create-ironclaws 1.0.0

package/template/package.json

@@ -0,0 +1,52 @@
+{
+  "name": "nanoclaw",
+  "version": "1.2.26",
+  "description": "Personal Claude assistant. Lightweight, secure, customizable.",
+  "type": "module",
+  "main": "dist/index.js",
+  "scripts": {
+    "build": "tsc",
+    "start": "node dist/index.js",
+    "dev": "tsx src/index.ts",
+    "typecheck": "tsc --noEmit",
+    "format": "prettier --write \"src/**/*.ts\"",
+    "format:fix": "prettier --write \"src/**/*.ts\"",
+    "format:check": "prettier --check \"src/**/*.ts\"",
+    "prepare": "husky",
+    "setup": "tsx setup/index.ts",
+    "auth": "tsx src/whatsapp-auth.ts",
+    "lint": "eslint src/",
+    "lint:fix": "eslint src/ --fix",
+    "test": "vitest run",
+    "test:watch": "vitest"
+  },
+  "dependencies": {
+    "@onecli-sh/sdk": "^0.2.0",
+    "@slack/bolt": "^4.3.0",
+    "@slack/types": "^2.15.0",
+    "better-sqlite3": "11.10.0",
+    "cron-parser": "5.5.0",
+    "pino": "^9.6.0",
+    "pino-pretty": "^13.0.0",
+    "yaml": "^2.8.2",
+    "zod": "^4.3.6"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.35.0",
+    "@types/better-sqlite3": "^7.6.12",
+    "@types/node": "^22.10.0",
+    "@vitest/coverage-v8": "^4.0.18",
+    "eslint": "^9.35.0",
+    "eslint-plugin-no-catch-all": "^1.1.0",
+    "globals": "^15.12.0",
+    "husky": "^9.1.7",
+    "prettier": "^3.8.1",
+    "tsx": "^4.19.0",
+    "typescript": "^5.7.0",
+    "typescript-eslint": "^8.35.0",
+    "vitest": "^4.0.18"
+  },
+  "engines": {
+    "node": ">=20"
+  }
+}

package/template/scripts/github-app-token.py

@@ -0,0 +1,58 @@
+#!/usr/bin/env python3
+"""
+Generate a GitHub App installation token for Argus.
+Prints the token to stdout so it can be captured by the caller.
+
+Usage: python3 scripts/github-app-token.py
+"""
+import json
+import os
+import sys
+import time
+import urllib.request
+
+import jwt
+
+APP_ID = os.environ.get("GITHUB_APP_ID", "3224445")
+INSTALLATION_ID = os.environ.get("GITHUB_APP_INSTALLATION_ID", "120099588")
+PEM_PATH = os.environ.get(
+    "GITHUB_APP_PRIVATE_KEY_PATH",
+    os.path.join(os.path.dirname(__file__), "..", "github-app.pem"),
+)
+
+
+def generate_jwt() -> str:
+    with open(PEM_PATH) as f:
+        private_key = f.read()
+    payload = {
+        "iat": int(time.time()) - 60,
+        "exp": int(time.time()) + 600,
+        "iss": APP_ID,
+    }
+    return jwt.encode(payload, private_key, algorithm="RS256")
+
+
+def get_installation_token(jwt_token: str) -> str:
+    url = f"https://api.github.com/app/installations/{INSTALLATION_ID}/access_tokens"
+    req = urllib.request.Request(
+        url,
+        method="POST",
+        headers={
+            "Authorization": f"Bearer {jwt_token}",
+            "Accept": "application/vnd.github+json",
+            "X-GitHub-Api-Version": "2022-11-28",
+        },
+    )
+    with urllib.request.urlopen(req) as r:
+        data = json.loads(r.read())
+        return data["token"]
+
+
+if __name__ == "__main__":
+    try:
+        jwt_token = generate_jwt()
+        token = get_installation_token(jwt_token)
+        print(token)
+    except Exception as e:
+        print(f"ERROR: {e}", file=sys.stderr)
+        sys.exit(1)

package/template/scripts/register-expense-agent.sh

@@ -0,0 +1,121 @@
+#!/usr/bin/env bash
+# register-expense-agent.sh
+#
+# One-command setup for the expense-policy-checker agent.
