kojee-mcp 0.5.3 → 0.5.6

package/dist/chunk-LDZXU3DW.js

@@ -0,0 +1,170 @@
+// src/error-translator.ts
+function translateGovernanceResult(result) {
+  const governance = result._meta?.governance;
+  if (!governance) return result;
+  if (governance.decision === "deny") {
+    return formatDenied(governance);
+  }
+  if (governance.decision === "require_approval") {
+    return formatApprovalRequired(governance);
+  }
+  return result;
+}
+function formatApprovalRequired(governance) {
+  const rules = formatRules(governance.triggered_guardrails);
+  const text = `APPROVAL REQUIRED: This action needs user approval before executing. Approval ID: ${governance.approval_id}. Expires: ${governance.expires_at ?? "unknown"}. Triggered rules: ${rules}. The user has been notified. Call kojee_check_approval with this approval_id to check the status.`;
+  return {
+    content: [{ type: "text", text }],
+    isError: true
+  };
+}
+function formatDenied(governance) {
+  const rules = formatRules(governance.triggered_guardrails);
+  const text = `DENIED: This action was blocked by governance policy. Triggered rules: ${rules}. This cannot proceed \u2014 modify your request or ask the user to adjust governance rules.`;
+  return {
+    content: [{ type: "text", text }],
+    isError: true
+  };
+}
+function translateHttpError(status, errorCode, trigger) {
+  if (status === 401) {
+    if (errorCode === "use_dpop_nonce") {
+      return null;
+    }
+    if (errorCode === "invalid_dpop_proof") {
+      return makeError(
+        "Authentication failed. The proxy will attempt to re-enroll. If this persists, regenerate your gateway token."
+      );
+    }
+    if (errorCode === "key_enrollment_required") {
+      return null;
+    }
+    return makeError(
+      "Gateway token is invalid or expired. Generate a new one."
+    );
+  }
+  if (status === 403 && errorCode === "step_up_required") {
+    const reason = trigger ? ` (reason: ${trigger})` : "";
+    return makeError(
+      `Device re-authorization required${reason}. This action can't proceed until the user re-authorizes this device in the Kojee dashboard.`
+    );
+  }
+  if (status === 429) {
+    return makeError(
+      "Rate limit exceeded. Wait before making more requests."
+    );
+  }
+  if (status >= 500) {
+    return makeError(
+      "Kojee gateway encountered an error. Try again."
+    );
+  }
+  return null;
+}
+var TANDEM_ERROR_MESSAGES = {
+  [-32003]: () => "This Tandem is hardened to owner-only membership; you can't join.",
+  [-32004]: () => "You aren't a member of that Tandem. Use tandem_join(join_link) first.",
+  [-32006]: (data) => {
+    const retry = data?.["retry_after_seconds"] ?? "a moment";
+    return `Rate limit hit on this Tandem. Retry after ${retry} seconds.`;
+  },
+  [-32007]: (data) => {
+    const rule = data?.["rule"] ?? "policy";
+    return `Message rejected by Tandem policy (${rule}).`;
+  },
+  [-32011]: (data) => {
+    const id = data?.["tandem_id"] ?? "unknown";
+    return `Tandem ${id} doesn't exist or isn't visible to you.`;
+  },
+  [-32015]: (data) => {
+    const candidates = data?.["candidates"] ?? [];
+    return `An @-mention matched multiple members and is ambiguous. Retry with explicit mentions[]. Candidates: ${candidates.join(", ")}.`;
+  }
+};
+function translateJsonRpcError(error) {
+  const msg = error.message ?? "";
+  const msgLower = msg.toLowerCase();
+  const tandemMessage = TANDEM_ERROR_MESSAGES[error.code];
+  if (tandemMessage) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: tandemMessage(error.data)
+        }
+      ],
+      isError: true
+    };
+  }
+  switch (error.code) {
+    case -32601:
+      return makeError(
+        `Tool not available. It may have been removed or is not connected. Check your connected services in the Kojee dashboard.`
+      );
+    case -32602:
+      return makeError(msg || "Invalid parameters for this tool call.");
+    case -32603: {
+      if (msgLower.includes("multiple accounts connected")) {
+        return makeError(msg);
+      }
+      if (msgLower.includes("not connected")) {
+        return makeError(
+          "The service is not connected. Connect it in the Kojee dashboard."
+        );
+      }
+      if (msgLower.includes("scope") && msgLower.includes("access")) {
+        return makeError(
+          "Token doesn't have access to this tool. Update scopes in the Kojee dashboard."
+        );
+      }
+      if (msgLower.includes("invalid_grant") || msgLower.includes("token refresh failed") || msgLower.includes("re-authorization") || msgLower.includes("reauthorization")) {
+        const serviceMatch = msg.match(
+          /(?:for|connected for)\s+(\w[\w-]*)/i
+        );
+        const service = serviceMatch ? serviceMatch[1] : "service";
+        return makeError(
+          `The ${service} connection needs re-authorization. Ask the user to reconnect it in the Kojee dashboard.`
+        );
+      }
+      return makeError(msg || "An internal error occurred on the gateway.");
+    }
+    case -32600:
+      return makeError(
+        "Unexpected response from gateway. This may be a temporary issue."
+      );
+    case -32e3:
+      return makeError(
+        "Rate limit exceeded. Wait before making more requests."
+      );
+    default:
+      return makeError(msg || "An unknown error occurred.");
+  }
+}
+function translateNetworkError(_error) {
+  return makeError(
+    "Cannot reach Kojee gateway. Check your connection."
+  );
+}
+function translateToolCallResult(result) {
+  if (result._meta?.governance) {
+    return translateGovernanceResult(result);
+  }
+  return result;
+}
+function formatRules(guardrails) {
+  if (!guardrails || guardrails.length === 0) return "unknown";
+  return guardrails.join(", ");
+}
+function makeError(text) {
+  return {
+    content: [{ type: "text", text }],
+    isError: true
+  };
+}
+
+export {
+  translateHttpError,
+  translateJsonRpcError,
+  translateNetworkError,
+  translateToolCallResult
+};

