fuzzi-cli 0.1.2 → 0.1.4

package/dist/index.js

@@ -9,27 +9,38 @@ var __export = (target, all) => {
 };
 
 // src/types/brand.ts
-var BRAND, RISK_COLORS, VERSION, APP_ORIGIN, DEFAULT_API_URL;
+var BRAND, RISK_COLORS, VERSION, APP_ORIGIN, DEFAULT_API_URL, SETTINGS_API_KEYS_URL, CLI_AUTH_URL, APP_HOST;
 var init_brand = __esm({
   "src/types/brand.ts"() {
     "use strict";
     BRAND = {
       accent: "#4FC3A1",
       accentDim: "#3A9A7E",
-      text: "#FAFAFA",
-      textSecondary: "#8C8C8C",
-      bg: "#0A0A0A",
-      border: "#2A2A2A"
+      bg: "#0A0C10",
+      surface: "#12151B",
+      surfaceHover: "#181C24",
+      borderSubtle: "#232832",
+      borderStrong: "#313846",
+      textPrimary: "#E8EAED",
+      textSecondary: "#9AA3B2",
+      textTertiary: "#5C6470",
+      success: "#22C55E",
+      warning: "#F59E0B",
+      danger: "#EF4444",
+      critical: "#A855F7"
     };
     RISK_COLORS = {
-      LOW: "#22C55E",
-      MEDIUM: "#F59E0B",
-      HIGH: "#EF4444",
-      CRITICAL: "#A855F7"
+      LOW: BRAND.success,
+      MEDIUM: BRAND.warning,
+      HIGH: BRAND.danger,
+      CRITICAL: BRAND.critical
     };
-    VERSION = "0.1.2";
-    APP_ORIGIN = "https://app.fuzzi.dev";
+    VERSION = "0.1.4";
+    APP_ORIGIN = "https://fuzzi-ten.vercel.app";
     DEFAULT_API_URL = `${APP_ORIGIN}/api`;
+    SETTINGS_API_KEYS_URL = `${APP_ORIGIN}/settings/api-keys`;
+    CLI_AUTH_URL = `${APP_ORIGIN}/cli-auth`;
+    APP_HOST = "fuzzi-ten.vercel.app";
   }
 });
 
