olakai-cli 0.6.2 → 0.6.5

package/dist/index.js

@@ -1,31 +1,67 @@
 #!/usr/bin/env node
+import {
+  createAgent,
+  createCustomDataConfig,
+  createKpi,
+  createWorkflow,
+  deleteAgent,
+  deleteCustomDataConfig,
+  deleteKpi,
+  deleteWorkflow,
+  getActivity,
+  getActivityKpis,
+  getAgent,
+  getCurrentUser,
+  getCustomDataConfig,
+  getKpi,
+  getKpiContextVariables,
+  getWorkflow,
+  listActivity,
+  listAgents,
+  listCustomDataConfigs,
+  listKpis,
+  listMyAgents,
+  listSessions,
+  listWorkflows,
+  pollForToken,
+  regenerateAgentApiKey,
+  requestDeviceCode,
+  updateAgent,
+  updateCustomDataConfig,
+  updateKpi,
+  updateWorkflow,
+  validateKpiFormula
+} from "./chunk-GU4HEL24.js";
 import {
   CLAUDE_DIR,
-  CLIENT_ID,
-  HOSTS,
   OLAKAI_DIR,
   OLAKAI_HOOK_MARKER,
   SETTINGS_FILE,
-  clearToken,
   deleteClaudeCodeConfig,
   findConfiguredWorkspace,
-  getBaseUrl,
   getClaudeCodeConfigPath,
   getClaudeCodeStatus,
   getClaudeDir,
-  getEnvironment,
   getLegacyClaudeMonitorConfigPath,
   getMonitorConfigPath,
   getSettingsPath,
+  loadClaudeCodeConfig,
+  mergeHooksSettings,
+  readJsonFile,
+  writeClaudeCodeConfig,
+  writeJsonFile
+} from "./chunk-2Q7JYGCK.js";
+import {
+  HOSTS,
+  clearToken,
+  getBaseUrl,
+  getEnvironment,
   getValidEnvironments,
   getValidToken,
   isTokenValid,
   isValidEnvironment,
-  loadClaudeCodeConfig,
   loadToken,
-  mergeHooksSettings,
   patchProfile,
-  readJsonFile,
   readProfilesFile,
   removeProfile,
   resolveActiveProfile,
@@ -34,10 +70,8 @@ import {
   setDefaultProfile,
   setEnvironment,
   setHostOverride,
-  setProfileOverride,
-  writeClaudeCodeConfig,
-  writeJsonFile
-} from "./chunk-PGRX347G.js";
+  setProfileOverride
+} from "./chunk-AVB4N2UN.js";
 
 // src/index.ts
 import { createRequire } from "module";
@@ -45,753 +79,6 @@ import { Command } from "commander";
 