+# Run this ONCE after you have:
+#   1. Created the private Slack channel and added Linn + Elisabeth
+#   2. Added Expensify credentials to .env
+#   3. Ran sync-to-vm.sh to push the latest files
+#
+# Usage (on VM):
+#   EXPENSE_CHANNEL_ID=C... bash scripts/register-expense-agent.sh
+#
+# Or set directly:
+#   EXPENSE_CHANNEL_ID=C0987654321 bash scripts/register-expense-agent.sh
+
+set -euo pipefail
+
+CHANNEL_ID="${EXPENSE_CHANNEL_ID:?Set EXPENSE_CHANNEL_ID=C...}"
+ENV_FILE="${ENV_FILE:-$HOME/nanoclaw-docker/.env}"
+API="http://localhost:10254"
+
+echo "=== Registering expense-policy-checker agent ==="
+echo ""
+
+cd ~/nanoclaw-docker
+
+# 1. Register in NanoClaw database
+echo "Registering agent in NanoClaw..."
+npx tsx setup/index.ts register \
+  --jid "slack:${CHANNEL_ID}" \
+  --name "Expense Policy Checker" \
+  --trigger "@Argus" \
+  --folder "expense-policy-checker" \
+  --channel slack \
+  --no-trigger-required
+echo "  ✓ Agent registered"
+
+# 2. Register Expensify secret in OneCLI
+# Note: Expensify uses credentials in JSON request bodies, not HTTP headers.
+# OneCLI cannot inject body params, so these are passed as env vars.
+# We still register a marker secret so the agent identity is tracked in OneCLI.
+echo ""
+echo "Registering OneCLI agent for expense-policy-checker..."
+
+RAND_TOKEN=$(openssl rand -hex 20)
+EXISTING=$(docker exec onecli-postgres-1 psql -U onecli -d onecli -t -c \
+  "SELECT COUNT(*) FROM agents WHERE name='expense-policy-checker';" | tr -d ' \n')
+
+if [ "$EXISTING" = "0" ]; then
+  docker exec onecli-postgres-1 psql -U onecli -d onecli -c \
+    "INSERT INTO agents (id, name, access_token, identifier, project_id, created_at, updated_at)
+     VALUES ('nanoclaw-expense', 'expense-policy-checker', 'aoc_${RAND_TOKEN}',
+             'expense-policy-checker', (SELECT id FROM projects LIMIT 1), NOW(), NOW())
+     ON CONFLICT (id) DO NOTHING;" > /dev/null
+  echo "  ✓ OneCLI agent created"
+else
+  echo "  ✓ OneCLI agent already exists"
+fi
+
+# Link litellm (LLM gateway) to expense-policy-checker
+docker exec onecli-postgres-1 psql -U onecli -d onecli -c "
+  INSERT INTO agent_secrets (agent_id, secret_id, created_at, updated_at)
+  SELECT 'nanoclaw-expense', id, NOW(), NOW()
+  FROM secrets WHERE name = 'litellm'
+  ON CONFLICT DO NOTHING;
+" > /dev/null
+echo "  ✓ LiteLLM secret linked"
+
+# 3. Update sender allowlist to allow Linn and Elisabeth
+echo ""
+echo "Updating sender allowlist..."
+ALLOWLIST_FILE="$HOME/.config/nanoclaw/sender-allowlist.json"
+if [ -f "$ALLOWLIST_FILE" ]; then
+  # Add the channel with no sender restrictions (Linn + Elisabeth are the only members)
+  CURRENT=$(cat "$ALLOWLIST_FILE")
+  CHANNEL_ENTRY="\"slack:${CHANNEL_ID}\": {\"mode\": \"allow\", \"senders\": []}"
+  if echo "$CURRENT" | grep -q "$CHANNEL_ID"; then
+    echo "  ✓ Channel already in allowlist"
+  else
+    echo "  ✓ Add this to ~/.config/nanoclaw/sender-allowlist.json manually:"
+    echo "    \"slack:${CHANNEL_ID}\": {\"mode\": \"allow\", \"senders\": []}"
+  fi
+else
+  echo "  ⚠ No sender-allowlist.json found at $ALLOWLIST_FILE — create it manually"
+fi
+
+# 4. Set up scheduled tasks
+echo ""
+echo "Creating scheduled tasks..."
