kojee-mcp 0.5.3 → 0.5.4

package/dist/chunk-HIZ4NDWN.js

@@ -0,0 +1,141 @@
+import {
+  translateToolCallResult
+} from "./chunk-LDZXU3DW.js";
+
+// src/tandem/send.ts
+var SEND_KINDS = ["message", "status"];
+function sendFailure(error, message) {
+  return { ok: false, error, message };
+}
+function parseSendRequest(input) {
+  if (typeof input !== "object" || input === null || Array.isArray(input)) {
+    return sendFailure("bad_request", "request must be a JSON object");
+  }
+  const obj = input;
+  const tandemId = obj["tandem_id"];
+  if (typeof tandemId !== "string" || tandemId.length === 0) {
+    return sendFailure("bad_request", "tandem_id is required and must be a non-empty string");
+  }
+  const body = obj["body"];
+  if (typeof body !== "string" || body.length === 0) {
+    return sendFailure("bad_request", "body is required and must be a non-empty string");
+  }
+  const request = { tandem_id: tandemId, body };
+  if (obj["reply_to"] !== void 0) {
+    if (typeof obj["reply_to"] !== "string" || obj["reply_to"].length === 0) {
+      return sendFailure("bad_request", "reply_to must be a non-empty string when present");
+    }
+    request.reply_to = obj["reply_to"];
+  }
+  if (obj["kind"] !== void 0) {
+    const kind = obj["kind"];
+    if (typeof kind !== "string" || !SEND_KINDS.includes(kind)) {
+      return sendFailure(
+        "bad_request",
+        `kind must be one of: ${SEND_KINDS.join(", ")}`
+      );
+    }
+    request.kind = kind;
+  }
+  return { ok: true, request };
+}
+function classifySendFailure(text) {
+  if (/member[\s_-]?cap/i.test(text)) {
+    return sendFailure("member_cap", text);
+  }
+  if (/gateway error:\s*403/i.test(text) || /mcp_request_blocked/i.test(text) || /blocked by a firewall/i.test(text) || /security service/i.test(text)) {
+    return sendFailure(
+      "content_blocked",
+      `content blocked by gateway \u2014 the gateway's firewall rejected the message content (commonly a literal URL in the body). De-fang or split the content and retry. Gateway said: ${text}`
+    );
+  }
+  if (/token is invalid or expired/i.test(text) || /authentication failed/i.test(text) || /re-?authoriz/i.test(text)) {
+    return sendFailure("gateway_auth", text);
+  }
+  if (/aren'?t a member|not a member/i.test(text)) {
+    return sendFailure("not_member", text);
+  }
+  if (/rate limit/i.test(text)) {
+    return sendFailure("rate_limited", text);
+  }
+  if (/cannot reach kojee gateway/i.test(text)) {
+    return sendFailure("network", text);
+  }
+  if (/^DENIED:/.test(text)) {
+    return sendFailure("governance_denied", text);
+  }
+  if (/^APPROVAL REQUIRED:/.test(text)) {
+    return sendFailure("approval_required", text);
+  }
+  return sendFailure("send_failed", text);
+}
+async function executeSend(gateway, request) {
+  const args = {
+    tandem_id: request.tandem_id,
+    body: request.body,
+    ...request.reply_to !== void 0 ? { reply_to: request.reply_to } : {},
+    ...request.kind !== void 0 ? { kind: request.kind } : {}
+  };
+  let result;
+  try {
+    result = await gateway.sendRpc("tools/call", {
+      name: "tandem_send",
+      arguments: args
+    });
+  } catch (err) {
+    return classifySendFailure(
+      `tandem_send failed: ${err?.message ?? String(err)}`
+    );
+  }
+  const translated = translateToolCallResult(result);
+  const text = (translated.content ?? []).map((c) => typeof c?.text === "string" ? c.text : "").filter(Boolean).join("\n");
+  if (translated.isError) {
+    return classifySendFailure(text || "tandem_send returned an error with no text");
+  }
+  let messageId = null;
+  let cursor = null;
+  try {
+    const parsed = JSON.parse(text);
+    const rawId = parsed["message_id"] ?? parsed["id"];
+    if (rawId !== void 0 && rawId !== null) messageId = String(rawId);
+    const rawCursor = parsed["cursor"];
+    if (typeof rawCursor === "number") cursor = rawCursor;
+  } catch {
+  }
+  return {
+    ok: true,
+    tandem_id: request.tandem_id,
+    message_id: messageId,
+    cursor,
+    text
+  };
+}
+var HTTP_STATUS_BY_CODE = {
+  bad_request: 400,
+  unauthorized: 401,
+  content_blocked: 403,
+  member_cap: 403,
+  not_member: 403,
+  governance_denied: 403,
+  approval_required: 403,
+  rate_limited: 429,
+  // Upstream/credential problems — the LOCAL surface worked, the gateway leg
+  // failed: a gateway (502) class from the caller's point of view.
+  not_paired: 502,
+  not_enrolled: 502,
+  gateway_auth: 502,
+  network: 502,
+  send_failed: 502,
+  send_unavailable: 503
+};
+function httpStatusForEnvelope(envelope) {
+  if (envelope.ok) return 200;
+  return HTTP_STATUS_BY_CODE[envelope.error] ?? 502;
+}
+
+export {
+  sendFailure,
+  parseSendRequest,
+  executeSend,
+  httpStatusForEnvelope
+};