package/dist/{resubscribe-SLZNA76S.js → chunk-OT2GILXC.js}

@@ -54,6 +54,7 @@ async function resubscribeMemberships(opts) {
   });
   return touched;
 }
+
 export {
   resubscribeMemberships
 };

package/dist/{chunk-WBMX4CHB.js → chunk-UEGQGXPY.js}

@@ -1,33 +1,7 @@
-// src/auth/dpop.ts
-import { SignJWT, base64url } from "jose";
-import crypto from "crypto";
-async function createDPoPProof(privateKey, kid, method, url, nonce, accessToken) {
-  const payload = {
-    htm: method,
-    htu: url,
-    jti: crypto.randomUUID()
-  };
-  if (nonce) {
-    payload.nonce = nonce;
-  }
-  if (accessToken) {
-    payload.ath = computeAth(accessToken);
-  }
-  const header = {
-    typ: "dpop+jwt",
-    alg: "ES256",
-    jwk: { kid }
-  };
-  return new SignJWT(payload).setProtectedHeader(header).setIssuedAt().sign(privateKey);
-}
-function computeAth(accessToken) {
-  const hash = crypto.createHash("sha256").update(accessToken).digest();
-  return base64url.encode(hash);
-}
-
-// src/tandem/session-id.ts
-import { ulid } from "ulidx";
-var MCP_SESSION_ID = ulid();
+import {
+  MCP_SESSION_ID,
+  createDPoPProof
+} from "./chunk-2MIISF2W.js";
 