@@ -186,9 +197,6 @@ function shouldLog(level) {
 function stamp() {
   return (/* @__PURE__ */ new Date()).toISOString();
 }
-function isDebugMode() {
-  return currentLevel() === "debug";
-}
 var LEVELS, log;
 var init_logger = __esm({
   "src/lib/logger.ts"() {
@@ -220,9 +228,9 @@ function mapErrorMessage(status, body) {
       return "API key has been revoked. Please log in again.";
     }
     if (code === "key_expired" || msg.toLowerCase().includes("expired")) {
-      return "API key has expired. Generate a new one at https://app.fuzzi.dev/settings/api-keys";
+      return `API key has expired. Generate a new one at ${SETTINGS_API_KEYS_URL}`;
     }
-    return "Invalid API key. Generate a new one at https://app.fuzzi.dev/settings/api-keys";
+    return `Invalid API key. Generate a new one at ${SETTINGS_API_KEYS_URL}`;
   }
   if (status === 403 && (code === "ssrf" || msg.toLowerCase().includes("private ip"))) {
     return "This URL is not allowed (private IP address detected). Please scan a public-facing URL.";
@@ -253,6 +261,7 @@ var init_api_client = __esm({
     init_config();
     init_credentials();
     init_logger();
+    init_brand();
     ApiError = class extends Error {
       constructor(message, status, code, body, exitCode) {
         super(message);
@@ -302,7 +311,7 @@ var init_api_client = __esm({
           });
         } catch {
           throw new ApiError(
-            "Could not connect to app.fuzzi.dev. Check your internet connection or try again later.",
+            `Could not connect to ${APP_HOST}. Check your internet connection or try again later.`,
             0,
             "network_error",
             void 0,
@@ -358,7 +367,7 @@ var init_api_client = __esm({
           res = await fetch(url, { headers: this.headers() });
         } catch {
           throw new ApiError(
-            "Could not connect to app.fuzzi.dev. Check your internet connection or try again later.",
+            `Could not connect to ${APP_HOST}. Check your internet connection or try again later.`,
             0,
             "network_error",
             void 0,
@@ -391,7 +400,7 @@ function getCapabilities() {
   const colorterm = process.env.COLORTERM ?? "";
   const trueColor = colorterm.includes("truecolor") || colorterm.includes("24bit") || term.includes("truecolor") || !!process.env.FORCE_COLOR && process.env.FORCE_COLOR !== "0";
   cached = {
-    width: Math.max(60, Math.min(cols, 120)),
+    width: Math.max(60, cols),
     trueColor,
     interactive: stdout.isTTY === true
   };
@@ -430,18 +439,18 @@ function scoreBold(n) {
   return chalk.bold(String(n));
 }
 function error(text) {
-  return color("#EF4444", chalk.red)(text);
+  return color(BRAND.danger, chalk.red)(text);
 }
 function success(text) {
-  return color("#22C55E", chalk.green)(text);
+  return color(BRAND.success, chalk.green)(text);
 }
 function warn(text) {
-  return color("#F59E0B", chalk.yellow)(text);
+  return color(BRAND.warning, chalk.yellow)(text);
 }
-function info(text) {
-  return color(BRAND.accent, chalk.cyan)(text);
+function cmd(text) {
+  return accent(text);
 }
-var accent, accentBold, muted, bold, dim, italic;
+var accent, accentBold, primary, primaryBold, muted, dimText, border, bold, dim, italic;
 var init_theme = __esm({
   "src/terminal/theme.ts"() {
     "use strict";
@@ -449,7 +458,11 @@ var init_theme = __esm({
     init_capabilities();
     accent = color(BRAND.accent, chalk.cyan);
     accentBold = accent.bold;
+    primary = color(BRAND.textPrimary, chalk.white);
+    primaryBold = primary.bold;
     muted = color(BRAND.textSecondary, chalk.gray);
+    dimText = color(BRAND.textTertiary, chalk.dim);
+    border = color(BRAND.borderSubtle, chalk.gray);
     bold = chalk.bold;
     dim = chalk.dim;
     italic = chalk.italic;
@@ -540,33 +553,6 @@ function panel(content, opts = {}) {
     width
   });
 }
-function centerInColumn(text, colWidth) {
-  return text.split("\n").map((line) => {
-    const plain = line.replace(/\x1b\[[0-9;]*m/g, "");
-    const pad = Math.max(0, Math.floor((colWidth - plain.length) / 2));
-    return " ".repeat(pad) + line;
-  }).join("\n");
-}
-function splitHomePanel(opts) {
-  const total = contentWidth();
-  const leftW = Math.max(28, Math.floor(total * (opts.leftRatio ?? 0.34)));
-  const rightW = total - leftW - 3;
-  const leftLines = opts.left.split("\n");
-  const rightTop = opts.rightTop.split("\n");
-  const rightDiv = dim("\u2500".repeat(Math.max(10, rightW)));
-  const rightBottom = opts.rightBottom.split("\n");
-  const rightLines = [...rightTop, "", rightDiv, "", ...rightBottom];
-  const rows = Math.max(leftLines.length, rightLines.length);
-  const sep = dim("\u2502");
-  const body = [""];
-  for (let i = 0; i < rows; i++) {
-    const l = padEndVisible(leftLines[i] ?? "", leftW);
-    const r = rightLines[i] ?? "";
-    body.push(`${l} ${sep} ${r}`);
-  }
-  body.push("");
-  return panel(body.join("\n"), { title: opts.title, marginBottom: 0, borderStyle: "classic" });
-}
 function columns(left, right, leftWidth) {
   const total = contentWidth();
   const split = leftWidth ?? Math.floor(total * 0.48);
@@ -585,9 +571,6 @@ function divider(char = "\u2500", width) {
   const w = width ?? contentWidth();
   return dim(char.repeat(Math.max(20, w)));
 }
-function statusBar(parts) {
-  return dim(parts.filter(Boolean).join("  \xB7  "));
-}
 function keyValue(rows, indent = 2) {
   const pad = " ".repeat(indent);
   const maxKey = Math.max(...rows.map(([k]) => k.length), 4);
@@ -715,102 +698,44 @@ init_logger();
 import { randomBytes } from "crypto";
 import { createServer } from "http";
 import { exec } from "child_process";
-var TIMEOUT_MS = 5 * 60 * 1e3;
-function generateState() {
-  return randomBytes(24).toString("base64url");
-}
 function openBrowser(url) {
   const platform = process.platform;
-  const cmd = platform === "darwin" ? `open ${JSON.stringify(url)}` : platform === "win32" ? `start "" ${JSON.stringify(url)}` : `xdg-open ${JSON.stringify(url)}`;
-  exec(cmd, (err) => {
+  const cmd2 = platform === "darwin" ? `open ${JSON.stringify(url)}` : platform === "win32" ? `start "" ${JSON.stringify(url)}` : `xdg-open ${JSON.stringify(url)}`;
+  exec(cmd2, (err) => {
     if (err) log.warn("could not open browser automatically", err.message);
   });
 }
 function apiOrigin(apiUrl) {
   return apiUrl.replace(/\/api\/?$/, "") || APP_ORIGIN;
 }
-async function runBrowserLogin() {
+async function openCliAuthPage() {
   const config = await loadConfig();
-  const state = generateState();
-  const handoffToken = await new Promise((resolve, reject) => {
-    const server = createServer((req, res) => {
-      try {
-        const addr = server.address();
-        const port = typeof addr === "object" && addr ? addr.port : 0;
-        const url = new URL(req.url ?? "/", `http://127.0.0.1:${port}`);
-        if (url.pathname !== "/callback") {
-          res.writeHead(404);
-          res.end();
-          return;
-        }
-        const token = url.searchParams.get("token");
-        const returnedState = url.searchParams.get("state");
-        if (!token || returnedState !== state) {
-          res.writeHead(400);
-          res.end("Invalid callback");
-          reject(new ApiError("Invalid sign-in callback.", 400, "invalid_callback", void 0, 2));
-          return;
-        }
-        res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
-        res.end(`<!DOCTYPE html><html><body style="font-family:system-ui;text-align:center;padding:48px">
-          <h1>Signed in to Fuzzi CLI</h1><p>Return to your terminal.</p>
-          <script>setTimeout(()=>window.close(),1200)</script></body></html>`);
-        server.close();
-        resolve(token);
-      } catch (e) {
-        server.close();
-        reject(e);
-      }
-    });
-    const timer = setTimeout(() => {
-      server.close();
-      reject(new ApiError("Sign-in timed out after 5 minutes.", 408, "auth_timeout", void 0, 2));
-    }, TIMEOUT_MS);
-    server.listen(0, "127.0.0.1", () => {
-      const addr = server.address();
-      const port = typeof addr === "object" && addr ? addr.port : 0;
-      const loginUrl = `${apiOrigin(config.api_url)}/cli-auth?state=${encodeURIComponent(state)}&callback_port=${port}`;
-      openBrowser(loginUrl);
-      log.debug("browser auth", loginUrl);
-    });
-    server.on("error", (e) => {
-      clearTimeout(timer);
-      reject(e);
-    });
-  });
-  const client = new FuzziApiClient(config.api_url);
-  const handoff = await client.post("/cli/handoff", {
-    handoff_token: handoffToken,
-    state
-  });
-  if (!handoff.api_key) {
-    throw new ApiError("Sign-in failed: no API key returned.", 500, "handoff_failed", void 0, 2);
-  }
-  client.setToken(handoff.api_key);
-  const profile = await client.get("/me");
-  await saveCredentials({
-    api_key: handoff.api_key,
-    auth_method: "api_key",
-    key_prefix: handoff.prefix || profile.key_prefix || maskApiKey(handoff.api_key),
-    key_expires_at: handoff.expires_at || profile.key_expires_at || void 0,
-    email: profile.email,
-    full_name: profile.full_name || void 0,
-    saved_at: (/* @__PURE__ */ new Date()).toISOString()
-  });
-  const name = profile.full_name || profile.email;
-  return { message: `Signed in as ${name}`, profile };
+  const url = `${apiOrigin(config.api_url)}/cli-auth`;
+  openBrowser(url);
+  log.debug("opened cli auth page", url);
+  return url;
 }
 