package/dist/chunk-LDZXU3DW.js

@@ -0,0 +1,170 @@
+// src/error-translator.ts
+function translateGovernanceResult(result) {
+  const governance = result._meta?.governance;
+  if (!governance) return result;
+  if (governance.decision === "deny") {
+    return formatDenied(governance);
+  }
+  if (governance.decision === "require_approval") {
+    return formatApprovalRequired(governance);
+  }
+  return result;
+}
+function formatApprovalRequired(governance) {
+  const rules = formatRules(governance.triggered_guardrails);
+  const text = `APPROVAL REQUIRED: This action needs user approval before executing. Approval ID: ${governance.approval_id}. Expires: ${governance.expires_at ?? "unknown"}. Triggered rules: ${rules}. The user has been notified. Call kojee_check_approval with this approval_id to check the status.`;
+  return {
+    content: [{ type: "text", text }],
+    isError: true
+  };
+}
+function formatDenied(governance) {
+  const rules = formatRules(governance.triggered_guardrails);
+  const text = `DENIED: This action was blocked by governance policy. Triggered rules: ${rules}. This cannot proceed \u2014 modify your request or ask the user to adjust governance rules.`;
+  return {
+    content: [{ type: "text", text }],
+    isError: true
+  };
+}
+function translateHttpError(status, errorCode, trigger) {
+  if (status === 401) {
+    if (errorCode === "use_dpop_nonce") {
+      return null;
+    }
+    if (errorCode === "invalid_dpop_proof") {
+      return makeError(
+        "Authentication failed. The proxy will attempt to re-enroll. If this persists, regenerate your gateway token."
+      );
+    }
+    if (errorCode === "key_enrollment_required") {
+      return null;
+    }
+    return makeError(
+      "Gateway token is invalid or expired. Generate a new one."
+    );
+  }
+  if (status === 403 && errorCode === "step_up_required") {
+    const reason = trigger ? ` (reason: ${trigger})` : "";
+    return makeError(
+      `Device re-authorization required${reason}. This action can't proceed until the user re-authorizes this device in the Kojee dashboard.`
+    );
+  }
+  if (status === 429) {
+    return makeError(
+      "Rate limit exceeded. Wait before making more requests."
+    );
+  }
+  if (status >= 500) {
+    return makeError(
+      "Kojee gateway encountered an error. Try again."
+    );
+  }
+  return null;
+}
+var TANDEM_ERROR_MESSAGES = {
+  [-32003]: () => "This Tandem is hardened to owner-only membership; you can't join.",
+  [-32004]: () => "You aren't a member of that Tandem. Use tandem_join(join_link) first.",
+  [-32006]: (data) => {
+    const retry = data?.["retry_after_seconds"] ?? "a moment";
+    return `Rate limit hit on this Tandem. Retry after ${retry} seconds.`;
+  },
+  [-32007]: (data) => {
+    const rule = data?.["rule"] ?? "policy";
+    return `Message rejected by Tandem policy (${rule}).`;
+  },
+  [-32011]: (data) => {
+    const id = data?.["tandem_id"] ?? "unknown";
+    return `Tandem ${id} doesn't exist or isn't visible to you.`;
+  },
+  [-32015]: (data) => {
+    const candidates = data?.["candidates"] ?? [];
+    return `An @-mention matched multiple members and is ambiguous. Retry with explicit mentions[]. Candidates: ${candidates.join(", ")}.`;
+  }
+};
+function translateJsonRpcError(error) {
+  const msg = error.message ?? "";
+  const msgLower = msg.toLowerCase();
+  const tandemMessage = TANDEM_ERROR_MESSAGES[error.code];
+  if (tandemMessage) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: tandemMessage(error.data)
+        }
+      ],
+      isError: true
+    };
+  }
+  switch (error.code) {
+    case -32601:
+      return makeError(
+        `Tool not available. It may have been removed or is not connected. Check your connected services in the Kojee dashboard.`
+      );
+    case -32602:
+      return makeError(msg || "Invalid parameters for this tool call.");
+    case -32603: {
+      if (msgLower.includes("multiple accounts connected")) {
+        return makeError(msg);
+      }
+      if (msgLower.includes("not connected")) {
+        return makeError(
+          "The service is not connected. Connect it in the Kojee dashboard."
+        );
+      }
+      if (msgLower.includes("scope") && msgLower.includes("access")) {
+        return makeError(
+          "Token doesn't have access to this tool. Update scopes in the Kojee dashboard."
+        );
+      }
+      if (msgLower.includes("invalid_grant") || msgLower.includes("token refresh failed") || msgLower.includes("re-authorization") || msgLower.includes("reauthorization")) {
+        const serviceMatch = msg.match(
+          /(?:for|connected for)\s+(\w[\w-]*)/i
+        );
+        const service = serviceMatch ? serviceMatch[1] : "service";
+        return makeError(
+          `The ${service} connection needs re-authorization. Ask the user to reconnect it in the Kojee dashboard.`
+        );
+      }
+      return makeError(msg || "An internal error occurred on the gateway.");
+    }
+    case -32600:
+      return makeError(
+        "Unexpected response from gateway. This may be a temporary issue."
+      );
+    case -32e3:
+      return makeError(
+        "Rate limit exceeded. Wait before making more requests."
+      );
+    default:
+      return makeError(msg || "An unknown error occurred.");
+  }
+}
+function translateNetworkError(_error) {
+  return makeError(
+    "Cannot reach Kojee gateway. Check your connection."
+  );
+}
+function translateToolCallResult(result) {
+  if (result._meta?.governance) {
+    return translateGovernanceResult(result);
+  }
+  return result;
+}
+function formatRules(guardrails) {
+  if (!guardrails || guardrails.length === 0) return "unknown";
+  return guardrails.join(", ");
+}
+function makeError(text) {
+  return {
+    content: [{ type: "text", text }],
+    isError: true
+  };
+}
+
+export {
+  translateHttpError,
+  translateJsonRpcError,
+  translateNetworkError,
+  translateToolCallResult
+};