 // src/tandem/event-stream.ts
 var STALE_FLOOR_MS = 9e4;
@@ -151,6 +125,13 @@ async function startEventStream(opts) {
     state.connected = false;
     currentController.abort();
   });
+  handle.reconnect = () => {
+    if (stopped) return;
+    console.error(
+      "[event-stream] reconnect requested (membership change) \u2014 closing current connection"
+    );
+    currentController.abort();
+  };
   handle.getState = () => ({
     connected: state.connected,
     connectedSince: state.connectedSince,
@@ -324,26 +305,62 @@ function sleep(ms) {
   return new Promise((r) => setTimeout(r, ms));
 }
 var MAX_DISPLAYNAME_CHARS = 64;
+var MAX_COMBINING_RUN = 4;
+var STRIP_CATEGORIES_RE = /[\p{Cc}\p{Cf}\p{Cs}\p{Co}\p{Cn}]/u;
+var INVISIBLE_MARKS_RE = /[\u034f\ufe00-\ufe0f\u{e0100}-\u{e01ef}]/u;
+var COMBINING_MARK_RE = /\p{Mn}/u;
 function sanitizeDisplayname(name) {
-  return name.replace(/[\x00-\x1f\x7f]+/g, " ").replace(/\s+/g, " ").trim().slice(0, MAX_DISPLAYNAME_CHARS);
+  const normalized = name.normalize("NFC");
+  let kept = "";
+  let combiningRun = 0;
+  for (const ch of normalized) {
+    if (STRIP_CATEGORIES_RE.test(ch) || INVISIBLE_MARKS_RE.test(ch)) continue;
+    if (COMBINING_MARK_RE.test(ch)) {
+      combiningRun += 1;
+      if (combiningRun > MAX_COMBINING_RUN) continue;
+    } else {
+      combiningRun = 0;
+    }
+    kept += ch;
+  }
+  const collapsed = kept.split(/\s+/).filter(Boolean).join(" ");
+  let capped = "";
+  for (const ch of collapsed) {
+    if (capped.length + ch.length > MAX_DISPLAYNAME_CHARS) break;
+    capped += ch;
+  }
+  return capped.trimEnd();
+}
+function resolveDisplayname(rawDisplay, principal) {
+  const trimmedDisplay = typeof rawDisplay === "string" ? rawDisplay.trim() : "";
+  const safeDisplay = trimmedDisplay ? sanitizeDisplayname(trimmedDisplay) : "";
+  if (safeDisplay) return safeDisplay;
+  if (!principal) return "unknown";
+  return `principal:${Array.from(principal).slice(0, 8).join("")}`;
 }
 function normalizeBackendEvent(raw, sseEventType) {
   const obj = raw ?? {};
   const maybeFrom = obj["from"];
   if (maybeFrom && typeof maybeFrom["principal"] === "string") {
-    return raw;
+    const canonical = raw;
+    const canonicalPrincipal = sanitizeDisplayname(maybeFrom["principal"]);
+    return {
+      ...canonical,
+      from: {
+        ...canonical.from,
+        principal: canonicalPrincipal,
+        displayname: resolveDisplayname(maybeFrom["displayname"], canonicalPrincipal)
+      }
+    };
   }
   const sender = obj["sender"] ?? {};
-  const principal = sender["principal_id"] ?? "";
+  const principal = sanitizeDisplayname(sender["principal_id"] ?? "");
   const agentId = sender["agent_id"];
   const rawSessionId = sender["session_id"];
   const sessionId = typeof rawSessionId === "string" && rawSessionId.trim() ? rawSessionId : void 0;
   const rawSeverity = obj["severity"];
   const severity = typeof rawSeverity === "string" && rawSeverity.trim() ? rawSeverity : void 0;
-  const rawDisplay = sender["display"];
-  const trimmedDisplay = typeof rawDisplay === "string" ? rawDisplay.trim() : "";
-  const safeDisplay = trimmedDisplay ? sanitizeDisplayname(trimmedDisplay) : "";
-  const displayname = safeDisplay ? safeDisplay : principal ? `principal:${principal.slice(0, 8)}` : "unknown";
+  const displayname = resolveDisplayname(sender["display"], principal);
   const type = sseEventType === "state_change" ? "state_change" : "message";
   const kind = obj["kind"] ?? "message";
   return {
@@ -371,8 +388,8 @@ function normalizeBackendEvent(raw, sseEventType) {
 }
 
 export {
-  createDPoPProof,
-  MCP_SESSION_ID,
   createAdaptiveWatchdog,
-  startEventStream
+  startEventStream,
+  sanitizeDisplayname,
+  normalizeBackendEvent
 };

