+    if (k2 === undefined)
+      k2 = k;
+    o[k2] = m[k];
+  });
+  var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+  } : function(o, v) {
+    o["default"] = v;
+  });
+  var __importStar = exports && exports.__importStar || function() {
+    var ownKeys = function(o) {
+      ownKeys = Object.getOwnPropertyNames || function(o2) {
+        var ar = [];
+        for (var k in o2)
+          if (Object.prototype.hasOwnProperty.call(o2, k))
+            ar[ar.length] = k;
+        return ar;
+      };
+      return ownKeys(o);
+    };
+    return function(mod) {
+      if (mod && mod.__esModule)
+        return mod;
+      var result = {};
+      if (mod != null) {
+        for (var k = ownKeys(mod), i = 0;i < k.length; i++)
+          if (k[i] !== "default")
+            __createBinding(result, mod, k[i]);
+      }
+      __setModuleDefault(result, mod);
+      return result;
+    };
+  }();
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.SharedLibCore = undefined;
+  var fs = __importStar(__require("fs"));
+  var os = __importStar(__require("os"));
+  var path = __importStar(__require("path"));
+  var errors_1 = require_errors();
+  var find1PasswordLibPath = () => {
+    const platform = os.platform();
+    const appRoot = path.dirname(process.execPath);
+    let searchPaths = [];
+    switch (platform) {
+      case "darwin":
+        searchPaths = [
+          "/Applications/1Password.app/Contents/Frameworks/libop_sdk_ipc_client.dylib",
+          path.join(os.homedir(), "/Applications/1Password.app/Contents/Frameworks/libop_sdk_ipc_client.dylib")
+        ];
+        break;
+      case "linux":
+        searchPaths = [
+          "/usr/bin/1password/libop_sdk_ipc_client.so",
+          "/opt/1Password/libop_sdk_ipc_client.so",
+          "/snap/bin/1password/libop_sdk_ipc_client.so"
+        ];
+        break;
+      case "win32":
+        searchPaths = [
+          path.join(os.homedir(), "/AppData/Local/1Password/op_sdk_ipc_client.dll"),
+          "C:/Program Files/1Password/app/8/op_sdk_ipc_client.dll",
+          "C:/Program Files (x86)/1Password/app/8/op_sdk_ipc_client.dll",
+          path.join(os.homedir(), "/AppData/Local/1Password/app/8/op_sdk_ipc_client.dll")
+        ];
+        break;
+      default:
+        throw new Error(`Unsupported platform: ${platform}`);
+    }
+    for (const addonPath of searchPaths) {
+      if (fs.existsSync(addonPath)) {
+        return addonPath;
+      }
+    }
+    throw new Error("1Password desktop application not found");
+  };
+
+  class SharedLibCore {
+    constructor(accountName) {
+      this.lib = null;
+      try {
+        const libPath = find1PasswordLibPath();
+        const moduleStub = { exports: {} };
+        process.dlopen(moduleStub, libPath);
+        if (typeof moduleStub === "object" && moduleStub !== null && typeof moduleStub.exports === "object" && moduleStub.exports !== null && "sendMessage" in moduleStub.exports && typeof moduleStub.exports.sendMessage === "function") {
+          this.lib = moduleStub.exports;
+        } else {
+          throw new Error("Failed to initialize native library: sendMessage function not found on module.");
+        }
+      } catch (e) {
+        console.error("A critical error occurred while loading the native addon:", e);
+        this.lib = null;
+      }
+      this.acccountName = accountName;
+    }
+    callSharedLibrary(input, operation_type) {
+      return __awaiter(this, undefined, undefined, function* () {
+        if (!this.lib) {
+          throw new Error("Native library is not available.");
+        }
+        if (!input || input.length === 0) {
+          throw new Error("internal: empty input");
+        }
+        const inputEncoded = Buffer.from(input, "utf8").toString("base64");
+        const req = {
+          account_name: this.acccountName,
+          kind: operation_type,
+          payload: inputEncoded
+        };
+        const inputBuf = Buffer.from(JSON.stringify(req), "utf8");
+        const nativeResponse = yield this.lib.sendMessage(inputBuf);
+        if (!(nativeResponse instanceof Uint8Array)) {
+          throw new Error(`Native function returned an unexpected type. Expected Uint8Array, got ${typeof nativeResponse}`);
+        }
+        const respString = new TextDecoder().decode(nativeResponse);
+        const response = JSON.parse(respString);
+        if (response.success) {
+          const decodedPayload = Buffer.from(response.payload).toString("utf8");
+          return decodedPayload;
+        } else {
+          const errorMessage = Array.isArray(response.payload) ? String.fromCharCode(...response.payload) : JSON.stringify(response.payload);
+          (0, errors_1.throwError)(errorMessage);
+        }
+      });
+    }
+    initClient(config) {
+      return __awaiter(this, undefined, undefined, function* () {
+        return this.callSharedLibrary(config, "init_client");
+      });
+    }
+    invoke(invokeConfigBytes) {
+      return __awaiter(this, undefined, undefined, function* () {
+        return this.callSharedLibrary(invokeConfigBytes, "invoke");
+      });
+    }
+    releaseClient(clientId) {
+      this.callSharedLibrary(clientId, "release_client").catch((err) => {
+        console.warn("failed to release client:", err);
+      });
+    }
+  }
+  exports.SharedLibCore = SharedLibCore;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/client_builder.js
+var require_client_builder = __commonJS((exports) => {
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.createClientWithCore = undefined;
+  var core_js_1 = require_core2();
+  var configuration_js_1 = require_configuration();
+  var client_js_1 = require_client();
+  var shared_lib_core_js_1 = require_shared_lib_core();
+  var finalizationRegistry = new FinalizationRegistry((heldClient) => {
+    heldClient.core.releaseClient(heldClient.id);
+  });
+  var createClientWithCore = (config, core) => __awaiter(undefined, undefined, undefined, function* () {
+    const authConfig = (0, configuration_js_1.clientAuthConfig)(config);
+    if (authConfig.accountName) {
+      core.setInner(new shared_lib_core_js_1.SharedLibCore(authConfig.accountName));
+    }
+    const clientId = yield core.initClient(authConfig);
+    const inner = new core_js_1.InnerClient(parseInt(clientId, 10), core, authConfig);
+    const client = new client_js_1.Client(inner);
+    finalizationRegistry.register(client, inner);
+    return client;
+  });
+  exports.createClientWithCore = createClientWithCore;
+});
+
+// ../../node_modules/.bun/@1password+sdk@0.4.1-beta.1/node_modules/@1password/sdk/dist/sdk.js
+var require_sdk = __commonJS((exports) => {
+  var __createBinding = exports && exports.__createBinding || (Object.create ? function(o, m, k, k2) {
+    if (k2 === undefined)
+      k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() {
+        return m[k];
+      } };
+    }
+    Object.defineProperty(o, k2, desc);
+  } : function(o, m, k, k2) {
+    if (k2 === undefined)
+      k2 = k;
+    o[k2] = m[k];
+  });
+  var __exportStar = exports && exports.__exportStar || function(m, exports2) {
+    for (var p in m)
+      if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports2, p))
+        __createBinding(exports2, m, p);
+  };
+  var __awaiter = exports && exports.__awaiter || function(thisArg, _arguments, P, generator) {
+    function adopt(value) {
+      return value instanceof P ? value : new P(function(resolve) {
+        resolve(value);
+      });
+    }
+    return new (P || (P = Promise))(function(resolve, reject) {
+      function fulfilled(value) {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function rejected(value) {
+        try {
+          step(generator["throw"](value));
+        } catch (e) {
+          reject(e);
+        }
+      }
+      function step(result) {
+        result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected);
+      }
+      step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+  };
+  Object.defineProperty(exports, "__esModule", { value: true });
+  exports.createClient = exports.DesktopAuth = exports.Secrets = exports.DEFAULT_INTEGRATION_VERSION = exports.DEFAULT_INTEGRATION_NAME = undefined;
+  var core_js_1 = require_core2();
+  var client_builder_js_1 = require_client_builder();
+  exports.DEFAULT_INTEGRATION_NAME = "Unknown";
+  exports.DEFAULT_INTEGRATION_VERSION = "Unknown";
+  var secrets_js_1 = require_secrets();
+  Object.defineProperty(exports, "Secrets", { enumerable: true, get: function() {
+    return secrets_js_1.Secrets;
+  } });
+  var configuration_js_1 = require_configuration();
+  Object.defineProperty(exports, "DesktopAuth", { enumerable: true, get: function() {
+    return configuration_js_1.DesktopAuth;
+  } });
+  __exportStar(require_client(), exports);
+  __exportStar(require_errors(), exports);
+  __exportStar(require_types(), exports);
+  var createClient = (config) => __awaiter(undefined, undefined, undefined, function* () {
+    return (0, client_builder_js_1.createClientWithCore)(config, new core_js_1.SharedCore);
+  });
+  exports.createClient = createClient;
+});
+
+// src/providers/onepassword.ts
+var exports_onepassword = {};
+__export(exports_onepassword, {
+  resolveSecrets: () => resolveSecrets,
+  resolveSdkAuth: () => resolveSdkAuth,
+  resolveGlobImport: () => resolveGlobImport,
+  resolveDesktopAccount: () => resolveDesktopAccount,
+  readEnvironment: () => readEnvironment,
+  parseOpFlag: () => parseOpFlag,
+  parseGlobImport: () => parseGlobImport,
+  maskSecret: () => maskSecret,
+  isOpReference: () => isOpReference,
+  isGlobImport: () => isGlobImport,
+  globToRegExp: () => globToRegExp,
+  filterGlobFields: () => filterGlobFields,
+  envNameFromOpRef: () => envNameFromOpRef,
+  discoverItemFields: () => discoverItemFields,
+  detectSdkAuth: () => detectSdkAuth,
+  defaultSdkClientFactory: () => defaultSdkClientFactory,
+  defaultOpAccountLister: () => defaultOpAccountLister,
+  collectConfigImports: () => collectConfigImports,
+  buildAuthError: () => buildAuthError,
+  acquireSdkClient: () => acquireSdkClient,
+  OP_REF_RE: () => OP_REF_RE
+});
+import { spawnSync } from "child_process";
+function isOpReference(v) {
+  return typeof v === "string" && OP_REF_RE.test(v);
+}
+function buildAuthError(detail) {
+  return new Error(`${detail}
+` + "Set OP_SERVICE_ACCOUNT_TOKEN (service account, headless) or OP_ACCOUNT " + "(your 1Password account URL, e.g. my-team.1password.com) for the desktop " + "app \u2014 or set `onepasswordAccount` in ~/.claudish/config.json.");
+}
+function maskSecret(v) {
+  if (!v)
+    return "";
+  return `${v.slice(0, 4)}\u2026`;
+}
+function isGlobImport(opPath) {
+  if (typeof opPath !== "string" || !opPath.startsWith("op://"))
+    return false;
+  const rest = opPath.slice("op://".length).split("/");
+  if (rest.length < 3)
+    return false;
+  const post = rest.slice(2);
+  if (post.length < 1 || post.length > 2)
+    return false;
+  return post.some((seg) => seg.includes("*"));
+}
+function parseGlobImport(opPath) {
+  const rest = opPath.slice("op://".length).split("/");
+  const [vault, item, ...post] = rest;
+  if (post.length === 1) {
+    return { vault, item, sectionGlob: null, fieldGlob: post[0] };
+  }
+  return { vault, item, sectionGlob: post[0], fieldGlob: post[1] };
+}
+function globToRegExp(glob) {
+  let out = "";
+  for (const ch of glob) {
+    if (ch === "*") {
+      out += ".*";
+    } else if (/[.+?^${}()|[\]\\]/.test(ch)) {
+      out += `\\${ch}`;
+    } else {
+      out += ch;
+    }
+  }
+  return new RegExp(`^${out}$`);
+}
+async function discoverItemFields(vault, item, opts = {}) {
+  const warn = opts.warn ?? ((m) => console.error(m));
+  const client = await acquireSdkClient(opts, `1Password item discovery for '${item}'`);
+  const vaults = await client.vaults.list();
+  const vaultMatches = vaults.filter((v) => v.title === vault);
+  if (vaultMatches.length === 0) {
+    throw new Error(`1Password vault '${vault}' not found. ` + `Available vaults: ${vaults.map((v) => v.title).join(", ") || "(none)"}.`);
+  }
+  if (vaultMatches.length > 1) {
+    warn(`[claudish] multiple 1Password vaults titled '${vault}'; using the first ` + `(id ${vaultMatches[0].id}).`);
+  }
+  const vaultId = vaultMatches[0].id;
+  const items = await client.items.list(vaultId);
+  const itemMatches = items.filter((i) => i.title === item);
+  if (itemMatches.length === 0) {
+    throw new Error(`1Password item '${item}' not found in vault '${vault}'. ` + `Available items: ${items.map((i) => i.title).slice(0, 12).join(", ") || "(none)"}.`);
+  }
+  if (itemMatches.length > 1) {
+    warn(`[claudish] multiple 1Password items titled '${item}' in vault '${vault}'; ` + `using the first (id ${itemMatches[0].id}).`);
+  }
+  const itemId = itemMatches[0].id;
+  const full = await client.items.get(vaultId, itemId);
+  const out = [];
+  for (const field of full.fields) {
+    if (typeof field.title !== "string")
+      continue;
+    const section = sectionLabel(full, field.sectionId);
+    const reference = `op://${vault}/${item}/${section ? `${section}/` : ""}${field.title}`;
+    out.push({
+      label: field.title,
+      section,
+      reference,
+      type: typeof field.fieldType === "string" ? field.fieldType : String(field.fieldType ?? ""),
+      hasValue: !!field.value
+    });
+  }
+  return out;
+}
+function sectionLabel(item, sectionId) {
+  if (!sectionId)
+    return null;
+  const match = item.sections.find((s) => s.id === sectionId);
+  return match ? match.title : null;
+}
+function filterGlobFields(fields, glob) {
+  const sectionRegex = glob.sectionGlob === null ? null : globToRegExp(glob.sectionGlob);
+  const fieldRegex = globToRegExp(glob.fieldGlob);
+  const matches = [];
+  for (const field of fields) {
+    if (glob.sectionGlob === null) {
+      if (field.section !== null)
+        continue;
+    } else {
+      if (field.section === null)
+        continue;
+      if (!sectionRegex.test(field.section))
+        continue;
+    }
+    const envName = field.label.trim();
+    if (!fieldRegex.test(envName))
+      continue;
+    matches.push({ field, envName, valid: ENV_VAR_NAME_RE.test(envName) });
+  }
+  return matches;
+}
+async function resolveGlobImport(opPath, opts = {}) {
+  const warn = opts.warn ?? ((m) => console.error(m));
+  const glob = parseGlobImport(opPath);
+  const fields = await discoverItemFields(glob.vault, glob.item, {
+    sdkFactory: opts.sdkFactory,
+    auth: opts.auth,
+    env: opts.env,
+    warn
+  });
+  const matches = filterGlobFields(fields, glob);
+  const refMap = {};
+  for (const m of matches) {
+    if (!m.valid) {
+      warn(`[claudish] skipped 1Password field '${m.field.label}' (not a valid env var name)`);
+      continue;
+    }
+    refMap[m.envName] = m.field.reference;
+  }
+  if (Object.keys(refMap).length === 0) {
+    const available = fields.map((f) => f.label.trim()).filter((l) => l !== "").slice(0, 8);
+    throw new Error(`1Password glob '${opPath}' matched no importable fields in '${glob.item}'. ` + `Available field labels include: ${available.join(", ") || "(none)"}.`);
+  }
+  return resolveSecrets(refMap, {
+    sdkFactory: opts.sdkFactory,
+    auth: opts.auth,
+    env: opts.env
+  });
+}
+function envNameFromOpRef(opRef) {
+  if (typeof opRef !== "string" || !opRef.startsWith("op://"))
+    return null;
+  const segments = opRef.slice("op://".length).split("/");
+  const last = segments[segments.length - 1] ?? "";
+  const name = last.trim();
+  if (name === "" || !ENV_VAR_NAME_RE.test(name))
+    return null;
+  return name;
+}
+function collectConfigImports(cfg, env = process.env) {
+  const opRefs = {};
+  const globImports = [];
+  const warnings = [];
+  collectApiKeyRefs(cfg.apiKeys, env, opRefs);
+  if (Array.isArray(cfg.onepassword)) {
+    for (const entry of cfg.onepassword) {
+      collectOnepasswordEntry(entry, env, opRefs, globImports, warnings);
+    }
+  }
+  return { opRefs, globImports, warnings };
+}
+function collectApiKeyRefs(apiKeys, env, opRefs) {
+  if (!apiKeys)
+    return;
+  for (const [envVar, value] of Object.entries(apiKeys)) {
+    if (typeof value !== "string")
+      continue;
+    const current = env[envVar] ?? value;
+    if (isOpReference(current)) {
+      opRefs[envVar] = current;
+    }
+  }
+}
+function collectOnepasswordEntry(entry, env, opRefs, globImports, warnings) {
+  if (typeof entry !== "string")
+    return;
+  const trimmed = entry.trim();
+  if (trimmed === "")
+    return;
+  if (isGlobImport(trimmed)) {
+    globImports.push(trimmed);
+    return;
+  }
+  if (trimmed.startsWith("op://")) {
+    const name = envNameFromOpRef(trimmed);
+    if (name === null) {
+      warnings.push(`[claudish] skipped 1Password ref '${trimmed}' from onepassword[] ` + "(its trailing field label is not a valid env var name)");
+      return;
+    }
+    if (!env[name]) {
+      opRefs[name] = trimmed;
+    }
+    return;
+  }
+  warnings.push(`[claudish] skipped 1Password entry '${trimmed}' from onepassword[] ` + "(not a glob import or op:// reference)");
+}
+function parseOpFlag(argv) {
+  let glob;
+  let present = false;
+  for (let i = 0;i < argv.length; i++) {
+    const a = argv[i];
+    if (a === "--op") {
+      present = true;
+      const next = argv[i + 1];
+      if (next !== undefined && next !== "" && !next.startsWith("-")) {
+        glob = next;
+      }
+      break;
+    }
+    if (a.startsWith("--op=")) {
+      present = true;
+      const v = a.slice("--op=".length);
+      if (v !== "")
+        glob = v;
+      break;
+    }
+  }
+  const list = argv.includes("--list");
+  return { glob, list, present };
+}
+function detectSdkAuth(env = process.env) {
+  const token = env.OP_SERVICE_ACCOUNT_TOKEN?.trim();
+  if (token)
+    return { kind: "token", token };
+  const account = env.OP_ACCOUNT?.trim();
+  if (account)
+    return { kind: "desktop", accountName: account };
+  return;
+}
+function resolveDesktopAccount(opts = {}) {
+  const env = opts.env ?? process.env;
+  const envAccount = env.OP_ACCOUNT?.trim();
+  if (envAccount)
+    return { accountName: envAccount };
+  const configAccount = opts.configAccount?.trim();
+  if (configAccount)
+    return { accountName: configAccount };
+  const lister = opts.opAccountLister ?? defaultOpAccountLister;
+  const accounts = lister();
+  const remediation = "Set OP_ACCOUNT to your account URL (e.g. my-team.1password.com) or `onepasswordAccount` in ~/.claudish/config.json.";
+  if (!accounts || accounts.length === 0) {
+    return {
+      error: `Could not determine which 1Password account to use (no service-account token, and \`op account list\` is unavailable). ${remediation}`
+    };
+  }
+  if (accounts.length === 1) {
+    return { accountName: accounts[0].url };
+  }
+  if (opts.interactive) {
+    return { needsPicker: accounts };
+  }
+  const listing = accounts.map((a) => `  - ${a.url}${a.email ? ` (${a.email})` : ""}`).join(`
+`);
+  return {
+    error: `Multiple 1Password accounts are available and this is a non-interactive session, so claudish can't prompt you to pick one. ${remediation}
+Accounts:
+${listing}`
+  };
+}
+async function resolveSdkAuth(opts = {}) {
+  const env = opts.env ?? process.env;
+  const token = env.OP_SERVICE_ACCOUNT_TOKEN?.trim();
+  if (token)
+    return { kind: "token", token };
+  const result = resolveDesktopAccount({
+    env,
+    configAccount: opts.configAccount,
+    interactive: opts.interactive,
+    opAccountLister: opts.opAccountLister
+  });
+  if ("accountName" in result) {
+    return { kind: "desktop", accountName: result.accountName };
+  }
+  if ("needsPicker" in result) {
+    if (opts.onNeedsPicker) {
+      const chosen = await opts.onNeedsPicker(result.needsPicker);
+      if (chosen && chosen.trim()) {
+        return { kind: "desktop", accountName: chosen.trim() };
+      }
+    }
+    const listing = result.needsPicker.map((a) => `  - ${a.url}${a.email ? ` (${a.email})` : ""}`).join(`
+`);
+    throw buildAuthError(`Multiple 1Password accounts are available but none was selected.
+Accounts:
+${listing}`);
+  }
+  throw buildAuthError(result.error);
+}
+async function acquireSdkClient(opts, context) {
+  const auth = opts.auth ?? detectSdkAuth(opts.env ?? process.env);
+  if (!auth) {
+    throw buildAuthError(`1Password SDK auth is required for ${context}, but neither OP_SERVICE_ACCOUNT_TOKEN nor a 1Password account (OP_ACCOUNT / onepasswordAccount config) is available.`);
+  }
+  const sdkFactory = opts.sdkFactory ?? defaultSdkClientFactory;
+  return sdkFactory(auth);
+}
+function mapSdkResolveAll(refs, response) {
+  const responses = response.individualResponses ?? {};
+  const out = {};
+  const failures = [];
+  for (const [envVar, ref] of Object.entries(refs)) {
+    const entry = responses[ref];
+    if (entry?.content && typeof entry.content.secret === "string") {
+      out[envVar] = entry.content.secret;
+      continue;
+    }
+    if (entry?.error !== undefined) {
+      failures.push(`${envVar} (${ref}): ${describeSdkError(entry.error)}`);
+      continue;
+    }
+    failures.push(`${envVar} (${ref}): no value returned`);
+  }
+  if (failures.length > 0) {
+    throw new Error(`1Password SDK could not resolve secret reference(s):
+  ${failures.join(`
+  `)}`);
+  }
+  return out;
+}
+function describeSdkError(error) {
+  if (error && typeof error === "object") {
+    const e = error;
+    const type = typeof e.type === "string" ? e.type : undefined;
+    const message = typeof e.message === "string" ? e.message : undefined;
+    if (type && message)
+      return `${type}: ${message}`;
+    if (type)
+      return type;
+    if (message)
+      return message;
+  }
+  return String(error);
+}
+async function resolveSecrets(refs, opts = {}) {
+  const keys = Object.keys(refs);
+  if (keys.length === 0)
+    return {};
+  const client = await acquireSdkClient(opts, "resolving 1Password secret reference(s)");
+  const response = await client.secrets.resolveAll(keys.map((k) => refs[k]));
+  return mapSdkResolveAll(refs, response);
+}
+async function readEnvironment(environmentId, opts = {}) {
+  const id = (environmentId ?? "").trim();
+  if (id === "") {
+    throw new Error("1Password Environment ID is empty. Usage: --op-env <environmentID>");
+  }
+  const client = await acquireSdkClient(opts, `1Password Environment '${id}'`);
+  if (!client.environments || typeof client.environments.getVariables !== "function") {
+    throw new Error("1Password Environments require @1password/sdk 0.4.1-beta.1 or later (the stable 0.4.0 has no environments API). Install: `bun add @1password/sdk@0.4.1-beta.1`.");
+  }
+  const { variables } = await client.environments.getVariables(id);
+  if (!Array.isArray(variables) || variables.length === 0) {
+    throw new Error(`1Password Environment '${id}' resolved to no variables. Check that the Environment ID is correct and contains entries.`);
+  }
+  const out = {};
+  for (const v of variables) {
+    if (v && typeof v.name === "string")
+      out[v.name] = typeof v.value === "string" ? v.value : "";
+  }
+  return out;
+}
+var OP_REF_RE, ENV_VAR_NAME_RE, defaultSdkClientFactory = async (auth) => {
+  const { createClient, DesktopAuth } = await Promise.resolve().then(() => __toESM(require_sdk(), 1));
+  const client = await createClient({
+    auth: auth.kind === "token" ? auth.token : new DesktopAuth(auth.accountName),
+    integrationName: "claudish",
+    integrationVersion: VERSION || "1.0.0"
+  });
+  return client;
+}, defaultOpAccountLister = () => {
+  try {
+    const res = spawnSync("op", ["account", "list", "--format=json"], { encoding: "utf-8" });
+    if (res.error || res.status !== 0)
+      return null;
+    const parsed = JSON.parse(res.stdout ?? "");
+    if (!Array.isArray(parsed))
+      return null;
+    const accounts = [];
+    for (const raw of parsed) {
+      if (!raw || typeof raw !== "object")
+        continue;
+      const a = raw;
+      if (typeof a.url !== "string")
+        continue;
+      accounts.push({
+        url: a.url,
+        email: typeof a.email === "string" ? a.email : "",
+        account_uuid: typeof a.account_uuid === "string" ? a.account_uuid : "",
+        user_id: typeof a.user_id === "string" ? a.user_id : ""
+      });
+    }
+    return accounts;
+  } catch {
+    return null;
+  }
+};
+var init_onepassword = __esm(() => {
+  OP_REF_RE = /^op:\/\/[^\s]+$/;
+  ENV_VAR_NAME_RE = /^[A-Z_][A-Z0-9_]*$/;
+});
+
+// src/onepassword-command.ts
+var exports_onepassword_command = {};
+__export(exports_onepassword_command, {
+  opPreviewCommand: () => opPreviewCommand
+});
+async function opPreviewCommand(globPath, opts = {}) {
+  const path = (globPath ?? "").trim();
+  if (path === "") {
+    console.error("[claudish] `--op ... --list` requires an op:// path.\n");
+    console.error(USAGE);
+    process.exit(1);
+  }
+  if (!path.startsWith("op://")) {
+    console.error(`[claudish] '${path}' is not an op:// path.
+`);
+    console.error(USAGE);
+    process.exit(1);
+  }
+  if (!isGlobImport(path)) {
+    console.error(`[claudish] '${path}' is not a glob import (no '*' in the field/section ` + "segment). This command previews glob imports; a single op:// reference " + `resolves directly when used as a config value.
+`);
+    console.error(USAGE);
+    process.exit(1);
+  }
+  const glob = parseGlobImport(path);
+  let fields;
+  try {
+    fields = await discoverItemFields(glob.vault, glob.item, { auth: opts.auth });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[claudish] 1Password discovery failed: ${message}`);
+    process.exit(1);
+  }
+  const matches = filterGlobFields(fields, glob);
+  console.log(`Preview: ${path}`);
+  if (matches.length === 0) {
+    console.log("  (no fields match this glob)");
+    const available = fields.map((f) => f.label.trim()).filter((l) => l !== "").slice(0, 8);
+    console.log(`  Available field labels include: ${available.join(", ") || "(none)"}`);
+    console.log("0 importable, 0 skipped");
+    return;
+  }
+  const NAME_COL = Math.min(30, Math.max(...matches.map((m) => m.envName.length), 0));
+  let importable = 0;
+  let skipped = 0;
+  for (const m of matches) {
+    const name = m.envName.padEnd(NAME_COL);
+    if (!m.valid) {
+      skipped++;
+      console.log(`  ${name}  \u2717  skipped (not a valid env var name)`);
+      continue;
+    }
+    importable++;
+    const trimmed = m.field.label !== m.envName;
+    const detail = trimmed ? `(trimmed from '${m.field.label}')` : m.field.section ? `(section: ${m.field.section})` : "(top-level field)";
+    console.log(`  ${name}  \u2713  ${detail}`);
+  }
+  console.log(`${importable} importable, ${skipped} skipped`);
+}
+var USAGE;
+var init_onepassword_command = __esm(() => {
+  init_onepassword();
+  USAGE = `Usage:
+` + `  claudish --op <op://vault/item/[section]/field-glob>
+` + `      Load API keys from a 1Password item glob, then run normally.
+` + `  claudish --op <op://vault/item/[section]/field-glob> --list
+` + `      Preview which fields the glob would import (names only, no values).
+` + `  Examples:
+` + `    claudish --op 'op://Jack/My Item/*/*_API_KEY' --list
+` + "    claudish --op 'op://Jack/My Item/*/*_API_KEY' --model gpt-4o 'task'";
+});
+
 // ../../node_modules/.bun/zod@4.1.13/node_modules/zod/v4/core/core.js
 function $constructor(name, initializer, params) {
   function init(inst, def) {
@@ -1329,7 +4562,7 @@ var _parse = (_Err) => (schema, value, _ctx, _params) => {
     throw e;
   }
   return result.value;
-}, parse, _parseAsync = (_Err) => async (schema, value, _ctx, params) => {
+}, parse2, _parseAsync = (_Err) => async (schema, value, _ctx, params) => {
   const ctx = _ctx ? Object.assign(_ctx, { async: true }) : { async: true };
   let result = schema._zod.run({ value, issues: [] }, ctx);
   if (result instanceof Promise)
@@ -1384,7 +4617,7 @@ var init_parse = __esm(() => {
   init_core();
   init_errors();
   init_util();
-  parse = /* @__PURE__ */ _parse($ZodRealError);
+  parse2 = /* @__PURE__ */ _parse($ZodRealError);
   parseAsync = /* @__PURE__ */ _parseAsync($ZodRealError);
   safeParse = /* @__PURE__ */ _safeParse($ZodRealError);
   safeParseAsync = /* @__PURE__ */ _safeParseAsync($ZodRealError);
@@ -3891,10 +7124,10 @@ var init_schemas = __esm(() => {
         throw new Error("implement() must be called with a function");
       }
       return function(...args) {
-        const parsedArgs = inst._def.input ? parse(inst._def.input, args) : args;
+        const parsedArgs = inst._def.input ? parse2(inst._def.input, args) : args;
         const result = Reflect.apply(func, this, parsedArgs);
         if (inst._def.output) {
-          return parse(inst._def.output, result);
+          return parse2(inst._def.output, result);
         }
         return result;
       };
@@ -11686,7 +14919,7 @@ __export(exports_core2, {
   regexes: () => exports_regexes,
   prettifyError: () => prettifyError,
   parseAsync: () => parseAsync,
-  parse: () => parse,
+  parse: () => parse2,
   meta: () => meta,
   locales: () => exports_locales,
   isValidJWT: () => isValidJWT,
@@ -12148,11 +15381,11 @@ var init_errors2 = __esm(() => {
 });
 