package/dist/chunk-OSKHA5DS.js

@@ -0,0 +1,185 @@
+// src/tandem/webhook-config.ts
+var WEBHOOK_DEFAULT_TIMEOUT_MS = 5e3;
+var WEBHOOK_DEFAULT_MAX_RETRIES = 4;
+var WEBHOOK_DEFAULT_SIGNATURE_HEADER = "X-Kojee-Signature";
+var WEBHOOK_DEFAULT_SIGNATURE_PREFIX = "";
+var WEBHOOK_SIGNATURE_FORMATS = {
+  github: { header: "X-Hub-Signature-256", prefix: "sha256=" }
+};
+function redactUrlUserinfo(rawUrl, parsed) {
+  if (!parsed.username && !parsed.password) return rawUrl;
+  parsed.username = "";
+  parsed.password = "";
+  return parsed.toString();
+}
+function parsePositiveInt(raw, fallback) {
+  if (raw === void 0) return fallback;
+  const n = Number(raw);
+  if (!Number.isFinite(n) || !Number.isInteger(n) || n <= 0) return fallback;
+  return n;
+}
+var HTTP_TOKEN_RE = /^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/;
+var INVALID_HEADER_VALUE_CHAR_RE = /[^\t\x20-\x7e\x80-\xff]/;
+var RESERVED_SINK_HEADERS = [
+  // (1) sink-set on every POST:
+  "content-type",
+  "x-kojee-delivery",
+  // (2) fetch-forbidden / dispatch-validated (Headers construction accepts them):
+  "content-length",
+  "transfer-encoding",
+  "connection",
+  "host",
+  "expect",
+  "keep-alive",
+  "upgrade",
+  "te"
+];
+var DRY_RUN_DIGEST = "0".repeat(64);
+function headerNameRejectionReason(name) {
+  if (!HTTP_TOKEN_RE.test(name)) {
+    return "is not a valid HTTP header name (letters, digits, or !#$%&'*+-.^_`|~ only \u2014 no spaces or colons)";
+  }
+  if (RESERVED_SINK_HEADERS.includes(name.toLowerCase())) {
+    return "collides with a header the sink always sets (Content-Type, X-Kojee-Delivery) or is a connection/framing header the HTTP client validates or controls at send time (Content-Length, Transfer-Encoding, Connection, Host, Expect, Keep-Alive, Upgrade, TE)";
+  }
+  try {
+    void new Headers({ [name]: DRY_RUN_DIGEST });
+  } catch {
+    return "is rejected by the HTTP client when constructing request headers";
+  }
+  return null;
+}
+function prefixRejectionReason(prefix) {
+  const value = prefix + DRY_RUN_DIGEST;
+  if (INVALID_HEADER_VALUE_CHAR_RE.test(value)) {
+    return "contains a character that is illegal in an HTTP header value (legal: tab, printable ASCII, and Latin-1 0x80-0xFF \u2014 no control chars, no DEL, no characters above U+00FF)";
+  }
+  try {
+    void new Headers({ [WEBHOOK_DEFAULT_SIGNATURE_HEADER]: value });
+  } catch {
+    return "is rejected by the HTTP client when constructing request headers";
+  }
+  return null;
+}
+function emissionRejectionReason(header, prefix) {
+  const nameReason = headerNameRejectionReason(header);
+  if (nameReason) return `header "${header}" ${nameReason}`;
+  const prefixReason = prefixRejectionReason(prefix);
+  if (prefixReason) return `prefix ${prefixReason}`;
+  try {
+    void new Headers({
+      "Content-Type": "application/json",
+      [header]: prefix + DRY_RUN_DIGEST,
+      "X-Kojee-Delivery": DRY_RUN_DIGEST
+    });
+  } catch {
+    return "is rejected by the HTTP client when constructing request headers";
+  }
+  return null;
+}
+function resolveSignatureEmission(env) {
+  const warnings = [];
+  let presetHeader;
+  let presetPrefix;
+  const formatRaw = (env["KOJEE_WEBHOOK_SIGNATURE_FORMAT"] ?? "").trim();
+  if (formatRaw) {
+    if (Object.hasOwn(WEBHOOK_SIGNATURE_FORMATS, formatRaw)) {
+      const preset = WEBHOOK_SIGNATURE_FORMATS[formatRaw];
+      presetHeader = preset.header;
+      presetPrefix = preset.prefix;
+    } else {
+      warnings.push(
+        `KOJEE_WEBHOOK_SIGNATURE_FORMAT="${formatRaw}" is not a recognized preset (known: ${Object.keys(WEBHOOK_SIGNATURE_FORMATS).join(", ")}) \u2014 ignored; using defaults / explicit KOJEE_WEBHOOK_SIGNATURE_HEADER/_PREFIX`
+      );
+    }
+  }
+  let headerOverride = (env["KOJEE_WEBHOOK_SIGNATURE_HEADER"] ?? "").trim();
