npm - numo-cli - Versions diffs - 1.3.0 → 1.6.0 - Mend

numo-cli 1.3.0 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/cli.cjs CHANGED Viewed

@@ -3217,6 +3217,390 @@ var init_http = __esm({
   }
 });
+// src/cli/lib/dirs.ts
+function getConfigDir() {
+  if (process.env.NUMO_CONFIG_DIR) {
+    return process.env.NUMO_CONFIG_DIR;
+  }
+  const xdgHome = process.env.XDG_CONFIG_HOME || path.join(os.homedir(), ".config");
+  const xdgDir = path.join(xdgHome, "numo");
+  if (fs.existsSync(xdgDir)) return xdgDir;
+  if (fs.existsSync(LEGACY_DIR)) return LEGACY_DIR;
+  return xdgDir;
+}
+function ensureConfigDir() {
+  const dir = getConfigDir();
+  if (!fs.existsSync(dir)) {
+    fs.mkdirSync(dir, { recursive: true, mode: 448 });
+  }
+  return dir;
+}
+function getCredentialsPath() {
+  return path.join(getConfigDir(), "credentials.json");
+}
+function migrateIfNeeded() {
+  const xdgHome = process.env.XDG_CONFIG_HOME || path.join(os.homedir(), ".config");
+  const xdgDir = path.join(xdgHome, "numo");
+  if (process.env.NUMO_CONFIG_DIR) return;
+  const legacyCreds = path.join(LEGACY_DIR, "credentials.json");
+  if (!fs.existsSync(legacyCreds) || fs.existsSync(xdgDir)) return;
+  try {
+    fs.mkdirSync(xdgDir, { recursive: true, mode: 448 });
+    const data = fs.readFileSync(legacyCreds, "utf8");
+    fs.writeFileSync(path.join(xdgDir, "credentials.json"), data, { mode: 384 });
+    const legacyStreaks = path.join(LEGACY_DIR, "streaks.json");
+    if (fs.existsSync(legacyStreaks)) {
+      const streaksData = fs.readFileSync(legacyStreaks, "utf8");
+      fs.writeFileSync(path.join(xdgDir, "streaks.json"), streaksData, { mode: 384 });
+    }
+    process.stderr.write(`Migrated config from ${LEGACY_DIR} to ${xdgDir}
+`);
+  } catch {
+  }
+}
+var fs, path, os, LEGACY_DIR;
+var init_dirs = __esm({
+  "src/cli/lib/dirs.ts"() {
+    "use strict";
+    fs = __toESM(require("fs"), 1);
+    path = __toESM(require("path"), 1);
+    os = __toESM(require("os"), 1);
+    LEGACY_DIR = path.join(os.homedir(), ".numo");
+  }
+});
+// src/cli/lib/errors.ts
+function classifyError(err) {
+  if (err instanceof CliError) return err;
+  const axiosErr = err;
+  if (axiosErr.code === "ECONNABORTED" || axiosErr.code === "ETIMEDOUT") return Errors.timeout();
+  if (axiosErr.code === "ENOTFOUND" || axiosErr.code === "EAI_AGAIN") return Errors.networkError();
+  if (axiosErr.code === "ECONNREFUSED" || axiosErr.code === "ECONNRESET") {
+    return Errors.networkError("Service may be temporarily down. Try again in a moment.");
+  }
+  const status = axiosErr.response?.status;
+  if (status === 401) return Errors.authRequired();
+  if (status === 403) {
+    return new CliError("AUTH_FORBIDDEN" /* AUTH_FORBIDDEN */, "Access denied", ExitCode.NO_PERM, {
+      hint: "You don't have permission for this action."
+    });
+  }
+  if (status === 404) return Errors.notFound("Resource");
+  if (status === 429) {
+    const retryAfter = parseInt(axiosErr.response?.headers?.["retry-after"] ?? "");
+    return Errors.rateLimited(isNaN(retryAfter) ? void 0 : retryAfter);
+  }
+  if (status && status >= 500) {
+    return new CliError("SERVICE_UNAVAILABLE" /* SERVICE_UNAVAILABLE */, "Server error", ExitCode.UNAVAILABLE, {
+      hint: "This is on our end. Try again in a moment.",
+      retryable: true
+    });
+  }
+  const body = axiosErr.response?.data;
+  const raw = body?.error?.message ?? axiosErr.message ?? "Unknown error";
+  const message = sanitizeErrorMessage(raw);
+  return new CliError("UNKNOWN" /* UNKNOWN */, message, ExitCode.GENERAL, { cause: err });
+}
+function sanitizeErrorMessage(msg) {
+  return msg.replace(/https?:\/\/\S+/g, "<url>").replace(/\/(?:Users|home|var|tmp)\/\S+/g, "<path>").replace(/\beyJ[\w-]+\.[\w-]+\.[\w-]+\b/g, "<jwt>").replace(/[\w.+-]+@[\w-]+\.[\w.-]+/g, "<email>").replace(/[A-Za-z0-9_=+/-]{32,}/g, "<token>");
+}
+var ExitCode, CliError, Errors;
+var init_errors = __esm({
+  "src/cli/lib/errors.ts"() {
+    "use strict";
+    ExitCode = {
+      OK: 0,
+      GENERAL: 1,
+      USAGE: 2,
+      UNAVAILABLE: 69,
+      TEMP_FAIL: 75,
+      NO_PERM: 77,
+      CONFIG: 78,
+      NOT_FOUND: 100,
+      CONFLICT: 101
+    };
+    CliError = class extends Error {
+      constructor(kind, message, exitCode = ExitCode.GENERAL, options = {}) {
+        super(message);
+        this.kind = kind;
+        this.exitCode = exitCode;
+        this.options = options;
+        this.name = "CliError";
+      }
+      toJSON() {
+        return {
+          error: {
+            kind: this.kind,
+            code: this.exitCode,
+            message: this.message,
+            ...this.options.suggestion && { suggestion: this.options.suggestion },
+            ...this.options.hint && { hint: this.options.hint },
+            retryable: this.options.retryable ?? false,
+            ...this.options.retryAfter != null && { retryAfter: this.options.retryAfter }
+          }
+        };
+      }
+    };
+    Errors = {
+      authRequired: () => new CliError("AUTH_REQUIRED" /* AUTH_REQUIRED */, "Not logged in", ExitCode.NO_PERM, {
+        suggestion: "numo login"
+      }),
+      notFound: (resource, id) => new CliError("NOT_FOUND" /* NOT_FOUND */, `${resource} not found${id ? `: ${id}` : ""}`, ExitCode.NOT_FOUND, {
+        suggestion: `numo ${resource.toLowerCase()}s list`
+      }),
+      missingArg: (name, flag) => new CliError("MISSING_ARGUMENT" /* MISSING_ARGUMENT */, `${name} is required`, ExitCode.USAGE, {
+        suggestion: `Use --${flag}`,
+        hint: "Run with --help for all options."
+      }),
+      invalidInput: (message, hint) => new CliError("INVALID_INPUT" /* INVALID_INPUT */, message, ExitCode.USAGE, { hint }),
+      configMissing: (key) => new CliError("CONFIG_ERROR" /* CONFIG_ERROR */, `${key} not set`, ExitCode.CONFIG, {
+        suggestion: `export ${key}=<value>`
+      }),
+      networkError: (hint) => new CliError("NETWORK_ERROR" /* NETWORK_ERROR */, "Can't reach Numo servers", ExitCode.UNAVAILABLE, {
+        hint: hint ?? "Check your internet connection.",
+        retryable: true
+      }),
+      timeout: () => new CliError("TIMEOUT" /* TIMEOUT */, "Request timed out", ExitCode.TEMP_FAIL, {
+        hint: "The server took too long to respond. Try again.",
+        retryable: true
+      }),
+      rateLimited: (retryAfter) => new CliError("RATE_LIMITED" /* RATE_LIMITED */, "Too many requests", ExitCode.TEMP_FAIL, {
+        hint: retryAfter ? `Wait ${retryAfter} seconds and try again.` : "Wait a moment and try again.",
+        retryable: true,
+        retryAfter
+      })
+    };
+  }
+});
+// src/cli/lib/api-base.ts
+function isLoopback(host) {
+  return host === "localhost" || host === "127.0.0.1" || host === "::1";
+}
+function classifyApiBase(base = API_BASE, fromEnv = FROM_ENV) {
+  let u2;
+  try {
+    u2 = new URL(base);
+  } catch {
+    return { ok: false, message: `Invalid NUMO_API_URL: ${base}` };
+  }
+  if (u2.protocol !== "http:" && u2.protocol !== "https:") {
+    return { ok: false, message: `NUMO_API_URL must be http(s) \u2014 got "${u2.protocol}"` };
+  }
+  const insecure = u2.protocol === "http:" && !isLoopback(u2.hostname);
+  const trusted = isLoopback(u2.hostname) || u2.hostname === "numo.ai" || u2.hostname.endsWith(".numo.ai");
+  if (fromEnv && !trusted && process.env.NUMO_ALLOW_CUSTOM_HOST !== "1") {
+    return {
+      ok: false,
+      message: `Refusing to send credentials to untrusted host "${u2.hostname}". Use https://api.numo.ai, or set NUMO_ALLOW_CUSTOM_HOST=1 for a self-hosted/staging server.`
+    };
+  }
+  return { ok: true, insecure };
+}
+function assertSafeApiBase() {
+  const verdict = classifyApiBase();
+  if (!verdict.ok) {
+    throw new CliError("CONFIG_ERROR" /* CONFIG_ERROR */, verdict.message, ExitCode.CONFIG, {
+      suggestion: "export NUMO_ALLOW_CUSTOM_HOST=1"
+    });
+  }
+  if (verdict.insecure && !warnedInsecure) {
+    warnedInsecure = true;
+    process.stderr.write("[warn] NUMO_API_URL uses HTTP \u2014 tokens sent unencrypted. Use HTTPS in production.\n");
+  }
+}
+var API_BASE, FROM_ENV, warnedInsecure;
+var init_api_base = __esm({
+  "src/cli/lib/api-base.ts"() {
+    "use strict";
+    init_errors();
+    API_BASE = process.env.NUMO_API_URL ?? (true ? "https://api.numo.ai" : "http://localhost:3000");
+    FROM_ENV = process.env.NUMO_API_URL !== void 0;
+    warnedInsecure = false;
+  }
+});
+// src/cli/lib/api-client.ts
+var api_client_exports = {};
+__export(api_client_exports, {
+  API_BASE: () => API_BASE,
+  api: () => api
+});
+function toCliError(err) {
+  if (err instanceof CliError) return err;
+  const httpErr = err;
+  if (httpErr.code === "ECONNABORTED" || httpErr.code === "ETIMEDOUT") {
+    return new CliError("TIMEOUT" /* TIMEOUT */, "Request timed out", ExitCode.TEMP_FAIL, {
+      hint: "The API server took too long to respond.",
+      retryable: true
+    });
+  }
+  if (httpErr.code === "ECONNREFUSED" || httpErr.code === "ECONNRESET" || httpErr.code === "ENOTFOUND") {
+    return new CliError("NETWORK_ERROR" /* NETWORK_ERROR */, "Can't reach Numo API", ExitCode.UNAVAILABLE, {
+      hint: "Is the API server running? Check NUMO_API_URL.",
+      retryable: true
+    });
+  }
+  const body = httpErr.response?.data;
+  if (body?.error) {
+    const e = body.error;
+    const kind = e.kind ?? "UNKNOWN" /* UNKNOWN */;
+    const exitCode = KIND_EXIT[kind] ?? ExitCode.GENERAL;
+    return new CliError(kind, sanitizeErrorMessage(e.message ?? "Unknown error"), exitCode, {
+      retryable: e.retryable,
+      retryAfter: e.retryAfter
+    });
+  }
+  return new CliError("UNKNOWN" /* UNKNOWN */, sanitizeErrorMessage(httpErr.message ?? "Unknown error"), ExitCode.GENERAL);
+}
+async function apiHeaders() {
+  assertSafeApiBase();
+  const token = await getIdToken();
+  return {
+    Authorization: `Bearer ${token}`,
+    "Content-Type": "application/json"
+  };
+}
+function url(path3, params) {
+  const u2 = `${API_BASE}${path3}`;
+  if (!params) return u2;
+  const sp = new URLSearchParams();
+  for (const [k2, v] of Object.entries(params)) {
+    if (v !== void 0) sp.set(k2, v);
+  }
+  const qs = sp.toString();
+  return qs ? `${u2}?${qs}` : u2;
+}
+var KIND_EXIT, api;
+var init_api_client = __esm({
+  "src/cli/lib/api-client.ts"() {
+    "use strict";
+    init_credentials();
+    init_http();
+    init_errors();
+    init_api_base();
+    KIND_EXIT = {
+      AUTH_REQUIRED: ExitCode.NO_PERM,
+      AUTH_EXPIRED: ExitCode.NO_PERM,
+      AUTH_FORBIDDEN: ExitCode.NO_PERM,
+      INVALID_INPUT: ExitCode.USAGE,
+      MISSING_ARGUMENT: ExitCode.USAGE,
+      NOT_FOUND: ExitCode.NOT_FOUND,
+      CONFLICT: ExitCode.CONFLICT,
+      RATE_LIMITED: ExitCode.TEMP_FAIL,
+      NETWORK_ERROR: ExitCode.UNAVAILABLE,
+      TIMEOUT: ExitCode.TEMP_FAIL,
+      SERVICE_UNAVAILABLE: ExitCode.UNAVAILABLE
+    };
+    api = {
+      async get(path3, params) {
+        try {
+          const resp = await http.get(url(path3, params), { headers: await apiHeaders() });
+          return resp.data;
+        } catch (err) {
+          throw toCliError(err);
+        }
+      },
+      async post(path3, body) {
+        try {
+          const resp = await http.post(url(path3), body, { headers: await apiHeaders() });
+          return resp.data;
+        } catch (err) {
+          throw toCliError(err);
+        }
+      },
+      async patch(path3, body) {
+        try {
+          const resp = await http.patch(url(path3), body, { headers: await apiHeaders() });
+          return resp.data;
+        } catch (err) {
+          throw toCliError(err);
+        }
+      },
+      async del(path3) {
+        try {
+          const resp = await http.delete(url(path3), { headers: await apiHeaders() });
+          return resp.data;
+        } catch (err) {
+          throw toCliError(err);
+        }
+      }
+    };
+  }
+});
+// src/cli/auth/credentials.ts
+function loadCredentials() {
+  try {
+    const path3 = getCredentialsPath();
+    if (process.platform !== "win32" && fs2.statSync(path3).mode & 63) {
+      process.stderr.write(`[warn] credentials file is group/other-readable. Run: chmod 600 ${path3}
+`);
+    }
+    const data = JSON.parse(fs2.readFileSync(path3, "utf8"));
+    if (typeof data?.refreshToken !== "string" || typeof data?.uid !== "string" || typeof data?.email !== "string") {
+      return null;
+    }
+    return data;
+  } catch {
+    return null;
+  }
+}
+function saveCredentials(creds) {
+  ensureConfigDir();
+  const path3 = getCredentialsPath();
+  fs2.writeFileSync(path3, JSON.stringify(creds, null, 2), { mode: 384 });
+  if (process.platform !== "win32") fs2.chmodSync(path3, 384);
+}
+function clearCredentials() {
+  try {
+    const credPath = getCredentialsPath();
+    const stat = fs2.statSync(credPath);
+    fs2.writeFileSync(credPath, crypto.randomBytes(stat.size));
+    fs2.unlinkSync(credPath);
+  } catch {
+  }
+}
+async function getIdToken() {
+  const envToken = process.env.NUMO_TOKEN;
+  if (envToken) return envToken;
+  const creds = loadCredentials();
+  if (!creds) throw new Error("Not logged in. Run: numo login");
+  if (creds.idToken && creds.idTokenExpiry && Date.now() < creds.idTokenExpiry - 6e4) {
+    return creds.idToken;
+  }
+  if (refreshInFlight) return refreshInFlight;
+  refreshInFlight = performRefresh(creds).finally(() => {
+    refreshInFlight = null;
+  });
+  return refreshInFlight;
+}
+async function performRefresh(creds) {
+  assertSafeApiBase();
+  const { API_BASE: apiBase } = await Promise.resolve().then(() => (init_api_client(), api_client_exports));
+  const { http: http2 } = await Promise.resolve().then(() => (init_http(), http_exports));
+  const resp = await http2.post(
+    `${apiBase}/api/auth/refresh`,
+    { refreshToken: creds.refreshToken }
+  );
+  creds.idToken = resp.data.idToken;
+  creds.refreshToken = resp.data.refreshToken ?? creds.refreshToken;
+  creds.idTokenExpiry = Date.now() + (resp.data.expiresIn || 3600) * 1e3;
+  saveCredentials(creds);
+  return creds.idToken;
+}
+var fs2, crypto, refreshInFlight;
+var init_credentials = __esm({
+  "src/cli/auth/credentials.ts"() {
+    "use strict";
+    fs2 = __toESM(require("fs"), 1);
+    crypto = __toESM(require("crypto"), 1);
+    init_dirs();
+    init_api_base();
+    refreshInFlight = null;
+  }
+});
 // src/cli/lib/tty.ts
 function isInteractive() {
   if (!process.stdin.isTTY || !process.stdout.isTTY) return false;
@@ -4931,7 +5315,12 @@ async function loadClack() {
 }
 async function promptText(opts) {
   if (!isInteractive()) {
-    throw new Error(`Missing required input: ${opts.message}. Use flags in non-interactive mode.`);
+    throw new CliError(
+      "MISSING_ARGUMENT" /* MISSING_ARGUMENT */,
+      `Missing required input: ${opts.message}`,
+      ExitCode.USAGE,
+      { hint: "Use flags in non-interactive mode." }
+    );
   }
   const p = await loadClack();
   const value = await p.text({
@@ -4946,7 +5335,12 @@ async function promptText(opts) {
 }
 async function promptPassword(opts) {
   if (!isInteractive()) {
-    throw new Error(`Missing required input: ${opts.message}. Use flags in non-interactive mode.`);
+    throw new CliError(
+      "MISSING_ARGUMENT" /* MISSING_ARGUMENT */,
+      `Missing required input: ${opts.message}`,
+      ExitCode.USAGE,
+      { hint: "Use flags in non-interactive mode." }
+    );
   }
   const p = await loadClack();
   const value = await p.password({
@@ -4960,7 +5354,12 @@ async function promptPassword(opts) {
 }
 async function promptSelect(opts) {
   if (!isInteractive()) {
-    throw new Error(`Missing required input: ${opts.message}. Use flags in non-interactive mode.`);
+    throw new CliError(
+      "MISSING_ARGUMENT" /* MISSING_ARGUMENT */,
+      `Missing required input: ${opts.message}`,
+      ExitCode.USAGE,
+      { hint: "Use flags in non-interactive mode." }
+    );
   }
   const p = await loadClack();
   const value = await p.select({
@@ -4988,137 +5387,39 @@ async function promptConfirm(opts) {
 }
 async function promptMultiSelect(opts) {
   if (!isInteractive()) {
-    throw new Error(`Missing required input: ${opts.message}. Use flags in non-interactive mode.`);
-  }
-  const p = await loadClack();
-  const value = await p.multiselect({
-    message: opts.message,
-    options: opts.options,
-    required: opts.required ?? false
-  });
-  if (p.isCancel(value)) {
-    process.exit(130);
-  }
-  return value;
-}
-async function promptForMissing(opts) {
-  if (opts.value !== void 0 && opts.value !== "") {
-    return opts.value;
-  }
-  return promptText({
-    message: opts.message,
-    placeholder: opts.placeholder,
-    required: opts.required ?? true
-  });
-}
-var init_prompts = __esm({
-  "src/cli/lib/prompts.ts"() {
-    "use strict";
-    init_tty();
-  }
-});
-// src/cli/lib/errors.ts
-function classifyError(err) {
-  if (err instanceof CliError) return err;
-  const axiosErr = err;
-  if (axiosErr.code === "ECONNABORTED" || axiosErr.code === "ETIMEDOUT") return Errors.timeout();
-  if (axiosErr.code === "ENOTFOUND" || axiosErr.code === "EAI_AGAIN") return Errors.networkError();
-  if (axiosErr.code === "ECONNREFUSED" || axiosErr.code === "ECONNRESET") {
-    return Errors.networkError("Service may be temporarily down. Try again in a moment.");
-  }
-  const status = axiosErr.response?.status;
-  if (status === 401) return Errors.authRequired();
-  if (status === 403) {
-    return new CliError("AUTH_FORBIDDEN" /* AUTH_FORBIDDEN */, "Access denied", ExitCode.NO_PERM, {
-      hint: "You don't have permission for this action."