package/dist/chunk-V5VZPYMZ.js

@@ -0,0 +1,185 @@
+// src/tandem/webhook-config.ts
+var WEBHOOK_DEFAULT_TIMEOUT_MS = 3e4;
+var WEBHOOK_DEFAULT_MAX_RETRIES = 2;
+var WEBHOOK_DEFAULT_SIGNATURE_HEADER = "X-Kojee-Signature";
+var WEBHOOK_DEFAULT_SIGNATURE_PREFIX = "";
+var WEBHOOK_SIGNATURE_FORMATS = {
+  github: { header: "X-Hub-Signature-256", prefix: "sha256=" }
+};
+function redactUrlUserinfo(rawUrl, parsed) {
+  if (!parsed.username && !parsed.password) return rawUrl;
+  parsed.username = "";
+  parsed.password = "";
+  return parsed.toString();
+}
+function parsePositiveInt(raw, fallback) {
+  if (raw === void 0) return fallback;
+  const n = Number(raw);
+  if (!Number.isFinite(n) || !Number.isInteger(n) || n <= 0) return fallback;
+  return n;
+}
+var HTTP_TOKEN_RE = /^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/;
+var INVALID_HEADER_VALUE_CHAR_RE = /[^\t\x20-\x7e\x80-\xff]/;
+var RESERVED_SINK_HEADERS = [
+  // (1) sink-set on every POST:
+  "content-type",
+  "x-kojee-delivery",
+  // (2) fetch-forbidden / dispatch-validated (Headers construction accepts them):
+  "content-length",
+  "transfer-encoding",
+  "connection",
+  "host",
+  "expect",
+  "keep-alive",
+  "upgrade",
+  "te"
+];
+var DRY_RUN_DIGEST = "0".repeat(64);
+function headerNameRejectionReason(name) {
+  if (!HTTP_TOKEN_RE.test(name)) {
+    return "is not a valid HTTP header name (letters, digits, or !#$%&'*+-.^_`|~ only \u2014 no spaces or colons)";
+  }
+  if (RESERVED_SINK_HEADERS.includes(name.toLowerCase())) {
+    return "collides with a header the sink always sets (Content-Type, X-Kojee-Delivery) or is a connection/framing header the HTTP client validates or controls at send time (Content-Length, Transfer-Encoding, Connection, Host, Expect, Keep-Alive, Upgrade, TE)";
+  }
+  try {
+    void new Headers({ [name]: DRY_RUN_DIGEST });
+  } catch {
+    return "is rejected by the HTTP client when constructing request headers";
+  }
+  return null;
+}
+function prefixRejectionReason(prefix) {
+  const value = prefix + DRY_RUN_DIGEST;
+  if (INVALID_HEADER_VALUE_CHAR_RE.test(value)) {
+    return "contains a character that is illegal in an HTTP header value (legal: tab, printable ASCII, and Latin-1 0x80-0xFF \u2014 no control chars, no DEL, no characters above U+00FF)";
+  }
+  try {
+    void new Headers({ [WEBHOOK_DEFAULT_SIGNATURE_HEADER]: value });
+  } catch {
+    return "is rejected by the HTTP client when constructing request headers";
+  }
+  return null;
+}
+function emissionRejectionReason(header, prefix) {
+  const nameReason = headerNameRejectionReason(header);
+  if (nameReason) return `header "${header}" ${nameReason}`;
+  const prefixReason = prefixRejectionReason(prefix);
+  if (prefixReason) return `prefix ${prefixReason}`;
+  try {
+    void new Headers({
+      "Content-Type": "application/json",
+      [header]: prefix + DRY_RUN_DIGEST,
+      "X-Kojee-Delivery": DRY_RUN_DIGEST
+    });
+  } catch {
+    return "is rejected by the HTTP client when constructing request headers";
+  }
+  return null;
+}
+function resolveSignatureEmission(env) {
+  const warnings = [];
+  let presetHeader;
+  let presetPrefix;
+  const formatRaw = (env["KOJEE_WEBHOOK_SIGNATURE_FORMAT"] ?? "").trim();
+  if (formatRaw) {
+    if (Object.hasOwn(WEBHOOK_SIGNATURE_FORMATS, formatRaw)) {
+      const preset = WEBHOOK_SIGNATURE_FORMATS[formatRaw];
+      presetHeader = preset.header;
+      presetPrefix = preset.prefix;
+    } else {
+      warnings.push(
+        `KOJEE_WEBHOOK_SIGNATURE_FORMAT="${formatRaw}" is not a recognized preset (known: ${Object.keys(WEBHOOK_SIGNATURE_FORMATS).join(", ")}) \u2014 ignored; using defaults / explicit KOJEE_WEBHOOK_SIGNATURE_HEADER/_PREFIX`
+      );
+    }
+  }
+  let headerOverride = (env["KOJEE_WEBHOOK_SIGNATURE_HEADER"] ?? "").trim();