 // src/commands/login.ts
 import open from "open";
-
-// src/lib/api.ts
-async function requestDeviceCode() {
-  const response = await fetch(`${getBaseUrl()}/api/auth/device/code`, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify({ client_id: CLIENT_ID })
-  });
-  if (!response.ok) {
-    const error = await response.json();
-    throw new Error(error.error_description || error.error || "Failed to request device code");
-  }
-  return await response.json();
-}
-async function pollForToken(deviceCode) {
-  const response = await fetch(`${getBaseUrl()}/api/auth/device/token`, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify({
-      grant_type: "urn:ietf:params:oauth:grant-type:device_code",
-      device_code: deviceCode,
-      client_id: CLIENT_ID
-    })
-  });
-  const data = await response.json();
-  if (!response.ok) {
-    if ("error" in data && data.error === "authorization_pending") {
-      return null;
-    }
-    const errorMsg = "error_description" in data ? data.error_description : "error" in data ? data.error : "Token exchange failed";
-    throw new Error(errorMsg || "Token exchange failed");
-  }
-  return data;
-}
-async function getCurrentUser() {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/user/me`, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    throw new Error("Failed to get user info");
-  }
-  return await response.json();
-}
-async function listAgents(options) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const params = new URLSearchParams();
-  if (options?.includeKpis) {
-    params.set("includeKpis", "true");
-  }
-  const url = `${getBaseUrl()}/api/config/agents${params.toString() ? `?${params}` : ""}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to list agents");
-  }
-  const data = await response.json();
-  return data.agents;
-}
-async function getAgent(id) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/agents/${id}`, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Agent not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to get agent");
-  }
-  return await response.json();
-}
-async function createAgent(payload) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/agents`, {
-    method: "POST",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 409) {
-      throw new Error("An agent with this name already exists");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to create agent");
-  }
-  return await response.json();
-}
-async function updateAgent(id, payload) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/agents/${id}`, {
-    method: "PUT",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Agent not found");
-    }
-    if (response.status === 409) {
-      throw new Error("An agent with this name already exists");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to update agent");
-  }
-  return await response.json();
-}
-async function deleteAgent(id) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/agents/${id}`, {
-    method: "DELETE",
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Agent not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to delete agent");
-  }
-}
-async function listWorkflows(options) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const params = new URLSearchParams();
-  if (options?.includeAgents) {
-    params.set("includeAgents", "true");
-  }
-  if (options?.includeInactive) {
-    params.set("includeInactive", "true");
-  }
-  const url = `${getBaseUrl()}/api/config/workflows${params.toString() ? `?${params}` : ""}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to list workflows");
-  }
-  const data = await response.json();
-  return data.workflows;
-}
-async function getWorkflow(id) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/workflows/${id}`, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Workflow not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to get workflow");
-  }
-  return await response.json();
-}
-async function createWorkflow(payload) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/workflows`, {
-    method: "POST",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 409) {
-      throw new Error("A workflow with this name already exists");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to create workflow");
-  }
-  return await response.json();
-}
-async function updateWorkflow(id, payload) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/workflows/${id}`, {
-    method: "PUT",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Workflow not found");
-    }
-    if (response.status === 409) {
-      throw new Error("A workflow with this name already exists");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to update workflow");
-  }
-  return await response.json();
-}
-async function deleteWorkflow(id) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/workflows/${id}`, {
-    method: "DELETE",
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Workflow not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to delete workflow");
-  }
-}
-async function listKpis(options) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const params = new URLSearchParams();
-  if (options?.agentId) {
-    params.set("agentId", options.agentId);
-  }
-  if (options?.includeInactive) {
-    params.set("includeInactive", "true");
-  }
-  const url = `${getBaseUrl()}/api/config/kpis${params.toString() ? `?${params}` : ""}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to list KPIs");