-    });
-  }
-  if (status === 404) return Errors.notFound("Resource");
-  if (status === 429) {
-    const retryAfter = parseInt(axiosErr.response?.headers?.["retry-after"] ?? "");
-    return Errors.rateLimited(isNaN(retryAfter) ? void 0 : retryAfter);
+    throw new CliError(
+      "MISSING_ARGUMENT" /* MISSING_ARGUMENT */,
+      `Missing required input: ${opts.message}`,
+      ExitCode.USAGE,
+      { hint: "Use flags in non-interactive mode." }
+    );
   }
-  if (status && status >= 500) {
-    return new CliError("SERVICE_UNAVAILABLE" /* SERVICE_UNAVAILABLE */, "Server error", ExitCode.UNAVAILABLE, {
-      hint: "This is on our end. Try again in a moment.",
-      retryable: true
-    });
+  const p = await loadClack();
+  const value = await p.multiselect({
+    message: opts.message,
+    options: opts.options,
+    required: opts.required ?? false
+  });
+  if (p.isCancel(value)) {
+    process.exit(130);
   }
-  const body = axiosErr.response?.data;
-  const raw = body?.error?.message ?? axiosErr.message ?? "Unknown error";
-  const message = sanitizeErrorMessage(raw);
-  return new CliError("UNKNOWN" /* UNKNOWN */, message, ExitCode.GENERAL, { cause: err });
+  return value;
 }
-function sanitizeErrorMessage(msg) {
-  return msg.replace(/https?:\/\/\S+/g, "<url>").replace(/\/(?:Users|home|var|tmp)\/\S+/g, "<path>").replace(/[A-Za-z0-9_-]{40,}/g, "<token>");
+async function promptForMissing(opts) {
+  if (opts.value !== void 0 && opts.value !== "") {
+    return opts.value;
+  }
+  return promptText({
+    message: opts.message,
+    placeholder: opts.placeholder,
+    required: opts.required ?? true
+  });
 }
-var ExitCode, CliError, Errors;
-var init_errors = __esm({
-  "src/cli/lib/errors.ts"() {
+var init_prompts = __esm({
+  "src/cli/lib/prompts.ts"() {
     "use strict";
-    ExitCode = {
-      OK: 0,
-      GENERAL: 1,
-      USAGE: 2,
-      UNAVAILABLE: 69,
-      TEMP_FAIL: 75,
-      NO_PERM: 77,
-      CONFIG: 78,
-      NOT_FOUND: 100,
-      CONFLICT: 101
-    };
-    CliError = class extends Error {
-      constructor(kind, message, exitCode = ExitCode.GENERAL, options = {}) {
-        super(message);
-        this.kind = kind;
-        this.exitCode = exitCode;
-        this.options = options;
-        this.name = "CliError";
-      }
-      toJSON() {
-        return {
-          error: {
-            kind: this.kind,
-            code: this.exitCode,
-            message: this.message,
-            ...this.options.suggestion && { suggestion: this.options.suggestion },
-            ...this.options.hint && { hint: this.options.hint },
-            retryable: this.options.retryable ?? false,
-            ...this.options.retryAfter != null && { retryAfter: this.options.retryAfter }
-          }
-        };
-      }
-    };
-    Errors = {
-      authRequired: () => new CliError("AUTH_REQUIRED" /* AUTH_REQUIRED */, "Not logged in", ExitCode.NO_PERM, {
-        suggestion: "numo login"
-      }),
-      notFound: (resource, id) => new CliError("NOT_FOUND" /* NOT_FOUND */, `${resource} not found${id ? `: ${id}` : ""}`, ExitCode.NOT_FOUND, {
-        suggestion: `numo ${resource.toLowerCase()}s list`
-      }),
-      missingArg: (name, flag) => new CliError("MISSING_ARGUMENT" /* MISSING_ARGUMENT */, `${name} is required`, ExitCode.USAGE, {
-        suggestion: `Use --${flag}`,
-        hint: "Run with --help for all options."
-      }),
-      invalidInput: (message, hint) => new CliError("INVALID_INPUT" /* INVALID_INPUT */, message, ExitCode.USAGE, { hint }),
-      configMissing: (key) => new CliError("CONFIG_ERROR" /* CONFIG_ERROR */, `${key} not set`, ExitCode.CONFIG, {
-        suggestion: `export ${key}=<value>`
-      }),
-      networkError: (hint) => new CliError("NETWORK_ERROR" /* NETWORK_ERROR */, "Can't reach Numo servers", ExitCode.UNAVAILABLE, {
-        hint: hint ?? "Check your internet connection.",
-        retryable: true
-      }),
-      timeout: () => new CliError("TIMEOUT" /* TIMEOUT */, "Request timed out", ExitCode.TEMP_FAIL, {
-        hint: "The server took too long to respond. Try again.",
-        retryable: true
-      }),
-      rateLimited: (retryAfter) => new CliError("RATE_LIMITED" /* RATE_LIMITED */, "Too many requests", ExitCode.TEMP_FAIL, {
-        hint: retryAfter ? `Wait ${retryAfter} seconds and try again.` : "Wait a moment and try again.",
-        retryable: true,
-        retryAfter
-      })
-    };
+    init_tty();
+    init_errors();
   }
 });
@@ -5128,6 +5429,7 @@ __export(phone_login_exports, {
   authenticateWithPhone: () => authenticateWithPhone
 });
 async function authenticateWithPhone(spinner) {
+  assertSafeApiBase();
   const p = await Promise.resolve().then(() => (init_dist2(), dist_exports));
   const phone = await promptText({
     message: "Phone number (with country code)",
@@ -5144,7 +5446,7 @@ async function authenticateWithPhone(spinner) {
   const { sessionId, verifyUrl } = startResp.data;
   spinner.stop("");
   p.log.info("Opening browser for phone verification...");
-  p.log.info(import_picocolors.default.dim(`If the browser does not open, visit: ${verifyUrl}`));
+  p.log.info(import_picocolors4.default.dim(`If the browser does not open, visit: ${verifyUrl}`));
   const { default: open } = await import("open");
   const cp = await open(verifyUrl);
   cp.unref();
@@ -5171,15 +5473,16 @@ async function authenticateWithPhone(spinner) {
   }
   throw Errors.networkError("Phone verification timed out. Try again.");
 }
-var import_picocolors, API_BASE, POLL_INTERVAL, POLL_TIMEOUT;
+var import_picocolors4, POLL_INTERVAL, POLL_TIMEOUT;
 var init_phone_login = __esm({
   "src/cli/auth/phone-login.ts"() {
     "use strict";
     init_http();
-    import_picocolors = __toESM(require_picocolors(), 1);
+    import_picocolors4 = __toESM(require_picocolors(), 1);
     init_errors();
     init_prompts();
-    API_BASE = process.env.NUMO_API_URL ?? "http://localhost:3000";
+    init_api_client();
+    init_api_base();
     POLL_INTERVAL = 2e3;
     POLL_TIMEOUT = 5 * 60 * 1e3;
   }
@@ -5203,297 +5506,82 @@ var {
 } = import_index.default;
 // src/cli/cli.ts
-var import_picocolors13 = __toESM(require_picocolors(), 1);
+var import_picocolors12 = __toESM(require_picocolors(), 1);
 // src/cli/auth/login.ts
 init_http();
-var import_picocolors2 = __toESM(require_picocolors(), 1);
-// src/cli/auth/credentials.ts
-var fs2 = __toESM(require("fs"), 1);
-var crypto = __toESM(require("crypto"), 1);
-// src/cli/lib/dirs.ts
-var fs = __toESM(require("fs"), 1);
-var path = __toESM(require("path"), 1);
-var os = __toESM(require("os"), 1);
-var LEGACY_DIR = path.join(os.homedir(), ".numo");
-function getConfigDir() {
-  if (process.env.NUMO_CONFIG_DIR) {
-    return process.env.NUMO_CONFIG_DIR;
-  }
-  const xdgHome = process.env.XDG_CONFIG_HOME || path.join(os.homedir(), ".config");
-  const xdgDir = path.join(xdgHome, "numo");
-  if (fs.existsSync(xdgDir)) return xdgDir;
-  if (fs.existsSync(LEGACY_DIR)) return LEGACY_DIR;
-  return xdgDir;
-}
-function ensureConfigDir() {
-  const dir = getConfigDir();
-  if (!fs.existsSync(dir)) {
-    fs.mkdirSync(dir, { recursive: true, mode: 448 });
-  }
-  return dir;
-}
-function getCredentialsPath() {
-  return path.join(getConfigDir(), "credentials.json");
-}
-function migrateIfNeeded() {
-  const xdgHome = process.env.XDG_CONFIG_HOME || path.join(os.homedir(), ".config");
-  const xdgDir = path.join(xdgHome, "numo");
-  if (process.env.NUMO_CONFIG_DIR) return;
-  const legacyCreds = path.join(LEGACY_DIR, "credentials.json");
-  if (!fs.existsSync(legacyCreds) || fs.existsSync(xdgDir)) return;
-  try {
-    fs.mkdirSync(xdgDir, { recursive: true, mode: 448 });
-    const data = fs.readFileSync(legacyCreds, "utf8");
-    fs.writeFileSync(path.join(xdgDir, "credentials.json"), data, { mode: 384 });
-    const legacyStreaks = path.join(LEGACY_DIR, "streaks.json");
-    if (fs.existsSync(legacyStreaks)) {
-      const streaksData = fs.readFileSync(legacyStreaks, "utf8");
-      fs.writeFileSync(path.join(xdgDir, "streaks.json"), streaksData, { mode: 384 });
-    }
-    process.stderr.write(`Migrated config from ${LEGACY_DIR} to ${xdgDir}
-`);
-  } catch {
-  }
-}
-// src/cli/auth/credentials.ts
-function loadCredentials() {
-  try {
-    const data = JSON.parse(fs2.readFileSync(getCredentialsPath(), "utf8"));
-    if (typeof data?.refreshToken !== "string" || typeof data?.uid !== "string" || typeof data?.email !== "string") {
-      return null;
-    }
-    return data;
-  } catch {
-    return null;
-  }
-}
-function saveCredentials(creds) {
-  ensureConfigDir();
-  fs2.writeFileSync(getCredentialsPath(), JSON.stringify(creds, null, 2), { mode: 384 });
-}
-function clearCredentials() {
-  try {
-    const credPath = getCredentialsPath();
-    const stat = fs2.statSync(credPath);
-    fs2.writeFileSync(credPath, crypto.randomBytes(stat.size));
-    fs2.unlinkSync(credPath);
-  } catch {
-  }
-}
-var refreshInFlight = null;
-async function getIdToken() {
-  const envToken = process.env.NUMO_TOKEN;
-  if (envToken) return envToken;
-  const creds = loadCredentials();
-  if (!creds) throw new Error("Not logged in. Run: numo login");
-  if (creds.idToken && creds.idTokenExpiry && Date.now() < creds.idTokenExpiry - 6e4) {
-    return creds.idToken;
-  }
-  if (refreshInFlight) return refreshInFlight;
-  refreshInFlight = performRefresh(creds).finally(() => {
-    refreshInFlight = null;
-  });
-  return refreshInFlight;
-}
-async function performRefresh(creds) {
-  const apiBase = process.env.NUMO_API_URL ?? "http://localhost:3000";
-  const { http: http2 } = await Promise.resolve().then(() => (init_http(), http_exports));
-  const resp = await http2.post(
-    `${apiBase}/api/auth/refresh`,
-    { refreshToken: creds.refreshToken }
-  );
-  creds.idToken = resp.data.idToken;
-  creds.refreshToken = resp.data.refreshToken ?? creds.refreshToken;
-  creds.idTokenExpiry = Date.now() + (resp.data.expiresIn || 3600) * 1e3;
-  saveCredentials(creds);
-  return creds.idToken;
-}
+var import_picocolors5 = __toESM(require_picocolors(), 1);
+init_credentials();
-// src/cli/auth/login.ts
-init_prompts();
-init_errors();
-var API_BASE2 = process.env.NUMO_API_URL ?? "http://localhost:3000";
-async function authenticateWithEmail(spinner) {
-  const email = await promptText({ message: "Email", required: true });
-  const password = await promptPassword({ message: "Password" });
-  spinner.start("Signing in...");
-  const resp = await http.post(
-    `${API_BASE2}/api/auth/login`,
-    { email, password }
-  );
-  return {
-    refreshToken: resp.data.refreshToken,
-    uid: resp.data.uid,
-    displayName: resp.data.email ?? email,
-    idToken: resp.data.idToken,
-    idTokenExpiry: Date.now() + (resp.data.expiresIn || 3600) * 1e3
-  };
-}
-function printSuccess(displayName) {
-  const lines = [
-    `  ${import_picocolors2.default.dim("$")} numo tasks list --date YYYY-MM-DD   List tasks for a date`,
-    `  ${import_picocolors2.default.dim("$")} numo tasks create --text "..."       Create a task`,
-    `  ${import_picocolors2.default.dim("$")} numo profile                         View your profile`
-  ];
-  console.log(`
-  ${import_picocolors2.default.bold("Available commands:")}
-${lines.join("\n")}
-`);
-}
-async function login(options = {}) {
-  const p = await Promise.resolve().then(() => (init_dist2(), dist_exports));
-  p.intro(import_picocolors2.default.bold("Numo \u2014 Login"));
-  let method = options.phone ? "phone" : "email";
-  if (!options.phone) {
-    method = await promptSelect({
-      message: "How would you like to sign in?",
-      options: [
-        { value: "email", label: "Email & password" },
-        { value: "phone", label: "Phone number (SMS)" }
-      ]
-    });
-  }
-  const s = p.spinner();
-  try {
-    let result;
-    if (method === "phone") {
-      const { authenticateWithPhone: authenticateWithPhone2 } = await Promise.resolve().then(() => (init_phone_login(), phone_login_exports));
-      result = await authenticateWithPhone2(s);
-    } else {
-      result = await authenticateWithEmail(s);
-    }
-    saveCredentials({
-      refreshToken: result.refreshToken,
-      uid: result.uid,
-      email: result.displayName,
-      idToken: result.idToken,
-      idTokenExpiry: result.idTokenExpiry
-    });
-    s.stop(`Logged in as ${import_picocolors2.default.green(result.displayName)}`);
-    p.outro("You are ready to go!");
-    printSuccess(result.displayName);
-  } catch (err) {
-    const classified = err instanceof CliError ? err : classifyError(err);
-    s.stop(import_picocolors2.default.red("Login failed"));
-    p.log.error(classified.message);
-    if (classified.options.hint) p.log.warning(classified.options.hint);
-    process.exit(classified.exitCode);
+// src/cli/lib/command-map.ts
+var import_picocolors = __toESM(require_picocolors(), 1);
+function collectCommands(root) {
+  const out = [];
+  function walk(cmd, prefix) {
+    for (const sub of cmd.commands) {
+      const fullName = prefix ? `${prefix} ${sub.name()}` : sub.name();
+      if (sub.commands.length > 0) {
+        walk(sub, fullName);
+      } else {
+        out.push({
+          name: fullName,
+          description: sub.description(),
+          options: sub.options.map((o) => o.flags)
+        });
+      }
+    }
+  }
+  walk(root, "");
+  return out;
+}
+var FOCUS_GROUPS = /* @__PURE__ */ new Set(["tasks", "posts", "profile", "doctor"]);
+function focusCommands(commands) {
+  return commands.filter((c) => FOCUS_GROUPS.has(c.name.split(" ")[0]));
+}
+function formatCommandMap(commands) {
+  const lines = [];
+  let lastGroup = "";
+  for (const cmd of commands) {
+    const group = cmd.name.split(" ")[0];
+    if (group !== lastGroup) {
+      if (lastGroup) lines.push("");
+      lines.push(`  ${import_picocolors.default.bold(group.charAt(0).toUpperCase() + group.slice(1) + ":")}`);
+      lastGroup = group;
+    }
+    lines.push(`    numo ${cmd.name.padEnd(30)} ${import_picocolors.default.dim(cmd.description)}`);
   }
+  return lines.join("\n");
 }
-// src/cli/auth/register.ts
-init_http();
-var import_picocolors3 = __toESM(require_picocolors(), 1);
+// src/cli/auth/login.ts
 init_prompts();
 init_errors();
+init_api_client();
+init_api_base();
+// src/cli/lib/quiet.ts
 init_tty();
-var API_BASE3 = process.env.NUMO_API_URL ?? "http://localhost:3000";
-function validateEmail(email) {
-  const trimmed = email.trim();
-  if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(trimmed)) {
-    throw Errors.invalidInput("Invalid email address");
-  }
-  return trimmed;
-}
-function validatePassword(password) {
-  if (password.length < 6) {
-    throw Errors.invalidInput("Password is too weak (min 6 characters)");
-  }
-  return password;
-}
-function classifySignUpError(err) {
-  if (err instanceof CliError) return err;
-  const resp = err?.response?.data?.error;
-  const kind = resp?.kind ?? "";
-  const msg = resp?.message ?? "";
-  if (kind === "CONFLICT" || msg.includes("already in use")) {
-    return Errors.invalidInput(
-      "Email already in use",
-      "Already have an account? Run: numo login"
-    );
-  }
-  if (msg.includes("Invalid email")) {
-    return Errors.invalidInput("Invalid email address");
-  }
-  if (msg.includes("Password too weak") || msg.includes("min 6")) {
-    return Errors.invalidInput("Password is too weak (min 6 characters)");
-  }
-  return classifyError(err);
-}
-async function signUp(email, password) {
-  try {
-    const resp = await http.post(`${API_BASE3}/api/auth/register`, {
-      email,
-      password,
-      tz: Intl.DateTimeFormat().resolvedOptions().timeZone,
-      tzOffset: (/* @__PURE__ */ new Date()).getTimezoneOffset()
-    });
-    return {
-      refreshToken: resp.data.refreshToken,
-      uid: resp.data.uid,
-      displayName: resp.data.email ?? email,
-      idToken: resp.data.idToken,
-      idTokenExpiry: Date.now() + (resp.data.expiresIn || 3600) * 1e3
-    };
-  } catch (err) {
-    throw classifySignUpError(err);
+var noopSpinner = {
+  start: () => {
+  },
+  stop: () => {
   }
+};
+function isQuietMode(opts = {}) {
+  return !!(opts.quiet || opts.json || !isInteractive());
 }
-async function register(options = {}) {
+async function makeClackSpinner(quietMode) {
+  if (quietMode) return noopSpinner;
   const p = await Promise.resolve().then(() => (init_dist2(), dist_exports));
-  p.intro(import_picocolors3.default.bold("Numo \u2014 Register"));
-  const s = p.spinner();
-  let spinnerActive = false;
-  try {
-    const email = validateEmail(
-      options.email ?? await promptText({ message: "Email", required: true })
-    );
-    const rawPassword = options.password ?? await promptPassword({ message: "Password" });
-    if (!options.password && isInteractive()) {
-      const confirm = await promptPassword({ message: "Confirm password" });
-      if (rawPassword !== confirm) {
-        throw Errors.invalidInput("Passwords do not match");
-      }
-    }
-    const password = validatePassword(rawPassword);
-    s.start("Creating account...");
-    spinnerActive = true;
-    const result = await signUp(email, password);
-    saveCredentials({
-      refreshToken: result.refreshToken,
-      uid: result.uid,
-      email: result.displayName,
-      idToken: result.idToken,
-      idTokenExpiry: result.idTokenExpiry
-    });
-    s.stop(`Registered as ${import_picocolors3.default.green(result.displayName)}`);
-    p.outro("Welcome to Numo!");
-    printSuccess(result.displayName);
-  } catch (err) {
-    const classified = err instanceof CliError ? err : classifySignUpError(err);
-    if (spinnerActive) s.stop(import_picocolors3.default.red("Registration failed"));
-    p.log.error(classified.message);
-    if (classified.options.hint) p.log.warning(classified.options.hint);
-    process.exit(classified.exitCode);
-  }
+  return p.spinner();
 }
-// src/cli/commands/tasks.ts
-var import_picocolors8 = __toESM(require_picocolors(), 1);
-// src/cli/lib/actions.ts
-init_tty();
 // src/cli/lib/output.ts
-var import_picocolors5 = __toESM(require_picocolors(), 1);
+var import_picocolors3 = __toESM(require_picocolors(), 1);
 init_tty();
 // src/cli/lib/table.ts
-var import_picocolors4 = __toESM(require_picocolors(), 1);
+var import_picocolors2 = __toESM(require_picocolors(), 1);
 init_tty();
 var BOX = isUnicodeSupported ? {
   topLeft: String.fromCodePoint(9484),
@@ -5532,17 +5620,17 @@ var BOX = isUnicodeSupported ? {
   cross: "+"
 };
 function renderTable(headers, rows, emptyMessage = "(no results)") {
-  if (rows.length === 0) return import_picocolors4.default.dim(emptyMessage);