+  if (headerOverride) {
+    const reason = headerNameRejectionReason(headerOverride);
+    if (reason) {
+      const fallback = presetHeader ?? WEBHOOK_DEFAULT_SIGNATURE_HEADER;
+      warnings.push(
+        `KOJEE_WEBHOOK_SIGNATURE_HEADER="${headerOverride}" ${reason} \u2014 ignored; using ${fallback}. An unsendable name would make EVERY delivery attempt fail at send time (or send the webhook unsigned)`
+      );
+      headerOverride = "";
+    }
+  }
+  let prefixOverride = env["KOJEE_WEBHOOK_SIGNATURE_PREFIX"];
+  if (prefixOverride !== void 0) {
+    const reason = prefixRejectionReason(prefixOverride);
+    if (reason) {
+      const fallback = presetPrefix ?? WEBHOOK_DEFAULT_SIGNATURE_PREFIX;
+      warnings.push(
+        `KOJEE_WEBHOOK_SIGNATURE_PREFIX ${reason} \u2014 ignored; using ${fallback || "(none)"}. An unsendable value would make EVERY delivery attempt fail at send time`
+      );
+      prefixOverride = void 0;
+    }
+  }
+  let header = headerOverride || presetHeader || WEBHOOK_DEFAULT_SIGNATURE_HEADER;
+  let prefix = prefixOverride !== void 0 ? prefixOverride : presetPrefix ?? WEBHOOK_DEFAULT_SIGNATURE_PREFIX;
+  const finalReason = emissionRejectionReason(header, prefix);
+  if (finalReason) {
+    warnings.push(
+      `resolved signature emission ${finalReason} \u2014 using the 0.5.2 defaults (${WEBHOOK_DEFAULT_SIGNATURE_HEADER}, bare hex digest). Check KOJEE_WEBHOOK_SIGNATURE_FORMAT/_HEADER/_PREFIX`
+    );
+    header = WEBHOOK_DEFAULT_SIGNATURE_HEADER;
+    prefix = WEBHOOK_DEFAULT_SIGNATURE_PREFIX;
+  }
+  return { header, prefix, warnings };
+}
+function resolveWebhookConfig(env = process.env) {
+  const url = (env["KOJEE_WEBHOOK_URL"] ?? "").trim();
+  if (!url) {
+    return { enabled: false, config: null };
+  }
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    return {
+      enabled: false,
+      config: null,
+      error: `KOJEE_WEBHOOK_URL is not a valid URL \u2014 webhook sink DISABLED`
+    };
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    return {
+      enabled: false,
+      config: null,
+      error: `KOJEE_WEBHOOK_URL must be http(s) (got ${parsed.protocol}) \u2014 webhook sink DISABLED`
+    };
+  }
+  const secret = (env["KOJEE_WEBHOOK_SECRET"] ?? "").trim();
+  if (!secret) {
+    return {
+      enabled: false,
+      config: null,
+      error: "KOJEE_WEBHOOK_URL is set but KOJEE_WEBHOOK_SECRET is missing \u2014 webhook sink DISABLED (the proxy NEVER sends unsigned webhooks)"
+    };
+  }
+  const timeoutMs = parsePositiveInt(env["KOJEE_WEBHOOK_TIMEOUT_MS"], WEBHOOK_DEFAULT_TIMEOUT_MS);
+  const maxRetries = parsePositiveInt(env["KOJEE_WEBHOOK_MAX_RETRIES"], WEBHOOK_DEFAULT_MAX_RETRIES);
+  const emission = resolveSignatureEmission(env);
+  const warning = emission.warnings.length > 0 ? emission.warnings.join("; ") : void 0;
+  const signatureHeader = emission.header;
+  const signaturePrefix = emission.prefix;
+  const safeUrl = redactUrlUserinfo(url, parsed);
+  const sigSummary = signatureHeader !== WEBHOOK_DEFAULT_SIGNATURE_HEADER || signaturePrefix !== WEBHOOK_DEFAULT_SIGNATURE_PREFIX ? ` signatureHeader=${signatureHeader} signaturePrefix=${signaturePrefix || "(none)"}` : "";
+  const redactedSummary = `url=${safeUrl} secret=<redacted> timeoutMs=${timeoutMs} maxRetries=${maxRetries}${sigSummary}`;
+  return {
+    enabled: true,
+    config: { url, secret, timeoutMs, maxRetries, signatureHeader, signaturePrefix, redactedSummary },
+    ...warning !== void 0 ? { warning } : {}
+  };
+}
+
+export {
+  WEBHOOK_DEFAULT_TIMEOUT_MS,
+  WEBHOOK_DEFAULT_MAX_RETRIES,
+  WEBHOOK_DEFAULT_SIGNATURE_HEADER,
+  WEBHOOK_DEFAULT_SIGNATURE_PREFIX,
+  WEBHOOK_SIGNATURE_FORMATS,
+  emissionRejectionReason,
+  resolveSignatureEmission,
+  resolveWebhookConfig
+};