 // ../../node_modules/.bun/zod@4.1.13/node_modules/zod/v4/classic/parse.js
-var parse4, parseAsync2, safeParse3, safeParseAsync2, encode2, decode2, encodeAsync2, decodeAsync2, safeEncode2, safeDecode2, safeEncodeAsync2, safeDecodeAsync2;
+var parse5, parseAsync2, safeParse3, safeParseAsync2, encode2, decode2, encodeAsync2, decodeAsync2, safeEncode2, safeDecode2, safeEncodeAsync2, safeDecodeAsync2;
 var init_parse3 = __esm(() => {
   init_core2();
   init_errors2();
-  parse4 = /* @__PURE__ */ _parse(ZodRealError);
+  parse5 = /* @__PURE__ */ _parse(ZodRealError);
   parseAsync2 = /* @__PURE__ */ _parseAsync(ZodRealError);
   safeParse3 = /* @__PURE__ */ _safeParse(ZodRealError);
   safeParseAsync2 = /* @__PURE__ */ _safeParseAsync(ZodRealError);
@@ -12617,7 +15850,7 @@ var init_schemas3 = __esm(() => {
       reg.add(inst, meta2);
       return inst;
     };
-    inst.parse = (data, params) => parse4(inst, data, params, { callee: inst.parse });
+    inst.parse = (data, params) => parse5(inst, data, params, { callee: inst.parse });
     inst.safeParse = (data, params) => safeParse3(inst, data, params);
     inst.parseAsync = async (data, params) => parseAsync2(inst, data, params, { callee: inst.parseAsync });
     inst.safeParseAsync = async (data, params) => safeParseAsync2(inst, data, params);
@@ -13267,7 +16500,7 @@ __export(exports_external, {
   pipe: () => pipe,
   partialRecord: () => partialRecord,
   parseAsync: () => parseAsync2,
-  parse: () => parse4,
+  parse: () => parse5,
   overwrite: () => _overwrite,
   optional: () => optional,
   object: () => object2,
@@ -16409,12 +19642,12 @@ var require_util = __commonJS((exports) => {
   }
   exports.alwaysValidSchema = alwaysValidSchema;
   function checkUnknownRules(it, schema = it.schema) {
-    const { opts, self } = it;
+    const { opts, self: self2 } = it;
     if (!opts.strictSchema)
       return;
     if (typeof schema === "boolean")
       return;
-    const rules = self.RULES.keywords;
+    const rules = self2.RULES.keywords;
     for (const key in schema) {
       if (!rules[key])
         checkStrictMode(it, `unknown keyword: "${key}"`);
@@ -16576,7 +19809,7 @@ var require_names = __commonJS((exports) => {
 });
 