+  if (rows.length === 0) return import_picocolors2.default.dim(emptyMessage);
   const widths = headers.map(
     (h2, i) => Math.max(h2.length, ...rows.map((r) => (r[i] ?? "").length))
   );
-  const pad = (s, w) => s + " ".repeat(Math.max(0, w - s.length));
+  const pad2 = (s, w) => s + " ".repeat(Math.max(0, w - s.length));
   const topBorder = BOX.topLeft + widths.map((w) => BOX.horizontal.repeat(w + 2)).join(BOX.midTop) + BOX.topRight;
   const midBorder = BOX.midLeft + widths.map((w) => BOX.horizontal.repeat(w + 2)).join(BOX.cross) + BOX.midRight;
   const bottomBorder = BOX.bottomLeft + widths.map((w) => BOX.horizontal.repeat(w + 2)).join(BOX.midBottom) + BOX.bottomRight;
   const formatRow = (cells, bold = false) => BOX.vertical + cells.map((c, i) => {
-    const padded = pad(c, widths[i]);
-    return ` ${bold ? import_picocolors4.default.bold(padded) : padded} `;
+    const padded = pad2(c, widths[i]);
+    return ` ${bold ? import_picocolors2.default.bold(padded) : padded} `;
   }).join(BOX.vertical) + BOX.vertical;
   const lines = [
     topBorder,
@@ -5576,17 +5664,15 @@ function printRecord(fields) {
   const visible = fields.filter(([, v]) => v != null && v !== "");
   const maxLabel = Math.max(...visible.map(([l]) => l.length));
   for (const [label, value] of visible) {
-    console.log(`  ${import_picocolors5.default.bold(label.padEnd(maxLabel))}  ${value}`);
+    console.log(`  ${import_picocolors3.default.bold(label.padEnd(maxLabel))}  ${value}`);
   }
 }
 function outputResult(data, asJson) {
-  if (asJson) {
-    printJson(data);
-  } else if (typeof data === "string") {
+  if (!asJson && typeof data === "string") {
     console.log(data);
-  } else {
-    printJson(data);
+    return;
   }
+  printJson(data);
 }
 function pickFields(obj, fields) {
   const result = {};
@@ -5621,148 +5707,145 @@ function outputError(err, asJson) {
     console.error(JSON.stringify(structured.toJSON(), null, 2));
   } else {
     console.error(`
-${import_picocolors5.default.red("Error")}: ${structured.message}`);
+${import_picocolors3.default.red("Error")}: ${structured.message}`);
     if (structured.options.suggestion) {
       console.error(`
-  ${import_picocolors5.default.dim("Fix:")} ${import_picocolors5.default.cyan("$")} ${import_picocolors5.default.bold(structured.options.suggestion)}`);
+  ${import_picocolors3.default.dim("Fix:")} ${import_picocolors3.default.cyan("$")} ${import_picocolors3.default.bold(structured.options.suggestion)}`);
     }
     if (structured.options.hint) {
-      console.error(`  ${import_picocolors5.default.dim(structured.options.hint)}`);
+      console.error(`  ${import_picocolors3.default.dim(structured.options.hint)}`);
     }
     console.error("");
   }
   process.exit(structured.exitCode);
 }
-// src/cli/lib/spinner.ts
-var import_picocolors6 = __toESM(require_picocolors(), 1);
-init_tty();
-// src/cli/lib/symbols.ts
-init_tty();
-var u = isUnicodeSupported;
-var SYM = {
-  check: u ? "\u2714" : "v",
-  // ✓
-  cross: u ? "\u2718" : "x",
-  // ✗
-  circle: u ? "\u25CB" : "o",
-  // ○
-  repeat: u ? "\u21BB" : "R",
-  // ↻
-  undo: u ? "\u21A9" : "<-",
-  // ↩
-  fire: u ? "\u{1F525}" : "*",
-  // 🔥
-  ellipsis: u ? "\u2026" : "...",
-  // …
-  dash: u ? "\u2500" : "-",
-  // ─
-  bullet: u ? "\u2022" : "*",
-  // •
-  arrow: u ? "\u2192" : "->"
-  // →
-};
-// src/cli/lib/spinner.ts
-var FRAMES = isUnicodeSupported ? [
-  String.fromCodePoint(10251),
-  String.fromCodePoint(10265),
-  String.fromCodePoint(10297),
-  String.fromCodePoint(10296),
-  String.fromCodePoint(10300),
-  String.fromCodePoint(10292),
-  String.fromCodePoint(10278),
-  String.fromCodePoint(10279),
-  String.fromCodePoint(10247),
-  String.fromCodePoint(10255)
-] : ["-", "\\", "|", "/"];
-var INTERVAL = 80;
-var MAX_RETRIES2 = 3;
-function createSpinner(interactive) {
-  if (!interactive) {
-    return { start() {
-    }, update() {
-    }, stop() {
-    }, fail() {
-    } };
-  }
-  let timer = null;
-  let frameIdx = 0;
-  let currentMsg = "";
-  function clear() {
-    process.stderr.write("\r\x1B[K");
-  }
+// src/cli/auth/login.ts
+async function postLogin(email, password) {
+  assertSafeApiBase();
+  const resp = await http.post(`${API_BASE}/api/auth/login`, { email, password });
   return {
-    start(msg) {
-      currentMsg = msg;
-      frameIdx = 0;
-      clear();
-      process.stderr.write(`${import_picocolors6.default.cyan(FRAMES[0])} ${msg}`);
-      timer = setInterval(() => {
-        frameIdx = (frameIdx + 1) % FRAMES.length;
-        clear();
-        process.stderr.write(`${import_picocolors6.default.cyan(FRAMES[frameIdx])} ${currentMsg}`);
-      }, INTERVAL);
-    },
-    update(msg) {
-      currentMsg = msg;
-    },
-    stop(msg) {
-      if (timer) {
-        clearInterval(timer);
-        timer = null;
-      }
-      clear();
-      process.stderr.write(`${import_picocolors6.default.green(SYM.check)} ${msg ?? currentMsg}
-`);
-    },
-    fail(msg) {
-      if (timer) {
-        clearInterval(timer);
-        timer = null;
-      }
-      clear();
-      process.stderr.write(`${import_picocolors6.default.red(SYM.cross)} ${msg}
-`);
-    }
+    refreshToken: resp.data.refreshToken,
+    uid: resp.data.uid,
+    displayName: resp.data.email ?? email,
+    idToken: resp.data.idToken,
+    idTokenExpiry: Date.now() + (resp.data.expiresIn || 3600) * 1e3
   };
 }
-function delay2(ms) {
-  return new Promise((r) => setTimeout(r, ms));
+async function authenticateInteractive(spinner) {
+  const email = await promptText({ message: "Email", required: true });
+  const password = await promptPassword({ message: "Password" });
+  spinner.start("Signing in...");
+  return postLogin(email, password);
+}
+function printSuccess(root) {
+  const body = root ? formatCommandMap(focusCommands(collectCommands(root))) : `    ${import_picocolors5.default.dim("Run")} numo commands ${import_picocolors5.default.dim("to list every command.")}`;
+  console.log(`
+  ${import_picocolors5.default.bold("Available commands:")}
+${body}`);
+  console.log(`  ${import_picocolors5.default.dim("Run")} numo commands ${import_picocolors5.default.dim("to see all commands.")}
+`);
+}
+async function login(options = {}, root) {
+  const envEmail = process.env.NUMO_LOGIN_EMAIL;
+  const envPassword = process.env.NUMO_LOGIN_PASSWORD;
+  const hasEnvCreds = !!(envEmail && envPassword);
+  const quietMode = isQuietMode(options);
+  if (quietMode && options.phone) {
+    outputError(
+      Errors.invalidInput(
+        "--phone requires an interactive terminal for SMS OTP entry",
+        "Use NUMO_LOGIN_EMAIL + NUMO_LOGIN_PASSWORD env vars for non-interactive login."
+      ),
+      true
+    );
+  }
+  if (quietMode && !hasEnvCreds && !options.phone) {
+    outputError(
+      Errors.configMissing("NUMO_LOGIN_EMAIL and NUMO_LOGIN_PASSWORD"),
+      true
+    );
+  }
+  const p = await Promise.resolve().then(() => (init_dist2(), dist_exports));
+  if (!quietMode) p.intro(import_picocolors5.default.bold("Numo \u2014 Login"));
+  let method = options.phone ? "phone" : "email";
+  if (!options.phone && !hasEnvCreds && !quietMode) {
+    method = await promptSelect({
+      message: "How would you like to sign in?",
+      options: [
+        { value: "email", label: "Email & password" },
+        { value: "phone", label: "Phone number (SMS)" }
+      ]
+    });
+  }
+  const s = await makeClackSpinner(quietMode);
+  try {
+    let result;
+    if (method === "phone") {
+      const { authenticateWithPhone: authenticateWithPhone2 } = await Promise.resolve().then(() => (init_phone_login(), phone_login_exports));
+      result = await authenticateWithPhone2(s);
+    } else if (hasEnvCreds) {
+      s.start("Signing in...");
+      result = await postLogin(envEmail, envPassword);
+    } else {
+      result = await authenticateInteractive(s);
+    }
+    saveCredentials({
+      refreshToken: result.refreshToken,
+      uid: result.uid,
+      email: result.displayName,
+      idToken: result.idToken,
+      idTokenExpiry: result.idTokenExpiry
+    });
+    if (quietMode) {
+      printJson({
+        ok: true,
+        uid: result.uid,
+        email: result.displayName,
+        idToken: result.idToken,
+        idTokenExpiry: result.idTokenExpiry
+      });
+      return;
+    }
+    s.stop(`Logged in as ${import_picocolors5.default.green(result.displayName)}`);
+    p.outro("You are ready to go!");
+    printSuccess(root);
+  } catch (err) {
+    const classified = err instanceof CliError ? err : classifyError(err);
+    if (quietMode) {
+      outputError(classified, true);
+    }
+    s.stop(import_picocolors5.default.red("Login failed"));
+    p.log.error(classified.message);
+    if (classified.options.hint) p.log.warning(classified.options.hint);
+    process.exit(classified.exitCode);
+  }
 }
+// src/cli/cli.ts
+init_credentials();
+init_dirs();
+// src/cli/commands/tasks.ts
+var import_picocolors7 = __toESM(require_picocolors(), 1);
+// src/cli/lib/spinner.ts
 async function withSpinner(interactive, message, fn) {
-  const spinner = createSpinner(interactive);
+  const spinner = await makeClackSpinner(!interactive);
   spinner.start(message);
-  for (let attempt = 0; attempt <= MAX_RETRIES2; attempt++) {
-    try {
-      const result = await fn();
-      spinner.stop(message);
-      return result;
-    } catch (err) {
-      const status = err.response?.status;
-      if (status === 429 && attempt < MAX_RETRIES2) {
-        const retryAfter = err.response?.headers?.["retry-after"];
-        const waitMs = retryAfter ? parseInt(retryAfter, 10) * 1e3 : 1e3 * Math.pow(2, attempt);
-        spinner.update(`Rate limited, retrying in ${Math.round(waitMs / 1e3)}s...`);
-        await delay2(waitMs);
-        spinner.update(message);
-        continue;
-      }
-      spinner.fail(message);
-      throw err;
-    }
+  try {
+    const result = await fn();
+    spinner.stop(message);
+    return result;
+  } catch (err) {
+    spinner.stop(message, 2);
+    throw err;
   }
-  throw new Error("Max retries exceeded");
 }
 // src/cli/lib/actions.ts
-function useJson(opts) {
-  return !!(opts.json || opts.quiet || !isInteractive());
-}
-function useSpinner(opts) {
-  return isInteractive() && !opts.quiet;
-}
+var useJson = isQuietMode;
+var useSpinner = (opts) => !isQuietMode(opts);
 async function runGet(opts) {
   try {
     const result = await withSpinner(
@@ -5848,157 +5931,81 @@ async function runWrite(opts) {
     outputError(err, useJson(opts.global));
   }
 }
-async function runDelete(opts) {
-  try {
-    await withSpinner(
-      useSpinner(opts.global),
-      opts.spinnerMessage ?? "Deleting...",
-      opts.fn
-    );
-    if (!opts.global.quiet) {
-      console.log(opts.successMessage);
-    }
-  } catch (err) {
-    outputError(err, useJson(opts.global));
-  }
-}
 // src/cli/lib/uid.ts
+init_credentials();
 init_errors();
+function uidFromToken(token) {
+  try {
+    const payload = JSON.parse(Buffer.from(token.split(".")[1] ?? "", "base64").toString("utf8"));
+    if (typeof payload.user_id === "string") return payload.user_id;
+    if (typeof payload.sub === "string") return payload.sub;
+    return null;
+  } catch {
+    return null;
+  }
+}
 function requireUid() {
+  if (process.env.NUMO_TOKEN) return uidFromToken(process.env.NUMO_TOKEN) ?? "";
   const creds = loadCredentials();
   if (!creds) throw Errors.authRequired();
   return creds.uid;
 }
-// src/cli/lib/api-client.ts
-init_http();
-init_errors();
-var API_BASE4 = process.env.NUMO_API_URL ?? "http://localhost:3000";
-if (API_BASE4 !== "http://localhost:3000" && API_BASE4.startsWith("http://")) {
-  process.stderr.write("[warn] NUMO_API_URL uses HTTP \u2014 tokens sent unencrypted. Use HTTPS in production.\n");
-}
-var KIND_EXIT = {
-  AUTH_REQUIRED: ExitCode.NO_PERM,
-  AUTH_EXPIRED: ExitCode.NO_PERM,
-  AUTH_FORBIDDEN: ExitCode.NO_PERM,
-  INVALID_INPUT: ExitCode.USAGE,
-  MISSING_ARGUMENT: ExitCode.USAGE,
-  NOT_FOUND: ExitCode.NOT_FOUND,
-  CONFLICT: ExitCode.CONFLICT,
-  RATE_LIMITED: ExitCode.TEMP_FAIL,
-  NETWORK_ERROR: ExitCode.UNAVAILABLE,
-  TIMEOUT: ExitCode.TEMP_FAIL,
-  SERVICE_UNAVAILABLE: ExitCode.UNAVAILABLE
-};
-function toCliError(err) {
-  if (err instanceof CliError) return err;
-  const httpErr = err;
-  if (httpErr.code === "ECONNABORTED" || httpErr.code === "ETIMEDOUT") {
-    return new CliError("TIMEOUT" /* TIMEOUT */, "Request timed out", ExitCode.TEMP_FAIL, {
-      hint: "The API server took too long to respond.",
-      retryable: true
-    });
-  }
-  if (httpErr.code === "ECONNREFUSED" || httpErr.code === "ECONNRESET" || httpErr.code === "ENOTFOUND") {
-    return new CliError("NETWORK_ERROR" /* NETWORK_ERROR */, "Can't reach Numo API", ExitCode.UNAVAILABLE, {
-      hint: "Is the API server running? Check NUMO_API_URL.",
-      retryable: true
-    });
-  }
-  const body = httpErr.response?.data;
-  if (body?.error) {
-    const e = body.error;
-    const kind = e.kind ?? "UNKNOWN" /* UNKNOWN */;
-    const exitCode = KIND_EXIT[kind] ?? ExitCode.GENERAL;
-    return new CliError(kind, e.message ?? "Unknown error", exitCode, {
-      retryable: e.retryable,
-      retryAfter: e.retryAfter
-    });
-  }
-  return new CliError("UNKNOWN" /* UNKNOWN */, httpErr.message ?? "Unknown error", ExitCode.GENERAL);
-}
-async function apiHeaders() {
-  const token = await getIdToken();
-  return {
-    Authorization: `Bearer ${token}`,
-    "Content-Type": "application/json"
-  };
-}
-function url(path3, params) {
-  const u2 = `${API_BASE4}${path3}`;
-  if (!params) return u2;
-  const sp = new URLSearchParams();
-  for (const [k2, v] of Object.entries(params)) {
-    if (v !== void 0) sp.set(k2, v);
-  }
-  const qs = sp.toString();
-  return qs ? `${u2}?${qs}` : u2;
-}
-var api = {
-  async get(path3, params) {
-    try {
-      const resp = await http.get(url(path3, params), { headers: await apiHeaders() });
-      return resp.data;
-    } catch (err) {
-      throw toCliError(err);
-    }
-  },
-  async post(path3, body) {
-    try {
-      const resp = await http.post(url(path3), body, { headers: await apiHeaders() });
-      return resp.data;
-    } catch (err) {
-      throw toCliError(err);
-    }
-  },
-  async patch(path3, body) {
-    try {
-      const resp = await http.patch(url(path3), body, { headers: await apiHeaders() });
-      return resp.data;
-    } catch (err) {
-      throw toCliError(err);
-    }
-  },
-  async del(path3) {
-    try {
-      const resp = await http.delete(url(path3), { headers: await apiHeaders() });
-      return resp.data;
-    } catch (err) {
-      throw toCliError(err);
-    }
-  }
-};
 // src/cli/services/tasks.ts
-async function listTasks(uid, opts) {
+init_api_client();
+async function listTasks(opts) {
   return api.get("/api/tasks", {
     date: opts.date,
     backlog: opts.backlog ? "true" : void 0,
     tag: opts.tag
   });
 }
-async function getTask(uid, id) {
+async function getTask(id) {
   return api.get(`/api/tasks/${encodeURIComponent(id)}`);
 }
-async function createTask(uid, body) {
+async function createTask(body) {
   return api.post("/api/tasks", body);
 }
-async function updateTask(uid, id, body) {
+async function updateTask(id, body) {
   return api.patch(`/api/tasks/${encodeURIComponent(id)}`, body);
 }
-async function deleteTask(uid, id) {
+async function deleteTask(id) {
   return api.del(`/api/tasks/${encodeURIComponent(id)}`);
 }
-async function completeTask(uid, id, date) {
+async function completeTask(id, date) {
   return api.post(`/api/tasks/${encodeURIComponent(id)}/complete`, date ? { date } : void 0);
 }
-async function uncompleteTask(uid, taskHistoryId) {
+async function uncompleteTask(taskHistoryId) {
   return api.post(`/api/tasks/${encodeURIComponent(taskHistoryId)}/uncomplete`);
 }
 // src/cli/lib/format.ts
-var import_picocolors7 = __toESM(require_picocolors(), 1);
+var import_picocolors6 = __toESM(require_picocolors(), 1);
+// src/cli/lib/symbols.ts
+init_tty();
+var u = isUnicodeSupported;
+var SYM = {
+  check: u ? "\u2714" : "v",
+  // ✓
+  cross: u ? "\u2718" : "x",
+  // ✗
+  circle: u ? "\u25CB" : "o",
+  // ○
+  repeat: u ? "\u21BB" : "R",
+  // ↻
+  undo: u ? "\u21A9" : "<-",
+  // ↩
+  fire: u ? "\u{1F525}" : "*",
+  // 🔥
+  ellipsis: u ? "\u2026" : "...",
+  // …
+  dash: u ? "\u2500" : "-"
+  // ─
+};
+// src/cli/lib/format.ts
 function formatDate(ts) {
   if (ts == null) return "";
   const d = typeof ts === "number" ? new Date(ts) : new Date(ts);
@@ -6026,7 +6033,7 @@ function formatRelativeDate(ts) {
 }
 function formatTags(tags) {
   if (!Array.isArray(tags) || tags.length === 0) return "";
-  return tags.map((t2) => import_picocolors7.default.cyan(`#${t2}`)).join(" ");
+  return tags.map((t2) => import_picocolors6.default.cyan(`#${t2}`)).join(" ");
 }
 function formatDifficulty(d) {
   if (d == null) return "";
@@ -6066,21 +6073,21 @@ function formatWeekdayHeader(date, streakCount) {
   const cols = process.stdout.columns ?? 80;
   const fire = SYM.fire;
   const streakStr = streakCount && streakCount > 0 ? `${fire} ${streakCount}` : "";
-  const pad = Math.max(0, cols - weekday.length - streakStr.length - 4);
-  const line1 = `  ${import_picocolors7.default.bold(weekday)}${" ".repeat(pad)}${streakStr}`;
-  const line2 = `  ${import_picocolors7.default.dim(fullDate)}`;
+  const pad2 = Math.max(0, cols - weekday.length - streakStr.length - 4);
+  const line1 = `  ${import_picocolors6.default.bold(weekday)}${" ".repeat(pad2)}${streakStr}`;
+  const line2 = `  ${import_picocolors6.default.dim(fullDate)}`;
   return `${line1}
 ${line2}`;
 }
 function formatKarmaGain(points, checksInRow) {
-  const base = import_picocolors7.default.green(`+${points} karma`);
+  const base = import_picocolors6.default.green(`+${points} karma`);
   if (checksInRow && checksInRow > 1) {
-    return `${base} ${import_picocolors7.default.yellow(`streak x${checksInRow}!`)}`;
+    return `${base} ${import_picocolors6.default.yellow(`streak x${checksInRow}!`)}`;
   }
   return base;
 }
 function formatProgressSummary(completed, total) {
-  return import_picocolors7.default.dim(`${completed}/${total} done today`);
+  return import_picocolors6.default.dim(`${completed}/${total} done today`);
 }
 function formatTagsSummary(tasks) {
   const counts = {};
@@ -6092,7 +6099,7 @@ function formatTagsSummary(tasks) {
   }
   const entries = Object.entries(counts);
   if (entries.length === 0) return "";
-  return entries.map(([tag, count]) => `${import_picocolors7.default.cyan("#" + tag)}${import_picocolors7.default.dim("(" + count + ")")}`).join("  ");
