mod8-cli 0.2.0

package/dist/commands/intentRouting.js

@@ -0,0 +1,280 @@
+/**
+ * Intent routing helpers — parse user input from the chat REPL into structured
+ * actions (provider switch, compare-all, etc.) before any LLM call happens.
+ *
+ * Lives outside chat.tsx so it can be unit-tested via the dev:resolve command
+ * without booting the Ink UI.
+ */
+import { looksLikeKeyNoun } from '../util/text.js';
+/**
+ * Match a request to switch the work-mode provider, with optional remainder
+ * after a colon, dash, comma, or whitespace.  Returns { id, rest } or null.
+ *
+ * Generous on phrasing — it must catch the way real users actually speak.
+ * The matched id may be a real provider id, a display name, or a synonym
+ * ("gpt", "claude", etc.).  resolveProviderHint() does the lookup later.
+ *
+ * Phrasings handled (case-insensitive):
+ *   /use <id>          /ask <id>             use <id>            ask <id>
+ *   switch to <id>     switch over to <id>
+ *   talk to <id>       talk with <id>        chat to <id>        chat with <id>
+ *   speak to <id>      speak with <id>
+ *   let me talk to <id>          let's chat with <id>            (and combos)
+ *   i want to talk with <id>     i wanna chat with <id>
+ *   i'd like to talk to <id>     i need to talk with <id>
+ *
+ * Examples:
+ *   "use deepseek"                    → { id: 'deepseek' }
+ *   "ask grok: what's the weather"    → { id: 'grok', rest: "what's the weather" }
+ *   "i want to talk with codex"       → { id: 'codex' }
+ *   "let's chat with gpt"             → { id: 'gpt' }
+ */
+const VERB_PATTERN = [
+    '\\/(?:use|ask)',
+    'use',
+    'ask',
+    'switch(?:\\s+over)?\\s+to',
+    // Optional preamble ("i want to", "i wanna", "i'd like to", "let me",
+    // "let's", "lets me" — typo-tolerant) followed by a talk/chat/speak verb
+    // + to/with.  Note: "wanna" already encodes "to", so no trailing "to".
+    '(?:' +
+        '(?:i\'d\\s+like|i\\s+(?:want|need|would\\s+like))\\s+to\\s+' +
+        '|i\\s+wanna\\s+' +
+        ')?' +
+        // "let'?s?" tolerates "let's", "lets", "let'", and bare "let " — followed
+        // by an optional "me" (matches "let's me"/"lets me"/"let me").
+        '(?:let\'?s?\\s+(?:me\\s+)?)?' +
+        '(?:talk|chat|speak)\\s+(?:to|with)',
+].join('|');
+const PROVIDER_ROUTE_RE = new RegExp(`^\\s*(?:${VERB_PATTERN})\\s+([a-z][a-z0-9_.-]{0,30})\\b\\s*[:,-]?\\s*([\\s\\S]*?)\\s*$`, 'i');
+export function parseProviderRoute(input) {
+    const m = input.match(PROVIDER_ROUTE_RE);
+    if (!m)
+        return null;
+    return { id: m[1].toLowerCase(), rest: (m[2] ?? '').trim() };
+}
+/**
+ * Match a request to switch BACK to host (mod8) from work mode.  Runs
+ * BEFORE any provider call when the user is in work mode, so they're never
+ * stuck if the current work provider is failing — typing "mod8" is always
+ * an escape hatch.
+ *
+ * Returns { rest } where rest is the optional inline message after the
+ * trigger (e.g. "back to mod8, what's the weather?" → rest: "what's the
+ * weather?").  Null = no host-back intent.
+ *
+ * Phrasings handled (case-insensitive, must match the WHOLE leading intent):
+ *   /mod8   @mod8   mod8
+ *   back            back to mod8           switch back
+ *   switch to mod8  go back                go back to mod8
+ *   return to mod8  talk to mod8           let me talk to mod8