+  if (headerOverride) {
+    const reason = headerNameRejectionReason(headerOverride);
+    if (reason) {
+      const fallback = presetHeader ?? WEBHOOK_DEFAULT_SIGNATURE_HEADER;
+      warnings.push(
+        `KOJEE_WEBHOOK_SIGNATURE_HEADER="${headerOverride}" ${reason} \u2014 ignored; using ${fallback}. An unsendable name would make EVERY delivery attempt fail at send time (or send the webhook unsigned)`
+      );
+      headerOverride = "";
+    }
+  }
+  let prefixOverride = env["KOJEE_WEBHOOK_SIGNATURE_PREFIX"];
+  if (prefixOverride !== void 0) {
+    const reason = prefixRejectionReason(prefixOverride);
+    if (reason) {
+      const fallback = presetPrefix ?? WEBHOOK_DEFAULT_SIGNATURE_PREFIX;
+      warnings.push(
+        `KOJEE_WEBHOOK_SIGNATURE_PREFIX ${reason} \u2014 ignored; using ${fallback || "(none)"}. An unsendable value would make EVERY delivery attempt fail at send time`
+      );
+      prefixOverride = void 0;
+    }
+  }
+  let header = headerOverride || presetHeader || WEBHOOK_DEFAULT_SIGNATURE_HEADER;
+  let prefix = prefixOverride !== void 0 ? prefixOverride : presetPrefix ?? WEBHOOK_DEFAULT_SIGNATURE_PREFIX;
+  const finalReason = emissionRejectionReason(header, prefix);
+  if (finalReason) {
+    warnings.push(
+      `resolved signature emission ${finalReason} \u2014 using the 0.5.2 defaults (${WEBHOOK_DEFAULT_SIGNATURE_HEADER}, bare hex digest). Check KOJEE_WEBHOOK_SIGNATURE_FORMAT/_HEADER/_PREFIX`
+    );
+    header = WEBHOOK_DEFAULT_SIGNATURE_HEADER;
+    prefix = WEBHOOK_DEFAULT_SIGNATURE_PREFIX;
+  }
+  return { header, prefix, warnings };
+}
+function resolveWebhookConfig(env = process.env) {
+  const url = (env["KOJEE_WEBHOOK_URL"] ?? "").trim();
+  if (!url) {
+    return { enabled: false, config: null };
+  }
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    return {
+      enabled: false,
+      config: null,
+      error: `KOJEE_WEBHOOK_URL is not a valid URL \u2014 webhook sink DISABLED`
+    };
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    return {
+      enabled: false,
+      config: null,
+      error: `KOJEE_WEBHOOK_URL must be http(s) (got ${parsed.protocol}) \u2014 webhook sink DISABLED`
+    };
+  }
+  const secret = (env["KOJEE_WEBHOOK_SECRET"] ?? "").trim();
+  if (!secret) {
+    return {
+      enabled: false,
+      config: null,
+      error: "KOJEE_WEBHOOK_URL is set but KOJEE_WEBHOOK_SECRET is missing \u2014 webhook sink DISABLED (the proxy NEVER sends unsigned webhooks)"
+    };
+  }
+  const timeoutMs = parsePositiveInt(env["KOJEE_WEBHOOK_TIMEOUT_MS"], WEBHOOK_DEFAULT_TIMEOUT_MS);
+  const maxRetries = parsePositiveInt(env["KOJEE_WEBHOOK_MAX_RETRIES"], WEBHOOK_DEFAULT_MAX_RETRIES);
+  const emission = resolveSignatureEmission(env);
+  const warning = emission.warnings.length > 0 ? emission.warnings.join("; ") : void 0;
+  const signatureHeader = emission.header;
+  const signaturePrefix = emission.prefix;
+  const safeUrl = redactUrlUserinfo(url, parsed);
+  const sigSummary = signatureHeader !== WEBHOOK_DEFAULT_SIGNATURE_HEADER || signaturePrefix !== WEBHOOK_DEFAULT_SIGNATURE_PREFIX ? ` signatureHeader=${signatureHeader} signaturePrefix=${signaturePrefix || "(none)"}` : "";
+  const redactedSummary = `url=${safeUrl} secret=<redacted> timeoutMs=${timeoutMs} maxRetries=${maxRetries}${sigSummary}`;
+  return {
+    enabled: true,
+    config: { url, secret, timeoutMs, maxRetries, signatureHeader, signaturePrefix, redactedSummary },
+    ...warning !== void 0 ? { warning } : {}
+  };
+}
+
+export {
+  WEBHOOK_DEFAULT_TIMEOUT_MS,
+  WEBHOOK_DEFAULT_MAX_RETRIES,
+  WEBHOOK_DEFAULT_SIGNATURE_HEADER,
+  WEBHOOK_DEFAULT_SIGNATURE_PREFIX,
+  WEBHOOK_SIGNATURE_FORMATS,
+  emissionRejectionReason,
+  resolveSignatureEmission,
+  resolveWebhookConfig
+};