+  return entries.map(([tag, count]) => `${import_picocolors6.default.cyan("#" + tag)}${import_picocolors6.default.dim("(" + count + ")")}`).join("  ");
 }
 // src/cli/commands/tasks.ts
@@ -8966,6 +8973,99 @@ function parseHumanDateOnly(input) {
   return result.slice(0, 10);
 }
+// src/cli/lib/task-dates.ts
+function pad(n) {
+  return String(n).padStart(2, "0");
+}
+function localDateOnly(d = /* @__PURE__ */ new Date()) {
+  return `${d.getFullYear()}-${pad(d.getMonth() + 1)}-${pad(d.getDate())}`;
+}
+function localDateOffset(n, base = /* @__PURE__ */ new Date()) {
+  const d = new Date(base);
+  d.setDate(d.getDate() + n);
+  return localDateOnly(d);
+}
+function toApiDueDate(s) {
+  return /^\d{4}-\d{2}-\d{2}$/.test(s) ? `${s} 00:00` : s.slice(0, 16);
+}
+function dueDateHasTime(dueDate) {
+  if (!dueDate) return false;
+  const m = dueDate.match(/ (\d{2}):(\d{2})$/);
+  if (!m) return false;
+  return !(m[1] === "00" && m[2] === "00");
+}
+function normalizeDueDateInBody(body) {
+  if (typeof body.dueDate === "string") {
+    const due = toApiDueDate(body.dueDate);
+    body.dueDate = due;
+    body.withTime = dueDateHasTime(due);
+  }
+}
+function isCompletableDate(date, now2 = /* @__PURE__ */ new Date()) {
+  const dateOnly = date.slice(0, 10);
+  return dateOnly === localDateOnly(now2) || dateOnly === localDateOffset(-1, now2);
+}
+// src/cli/lib/task-repeat.ts
+init_errors();
+var WEEKDAY_LOOKUP = {
+  mon: "Mon",
+  monday: "Mon",
+  tue: "Tue",
+  tues: "Tue",
+  tuesday: "Tue",
+  wed: "Wed",
+  weds: "Wed",
+  wednesday: "Wed",
+  thu: "Thu",
+  thur: "Thu",
+  thurs: "Thu",
+  thursday: "Thu",
+  fri: "Fri",
+  friday: "Fri",
+  sat: "Sat",
+  saturday: "Sat",
+  sun: "Sun",
+  sunday: "Sun"
+};
+var REPEAT_TYPES = ["daily", "weekly", "monthly", "none"];
+function normalizeWeekday(s) {
+  const day = WEEKDAY_LOOKUP[s.trim().toLowerCase()];
+  if (!day) throw Errors.invalidInput(`Invalid weekday: "${s}". Use Mon,Tue,Wed,Thu,Fri,Sat,Sun`);
+  return day;
+}
+function buildRepeatConfig(opts) {
+  if (opts.repeat === void 0) return void 0;
+  const type = opts.repeat;
+  if (!REPEAT_TYPES.includes(type)) {
+    throw Errors.invalidInput(`--repeat must be one of: ${REPEAT_TYPES.join(", ")}`);
+  }
+  const every = opts.every !== void 0 ? parseInt(opts.every, 10) : 1;
+  if (!Number.isFinite(every) || every < 1 || every > 365) {
+    throw Errors.invalidInput("--every must be an integer 1-365");
+  }
+  const repeat = { type, every, custom: false, monthDays: null, weekDays: null };
+  if (type === "weekly" && opts.weekdays) {
+    repeat.weekDays = opts.weekdays.split(",").map((d) => normalizeWeekday(d));
+  }
+  if (type === "monthly" && opts.monthDays) {
+    repeat.monthDays = opts.monthDays.split(",").map((s) => {
+      const n = parseInt(s.trim(), 10);
+      if (!Number.isFinite(n) || n < 1 || n > 31) {
+        throw Errors.invalidInput(`--month-days must be 1-31 (got "${s.trim()}")`);
+      }
+      return n;
+    });
+  }
+  return repeat;
+}
+// src/cli/lib/task-subtasks.ts
+var import_node_crypto = require("node:crypto");
+function buildSubtasks(texts) {
+  return texts.map((t2) => t2.trim()).filter((t2) => t2.length > 0).map((text) => ({ id: (0, import_node_crypto.randomUUID)(), text, completed: false }));
+}
 // src/cli/lib/stdin.ts
 var fs3 = __toESM(require("fs"), 1);
 function readStdinLines() {
@@ -8974,13 +9074,16 @@ function readStdinLines() {
 }
 // src/cli/commands/tasks.ts
-async function pickTask(uid, id, actionName) {
+function collectValue(value, previous) {
+  return previous.concat([value]);
+}
+async function pickTask(id, actionName) {
   if (id) return id;
   if (!isInteractive()) {
     throw Errors.missingArg("Task ID", "id");
   }
-  const today2 = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
-  const { tasks } = await listTasks(uid, { date: today2 });
+  const today2 = localDateOnly();
+  const { tasks } = await listTasks({ date: today2 });
   const pending = tasks.filter((t2) => !t2.completed);
   if (pending.length === 0) {
     throw Errors.invalidInput(`No pending tasks for today (${today2}). Use: numo tasks ${actionName} <id>`);
@@ -8989,23 +9092,21 @@ async function pickTask(uid, id, actionName) {
     message: `Select task to ${actionName}`,
     options: pending.map((t2) => ({
       value: t2.id,
-      label: `${truncate(t2.text, 50)}  ${import_picocolors8.default.dim(t2.id)}`
+      label: `${truncate(t2.text, 50)}  ${import_picocolors7.default.dim(t2.id)}`
     }))
   });
   return selected;
 }
 function resolveDate(opts) {
   if (opts.backlog) return void 0;
-  const fmt = (d) => d.toISOString().slice(0, 10);
-  const today2 = /* @__PURE__ */ new Date();
-  if (opts.yesterday) return fmt(new Date(today2.getTime() - 864e5));
-  if (opts.tomorrow) return fmt(new Date(today2.getTime() + 864e5));
+  if (opts.yesterday) return localDateOffset(-1);
+  if (opts.tomorrow) return localDateOffset(1);
   if (opts.date) {
     const parsed = parseHumanDateOnly(opts.date);
     if (!parsed) throw Errors.invalidInput(`Cannot parse date: "${opts.date}". Use YYYY-MM-DD or natural language (tomorrow, next monday, etc.)`);
     return parsed;
   }
-  return fmt(today2);
+  return localDateOnly();
 }
 function extractTime(dueDate) {
   if (typeof dueDate !== "string") return "";
@@ -9018,9 +9119,9 @@ function isRepeating(t2) {
   return !!t2.repeat?.type && t2.repeat.type !== "none";
 }
 function getCheckIndicator(t2) {
-  if (t2.completed) return import_picocolors8.default.green(SYM.check);
-  if (isRepeating(t2)) return import_picocolors8.default.blue(SYM.repeat);
-  return import_picocolors8.default.dim(SYM.circle);
+  if (t2.completed) return import_picocolors7.default.green(SYM.check);
+  if (isRepeating(t2)) return import_picocolors7.default.blue(SYM.repeat);
+  return import_picocolors7.default.dim(SYM.circle);
 }
 function sortTasksForDisplay(tasks) {
   const repeatOrder = { daily: 0, weekly: 1, monthly: 2 };
@@ -9043,50 +9144,60 @@ function sortTasksForDisplay(tasks) {
   });
 }
 function printTaskDetail(t2) {
-  const dim = import_picocolors8.default.dim;
+  const dim = import_picocolors7.default.dim;
   console.log("");
   printRecord([
     ["ID", dim(t2.id)],
     ["Text", t2.text],
     ["Due", formatDate(t2.dueDate) || dim("none (backlog)")],
-    ["Status", t2.completed ? import_picocolors8.default.green("completed") : import_picocolors8.default.yellow("pending")],
+    ["Status", t2.completed ? import_picocolors7.default.green("completed") : import_picocolors7.default.yellow("pending")],
     ["Tags", formatTags(t2.tags) || dim("none")],
     ["Difficulty", formatDifficulty(t2.difficulty) || dim("not set")],
     ["Duration", formatDuration(t2.duration) || dim("not set")],
     ["Repeat", formatRepeat(t2.repeat) || dim("none")],
     ["Note", t2.note || dim("none")],
-    ["Public", t2.isPublic ? import_picocolors8.default.green("yes") : import_picocolors8.default.yellow("no")],
+    ["Public", t2.isPublic ? import_picocolors7.default.green("yes") : import_picocolors7.default.yellow("no")],
     ["Completions", String(t2.completions ?? 0)],
     ["Created", formatDate(t2.createdAt)]
   ]);
+  if (Array.isArray(t2.subtasks) && t2.subtasks.length > 0) {
+    console.log(`  ${import_picocolors7.default.bold("Subtasks")}`);
+    for (const s of t2.subtasks) {
+      const box = s.completed ? import_picocolors7.default.green(SYM.check) : import_picocolors7.default.dim(SYM.circle);
+      console.log(`    ${box} ${s.completed ? import_picocolors7.default.strikethrough(dim(s.text)) : s.text}`);
+    }
+  }
   console.log("");
 }
 function printTaskLine(t2) {
   const check = getCheckIndicator(t2);
   const rawText = truncate(t2.text, 50);
-  const text = t2.completed ? import_picocolors8.default.strikethrough(import_picocolors8.default.dim(rawText)) : rawText;
+  const text = t2.completed ? import_picocolors7.default.strikethrough(import_picocolors7.default.dim(rawText)) : rawText;
   const time = extractTime(t2.dueDate);
   const tags = formatTags(t2.tags);
   const difficulty = formatDifficulty(t2.difficulty);
-  const id = import_picocolors8.default.dim(t2.id);
+  const id = import_picocolors7.default.dim(t2.id);
   const parts = [check, text];
-  if (time) parts.push(import_picocolors8.default.cyan(time));
+  if (time) parts.push(import_picocolors7.default.cyan(time));
   if (tags) parts.push(tags);
-  if (difficulty) parts.push(import_picocolors8.default.dim(`[${difficulty}]`));
+  if (difficulty) parts.push(import_picocolors7.default.dim(`[${difficulty}]`));
   parts.push(id);
   console.log("  " + parts.join("  "));
 }
+function printPartialNotice(failed) {
+  console.log(`    ${import_picocolors7.default.yellow("! some bookkeeping was deferred")} ${import_picocolors7.default.dim(`(${(failed ?? []).join(", ")})`)}`);
+}
 function registerTasksCommands(program3) {
   const tasks = program3.command("tasks").description("Manage tasks");
-  tasks.command("list").description("List tasks by date or backlog").option("--date <date>", "YYYY-MM-DD").option("--backlog", "Show backlog tasks").option("--tag <tag>", "Filter by tag").option("--yesterday", "Show yesterday's tasks").option("--tomorrow", "Show tomorrow's tasks").action(async function() {
+  tasks.command("list").description("List tasks by date or backlog").option("--date <date>", 'YYYY-MM-DD or natural language ("tomorrow", "next monday")').option("--backlog", "Show backlog tasks").option("--tag <tag>", "Filter by tag").option("--yesterday", "Show yesterday's tasks").option("--tomorrow", "Show tomorrow's tasks").action(async function() {
     const opts = this.optsWithGlobals();
-    const uid = requireUid();
+    requireUid();
     const date = resolveDate(opts);
     await runList({
       global: opts,
-      fn: () => listTasks(uid, { date, backlog: opts.backlog, tag: opts.tag }),
+      fn: () => listTasks({ date, backlog: opts.backlog, tag: opts.tag }),
       dataKey: "tasks",
-      columns: ["id", "text", "dueDate", "completed", "tags", "priority"],
+      columns: ["id", "text", "dueDate", "completed", "tags"],
       spinnerMessage: "Fetching tasks...",
       onInteractive: (payload) => {
         const items = payload.tasks;
@@ -9094,7 +9205,7 @@ function registerTasksCommands(program3) {
         const completed = items.filter((t2) => t2.completed);
         console.log("");
         if (opts.backlog) {
-          console.log(`  ${import_picocolors8.default.bold("Backlog")} ${import_picocolors8.default.dim(`(${items.length})`)}`);
+          console.log(`  ${import_picocolors7.default.bold("Backlog")} ${import_picocolors7.default.dim(`(${items.length})`)}`);
         } else {
           const viewDate = date ? /* @__PURE__ */ new Date(date + "T00:00:00") : /* @__PURE__ */ new Date();
           console.log(formatWeekdayHeader(viewDate, completed.length));
@@ -9107,18 +9218,18 @@ function registerTasksCommands(program3) {
             const viewDate = date ? /* @__PURE__ */ new Date(date + "T00:00:00") : /* @__PURE__ */ new Date();
             const dayName = viewDate.toLocaleDateString("en-US", { weekday: "long" });
             console.log(`
-  ${import_picocolors8.default.dim(`No tasks for ${dayName}. Enjoy your day!`)}`);
-            console.log(`  ${import_picocolors8.default.dim("--yesterday \xB7 --tomorrow \xB7 --date YYYY-MM-DD")}`);
+  ${import_picocolors7.default.dim(`No tasks for ${dayName}. Enjoy your day!`)}`);
+            console.log(`  ${import_picocolors7.default.dim("--yesterday \xB7 --tomorrow \xB7 --date YYYY-MM-DD")}`);
           } else {
             console.log(`
-  ${import_picocolors8.default.dim("No backlog tasks.")}`);
+  ${import_picocolors7.default.dim("No backlog tasks.")}`);
           }
           console.log("");
           return;
         }
         if (pending.length > 0) {
           console.log(`
-  ${import_picocolors8.default.bold("Pending")} ${import_picocolors8.default.dim(`(${pending.length})`)}
+  ${import_picocolors7.default.bold("Pending")} ${import_picocolors7.default.dim(`(${pending.length})`)}
 `);
           for (const t2 of pending) {
             printTaskLine(t2);
@@ -9126,7 +9237,7 @@ function registerTasksCommands(program3) {
         }
         if (completed.length > 0) {
           console.log(`
-  ${import_picocolors8.default.dim(`Completed (${completed.length})`)}
+  ${import_picocolors7.default.dim(`Completed (${completed.length})`)}
 `);
           for (const t2 of completed) {
             printTaskLine(t2);
@@ -9135,7 +9246,7 @@ function registerTasksCommands(program3) {
         if (!opts.backlog) {
           console.log(`
   ${formatProgressSummary(completed.length, items.length)}`);
-          console.log(`  ${import_picocolors8.default.dim("--yesterday \xB7 --tomorrow \xB7 --date YYYY-MM-DD")}`);
+          console.log(`  ${import_picocolors7.default.dim("--yesterday \xB7 --tomorrow \xB7 --date YYYY-MM-DD")}`);
         }
         console.log("");
       }
@@ -9150,11 +9261,11 @@ Examples:
   $ numo tasks list --tag Work         # Filter by tag
   $ numo tasks list --json | jq '.tasks[].text'`);
   tasks.command("get [id]").description("Get a task by ID").action(async function(id) {
-    const uid = requireUid();
+    requireUid();
     const taskId = await promptForMissing({ value: id, message: "Task ID" });
     await runGet({
       global: this.optsWithGlobals(),
-      fn: () => getTask(uid, taskId),
+      fn: () => getTask(taskId),
       spinnerMessage: "Fetching task...",
       onInteractive: printTaskDetail
     });
@@ -9162,171 +9273,165 @@ Examples:
 Examples:
   $ numo tasks get abc123
   $ numo tasks get abc123 --json | jq '.text'`);
-  tasks.command("create").description("Create a new task").option("--text <text>", "Task text").option("--due <date>", "Due date YYYY-MM-DD").option("--tags <tags>", "Comma-separated tags").option("--public", "Make task public (default)").option("--private", "Make task private").option("--note <note>", "Task note").option("--priority <n>", "Priority 0.1\u20131.0").option("--difficulty <n>", "Difficulty 0\u20133").option("--duration <n>", "Duration in minutes").action(async function() {
+  tasks.command("create [text...]").description("Create a task \u2014 quick via text/flags, or an interactive wizard").option("--text <text>", "Task text (alternative to positional text)").option("--due <date>", 'Due date: YYYY-MM-DD, "YYYY-MM-DD HH:mm", or natural language').option("--backlog", "No due date (Someday / backlog)").option("--repeat <type>", "Recurring routine: daily | weekly | monthly").option("--weekdays <days>", "For --repeat weekly: comma list e.g. Mon,Wed,Fri").option("--month-days <days>", "For --repeat monthly: comma list e.g. 1,15").option("--every <n>", "Repeat interval (every N days/weeks/months)").option("--tags <tags>", "Comma-separated tags").option("--public", "Make task public").option("--private", "Make task private (default)").option("--note <note>", "Private note").option("--difficulty <n>", "Effort 0\u20133 (S/M/L/XL)").option("--duration <n>", "Duration in minutes").option("--subtask <text>", 'Add a subtask (repeatable: --subtask "a" --subtask "b")', collectValue, []).option("--client-task-id <id>", "Idempotency key \u2014 retrying with the same id returns the existing task instead of duplicating").action(async function(textParts) {
     const opts = this.optsWithGlobals();
-    const uid = requireUid();
-    const text = await promptForMissing({ value: opts.text, message: "Task text", placeholder: "What do you need to do?" });
-    const body = { text };
-    if (isInteractive() && !opts.json) {
-      if (!opts.due) {
-        const today2 = /* @__PURE__ */ new Date();
-        const tomorrow2 = new Date(today2);
-        tomorrow2.setDate(tomorrow2.getDate() + 1);
-        const fmt = (d) => d.toISOString().slice(0, 10);
-        const schedule = await promptSelect({
-          message: "When?",
+    requireUid();
+    const providedText = (textParts && textParts.length ? textParts.join(" ") : void 0) ?? opts.text;
+    const hasQuickInput = !!providedText || opts.due || opts.backlog || opts.repeat || opts.tags || opts.note || opts.difficulty !== void 0 || opts.duration || opts.public || opts.private || opts.subtask && opts.subtask.length;
+    const useWizard = isInteractive() && !opts.json && !hasQuickInput;
+    const body = {};
+    if (useWizard) {
+      body.text = await promptForMissing({ value: providedText, message: "Task text", placeholder: "What do you need to do?" });
+      const fmt = (d) => localDateOnly(d);
+      const today2 = /* @__PURE__ */ new Date();
+      const tomorrow2 = new Date(today2);
+      tomorrow2.setDate(tomorrow2.getDate() + 1);
+      const schedule = await promptSelect({
+        message: "When?",
+        options: [
+          { value: "today", label: `Today (${fmt(today2)})` },
+          { value: "tomorrow", label: `Tomorrow (${fmt(tomorrow2)})` },
+          { value: "pick", label: "Pick a date..." },
+          { value: "someday", label: "Someday (backlog)" },
+          { value: "daily", label: "Every day (routine)" },
+          { value: "weekly", label: "Every week (routine)" },
+          { value: "monthly", label: "Every month (routine)" }
+        ]
+      });
+      if (schedule === "today") {
+        body.dueDate = fmt(today2);
+      } else if (schedule === "tomorrow") {
+        body.dueDate = fmt(tomorrow2);
+      } else if (schedule === "pick") {
+        body.dueDate = await promptText({ message: "Date", placeholder: fmt(tomorrow2), required: true });
+      } else if (schedule === "someday") {
+        body.backlog = true;
+      } else {
+        const repeat = { type: schedule, every: 1, custom: false, monthDays: null, weekDays: null };
+        if (schedule === "weekly") {
+          repeat.weekDays = await promptMultiSelect({
+            message: "Days of week",
+            options: [
+              { value: "Mon", label: "Monday" },
+              { value: "Tue", label: "Tuesday" },
+              { value: "Wed", label: "Wednesday" },
+              { value: "Thu", label: "Thursday" },
+              { value: "Fri", label: "Friday" },
+              { value: "Sat", label: "Saturday" },
+              { value: "Sun", label: "Sunday" }
+            ],
+            required: true
+          });
+        } else if (schedule === "monthly") {
+          const daysInput = await promptText({ message: "Days of month", placeholder: "1,15", required: true });
+          repeat.monthDays = daysInput.split(",").map((s) => parseInt(s.trim()));
+        }
+        body.repeat = repeat;
+        body.dueDate = fmt(today2);