+ *   change to mod8  back to host           change to host
+ */
+const HOST_BACK_PATTERNS = [
+    /^\s*(?:\/mod8|@mod8|mod8)\b\s*[:,-]?\s*([\s\S]*?)\s*$/i,
+    /^\s*back\s+to\s+(?:mod8|host)\b\s*[:,-]?\s*([\s\S]*?)\s*$/i,
+    /^\s*switch\s+(?:back|to)\s+(?:mod8|host)\b\s*[:,-]?\s*([\s\S]*?)\s*$/i,
+    /^\s*go\s+back(?:\s+to\s+(?:mod8|host))?\b\s*[:,-]?\s*([\s\S]*?)\s*$/i,
+    /^\s*return\s+to\s+(?:mod8|host)\b\s*[:,-]?\s*([\s\S]*?)\s*$/i,
+    /^\s*change\s+to\s+(?:mod8|host)\b\s*[:,-]?\s*([\s\S]*?)\s*$/i,
+    /^\s*(?:let(?:'s|\s+me)?\s+)?talk\s+to\s+mod8\b\s*[:,-]?\s*([\s\S]*?)\s*$/i,
+    /^\s*back\s*$/i, // bare "back"
+    /^\s*switch\s+back\s*$/i,
+];
+export function parseHostBack(input) {
+    for (const re of HOST_BACK_PATTERNS) {
+        const m = input.match(re);
+        if (m)
+            return { rest: (m[1] ?? '').trim() };
+    }
+    return null;
+}
+export const AUTO_FALLBACK_THRESHOLD = 3;
+export function fallbackDecision(consecutiveErrors) {
+    if (consecutiveErrors >= AUTO_FALLBACK_THRESHOLD)
+        return 'fallback';
+    if (consecutiveErrors >= 1)
+        return 'warn';
+    return 'ok';
+}
+const GREETINGS_RE = /^(hi|hey|hello|yo|sup|hiya|howdy)[\s,]+([a-z][a-z0-9_.-]{0,30})\b\s*[:,!?\-]?\s*([\s\S]*?)\s*$/i;
+const WHOLE_NAME_RE = /^([a-z][a-z0-9_.-]{0,30})[?!,.\-]?$/i;
+const FIRST_WORD_RE = /^([a-z][a-z0-9_.-]{0,30})\b\s+([\s\S]+)$/i;
+export function parseBareProviderHint(input) {
+    const trimmed = input.trim();
+    if (!trimmed)
+        return null;
+    // Greeting + name (+ optional rest) — full resolution OK.
+    const greet = trimmed.match(GREETINGS_RE);
+    if (greet) {
+        const greeting = greet[1];
+        const name = greet[2].toLowerCase();
+        const after = (greet[3] ?? '').trim();
+        const rest = after ? `${greeting} ${after}` : greeting;
+        return { name, rest, resolution: 'full' };
+    }
+    // Whole-input single word — strict resolution only.
+    const whole = trimmed.match(WHOLE_NAME_RE);
+    if (whole) {
+        return { name: whole[1].toLowerCase(), rest: '', resolution: 'strict' };
+    }
+    // First word + remainder — strict resolution (so "claude alone is great"
+    // doesn't route; only configured-or-built-in ids/display-names do).
+    const firstWord = trimmed.match(FIRST_WORD_RE);
+    if (firstWord) {
+        return {
+            name: firstWord[1].toLowerCase(),
+            rest: firstWord[2].trim(),
+            resolution: 'strict',
+        };
+    }
+    return null;
+}
+/**
+ * Match a user request to add an API key inline ("add a key", "i want to
+ * paste a key", "let me add gemini", etc.).  Returns null if no paste-key
+ * intent is detected; otherwise returns an object with an optional
+ * `providerHint` (the trailing word the user named, if any).  The caller
+ * resolves the hint against the configured registry — if it doesn't resolve,
+ * the caller should treat the input as plain text rather than a paste-key
+ * intent (this is what protects "save my work" / "register a feature" from
+ * false-positiving).
+ *
+ * Phrasings handled (case-insensitive):
+ *   add a key                      paste my key
+ *   save my api key                register a key
+ *   set up a key                   put in a key
+ *   i want to add a key            i wanna paste a key
+ *   i'd like to register a key     let me save my key
+ *   let's add a key                lets paste a key