 // src/commands/auth.ts
+init_brand();
+async function runAssistedBrowserLogin() {
+  await openCliAuthPage();
+  console.log("");
+  console.log(accent("  Browser opened \u2014 authorize Fuzzi CLI on the web page."));
+  console.log(muted("  Copy the API key shown, then paste it below."));
+  console.log("");
+  const msg = await runApiKeyLogin({ interactive: true });
+  const client = await getAuthenticatedClient();
+  const profile = await client.get("/me");
+  return { message: msg, profile };
+}
 async function runAuthLogin(opts = {}) {
-  if (opts.browser || opts.interactive !== false && !opts.apiKey && !opts.apiKeyOnly) {
-    try {
-      const result = await runBrowserLogin();
-      return success(result.message);
-    } catch (e) {
-      if (opts.browser) throw e;
-      if (opts.apiKeyOnly) throw e;
-    }
+  if (opts.apiKeyOnly || opts.apiKey) {
+    return runApiKeyLogin(opts);
+  }
+  if (opts.browser || opts.interactive !== false) {
+    const result = await runAssistedBrowserLogin();
+    return result.message;
   }
   return runApiKeyLogin(opts);
 }
@@ -841,7 +766,7 @@ async function runApiKeyLogin(opts = {}) {
   apiKey = apiKey.trim();
   if (!isValidApiKeyFormat(apiKey)) {
     throw new ApiError(
-      "Invalid API key format. Generate a new one at https://app.fuzzi.dev/settings/api-keys",
+      `Invalid API key format. Generate a new one at ${SETTINGS_API_KEYS_URL}`,
       401,
       "invalid_key_format",
       void 0,
@@ -852,7 +777,7 @@ async function runApiKeyLogin(opts = {}) {
   const valid = await client.validateToken();
   if (!valid) {
     throw new ApiError(
-      "Invalid API key. Generate a new one at https://app.fuzzi.dev/settings/api-keys",
+      `Invalid API key. Generate a new one at ${SETTINGS_API_KEYS_URL}`,
       401,
       "invalid_token",
       void 0,
@@ -993,13 +918,14 @@ init_theme();
 