+      }
+      const visibility = await promptSelect({
+        message: "Visibility",
+        options: [
+          { value: "private", label: "Private \u2014 only you can see it" },
+          { value: "public", label: "Public \u2014 visible in community" }
+        ]
+      });
+      body.isPublic = visibility === "public";
+      if (await promptConfirm({ message: "Add details? (tags, effort, time, note)", initialValue: false })) {
+        const tags = await promptMultiSelect({
+          message: "Tags",
           options: [
-            { value: "today", label: `Today (${fmt(today2)})` },
-            { value: "tomorrow", label: `Tomorrow (${fmt(tomorrow2)})` },
-            { value: "pick", label: "Pick a date..." },
-            { value: "someday", label: "Someday (backlog)" },
-            { value: "daily", label: "Every day (routine)" },
-            { value: "weekly", label: "Every week (routine)" },
-            { value: "monthly", label: "Every month (routine)" }
+            { value: "House", label: "House" },
+            { value: "Work", label: "Work" },
+            { value: "Study", label: "Study" },
+            { value: "Hobby", label: "Hobby" },
+            { value: "Health", label: "Health" },
+            { value: "Relationship", label: "Relationship" },
+            { value: "Self-care", label: "Self-care" },
+            { value: "Relax", label: "Relax" },
+            { value: "Kids", label: "Kids" }
           ]
         });
-        if (schedule === "today") {
-          body.dueDate = fmt(today2);
-        } else if (schedule === "tomorrow") {
-          body.dueDate = fmt(tomorrow2);
-        } else if (schedule === "pick") {
-          const date = await promptText({ message: "Date", placeholder: fmt(tomorrow2), required: true });
-          body.dueDate = date;
-        } else if (["daily", "weekly", "monthly"].includes(schedule)) {
-          const repeat = {
-            type: schedule,
-            every: 1,
-            end: "never",
-            endDate: null,
-            endAfter: null,
-            monthDays: null,
-            weekDays: null
-          };
-          if (schedule === "weekly") {
-            const days = await promptMultiSelect({
-              message: "Days of week",
-              options: [
-                { value: "Mon", label: "Monday" },
-                { value: "Tue", label: "Tuesday" },
-                { value: "Wed", label: "Wednesday" },
-                { value: "Thu", label: "Thursday" },
-                { value: "Fri", label: "Friday" },
-                { value: "Sat", label: "Saturday" },
-                { value: "Sun", label: "Sunday" }
-              ],
-              required: true
-            });
-            repeat.weekDays = days;
-          } else if (schedule === "monthly") {
-            const daysInput = await promptText({ message: "Days of month", placeholder: "1,15", required: true });
-            repeat.monthDays = daysInput.split(",").map((s) => parseInt(s.trim()));
-          }
-          body.repeat = repeat;
-          body.dueDate = fmt(today2);
-        }
-      }
-      if (!opts.private && !opts.public) {
-        const visibility = await promptSelect({
-          message: "Visibility",
+        if (tags.length > 0) body.tags = tags;
+        const difficulty = await promptSelect({
+          message: "Effort",
           options: [
-            { value: "public", label: "Public \u2014 visible to your squad" },
-            { value: "private", label: "Private \u2014 only you can see it" }
+            { value: "skip", label: "Skip" },
+            { value: "0", label: "S \u2014 Tiny" },
+            { value: "1", label: "M \u2014 Medium" },
+            { value: "2", label: "L \u2014 High" },
+            { value: "3", label: "XL \u2014 Huge" }
           ]
         });
-        if (visibility === "private") body.isPublic = false;
-      }
-      const addDetails = await promptConfirm({
-        message: "Add details? (tags, effort, time, note)",
-        initialValue: false
-      });
-      if (addDetails) {
-        if (!opts.tags) {
-          const tags = await promptMultiSelect({
-            message: "Tags",
-            options: [
-              { value: "House", label: "House" },
-              { value: "Work", label: "Work" },
-              { value: "Study", label: "Study" },
-              { value: "Hobby", label: "Hobby" },
-              { value: "Health", label: "Health" },
-              { value: "Relationship", label: "Relationship" },
-              { value: "Self-care", label: "Self-care" },
-              { value: "Relax", label: "Relax" },
-              { value: "Kids", label: "Kids" }
-            ]
-          });
-          if (tags.length > 0) body.tags = tags;
-        }
-        if (opts.difficulty === void 0) {
-          const difficulty = await promptSelect({
-            message: "Effort",
-            options: [
-              { value: "skip", label: "Skip" },
-              { value: "0", label: "S \u2014 Tiny" },
-              { value: "1", label: "M \u2014 Medium" },
-              { value: "2", label: "L \u2014 High" },
-              { value: "3", label: "XL \u2014 Huge" }
-            ]
-          });
-          if (difficulty !== "skip") body.difficulty = parseInt(difficulty);
-        }
-        const addTime = await promptConfirm({ message: "Add a specific time?", initialValue: false });
-        if (addTime && body.dueDate) {
+        if (difficulty !== "skip") body.difficulty = parseInt(difficulty);
+        if (body.dueDate && await promptConfirm({ message: "Add a specific time?", initialValue: false })) {
           const time = await promptText({ message: "Time", placeholder: "09:30", required: true });
           body.dueDate = `${body.dueDate} ${time}`;
         }
-        if (!opts.note) {
-          const note = await promptText({ message: "Note (enter to skip)", placeholder: "Private note", required: false });
-          if (note) body.note = note;
+        const note = await promptText({ message: "Note (enter to skip)", placeholder: "Private note", required: false });
+        if (note) body.note = note;
+        const subs = await promptText({ message: "Subtasks (comma-separated, enter to skip)", placeholder: "Step 1, Step 2", required: false });
+        if (subs) {
+          const built = buildSubtasks(subs.split(","));
+          if (built.length) body.subtasks = built;
         }
       }
-      if (opts.public) body.isPublic = true;
-      if (opts.private) body.isPublic = false;
-      if (opts.tags && !body.tags) body.tags = opts.tags.split(",");
-      if (opts.note && !body.note) body.note = opts.note;
     } else {
-      if (opts.due) {
+      const text = providedText ?? (isInteractive() && !opts.json ? await promptText({ message: "Task text", placeholder: "What do you need to do?", required: true }) : void 0);
+      if (!text) throw Errors.missingArg("Task text", "text");
+      body.text = text;
+      if (opts.backlog) {
+        body.backlog = true;
+      } else if (opts.due) {
         const parsed = parseHumanDate(opts.due);
         if (!parsed) throw Errors.invalidInput(`Cannot parse date: "${opts.due}"`);
         body.dueDate = parsed;
+      } else {
+        body.dueDate = localDateOnly();
       }
+      const repeat = buildRepeatConfig(opts);
+      if (repeat) body.repeat = repeat;
       if (opts.tags) body.tags = opts.tags.split(",");
       if (opts.note) body.note = opts.note;
-      if (opts.priority) body.priority = parseFloat(opts.priority);
       if (opts.difficulty !== void 0) body.difficulty = parseInt(opts.difficulty);
       if (opts.duration) body.duration = parseInt(opts.duration);
-      if (opts.public) body.isPublic = true;
-      if (opts.private) body.isPublic = false;
+      if (opts.subtask && opts.subtask.length) body.subtasks = buildSubtasks(opts.subtask);
+      body.isPublic = opts.public ? true : false;
     }
+    if (opts.clientTaskId) body.clientTaskId = opts.clientTaskId;
+    body.listPosition = "top";
+    normalizeDueDateInBody(body);
     await runCreate({
       global: opts,
-      fn: () => createTask(uid, body),
+      fn: () => createTask(body),
       dataKey: "task",
       spinnerMessage: "Creating task...",
       onInteractive: (_task, payload) => {
-        const { task, karma } = payload;
-        const check = import_picocolors8.default.green(SYM.check);
+        const { task, karma, idempotentReplay } = payload;
+        const check = import_picocolors7.default.green(SYM.check);
         console.log(`
-  ${check} Created  ${task.text}`);
-        if (karma) {
-          console.log(`    ${formatKarmaGain(karma)}${" ".repeat(20)}${import_picocolors8.default.dim(task.id)}`);
-        }
+  ${check} ${idempotentReplay ? "Exists" : "Created"}  ${task.text}  ${import_picocolors7.default.dim(task.id)}`);
+        if (karma) console.log(`    ${formatKarmaGain(karma)}`);
         console.log("");
       }
     });
   }).addHelpText("after", `
 Examples:
-  $ numo tasks create                                    # Interactive wizard
-  $ numo tasks create --text "Buy groceries"             # Quick create (today)
-  $ numo tasks create --text "Meeting" --due 2026-03-27
-  $ numo tasks create --text "Workout" --tags Health --difficulty 2
-  $ numo tasks create --text "Review PR" --due 2026-03-27 --tags Work --private`);
-  tasks.command("update [id]").description("Update a task").option("--text <text>", "Task text").option("--due <date>", 'Due date YYYY-MM-DD or "YYYY-MM-DD HH:mm"').option("--tags <tags>", "Comma-separated tags").option("--public", "Make task public").option("--private", "Make task private").option("--note <note>", "Task note").option("--priority <n>", "Priority 0.1-1.0").option("--difficulty <n>", "Difficulty 0-3 (S/M/L/XL)").option("--duration <n>", "Duration in minutes").action(async function(id) {
+  $ numo tasks create                                      # Interactive wizard
+  $ numo tasks create "Buy groceries"                      # Quick (today, private, top)
+  $ numo tasks create "Meeting" --due "2026-03-27 14:30"   # With a time
+  $ numo tasks create "Standup" --repeat weekly --weekdays Mon,Wed,Fri
+  $ numo tasks create "Pay rent" --repeat monthly --month-days 1
+  $ numo tasks create "Read later" --backlog               # Someday / no due date
+  $ numo tasks create "Trip" --subtask "Book hotel" --subtask "Pack"
+  $ numo tasks create "Review PR" --tags Work --difficulty 2 --public`);
+  tasks.command("update [id]").description("Update a task").option("--text <text>", "Task text").option("--due <date>", 'Due date: YYYY-MM-DD, "YYYY-MM-DD HH:mm", or natural language').option("--clear-time", "Strip time-of-day; treat task as all-day").option("--no-time", "Alias of --clear-time").option("--tags <tags>", "Comma-separated tags").option("--public", "Make task public").option("--private", "Make task private").option("--note <note>", "Task note").option("--difficulty <n>", "Difficulty 0-3 (S/M/L/XL)").option("--duration <n>", "Duration in minutes").option("--repeat <type>", "Set recurrence: daily | weekly | monthly | none").option("--weekdays <days>", "For --repeat weekly: comma list e.g. Mon,Wed").option("--month-days <days>", "For --repeat monthly: comma list e.g. 1,15").option("--every <n>", "Repeat interval (every N)").option("--backlog", "Move to backlog (clear the due date)").option("--subtask <text>", 'Replace subtasks (repeatable: --subtask "a" --subtask "b")', collectValue, []).action(async function(id) {
     const opts = this.optsWithGlobals();
-    const uid = requireUid();
+    requireUid();
     const taskId = await promptForMissing({ value: id, message: "Task ID" });
+    const clearTime = opts.clearTime === true || opts.time === false;
     const body = {};
-    const hasAnyFlag = opts.text || opts.due || opts.tags || opts.public || opts.private || opts.note || opts.priority || opts.difficulty !== void 0 || opts.duration;
+    const hasAnyFlag = opts.text || opts.due || opts.tags || opts.public || opts.private || opts.note || opts.difficulty !== void 0 || opts.duration || clearTime || opts.repeat !== void 0 || opts.backlog || opts.weekdays || opts.monthDays || opts.every || opts.subtask && opts.subtask.length;
     if (!hasAnyFlag && isInteractive() && !opts.json) {
       const text = await promptText({ message: "Text (enter to skip)", required: false });
       if (text) body.text = text;
@@ -9336,8 +9441,6 @@ Examples:
       if (tags) body.tags = tags.split(",");
       const note = await promptText({ message: "Note (enter to skip)", required: false });
       if (note) body.note = note;
-      const priority = await promptText({ message: "Priority (enter to skip)", placeholder: "0.1\u20131.0", required: false });
-      if (priority) body.priority = parseFloat(priority);
       const difficulty = await promptText({ message: "Difficulty (enter to skip)", placeholder: "0\u20133", required: false });
       if (difficulty) body.difficulty = parseInt(difficulty);
       const duration = await promptText({ message: "Duration in minutes (enter to skip)", placeholder: "10", required: false });
@@ -9353,18 +9456,28 @@ Examples:
       if (opts.public) body.isPublic = true;
       if (opts.private) body.isPublic = false;
       if (opts.note) body.note = opts.note;
-      if (opts.priority) body.priority = parseFloat(opts.priority);
       if (opts.difficulty !== void 0) body.difficulty = parseInt(opts.difficulty);
       if (opts.duration) body.duration = parseInt(opts.duration);
+      const repeat = buildRepeatConfig(opts);
+      if (repeat) body.repeat = repeat;
+      if (opts.backlog) body.dueDate = null;
+      if (opts.subtask && opts.subtask.length) body.subtasks = buildSubtasks(opts.subtask);
+    }
+    if (clearTime) {
+      const currentDue = typeof body.dueDate === "string" ? body.dueDate : (await getTask(taskId)).dueDate;
+      if (currentDue && currentDue.length >= 10) {
+        body.dueDate = `${currentDue.slice(0, 10)} 00:00`;
+      }
     }
+    normalizeDueDateInBody(body);
     await runWrite({
       global: opts,
-      fn: () => updateTask(uid, taskId, body),
+      fn: () => updateTask(taskId, body),
       dataKey: "task",
       spinnerMessage: "Updating task...",
       onInteractive: (payload) => {
         console.log(`
-  ${import_picocolors8.default.green("Updated!")} ${payload.task.text}  ${import_picocolors8.default.dim(payload.task.id)}
+  ${import_picocolors7.default.green("Updated!")} ${payload.task.text}  ${import_picocolors7.default.dim(payload.task.id)}
 `);
       }
     });
@@ -9372,28 +9485,35 @@ Examples:
 Examples:
   $ numo tasks update abc123 --text "Updated text"
   $ numo tasks update abc123 --due 2026-03-28
+  $ numo tasks update abc123 --no-time          # strip time-of-day; task becomes all-day
+  $ numo tasks update abc123 --clear-time       # same as --no-time
   $ numo tasks update abc123 --tags Work,Health
-  $ numo tasks update abc123 --difficulty 2 --note "Important"`);
+  $ numo tasks update abc123 --difficulty 2 --note "Important"
+  $ numo tasks update abc123 --repeat weekly --weekdays Mon,Thu
+  $ numo tasks update abc123 --repeat none       # stop repeating
+  $ numo tasks update abc123 --backlog           # clear due date
+  $ numo tasks update abc123 --subtask "Step 1" --subtask "Step 2"  # replaces subtasks`);
   tasks.command("delete [id]").description("Delete a task").option("--yes", "Skip confirmation prompt").option("--stdin", "Read task IDs from stdin (one per line)").action(async function(id) {
     const opts = this.optsWithGlobals();
-    const uid = requireUid();
+    requireUid();
     if (opts.stdin) {
       const ids = readStdinLines();
       for (const lineId of ids) {
         try {
-          const result = await deleteTask(uid, lineId);
+          const result = await deleteTask(lineId);
           printNdjsonLine({ id: lineId, ...result });
         } catch (err) {
+          process.exitCode = ExitCode.GENERAL;
           printNdjsonLine({ id: lineId, error: err.message });
         }
       }
       return;
     }
-    const taskId = await pickTask(uid, id, "delete");
+    const taskId = await pickTask(id, "delete");
     if (isInteractive() && !opts.yes && !opts.json) {
       let taskText = taskId;
       try {
-        const task = await getTask(uid, taskId);
+        const task = await getTask(taskId);
         taskText = task.text ?? taskId;
       } catch {
       }
@@ -9402,19 +9522,20 @@ Examples:
         initialValue: false
       });
       if (!confirmed) {
-        console.log(import_picocolors8.default.dim("  Cancelled."));
+        console.log(import_picocolors7.default.dim("  Cancelled."));
         return;
       }
     }
     await runWrite({
       global: opts,
-      fn: () => deleteTask(uid, taskId),
+      fn: () => deleteTask(taskId),
       spinnerMessage: "Deleting task...",
       onInteractive: (data) => {
-        const cross = import_picocolors8.default.red(SYM.cross);
+        const cross = import_picocolors7.default.red(SYM.cross);
         console.log(`
   ${cross} Deleted  ${data.taskText || taskId}`);
-        if (data.archived) console.log(`    ${import_picocolors8.default.dim("Archived")}`);
+        if (data.archived) console.log(`    ${import_picocolors7.default.dim("Archived")}`);
+        if (data.partial) printPartialNotice(data.failed);
         console.log("");
       }
     });
@@ -9425,31 +9546,41 @@ Examples:
   $ numo tasks delete abc123 --json`);
   tasks.command("complete [id]").description("Mark task as complete").option("--date <datetime>", 'Completion datetime "YYYY-MM-DD HH:mm"').option("--stdin", "Read task IDs from stdin (one per line)").action(async function(id) {
     const opts = this.optsWithGlobals();
-    const uid = requireUid();
+    requireUid();
+    if (opts.date && !isCompletableDate(opts.date)) {
+      throw Errors.invalidInput("completion date must be today or yesterday");
+    }
     if (opts.stdin) {
       const ids = readStdinLines();
       for (const lineId of ids) {
         try {
-          const result = await completeTask(uid, lineId, opts.date);
+          const result = await completeTask(lineId, opts.date);
           printNdjsonLine({ id: lineId, ...result });
         } catch (err) {
+          process.exitCode = ExitCode.GENERAL;
           printNdjsonLine({ id: lineId, error: err.message });
         }
       }
       return;
     }
-    const taskId = await pickTask(uid, id, "complete");
+    const taskId = await pickTask(id, "complete");
     await runWrite({
       global: opts,