package/dist/{chunk-C6GZ2L2W.js → chunk-X672ZN7V.js}

@@ -19,8 +19,11 @@ function buildMonitorNudge(logPath) {
   return `[kojee] Tandem events are being logged but no Monitor is reading them \u2014 you may be missing wake notifications. Spawn the watcher once: ${buildMonitorSpawn(logPath)}. Then ${buildReplyRecipe()}.`;
 }
 var WEBHOOK_BODY_SHAPE = "{ type, id, tandem_id, cursor, time, from{ member_id, principal, agent_id?, session_id?, displayname }, kind, content{ body, format? }, mentions?, reply_to?, severity? }";
-function buildWebhookReceiverNote() {
-  return "Webhook sink (optional, OFF unless KOJEE_WEBHOOK_URL + KOJEE_WEBHOOK_SECRET are set): the proxy POSTs every Tandem event as JSON to your endpoint. The body is the canonical normalized TandemEvent \u2014 " + WEBHOOK_BODY_SHAPE + " \u2014 where from.session_id and severity are present only when the wire carried them (the body is fully normalized: it carries from.principal, never the raw backend sender envelope). To build a receiver: (1) verify the X-Kojee-Signature header \u2014 it is the hex-encoded SHA-256 HMAC of the RAW request body bytes keyed by your KOJEE_WEBHOOK_SECRET; recompute over the received bytes and timing-safe compare, reject mismatches. (2) Dedupe by message_id \u2014 the body's `id`, also in the X-Kojee-Delivery header: delivery is AT-LEAST-ONCE (the proxy replays backlog from the cursor on restart), so the same event may arrive more than once \u2014 there is no exactly-once promise.";
+function buildWebhookReceiverNote(sig) {
+  const header = sig?.header ?? "X-Kojee-Signature";
+  const prefix = sig?.prefix ?? "";
+  const digestDesc = prefix ? `the literal prefix \`${prefix}\` followed by the hex-encoded SHA-256 HMAC` : "the hex-encoded SHA-256 HMAC";
+  return "Webhook sink (optional, OFF unless KOJEE_WEBHOOK_URL + KOJEE_WEBHOOK_SECRET are set): the proxy POSTs every Tandem event as JSON to your endpoint. The body is the canonical normalized TandemEvent \u2014 " + WEBHOOK_BODY_SHAPE + ` \u2014 where from.session_id and severity are present only when the wire carried them (the body is fully normalized: it carries from.principal, never the raw backend sender envelope). To build a receiver: (1) verify the ${header} header \u2014 it is ${digestDesc} of the RAW request body bytes keyed by your KOJEE_WEBHOOK_SECRET; recompute over the received bytes and timing-safe compare, reject mismatches. (2) Dedupe by message_id \u2014 the body's \`id\`, also in the X-Kojee-Delivery header: delivery is AT-LEAST-ONCE (the proxy replays backlog from the cursor on restart), so the same event may arrive more than once \u2014 there is no exactly-once promise.`;
 }
 var CODEX_LISTEN_CAP_MS = 8e3;
 function buildCodexWakeReason(cursor) {

package/dist/cli.js

@@ -1,23 +1,29 @@
 #!/usr/bin/env node
+import {
+  VERSION,
+  startProxy
+} from "./chunk-2BDAM3TH.js";
+import "./chunk-X672ZN7V.js";
+import "./chunk-BJMASMKX.js";
 import {
   loadPairedConfig,
   pairedConfigPath,
   savePairedConfig
 } from "./chunk-YH27B6SW.js";
 import {
-  AuthModule,
-  VERSION,
-  startProxy
-} from "./chunk-YEC7IHIG.js";
-import "./chunk-BJMASMKX.js";
-import "./chunk-C6GZ2L2W.js";
-import "./chunk-WBMX4CHB.js";
+  AuthModule
+} from "./chunk-6SK6ITFE.js";
+import {
+  defaultPairedKeystorePath,
+  deriveKeystorePath
+} from "./chunk-3XDJOHMZ.js";
+import "./chunk-UEGQGXPY.js";
+import "./chunk-2MIISF2W.js";
+import "./chunk-LDZXU3DW.js";
 import "./chunk-BLEGIR35.js";
 