 // ../../node_modules/.bun/ajv@8.17.1/node_modules/ajv/dist/compile/errors.js
-var require_errors = __commonJS((exports) => {
+var require_errors2 = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   exports.extendErrors = exports.resetErrorsCount = exports.reportExtraError = exports.reportError = exports.keyword$DataError = exports.keywordError = undefined;
   var codegen_1 = require_codegen();
@@ -16697,7 +19930,7 @@ var require_errors = __commonJS((exports) => {
 var require_boolSchema = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   exports.boolOrEmptySchema = exports.topBoolOrEmptySchema = undefined;
-  var errors_1 = require_errors();
+  var errors_1 = require_errors2();
   var codegen_1 = require_codegen();
   var names_1 = require_names();
   var boolError = {
@@ -16773,8 +20006,8 @@ var require_rules = __commonJS((exports) => {
 var require_applicability = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   exports.shouldUseRule = exports.shouldUseGroup = exports.schemaHasRulesForType = undefined;
-  function schemaHasRulesForType({ schema, self }, type) {
-    const group = self.RULES.types[type];
+  function schemaHasRulesForType({ schema, self: self2 }, type) {
+    const group = self2.RULES.types[type];
     return group && group !== true && shouldUseGroup(schema, group);
   }
   exports.schemaHasRulesForType = schemaHasRulesForType;
@@ -16795,7 +20028,7 @@ var require_dataType = __commonJS((exports) => {
   exports.reportTypeError = exports.checkDataTypes = exports.checkDataType = exports.coerceAndCheckDataType = exports.getJSONTypes = exports.getSchemaTypes = exports.DataType = undefined;
   var rules_1 = require_rules();
   var applicability_1 = require_applicability();
-  var errors_1 = require_errors();
+  var errors_1 = require_errors2();
   var codegen_1 = require_codegen();
   var util_1 = require_util();
   var DataType;
@@ -17140,7 +20373,7 @@ var require_keyword = __commonJS((exports) => {
   var codegen_1 = require_codegen();
   var names_1 = require_names();
   var code_1 = require_code2();
-  var errors_1 = require_errors();
+  var errors_1 = require_errors2();
   function macroKeywordCode(cxt, def) {
     const { gen, keyword, schema, parentSchema, it } = cxt;
     const macroSchema = def.macro.call(it.self, schema, parentSchema, it);
@@ -17226,7 +20459,7 @@ var require_keyword = __commonJS((exports) => {
     return !schemaType.length || schemaType.some((st) => st === "array" ? Array.isArray(schema) : st === "object" ? schema && typeof schema == "object" && !Array.isArray(schema) : typeof schema == st || allowUndefined && typeof schema == "undefined");
   }
   exports.validSchemaType = validSchemaType;
-  function validateKeywordUsage({ schema, opts, self, errSchemaPath }, def, keyword) {
+  function validateKeywordUsage({ schema, opts, self: self2, errSchemaPath }, def, keyword) {
     if (Array.isArray(def.keyword) ? !def.keyword.includes(keyword) : def.keyword !== keyword) {
       throw new Error("ajv implementation error");
     }
@@ -17237,9 +20470,9 @@ var require_keyword = __commonJS((exports) => {
     if (def.validateSchema) {
       const valid = def.validateSchema(schema[keyword]);
       if (!valid) {
-        const msg = `keyword "${keyword}" value is invalid at path "${errSchemaPath}": ` + self.errorsText(def.validateSchema.errors);
+        const msg = `keyword "${keyword}" value is invalid at path "${errSchemaPath}": ` + self2.errorsText(def.validateSchema.errors);
         if (opts.validateSchema === "log")
-          self.logger.error(msg);
+          self2.logger.error(msg);
         else
           throw new Error(msg);
       }
@@ -17621,7 +20854,7 @@ var require_validate = __commonJS((exports) => {
   var names_1 = require_names();
   var resolve_1 = require_resolve();
   var util_1 = require_util();
-  var errors_1 = require_errors();
+  var errors_1 = require_errors2();
   function validateFunctionCode(it) {
     if (isSchemaObj(it)) {
       checkKeywords(it);
@@ -17699,11 +20932,11 @@ var require_validate = __commonJS((exports) => {
     }
     (0, boolSchema_1.boolOrEmptySchema)(it, valid);
   }
-  function schemaCxtHasRules({ schema, self }) {
+  function schemaCxtHasRules({ schema, self: self2 }) {
     if (typeof schema == "boolean")
       return !schema;
     for (const key in schema)
-      if (self.RULES.all[key])
+      if (self2.RULES.all[key])
         return true;
     return false;
   }
@@ -17732,9 +20965,9 @@ var require_validate = __commonJS((exports) => {
     schemaKeywords(it, types, !checkedTypes, errsCount);
   }
   function checkRefsAndKeywords(it) {
-    const { schema, errSchemaPath, opts, self } = it;
-    if (schema.$ref && opts.ignoreKeywordsWithRef && (0, util_1.schemaHasRulesButRef)(schema, self.RULES)) {
-      self.logger.warn(`$ref: keywords ignored in schema at path "${errSchemaPath}"`);
+    const { schema, errSchemaPath, opts, self: self2 } = it;
+    if (schema.$ref && opts.ignoreKeywordsWithRef && (0, util_1.schemaHasRulesButRef)(schema, self2.RULES)) {
+      self2.logger.warn(`$ref: keywords ignored in schema at path "${errSchemaPath}"`);
     }
   }
   function checkNoDefault(it) {
@@ -17780,8 +21013,8 @@ var require_validate = __commonJS((exports) => {
       gen.assign((0, codegen_1._)`${evaluated}.items`, items);
   }
   function schemaKeywords(it, types, typeErrors, errsCount) {
-    const { gen, schema, data, allErrors, opts, self } = it;
-    const { RULES } = self;
+    const { gen, schema, data, allErrors, opts, self: self2 } = it;
+    const { RULES } = self2;
     if (schema.$ref && (opts.ignoreKeywordsWithRef || !(0, util_1.schemaHasRulesButRef)(schema, RULES))) {
       gen.block(() => keywordCode(it, "$ref", RULES.all.$ref.definition));
       return;
@@ -18813,23 +22046,23 @@ var require_fast_uri = __commonJS((exports, module) => {
   var { SCHEMES, getSchemeHandler } = require_schemes();
   function normalize(uri, options) {
     if (typeof uri === "string") {
-      uri = serialize(parse6(uri, options), options);
+      uri = serialize(parse7(uri, options), options);
     } else if (typeof uri === "object") {
-      uri = parse6(serialize(uri, options), options);
+      uri = parse7(serialize(uri, options), options);
     }
     return uri;
   }
   function resolve(baseURI, relativeURI, options) {
     const schemelessOptions = options ? Object.assign({ scheme: "null" }, options) : { scheme: "null" };
-    const resolved = resolveComponent(parse6(baseURI, schemelessOptions), parse6(relativeURI, schemelessOptions), schemelessOptions, true);
+    const resolved = resolveComponent(parse7(baseURI, schemelessOptions), parse7(relativeURI, schemelessOptions), schemelessOptions, true);
     schemelessOptions.skipEscape = true;
     return serialize(resolved, schemelessOptions);
   }
   function resolveComponent(base, relative, options, skipNormalization) {
     const target = {};
     if (!skipNormalization) {
-      base = parse6(serialize(base, options), options);
-      relative = parse6(serialize(relative, options), options);
+      base = parse7(serialize(base, options), options);
+      relative = parse7(serialize(relative, options), options);
     }
     options = options || {};
     if (!options.tolerant && relative.scheme) {
@@ -18881,13 +22114,13 @@ var require_fast_uri = __commonJS((exports, module) => {
   function equal(uriA, uriB, options) {
     if (typeof uriA === "string") {
       uriA = unescape(uriA);
-      uriA = serialize(normalizeComponentEncoding(parse6(uriA, options), true), { ...options, skipEscape: true });
+      uriA = serialize(normalizeComponentEncoding(parse7(uriA, options), true), { ...options, skipEscape: true });
     } else if (typeof uriA === "object") {
       uriA = serialize(normalizeComponentEncoding(uriA, true), { ...options, skipEscape: true });
     }
     if (typeof uriB === "string") {
       uriB = unescape(uriB);
-      uriB = serialize(normalizeComponentEncoding(parse6(uriB, options), true), { ...options, skipEscape: true });
+      uriB = serialize(normalizeComponentEncoding(parse7(uriB, options), true), { ...options, skipEscape: true });
     } else if (typeof uriB === "object") {
       uriB = serialize(normalizeComponentEncoding(uriB, true), { ...options, skipEscape: true });
     }
@@ -18957,7 +22190,7 @@ var require_fast_uri = __commonJS((exports, module) => {
     return uriTokens.join("");
   }
   var URI_PARSE = /^(?:([^#/:?]+):)?(?:\/\/((?:([^#/?@]*)@)?(\[[^#/?\]]+\]|[^#/:?]*)(?::(\d*))?))?([^#?]*)(?:\?([^#]*))?(?:#((?:.|[\n\r])*))?/u;
-  function parse6(uri, opts) {
+  function parse7(uri, opts) {
     const options = Object.assign({}, opts);
     const parsed = {
       scheme: undefined,
@@ -19051,7 +22284,7 @@ var require_fast_uri = __commonJS((exports, module) => {
     resolveComponent,
     equal,
     serialize,
-    parse: parse6
+    parse: parse7
   };
   module.exports = fastUri;
   module.exports.default = fastUri;
@@ -19067,7 +22300,7 @@ var require_uri = __commonJS((exports) => {
 });
 