+ *   add my anthropic key           paste claude
+ *   let me add gemini              save my groq key
+ *
+ * Does NOT match:
+ *   save the file                  let's add a feature
+ *   set the timer                  put in a code-review
+ * (because "file" / "feature" / "timer" / "code-review" are not provider
+ *  hints and the trailing word doesn't say "key" / "credentials" / "secret".)
+ */
+// "use" is intentionally NOT here — "use codex" is a routing intent, not
+// a paste-key intent.  It IS in PASTE_PRONOUN_VERB below so "use this" /
+// "use it" still work when a pendingKey is in flight.
+//
+// Includes change/update/replace/rotate/swap so phrasings like "lets
+// change the google key" route through the inline paste flow instead of
+// being passed to the host LLM (which would just lecture about
+// `mod8 keys set <id>`).
+const PASTE_VERB = '(?:add|paste|save|register|set(?:\\s+up)?|enter|put\\s+in|drop|store|change|update|replace|swap(?:\\s+out)?|rotate|renew|regenerate|switch)';
+const PASTE_PRONOUN_VERB = '(?:add|paste|save|register|set(?:\\s+up)?|enter|put\\s+in|drop|store|use|change|update|replace|swap|rotate)';
+// Modify-style verbs imply the user wants to change something — and the only
+// thing mod8 manages per-provider is the key.  We use this set for typo-
+// tolerant matching: "change the google kew" / "update my anthropic kee"
+// should all route to the inline paste flow, not the host LLM.
+const PASTE_MODIFY_VERB = '(?:change|update|replace|swap(?:\\s+out)?|rotate|renew|regenerate)';
+const VOLITION_PREFIX = "(?:i\\s+(?:want|wanna|need|would\\s+like)|i'?d\\s+like|let'?s?(?:\\s+me)?)\\s+(?:to\\s+)?";
+// Articles + demonstratives + pronouns.  "this/that/these/those" are the
+// fix for "add this key!" — and "it/them" lets us match "save it" /
+// "register them" when the user is referring back to a key already in view.
+const ARTICLE = '(?:a|an|my|the|new|another|this|that|these|those|it|them)';
+const KEY_NOUN = '(?:key|credentials?|secret)s?';
+// Intent A: <volition?> <verb> [article] [api/provider] key/credentials/secret
+const PASTE_KEY_RE = new RegExp(`^\\s*(?:${VOLITION_PREFIX})?${PASTE_VERB}` +
+    `(?:\\s+${ARTICLE})?` +
+    `(?:\\s+(?:api|provider))?` +
+    `\\s+${KEY_NOUN}\\b`, 'i');
+// Intent B: <volition?> <verb> [article?] <provider-token> [key]?
+// Caller validates that the provider-token is a real provider hint.
+const PASTE_PROVIDER_RE = new RegExp(`^\\s*(?:${VOLITION_PREFIX})?${PASTE_VERB}` +
+    `(?:\\s+${ARTICLE})?\\s+` +
+    `([a-z][a-z0-9_.-]{1,30})` +
+    `(?:\\s+${KEY_NOUN})?\\s*[.,!?]?\\s*$`, 'i');
+// Intent C: bare pronoun forms — "save this", "save it", "use this",
+// "register it", "add this".  These ONLY make sense when there is a key
+// already on the screen (i.e. the user just pasted one); the chat REPL
+// arms a pendingKey state in that case, which is what makes Intent C
+// safe to recognize even though it has no key noun.
+const PASTE_PRONOUN_RE = new RegExp(`^\\s*(?:${VOLITION_PREFIX})?${PASTE_PRONOUN_VERB}` +
+    `\\s+(?:this|that|it|them)` +
+    `(?:\\s+${KEY_NOUN})?\\s*[.,!?]?\\s*$`, 'i');
+// Intent D: modify-style verb + (article)? + provider + ANY trailing word.
+// Catches typos of "key": "change the google kew" / "update my anthropic
+// kee" / "rotate the openai keey".  Trailing word is captured so we can