package/dist/{chunk-C6GZ2L2W.js → chunk-X672ZN7V.js}

@@ -19,8 +19,11 @@ function buildMonitorNudge(logPath) {
   return `[kojee] Tandem events are being logged but no Monitor is reading them \u2014 you may be missing wake notifications. Spawn the watcher once: ${buildMonitorSpawn(logPath)}. Then ${buildReplyRecipe()}.`;
 }
 var WEBHOOK_BODY_SHAPE = "{ type, id, tandem_id, cursor, time, from{ member_id, principal, agent_id?, session_id?, displayname }, kind, content{ body, format? }, mentions?, reply_to?, severity? }";
-function buildWebhookReceiverNote() {
-  return "Webhook sink (optional, OFF unless KOJEE_WEBHOOK_URL + KOJEE_WEBHOOK_SECRET are set): the proxy POSTs every Tandem event as JSON to your endpoint. The body is the canonical normalized TandemEvent \u2014 " + WEBHOOK_BODY_SHAPE + " \u2014 where from.session_id and severity are present only when the wire carried them (the body is fully normalized: it carries from.principal, never the raw backend sender envelope). To build a receiver: (1) verify the X-Kojee-Signature header \u2014 it is the hex-encoded SHA-256 HMAC of the RAW request body bytes keyed by your KOJEE_WEBHOOK_SECRET; recompute over the received bytes and timing-safe compare, reject mismatches. (2) Dedupe by message_id \u2014 the body's `id`, also in the X-Kojee-Delivery header: delivery is AT-LEAST-ONCE (the proxy replays backlog from the cursor on restart), so the same event may arrive more than once \u2014 there is no exactly-once promise.";
+function buildWebhookReceiverNote(sig) {
+  const header = sig?.header ?? "X-Kojee-Signature";
+  const prefix = sig?.prefix ?? "";
+  const digestDesc = prefix ? `the literal prefix \`${prefix}\` followed by the hex-encoded SHA-256 HMAC` : "the hex-encoded SHA-256 HMAC";
+  return "Webhook sink (optional, OFF unless KOJEE_WEBHOOK_URL + KOJEE_WEBHOOK_SECRET are set): the proxy POSTs every Tandem event as JSON to your endpoint. The body is the canonical normalized TandemEvent \u2014 " + WEBHOOK_BODY_SHAPE + ` \u2014 where from.session_id and severity are present only when the wire carried them (the body is fully normalized: it carries from.principal, never the raw backend sender envelope). To build a receiver: (1) verify the ${header} header \u2014 it is ${digestDesc} of the RAW request body bytes keyed by your KOJEE_WEBHOOK_SECRET; recompute over the received bytes and timing-safe compare, reject mismatches. (2) Dedupe by message_id \u2014 the body's \`id\`, also in the X-Kojee-Delivery header: delivery is AT-LEAST-ONCE (the proxy replays backlog from the cursor on restart), so the same event may arrive more than once \u2014 there is no exactly-once promise.`;
 }
 var CODEX_LISTEN_CAP_MS = 8e3;
 function buildCodexWakeReason(cursor) {