-      fn: () => completeTask(uid, taskId, opts.date),
+      fn: () => completeTask(taskId, opts.date),
       spinnerMessage: "Completing task...",
       onInteractive: (data) => {
-        const check = import_picocolors8.default.green(SYM.check);
-        console.log(`
+        const check = import_picocolors7.default.green(SYM.check);
+        if (data.alreadyCompleted) {
+          console.log(`
+  ${check} Already done  ${data.taskText ?? taskId}`);
+        } else {
+          console.log(`
   ${check} Done!  ${data.taskText ?? taskId}`);
-        if (data.karma) {
-          console.log(`    ${formatKarmaGain(data.karma, data.checksInRow)}`);
+          if (data.karma) {
+            console.log(`    ${formatKarmaGain(data.karma, data.checksInRow)}`);
+          }
         }
+        if (data.partial) printPartialNotice(data.failed);
         console.log("");
       }
     });
@@ -9459,14 +9590,15 @@ Examples:
   $ numo tasks complete abc123 --date "2026-03-26 14:30"`);
   tasks.command("uncomplete [id]").description("Mark task as incomplete").option("--stdin", "Read task IDs from stdin (one per line)").action(async function(id) {
     const opts = this.optsWithGlobals();
-    const uid = requireUid();
+    requireUid();
     if (opts.stdin) {
       const ids = readStdinLines();
       for (const lineId of ids) {
         try {
-          const result = await uncompleteTask(uid, lineId);
+          const result = await uncompleteTask(lineId);
           printNdjsonLine({ id: lineId, ...result });
         } catch (err) {
+          process.exitCode = ExitCode.GENERAL;
           printNdjsonLine({ id: lineId, error: err.message });
         }
       }
@@ -9475,14 +9607,15 @@ Examples:
     const taskId = await promptForMissing({ value: id, message: "Task ID" });
     await runWrite({
       global: opts,
-      fn: () => uncompleteTask(uid, taskId),
+      fn: () => uncompleteTask(taskId),
       dataKey: "task",
       spinnerMessage: "Uncompleting task...",
       onInteractive: (data) => {
         const arrow = SYM.undo;
         console.log(`
-  ${import_picocolors8.default.yellow(arrow)} Reverted  ${data.task.text ?? taskId}`);
-        console.log(`    ${import_picocolors8.default.dim("Karma adjustment applied")}`);
+  ${import_picocolors7.default.yellow(arrow)} Reverted  ${data.task.text ?? taskId}`);
+        console.log(`    ${import_picocolors7.default.dim("Karma adjustment applied")}`);
+        if (data.partial) printPartialNotice(data.failed);
         console.log("");
       }
     });
@@ -9492,19 +9625,20 @@ Examples:
 }
 // src/cli/commands/posts.ts
-var import_picocolors10 = __toESM(require_picocolors(), 1);
+var import_picocolors9 = __toESM(require_picocolors(), 1);
 // src/cli/lib/pagination.ts
-var import_picocolors9 = __toESM(require_picocolors(), 1);
+var import_picocolors8 = __toESM(require_picocolors(), 1);
 function printPaginationHint(opts) {
   if (!opts.nextCursor) return;
   const parts = [opts.command, `--cursor ${opts.nextCursor}`];
   if (opts.limit) parts.push(`--limit ${opts.limit}`);
   console.log(`
-${import_picocolors9.default.dim("Next page:")} ${import_picocolors9.default.dim("$")} numo ${parts.join(" ")}`);
+${import_picocolors8.default.dim("Next page:")} ${import_picocolors8.default.dim("$")} numo ${parts.join(" ")}`);
 }
 // src/cli/services/posts.ts
+init_api_client();
 async function listPosts(opts) {
   return api.get("/api/posts", {
     cursor: opts.cursor,
@@ -9514,99 +9648,54 @@ async function listPosts(opts) {
 async function getPost(id) {
   return api.get(`/api/posts/${encodeURIComponent(id)}`);
 }
-async function createPost(uid, body) {
-  return api.post("/api/posts", body);
-}
-async function updatePost(uid, id, body) {
-  return api.patch(`/api/posts/${encodeURIComponent(id)}`, body);
-}
-async function deletePost(uid, id) {
-  await api.del(`/api/posts/${encodeURIComponent(id)}`);
-}
 // src/cli/services/comments.ts
+init_api_client();
 async function listComments(postId, opts) {
   return api.get(`/api/posts/${encodeURIComponent(postId)}/comments`, {
     cursor: opts.cursor,
     limit: opts.limit?.toString()
   });
 }
-async function createComment(uid, postId, text) {
-  return api.post(`/api/posts/${encodeURIComponent(postId)}/comments`, { text });
-}
-async function deleteComment(uid, postId, commentId) {
-  await api.del(`/api/posts/${encodeURIComponent(postId)}/comments/${encodeURIComponent(commentId)}`);
-}
 // src/cli/services/replies.ts
+init_api_client();
 async function listReplies(postId, commentId, opts) {
   return api.get(`/api/posts/${encodeURIComponent(postId)}/comments/${encodeURIComponent(commentId)}/replies`, {
     cursor: opts.cursor,
     limit: opts.limit?.toString()
   });
 }
-async function createReply(uid, postId, commentId, text) {
-  return api.post(`/api/posts/${encodeURIComponent(postId)}/comments/${encodeURIComponent(commentId)}/replies`, { text });
-}
-async function deleteReply(uid, postId, commentId, replyId) {
-  await api.del(`/api/posts/${encodeURIComponent(postId)}/comments/${encodeURIComponent(commentId)}/replies/${encodeURIComponent(replyId)}`);
-}
-// src/cli/types/api.ts
-var POST_TAGS = ["general", "hack", "story", "meme", "other", "question", "hack-tip", "activity"];
 // src/cli/commands/posts.ts
 init_prompts();
-init_tty();
-async function pickComment(postId, commentId) {
-  if (commentId) return commentId;
-  if (!isInteractive()) throw new Error("Missing required argument: commentId. Use flags in non-interactive mode.");
-  const { comments } = await listComments(postId, { limit: 50 });
-  if (comments.length === 0) throw new Error("No comments on this post.");
-  return promptSelect({
-    message: "Select comment",
-    options: comments.map((c) => ({
-      value: c.id,
-      label: `${truncate(c.text ?? "", 60)}  ${import_picocolors10.default.dim(c.authorName ?? c.userId ?? "")}`
-    }))
-  });
-}
-async function pickReply(postId, commentId, replyId) {
-  if (replyId) return replyId;
-  if (!isInteractive()) throw new Error("Missing required argument: replyId. Use flags in non-interactive mode.");
-  const { replies } = await listReplies(postId, commentId, { limit: 50 });
-  if (replies.length === 0) throw new Error("No replies on this comment.");
-  return promptSelect({
-    message: "Select reply",
-    options: replies.map((r) => ({
-      value: r.id,
-      label: `${truncate(r.text ?? "", 60)}  ${import_picocolors10.default.dim(r.userId ?? "")}`
-    }))
-  });
-}
 function printPostLine(p) {
-  const tag = import_picocolors10.default.cyan(p.tag ?? "");
+  const tag = import_picocolors9.default.cyan(p.tag ?? "");
   const title = truncate(p.title, 55);
-  const comments = p.commentsCount ? import_picocolors10.default.dim(`${p.commentsCount} comments`) : "";
+  const author = p.authorName ?? p.authorId;
+  const comments = p.commentsCount ? import_picocolors9.default.dim(`${p.commentsCount} comments`) : "";
+  const likes = p.likesCount ? import_picocolors9.default.dim(`${p.likesCount} likes`) : "";
   const time = formatRelativeDate(p.createdAt);
-  const id = import_picocolors10.default.dim(p.id);
-  const parts = [tag, import_picocolors10.default.bold(title)];
+  const id = import_picocolors9.default.dim(p.id);
+  const parts = [tag, import_picocolors9.default.bold(title)];
+  if (author) parts.push(import_picocolors9.default.dim(`by ${author}`));
   if (comments) parts.push(comments);
-  parts.push(import_picocolors10.default.dim(time));
+  if (likes) parts.push(likes);
+  parts.push(import_picocolors9.default.dim(time));
   parts.push(id);
   console.log("  " + parts.join("  "));
 }
 function printPostDetail(p) {
   console.log("");
-  console.log(`  ${import_picocolors10.default.bold(p.title)}`);
+  console.log(`  ${import_picocolors9.default.bold(p.title)}`);
   if (p.body) {
-    console.log(`  ${import_picocolors10.default.dim(SYM.dash.repeat(40))}`);
+    console.log(`  ${import_picocolors9.default.dim(SYM.dash.repeat(40))}`);
     console.log(`  ${p.body}`);
   }
-  console.log(`  ${import_picocolors10.default.dim(SYM.dash.repeat(40))}`);
+  console.log(`  ${import_picocolors9.default.dim(SYM.dash.repeat(40))}`);
   printRecord([
-    ["ID", import_picocolors10.default.dim(p.id)],
-    ["Tag", import_picocolors10.default.cyan(p.tag ?? "")],
+    ["ID", import_picocolors9.default.dim(p.id)],
+    ["Tag", import_picocolors9.default.cyan(p.tag ?? "")],
     ["Author", p.authorName ?? p.authorId],
     ["Comments", p.commentsCount != null ? String(p.commentsCount) : null],
     ["Likes", p.likesCount != null ? String(p.likesCount) : null],
@@ -9615,9 +9704,9 @@ function printPostDetail(p) {
   console.log("");
 }
 function printCommentLine(c) {
-  const author = import_picocolors10.default.bold(c.authorName ?? c.userId ?? "");
-  const time = import_picocolors10.default.dim(formatRelativeDate(c.createdAt));
-  const replies = c.repliesCount ? import_picocolors10.default.dim(`\xB7 ${c.repliesCount} replies`) : "";
+  const author = import_picocolors9.default.bold(c.authorName ?? c.userId ?? "");
+  const time = import_picocolors9.default.dim(formatRelativeDate(c.createdAt));
+  const replies = c.repliesCount ? import_picocolors9.default.dim(`\xB7 ${c.repliesCount} replies`) : "";
   const text = c.text ?? "";
   console.log(`  ${author}  ${time}${replies}`);
   console.log(`  ${text}`);
@@ -9626,86 +9715,77 @@ function printCommentLine(c) {
 function printReplyLine(r) {
   const text = truncate(r.text ?? "", 60);
   const time = formatRelativeDate(r.createdAt);
-  const id = import_picocolors10.default.dim(r.id);
-  console.log(`  ${text}  ${import_picocolors10.default.dim(time)}  ${id}`);
+  const id = import_picocolors9.default.dim(r.id);
+  console.log(`  ${text}  ${import_picocolors9.default.dim(time)}  ${id}`);
 }
 function registerPostsCommands(program3) {
-  const posts = program3.command("posts").description("Manage posts and comments");
+  const posts = program3.command("posts").description("Browse community posts and comments");
   posts.command("list").description("List posts").option("--cursor <cursor>").option("--limit <n>", "Max results (<=50)", "20").action(async function() {
     const opts = this.optsWithGlobals();
-    const limit = parseInt(opts.limit);
     await runList({
       global: opts,
-      fn: () => listPosts({ cursor: opts.cursor, limit }),
+      fn: () => listPosts({ cursor: opts.cursor, limit: opts.limit ? parseInt(opts.limit) : void 0 }),
       dataKey: "posts",
-      columns: ["id", "title", "tag", "authorId", "createdAt"],
+      columns: ["id", "tag", "title", "authorName", "commentsCount", "likesCount", "createdAt"],
       spinnerMessage: "Fetching posts...",
       onInteractive: (payload) => {
         const items = payload.posts;
         if (items.length === 0) {
-          console.log(import_picocolors10.default.dim("  No posts found."));
+          console.log(import_picocolors9.default.dim("  No posts found."));
           return;
         }
-        console.log(`
-  ${import_picocolors10.default.bold("Posts")} ${import_picocolors10.default.dim(`(${items.length})`)}
-`);
-        for (const p of items) {
-          printPostLine(p);
-        }
+        console.log("");
+        for (const p of items) printPostLine(p);
+        console.log("");
         printPaginationHint({
           nextCursor: payload.nextCursor,
           command: "posts list",
           limit: opts.limit
         });
-        console.log("");
       }
     });
-  }).addHelpText("after", `
-Examples:
-  $ numo posts list
-  $ numo posts list --limit 10
-  $ numo posts list --json | jq '.posts[].title'`);
-  posts.command("get [id]").description("Get a post by ID").action(async function(id) {
+  });
+  posts.command("get [id]").description("Get post details").action(async function(id) {
+    const opts = this.optsWithGlobals();
     const postId = await promptForMissing({ value: id, message: "Post ID" });
     await runGet({
-      global: this.optsWithGlobals(),
+      global: opts,
       fn: () => getPost(postId),
       spinnerMessage: "Fetching post...",
-      onInteractive: printPostDetail
+      onInteractive: (post) => printPostDetail(post)
     });
-  }).addHelpText("after", `
-Examples:
-  $ numo posts get abc123
-  $ numo posts get abc123 --json`);
-  posts.command("comments [postId]").description("List comments on a post").option("--cursor <cursor>").action(async function(postId) {
+  });
+  posts.command("comments [postId]").description("List comments on a post").option("--cursor <cursor>").option("--limit <n>", "Max results (<=50)", "20").action(async function(postId) {
     const opts = this.optsWithGlobals();
     const resolvedPostId = await promptForMissing({ value: postId, message: "Post ID" });
     await runList({
       global: opts,
-      fn: () => listComments(resolvedPostId, { cursor: opts.cursor }),
+      fn: () => listComments(resolvedPostId, { cursor: opts.cursor, limit: opts.limit ? parseInt(opts.limit) : void 0 }),
       dataKey: "comments",
-      columns: ["id", "userId", "text", "createdAt"],
+      columns: ["id", "userId", "authorName", "text", "repliesCount", "createdAt"],
       spinnerMessage: "Fetching comments...",
       onInteractive: (payload) => {
         const items = payload.comments;
         if (items.length === 0) {
-          console.log(import_picocolors10.default.dim("  No comments yet."));
+          console.log(import_picocolors9.default.dim("  No comments yet."));
           return;
         }
         console.log(`
-  ${import_picocolors10.default.bold("Comments")} ${import_picocolors10.default.dim(`(${items.length})`)}
+  ${import_picocolors9.default.bold("Comments")} ${import_picocolors9.default.dim(`(${items.length})`)}
 `);
-        for (const c of items) {
-          printCommentLine(c);
-        }
-        console.log("");
+        for (const c of items) printCommentLine(c);
+        printPaginationHint({
+          nextCursor: payload.nextCursor,
+          command: `posts comments ${resolvedPostId}`,
+          limit: opts.limit
+        });
       }
     });
   });
-  posts.command("replies [postId] [commentId]").description("List replies to a comment").option("--cursor <cursor>").action(async function(postId, commentId) {
+  posts.command("replies [postId] [commentId]").description("List replies on a comment").option("--cursor <cursor>").option("--limit <n>", "Max results (<=50)", "20").action(async function(postId, commentId) {
     const opts = this.optsWithGlobals();
     const resolvedPostId = await promptForMissing({ value: postId, message: "Post ID" });
-    const resolvedCommentId = await pickComment(resolvedPostId, commentId);
+    const resolvedCommentId = await promptForMissing({ value: commentId, message: "Comment ID" });
     await runList({
       global: opts,
       fn: () => listReplies(resolvedPostId, resolvedCommentId, { cursor: opts.cursor }),
@@ -9715,11 +9795,11 @@ Examples:
       onInteractive: (payload) => {
         const items = payload.replies;
         if (items.length === 0) {
-          console.log(import_picocolors10.default.dim("  No replies yet."));
+          console.log(import_picocolors9.default.dim("  No replies yet."));
           return;
         }
         console.log(`
-  ${import_picocolors10.default.bold("Replies")} ${import_picocolors10.default.dim(`(${items.length})`)}
+  ${import_picocolors9.default.bold("Replies")} ${import_picocolors9.default.dim(`(${items.length})`)}
 `);
         for (const r of items) {
           printReplyLine(r);
@@ -9728,132 +9808,10 @@ Examples:
       }
     });
   });
-  posts.command("create").description("Create a new post").option("--title <title>").option("--body <body>").option("--tag <tag>", "general|hack|story|meme|other|question|hack-tip|activity").action(async function() {
-    const opts = this.optsWithGlobals();
-    const uid = requireUid();
-    const title = await promptForMissing({ value: opts.title, message: "Title", placeholder: "Post title" });
-    const postBody = await promptForMissing({ value: opts.body, message: "Body", placeholder: "Post body" });
-    let tag = opts.tag;
-    if (!tag) {
-      tag = await promptSelect({
-        message: "Tag",
-        options: POST_TAGS.map((t2) => ({ value: t2, label: t2 }))
-      });
-    }
-    const body = { title, body: postBody, tag };
-    await runCreate({
-      global: opts,
-      fn: () => createPost(uid, body),
-      dataKey: "post",
-      spinnerMessage: "Creating post...",
-      onInteractive: (post, payload) => {
-        console.log(`
-  ${import_picocolors10.default.green("Posted!")} ${payload.post.title}  ${import_picocolors10.default.dim(payload.post.id)}
-`);
-      }
-    });
-  });
-  posts.command("update [id]").description("Update a post").option("--title <title>").option("--body <body>").option("--tag <tag>").action(async function(id) {
-    const opts = this.optsWithGlobals();
-    const uid = requireUid();
-    const postId = await promptForMissing({ value: id, message: "Post ID" });
-    const body = {};
-    const hasAnyFlag = opts.title || opts.body || opts.tag;
-    if (!hasAnyFlag && isInteractive() && !opts.json) {
-      const title = await promptText({ message: "Title (enter to skip)", required: false });
-      if (title) body.title = title;
-      const postBody = await promptText({ message: "Body (enter to skip)", required: false });
-      if (postBody) body.body = postBody;
-      const changeTag = await promptText({ message: "Tag (enter to skip)", placeholder: POST_TAGS.join("|"), required: false });
-      if (changeTag) body.tag = changeTag;
-    } else {
-      if (opts.title) body.title = opts.title;
-      if (opts.body) body.body = opts.body;
-      if (opts.tag) body.tag = opts.tag;
-    }
-    await runWrite({
-      global: opts,
-      fn: () => updatePost(uid, postId, body),
-      dataKey: "post",
-      spinnerMessage: "Updating post...",
-      onInteractive: (payload) => {
-        console.log(`
-  ${import_picocolors10.default.green("Updated!")} ${payload.post.title}  ${import_picocolors10.default.dim(payload.post.id)}
-`);
-      }
-    });
-  });
-  posts.command("delete [id]").description("Delete a post").action(async function(id) {
-    const uid = requireUid();
-    const postId = await promptForMissing({ value: id, message: "Post ID" });
-    await runDelete({
-      global: this.optsWithGlobals(),
-      fn: () => deletePost(uid, postId),
-      successMessage: `  ${import_picocolors10.default.green("Deleted!")} Post ${import_picocolors10.default.dim(postId)}`,
-      spinnerMessage: "Deleting post..."