+// fuzzy-check it looks like "key" (otherwise we'd false-positive on
+// "change google account password" etc.).
+const PASTE_MODIFY_PROVIDER_TYPO_RE = new RegExp(`^\\s*(?:${VOLITION_PREFIX})?${PASTE_MODIFY_VERB}` +
+    `(?:\\s+${ARTICLE})?\\s+` +
+    `([a-z][a-z0-9_.-]{1,30})` +
+    `\\s+(\\S{2,16})\\s*[.,!?]?\\s*$`, 'i');
+export function parsePasteKeyIntent(input) {
+    const trimmed = input.trim();
+    if (!trimmed)
+        return null;
+    if (PASTE_KEY_RE.test(trimmed))
+        return {};
+    if (PASTE_PRONOUN_RE.test(trimmed))
+        return { pronounRef: true };
+    const m = trimmed.match(PASTE_PROVIDER_RE);
+    if (m) {
+        const token = m[1].toLowerCase();
+        // The "token" position can also be a typo of the key noun itself
+        // ("change my kew" / "rotate the kee" — no provider, just a typo of
+        // "key").  Treat these as a generic paste-key intent without a hint.
+        if (looksLikeKeyNoun(token))
+            return {};
+        return { providerHint: token };
+    }
+    // Typo-tolerant fallback for modify-style verbs that name a provider
+    // ("change the google kew", "rotate my anthropic kee").  Accept only
+    // when the trailing word fuzzy-matches "key" — otherwise "change
+    // google account password" would false-positive.
+    const m2 = trimmed.match(PASTE_MODIFY_PROVIDER_TYPO_RE);
+    if (m2 && looksLikeKeyNoun(m2[2])) {
+        return { providerHint: m2[1].toLowerCase() };
+    }
+    return null;
+}
+/**
+ * Affirmative responses — "yes", "y", "sure", "go", "do it".  Used for
+ * yes/no confirmation prompts (fuzzy match, paste-key, etc).  Conservative:
+ * exact-shape matches only, no fuzzy reasoning.
+ */
+const AFFIRM_RE = /^\s*(?:yes|y|yeah|yep|yup|sure|ok|okay|alright|fine|please|go|do\s+it|switch|please\s+do|confirm|correct)\s*[!?.,]?\s*$/i;
+/**
+ * Negative responses — "no", "cancel", "skip".  Lets the chat REPL ack a
+ * cancellation without sending it to the LLM.
+ */
+const NEGATIVE_RE = /^\s*(?:no|nope|nah|cancel|skip|never|forget\s+it|don'?t|dont|never\s+mind|nevermind)\s*[!?.,]?\s*$/i;
+export function isAffirmative(input) {
+    return AFFIRM_RE.test(input.trim());
+}
+export function isNegative(input) {
+    return NEGATIVE_RE.test(input.trim());
+}
+/**
+ * Composite affirmative for the paste-key confirm step — accepts plain
+ * "yes" along with any paste-key phrasing ("save it", "save this", "use it",
+ * etc.).  In pendingKey context these are unambiguous: the user just pasted
+ * a key, mod8 asked "save this as X?", and "save it" means yes.
+ */
+export function isPasteConfirmAffirmative(input) {
+    return isAffirmative(input) || parsePasteKeyIntent(input) !== null;
+}
+/** Bare compare command without a payload prompt. */
+export function isCompareCommand(input) {
+    const s = input.trim().toLowerCase();
+    return (s === '/compare' ||
+        s === 'compare all' ||
+        s === 'ask everyone' ||
+        /^compare(\s+all)?\s*[:,-]?\s*$/.test(s));
+}
+/**
+ * Match a compare command WITH a payload prompt:
+ *   "compare all: write a haiku"
+ *   "ask everyone: write a haiku"
+ *   "/compare write a haiku"
+ * Returns the payload, or null if the input isn't a compare-with-payload.
+ */
+export function parseCompareWithPrompt(input) {
+    const m = input.match(/^(?:\/compare|compare all|ask everyone)\s*[:,-]?\s*([\s\S]+)$/i);
+    return m ? m[1].trim() : null;
+}