-  }
-  const data = await response.json();
-  return data.kpiDefinitions;
-}
-async function getKpi(id) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/kpis/${id}`, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("KPI definition not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to get KPI");
-  }
-  return await response.json();
-}
-async function createKpi(payload) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/kpis`, {
-    method: "POST",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 409) {
-      throw new Error("A KPI definition with this name already exists");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to create KPI");
-  }
-  return await response.json();
-}
-async function updateKpi(id, payload) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/kpis/${id}`, {
-    method: "PUT",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("KPI definition not found");
-    }
-    if (response.status === 409) {
-      throw new Error("A KPI definition with this name already exists");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to update KPI");
-  }
-  return await response.json();
-}
-async function deleteKpi(id) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/kpis/${id}`, {
-    method: "DELETE",
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("KPI definition not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to delete KPI");
-  }
-}
-async function getKpiContextVariables(agentId, scope) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const params = new URLSearchParams();
-  if (agentId) {
-    params.set("agentId", agentId);
-  }
-  if (scope) {
-    params.set("scope", scope);
-  }
-  const url = `${getBaseUrl()}/api/config/kpis/context-variables${params.toString() ? `?${params}` : ""}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to get context variables");
-  }
-  const data = await response.json();
-  return data.contextVariables;
-}
-async function validateKpiFormula(formula, agentId, scope) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const body = { formula, agentId };
-  if (scope) {
-    body.scope = scope;
-  }
-  const response = await fetch(`${getBaseUrl()}/api/config/kpis/validate`, {
-    method: "POST",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(body)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to validate formula");
-  }
-  return await response.json();
-}
-async function validateMonitoringApiKey(monitoringEndpoint, apiKey) {
-  const normalizedEndpoint = monitoringEndpoint.replace(/\/+$/, "");
-  const url = `${normalizedEndpoint}/me`;
-  const controller = new AbortController();
-  const timeout = setTimeout(() => controller.abort(), 5e3);
-  try {
-    const response = await fetch(url, {
-      method: "GET",
-      headers: {
-        "x-api-key": apiKey
-      },
-      signal: controller.signal
-    });
-    if (!response.ok) {
-      return null;
-    }
-    const data = await response.json();
-    if (typeof data?.accountId !== "string" || typeof data?.apiKeyId !== "string") {
-      return null;
-    }
-    return { accountId: data.accountId, apiKeyId: data.apiKeyId };
-  } catch {
-    return null;
-  } finally {
-    clearTimeout(timeout);
-  }
-}
-async function listActivity(options = {}) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const params = new URLSearchParams();
-  if (options.agentId) params.set("agentId", options.agentId);
-  if (options.workflowId) params.set("workflowId", options.workflowId);
-  if (options.since) params.set("since", options.since);
-  if (options.until) params.set("until", options.until);
-  if (options.limit !== void 0) params.set("limit", String(options.limit));
-  if (options.offset !== void 0) params.set("offset", String(options.offset));
-  if (options.includeContent) params.set("includeContent", "true");
-  if (options.includeAnalytics) params.set("includeAnalytics", "true");
-  const url = `${getBaseUrl()}/api/activity/prompts${params.toString() ? `?${params}` : ""}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to list activity");
-  }
-  return await response.json();
-}
-async function getActivity(id, includeContent) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const params = new URLSearchParams();
-  if (includeContent) params.set("includeContent", "true");
-  const url = `${getBaseUrl()}/api/activity/prompts/${id}${params.toString() ? `?${params}` : ""}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Prompt request not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to get activity");
-  }
-  return await response.json();
-}
-async function getActivityKpis(options) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  if (!options.agentId && !options.workflowId) {
-    throw new Error("Either agentId or workflowId is required");
-  }
-  const params = new URLSearchParams();
-  if (options.agentId) params.set("agentId", options.agentId);
-  if (options.workflowId) params.set("workflowId", options.workflowId);
-  if (options.since) params.set("since", options.since);
-  if (options.until) params.set("until", options.until);
-  if (options.period) params.set("period", options.period);
-  if (options.includeAtoms) params.set("includeAtoms", "true");
-  const url = `${getBaseUrl()}/api/activity/kpis${params.toString() ? `?${params}` : ""}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to get activity KPIs");
-  }