 // ../../node_modules/.bun/ajv@8.17.1/node_modules/ajv/dist/core.js
-var require_core = __commonJS((exports) => {
+var require_core3 = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   exports.CodeGen = exports.Name = exports.nil = exports.stringify = exports.str = exports._ = exports.KeywordCxt = undefined;
   var validate_1 = require_validate();
@@ -19686,11 +22919,11 @@ var require_ref = __commonJS((exports) => {
     schemaType: "string",
     code(cxt) {
       const { gen, schema: $ref, it } = cxt;
-      const { baseId, schemaEnv: env, validateName, opts, self } = it;
+      const { baseId, schemaEnv: env, validateName, opts, self: self2 } = it;
       const { root } = env;
       if (($ref === "#" || $ref === "#/") && baseId === root.baseId)
         return callRootRef();
-      const schOrEnv = compile_1.resolveRef.call(self, root, baseId, $ref);
+      const schOrEnv = compile_1.resolveRef.call(self2, root, baseId, $ref);
       if (schOrEnv === undefined)
         throw new ref_error_1.default(it.opts.uriResolver, baseId, $ref);
       if (schOrEnv instanceof compile_1.SchemaEnv)
@@ -19791,7 +23024,7 @@ var require_ref = __commonJS((exports) => {
 });
 
 // ../../node_modules/.bun/ajv@8.17.1/node_modules/ajv/dist/vocabularies/core/index.js
-var require_core2 = __commonJS((exports) => {
+var require_core4 = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   var id_1 = require_id();
   var ref_1 = require_ref();
@@ -20295,7 +23528,7 @@ var require_additionalItems = __commonJS((exports) => {
 });
 
 // ../../node_modules/.bun/ajv@8.17.1/node_modules/ajv/dist/vocabularies/applicator/items.js
-var require_items = __commonJS((exports) => {
+var require_items2 = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   exports.validateTuple = undefined;
   var codegen_1 = require_codegen();
@@ -20351,7 +23584,7 @@ var require_items = __commonJS((exports) => {
 // ../../node_modules/.bun/ajv@8.17.1/node_modules/ajv/dist/vocabularies/applicator/prefixItems.js
 var require_prefixItems = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
-  var items_1 = require_items();
+  var items_1 = require_items2();
   var def = {
     keyword: "prefixItems",
     type: "array",
@@ -21046,7 +24279,7 @@ var require_applicator = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   var additionalItems_1 = require_additionalItems();
   var prefixItems_1 = require_prefixItems();
-  var items_1 = require_items();
+  var items_1 = require_items2();
   var items2020_1 = require_items2020();
   var contains_1 = require_contains();
   var dependencies_1 = require_dependencies();
@@ -21100,7 +24333,7 @@ var require_format = __commonJS((exports) => {
     error: error46,
     code(cxt, ruleType) {
       const { gen, data, $data, schema, schemaCode, it } = cxt;
-      const { opts, errSchemaPath, schemaEnv, self } = it;
+      const { opts, errSchemaPath, schemaEnv, self: self2 } = it;
       if (!opts.validateFormats)
         return;
       if ($data)
@@ -21109,7 +24342,7 @@ var require_format = __commonJS((exports) => {
         validateFormat();
       function validate$DataFormat() {
         const fmts = gen.scopeValue("formats", {
-          ref: self.formats,
+          ref: self2.formats,
           code: opts.code.formats
         });
         const fDef = gen.const("fDef", (0, codegen_1._)`${fmts}[${schemaCode}]`);
@@ -21129,7 +24362,7 @@ var require_format = __commonJS((exports) => {
         }
       }
       function validateFormat() {
-        const formatDef = self.formats[schema];
+        const formatDef = self2.formats[schema];
         if (!formatDef) {
           unknownFormat();
           return;
@@ -21141,7 +24374,7 @@ var require_format = __commonJS((exports) => {
           cxt.pass(validCondition());
         function unknownFormat() {
           if (opts.strictSchema === false) {
-            self.logger.warn(unknownMsg());
+            self2.logger.warn(unknownMsg());
             return;
           }
           throw new Error(unknownMsg());
@@ -21202,7 +24435,7 @@ var require_metadata = __commonJS((exports) => {
 // ../../node_modules/.bun/ajv@8.17.1/node_modules/ajv/dist/vocabularies/draft7.js
 var require_draft7 = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
-  var core_1 = require_core2();
+  var core_1 = require_core4();
   var validation_1 = require_validation();
   var applicator_1 = require_applicator();
   var format_1 = require_format2();
@@ -21219,7 +24452,7 @@ var require_draft7 = __commonJS((exports) => {
 });
 