package/dist/commands/keys.js

@@ -0,0 +1,55 @@
+import chalk from 'chalk';
+import { setProviderKey, removeProvider, listProviders, PROVIDERS_FILE_PATH, } from '../storage/providers.js';
+import { KNOWN_PROVIDERS, templateById } from '../providers/registry.js';
+import { readSecret, maskKey } from '../util/prompt.js';
+export async function keysSet(provider) {
+    const tpl = templateById(provider);
+    if (!tpl) {
+        console.error(chalk.red(`Unknown provider '${provider}'.`) +
+            `\n  Built-in: ${KNOWN_PROVIDERS.map((p) => p.id).join(', ')}` +
+            `\n  For other providers, use: mod8 add-provider`);
+        process.exit(1);
+    }
+    const key = await readSecret(`Enter API key for ${tpl.name}: `);
+    if (!key.trim()) {
+        console.error(chalk.red('No key entered. Aborted.'));
+        process.exit(1);
+    }
+    await setProviderKey(provider, key.trim());
+    console.log(chalk.green('✓') + ` Saved key for ${tpl.name}`);
+    console.log(chalk.dim(`  Stored at ${PROVIDERS_FILE_PATH} (file is 0600, only readable by you)`));
+}
+export async function keysList() {
+    const stored = await listProviders();
+    console.log();
+    // Show every built-in provider — configured or not — plus any custom ones.
+    const seen = new Set();
+    for (const tpl of KNOWN_PROVIDERS) {
+        seen.add(tpl.id);
+        const entry = stored[tpl.id];
+        const value = entry ? chalk.dim(maskKey(entry.apiKey)) : chalk.dim('(not set)');
+        console.log(`  ${tpl.id.padEnd(12)} ${value.padEnd(24)} ${chalk.dim(tpl.name)}`);
+    }
+    for (const [id, entry] of Object.entries(stored)) {
+        if (seen.has(id))
+            continue;
+        console.log(`  ${id.padEnd(12)} ${chalk.dim(maskKey(entry.apiKey)).padEnd(24)} ${chalk.dim(entry.name)} ${chalk.dim('(custom)')}`);
+    }
+    console.log();
+    console.log(chalk.dim(`Stored at ${PROVIDERS_FILE_PATH}`));
+}
+export async function keysRemove(provider) {
+    const stored = await listProviders();
+    if (!(provider in stored) && !templateById(provider)) {
+        console.error(chalk.red(`Unknown provider '${provider}'.`) +
+            `\n  Built-in: ${KNOWN_PROVIDERS.map((p) => p.id).join(', ')}`);
+        process.exit(1);
+    }
+    const removed = await removeProvider(provider);
+    if (removed) {
+        console.log(chalk.green('✓') + ` Removed key for ${provider}`);
+    }
+    else {
+        console.log(chalk.dim(`No key was set for ${provider}.`));
+    }
+}

package/dist/commands/list.js

@@ -0,0 +1,27 @@
+import chalk from 'chalk';
+import { listSessions, fallbackTitle, loadSession } from '../storage/sessions.js';
+import { humanTimeAgo } from '../util/time.js';
+export async function listCommand() {
+    const summaries = await listSessions(20);
+    if (summaries.length === 0) {
+        console.log();
+        console.log(chalk.dim('  no sessions yet — run `mod8` to start one'));
+        console.log();
+        return;
+    }
+    console.log();
+    for (const s of summaries) {
+        let title = s.title;
+        if (!title) {
+            // Title not yet generated — fall back to first message.
+            const session = await loadSession(s.id);
+            title = session ? fallbackTitle(session) : '(no title)';
+        }
+        const ago = humanTimeAgo(s.lastActivity);
+        const turns = s.turnCount === 1 ? '1 turn' : `${s.turnCount} turns`;
+        console.log(`  ${chalk.dim(s.id)}  ${chalk.bold(title)}  ${chalk.dim(`· ${ago} · ${turns}`)}`);
+    }
+    console.log();
+    console.log(chalk.dim('  resume any with: mod8 resume <id>'));
+    console.log();
+}