 // src/cli.ts
 import { Command } from "commander";
-import crypto from "crypto";
-import os from "os";
 import path from "path";
 
 // src/tandem/pair.ts
@@ -60,14 +66,6 @@ async function runPair(opts) {
 }
 
 // src/cli.ts
-var KOJEE_DIR = path.join(os.homedir(), ".kojee");
-function deriveKeystorePath(token) {
-  const hash = crypto.createHash("sha256").update(token).digest("hex").slice(0, 12);
-  return path.join(KOJEE_DIR, `keypair-${hash}.json`);
-}
-function defaultPairedKeystorePath() {
-  return path.join(KOJEE_DIR, "keypair.json");
-}
 var program = new Command().name("kojee-mcp").description(
   "Local MCP proxy for Kojee \u2014 handles DPoP auth, tool discovery, and governance transparently"
 ).version(VERSION).enablePositionalOptions();
@@ -85,15 +83,15 @@ program.command("pair <code>").description("Pair this machine against Kojee usin
 });
 program.command("hook").description("Run a kojee MCP hook script (called by Claude Code via ~/.claude/settings.json)").requiredOption("--type <type>", "Hook type: stop, user-prompt-submit, or codex-stop").action(async (opts) => {
   if (opts.type === "stop") {
-    const { runStopHook } = await import("./stop-hook-SEPWWETV.js");
+    const { runStopHook } = await import("./stop-hook-TRAMQYNE.js");
     await runStopHook();
     process.exit(0);
   } else if (opts.type === "user-prompt-submit") {
-    const { runUserPromptSubmitHook } = await import("./user-prompt-submit-hook-ARPEO6FF.js");
+    const { runUserPromptSubmitHook } = await import("./user-prompt-submit-hook-ZD2XKN7U.js");
     await runUserPromptSubmitHook();
     process.exit(0);
   } else if (opts.type === "codex-stop") {
-    const { runCodexStopHook } = await import("./codex-stop-hook-JOTBCS5K.js");
+    const { runCodexStopHook } = await import("./codex-stop-hook-SWA53ECG.js");
     await runCodexStopHook();
     process.exit(0);
   } else {
@@ -116,8 +114,21 @@ Restart Claude Code for hooks to take effect.`
     );
   }
 });
+program.command("send <tandem_id>").description(
+  "Send a Tandem message using this machine's paired credentials (~/.kojee). Prints one JSON envelope to stdout: {ok, message_id, cursor, text} on success, {ok:false, error:<typed code>, message} on failure (exit 1)."
+).requiredOption("--body <text>", "Message body (required)").option("--reply-to <message_id>", "Message id this send replies to").option("--kind <kind>", "Message kind: message | status (default: backend default)").action(async (tandemId, opts) => {
+  const { runSendCli } = await import("./send-cli-C2F4WTBN.js");
+  const { exitCode, envelope } = await runSendCli({
+    tandemId,
+    body: opts.body,
+    ...opts.replyTo !== void 0 ? { replyTo: opts.replyTo } : {},
+    ...opts.kind !== void 0 ? { kind: opts.kind } : {}
+  });
+  process.stdout.write(JSON.stringify(envelope) + "\n");
+  process.exit(exitCode);
+});
 program.command("tail <path>").description("Stream a file's contents and follow appends (portable replacement for `tail -F`)").action(async (filePath) => {
-  const { runTail } = await import("./tail-stream-BYKO4DW6.js");
+  const { runTail } = await import("./tail-stream-VUZBYKXS.js");
   try {
     await runTail(filePath);
   } catch (err) {
@@ -126,19 +137,28 @@ program.command("tail <path>").description("Stream a file's contents and follow
   }
 });
 program.command("doctor").description("Diagnose the kojee wake path (proxy, hook-server, SSE stream, event log, Monitor) and print the exact wake recipe").action(async () => {
-  const { runDoctor } = await import("./doctor-TSHOMT5X.js");
+  const { runDoctor } = await import("./doctor-QCQDFLEH.js");