 // ../../node_modules/.bun/ajv@8.17.1/node_modules/ajv/dist/vocabularies/discriminator/types.js
-var require_types = __commonJS((exports) => {
+var require_types2 = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   exports.DiscrError = undefined;
   var DiscrError;
@@ -21233,7 +24466,7 @@ var require_types = __commonJS((exports) => {
 var require_discriminator = __commonJS((exports) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   var codegen_1 = require_codegen();
-  var types_1 = require_types();
+  var types_1 = require_types2();
   var compile_1 = require_compile();
   var ref_error_1 = require_ref_error();
   var util_1 = require_util();
@@ -21490,7 +24723,7 @@ var require_json_schema_draft_07 = __commonJS((exports, module) => {
 var require_ajv = __commonJS((exports, module) => {
   Object.defineProperty(exports, "__esModule", { value: true });
   exports.MissingRefError = exports.ValidationError = exports.CodeGen = exports.Name = exports.nil = exports.stringify = exports.str = exports._ = exports.KeywordCxt = exports.Ajv = undefined;
-  var core_1 = require_core();
+  var core_1 = require_core3();
   var draft7_1 = require_draft7();
   var discriminator_1 = require_discriminator();
   var draft7MetaSchema = require_json_schema_draft_07();
@@ -21756,17 +24989,17 @@ var require_limit = __commonJS((exports) => {
     error: error46,
     code(cxt) {
       const { gen, data, schemaCode, keyword, it } = cxt;
-      const { opts, self } = it;
+      const { opts, self: self2 } = it;
       if (!opts.validateFormats)
         return;
-      const fCxt = new ajv_1.KeywordCxt(it, self.RULES.all.format.definition, "format");
+      const fCxt = new ajv_1.KeywordCxt(it, self2.RULES.all.format.definition, "format");
       if (fCxt.$data)
         validate$DataFormat();
       else
         validateFormat();
       function validate$DataFormat() {
         const fmts = gen.scopeValue("formats", {
-          ref: self.formats,
+          ref: self2.formats,
           code: opts.code.formats
         });
         const fmt = gen.const("fmt", (0, codegen_1._)`${fmts}[${fCxt.schemaCode}]`);
@@ -21774,7 +25007,7 @@ var require_limit = __commonJS((exports) => {
       }
       function validateFormat() {
         const format = fCxt.schema;
-        const fmtDef = self.formats[format];
+        const fmtDef = self2.formats[format];
         if (!fmtDef || fmtDef === true)
           return;
         if (typeof fmtDef != "object" || fmtDef instanceof RegExp || typeof fmtDef.compare != "function") {
@@ -22450,14 +25683,14 @@ __export(exports_team_orchestrator, {
 });
 import { spawn } from "child_process";
 import {
-  mkdirSync,
-  writeFileSync,
-  readFileSync,
-  existsSync,
+  mkdirSync as mkdirSync2,
+  writeFileSync as writeFileSync2,
+  readFileSync as readFileSync2,
+  existsSync as existsSync2,
   readdirSync,
   createWriteStream
 } from "fs";
-import { join, resolve } from "path";
+import { join as join2, resolve } from "path";
 function validateSessionPath(sessionPath) {
   const resolved = resolve(sessionPath);
   const cwd = process.cwd();
@@ -22478,18 +25711,18 @@ function setupSession(sessionPath, models, input) {
   if (models.length === 0) {
     throw new Error("At least one model is required");
   }
-  if (existsSync(join(sessionPath, "manifest.json"))) {
+  if (existsSync2(join2(sessionPath, "manifest.json"))) {
     throw new Error(`Session already exists at ${sessionPath}. ` + `Use a new directory path or delete the existing session first.`);
   }
   const sentinels = models.filter(isSentinelModel);
   if (sentinels.length > 0) {
     throw new Error(`Invalid model(s) for team run: ${sentinels.join(", ")}. ` + `These are Claude Code agent selectors, not external model IDs. ` + `Use real external models (e.g., "gemini-2.0-flash", "gpt-4o", "or@deepseek/deepseek-r1"). ` + `For Claude models, use a Task agent instead of the team tool.`);
   }
-  mkdirSync(join(sessionPath, "work"), { recursive: true });
-  mkdirSync(join(sessionPath, "errors"), { recursive: true });
+  mkdirSync2(join2(sessionPath, "work"), { recursive: true });
+  mkdirSync2(join2(sessionPath, "errors"), { recursive: true });
   if (input !== undefined) {
-    writeFileSync(join(sessionPath, "input.md"), input, "utf-8");
-  } else if (!existsSync(join(sessionPath, "input.md"))) {
+    writeFileSync2(join2(sessionPath, "input.md"), input, "utf-8");
+  } else if (!existsSync2(join2(sessionPath, "input.md"))) {
     throw new Error(`No input.md found at ${sessionPath} and no input provided`);
   }
   const ids = models.map((_, i) => String(i + 1).padStart(2, "0"));
@@ -22506,9 +25739,9 @@ function setupSession(sessionPath, models, input) {
       model: models[i],
       assignedAt: now
     };
-    mkdirSync(join(sessionPath, "work", anonId), { recursive: true });
+    mkdirSync2(join2(sessionPath, "work", anonId), { recursive: true });
   }
-  writeFileSync(join(sessionPath, "manifest.json"), JSON.stringify(manifest, null, 2), "utf-8");
+  writeFileSync2(join2(sessionPath, "manifest.json"), JSON.stringify(manifest, null, 2), "utf-8");
   const status = {
     startedAt: now,
     models: Object.fromEntries(Object.keys(manifest.models).map((id) => [
@@ -22522,19 +25755,19 @@ function setupSession(sessionPath, models, input) {
       }
     ]))
   };
-  writeFileSync(join(sessionPath, "status.json"), JSON.stringify(status, null, 2), "utf-8");
+  writeFileSync2(join2(sessionPath, "status.json"), JSON.stringify(status, null, 2), "utf-8");
   return manifest;
 }
 async function runModels(sessionPath, opts = {}) {
   const timeoutMs = (opts.timeout ?? 300) * 1000;
-  const manifest = JSON.parse(readFileSync(join(sessionPath, "manifest.json"), "utf-8"));
-  const statusPath = join(sessionPath, "status.json");
-  const inputPath = join(sessionPath, "input.md");
-  const inputContent = readFileSync(inputPath, "utf-8");
-  const statusCache = JSON.parse(readFileSync(statusPath, "utf-8"));
+  const manifest = JSON.parse(readFileSync2(join2(sessionPath, "manifest.json"), "utf-8"));
+  const statusPath = join2(sessionPath, "status.json");
+  const inputPath = join2(sessionPath, "input.md");
+  const inputContent = readFileSync2(inputPath, "utf-8");
+  const statusCache = JSON.parse(readFileSync2(statusPath, "utf-8"));
   function updateModelStatus(id, update) {
     statusCache.models[id] = { ...statusCache.models[id], ...update };
-    writeFileSync(statusPath, JSON.stringify(statusCache, null, 2), "utf-8");
+    writeFileSync2(statusPath, JSON.stringify(statusCache, null, 2), "utf-8");
   }
   const processes = new Map;
   const sigintHandler = () => {
@@ -22547,8 +25780,8 @@ async function runModels(sessionPath, opts = {}) {
   process.on("SIGINT", sigintHandler);
   const completionPromises = [];
   for (const [anonId, entry] of Object.entries(manifest.models)) {
-    const outputPath = join(sessionPath, `response-${anonId}.md`);
-    const errorLogPath = join(sessionPath, "errors", `${anonId}.log`);
+    const outputPath = join2(sessionPath, `response-${anonId}.md`);
+    const errorLogPath = join2(sessionPath, "errors", `${anonId}.log`);
     const args = ["--model", entry.model, "-y", "--stdin", "--quiet", ...opts.claudeFlags ?? []];
     updateModelStatus(anonId, {
       state: "RUNNING",
@@ -22601,7 +25834,7 @@ async function runModels(sessionPath, opts = {}) {
           return;
         }
         if (stderr) {
-          writeFileSync(errorLogPath, stderr, "utf-8");
+          writeFileSync2(errorLogPath, stderr, "utf-8");
         }
         exitCode = code;
         if (outputStream.destroyed) {
@@ -22646,23 +25879,23 @@ async function judgeResponses(sessionPath, opts = {}) {
   const responses = {};
   for (const file2 of responseFiles) {
     const id = file2.replace(/^response-/, "").replace(/\.md$/, "");
-    responses[id] = readFileSync(join(sessionPath, file2), "utf-8");
+    responses[id] = readFileSync2(join2(sessionPath, file2), "utf-8");
   }
-  const input = readFileSync(join(sessionPath, "input.md"), "utf-8");
+  const input = readFileSync2(join2(sessionPath, "input.md"), "utf-8");
   const judgePrompt = buildJudgePrompt(input, responses);
-  writeFileSync(join(sessionPath, "judge-prompt.md"), judgePrompt, "utf-8");
+  writeFileSync2(join2(sessionPath, "judge-prompt.md"), judgePrompt, "utf-8");
   const judgeModels = opts.judges ?? getDefaultJudgeModels(sessionPath);
-  const judgePath = join(sessionPath, "judging");
-  mkdirSync(judgePath, { recursive: true });
+  const judgePath = join2(sessionPath, "judging");
+  mkdirSync2(judgePath, { recursive: true });
   setupSession(judgePath, judgeModels, judgePrompt);
   await runModels(judgePath, { claudeFlags: opts.claudeFlags });
   const votes = parseJudgeVotes(judgePath, Object.keys(responses));
   const verdict = aggregateVerdict(votes, Object.keys(responses));
-  writeFileSync(join(sessionPath, "verdict.md"), formatVerdict(verdict, sessionPath), "utf-8");
+  writeFileSync2(join2(sessionPath, "verdict.md"), formatVerdict(verdict, sessionPath), "utf-8");
   return verdict;
 }
 function getStatus(sessionPath) {
-  return JSON.parse(readFileSync(join(sessionPath, "status.json"), "utf-8"));
+  return JSON.parse(readFileSync2(join2(sessionPath, "status.json"), "utf-8"));
 }
 function fisherYatesShuffle(arr) {
   for (let i = arr.length - 1;i > 0; i--) {
@@ -22672,7 +25905,7 @@ function fisherYatesShuffle(arr) {
   return arr;
 }
 function getDefaultJudgeModels(sessionPath) {
-  const manifest = JSON.parse(readFileSync(join(sessionPath, "manifest.json"), "utf-8"));
+  const manifest = JSON.parse(readFileSync2(join2(sessionPath, "manifest.json"), "utf-8"));
   return Object.values(manifest.models).map((e) => e.model);
 }
 function buildJudgePrompt(input, responses) {
@@ -22735,7 +25968,7 @@ function parseJudgeVotes(judgePath, responseIds) {
     const judgeId = file2.replace(/^response-/, "").replace(/\.md$/, "");
     let content;
     try {
-      content = readFileSync(join(judgePath, file2), "utf-8");
+      content = readFileSync2(join2(judgePath, file2), "utf-8");
     } catch {
       continue;
     }
@@ -22787,7 +26020,7 @@ function aggregateVerdict(votes, responseIds) {
 function formatVerdict(verdict, sessionPath) {
   let manifest = null;
   try {
-    manifest = JSON.parse(readFileSync(join(sessionPath, "manifest.json"), "utf-8"));
+    manifest = JSON.parse(readFileSync2(join2(sessionPath, "manifest.json"), "utf-8"));
   } catch {}
   let output = `# Team Verdict
 
@@ -23020,9 +26253,9 @@ var init_signal_watcher = __esm(() => {
 
 // src/channel/session-manager.ts
 import { spawn as spawn2 } from "child_process";
-import { mkdirSync as mkdirSync2, writeFileSync as writeFileSync2, createWriteStream as createWriteStream2 } from "fs";
-import { join as join2 } from "path";
-import { homedir } from "os";
+import { mkdirSync as mkdirSync3, writeFileSync as writeFileSync3, createWriteStream as createWriteStream2 } from "fs";
+import { join as join3 } from "path";
+import { homedir as homedir2 } from "os";
 import { randomUUID } from "crypto";
 
 class SessionManager {
@@ -23043,10 +26276,10 @@ class SessionManager {
     const sessionId = randomUUID().slice(0, 8);
     const timeout = Math.min(opts.timeoutSeconds ?? DEFAULT_TIMEOUT, MAX_TIMEOUT);
     const startedAt = new Date().toISOString();
-    const sessionDir = join2(homedir(), ".claudish", "sessions", sessionId);
-    mkdirSync2(sessionDir, { recursive: true });
+    const sessionDir = join3(homedir2(), ".claudish", "sessions", sessionId);
+    mkdirSync3(sessionDir, { recursive: true });
     if (opts.prompt) {
-      writeFileSync2(join2(sessionDir, "prompt.md"), opts.prompt, "utf-8");
+      writeFileSync3(join3(sessionDir, "prompt.md"), opts.prompt, "utf-8");
     }
     const args = ["--model", opts.model, "-y", "--stdin", "--quiet", ...opts.claudishFlags ?? []];
     const proc = spawn2("claudish", args, {
@@ -23073,7 +26306,7 @@ class SessionManager {
         });
       }
     });
-    const outputLogStream = createWriteStream2(join2(sessionDir, "output.log"));
+    const outputLogStream = createWriteStream2(join3(sessionDir, "output.log"));
     const entry = {
       info: {
         sessionId,
@@ -23120,9 +26353,9 @@ class SessionManager {
       watcher.processExited(code);
       outputLogStream.end();
       if (entry.stderr) {
-        writeFileSync2(join2(sessionDir, "stderr.log"), entry.stderr, "utf-8");
+        writeFileSync3(join3(sessionDir, "stderr.log"), entry.stderr, "utf-8");
       }
-      writeFileSync2(join2(sessionDir, "meta.json"), JSON.stringify(entry.info, null, 2), "utf-8");
+      writeFileSync3(join3(sessionDir, "meta.json"), JSON.stringify(entry.info, null, 2), "utf-8");
       this.cleanupSigint();
     });
     proc.on("error", (err) => {
@@ -25567,9 +28800,9 @@ __export(exports_logger, {
   getLogFilePath: () => getLogFilePath,
   getAlwaysOnLogPath: () => getAlwaysOnLogPath
 });
-import { writeFileSync as writeFileSync3, appendFile, existsSync as existsSync2, mkdirSync as mkdirSync3, readdirSync as readdirSync2, unlinkSync } from "fs";
-import { join as join3 } from "path";
-import { homedir as homedir2 } from "os";
+import { writeFileSync as writeFileSync4, appendFile, existsSync as existsSync3, mkdirSync as mkdirSync4, readdirSync as readdirSync2, unlinkSync } from "fs";
+import { join as join4 } from "path";
+import { homedir as homedir3 } from "os";
 function flushLogBuffer() {
   if (!logFilePath || logBuffer.length === 0)
     return;
@@ -25601,11 +28834,11 @@ function scheduleFlush() {
       flushTimer = null;
     }
     if (logFilePath && logBuffer.length > 0) {
-      writeFileSync3(logFilePath, logBuffer.join(""), { flag: "a" });
+      writeFileSync4(logFilePath, logBuffer.join(""), { flag: "a" });
       logBuffer = [];
     }
     if (alwaysOnLogPath && alwaysOnBuffer.length > 0) {
-      writeFileSync3(alwaysOnLogPath, alwaysOnBuffer.join(""), { flag: "a" });
+      writeFileSync4(alwaysOnLogPath, alwaysOnBuffer.join(""), { flag: "a" });
       alwaysOnBuffer = [];
     }
   });
@@ -25615,7 +28848,7 @@ function rotateOldLogs(dir, keep) {
     const files = readdirSync2(dir).filter((f) => f.startsWith("claudish_") && f.endsWith(".log")).sort().reverse();
     for (const file2 of files.slice(keep)) {
       try {
-        unlinkSync(join3(dir, file2));
+        unlinkSync(join4(dir, file2));
       } catch {}
     }
   } catch {}
@@ -25666,13 +28899,13 @@ function redactLogLine(message, timestamp) {
 }
 function initLogger(debugMode, level = "info", noLogs = false) {
   if (!noLogs) {
-    const logsDir = join3(homedir2(), ".claudish", "logs");
-    if (!existsSync2(logsDir)) {
-      mkdirSync3(logsDir, { recursive: true });
+    const logsDir = join4(homedir3(), ".claudish", "logs");
+    if (!existsSync3(logsDir)) {
+      mkdirSync4(logsDir, { recursive: true });
     }
     const timestamp = new Date().toISOString().replace(/[:.]/g, "-").split("T").join("_").slice(0, -5);
-    alwaysOnLogPath = join3(logsDir, `claudish_${timestamp}.log`);
-    writeFileSync3(alwaysOnLogPath, `Claudish Session Log - ${new Date().toISOString()}
+    alwaysOnLogPath = join4(logsDir, `claudish_${timestamp}.log`);
+    writeFileSync4(alwaysOnLogPath, `Claudish Session Log - ${new Date().toISOString()}
 Mode: structural (content redacted)
 ${"=".repeat(60)}
 
@@ -25682,13 +28915,13 @@ ${"=".repeat(60)}
   }
   if (debugMode) {
     logLevel = level;
-    const logsDir = join3(process.cwd(), "logs");
-    if (!existsSync2(logsDir)) {
-      mkdirSync3(logsDir, { recursive: true });
+    const logsDir = join4(process.cwd(), "logs");
+    if (!existsSync3(logsDir)) {
+      mkdirSync4(logsDir, { recursive: true });
     }
     const timestamp = new Date().toISOString().replace(/[:.]/g, "-").split("T").join("_").slice(0, -5);
-    logFilePath = join3(logsDir, `claudish_${timestamp}.log`);
-    writeFileSync3(logFilePath, `Claudish Debug Log - ${new Date().toISOString()}
+    logFilePath = join4(logsDir, `claudish_${timestamp}.log`);
+    writeFileSync4(logFilePath, `Claudish Debug Log - ${new Date().toISOString()}
 Log Level: ${level}
 ${"=".repeat(80)}
 
@@ -25865,424 +29098,6 @@ var init_runtime_providers = __esm(() => {
   _runtimeProfiles = new Map;
 });
 