package/dist/{chunk-WBMX4CHB.js → chunk-YVUXQ4Z2.js}

@@ -1,33 +1,7 @@
-// src/auth/dpop.ts
-import { SignJWT, base64url } from "jose";
-import crypto from "crypto";
-async function createDPoPProof(privateKey, kid, method, url, nonce, accessToken) {
-  const payload = {
-    htm: method,
-    htu: url,
-    jti: crypto.randomUUID()
-  };
-  if (nonce) {
-    payload.nonce = nonce;
-  }
-  if (accessToken) {
-    payload.ath = computeAth(accessToken);
-  }
-  const header = {
-    typ: "dpop+jwt",
-    alg: "ES256",
-    jwk: { kid }
-  };
-  return new SignJWT(payload).setProtectedHeader(header).setIssuedAt().sign(privateKey);
-}
-function computeAth(accessToken) {
-  const hash = crypto.createHash("sha256").update(accessToken).digest();
-  return base64url.encode(hash);
-}
-
-// src/tandem/session-id.ts
-import { ulid } from "ulidx";
-var MCP_SESSION_ID = ulid();
+import {
+  MCP_SESSION_ID,
+  createDPoPProof
+} from "./chunk-2MIISF2W.js";
 
 // src/tandem/event-stream.ts
 var STALE_FLOOR_MS = 9e4;
@@ -371,8 +345,6 @@ function normalizeBackendEvent(raw, sseEventType) {
 }
 
 export {
-  createDPoPProof,
-  MCP_SESSION_ID,
   createAdaptiveWatchdog,
   startEventStream
 };

package/dist/cli.js

@@ -8,10 +8,13 @@ import {
   AuthModule,
   VERSION,
   startProxy
-} from "./chunk-YEC7IHIG.js";
+} from "./chunk-62KH6VNQ.js";
+import "./chunk-YVUXQ4Z2.js";
 import "./chunk-BJMASMKX.js";
-import "./chunk-C6GZ2L2W.js";
-import "./chunk-WBMX4CHB.js";
+import "./chunk-X672ZN7V.js";
+import "./chunk-36L3GCU3.js";
+import "./chunk-2MIISF2W.js";
+import "./chunk-LDZXU3DW.js";
 import "./chunk-BLEGIR35.js";
 