package/dist/commands/login.js

@@ -0,0 +1,147 @@
+/**
+ * `mod8 login` — bridge the CLI to the mod8 hosted product.
+ *
+ *   1. Open the user's browser to https://mod8-web/cli-login (or whatever
+ *      MOD8_LOGIN_URL points at — overridable for staging).
+ *   2. Prompt the terminal for the sk-mod8-... key they copy from that page.
+ *   3. Validate by calling /v1/chat with a dry-ping… actually just smoke
+ *      against the proxy with a 1-token request to confirm shape + balance.
+ *   4. Save ~/.config/mod8/auth.json with mode 0600.
+ *
+ * No callback URL handshake (yet) — paste keeps things deterministic across
+ * shells and avoids spawning a local listener.
+ */
+import chalk from 'chalk';
+import { createInterface } from 'readline';
+import { exec } from 'child_process';
+import { platform } from 'os';
+import { writeAuth, readAuth, DEFAULT_PROXY_URL, AUTH_FILE_PATH, } from '../storage/auth.js';
+const DEFAULT_LOGIN_URL = 'https://mod8-495901.web.app/cli-login';
+export async function loginCommand() {
+    const loginUrl = process.env.MOD8_LOGIN_URL ?? DEFAULT_LOGIN_URL;
+    const proxyUrl = process.env.MOD8_PROXY_URL ?? DEFAULT_PROXY_URL;
+    const existing = await readAuth();
+    if (existing) {
+        process.stderr.write(chalk.yellow(`Already logged in${existing.email ? ` as ${existing.email}` : ''}. ` +
+            `Use \`mod8 logout\` to drop credentials first if you want to re-link.\n`));
+        return;
+    }
+    process.stdout.write('\n');
+    process.stdout.write(chalk.bold('Connect your terminal to mod8\n'));
+    process.stdout.write(chalk.dim(`Opening ${loginUrl} …\n\n`));
+    // Best-effort browser open.  If it fails, the user sees the URL and can
+    // copy it manually — the paste-key path still works.
+    openBrowserBestEffort(loginUrl);
+    process.stdout.write(`If it didn't open, visit:  ${chalk.cyan(loginUrl)}\n\n`);
+    process.stdout.write(`Then paste your CLI key here (starts with ${chalk.bold('sk-mod8-')}):\n`);
+    const key = await readLine('> ');
+    const trimmed = key.trim();
+    if (!trimmed) {
+        throw new Error('No key entered.');
+    }
+    if (!trimmed.startsWith('sk-mod8-')) {
+        throw new Error(`That doesn't look like a mod8 key (expected sk-mod8-...).`);
+    }
+    // Sanity-ping the proxy with a tiny request — confirms the key is real
+    // AND lets us echo the email + balance back to the user immediately.
+    const meta = await pingProxy(proxyUrl, trimmed);
+    await writeAuth({
+        mod8Key: trimmed,
+        proxyUrl,
+        ...(meta.email ? { email: meta.email } : {}),
+    });
+    process.stdout.write(`\n${chalk.green('✓')} Saved to ${chalk.dim(AUTH_FILE_PATH)}\n` +
+        `${chalk.green('✓')} Logged in${meta.email ? ` as ${chalk.bold(meta.email)}` : ''}` +
+        (typeof meta.availableMicros === 'number'
+            ? ` — ${chalk.bold(formatUsd(meta.availableMicros))} balance`
+            : '') +
+        '\n\n' +
+        chalk.dim('Try it:  ') +
+        chalk.cyan('mod8 -c "hi from the proxy"') +
+        '\n');
+}
+function openBrowserBestEffort(url) {
+    const cmd = platform() === 'darwin'
+        ? `open ${shellQuote(url)}`
+        : platform() === 'win32'
+            ? `start "" ${shellQuote(url)}`
+            : `xdg-open ${shellQuote(url)}`;
+    exec(cmd, () => {
+        // Silently ignore — terminal-only environments will rely on the printed URL.
+    });
+}
+function shellQuote(s) {
+    return `"${s.replace(/"/g, '\\"')}"`;
+}
+async function readLine(prompt) {
+    return new Promise((resolve, reject) => {
+        const rl = createInterface({ input: process.stdin, output: process.stdout });
+        rl.question(prompt, (line) => {
+            rl.close();
+            resolve(line);
+        });
+        rl.on('error', reject);
+    });
+}
+/**
+ * Sanity-check + metadata fetch.  We don't have a "whoami" endpoint on the
+ * proxy itself, so we POST a maxTokens=1 anthropic call.  That:
+ *   - validates the bearer token (401 if bad)
+ *   - confirms the master key is seeded (500 if not)
+ *   - returns chargedMicros + balanceAfterMicros, which we use to print the
+ *     balance hint.
+ *
+ * Cost: a fraction of a cent.  Cheap enough that we eat it for the UX.
+ */
+async function pingProxy(proxyUrl, mod8Key) {
+    const resp = await fetch(`${proxyUrl}/v1/chat`, {
+        method: 'POST',
+        headers: { Authorization: `Bearer ${mod8Key}`, 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            provider: 'anthropic',
+            model: 'claude-haiku-4-5',
+            maxTokens: 1,
+            messages: [{ role: 'user', content: 'ok' }],
+        }),
+    });
+    if (resp.status === 401)
+        throw new Error('Key not recognized by the proxy.');
+    if (!resp.ok) {
+        const detail = await resp.text().catch(() => '');
+        throw new Error(`Proxy ping failed: ${resp.status} ${detail.slice(0, 160)}`);
+    }
+    if (!resp.body)
+        return {};
+    const reader = resp.body.getReader();
+    const decoder = new TextDecoder();
+    let buf = '';
+    let availableMicros;
+    while (true) {
+        const { done, value } = await reader.read();
+        if (done)
+            break;
+        buf += decoder.decode(value, { stream: true });
+        let idx;
+        while ((idx = buf.indexOf('\n\n')) >= 0) {
+            const chunk = buf.slice(0, idx);
+            buf = buf.slice(idx + 2);
+            for (const line of chunk.split('\n')) {
+                if (!line.startsWith('data: '))
+                    continue;
+                try {
+                    const ev = JSON.parse(line.slice(6));
+                    if (ev.type === 'done' && typeof ev.balanceAfterMicros === 'number') {
+                        availableMicros = ev.balanceAfterMicros;
+                    }
+                }
+                catch {
+                    // ignore non-JSON
+                }
+            }
+        }
+    }
+    return availableMicros !== undefined ? { availableMicros } : {};
+}
+function formatUsd(micros) {
+    return `$${(micros / 1_000_000).toFixed(2)}`;
+}