-// src/profile-config.ts
-var exports_profile_config = {};
-__export(exports_profile_config, {
-  setProfile: () => setProfile,
-  setEndpoint: () => setEndpoint,
-  setDefaultProfile: () => setDefaultProfile,
-  setApiKey: () => setApiKey,
-  saveLocalConfig: () => saveLocalConfig,
-  saveConfig: () => saveConfig,
-  removeEndpoint: () => removeEndpoint,
-  removeApiKey: () => removeApiKey,
-  localConfigExists: () => localConfigExists,
-  loadLocalConfig: () => loadLocalConfig,
-  loadConfig: () => loadConfig,
-  listProfiles: () => listProfiles,
-  listAllProfiles: () => listAllProfiles,
-  isProjectDirectory: () => isProjectDirectory,
-  isLocalProviderEnabled: () => isLocalProviderEnabled,
-  getProfileNames: () => getProfileNames,
-  getProfile: () => getProfile,
-  getModelMapping: () => getModelMapping,
-  getLocalConfigPath: () => getLocalConfigPath,
-  getEndpoint: () => getEndpoint,
-  getDefaultProfile: () => getDefaultProfile,
-  getConfigPathForScope: () => getConfigPathForScope,
-  getConfigPath: () => getConfigPath,
-  getApiKey: () => getApiKey,
-  enableLocalProvider: () => enableLocalProvider,
-  disableLocalProvider: () => disableLocalProvider,
-  deleteProfile: () => deleteProfile,
-  createProfile: () => createProfile,
-  configExistsForScope: () => configExistsForScope,
-  configExists: () => configExists
-});
-import { existsSync as existsSync3, mkdirSync as mkdirSync4, readFileSync as readFileSync2, unlinkSync as unlinkSync2, writeFileSync as writeFileSync4 } from "fs";
-import { homedir as homedir3 } from "os";
-import { dirname, join as join4, parse as parse6 } from "path";
-function ensureConfigDir() {
-  if (!existsSync3(CONFIG_DIR)) {
-    mkdirSync4(CONFIG_DIR, { recursive: true });
-  }
-}
-function loadConfig() {
-  ensureConfigDir();
-  if (!existsSync3(CONFIG_FILE)) {
-    return { ...DEFAULT_CONFIG };
-  }
-  try {
-    const content = readFileSync2(CONFIG_FILE, "utf-8");
-    const config2 = JSON.parse(content);
-    const merged = {
-      version: config2.version || DEFAULT_CONFIG.version,
-      defaultProfile: config2.defaultProfile || DEFAULT_CONFIG.defaultProfile,
-      profiles: config2.profiles || DEFAULT_CONFIG.profiles
-    };
-    if (config2.telemetry !== undefined) {
-      merged.telemetry = config2.telemetry;
-    }
-    if (config2.stats !== undefined) {
-      merged.stats = config2.stats;
-    }
-    if (config2.routing !== undefined) {
-      merged.routing = config2.routing;
-    }
-    if (config2.apiKeys !== undefined) {
-      merged.apiKeys = config2.apiKeys;
-    }
-    if (config2.endpoints !== undefined) {
-      merged.endpoints = config2.endpoints;
-    }
-    if (config2.localProviders !== undefined) {
-      merged.localProviders = Array.from(new Set(config2.localProviders)).sort();
-    }
-    if (config2.autoApproveConfirmedAt !== undefined) {
-      merged.autoApproveConfirmedAt = config2.autoApproveConfirmedAt;
-    }
-    if (config2.defaultProvider !== undefined) {
-      merged.defaultProvider = config2.defaultProvider;
-    }
-    if (config2.customEndpoints !== undefined) {
-      merged.customEndpoints = config2.customEndpoints;
-    }
-    return merged;
-  } catch (error46) {
-    console.error(`Warning: Failed to load config, using defaults: ${error46}`);
-    return { ...DEFAULT_CONFIG };
-  }
-}
-function saveConfig(config2) {
-  ensureConfigDir();
-  writeFileSync4(CONFIG_FILE, JSON.stringify(config2, null, 2), "utf-8");
-}
-function configExists() {
-  return existsSync3(CONFIG_FILE);
-}
-function getConfigPath() {
-  return CONFIG_FILE;
-}
-function getLocalConfigPath() {
-  const home = homedir3();
-  let dir = process.cwd();
-  const root = parse6(dir).root;
-  while (dir !== root && dir !== home) {
-    const candidate = join4(dir, LOCAL_CONFIG_FILENAME);
-    if (existsSync3(candidate))
-      return candidate;
-    if (existsSync3(join4(dir, ".git"))) {
-      return candidate;
-    }
-    dir = dirname(dir);
-  }
-  return join4(process.cwd(), LOCAL_CONFIG_FILENAME);
-}
-function localConfigExists() {
-  return existsSync3(getLocalConfigPath());
-}
-function isProjectDirectory() {
-  const cwd = process.cwd();
-  return [".git", "package.json", "Cargo.toml", "go.mod", "pyproject.toml", ".claudish.json"].some((f) => existsSync3(join4(cwd, f)));
-}
-function loadLocalConfig() {
-  const localPath = getLocalConfigPath();
-  if (!existsSync3(localPath)) {
-    return null;
-  }
-  try {
-    const content = readFileSync2(localPath, "utf-8");
-    const config2 = JSON.parse(content);
-    const local = {
-      version: config2.version || DEFAULT_CONFIG.version,
-      defaultProfile: config2.defaultProfile || "",
-      profiles: config2.profiles || {}
-    };
-    if (config2.routing !== undefined) {
-      local.routing = config2.routing;
-    }
-    return local;
-  } catch (error46) {
-    console.error(`Warning: Failed to load local config: ${error46}`);
-    return null;
-  }
-}
-function saveLocalConfig(config2) {
-  const toWrite = { ...config2 };
-  if (toWrite.routing !== undefined && Object.keys(toWrite.routing).length === 0) {
-    delete toWrite.routing;
-  }
-  const profileCount = Object.keys(toWrite.profiles ?? {}).length;
-  const routingCount = toWrite.routing ? Object.keys(toWrite.routing).length : 0;
-  const path = getLocalConfigPath();
-  if (profileCount === 0 && routingCount === 0) {
-    if (existsSync3(path)) {
-      try {
-        unlinkSync2(path);
-      } catch {
-        writeFileSync4(path, JSON.stringify(toWrite, null, 2), "utf-8");
-      }
-    }
-    return;
-  }
-  writeFileSync4(path, JSON.stringify(toWrite, null, 2), "utf-8");
-}
-function loadConfigForScope(scope) {
-  if (scope === "local") {
-    return loadLocalConfig() || { version: "1.0.0", defaultProfile: "", profiles: {} };
-  }
-  return loadConfig();
-}
-function saveConfigForScope(config2, scope) {
-  if (scope === "local") {
-    saveLocalConfig(config2);
-  } else {
-    saveConfig(config2);
-  }
-}
-function configExistsForScope(scope) {
-  if (scope === "local") {
-    return localConfigExists();
-  }
-  return configExists();
-}
-function getConfigPathForScope(scope) {
-  if (scope === "local") {
-    return getLocalConfigPath();
-  }
-  return getConfigPath();
-}
-function getProfile(name, scope) {
-  if (scope === "local") {
-    const local2 = loadLocalConfig();
-    return local2?.profiles[name];
-  }
-  if (scope === "global") {
-    const config3 = loadConfig();
-    return config3.profiles[name];
-  }
-  const local = loadLocalConfig();
-  if (local?.profiles[name]) {
-    return local.profiles[name];
-  }
-  const config2 = loadConfig();
-  return config2.profiles[name];
-}
-function getDefaultProfile(scope) {
-  if (scope === "local") {
-    const local2 = loadLocalConfig();
-    if (local2 && local2.defaultProfile && local2.profiles[local2.defaultProfile]) {
-      return local2.profiles[local2.defaultProfile];
-    }
-    return DEFAULT_CONFIG.profiles.default;
-  }
-  if (scope === "global") {
-    const config3 = loadConfig();
-    const profile2 = config3.profiles[config3.defaultProfile];
-    if (profile2)
-      return profile2;
-    const firstProfile2 = Object.values(config3.profiles)[0];
-    if (firstProfile2)
-      return firstProfile2;
-    return DEFAULT_CONFIG.profiles.default;
-  }
-  const local = loadLocalConfig();
-  if (local && local.defaultProfile) {
-    const profile2 = getProfile(local.defaultProfile);
-    if (profile2)
-      return profile2;
-  }
-  const config2 = loadConfig();
-  const profile = config2.profiles[config2.defaultProfile];
-  if (profile)
-    return profile;
-  const firstProfile = Object.values(config2.profiles)[0];
-  if (firstProfile)
-    return firstProfile;
-  return DEFAULT_CONFIG.profiles.default;
-}
-function getProfileNames(scope) {
-  if (scope === "local") {
-    const local2 = loadLocalConfig();
-    return local2 ? Object.keys(local2.profiles) : [];
-  }
-  if (scope === "global") {
-    const config3 = loadConfig();
-    return Object.keys(config3.profiles);
-  }
-  const local = loadLocalConfig();
-  const config2 = loadConfig();
-  const names = new Set([
-    ...local ? Object.keys(local.profiles) : [],
-    ...Object.keys(config2.profiles)
-  ]);
-  return [...names];
-}
-function setProfile(profile, scope = "global") {
-  const config2 = loadConfigForScope(scope);
-  const existingProfile = config2.profiles[profile.name];
-  if (existingProfile) {
-    profile.createdAt = existingProfile.createdAt;
-  } else {
-    profile.createdAt = new Date().toISOString();
-  }
-  profile.updatedAt = new Date().toISOString();
-  config2.profiles[profile.name] = profile;
-  saveConfigForScope(config2, scope);
-}
-function deleteProfile(name, scope = "global") {
-  const config2 = loadConfigForScope(scope);
-  if (!config2.profiles[name]) {
-    return false;
-  }
-  if (scope === "global") {
-    const profileCount = Object.keys(config2.profiles).length;
-    if (profileCount <= 1) {
-      throw new Error("Cannot delete the last global profile");
-    }
-  }
-  delete config2.profiles[name];
-  if (config2.defaultProfile === name) {
-    const remaining = Object.keys(config2.profiles);
-    config2.defaultProfile = remaining.length > 0 ? remaining[0] : "";
-  }
-  saveConfigForScope(config2, scope);
-  return true;
-}
-function setDefaultProfile(name, scope = "global") {
-  const config2 = loadConfigForScope(scope);
-  if (!config2.profiles[name]) {
-    throw new Error(`Profile "${name}" does not exist in ${scope} config`);
-  }
-  config2.defaultProfile = name;
-  saveConfigForScope(config2, scope);
-}
-function getModelMapping(profileName) {
-  const profile = profileName ? getProfile(profileName) : getDefaultProfile();
-  if (!profile) {
-    return {};
-  }
-  return profile.models;
-}
-function createProfile(name, models, description, scope = "global") {
-  const now = new Date().toISOString();
-  const profile = {
-    name,
-    description,
-    models,
-    createdAt: now,
-    updatedAt: now
-  };
-  setProfile(profile, scope);
-  return profile;
-}
-function listProfiles() {
-  const config2 = loadConfig();
-  return Object.values(config2.profiles).map((profile) => ({
-    ...profile,
-    isDefault: profile.name === config2.defaultProfile
-  }));
-}
-function listAllProfiles() {
-  const globalConfig2 = loadConfig();
-  const localConfig = loadLocalConfig();
-  const result = [];
-  if (localConfig) {
-    for (const profile of Object.values(localConfig.profiles)) {
-      result.push({
-        ...profile,
-        scope: "local",
-        isDefault: profile.name === localConfig.defaultProfile
-      });
-    }
-  }
-  const localNames = localConfig ? new Set(Object.keys(localConfig.profiles)) : new Set;
-  for (const profile of Object.values(globalConfig2.profiles)) {
-    result.push({
-      ...profile,
-      scope: "global",
-      isDefault: profile.name === globalConfig2.defaultProfile,
-      shadowed: localNames.has(profile.name)
-    });
-  }
-  return result;
-}
-function getApiKey(envVar) {
-  const config2 = loadConfig();
-  return config2.apiKeys?.[envVar];
-}
-function setApiKey(envVar, value) {
-  const config2 = loadConfig();
-  if (!config2.apiKeys)
-    config2.apiKeys = {};
-  config2.apiKeys[envVar] = value;
-  saveConfig(config2);
-}
-function removeApiKey(envVar) {
-  const config2 = loadConfig();
-  if (config2.apiKeys) {
-    delete config2.apiKeys[envVar];
-    saveConfig(config2);
-  }
-}
-function getEndpoint(name) {
-  const config2 = loadConfig();
-  return config2.endpoints?.[name];
-}
-function setEndpoint(name, value) {
-  const config2 = loadConfig();
-  if (!config2.endpoints)
-    config2.endpoints = {};
-  config2.endpoints[name] = value;
-  saveConfig(config2);
-}
-function removeEndpoint(name) {
-  const config2 = loadConfig();
-  if (config2.endpoints) {
-    delete config2.endpoints[name];
-    saveConfig(config2);
-  }
-}
-function isLocalProviderEnabled(providerName, config2 = loadConfig()) {
-  return (config2.localProviders ?? []).includes(providerName);
-}
-function enableLocalProvider(providerName) {
-  const config2 = loadConfig();
-  const providers = new Set(config2.localProviders ?? []);
-  providers.add(providerName);
-  config2.localProviders = Array.from(providers).sort();
-  saveConfig(config2);
-}
-function disableLocalProvider(providerName) {
-  const config2 = loadConfig();
-  const providers = new Set(config2.localProviders ?? []);
-  providers.delete(providerName);
-  if (providers.size > 0) {
-    config2.localProviders = Array.from(providers).sort();
-  } else {
-    delete config2.localProviders;
-  }
-  saveConfig(config2);
-}
-var CONFIG_DIR, CONFIG_FILE, LOCAL_CONFIG_FILENAME = ".claudish.json", DEFAULT_CONFIG;
-var init_profile_config = __esm(() => {
-  CONFIG_DIR = join4(homedir3(), ".claudish");
-  CONFIG_FILE = join4(CONFIG_DIR, "config.json");
-  DEFAULT_CONFIG = {
-    version: "1.0.0",
-    defaultProfile: "default",
-    profiles: {
-      default: {
-        name: "default",
-        description: "Default profile - shows model selector when no model specified",
-        models: {},
-        createdAt: new Date().toISOString(),
-        updatedAt: new Date().toISOString()
-      }
-    }
-  };
-});
-
 // src/providers/provider-definitions.ts
 import { existsSync as existsSync4 } from "fs";
 import { join as join5 } from "path";
@@ -33159,9 +35974,6 @@ var init_vision_proxy = __esm(() => {
   init_catalog_query();
 });
 