 // src/lib/errors.ts
 init_api_client();
+init_brand();
 function formatApiError(err) {
   if (err instanceof ApiError) {
     return err.message;
   }
   if (err instanceof Error) {
     if (err.message.includes("fetch failed") || err.message.includes("ECONNREFUSED")) {
-      return "Could not connect to app.fuzzi.dev. Check your internet connection or try again later.";
+      return `Could not connect to ${APP_HOST}. Check your internet connection or try again later.`;
     }
     return `An error occurred: ${err.message}. Please report this at https://github.com/fuzzi-cli/fuzzi-cli/issues`;
   }
@@ -1474,33 +1400,7 @@ function buildProgram() {
 
 // src/shell/prompt-loop.ts
 import * as readline from "readline/promises";
-import { stdin as input3, stdout as output } from "process";
-
-// src/shell/home-screen.ts
-import { homedir as homedir3 } from "os";
-
-// src/shell/ascii-mark.ts
-function renderFuzziMark() {
-  return [
-    "      \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588",
-    "    \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588",
-    "    \u2588\u2588          \u2588\u2588",
-    "    \u2588\u2588  \u2588\u2588\u2588\u2588\u2588\u2588  \u2588\u2588",
-    "    \u2588\u2588  \u2588\u2588\u2588\u2588\u2588\u2588  \u2588\u2588",
-    "    \u2588\u2588   \u2588\u2588\u2588\u2588   \u2588\u2588",
-    "    \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588",
-    "      \u2588\u2588      \u2588\u2588",
-    "      \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588",
-    "        \u2588\u2588  \u2588\u2588",
-    "        \u2588\u2588  \u2588\u2588"
-  ].join("\n");
-}
-
-// src/shell/home-screen.ts
-init_brand();
-init_theme();
-init_layout();
-init_width();
+import { stdin as input3, stdout as output, cwd as cwd3 } from "process";
 
 // src/lib/assets.ts
 import { readFile as readFile4 } from "fs/promises";
@@ -1527,130 +1427,261 @@ async function readAsset(name) {
 }
 