+
+# Daily compliance check (9am Oslo time, Mon-Fri)
+npx tsx setup/index.ts schedule-task \
+  --jid "slack:${CHANNEL_ID}" \
+  --prompt "Run the daily expense compliance check. Fetch reports for the last ${CHECK_LOOKBACK_DAYS:-7} days, inspect receipts, check policy, notify submitters and approvers of any violations, and update the state file." \
+  --cron "0 9 * * 1-5" \
+  --name "Daily expense compliance check" 2>/dev/null && \
+  echo "  ✓ Daily check scheduled (9am Mon-Fri Oslo time)" || \
+  echo "  ⚠ Could not schedule daily task — set it up via Global Claw or manually"
+
+# Weekly report (Monday 8am)
+npx tsx setup/index.ts schedule-task \
+  --jid "slack:${CHANNEL_ID}" \
+  --prompt "Generate and post the weekly expense compliance report to the finance Slack channel." \
+  --cron "0 8 * * 1" \
+  --name "Weekly expense report" 2>/dev/null && \
+  echo "  ✓ Weekly report scheduled (8am Mondays)" || \
+  echo "  ⚠ Could not schedule weekly task — set it up via Global Claw or manually"
+
+echo ""
+echo "=== Done! ==="
+echo ""
+echo "Next steps:"
+echo "  1. Add Expensify credentials to .env on the VM:"
+echo "       EXPENSIFY_PARTNER_USER_ID=..."
+echo "       EXPENSIFY_PARTNER_USER_SECRET=..."
+echo "       EXPENSIFY_POLICY_ID=..."
+echo "       EXPENSE_CHANNEL_ID=${CHANNEL_ID}"
+echo ""
+echo "  2. Restart NanoClaw: (kill tsx and restart npm run dev)"
+echo ""
+echo "  3. Test by sending 'run expense check' in the channel"

package/template/scripts/run-migrations.ts

@@ -0,0 +1,105 @@
+#!/usr/bin/env tsx
+import { execFileSync, execSync } from 'child_process';
+import fs from 'fs';
+import path from 'path';
+
+function compareSemver(a: string, b: string): number {
+  const partsA = a.split('.').map(Number);
+  const partsB = b.split('.').map(Number);
+  for (let i = 0; i < Math.max(partsA.length, partsB.length); i++) {
+    const diff = (partsA[i] || 0) - (partsB[i] || 0);
+    if (diff !== 0) return diff;
+  }
+  return 0;
+}
+
+// Resolve tsx binary once to avoid npx race conditions across migrations
+function resolveTsx(): string {
+  // Check local node_modules first
+  const local = path.resolve('node_modules/.bin/tsx');
+  if (fs.existsSync(local)) return local;
+  // Fall back to whichever tsx is in PATH
+  try {
+    return execSync('which tsx', { encoding: 'utf-8' }).trim();
+  } catch {
+    return 'npx'; // last resort
+  }
+}
+
+const tsxBin = resolveTsx();
+
+const fromVersion = process.argv[2];
+const toVersion = process.argv[3];
+const newCorePath = process.argv[4];
+
+if (!fromVersion || !toVersion || !newCorePath) {
+  console.error(
+    'Usage: tsx scripts/run-migrations.ts <from-version> <to-version> <new-core-path>',
+  );
+  process.exit(1);
+}
+
+interface MigrationResult {
+  version: string;
+  success: boolean;
+  error?: string;
+}
+
+const results: MigrationResult[] = [];
+
+// Look for migrations in the new core
+const migrationsDir = path.join(newCorePath, 'migrations');
+
+if (!fs.existsSync(migrationsDir)) {
+  console.log(JSON.stringify({ migrationsRun: 0, results: [] }, null, 2));
+  process.exit(0);
+}
+
+// Discover migration directories (version-named)
+const entries = fs.readdirSync(migrationsDir, { withFileTypes: true });
+const migrationVersions = entries
+  .filter((e) => e.isDirectory() && /^\d+\.\d+\.\d+$/.test(e.name))
+  .map((e) => e.name)
+  .filter(
+    (v) =>
+      compareSemver(v, fromVersion) > 0 && compareSemver(v, toVersion) <= 0,
+  )
+  .sort(compareSemver);
+
+const projectRoot = process.cwd();
+
+for (const version of migrationVersions) {
+  const migrationIndex = path.join(migrationsDir, version, 'index.ts');
+  if (!fs.existsSync(migrationIndex)) {
+    results.push({
+      version,
+      success: false,
+      error: `Migration ${version}/index.ts not found`,
+    });
+    continue;
+  }
+
+  try {
+    const tsxArgs = tsxBin.endsWith('npx')
+      ? ['tsx', migrationIndex, projectRoot]
+      : [migrationIndex, projectRoot];
+    execFileSync(tsxBin, tsxArgs, {
+      stdio: 'pipe',
+      cwd: projectRoot,
+      timeout: 120_000,
+    });
+    results.push({ version, success: true });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    results.push({ version, success: false, error: message });
+  }
+}
+
+console.log(
+  JSON.stringify({ migrationsRun: results.length, results }, null, 2),
+);
+
+// Exit with error if any migration failed
+if (results.some((r) => !r.success)) {
+  process.exit(1);
+}

package/template/scripts/setup-onecli-secrets.sh

@@ -0,0 +1,252 @@
+#!/usr/bin/env bash
+# setup-onecli-secrets.sh
+#
+# Configure OneCLI secrets via the LOCAL HTTP API (handles encryption correctly).