-    });
-  });
-  posts.command("comment [postId]").description("Add a comment to a post").option("--text <text>").action(async function(postId) {
-    const opts = this.optsWithGlobals();
-    const uid = requireUid();
-    const resolvedPostId = await promptForMissing({ value: postId, message: "Post ID" });
-    const text = await promptForMissing({ value: opts.text, message: "Comment text", placeholder: "Your comment" });
-    await runCreate({
-      global: opts,
-      fn: () => createComment(uid, resolvedPostId, text),
-      dataKey: "comment",
-      spinnerMessage: "Adding comment...",
-      onInteractive: (comment, payload) => {
-        console.log(`
-  ${import_picocolors10.default.green("Commented!")} ${truncate(payload.comment.text ?? "", 50)}  ${import_picocolors10.default.dim(payload.comment.id)}
-`);
-      }
-    });
-  });
-  posts.command("comment-delete [postId] [commentId]").description("Delete a comment").action(async function(postId, commentId) {
-    const uid = requireUid();
-    const resolvedPostId = await promptForMissing({ value: postId, message: "Post ID" });
-    const resolvedCommentId = await pickComment(resolvedPostId, commentId);
-    await runDelete({
-      global: this.optsWithGlobals(),
-      fn: () => deleteComment(uid, resolvedPostId, resolvedCommentId),
-      successMessage: `  ${import_picocolors10.default.green("Deleted!")} Comment ${import_picocolors10.default.dim(resolvedCommentId)}`,
-      spinnerMessage: "Deleting comment..."
-    });
-  });
-  posts.command("reply [postId] [commentId]").description("Add a reply to a comment").option("--text <text>").action(async function(postId, commentId) {
-    const opts = this.optsWithGlobals();
-    const uid = requireUid();
-    const resolvedPostId = await promptForMissing({ value: postId, message: "Post ID" });
-    const resolvedCommentId = await pickComment(resolvedPostId, commentId);
-    const text = await promptForMissing({ value: opts.text, message: "Reply text", placeholder: "Your reply" });
-    await runCreate({
-      global: opts,
-      fn: () => createReply(uid, resolvedPostId, resolvedCommentId, text),
-      dataKey: "reply",
-      spinnerMessage: "Adding reply...",
-      onInteractive: (reply, payload) => {
-        console.log(`
-  ${import_picocolors10.default.green("Replied!")} ${truncate(payload.reply.text ?? "", 50)}  ${import_picocolors10.default.dim(payload.reply.id)}
-`);
-      }
-    });
-  });
-  posts.command("reply-delete [postId] [commentId] [replyId]").description("Delete a reply").action(async function(postId, commentId, replyId) {
-    const uid = requireUid();
-    const resolvedPostId = await promptForMissing({ value: postId, message: "Post ID" });
-    const resolvedCommentId = await pickComment(resolvedPostId, commentId);
-    const resolvedReplyId = await pickReply(resolvedPostId, resolvedCommentId, replyId);
-    await runDelete({
-      global: this.optsWithGlobals(),
-      fn: () => deleteReply(uid, resolvedPostId, resolvedCommentId, resolvedReplyId),
-      successMessage: `  ${import_picocolors10.default.green("Deleted!")} Reply ${import_picocolors10.default.dim(resolvedReplyId)}`,
-      spinnerMessage: "Deleting reply..."
-    });
-  });
 }
 // src/cli/services/profile.ts
+init_api_client();
 async function getProfile() {
   return api.get("/api/profile");
 }
@@ -9879,9 +9837,47 @@ function registerProfileCommands(program3) {
 }
 // src/cli/commands/doctor.ts
-var import_picocolors11 = __toESM(require_picocolors(), 1);
-init_tty();
-var API_BASE5 = process.env.NUMO_API_URL ?? "http://localhost:3000";
+var import_picocolors10 = __toESM(require_picocolors(), 1);
+var import_dns = require("dns");
+var import_net = require("net");
+var import_tls = __toESM(require("tls"), 1);
+init_credentials();
+init_api_client();
+init_api_base();
+init_errors();
+function errMessage(err) {
+  return sanitizeErrorMessage(err instanceof Error ? err.message : String(err));
+}
+async function checkDns(hostname) {
+  if ((0, import_net.isIP)(hostname) !== 0 || hostname === "localhost") {
+    return { name: "dns", status: "ok", message: `DNS skipped (${hostname} is a literal address)` };
+  }
+  try {
+    const addrs = await import_dns.promises.resolve(hostname);
+    return { name: "dns", status: "ok", message: `DNS ${hostname} \u2192 ${addrs[0]}` };
+  } catch (err) {
+    return { name: "dns", status: "fail", message: `DNS lookup failed for ${hostname}: ${errMessage(err)}` };
+  }
+}
+async function checkTls(hostname) {
+  return new Promise((resolve) => {
+    const socket = import_tls.default.connect(
+      { host: hostname, port: 443, timeout: 5e3, servername: hostname },
+      () => {
+        const proto = socket.getProtocol() ?? "unknown";
+        socket.end();
+        resolve({ name: "tls", status: "ok", message: `TLS handshake OK (${proto})` });
+      }
+    );
+    socket.on("error", (err) => {
+      resolve({ name: "tls", status: "fail", message: `TLS handshake failed: ${errMessage(err)}` });
+    });
+    socket.on("timeout", () => {
+      socket.destroy();
+      resolve({ name: "tls", status: "fail", message: "TLS handshake timed out after 5s" });
+    });
+  });
+}
 async function runChecks() {
   const checks = [];
   const nodeVersion = process.version;
@@ -9891,68 +9887,128 @@ async function runChecks() {
     status: major >= 18 ? "ok" : "fail",
     message: major >= 18 ? `Node ${nodeVersion}` : `Node ${nodeVersion} \u2014 requires >= 18`
   });
+  const verdict = classifyApiBase();
+  if (!verdict.ok) {
+    checks.push({
+      name: "api_url",
+      status: "fail",
+      message: verdict.message,
+      fix: "Use https://api.numo.ai, or export NUMO_ALLOW_CUSTOM_HOST=1 for a self-hosted server"
+    });
+    return checks;
+  }
+  const apiUrl = new URL(API_BASE);
   checks.push({
     name: "api_url",
-    status: process.env.NUMO_API_URL ? "ok" : "warn",
-    message: process.env.NUMO_API_URL ? `API URL: ${API_BASE5}` : `NUMO_API_URL not set (using default: ${API_BASE5})`
+    status: verdict.insecure ? "warn" : process.env.NUMO_API_URL ? "ok" : "warn",
+    message: verdict.insecure ? `API URL: ${API_BASE} (HTTP \u2014 tokens unencrypted)` : process.env.NUMO_API_URL ? `API URL: ${API_BASE}` : `NUMO_API_URL not set (using default: ${API_BASE})`
   });
+  checks.push(await checkDns(apiUrl.hostname));
+  if (apiUrl.protocol === "https:") {
+    checks.push(await checkTls(apiUrl.hostname));
+  }
   const creds = loadCredentials();
   checks.push({
     name: "credentials",
     status: creds ? "ok" : "fail",
-    message: creds ? `Logged in as ${creds.email}` : "Not logged in (run: numo login)"
+    message: creds ? `Logged in as ${creds.email}` : "Not logged in",
+    fix: creds ? void 0 : "numo login"
   });
   if (creds) {
     try {
       await getIdToken();
       checks.push({ name: "token", status: "ok", message: "Token valid / refreshed" });
     } catch (err) {
-      checks.push({ name: "token", status: "fail", message: `Token refresh failed: ${err.message}` });
+      checks.push({
+        name: "token",
+        status: "fail",
+        message: `Token refresh failed: ${errMessage(err)}`,
+        fix: "numo login"
+      });
     }
   } else {
     checks.push({ name: "token", status: "fail", message: "Skipped (no credentials)" });
   }
   try {
-    const resp = await fetch(`${API_BASE5}/api/health`, { signal: AbortSignal.timeout(5e3) });
-    checks.push({ name: "api_reachable", status: "ok", message: `API server reachable (HTTP ${resp.status})` });
+    const resp = await fetch(`${API_BASE}/api/health`, { signal: AbortSignal.timeout(5e3) });
+    checks.push({
+      name: "api_reachable",
+      status: resp.ok ? "ok" : "fail",
+      message: `API /api/health \u2192 HTTP ${resp.status}`,
+      fix: resp.ok ? void 0 : "Check NUMO_API_URL and your network connection"
+    });
   } catch (err) {
-    checks.push({ name: "api_reachable", status: "fail", message: `API server unreachable: ${err.message}` });
+    checks.push({
+      name: "api_reachable",
+      status: "fail",
+      message: `API server unreachable: ${errMessage(err)}`,
+      fix: "Check NUMO_API_URL and your network connection"
+    });
+  }
+  if (creds) {
+    try {
+      const token = await getIdToken();
+      const resp = await fetch(`${API_BASE}/api/tasks?backlog=true`, {
+        headers: { Authorization: `Bearer ${token}` },
+        signal: AbortSignal.timeout(5e3)
+      });
+      checks.push({
+        name: "auth",
+        status: resp.ok ? "ok" : "fail",
+        message: resp.ok ? `Authenticated request OK (HTTP ${resp.status})` : `Authenticated request failed: HTTP ${resp.status}`,
+        fix: resp.ok ? void 0 : "numo login"
+      });
+    } catch (err) {
+      checks.push({
+        name: "auth",
+        status: "fail",
+        message: `Authenticated request error: ${errMessage(err)}`,
+        fix: "numo login"
+      });
+    }
   }
   return checks;
 }
 function registerDoctorCommand(program3) {
   program3.command("doctor").description("Check CLI health and connectivity").action(async function() {
     const opts = this.optsWithGlobals();
-    const asJson = !!(opts.json || opts.quiet || !isInteractive());
+    const asJson = isQuietMode(opts);
     const checks = await runChecks();
     const ok = checks.every((c) => c.status !== "fail");
     if (asJson) {
-      printJson({ ok, checks });
+      printJson({ ok, exitCode: ok ? 0 : 1, checks });
     } else {
       console.log("");
       for (const check of checks) {
-        const icon = check.status === "ok" ? import_picocolors11.default.green(SYM.check) : check.status === "warn" ? import_picocolors11.default.yellow("!") : import_picocolors11.default.red(SYM.cross);
+        const icon = check.status === "ok" ? import_picocolors10.default.green(SYM.check) : check.status === "warn" ? import_picocolors10.default.yellow("!") : import_picocolors10.default.red(SYM.cross);
         console.log(`  ${icon} ${check.message}`);
+        if (check.fix) {
+          console.log(`      ${import_picocolors10.default.dim("Fix:")} ${import_picocolors10.default.cyan("$")} ${import_picocolors10.default.bold(check.fix)}`);
+        }
       }
       console.log("");
-      if (ok) {
-        console.log(`  ${import_picocolors11.default.green("All checks passed.")}`);
-      } else {
-        console.log(`  ${import_picocolors11.default.red("Some checks failed.")}`);
-      }
+      console.log(`  ${ok ? import_picocolors10.default.green("All checks passed.") : import_picocolors10.default.red("Some checks failed.")}`);
       console.log("");
     }
     if (!ok) process.exit(1);
   });
 }
+// src/cli/cli.ts
+init_dirs();
 // src/cli/lib/update-check.ts
 var fs4 = __toESM(require("fs"), 1);
 var path2 = __toESM(require("path"), 1);
-var import_picocolors12 = __toESM(require_picocolors(), 1);
+var import_picocolors11 = __toESM(require_picocolors(), 1);
+init_dirs();
 init_tty();
 var CHECK_INTERVAL = 24 * 60 * 60 * 1e3;
 var PACKAGE_NAME = "numo-cli";
+var REPO = "mindistio/numo-cli";
+var INSTALL_SCRIPT_URL = `https://raw.githubusercontent.com/${REPO}/main/install.sh`;
+var UPGRADE_NPM = `npm i -g ${PACKAGE_NAME}`;
+var UPGRADE_BINARY = `curl -fsSL ${INSTALL_SCRIPT_URL} | bash`;
 function getStatePath() {
   return path2.join(getConfigDir(), "update-check.json");
 }
@@ -9979,6 +10035,12 @@ function semverGt(a, b) {
   }
   return false;
 }
+function isBinaryInstall() {
+  return !!process.versions.bun;
+}
+function upgradeCommand(isBinary = isBinaryInstall()) {
+  return isBinary ? UPGRADE_BINARY : UPGRADE_NPM;
+}
 function checkForUpdate(currentVersion) {
   if (!isInteractive()) return;
   if (process.env.CI || process.env.NUMO_NO_UPDATE_CHECK) return;
@@ -9987,8 +10049,8 @@ function checkForUpdate(currentVersion) {
   if (state.latestVersion && semverGt(state.latestVersion, currentVersion)) {
     process.stderr.write(
       `
-  ${import_picocolors12.default.yellow("Update available")} ${import_picocolors12.default.dim(currentVersion)} ${import_picocolors12.default.dim("\u2192")} ${import_picocolors12.default.green(state.latestVersion)}
-  Run ${import_picocolors12.default.cyan("npm i -g numo-cli")} to update
+  ${import_picocolors11.default.yellow("Update available")} ${import_picocolors11.default.dim(currentVersion)} ${import_picocolors11.default.dim("\u2192")} ${import_picocolors11.default.green(state.latestVersion)}
+  Run ${import_picocolors11.default.cyan(upgradeCommand())} to update
 `
     );
@@ -10012,10 +10074,21 @@ function fetchLatestVersion(state) {
   }
 }
+// src/cli/lib/guide.ts
+var import_fs = require("fs");
+var import_path = require("path");
+function getAgentGuide() {
+  if (true) return '# AGENTS.md \u2014 numo-cli for AI Agents\n\nInstructions for AI agents (Claude, GPT, Cursor, Copilot, etc.) integrating with [numo-cli](https://www.npmjs.com/package/numo-cli).\n\n## What is numo-cli?\n\n`numo` is the command-line client for the **Numo ADHD planner** \u2014 programmatic access to tasks, community posts, and profiles for any agent that can run shell commands. Invoke it as `numo <command>`; assume it is already installed and on `PATH`.\n\n## Authentication\n\n### Interactive (humans)\n\n```bash\nnumo login\n```\nPrompts for email + password, or use `--phone` for SMS OTP. Credentials are stored locally.\n\n### Non-interactive (agents / CI)\n\n**For long-running sessions (recommended) \u2014 email + password via env vars:**\n\n```bash\nexport NUMO_LOGIN_EMAIL="you@example.com"\nexport NUMO_LOGIN_PASSWORD="..."\nnumo login --json\n# stdout: {"ok":true,"uid":"...","email":"...","idToken":"...","idTokenExpiry":...}\n```\n\nThis path caches credentials locally and auto-refreshes the ID token in the background \u2014 every subsequent `numo` invocation in the session keeps working past the ~1-hour ID-token expiry.\n\n**For one-shot calls \u2014 pre-existing ID token:**\n\n```bash\nexport NUMO_TOKEN="<id-token>"\nnumo tasks list --json\n```\n\n`NUMO_TOKEN` does **not** auto-refresh \u2014 it is treated as opaque, single-use credentials. When the ID token expires (typically ~1 hour after issue), API calls will start returning 401 with no recovery path. Use this only for short scripts; otherwise prefer the email/password path above. Inspect remaining validity with `numo whoami --json` (decodes the JWT `exp` claim and reports `autoRefresh: false`).\n\n**Custom server host:** by default credentials are only sent to `*.numo.ai` (or loopback). To point `NUMO_API_URL` at a self-hosted/staging host, set `NUMO_ALLOW_CUSTOM_HOST=1` \u2014 otherwise credential-sending commands fail with a `CONFIG_ERROR` (exit 78). Offline commands (`commands`, `schema`, `--help`) are never gated.\n\n## JSON Mode\n\nAll commands output JSON when:\n1. stdout is piped (automatic detection)\n2. `--json` flag is passed\n3. `-q` / `--quiet` flag is passed (implies `--json`, suppresses interactive output)\n\n`numo tasks create` defaults to **private** tasks (`isPublic: false`) in every mode \u2014 interactive shells, JSON mode, scripts. Public tasks require an explicit `--public` flag (or picking "Public" in the interactive Visibility prompt). This is a stability guarantee per W-121 \u2014 the CLI must not accidentally expose tasks to the public community feed. New tasks are always inserted at the **top** of the list (`listPosition: \'top\'`).\n\n## Core Commands\n\n### Tasks\n\n```bash\n# List today\'s tasks\nnumo tasks list --json\n# \u2192 {"tasks":[...],"count":N,"pendingCount":N,"completedCount":N}\n\n# List by date (accepts natural language: tomorrow, next monday, in 3 days)\nnumo tasks list --date "next monday" --json\n\n# List backlog (undated tasks)\nnumo tasks list --backlog --json\n\n# Create a task (positional text or --text; private + inserted at top by default)\nnumo tasks create "Buy groceries" --due "2026-04-03" --json\nnumo tasks create --text "Weekly review" --due "next monday" --json\n# \u2192 {"task":{...},"karma":N}\n\n# Quick add (today, private), and recurring routines\nnumo tasks create "Call dentist" --due tomorrow --tags Health --json\nnumo tasks create "Standup" --repeat weekly --weekdays Mon,Wed,Fri --json\nnumo tasks create "Read later" --backlog --json\nnumo tasks create "Trip" --subtask "Book hotel" --subtask "Pack" --json   # repeatable --subtask\n\n# Get task details\nnumo tasks get <taskId> --json\n\n# Update a task\nnumo tasks update <taskId> --text "New text" --due "2026-04-05" --json\nnumo tasks update <taskId> --no-time --json   # strip time-of-day (all-day task)\n\n# Complete a task\nnumo tasks complete <taskId> --json\n# \u2192 {"completed":true,"task":{...}|null,"taskHistory":{...},"karma":N,"checksInRow":N}\n\n# Uncomplete (restore from history)\nnumo tasks uncomplete <historyId> --json\n\n# Delete a task (archives it)\nnumo tasks delete <taskId> --json\n```\n\n### Recurring reminders (natural-language requests)\n\nA request like *"remind me to plan my week every Monday"* maps to a recurring task. There is no separate "reminder" entity \u2014 a reminder **is** a task with a `remindDate`. Resolve two things the phrasing leaves implicit:\n\n1. **Anchor the first occurrence.** `--repeat weekly --weekdays Mon` alone sets `dueDate` to *today*, so the first instance can land before the intended weekday. Pass `--due "next monday"` to anchor it.\n2. **"Remind" needs a time.