 // src/shell/home-screen.ts
-async function fetchHomeData(profile, cwd4) {
+init_api_client();
+
+// src/shell/ascii-mark.ts
+function renderFuzziMark() {
+  return [
+    "      \u2554\u2550\u2550\u2550\u2550\u2557",
+    "      \u2551 \u25C6  \u2551",
+    "      \u255A\u2550\u2566\u2550\u2550\u255D",
+    "       \u2554\u2550\u2569\u2550\u2557",
+    "       \u2551 \u25C6 \u2551",
+    "       \u255A\u2550\u2550\u2550\u255D"
+  ].join("\n");
+}
+
+// src/shell/home-screen.ts
+init_brand();
+init_theme();
+init_width();
+
+// src/components/Panel.ts
+init_theme();
+init_strings();
+init_width();
+function visibleLen(s) {
+  return s.replace(/\x1b\[[0-9;]*m/g, "").length;
+}
+function topBanner(title, width = contentWidth()) {
+  const inner = ` ${title} `;
+  const dashes = Math.max(0, width - 2 - visibleLen(inner));
+  const left = Math.floor(dashes / 2);
+  const right = dashes - left;
+  return [
+    border(`\u250F${"\u2501".repeat(left)}${inner}${"\u2501".repeat(right)}\u2513`),
+    border(`\u2517${"\u2501".repeat(width - 2)}\u251B`)
+  ].join("\n");
+}
+function titleSegment(title, width) {
+  const prefix = `\u2500 ${title} `;
+  const dashes = Math.max(0, width - visibleLen(prefix));
+  return prefix + "\u2500".repeat(dashes);
+}
+function tripleColumnPanel(cols, totalWidth = contentWidth()) {
+  const sep = 1;
+  const inner = totalWidth - 2;
+  const ratios = [0.44, 0.28, 0.28];
+  const raw = ratios.map((r) => Math.floor(inner * r));
+  const used = raw.reduce((a, b) => a + b, 0) + 2 * sep;
+  raw[0] += inner - used;
+  const widths = raw;
+  const top = border("\u250C") + titleSegment(cols[0].title, widths[0]) + border("\u252C") + titleSegment(cols[1].title, widths[1]) + border("\u252C") + titleSegment(cols[2].title, widths[2]) + border("\u2510");
+  const maxRows = Math.max(...cols.map((c) => c.lines.length), 1);
+  const body = [top];
+  for (let i = 0; i < maxRows; i++) {
+    const cells = cols.map((c, idx) => padEndVisible(c.lines[i] ?? "", widths[idx]));
+    body.push(
+      border("\u2502") + cells[0] + border("\u2502") + cells[1] + border("\u2502") + cells[2] + border("\u2502")
+    );
+  }
+  const bottom = border("\u2514") + border("\u2500".repeat(widths[0])) + border("\u2534") + border("\u2500".repeat(widths[1])) + border("\u2534") + border("\u2500".repeat(widths[2])) + border("\u2518");
+  body.push(bottom);
+  return body.join("\n");
+}
+function stackedPanels(cols, width = contentWidth()) {
+  return cols.map((col) => singlePanel(col.title, col.lines, width)).join("\n\n");
+}
+function singlePanel(title, lines, width = contentWidth()) {
+  const inner = width - 2;
+  const prefix = `\u2500 ${title} `;
+  const dashes = Math.max(0, inner - visibleLen(prefix));
+  const top = border(`\u250C${prefix}${"\u2500".repeat(dashes)}\u2510`);
+  const bottom = border(`\u2514${"\u2500".repeat(inner)}\u2518`);
+  const body = lines.map((l) => border("\u2502") + padEndVisible(l, inner) + border("\u2502"));
+  return [top, ...body, bottom].join("\n");
+}
+function tipPanel(text, width = contentWidth()) {
+  const inner = width - 2;
+  const prefix = "\u2500 Tip ";
+  const dashes = Math.max(0, inner - visibleLen(prefix));
+  const top = border(`\u250C${prefix}${"\u2500".repeat(dashes)}\u2510`);
+  const bottom = border(`\u2514${"\u2500".repeat(inner)}\u2518`);
+  return [top, border("\u2502") + padEndVisible(text, inner) + border("\u2502"), bottom].join("\n");
+}
+function besideMark(mark, text, markCol = 14, gap = 2) {
+  const rows = Math.max(mark.length, text.length);
+  const out = [];
+  for (let i = 0; i < rows; i++) {
+    const m = padEndVisible(mark[i] ?? "", markCol);
+    const t = text[i] ?? "";
+    out.push(m + " ".repeat(gap) + t);
+  }
+  return out;
+}
+function popularCommand(command, desc, cmdWidth = 14) {
+  return padEndVisible(cmd(command), cmdWidth) + muted(desc);
+}
+
+// src/shell/home-screen.ts
+function daysUntil2(dateStr) {
+  const diff = new Date(dateStr).getTime() - Date.now();
+  return Math.max(0, Math.ceil(diff / (1e3 * 60 * 60 * 24)));
+}
+function formatKeyExpiry(dateStr) {
+  if (!dateStr) return null;
+  const days = daysUntil2(dateStr);
+  return `Key expires: ${days} days remaining`;
+}
+function formatKeyExpiryDate(dateStr) {
+  if (!dateStr) return null;
+  return `(${dateStr.slice(0, 10)})`;
+}
+async function fetchHomeData(profile) {
   let changelog = [];
   try {
     changelog = JSON.parse(await readAsset("changelog.json"));
   } catch {
     changelog = [];
   }
-  return { profile, cwd: cwd4, changelog };
-}
-function isHomeDir(dir) {
-  return dir === homedir3() || dir === homedir3().replace(/\/$/, "");
+  let stats = null;
+  if (profile) {
+    try {
+      const client = await getAuthenticatedClient();
+      const rateRaw = await runRateLimitStatus(client);
+      let rateHour = null;
+      if (rateRaw) {
+        const m = rateRaw.match(/(\d+)\/(\d+)/);
+        if (m) {
+          const remaining = Number(m[1]);
+          const limit2 = Number(m[2]);
+          const used2 = limit2 - remaining;
+          rateHour = `${used2}/${limit2} scans this hour`;
+        } else {
+          rateHour = rateRaw;
+        }
+      }
+      const used = profile.scans_used_this_month ?? profile.total_scans;
+      const limit = profile.monthly_scan_limit;
+      const usageMonth = used != null && limit != null ? `${used}/${limit} scans this month` : used != null ? `${used} scans total` : null;
+      stats = { rateHour, usageMonth };
+    } catch {
+      stats = null;
+    }
+  }
+  return { profile, changelog, stats };
 }
-function renderLeftColumn(data) {
-  const colW = Math.max(28, Math.floor(contentWidth() * 0.34));
-  const name = data.profile?.full_name || data.profile?.email?.split("@")[0] || "there";
-  const org = data.profile?.organization?.trim();
-  const mark = centerInColumn(accent(renderFuzziMark()), colW);
-  const lines = [];
+function renderAccountColumn(data) {
+  const mark = accent(renderFuzziMark()).split("\n");
   if (data.profile) {
-    lines.push(
-      accentBold(`Welcome back ${name}!`),
-      "",
-      mark,
-      "",
-      [accent("\u25CF Connected"), muted("\xB7"), info("API Key auth"), org ? muted("\xB7 " + org) : ""].filter(Boolean).join(" "),
-      muted(data.profile.email),