+# Direct DB insertion bypasses encryption and breaks the gateway — never do that.
+#
+# Run this on the VM after deploying NanoClaw:
+#   cd ~/nanoclaw-docker && bash scripts/setup-onecli-secrets.sh
+
+set -euo pipefail
+
+ENV_FILE="${ENV_FILE:-$(dirname "$0")/../.env}"
+API="http://localhost:10254"
+
+# Read ONECLI_API_KEY from env or .env file
+ONECLI_API_KEY="${ONECLI_API_KEY:-$(grep -E '^ONECLI_API_KEY=' "$ENV_FILE" 2>/dev/null | head -1 | sed 's/^[^=]*=//' | tr -d '"'"'" || true)}"
+
+# Wrapper: curl with optional Bearer auth
+api_curl() {
+  if [ -n "$ONECLI_API_KEY" ]; then
+    curl -s -H "Authorization: Bearer $ONECLI_API_KEY" "$@"
+  else
+    curl -s "$@"
+  fi
+}
+
+# ── Helpers ──────────────────────────────────────────────────────────────────
+
+env_val() {
+  grep -E "^${1}=" "$ENV_FILE" | head -1 | sed 's/^[^=]*=//' | tr -d '"'"'"
+}
+
+# Create or update a secret via the API (handles AES encryption automatically).
+# If a secret with the same name already exists, delete it first.
+upsert_secret() {
+  local name="$1"
+  local host_pattern="$2"
+  local header_name="$3"
+  local value="$4"
+
+  # Delete existing secret with this name (if any)
+  local existing_id
+  existing_id=$(api_curl "$API/api/secrets" | python3 -c "
+
+import json,sys
+secrets = json.load(sys.stdin)
+match = next((s for s in secrets if s['name'] == '${name}'), None)
+print(match['id'] if match else '')
+" 2>/dev/null || echo "")
+
+  if [ -n "$existing_id" ]; then
+    api_curl -X DELETE "$API/api/secrets/$existing_id" > /dev/null
+  fi
+
+  # Create via API — value is encrypted by the API before storing
+  local result
+  result=$(api_curl -X POST "$API/api/secrets" \
+    -H 'Content-Type: application/json' \
+    -d "$(python3 -c "
+import json
+print(json.dumps({
+  'name': '${name}',
+  'type': 'generic',
+  'value': '''${value}''',
+  'hostPattern': '${host_pattern}',
+  'injectionConfig': {'headerName': '${header_name}'}
+}))
+")")
+
+  if echo "$result" | grep -q '"error"'; then
+    echo "  ✗ Failed '${name}': $result"
+  else
+    echo "  ✓ Secret '${name}' → ${host_pattern} (${header_name})"
+  fi
+}
+
+link_secret_to_agent() {
+  local secret_name="$1"
+  local agent_name="$2"
+
+  # Match by identifier (set to folder name by setup-agents.sh) first,
+  # fall back to name for agents registered before identifier was used.