-  return await response.json();
-}
-async function listSessions(options) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const params = new URLSearchParams();
-  params.set("agentId", options.agentId);
-  if (options.since) params.set("since", options.since);
-  if (options.until) params.set("until", options.until);
-  if (options.limit !== void 0) params.set("limit", String(options.limit));
-  if (options.offset !== void 0) params.set("offset", String(options.offset));
-  const url = `${getBaseUrl()}/api/activity/sessions?${params}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to list sessions");
-  }
-  return await response.json();
-}
-async function listCustomDataConfigs(agentId) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const params = new URLSearchParams();
-  if (agentId) {
-    params.set("agentId", agentId);
-  }
-  const url = `${getBaseUrl()}/api/config/custom-data${params.toString() ? `?${params}` : ""}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to list custom data configurations");
-  }
-  const data = await response.json();
-  return data.customDataConfigs;
-}
-async function getCustomDataConfig(id) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const url = `${getBaseUrl()}/api/config/custom-data/${encodeURIComponent(id)}`;
-  const response = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Custom data configuration not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to get custom data configuration");
-  }
-  return await response.json();
-}
-async function createCustomDataConfig(payload) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const url = `${getBaseUrl()}/api/config/custom-data`;
-  const response = await fetch(url, {
-    method: "POST",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 409) {
-      throw new Error("A custom data configuration with this name already exists");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to create custom data configuration");
-  }
-  return await response.json();
-}
-async function updateCustomDataConfig(id, payload) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const url = `${getBaseUrl()}/api/config/custom-data/${encodeURIComponent(id)}`;
-  const response = await fetch(url, {
-    method: "PUT",
-    headers: {
-      Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Custom data configuration not found");
-    }
-    if (response.status === 409) {
-      throw new Error("A custom data configuration with this name already exists");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to update custom data configuration");
-  }
-  return await response.json();
-}
-async function deleteCustomDataConfig(id) {
-  const token = getValidToken();
-  if (!token) {
-    throw new Error("Not logged in. Run 'olakai login' first.");
-  }
-  const url = `${getBaseUrl()}/api/config/custom-data/${encodeURIComponent(id)}`;
-  const response = await fetch(url, {
-    method: "DELETE",
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  });
-  if (!response.ok) {
-    if (response.status === 401) {
-      throw new Error("Session expired. Run 'olakai login' to authenticate again.");
-    }
-    if (response.status === 404) {
-      throw new Error("Custom data configuration not found");
-    }
-    const error = await response.json();
-    throw new Error(error.error || "Failed to delete custom data configuration");
-  }
-}
-
-// src/commands/login.ts
 var POLL_INTERVAL_MS = 5e3;
 async function loginCommand() {
   if (isTokenValid()) {
@@ -997,12 +284,7 @@ async function postHandshakeJson(url, body, options = {}) {
       body: JSON.stringify(body)
     });
   } catch (err) {
-    return {
-      kind: "error",
-      code: "network_error",
-      message: err instanceof Error ? err.message : "Network request failed",
-      status: 0
-    };
+    return buildNetworkError(err);
   }
   if (response.ok) {
     let data;
@@ -1024,7 +306,13 @@ async function postHandshakeJson(url, body, options = {}) {
   } catch {
   }
   const code = mapErrorCode(response.status, errBody);
-  const message = errBody.message || errBody.error || `Request failed with status ${response.status}`;
+  let fallbackPath = "";
+  try {
+    fallbackPath = new URL(url).pathname;
+  } catch {
+    fallbackPath = url;
+  }
+  const message = errBody.message || errBody.error || `Request to ${fallbackPath} failed with status ${response.status}`;
   const retryAfter = parseRetryAfter(response.headers.get("retry-after"));
   const envelope = {
     kind: "error",
@@ -1076,6 +364,28 @@ function mapErrorCode(status, body) {
       return "unknown_error";
   }
 }
+function buildNetworkError(err) {
+  const base = err instanceof Error ? err.message : "Network request failed";
+  let causeCode;
+  let causeMessage;
+  if (err instanceof Error && err.cause && typeof err.cause === "object") {
+    const c = err.cause;
+    if (typeof c.code === "string" && c.code.length > 0) {
+      causeCode = c.code;
+    }
+    if (typeof c.message === "string" && c.message.length > 0) {
+      causeMessage = c.message;
+    }
+  }
+  const message = causeMessage && causeMessage !== base ? `${base}: ${causeMessage}` : base;
+  return {
+    kind: "error",
+    code: "network_error",
+    message,
+    status: 0,
+    ...causeCode ? { causeCode } : {}
+  };
+}
 function parseRetryAfter(header) {
   if (!header) return void 0;
   const asNumber2 = Number(header);
@@ -1110,7 +420,7 @@ function isInteractive() {
 