-      data.profile.role ? muted(`Role: ${data.profile.role}`) : "",
+    const p = data.profile;
+    const name = p.full_name || p.email.split("@")[0];
+    const keyExpiry = formatKeyExpiry(p.key_expires_at ?? void 0);
+    const keyDate = formatKeyExpiryDate(p.key_expires_at ?? void 0);
+    const textBlock2 = [
+      primaryBold(`Welcome back, ${name}!`),
+      primary(p.email),
       "",
-      muted(data.cwd),
-      "",
-      accent("/scan") + muted(" <url>   scan a target"),
-      accent("/scans") + muted("        browse history"),
-      accent("/status") + muted("       account info"),
-      accent("/keys") + muted("         manage keys"),
-      accent("/palette") + muted("      find commands")
-    );
-  } else {
-    lines.push(
-      accentBold("Welcome to Fuzzi!"),
-      "",
-      mark,
-      "",
-      muted("Not connected"),
-      info("Press Enter to sign in"),
-      "",
-      muted(data.cwd),
-      "",
-      accent("/auth") + muted("      browser sign-in"),
-      accent("/auth-key") + muted("  paste API key"),
-      accent("/scan") + muted(" <url>  after login"),
-      accent("/help") + muted("       all commands")
-    );
+      muted(`Organization: ${p.organization || "\u2014"}`),
+      muted(`Role: ${p.role}`)
+    ];
+    const beside = besideMark(mark, textBlock2, 14, 4);
+    const lines = ["", ...beside, ""];
+    lines.push(success("\u25CF Connected"));
+    lines.push(muted("Status: Ready"));
+    if (data.stats?.rateHour) lines.push(muted(`Rate limit: ${data.stats.rateHour}`));
+    if (data.stats?.usageMonth) lines.push(muted(`Usage: ${data.stats.usageMonth}`));
+    if (keyExpiry) {
+      lines.push("");
+      lines.push(muted(keyExpiry));
+      if (keyDate) lines.push(muted(keyDate));
+    }
+    return lines;
   }
-  return lines.filter((l) => l !== "").join("\n");
+  const textBlock = [
+    primaryBold("Welcome to Fuzzi!"),
+    muted("Not connected"),
+    "",
+    muted("Press Enter to sign in"),
+    muted("or run /auth-key")
+  ];
+  return ["", ...besideMark(mark, textBlock, 14, 4), ""];
 }
-function renderTipsColumn(data) {
+function renderQuickStartColumn(data) {
   const lines = [
-    accentBold("Tips for getting started"),
     "",
-    `Run ${accent("/scan")}${muted(" <url>")} to scan a site for security risks`,
-    `Run ${accent("/palette")} to search every available command`,
-    `Run ${accent("/help")} for the full command reference`,
-    ""
+    muted("Type ") + cmd("/help") + muted(" for all"),
+    muted("commands."),
+    "",
+    primaryBold("Popular commands:"),
+    "",
+    popularCommand("/scan", "Start a security scan", 12),
+    popularCommand("/scans", "Browse recent scans", 12),
+    popularCommand("/status", "Show account info", 12)
   ];
-  if (!data.profile) {
-    lines.push(
-      muted("Note: You launched without credentials."),
-      muted("Press Enter at the prompt to open your browser,"),
-      muted("or use /auth-key to paste an API key."),
-      ""
-    );
-  } else if (isHomeDir(data.cwd)) {
+  if (data.profile) {
     lines.push(
-      muted("Note: You launched fuzzi in your home directory."),
-      muted("cd into a project folder first for better context,"),
-      muted("or pass URLs directly: /scan https://example.com"),
-      ""
+      popularCommand("/keys", "Manage API keys", 12),
+      popularCommand("/config", "CLI settings", 12)
     );
   } else {
     lines.push(
-      muted("Note: Add a .fuzzirc in this directory to set default"),
-      muted("scan URL, environment, and output format for the team."),
-      ""
+      popularCommand("/auth", "Browser sign-in", 12),
+      popularCommand("/auth-key", "Paste API key", 12)
     );
   }
-  lines.push(
-    muted("CI usage: "),
-    muted("fuzzi scan <url> --fail-on critical --format json")
-  );
-  return lines.join("\n");
+  return lines;
 }
 function renderWhatsNewColumn(data) {
-  const latest = data.changelog[0];
-  const lines = [accentBold("What's new"), ""];
-  if (latest) {
-    for (const h of latest.highlights.slice(0, 4)) {
-      lines.push(muted(h));
-    }
-    lines.push("");
-    lines.push(italic(muted("/changelog for more")));
-  } else {
-    lines.push(muted("Stay tuned for updates."));
+  const lines = [""];
+  const highlights = data.changelog[0]?.highlights ?? [
+    "Confidence gating added",
+    "Netflix-style false positives fixed",
+    "CLI shell interface"
+  ];
+  for (const h of highlights.slice(0, 4)) {
+    const text = h.replace(/^✓\s*/, "");
+    lines.push(success("\u2713 ") + primary(text));
   }
-  return lines.join("\n");
+  lines.push("");
+  lines.push(muted("Run ") + cmd("/changelog") + muted(" for more details."));
+  return lines;
+}
+function renderTip(data) {
+  if (data.profile) {
+    return muted("Tip: Run ") + cmd("/scan <url>") + muted(" to scan a target, or ") + cmd("/palette") + muted(" to find commands.");
+  }
+  return muted("Not logged in? Run ") + cmd("/auth-key") + muted(" to paste an API key from settings, or press Enter to sign in via browser.");
 }
 function renderHomeScreen(data) {
-  return splitHomePanel({
-    title: `Fuzzi CLI v${VERSION}`,
-    left: renderLeftColumn(data),
-    rightTop: renderTipsColumn(data),
-    rightBottom: renderWhatsNewColumn(data),
-    leftRatio: 0.36
-  });
+  const width = contentWidth();
+  const cols = [
+    { title: "Account", lines: renderAccountColumn(data) },
+    { title: "Quick Start", lines: renderQuickStartColumn(data) },
+    { title: "What's New", lines: renderWhatsNewColumn(data) }
+  ];
+  const main2 = terminalWidth() >= 100 ? tripleColumnPanel(cols, width) : stackedPanels(cols, width);
+  return [topBanner(`Fuzzi CLI v${VERSION}`, width), "", main2, "", tipPanel(renderTip(data), width)].join(
+    "\n"
+  );
 }
 function renderChangelog(entries) {
   if (!entries.length) return muted("No changelog entries.");
   return entries.map((e) => {
     const lines = [
       accentBold(`v${e.version}`) + muted(` \u2014 ${e.date}`),
-      ...e.highlights.map((h) => muted(`  \xB7 ${h}`))
+      ...e.highlights.map((h) => success("\u2713 ") + primary(h.replace(/^✓\s*/, "")))
     ];
     return lines.join("\n");
   }).join("\n\n");
 }
+function renderAuthGateScreen() {
+  return renderHomeScreen({
+    profile: null,
+    changelog: [],
+    stats: null
+  });
+}
 