+  docker exec onecli-postgres-1 psql -U onecli -d onecli -c "
+    INSERT INTO agent_secrets (agent_id, secret_id, created_at, updated_at)
+    SELECT a.id, s.id, NOW(), NOW()
+    FROM agents a, secrets s
+    WHERE (a.identifier = '${agent_name}' OR (COALESCE(a.identifier, '') = '' AND a.name = '${agent_name}'))
+      AND s.name = '${secret_name}'
+    ON CONFLICT DO NOTHING;
+  " > /dev/null 2>&1
+
+  local linked
+  linked=$(docker exec onecli-postgres-1 psql -U onecli -d onecli -t -c "
+    SELECT COUNT(*) FROM agent_secrets ags
+    JOIN agents a ON a.id = ags.agent_id
+    JOIN secrets s ON s.id = ags.secret_id
+    WHERE (a.identifier = '${agent_name}' OR (COALESCE(a.identifier, '') = '' AND a.name = '${agent_name}'))
+      AND s.name = '${secret_name}';
+  " | tr -d ' \n')
+
+  if [ "$linked" = "1" ]; then
+    echo "  ✓ Linked '${secret_name}' → '${agent_name}'"
+  else
+    echo "  ⚠ Could not link '${secret_name}' to '${agent_name}'"
+  fi
+}
+
+# ── Main ─────────────────────────────────────────────────────────────────────
+
+if [ ! -f "$ENV_FILE" ]; then
+  echo "ERROR: .env not found at $ENV_FILE"
+  exit 1
+fi
+
+echo "Reading credentials from $ENV_FILE"
+echo ""
+
+# Read all credentials
+ELASTIC_API_KEY=$(env_val "ELASTIC_API_KEY")
+ELASTIC_BASE_URL=$(env_val "ELASTIC_BASE_URL")
+ELASTIC_HOST=$(echo "$ELASTIC_BASE_URL" | sed 's|^https://||;s|^http://||' | cut -d/ -f1)
+
+JIRA_EMAIL=$(env_val "JIRA_EMAIL")
+JIRA_API_TOKEN=$(env_val "JIRA_API_TOKEN")
+JIRA_BASE_URL=$(env_val "JIRA_BASE_URL")
+JIRA_HOST=$(echo "$JIRA_BASE_URL" | sed 's|^https://||;s|^http://||' | cut -d/ -f1)
+JIRA_BASIC=$(printf '%s:%s' "$JIRA_EMAIL" "$JIRA_API_TOKEN" | base64 | tr -d '\n')
+
+CONFLUENCE_USERNAME=$(env_val "CONFLUENCE_USERNAME")
+CONFLUENCE_PASSWORD=$(env_val "CONFLUENCE_PASSWORD")
+CONFLUENCE_BASE_URL=$(env_val "CONFLUENCE_BASE_URL")
+CONFLUENCE_HOST=$(echo "$CONFLUENCE_BASE_URL" | sed 's|^https://||;s|^http://||' | cut -d/ -f1)
+CONFLUENCE_BASIC=$(printf '%s:%s' "$CONFLUENCE_USERNAME" "$CONFLUENCE_PASSWORD" | base64 | tr -d '\n')
+
+SLACK_BOT_TOKEN=$(env_val "SLACK_BOT_TOKEN")
+INTERCOM_ACCESS_TOKEN=$(env_val "INTERCOM_ACCESS_TOKEN")
+
+
+ANTHROPIC_AUTH_TOKEN=$(env_val "ANTHROPIC_AUTH_TOKEN")
+LLM_GATEWAY=$(env_val "ANTHROPIC_BASE_URL")
+LLM_GATEWAY_HOST=$(echo "$LLM_GATEWAY" | sed 's|^https://||;s|^http://||' | cut -d/ -f1)
+
+# ── Register secrets via API (with proper encryption) ─────────────────────────
+
+echo "Registering secrets..."
+echo ""
+
+[ -n "$ELASTIC_API_KEY" ] && [ -n "$ELASTIC_HOST" ] && \
+  upsert_secret "elastic" "$ELASTIC_HOST" "Authorization" "ApiKey $ELASTIC_API_KEY" || \
+  echo "  ⚠ Skipping elastic"
+
+[ -n "$JIRA_BASIC" ] && [ -n "$JIRA_HOST" ] && \
+  upsert_secret "jira" "$JIRA_HOST" "Authorization" "Basic $JIRA_BASIC" || \
+  echo "  ⚠ Skipping jira"
+
+# Confluence: only if host differs from Jira (usually same Atlassian instance)
+if [ -n "$CONFLUENCE_BASIC" ] && [ -n "$CONFLUENCE_HOST" ] && [ "$CONFLUENCE_HOST" != "$JIRA_HOST" ]; then
+  upsert_secret "confluence" "$CONFLUENCE_HOST" "Authorization" "Basic $CONFLUENCE_BASIC"
+else
+  echo "  ✓ Confluence shares host with Jira — using jira secret for both"
+fi
+
+[ -n "$SLACK_BOT_TOKEN" ] && \
+  upsert_secret "slack" "slack.com" "Authorization" "Bearer $SLACK_BOT_TOKEN" || \
+  echo "  ⚠ Skipping slack"
+
+[ -n "$INTERCOM_ACCESS_TOKEN" ] && \
+  upsert_secret "intercom" "api.intercom.io" "Authorization" "Bearer $INTERCOM_ACCESS_TOKEN" || \
+  echo "  ⚠ Skipping intercom"
+
+
+[ -n "$ANTHROPIC_AUTH_TOKEN" ] && [ -n "$LLM_GATEWAY_HOST" ] && \
+  upsert_secret "litellm" "$LLM_GATEWAY_HOST" "Authorization" "Bearer $ANTHROPIC_AUTH_TOKEN" || \
+  echo "  ⚠ Skipping litellm"
+
+echo ""
+
+# ── Register global-claw agent if missing ────────────────────────────────────
+
+echo "Ensuring agents exist..."