   const code = await runDoctor();
   process.exit(code);
 });
 program.command("init").description(
   "Set up kojee for a runtime (claude-code | hermes | openclaw | codex). Interactive when stdin is a TTY; `--runtime <id>` for non-interactive/CI. Run after `kojee-mcp pair`."
-).option("--runtime <id>", "Target runtime: claude-code | hermes | openclaw | codex").option("--config-path <path>", "Override the runtime's MCP-config path").option("--hooks-path <path>", "Override the runtime's hooks-file path").option("--webhook-url <url>", "Webhook receiver URL (codex/hermes/openclaw)").option("--webhook-secret <secret>", "Webhook HMAC secret (generated if omitted)").option("--uninstall", "Remove the kojee config for the chosen (or recorded) runtime").action(async (opts) => {
+).option("--runtime <id>", "Target runtime: claude-code | hermes | openclaw | codex").option("--config-path <path>", "Override the runtime's MCP-config path").option("--hooks-path <path>", "Override the runtime's hooks-file path").option("--webhook-url <url>", "Webhook receiver URL (codex/hermes/openclaw)").option("--webhook-secret <secret>", "Webhook HMAC secret (generated if omitted)").option(
+  "--webhook-signature-format <preset>",
+  'Signature preset: "github" = header X-Hub-Signature-256, value sha256=<hex> (default: bare hex in X-Kojee-Signature)'
+).option(
+  "--webhook-signature-header <name>",
+  "Signature header name (default X-Kojee-Signature; overrides the preset's header)"
+).option(
+  "--webhook-signature-prefix <prefix>",
+  "Literal string prepended to the hex digest (default empty; overrides the preset's prefix)"
+).option("--uninstall", "Remove the kojee config for the chosen (or recorded) runtime").action(async (opts) => {
   const { loadPairedConfig: loadPairedConfig2 } = await import("./paired-config-JTFLHMZ2.js");
   if (loadPairedConfig2() === null && !opts.uninstall) {
     console.error("Not paired. Run `kojee-mcp pair <code> --url <broker>` first, then re-run `init`.");
     process.exit(1);
   }
-  const { runWizard } = await import("./wizard-7KHD5JT4.js");
+  const { runWizard } = await import("./wizard-OSOAY4GO.js");
   const interactive = process.stdin.isTTY === true && opts.runtime === void 0;
   const result = await runWizard({
     ...opts.runtime !== void 0 ? { runtime: opts.runtime } : {},
@@ -147,6 +167,9 @@ program.command("init").description(
     ...opts.hooksPath ? { hooksPath: opts.hooksPath } : {},
     ...opts.webhookUrl ? { webhookUrl: opts.webhookUrl } : {},
     ...opts.webhookSecret ? { webhookSecret: opts.webhookSecret } : {},
+    ...opts.webhookSignatureFormat ? { webhookSignatureFormat: opts.webhookSignatureFormat } : {},
+    ...opts.webhookSignatureHeader ? { webhookSignatureHeader: opts.webhookSignatureHeader } : {},
+    ...opts.webhookSignaturePrefix !== void 0 ? { webhookSignaturePrefix: opts.webhookSignaturePrefix } : {},
     interactive,
     ...interactive ? { promptRuntime: promptRuntimeFromTty } : {}
   });

package/dist/{codex-stop-hook-JOTBCS5K.js → codex-stop-hook-SWA53ECG.js}

@@ -3,7 +3,7 @@ import {
 } from "./chunk-LSUB6QMP.js";
 import {
   buildCodexWakeReason
-} from "./chunk-C6GZ2L2W.js";
+} from "./chunk-X672ZN7V.js";
 
 // src/hooks/codex-stop-hook.ts
 import fs from "fs";

package/dist/control-token-4BUCTYQB.js

@@ -0,0 +1,13 @@
+import {
+  controlTokenAuthHeaders,
+  controlTokenPath,
+  issueControlToken,
+  loadControlToken
+} from "./chunk-GI2CKKBL.js";
+import "./chunk-BLEGIR35.js";
+export {
+  controlTokenAuthHeaders,
+  controlTokenPath,
+  issueControlToken,
+  loadControlToken
+};