 // src/shell/slash-commands.ts
 init_api_client();
@@ -1668,6 +1699,9 @@ function emptyState(title, hint, action) {
   return lines.join("\n");
 }
 
+// src/commands/keys.ts
+init_brand();
+
 // src/terminal/interactive.ts
 init_theme();
 import { select, search } from "@inquirer/prompts";
@@ -1702,7 +1736,7 @@ async function runKeysListCommand(client) {
   const data = await client.get("/keys");
   const keys = data.results || [];
   if (!keys.length) {
-    return emptyState("No API keys", "Create one at app.fuzzi.dev/settings/api-keys", "[n] new key in this view");
+    return emptyState("No API keys", `Create one at ${SETTINGS_API_KEYS_URL}`, "[n] new key in this view");
   }
   const rows = keys.map((k) => [
     k.name,
@@ -1750,9 +1784,9 @@ var SLASH_COMMANDS = [
   { name: "/exit", description: "Exit the shell", aliases: ["/quit"] }
 ];
 function findCommand(input5) {
-  const cmd = input5.trim().split(/\s/)[0].toLowerCase();
+  const cmd2 = input5.trim().split(/\s/)[0].toLowerCase();
   return SLASH_COMMANDS.find(
-    (c) => c.name === cmd || c.aliases?.some((a) => a === cmd)
+    (c) => c.name === cmd2 || c.aliases?.some((a) => a === cmd2)
   );
 }
 
@@ -1871,9 +1905,9 @@ async function dispatchSlashCommand(line, ctx) {
   const trimmed = line.trim();
   if (!trimmed) return {};
   if (trimmed === "/exit" || trimmed === "/quit") return { exit: true };
-  const [cmd, ...rest] = trimmed.split(/\s+/);
+  const [cmd2, ...rest] = trimmed.split(/\s+/);
   const arg = rest.join(" ").trim();
-  if (!cmd.startsWith("/")) {
+  if (!cmd2.startsWith("/")) {
     ctx.sink.write(
       errorBox(
         `Not a shell command: ${trimmed}`,
@@ -1883,12 +1917,12 @@ ${accent("/help")} lists everything`
     );
     return {};
   }
-  if (!findCommand(cmd) && cmd.startsWith("/")) {
-    ctx.sink.write(errorBox(`Unknown command: ${cmd}`, "Type /help or /palette"));
+  if (!findCommand(cmd2) && cmd2.startsWith("/")) {
+    ctx.sink.write(errorBox(`Unknown command: ${cmd2}`, "Type /help or /palette"));
     return {};
   }
   try {
-    switch (cmd.toLowerCase()) {
+    switch (cmd2.toLowerCase()) {
       case "/help":
         ctx.sink.write(renderHelpScreen());
         break;
@@ -1982,9 +2016,9 @@ ${muted("Rate limit")}  ${rate}` : status);
       }
       case "/login":
       case "/auth": {
-        ctx.sink.write(await runAuthLogin({ interactive: true, browser: true }));
-        const client = await getAuthenticatedClient();
-        return { profile: await client.get("/me"), redraw: true };
+        const result = await runAssistedBrowserLogin();
+        ctx.sink.write(result.message);
+        return { profile: result.profile, redraw: true };
       }
       case "/auth-key": {
         ctx.sink.write(await runApiKeyLogin({ interactive: true }));
@@ -1992,7 +2026,7 @@ ${muted("Rate limit")}  ${rate}` : status);
         return { profile: await client.get("/me"), redraw: true };
       }
       default:
-        ctx.sink.write(errorBox(`Unknown command: ${cmd}`, "Type /help"));
+        ctx.sink.write(errorBox(`Unknown command: ${cmd2}`, "Type /help"));
     }
   } catch (e) {
     ctx.sink.error(formatApiError(e));
@@ -2063,7 +2097,6 @@ async function runKeysInteractive(ctx) {
 