 // src/cli.ts
@@ -85,7 +88,7 @@ program.command("pair <code>").description("Pair this machine against Kojee usin
 });
 program.command("hook").description("Run a kojee MCP hook script (called by Claude Code via ~/.claude/settings.json)").requiredOption("--type <type>", "Hook type: stop, user-prompt-submit, or codex-stop").action(async (opts) => {
   if (opts.type === "stop") {
-    const { runStopHook } = await import("./stop-hook-SEPWWETV.js");
+    const { runStopHook } = await import("./stop-hook-GO363SMD.js");
     await runStopHook();
     process.exit(0);
   } else if (opts.type === "user-prompt-submit") {
@@ -93,7 +96,7 @@ program.command("hook").description("Run a kojee MCP hook script (called by Clau
     await runUserPromptSubmitHook();
     process.exit(0);
   } else if (opts.type === "codex-stop") {
-    const { runCodexStopHook } = await import("./codex-stop-hook-JOTBCS5K.js");
+    const { runCodexStopHook } = await import("./codex-stop-hook-SWA53ECG.js");
     await runCodexStopHook();
     process.exit(0);
   } else {
@@ -116,8 +119,21 @@ Restart Claude Code for hooks to take effect.`
     );
   }
 });
+program.command("send <tandem_id>").description(
+  "Send a Tandem message using this machine's paired credentials (~/.kojee). Prints one JSON envelope to stdout: {ok, message_id, cursor, text} on success, {ok:false, error:<typed code>, message} on failure (exit 1)."
+).requiredOption("--body <text>", "Message body (required)").option("--reply-to <message_id>", "Message id this send replies to").option("--kind <kind>", "Message kind: message | status (default: backend default)").action(async (tandemId, opts) => {
+  const { runSendCli } = await import("./send-cli-7QJ36YY7.js");
+  const { exitCode, envelope } = await runSendCli({
+    tandemId,
+    body: opts.body,
+    ...opts.replyTo !== void 0 ? { replyTo: opts.replyTo } : {},
+    ...opts.kind !== void 0 ? { kind: opts.kind } : {}
+  });
+  process.stdout.write(JSON.stringify(envelope) + "\n");
+  process.exit(exitCode);
+});
 program.command("tail <path>").description("Stream a file's contents and follow appends (portable replacement for `tail -F`)").action(async (filePath) => {
-  const { runTail } = await import("./tail-stream-BYKO4DW6.js");
+  const { runTail } = await import("./tail-stream-U436QL2X.js");
   try {
     await runTail(filePath);
   } catch (err) {
@@ -126,19 +142,28 @@ program.command("tail <path>").description("Stream a file's contents and follow
   }
 });
 program.command("doctor").description("Diagnose the kojee wake path (proxy, hook-server, SSE stream, event log, Monitor) and print the exact wake recipe").action(async () => {
-  const { runDoctor } = await import("./doctor-TSHOMT5X.js");
+  const { runDoctor } = await import("./doctor-TXWMMSRC.js");
   const code = await runDoctor();
   process.exit(code);
 });
 program.command("init").description(
   "Set up kojee for a runtime (claude-code | hermes | openclaw | codex). Interactive when stdin is a TTY; `--runtime <id>` for non-interactive/CI. Run after `kojee-mcp pair`."