package/dist/commands/logout.js

@@ -0,0 +1,17 @@
+/**
+ * `mod8 logout` — drop the saved mod8 credentials.  The CLI falls back to
+ * local providers.json for subsequent requests.
+ */
+import chalk from 'chalk';
+import { deleteAuth, AUTH_FILE_PATH } from '../storage/auth.js';
+export async function logoutCommand() {
+    const removed = await deleteAuth();
+    if (removed) {
+        process.stdout.write(`${chalk.green('✓')} Logged out — ${chalk.dim(AUTH_FILE_PATH)} removed.\n` +
+            chalk.dim('Falling back to local providers.json.\n'));
+    }
+    else {
+        process.stdout.write(chalk.dim('Not logged in.\n') +
+            chalk.dim(`No file at ${AUTH_FILE_PATH}.\n`));
+    }
+}

package/dist/commands/prompt.js

@@ -0,0 +1,63 @@
+import chalk from 'chalk';
+import { getProviderClient } from '../providers/index.js';
+import { formatCost } from '../providers/pricing.js';
+import { getConfig } from '../storage/config.js';
+import { classifyError } from '../util/errors.js';
+export async function resolveProvider(opts) {
+    const flags = [opts.claude, opts.openai, opts.gemini, opts.deepseek].filter(Boolean).length;
+    if (flags > 1) {
+        throw new Error('Cannot use multiple provider flags. Pick one of -c, -o, -g, -d, or use --all.');
+    }
+    if (opts.claude)
+        return 'anthropic';
+    if (opts.openai)
+        return 'openai';
+    if (opts.gemini)
+        return 'google';
+    if (opts.deepseek)
+        return 'deepseek';
+    const config = await getConfig();
+    return config.default ?? 'anthropic';
+}
+export function formatStats(usage) {
+    const totalTokens = (usage.inputTokens + usage.outputTokens).toLocaleString();
+    const seconds = (usage.latencyMs / 1000).toFixed(2);
+    return `${chalk.dim('—')} ${chalk.bold(usage.model)}  ${chalk.dim(`${totalTokens} tok · ${seconds}s · ${formatCost(usage.costUsd)}`)}`;
+}
+export async function runPrompt({ provider, prompt }) {
+    let client;
+    try {
+        client = await getProviderClient(provider);
+    }
+    catch (err) {
+        console.error(chalk.red('mod8: ') + err.message);
+        process.exit(1);
+    }
+    let usage;
+    let lastChar = '';
+    try {
+        for await (const event of client.stream(prompt)) {
+            if (event.type === 'text') {
+                process.stdout.write(event.delta);
+                if (event.delta.length > 0) {
+                    lastChar = event.delta[event.delta.length - 1];
+                }
+            }
+            else if (event.type === 'done') {
+                usage = event.usage;
+            }
+        }
+    }
+    catch (err) {
+        if (lastChar !== '\n' && lastChar !== '')
+            process.stdout.write('\n');
+        console.error(chalk.red('mod8: ') + chalk.dim(`${provider}: `) + classifyError(err, provider));
+        process.exit(1);
+    }
+    if (lastChar !== '\n')
+        process.stdout.write('\n');
+    if (usage) {
+        console.log();
+        console.log(formatStats(usage));
+    }
+}