 // src/shell/prompt-loop.ts
 init_theme();
-import { cwd as cwd3 } from "process";
 
 // src/shell/completer.ts
 function buildCompleter(commands, history) {
@@ -2081,8 +2114,6 @@ function buildCompleter(commands, history) {
 
 // src/shell/prompt-loop.ts
 init_capabilities();
-init_layout();
-init_logger();
 async function runPromptLoop(initialProfile) {
   let profile = initialProfile;
   const workDir = cwd3();
@@ -2091,13 +2122,8 @@ async function runPromptLoop(initialProfile) {
     if (getCapabilities().interactive) {
       process.stdout.write("\x1B[2J\x1B[H");
     }
-    const data = await fetchHomeData(profile, workDir);
+    const data = await fetchHomeData(profile);
     console.log(renderHomeScreen(data));
-    console.log(statusBar([
-      profile ? muted(profile.email) : muted("guest"),
-      dim(workDir),
-      isDebugMode() ? muted("debug") : null
-    ].filter(Boolean)));
     console.log("");
   };
   await refresh();
@@ -2113,7 +2139,7 @@ async function runPromptLoop(initialProfile) {
     rl.close();
     process.exit(0);
   });
-  const prompt = () => process.stdout.write(accent("\u203A "));
+  const prompt = () => process.stdout.write(accent("> "));
   prompt();
   for await (const line of rl) {
     await appendHistory(line);
@@ -2142,11 +2168,9 @@ async function runPromptLoop(initialProfile) {
 }
 
 // src/shell/auth-gate.ts
-init_layout();
-init_theme();
-init_width();
 import * as readline2 from "readline";
 import { stdin as input4, stdout as output2 } from "process";
+init_theme();
 
 // src/cli/profile.ts
 init_credentials();
@@ -2165,50 +2189,10 @@ async function tryGetProfile() {
 }
 
 // src/shell/auth-gate.ts
-init_brand();
-function renderAuthGate() {
-  const colW = Math.max(28, Math.floor(contentWidth() * 0.36));
-  const mark = centerInColumn(accent(renderFuzziMark()), colW);
-  const left = [
-    accentBold("Welcome to Fuzzi!"),
-    "",
-    mark,
-    "",
-    muted("Not connected"),
-    info("Sign in to run scans"),
-    "",
-    accent("/auth-key") + muted("  paste API key"),
-    accent("/help") + muted("       commands")
-  ].join("\n");
-  const rightTop = [
-    accentBold("Sign in to continue"),
-    "",
-    info("Press Enter to open your browser"),
-    muted("and authorize the CLI."),
-    "",
-    muted("A local server receives the callback"),
-    muted("from app.fuzzi.dev automatically.")
-  ].join("\n");
-  const rightBottom = [
-    accentBold("Other options"),
-    "",
-    muted("Paste an API key with /auth-key"),
-    muted("from Settings \u2192 API Keys on the web."),
-    "",
-    italic(muted("docs: app.fuzzi.dev/settings/api-keys"))
-  ].join("\n");
-  return splitHomePanel({
-    title: `Fuzzi CLI v${VERSION}`,
-    left,
-    rightTop,
-    rightBottom,
-    leftRatio: 0.36
-  });
-}
 function waitForEnter() {
   return new Promise((resolve) => {
     const rl = readline2.createInterface({ input: input4, output: output2, terminal: true });
-    output2.write(accent("\n  \u203A Press Enter to open browser... "));
+    output2.write(accent("\n> Press Enter to open browser... "));
     rl.once("line", () => {
       rl.close();
       resolve();
@@ -2219,18 +2203,15 @@ async function runAuthGate() {
   const existing = await tryGetProfile();
   if (existing) return existing;
   if (!output2.isTTY) return null;
-  console.log(renderAuthGate());
+  console.log(renderAuthGateScreen());
   await waitForEnter();
-  const progress = createProgress("Opening browser...");
   try {
-    const result = await runBrowserLogin();
-    progress.succeed("Signed in");
-    console.log(accent(result.message));
+    const result = await runAssistedBrowserLogin();
+    console.log(result.message);
     return result.profile;
   } catch (e) {
-    progress.fail("Sign-in failed");
     console.log(muted(formatApiError(e)));
-    console.log(muted("Use /auth-key to paste an API key, or /auth to retry."));
+    console.log(muted("Run /auth-key to paste your API key manually."));
     return null;
   }
 }