-).option("--runtime <id>", "Target runtime: claude-code | hermes | openclaw | codex").option("--config-path <path>", "Override the runtime's MCP-config path").option("--hooks-path <path>", "Override the runtime's hooks-file path").option("--webhook-url <url>", "Webhook receiver URL (codex/hermes/openclaw)").option("--webhook-secret <secret>", "Webhook HMAC secret (generated if omitted)").option("--uninstall", "Remove the kojee config for the chosen (or recorded) runtime").action(async (opts) => {
+).option("--runtime <id>", "Target runtime: claude-code | hermes | openclaw | codex").option("--config-path <path>", "Override the runtime's MCP-config path").option("--hooks-path <path>", "Override the runtime's hooks-file path").option("--webhook-url <url>", "Webhook receiver URL (codex/hermes/openclaw)").option("--webhook-secret <secret>", "Webhook HMAC secret (generated if omitted)").option(
+  "--webhook-signature-format <preset>",
+  'Signature preset: "github" = header X-Hub-Signature-256, value sha256=<hex> (default: bare hex in X-Kojee-Signature)'
+).option(
+  "--webhook-signature-header <name>",
+  "Signature header name (default X-Kojee-Signature; overrides the preset's header)"
+).option(
+  "--webhook-signature-prefix <prefix>",
+  "Literal string prepended to the hex digest (default empty; overrides the preset's prefix)"
+).option("--uninstall", "Remove the kojee config for the chosen (or recorded) runtime").action(async (opts) => {
   const { loadPairedConfig: loadPairedConfig2 } = await import("./paired-config-JTFLHMZ2.js");
   if (loadPairedConfig2() === null && !opts.uninstall) {
     console.error("Not paired. Run `kojee-mcp pair <code> --url <broker>` first, then re-run `init`.");
     process.exit(1);
   }
-  const { runWizard } = await import("./wizard-7KHD5JT4.js");
+  const { runWizard } = await import("./wizard-Z5JA3YPV.js");
   const interactive = process.stdin.isTTY === true && opts.runtime === void 0;
   const result = await runWizard({
     ...opts.runtime !== void 0 ? { runtime: opts.runtime } : {},
@@ -147,6 +172,9 @@ program.command("init").description(
     ...opts.hooksPath ? { hooksPath: opts.hooksPath } : {},
     ...opts.webhookUrl ? { webhookUrl: opts.webhookUrl } : {},
     ...opts.webhookSecret ? { webhookSecret: opts.webhookSecret } : {},
+    ...opts.webhookSignatureFormat ? { webhookSignatureFormat: opts.webhookSignatureFormat } : {},
+    ...opts.webhookSignatureHeader ? { webhookSignatureHeader: opts.webhookSignatureHeader } : {},
+    ...opts.webhookSignaturePrefix !== void 0 ? { webhookSignaturePrefix: opts.webhookSignaturePrefix } : {},
     interactive,
     ...interactive ? { promptRuntime: promptRuntimeFromTty } : {}
   });

package/dist/{codex-stop-hook-JOTBCS5K.js → codex-stop-hook-SWA53ECG.js}

@@ -3,7 +3,7 @@ import {
 } from "./chunk-LSUB6QMP.js";
 import {
   buildCodexWakeReason
-} from "./chunk-C6GZ2L2W.js";
+} from "./chunk-X672ZN7V.js";
 
 // src/hooks/codex-stop-hook.ts
 import fs from "fs";