package/dist/commands/providers.js

@@ -0,0 +1,30 @@
+/**
+ * `mod8 providers` — list configured providers (id, name, color, model, base URL).
+ *
+ * Different from `mod8 keys list`:
+ *   - `keys list` shows every built-in slot + key state (set / not set)
+ *   - `providers` shows only what the user has actually configured, with the
+ *     details mod8 will use at call time (model, base URL, color)
+ */
+import chalk from 'chalk';
+import { listProviders, PROVIDERS_FILE_PATH } from '../storage/providers.js';
+export async function listProvidersCommand() {
+    const stored = await listProviders();
+    const entries = Object.entries(stored);
+    console.log();
+    if (entries.length === 0) {
+        console.log(chalk.dim('  no providers configured yet.'));
+        console.log(chalk.dim('  add one with: mod8 add-provider'));
+        console.log(chalk.dim('  or for a built-in: mod8 keys set <provider>'));
+        console.log();
+        return;
+    }
+    for (const [id, e] of entries) {
+        const dot = chalk.hex(e.color)('●');
+        const tag = e.custom ? chalk.dim(' (custom)') : '';
+        const base = e.baseUrl ? chalk.dim(`  ${e.baseUrl}`) : '';
+        console.log(`  ${dot} ${chalk.bold(id.padEnd(12))} ${chalk.dim(e.name)} · ${chalk.dim(e.apiType)} · ${chalk.dim(e.defaultModel)}${tag}${base}`);
+    }
+    console.log();
+    console.log(chalk.dim(`  ${entries.length} provider${entries.length === 1 ? '' : 's'} · stored at ${PROVIDERS_FILE_PATH}`));
+}

package/dist/commands/verify.js

@@ -0,0 +1,5 @@
+import { runVerify } from '../verify/runner.js';
+export async function verifyCommand() {
+    const summary = await runVerify();
+    process.exit(summary.fail > 0 ? 1 : 0);
+}

package/dist/input/compose.js

@@ -0,0 +1,37 @@
+import { resolveFileRefs } from './files.js';
+/**
+ * Build the final prompt sent to providers.
+ *
+ * Layout:
+ *   <user prompt>
+ *
+ *   [file: path1]
+ *   <content of path1>
+ *
+ *   [file: path2]
+ *   <content of path2>
+ *
+ *   <piped stdin content>
+ *
+ * @file refs that fail to load become warnings (and are left in-place in the prompt).
+ */
+export async function composePrompt(prompt, stdin) {
+    const warnings = [];
+    const sections = [prompt.trimEnd()];
+    const refs = await resolveFileRefs(prompt);
+    for (const ref of refs) {
+        if (ref.content !== undefined) {
+            sections.push('');
+            sections.push(`[file: ${ref.path}]`);
+            sections.push(ref.content.trimEnd());
+        }
+        else {
+            warnings.push(`@${ref.path}: ${ref.error}`);
+        }
+    }
+    if (stdin && stdin.trim()) {
+        sections.push('');
+        sections.push(stdin.trimEnd());
+    }
+    return { finalPrompt: sections.join('\n'), warnings };
+}