+GLOBAL_CLAW_EXISTS=$(docker exec onecli-postgres-1 psql -U onecli -d onecli -t -c \
+  "SELECT COUNT(*) FROM agents WHERE name='global-claw';" | tr -d ' \n')
+
+if [ "$GLOBAL_CLAW_EXISTS" = "0" ]; then
+  RAND_TOKEN=$(openssl rand -hex 20)
+  # Try new schema (account_id) first, fall back to old schema (project_id)
+  docker exec onecli-postgres-1 psql -U onecli -d onecli -c \
+    "INSERT INTO agents (id, name, access_token, identifier, secret_mode, account_id, created_at, updated_at)
+     SELECT 'nanoclaw-global-claw', 'global-claw', 'aoc_${RAND_TOKEN}', 'global-claw', 'selective', id, NOW(), NOW()
+     FROM accounts LIMIT 1
+     ON CONFLICT (id) DO NOTHING;" > /dev/null 2>&1 || \
+  docker exec onecli-postgres-1 psql -U onecli -d onecli -c \
+    "INSERT INTO agents (id, name, access_token, identifier, secret_mode, project_id, created_at, updated_at)
+     VALUES ('nanoclaw-global-claw', 'global-claw', 'aoc_${RAND_TOKEN}', 'global-claw', 'selective',
+             (SELECT id FROM projects LIMIT 1), NOW(), NOW())
+     ON CONFLICT (id) DO NOTHING;" > /dev/null 2>&1
+  echo "  ✓ Created global-claw agent"
+else
+  echo "  ✓ global-claw agent already exists"
+fi
+echo ""
+
+# ── Link secrets to agents (driven by agents.yaml — single source of truth) ───
+#
+# Reads onecli_secrets from agents.yaml for each agent.
+# Adding a new agent with onecli_secrets there is all that's needed —
+# no changes to this script required.
+
+AGENTS_YAML="${AGENTS_YAML:-$(dirname "$0")/../agents.yaml}"
+
+if [ ! -f "$AGENTS_YAML" ]; then
+  echo "ERROR: agents.yaml not found at $AGENTS_YAML"
+  exit 1
+fi
+
+# Ensure PyYAML is available
+if ! python3 -c "import yaml" 2>/dev/null; then
+  echo "Installing PyYAML (required for agents.yaml parsing)..."
+  pip3 install pyyaml --quiet --break-system-packages 2>/dev/null || \
+  pip3 install pyyaml --quiet 2>/dev/null || \
+  pip install pyyaml --quiet 2>/dev/null || \
+  { echo "ERROR: Could not install PyYAML. Run: pip3 install pyyaml"; exit 1; }
+fi
+
+echo "Linking secrets to agents (from agents.yaml)..."
+echo ""
+
+# Parse agents.yaml → emit "secret_name agent_folder" lines
+LINKS=$(AGENTS_YAML_PATH="$AGENTS_YAML" python3 - << 'PYEOF'
+import yaml, os
+
+with open(os.environ["AGENTS_YAML_PATH"]) as f:
+    config = yaml.safe_load(f)
+
+for agent in config.get("agents", []):
+    folder = agent.get("folder", "")
+    secrets = agent.get("onecli_secrets", [])
+    for secret in secrets:
+        print(f"{secret} {folder}")
+PYEOF
+)
+
+if [ -z "$LINKS" ]; then
+  echo "  ⚠ No agent-secret links found in agents.yaml"
+else
+  while IFS=' ' read -r secret agent; do
+    [ -n "$secret" ] && [ -n "$agent" ] && link_secret_to_agent "$secret" "$agent"
+  done <<< "$LINKS"
+fi
+
+echo ""
+echo "Done. Verify with: curl http://localhost:10254/api/secrets | python3 -m json.tool | grep name"