** An all-day task has `remindDate: null` (no notification fires). Add a time so the app derives `remindDate` (default lead ~3h before due).\n\n```bash\n# "remind me to plan my week every Monday" \u2192\nnumo tasks create "Plan my week" --due "next monday 09:00" --repeat weekly --weekdays Mon --json\n# \u2192 dueDate 2026-06-22 09:00, remindDate 2026-06-22 06:00, repeat weekly on Mon\n```\n\nPick a sensible default time (e.g. 09:00) or ask the user. `--due` accepts natural language (`"next monday"`, `"next monday 09:00"`).\n\n### Community (read-only)\n\n```bash\nnumo posts list --json                       # list posts (with commentsCount + likesCount)\nnumo posts get <postId> --json               # post details\nnumo posts comments <postId> --json          # list comments on a post\nnumo posts replies <postId> <commentId> --json   # list replies to a comment\n```\n\n### Profile & Discovery\n\n```bash\nnumo profile --json           # Current user profile\nnumo commands --json          # List all available commands\nnumo schema "tasks create"    # JSON schema for a specific command\nnumo doctor --json            # Health check (DNS, TLS, /api/health, auth)\n```\n\n## Batch Operations\n\n```bash\n# Complete multiple tasks via stdin (one ID per line)\necho -e "taskId1\\ntaskId2" | numo tasks complete --stdin --json\n\n# Pipe IDs from list\nnumo tasks list --json --tag Work | jq -r \'.tasks[].id\' | numo tasks complete --stdin\n```\n\n## Error Handling\n\nAll errors return structured JSON on stderr:\n\n```json\n{\n  "error": {\n    "kind": "NOT_FOUND",\n    "code": 100,\n    "message": "Task not found",\n    "suggestion": "numo tasks list"\n  }\n}\n```\n\n### Error kinds\n\n`AUTH_REQUIRED`, `AUTH_EXPIRED`, `AUTH_FORBIDDEN`, `INVALID_INPUT`, `MISSING_ARGUMENT`, `NOT_FOUND`, `CONFLICT`, `NETWORK_ERROR`, `TIMEOUT`, `RATE_LIMITED`, `SERVICE_UNAVAILABLE`, `CONFIG_ERROR`, `INTERNAL`, `UNKNOWN`.\n\n### Exit codes\n\n| Code | Meaning |\n|------|---------|\n| `0`  | OK |\n| `1`  | General error |\n| `2`  | Usage error (missing argument, invalid input) |\n| `69` | Service unavailable (network, server down) |\n| `75` | Temporary failure (timeout, rate limit) |\n| `77` | No permission (auth required / forbidden) |\n| `78` | Configuration error (missing env var, etc.) |\n| `100`| Not found |\n| `101`| Conflict |\n\n## Tips for Agents\n\n- Always pass `--json` or `-q` for structured output.\n- Use `numo commands --json` and `numo schema <command>` for runtime introspection. Both payloads include `schemaVersion` and `cliVersion` at the root \u2014 agents that pin behavior should branch on `schemaVersion`.\n- Natural language dates work for both `--date` and `--due`: `"tomorrow"`, `"next monday"`, `"in 3 days"`.\n- Task IDs are stable; store them for later operations.\n- `numo tasks create` defaults to **private** in every mode (see "JSON Mode" above) and inserts new tasks at the top of the list. Pass `--public` to make a task public.\n- For rate-limited errors (`429`), the response includes `retryAfter` (seconds) and `retryable: true`.\n- **PII in profile output:** `numo profile --json` includes `photoURL`, a signed storage URL containing a long-lived access token in the query string. Do not pipe `profile` output to public logs, build outputs, or screenshots \u2014 the URL grants read access to the avatar bytes for as long as it stays valid.\n';
+  try {
+    return (0, import_fs.readFileSync)((0, import_path.join)(process.cwd(), "AGENTS.md"), "utf8");
+  } catch {
+    return "Agent guide is unavailable in this build.\nSee https://github.com/mindistio/numo-cli/blob/main/AGENTS.md";
+  }
+}
 // src/cli/cli.ts
-init_tty();
 init_errors();
-var CLI_VERSION = true ? "1.3.0" : "0.0.0-dev";
+var CLI_VERSION = true ? "1.6.0" : "0.0.0-dev";
 var program2 = new Command();
 program2.name("numo").description("CLI for Numo \u2014 programmatic access for humans and AI agents").version(CLI_VERSION).option("--json [fields]", "Output as JSON (optionally: comma-separated field names)").option("-q, --quiet", "Suppress interactive output, implies --json").hook("preAction", (thisCommand) => {
   const opts = thisCommand.optsWithGlobals();
@@ -10023,130 +10096,129 @@ program2.name("numo").description("CLI for Numo \u2014 programmatic access for h
     thisCommand.setOptionValue("json", true);
   }
 }).addHelpText("after", `
-${import_picocolors13.default.bold("Output modes:")}
+${import_picocolors12.default.bold("Output modes:")}
   Interactive (TTY)     Tables, colors, spinners
   Piped / --json        Clean JSON for scripting and agents
-${import_picocolors13.default.bold("Examples:")}
-  ${import_picocolors13.default.dim("$")} numo login
-  ${import_picocolors13.default.dim("$")} numo tasks list --date 2025-01-15
-  ${import_picocolors13.default.dim("$")} numo tasks create --text "Buy groceries" --due 2025-01-16`);
-program2.command("login").description("Login with your Numo account").option("--phone", "Login with phone number (SMS OTP)").action(async (opts) => {
-  await login(opts);
-}).addHelpText("after", `
-Examples:
-  $ numo login               # Interactive (email/password)
-  $ numo login --phone       # SMS OTP flow`);
-program2.command("register").description("Create a new Numo account").option("--email <email>", "Email address").option("--password <password>", "Password (min 6 chars; visible in ps/history \u2014 prefer interactive mode)").action(async (opts) => {
-  await register(opts);
+${import_picocolors12.default.bold("Examples:")}
+  ${import_picocolors12.default.dim("$")} numo login
+  ${import_picocolors12.default.dim("$")} numo tasks list
+  ${import_picocolors12.default.dim("$")} numo tasks create --text "Buy groceries" --due tomorrow
+${import_picocolors12.default.bold("Environment:")}
+  NUMO_API_URL              API server URL
+  NUMO_TOKEN                Pre-existing ID token (skips local credentials)
+  NUMO_LOGIN_EMAIL          Email for non-interactive login
+  NUMO_LOGIN_PASSWORD       Password for non-interactive login
+  NUMO_NO_UPDATE_CHECK      Disable update notifications`);
+program2.command("login").description("Login with your Numo account").option("--phone", "Login with phone number (SMS OTP)").action(async function() {
+  await login(this.optsWithGlobals(), program2);
 }).addHelpText("after", `
 Examples:
-  $ numo register                                        # Interactive
-  $ numo register --email user@example.com --password s3cret   # Non-interactive`);
+  $ numo login                                        # Interactive (email/password)
+  $ numo login --phone                                # SMS OTP flow
+  $ NUMO_LOGIN_EMAIL=\u2026 NUMO_LOGIN_PASSWORD=\u2026 numo login --json   # Non-interactive (CI/agents)`);
 program2.command("logout").description("Clear stored credentials").action(() => {
   clearCredentials();
-  console.log(import_picocolors13.default.green("Logged out."));
-});
-program2.command("whoami").description("Show current auth status (no API call)").action(function() {
+  console.log(import_picocolors12.default.green("Logged out."));
+  if (process.env.NUMO_TOKEN) {
+    console.log(import_picocolors12.default.yellow("\n  Note: NUMO_TOKEN env var is still set. Unset it to fully de-authenticate."));
+  }
+}).addHelpText("after", `
+Examples:
+  $ numo logout
+If NUMO_TOKEN env var is set, it is not cleared by logout. Unset it separately:
+  $ unset NUMO_TOKEN`);
+program2.command("whoami").description("Show current auth status (no API call)").addHelpText("after", `
+Examples:
+  $ numo whoami
+  $ numo whoami --json   # \u2192 {"email":"...","uid":"...","tokenValid":true,"expiresIn":N,"source":"..."}`).action(function() {
   const opts = this.optsWithGlobals();
-  const asJson = !!(opts.json || opts.quiet || !isInteractive());
+  const asJson = isQuietMode(opts);
+  const envToken = process.env.NUMO_TOKEN;
   const creds = loadCredentials();
-  if (!creds) {
+  if (!creds && envToken) {
+    let tokenValid2 = false;
+    let expiresIn2 = 0;
+    let email = null;
+    let uid = null;
+    try {
+      const payloadB64 = envToken.split(".")[1] ?? "";
+      const payload = JSON.parse(Buffer.from(payloadB64, "base64").toString("utf8"));
+      if (typeof payload.exp === "number") {
+        const expMs = payload.exp * 1e3;
+        tokenValid2 = Date.now() < expMs;
+        expiresIn2 = Math.max(0, Math.floor((expMs - Date.now()) / 1e3));
+      }
+      if (typeof payload.email === "string") email = payload.email;
+      if (typeof payload.user_id === "string") uid = payload.user_id;
+      else if (typeof payload.sub === "string") uid = payload.sub;
+    } catch {
+    }
     if (asJson) {
-      console.error(JSON.stringify({ error: { message: "Not logged in", code: "AUTH_REQUIRED" } }));
+      printJson({ email, uid, tokenValid: tokenValid2, expiresIn: expiresIn2, source: "NUMO_TOKEN", autoRefresh: false });
     } else {
-      console.error(`${import_picocolors13.default.red("Not logged in")}
-  $ numo login
-`);
+      if (email) console.log(`  ${import_picocolors12.default.bold("Email")}  ${email}`);
+      if (uid) console.log(`  ${import_picocolors12.default.bold("UID")}    ${uid}`);
+      console.log(`  ${import_picocolors12.default.bold("Token")}  ${tokenValid2 ? import_picocolors12.default.green(`valid (expires in ${Math.floor(expiresIn2 / 60)}m)`) : import_picocolors12.default.red("expired or malformed")}`);
+      console.log(`  ${import_picocolors12.default.bold("Auth")}   NUMO_TOKEN env var ${import_picocolors12.default.dim("(no auto-refresh; use NUMO_LOGIN_EMAIL/PASSWORD for long sessions)")}`);
     }
-    process.exit(ExitCode.NO_PERM);
+    if (!tokenValid2) process.exitCode = ExitCode.NO_PERM;
+    return;
+  }
+  if (!creds) {
+    outputError(Errors.authRequired(), asJson);
     return;
   }
   const tokenValid = !!(creds.idToken && creds.idTokenExpiry && Date.now() < creds.idTokenExpiry);
   const expiresIn = creds.idTokenExpiry ? Math.max(0, Math.floor((creds.idTokenExpiry - Date.now()) / 1e3)) : 0;
-  const source = process.env.NUMO_TOKEN ? "NUMO_TOKEN" : "credentials_file";
+  const source = "credentials_file";
   if (asJson) {
-    printJson({ email: creds.email, uid: creds.uid, tokenValid, expiresIn, source });
+    printJson({ email: creds.email, uid: creds.uid, tokenValid, expiresIn, source, autoRefresh: true });
   } else {
-    console.log(`  ${import_picocolors13.default.bold("Email")}  ${creds.email}`);
-    console.log(`  ${import_picocolors13.default.bold("UID")}    ${creds.uid}`);
-    console.log(`  ${import_picocolors13.default.bold("Token")}  ${tokenValid ? import_picocolors13.default.green(`valid (expires in ${Math.floor(expiresIn / 60)}m)`) : import_picocolors13.default.yellow("expired (will auto-refresh)")}`);
-    console.log(`  ${import_picocolors13.default.bold("Auth")}   ${source === "NUMO_TOKEN" ? "NUMO_TOKEN env var" : "~/.numo/credentials.json"}`);
+    console.log(`  ${import_picocolors12.default.bold("Email")}  ${creds.email}`);
+    console.log(`  ${import_picocolors12.default.bold("UID")}    ${creds.uid}`);
+    console.log(`  ${import_picocolors12.default.bold("Token")}  ${tokenValid ? import_picocolors12.default.green(`valid (expires in ${Math.floor(expiresIn / 60)}m)`) : import_picocolors12.default.yellow("expired (will auto-refresh)")}`);
+    console.log(`  ${import_picocolors12.default.bold("Auth")}   ${getCredentialsPath()}`);
   }
 });
 registerTasksCommands(program2);
-program2.command("add [text...]").description("Quick-add a task (today, public, no wizard)").option("--due <date>", "Due date YYYY-MM-DD (default: today)").option("--tags <tags>", "Comma-separated tags").option("--public", "Make task public (default)").option("--private", "Make task private").action(async function(textParts) {
-  const opts = this.optsWithGlobals();
-  const uid = requireUid();
-  const text = textParts?.join(" ");
-  if (!text) {
-    console.error('Usage: numo add "task text"');
-    process.exit(ExitCode.USAGE);
-  }
-  const body = {
-    text,
-    dueDate: opts.due ? parseHumanDate(opts.due) ?? opts.due : (/* @__PURE__ */ new Date()).toISOString().slice(0, 10)
-  };
-  if (opts.tags) body.tags = opts.tags.split(",");
-  if (opts.public) body.isPublic = true;
-  if (opts.private) body.isPublic = false;
-  await runCreate({
-    global: opts,
-    fn: () => createTask(uid, body),
-    dataKey: "task",
-    spinnerMessage: "Creating task...",
-    onInteractive: (_task, payload) => {
-      const { task, karma } = payload;
-      const check = import_picocolors13.default.green(SYM.check);
-      console.log(`
-  ${check} Created  ${task.text}  ${import_picocolors13.default.dim(task.id)}`);
-      if (karma) console.log(`    ${formatKarmaGain(karma)}`);
-      console.log("");
-    }
-  });
-});
 registerPostsCommands(program2);
 registerProfileCommands(program2);
 registerDoctorCommand(program2);
 program2.command("commands").description("List all available commands").action(function() {
   const opts = this.optsWithGlobals();
-  const useJson2 = !!(opts.json || opts.quiet || !isInteractive());
-  const commands = [];
-  function walk(cmd, prefix) {
-    for (const sub of cmd.commands) {
-      const fullName = prefix ? `${prefix} ${sub.name()}` : sub.name();
-      if (sub.commands.length > 0) {
-        walk(sub, fullName);
-      } else {
-        commands.push({
-          name: fullName,
-          description: sub.description(),
-          options: sub.options.map((o) => o.flags)
-        });
-      }
-    }
-  }
-  walk(program2, "");
+  const useJson2 = isQuietMode(opts);
+  const commands = collectCommands(program2);
   if (useJson2) {
-    console.log(JSON.stringify({ commands }));
+    console.log(JSON.stringify({ schemaVersion: "1", cliVersion: CLI_VERSION, commands }));
   } else {
-    console.log("");
-    let lastGroup = "";
-    for (const cmd of commands) {
-      const group = cmd.name.split(" ")[0];
-      if (group !== lastGroup) {
-        if (lastGroup) console.log("");
-        console.log(`  ${import_picocolors13.default.bold(group.charAt(0).toUpperCase() + group.slice(1) + ":")}`);
-        lastGroup = group;
-      }
-      console.log(`    numo ${cmd.name.padEnd(30)} ${import_picocolors13.default.dim(cmd.description)}`);
-    }
     console.log(`
-  ${import_picocolors13.default.dim("Run numo <command> --help for details.")}
+${formatCommandMap(commands)}`);
+    console.log(`
+  ${import_picocolors12.default.dim("Run numo <command> --help for details.")}
 `);
   }
 });
+program2.command("guide").alias("agents").description("Print the full agent integration guide (AGENTS.md)").addHelpText("after", `
+Examples:
+  $ numo guide              # full agent guide (Markdown)
+  $ numo agents             # alias
+  $ numo guide --json       # \u2192 {"schemaVersion":"1","cliVersion":"...","guide":"..."}`).action(function() {
+  const opts = this.optsWithGlobals();
+  const useJson2 = isQuietMode(opts);
+  const guide = getAgentGuide();
+  if (useJson2) {
+    console.log(JSON.stringify({ schemaVersion: "1", cliVersion: CLI_VERSION, guide }));
+  } else {
+    console.log(guide);
+  }
+});
+var OPTION_ENUMS = {
+  "--repeat": ["daily", "weekly", "monthly", "none"],
+  "--difficulty": [0, 1, 2, 3]
+};
 function buildCommandSchema(cmd, fullName) {
   return {
     name: fullName,
@@ -10154,14 +10226,23 @@ function buildCommandSchema(cmd, fullName) {
     arguments: cmd.registeredArguments?.map((a) => ({
       name: a.name(),
       required: a.required,
+      variadic: a.variadic,
       description: a.description
     })) ?? [],
-    options: cmd.options.filter((o) => !["--json", "-q, --quiet"].includes(o.flags)).map((o) => ({
-      flags: o.flags,
-      description: o.description,
-      required: o.required,
-      default: o.defaultValue
-    }))
+    options: cmd.options.filter((o) => !["--json", "-q, --quiet"].includes(o.flags)).map((o) => {
+      const takesValue = o.required || o.optional;
+      const repeatable = Array.isArray(o.defaultValue);
+      const opt = {
+        flags: o.flags,
+        description: o.description,
+        type: takesValue ? repeatable ? "string[]" : "string" : "boolean",
+        required: o.required,
+        default: o.defaultValue
+      };
+      if (repeatable) opt.repeatable = true;
+      if (OPTION_ENUMS[o.long]) opt.enum = OPTION_ENUMS[o.long];
+      return opt;
+    })
   };
 }
 program2.command("schema [command]").description("Print JSON schema for a command (for AI agents)").action(function(cmdPath) {
@@ -10176,7 +10257,7 @@ program2.command("schema [command]").description("Print JSON schema for a comman
     var walk = walk2;
     const schemas = [];
     walk2(program2, "");
-    console.log(JSON.stringify({ commands: schemas }, null, 2));
+    console.log(JSON.stringify({ schemaVersion: "1", cliVersion: CLI_VERSION, commands: schemas }, null, 2));
     return;
   }
   const parts = cmdPath.split(" ");
@@ -10190,7 +10271,7 @@ program2.command("schema [command]").description("Print JSON schema for a comman
     }
     cmd = sub;
   }
-  console.log(JSON.stringify(buildCommandSchema(cmd, cmdPath), null, 2));
+  console.log(JSON.stringify({ schemaVersion: "1", cliVersion: CLI_VERSION, ...buildCommandSchema(cmd, cmdPath) }, null, 2));
 });
 program2.command("completion <shell>").description("Generate shell completion script").action(function(shell) {
   if (shell !== "zsh") {