-// src/version.ts
-var VERSION = "7.5.0";
-
 // src/telemetry.ts
 var exports_telemetry = {};
 __export(exports_telemetry, {
@@ -33596,7 +36408,7 @@ import {
   mkdirSync as mkdirSync7,
   readFileSync as readFileSync4,
   renameSync,
-  unlinkSync as unlinkSync3,
+  unlinkSync as unlinkSync2,
   writeFileSync as writeFileSync7
 } from "fs";
 import { homedir as homedir7 } from "os";
@@ -33680,7 +36492,7 @@ function clearBuffer() {
     memoryCache = [];
     eventsSinceLastFlush = 0;
     if (existsSync6(BUFFER_FILE)) {
-      unlinkSync3(BUFFER_FILE);
+      unlinkSync2(BUFFER_FILE);
     }
   } catch {}
 }
@@ -36236,7 +39048,7 @@ var init_gemini_apikey = __esm(() => {
 // src/auth/gemini-oauth.ts
 import { createServer } from "http";
 import { randomBytes as randomBytes2, createHash } from "crypto";
-import { readFileSync as readFileSync8, existsSync as existsSync11, unlinkSync as unlinkSync4, openSync, writeSync, closeSync } from "fs";
+import { readFileSync as readFileSync8, existsSync as existsSync11, unlinkSync as unlinkSync3, openSync, writeSync, closeSync } from "fs";
 import { homedir as homedir12 } from "os";
 import { join as join13 } from "path";
 import { exec } from "child_process";
@@ -36284,7 +39096,7 @@ class GeminiOAuth {
   async logout() {
     const credPath = this.getCredentialsPath();
     if (existsSync11(credPath)) {
-      unlinkSync4(credPath);
+      unlinkSync3(credPath);
       log("[GeminiOAuth] Credentials deleted");
     }
     this.credentials = null;
@@ -37088,7 +39900,7 @@ var init_openai = __esm(() => {
 // src/auth/codex-oauth.ts
 import { exec as exec2 } from "child_process";
 import { createHash as createHash2, randomBytes as randomBytes3 } from "crypto";
-import { closeSync as closeSync2, existsSync as existsSync12, openSync as openSync2, readFileSync as readFileSync9, unlinkSync as unlinkSync5, writeSync as writeSync2 } from "fs";
+import { closeSync as closeSync2, existsSync as existsSync12, openSync as openSync2, readFileSync as readFileSync9, unlinkSync as unlinkSync4, writeSync as writeSync2 } from "fs";
 import { createServer as createServer2 } from "http";
 import { homedir as homedir13 } from "os";
 import { join as join14 } from "path";
@@ -37141,7 +39953,7 @@ class CodexOAuth {
   async logout() {
     const credPath = this.getCredentialsPath();
     if (existsSync12(credPath)) {
-      unlinkSync5(credPath);
+      unlinkSync4(credPath);
       log("[CodexOAuth] Credentials deleted");
     }
     this.credentials = null;
@@ -37537,7 +40349,7 @@ var init_openai_codex = __esm(() => {
 
 // src/auth/kimi-oauth.ts
 import { randomBytes as randomBytes4 } from "crypto";
-import { readFileSync as readFileSync11, existsSync as existsSync14, unlinkSync as unlinkSync6, openSync as openSync3, writeSync as writeSync3, closeSync as closeSync3 } from "fs";
+import { readFileSync as readFileSync11, existsSync as existsSync14, unlinkSync as unlinkSync5, openSync as openSync3, writeSync as writeSync3, closeSync as closeSync3 } from "fs";
 import { homedir as homedir15, hostname as hostname3, platform, release } from "os";
 import { join as join16 } from "path";
 import { exec as exec3 } from "child_process";
@@ -37750,7 +40562,7 @@ Waiting for authorization...`);
   async logout() {
     const credPath = this.getCredentialsPath();
     if (existsSync14(credPath)) {
-      unlinkSync6(credPath);
+      unlinkSync5(credPath);
       log("[KimiOAuth] Credentials deleted");
     }
     this.credentials = null;
@@ -37817,7 +40629,7 @@ Waiting for authorization...`);
       log(`[KimiOAuth] Refresh failed: ${e.message}`);
       const credPath = this.getCredentialsPath();
       if (existsSync14(credPath)) {
-        unlinkSync6(credPath);
+        unlinkSync5(credPath);
       }
       this.credentials = null;
       if (process.env.MOONSHOT_API_KEY || process.env.KIMI_API_KEY) {
@@ -39030,7 +41842,7 @@ function buildProviderDefinition(name, ep) {
 function buildProviderProfile(ep) {
   return {
     createHandler(ctx) {
-      const apiKey = resolveCustomEndpointApiKey(ep);
+      const apiKey = process.env[ctx.provider.apiKeyEnvVar] || resolveCustomEndpointApiKey(ep);
       if (ep.kind === "simple") {
         return buildSimpleHandler(ep, ctx, apiKey);
       }
@@ -39133,9 +41945,10 @@ function buildComplexHandler(ep, ctx, apiKey) {
 function resolveCustomEndpointApiKey(ep) {
   const literal3 = ep.apiKey;
   const match2 = literal3.match(/^\$\{([A-Z_][A-Z0-9_]*)\}$/i);
-  if (!match2)
-    return literal3;
-  return process.env[match2[1]] ?? "";
+  if (match2) {
+    return process.env[match2[1]] ?? "";
+  }
+  return literal3;
 }
 function stripTrailingSlash(url2) {
   return url2.replace(/\/+$/, "");
@@ -52074,8 +54887,8 @@ var init_RemoveFileError = __esm(() => {
 });
 
 // ../../node_modules/.bun/@inquirer+external-editor@2.0.1+04f2146be16c61ef/node_modules/@inquirer/external-editor/dist/index.js
-import { spawn as spawn3, spawnSync } from "child_process";
-import { readFileSync as readFileSync17, unlinkSync as unlinkSync7, writeFileSync as writeFileSync10 } from "fs";
+import { spawn as spawn3, spawnSync as spawnSync2 } from "child_process";
+import { readFileSync as readFileSync17, unlinkSync as unlinkSync6, writeFileSync as writeFileSync10 } from "fs";
 import path from "path";
 import os from "os";
 import { randomUUID as randomUUID3 } from "crypto";
@@ -52207,14 +55020,14 @@ class ExternalEditor {
   }
   removeTemporaryFile() {
     try {
-      unlinkSync7(this.tempFile);
+      unlinkSync6(this.tempFile);
     } catch (removeFileError) {
       throw new RemoveFileError(removeFileError);
     }
   }
   launchEditor() {
     try {
-      const editorProcess = spawnSync(this.editor.bin, this.editor.args.concat([this.tempFile]), { stdio: "inherit" });
+      const editorProcess = spawnSync2(this.editor.bin, this.editor.args.concat([this.tempFile]), { stdio: "inherit" });
       this.lastExitStatus = editorProcess.status ?? 0;
     } catch (launchError) {
       throw new LaunchEditorError(launchError);
@@ -57139,7 +59952,7 @@ import {
   mkdirSync as mkdirSync10,
   copyFileSync,
   readdirSync as readdirSync4,
-  unlinkSync as unlinkSync8,
+  unlinkSync as unlinkSync7,
   writeFileSync as writeFileSync11
 } from "fs";
 import { fileURLToPath as fileURLToPath2 } from "url";
@@ -57158,7 +59971,7 @@ function clearAllModelCaches() {
     const files = readdirSync4(cacheDir);
     for (const file2 of files) {
       if (cachePatterns.includes(file2)) {
-        unlinkSync8(join21(cacheDir, file2));
+        unlinkSync7(join21(cacheDir, file2));
         cleared++;
       }
     }
@@ -57341,6 +60154,20 @@ async function parseArgs(args) {
         process.exit(1);
       }
       config3.defaultProvider = dpArg;
+    } else if (arg === "--op-env" || arg.startsWith("--op-env=")) {
+      const v = arg.startsWith("--op-env=") ? arg.slice("--op-env=".length) : args[++i];
+      if (!v) {
+        console.error("--op-env requires a 1Password Environment ID");
+        process.exit(1);
+      }
+      config3.opEnv = v;
+    } else if (arg === "--op" || arg.startsWith("--op=")) {
+      const v = arg.startsWith("--op=") ? arg.slice("--op=".length) : args[++i];
+      if (!v) {
+        console.error("--op requires an op:// glob path");
+        process.exit(1);
+      }
+      config3.opImport = v;
     } else if (arg === "--cost-tracker") {
       config3.costTracking = true;
       if (!config3.monitor) {
@@ -58403,6 +61230,10 @@ OPTIONS:
   -p, --profile <name>     Use named profile for model mapping (default: uses default profile)
   --default-provider <name> Default provider for bare model names (builtin or customEndpoints key)
                            Precedence: this flag > CLAUDISH_DEFAULT_PROVIDER env > config.json
+  --op-env <id>            Load env vars from a 1Password Environment (highest priority)
+                           Requires op CLI >= 2.35 (beta). Resolves op:// refs in config/env too.
+  --op <glob>              Load API keys from a 1Password item glob (e.g. op://Vault/Item/*/*_API_KEY)
+  --op <glob> --list       Preview which fields the glob would import (names only, no values)
   --port <port>            Proxy server port (default: random)
   -d, --debug              Enable debug logging to file (logs/claudish_*.log)
   --no-logs                Disable always-on structural logging (~/.claudish/logs/)
@@ -58485,6 +61316,12 @@ AUTHENTICATION:
   claudish logout [provider]  Clear OAuth credentials (interactive if no provider given)
                               Providers: gemini, kimi
 
+1PASSWORD:
+  claudish op --list <op://glob>           Preview which fields a glob imports (names only)
+  claudish op <op://glob> [...claudish args]  Resolve glob into env vars, then run a session
+                                           Inline run requires a GLOB (self-names via field labels)
+                                           Example: claudish op 'op://Jack/Keys/*/*_API_KEY' --model gpt-4o "task"
+
 MODEL MAPPING (per-role override):
   --model-opus <model>     Model for Opus role (planning, complex tasks)
   --model-sonnet <model>   Model for Sonnet role (default coding)
@@ -58806,7 +61643,7 @@ __export(exports_update_checker, {
   clearCache: () => clearCache,
   checkForUpdates: () => checkForUpdates
 });
-import { existsSync as existsSync21, mkdirSync as mkdirSync11, readFileSync as readFileSync19, unlinkSync as unlinkSync9, writeFileSync as writeFileSync12 } from "fs";
+import { existsSync as existsSync21, mkdirSync as mkdirSync11, readFileSync as readFileSync19, unlinkSync as unlinkSync8, writeFileSync as writeFileSync12 } from "fs";
 import { homedir as homedir21, platform as platform2, tmpdir } from "os";
 import { join as join22 } from "path";
 function getCacheFilePath() {
@@ -58856,7 +61693,7 @@ function clearCache() {
   try {
     const cachePath = getCacheFilePath();
     if (existsSync21(cachePath)) {
-      unlinkSync9(cachePath);
+      unlinkSync8(cachePath);
     }
   } catch {}
 }
@@ -63918,7 +66755,7 @@ var exports_tui = {};
 __export(exports_tui, {
   startConfigTui: () => startConfigTui
 });
-import { spawnSync as spawnSync2 } from "child_process";
+import { spawnSync as spawnSync3 } from "child_process";
 import { createCliRenderer as createCliRenderer2 } from "@opentui/core";
 import { createRoot as createRoot2 } from "@opentui/react";
 import { jsxDEV as jsxDEV14 } from "@opentui/react/jsx-dev-runtime";
@@ -63944,7 +66781,7 @@ async function startConfigTui() {
     console.log(`
 Launching: claudish login ${slug}
 `);
-    const result = spawnSync2(process.argv[0], [process.argv[1], "login", slug], {
+    const result = spawnSync3(process.argv[0], [process.argv[1], "login", slug], {
       stdio: "inherit"
     });
     if (result.error) {
@@ -63981,7 +66818,7 @@ __export(exports_claude_runner, {
   checkClaudeInstalled: () => checkClaudeInstalled
 });
 import { spawn as spawn4 } from "child_process";
-import { writeFileSync as writeFileSync14, unlinkSync as unlinkSync10, mkdirSync as mkdirSync13, existsSync as existsSync23, readFileSync as readFileSync21 } from "fs";
+import { writeFileSync as writeFileSync14, unlinkSync as unlinkSync9, mkdirSync as mkdirSync13, existsSync as existsSync23, readFileSync as readFileSync21 } from "fs";
 import { tmpdir as tmpdir2, homedir as homedir23 } from "os";
 import { join as join24 } from "path";
 function hasNativeAnthropicMapping(config3) {
@@ -64253,7 +67090,7 @@ Or set CLAUDE_PATH to your custom installation:`);
     });
   });
   try {
-    unlinkSync10(tempSettingsPath);
+    unlinkSync9(tempSettingsPath);
   } catch {}
   return exitCode;
 }
@@ -64272,7 +67109,7 @@ function setupSignalHandlers(proc, tempSettingsPath, quiet, onCleanup) {
         } catch {}
       }
       try {
-        unlinkSync10(tempSettingsPath);
+        unlinkSync9(tempSettingsPath);
       } catch {}
       process.exit(0);
     });
@@ -64362,7 +67199,7 @@ __export(exports_diag_output, {
   NullDiagOutput: () => NullDiagOutput,
   LogFileDiagOutput: () => LogFileDiagOutput
 });
-import { createWriteStream as createWriteStream3, mkdirSync as mkdirSync14, writeFileSync as writeFileSync15, unlinkSync as unlinkSync11 } from "fs";
+import { createWriteStream as createWriteStream3, mkdirSync as mkdirSync14, writeFileSync as writeFileSync15, unlinkSync as unlinkSync10 } from "fs";
 import { homedir as homedir24 } from "os";
 import { join as join25 } from "path";
 function getClaudishDir() {
@@ -64401,7 +67238,7 @@ class LogFileDiagOutput {
       this.stream.end();
     } catch {}
     try {
-      unlinkSync11(this.logPath);
+      unlinkSync10(this.logPath);
     } catch {}
   }
   getLogPath() {
@@ -64856,34 +67693,302 @@ var init_team_grid = __esm(() => {
 
 // src/index.ts
 var import_dotenv3 = __toESM(require_main(), 1);
-import { existsSync as existsSync25, readFileSync as readFileSync23 } from "fs";
+import { existsSync as existsSync25, readFileSync as readFileSync23, writeFileSync as writeFileSync17 } from "fs";
 import { homedir as homedir25 } from "os";
 import { join as join27 } from "path";
 import_dotenv3.config({ quiet: true });
-function loadStoredApiKeys() {
+function readConfiguredOnepasswordAccount() {
+  for (const path2 of [
+    join27(process.cwd(), ".claudish.json"),
+    join27(homedir25(), ".claudish", "config.json")
+  ]) {
+    try {
+      if (!existsSync25(path2))
+        continue;
+      const cfg = JSON.parse(readFileSync23(path2, "utf-8"));
+      if (typeof cfg.onepasswordAccount === "string" && cfg.onepasswordAccount.trim()) {
+        return cfg.onepasswordAccount.trim();
+      }
+    } catch {}
+  }
+  return;
+}
+async function saveOnepasswordAccount(accountUrl, scope) {
+  try {
+    if (scope === "project") {
+      const path2 = join27(process.cwd(), ".claudish.json");
+      let existing = {};
+      if (existsSync25(path2)) {
+        try {
+          existing = JSON.parse(readFileSync23(path2, "utf-8"));
+        } catch {
+          existing = {};
+        }
+      }
+      existing.onepasswordAccount = accountUrl;
+      writeFileSync17(path2, `${JSON.stringify(existing, null, 2)}
+`, "utf-8");
+    } else {
+      const { loadConfig: loadConfig2, saveConfig: saveConfig2 } = await Promise.resolve().then(() => (init_profile_config(), exports_profile_config));
+      const cfg = loadConfig2();
+      cfg.onepasswordAccount = accountUrl;
+      saveConfig2(cfg);
+    }
+  } catch {}
+}
+async function pickSaveScope() {
+  const { createInterface: createInterface2 } = await import("readline");
+  process.stderr.write(`
+[claudish] Remember this account for:
+  1) all projects (global ~/.claudish/config.json)  [default]
+  2) this project only (./.claudish.json)
+`);
+  const answer = await new Promise((resolve3) => {
+    const rl = createInterface2({ input: process.stdin, output: process.stderr });
+    rl.question("Scope [1-2]: ", (ans) => {
+      rl.close();
+      resolve3(ans.trim());
+    });
+  });
+  return answer === "2" ? "project" : "global";
+}
+async function pickOnepasswordAccount(accounts) {
+  const { createInterface: createInterface2 } = await import("readline");
+  process.stderr.write(`
+[claudish] Multiple 1Password accounts found. Choose one:
+`);
+  accounts.forEach((a, i) => {
+    process.stderr.write(`  ${i + 1}) ${a.url}${a.email ? `  (${a.email})` : ""}
+`);
+  });
+  const answer = await new Promise((resolve3) => {
+    const rl = createInterface2({ input: process.stdin, output: process.stderr });
+    rl.question(`Account [1-${accounts.length}]: `, (ans) => {
+      rl.close();
+      resolve3(ans.trim());
+    });
+  });
+  const idx = Number.parseInt(answer, 10);
+  if (Number.isNaN(idx) || idx < 1 || idx > accounts.length) {
+    process.stderr.write(`[claudish] No valid selection \u2014 aborting 1Password account picker.
+`);
+    return;
+  }
+  return accounts[idx - 1].url;
+}
+var cachedSdkAuth;
+var sdkAuthResolved = false;
+async function getSdkAuth() {
+  if (sdkAuthResolved)
+    return cachedSdkAuth;
+  sdkAuthResolved = true;
+  const { resolveSdkAuth: resolveSdkAuth2 } = await Promise.resolve().then(() => (init_onepassword(), exports_onepassword));
+  const interactive = Boolean(process.stdout.isTTY) && !process.argv.includes("--stdin");
+  try {
+    cachedSdkAuth = await resolveSdkAuth2({
+      configAccount: readConfiguredOnepasswordAccount(),
+      interactive,
+      onNeedsPicker: async (accounts) => {
+        const chosen = await pickOnepasswordAccount(accounts);
+        if (chosen) {
+          const scope = await pickSaveScope();
+          await saveOnepasswordAccount(chosen, scope);
+        }
+        return chosen;
+      }
+    });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[claudish] 1Password authentication failed: ${message}`);
+    process.exit(1);
+  }
+  return cachedSdkAuth;
+}
+async function applyOpEnvironment() {
+  const argv = process.argv.slice(2);
+  let envId;
+  for (let i = 0;i < argv.length; i++) {
+    const a = argv[i];
+    if (a === "--op-env") {
+      envId = argv[i + 1];
+      break;
+    }
+    if (a.startsWith("--op-env=")) {
+      envId = a.slice("--op-env=".length);
+      break;
+    }
+  }
+  if (envId === undefined)
+    return;
+  if (envId === "" || envId.startsWith("-")) {
+    console.error("[claudish] --op-env requires a 1Password Environment ID");
+    process.exit(1);
+  }
+  try {
+    const { readEnvironment: readEnvironment2 } = await Promise.resolve().then(() => (init_onepassword(), exports_onepassword));
+    const auth = await getSdkAuth();
+    const vars = await readEnvironment2(envId, { auth });
+    for (const [key, value] of Object.entries(vars)) {
+      process.env[key] = value;
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[claudish] 1Password Environment load failed: ${message}`);
+    process.exit(1);
+  }
+}
+async function applyOpImport() {
+  const argv = process.argv.slice(2);
+  const { parseOpFlag: parseOpFlag2 } = await Promise.resolve().then(() => (init_onepassword(), exports_onepassword));
+  const parsed = parseOpFlag2(argv);
+  if (!parsed.present)
+    return;
+  if (parsed.glob === undefined) {
+    console.error("[claudish] --op requires an op:// glob path");
+    process.exit(1);
+  }
+  const glob = parsed.glob;
+  if (parsed.list) {
+    try {
+      const { opPreviewCommand: opPreviewCommand2 } = await Promise.resolve().then(() => (init_onepassword_command(), exports_onepassword_command));
+      const auth = await getSdkAuth();
+      await opPreviewCommand2(glob, { auth });
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      console.error(`[claudish] 1Password --op preview failed: ${message}`);
+      process.exit(1);
+    }
+    process.exit(0);
+  }
+  try {
+    const { resolveGlobImport: resolveGlobImport2 } = await Promise.resolve().then(() => (init_onepassword(), exports_onepassword));
+    const auth = await getSdkAuth();
+    const resolved = await resolveGlobImport2(glob, { auth });
+    for (const [key, value] of Object.entries(resolved)) {
+      process.env[key] = value;
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[claudish] 1Password --op import failed: ${message}`);
+    process.exit(1);
+  }
+  const head = process.argv.slice(0, 2);
+  const rebuilt = [];
+  for (let i = 0;i < argv.length; i++) {
+    const a = argv[i];
+    if (a === "--op") {
+      i++;
+      continue;
+    }
+    if (a.startsWith("--op=")) {
+      continue;
+    }
+    rebuilt.push(a);
+  }
+  process.argv = [...head, ...rebuilt];
+}
+async function loadStoredApiKeys() {
+  let opRefs = {};
+  let globImports = [];
+  let apiKeysForSeed;
   try {
     const configPath = join27(homedir25(), ".claudish", "config.json");
     if (!existsSync25(configPath))
       return;
     const raw2 = readFileSync23(configPath, "utf-8");
     const cfg = JSON.parse(raw2);
-    if (cfg.apiKeys) {
-      for (const [envVar, value] of Object.entries(cfg.apiKeys)) {
-        if (!process.env[envVar] && typeof value === "string") {
+    const seedSources = [cfg.apiKeys, cfg.endpoints];
+    const mergedApiKeys = {};
+    for (const source of seedSources) {
+      if (!source)
+        continue;
+      for (const [envVar, value] of Object.entries(source)) {
+        if (typeof value !== "string")
+          continue;
+        if (!process.env[envVar]) {
           process.env[envVar] = value;
         }
+        mergedApiKeys[envVar] = value;
       }
     }
-    if (cfg.endpoints) {
-      for (const [envVar, value] of Object.entries(cfg.endpoints)) {
-        if (!process.env[envVar] && typeof value === "string") {
+    apiKeysForSeed = mergedApiKeys;
+    const { collectConfigImports: collectConfigImports2 } = await Promise.resolve().then(() => (init_onepassword(), exports_onepassword));
+    const collected = collectConfigImports2({ apiKeys: apiKeysForSeed, onepassword: cfg.onepassword }, process.env);
+    opRefs = collected.opRefs;
+    globImports = collected.globImports;
+    for (const w of collected.warnings)
+      console.error(w);
+  } catch {}
+  const refKeys = Object.keys(opRefs);
+  if (refKeys.length === 0 && globImports.length === 0)
+    return;
+  try {
+    const { resolveSecrets: resolveSecrets2, resolveGlobImport: resolveGlobImport2 } = await Promise.resolve().then(() => (init_onepassword(), exports_onepassword));
+    const auth = await getSdkAuth();
+    if (refKeys.length > 0) {
+      const resolved = await resolveSecrets2(opRefs, { auth });
+      for (const [envVar, value] of Object.entries(resolved)) {
+        process.env[envVar] = value;
+      }
+    }
+    for (const globPath of globImports) {
+      const resolved = await resolveGlobImport2(globPath, { auth });
+      for (const [envVar, value] of Object.entries(resolved)) {
+        if (!process.env[envVar]) {
           process.env[envVar] = value;
         }
       }
     }
-  } catch {}
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[claudish] 1Password secret resolution failed: ${message}`);
+    process.exit(1);
+  }
+}
+async function applyCustomEndpointOpKeys() {
+  let refs = {};
+  try {
+    const configPath = join27(homedir25(), ".claudish", "config.json");
+    if (!existsSync25(configPath))
+      return;
+    const cfg = JSON.parse(readFileSync23(configPath, "utf-8"));
+    const endpoints = cfg.customEndpoints;
+    if (!endpoints || typeof endpoints !== "object")
+      return;
+    const { isOpReference: isOpReference2 } = await Promise.resolve().then(() => (init_onepassword(), exports_onepassword));
+    for (const [name, raw2] of Object.entries(endpoints)) {
+      if (!raw2 || typeof raw2 !== "object")
+        continue;
+      const apiKey = raw2.apiKey;
+      if (typeof apiKey !== "string" || !isOpReference2(apiKey))
+        continue;
+      const envVar = `CUSTOM_${name.toUpperCase().replace(/[^A-Z0-9]/g, "_")}_KEY`;
+      if (process.env[envVar])
+        continue;
+      refs[envVar] = apiKey;
+    }
+  } catch {
+    refs = {};
+  }
+  if (Object.keys(refs).length === 0)
+    return;
+  try {
+    const { resolveSecrets: resolveSecrets2 } = await Promise.resolve().then(() => (init_onepassword(), exports_onepassword));
+    const auth = await getSdkAuth();
+    const resolved = await resolveSecrets2(refs, { auth });
+    for (const [envVar, value] of Object.entries(resolved)) {
+      process.env[envVar] = value;
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`[claudish] 1Password custom-endpoint key resolution failed: ${message}`);
+    process.exit(1);
+  }
 }
-loadStoredApiKeys();
+await applyOpEnvironment();
+await applyOpImport();
+await loadStoredApiKeys();
+await applyCustomEndpointOpKeys();
 var isMcpMode = process.argv.includes("--mcp");
 function handlePromptExit(err) {
   if (err && typeof err === "object" && "name" in err && err.name === "ExitPromptError") {