 // src/monitor/detect-all.ts
 import * as fs15 from "fs";
-import * as path13 from "path";
+import * as path14 from "path";
 
 // src/monitor/plugins/codex/paths.ts
 import * as os from "os";
@@ -1130,6 +440,7 @@ function getCodexSessionsDir() {
 
 // src/monitor/plugins/claude-code/index.ts
 import * as fs4 from "fs";
+import { spawnSync } from "child_process";
 
 // src/monitor/plugin.ts
 var TOOL_IDS = [
@@ -1233,44 +544,98 @@ function shouldReportTurn(existing, currentUserTimestamp) {
 // src/monitor/plugins/claude-code/install.ts
 import * as fs2 from "fs";
 
-// src/monitor/validate-pasted-key.ts
-async function validatePastedApiKey(opts) {
-  const validation = await validateMonitoringApiKey(
-    opts.monitoringEndpoint,
-    opts.apiKey
-  );
-  if (validation === null) {
+// src/monitor/self-monitor-provision.ts
+import path3 from "path";
+async function provisionSelfMonitorAgent(opts) {
+  const me = await getCurrentUser();
+  const localPart = (me.email.split("@")[0] ?? "user").toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "");
+  const workspaceName = path3.basename(opts.projectRoot).toLowerCase();
+  const defaultName = `${workspaceName}-${localPart}`;
+  let existing = [];
+  try {
+    existing = await listMyAgents({
+      source: opts.source,
+      name: defaultName
+    });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    if (!message.includes("Failed to list your agents")) {
+    }
+  }
+  if (existing.length > 0) {
+    const found = existing[0];
     console.log(
-      "\u26A0 Could not verify the pasted API key (network or endpoint unreachable). Continuing."
+      `
+Found your existing ${opts.displayName} agent "${found.name}".`
     );
-    return;
-  }
-  if (opts.expectedApiKeyId === null) {
-    return;
-  }
-  if (validation.apiKeyId === opts.expectedApiKeyId) {
-    return;
+    console.log(
+      "Re-using it requires rotating its API key. Any other workspace currently using this agent will start failing on the next monitor request until it re-runs 'olakai monitor init'."
+    );
+    const ack = await promptUser("Rotate the API key and reuse? [y/N]: ");
+    if (ack.trim().toLowerCase() !== "y") {
+      console.error(
+        "Cancelled. To use this workspace without affecting the other workspace, run 'olakai monitor init' again and pick a different agent name when prompted."
+      );
+      process.exit(1);
+    }
+    const rotated = await regenerateAgentApiKey(found.id);
+    return {
+      id: found.id,
+      name: found.name,
+      description: found.description,
+      role: found.role,
+      // `source` on the listMyAgents response is the AgentSource enum
+      // string; the Agent type narrows it more loosely. Cast through
+      // the shared union.
+      source: found.source,
+      apiKey: {
+        id: rotated.id,
+        key: rotated.key,
+        keyMasked: rotated.keyMasked,
+        isActive: rotated.isActive
+      },
+      workflowId: null,
+      category: opts.category
+    };
   }
-  console.log("");
-  console.log(
-    `\u26A0 The pasted API key does not belong to "${opts.expectedAgentName}" (${opts.expectedAgentId}).`
-  );
-  console.log(
-    `  It resolves to a different agent on this account, so monitoring events would be`
-  );
-  console.log(
-    `  attributed to that other agent \u2014 not "${opts.expectedAgentName}".`
-  );
-  console.log("");
-  const proceed = await promptUser("Use the pasted key anyway? (y/n) [n]: ");
-  if (proceed.trim().toLowerCase() !== "y") {
-    console.log("Aborted. Re-run init with the correct key for this agent.");
-    process.exit(1);
+  const nameInput = await promptUser(`Agent name [${defaultName}]: `);
+  const agentName = nameInput.trim() || defaultName;
+  try {
+    return await createAgent({
+      name: agentName,
+      description: `${opts.displayName} local agent for ${agentName}`,
+      role: "WORKER",
+      createApiKey: true,
+      category: opts.category,
+      source: opts.source
+    });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    if (message.toLowerCase().includes("already exists") || message.toLowerCase().includes("conflict")) {
+      console.log(
+        `
+An agent named "${agentName}" already exists on this account (created by someone else or an admin).`
+      );
+      const retry = await promptUser("Try a different name: ");
+      if (!retry.trim()) {
+        console.error("No name provided. Aborting.");
+        process.exit(1);
+      }
+      return createAgent({
+        name: retry.trim(),
+        description: `${opts.displayName} local agent for ${retry.trim()}`,
+        role: "WORKER",
+        createApiKey: true,
+        category: opts.category,
+        source: opts.source
+      });
+    }
+    throw err;
   }
 }
 
 // src/monitor/plugins/claude-code/install.ts
-import path3 from "path";
+import path4 from "path";
 var CLAUDE_CODE_SOURCE = "claude-code";
 var CLAUDE_CODE_AGENT_SOURCE = "CLAUDE_CODE";
 var CLAUDE_CODE_AGENT_CATEGORY = "CODING";
@@ -1282,65 +647,19 @@ async function installClaudeCode(opts) {
     process.exit(1);
   }
   console.log("Setting up Claude Code monitoring for this workspace...\n");
-  const dirName = path3.basename(projectRoot);
-  let agent;
-  const choice = await promptUser(
-    "Create a new agent or use an existing one? (new/existing) [new]: "
-  );
-  if (choice.toLowerCase() === "existing" || choice.toLowerCase() === "e") {
-    const agents = await listAgents();
-    if (agents.length === 0) {
-      console.log("No agents found. Creating a new one instead.\n");
-      agent = await createNewAgent(dirName);
-    } else {
-      console.log("\nAvailable agents:");
-      for (let i = 0; i < agents.length; i++) {
-        console.log(
-          `  ${i + 1}. ${agents[i].name} (${agents[i].id.slice(0, 12)}...)`
-        );
-      }
-      const selection = await promptUser(`
-Select agent (1-${agents.length}): `);
-      const idx = parseInt(selection, 10) - 1;
-      if (isNaN(idx) || idx < 0 || idx >= agents.length) {
-        console.error("Invalid selection.");
-        process.exit(1);
-      }
-      agent = await getAgent(agents[idx].id);
-      if (!agent.apiKey?.key && !agent.apiKey?.isActive) {
-        console.log(
-          "\nThis agent has no active API key. Please create a new agent instead,"
-        );
-        console.log("or generate an API key via the Olakai dashboard.\n");
-        const createNew = await promptUser("Create a new agent? (y/n) [y]: ");
-        if (createNew.toLowerCase() !== "n") {
-          agent = await createNewAgent(dirName);
-        } else {
-          process.exit(1);
-        }
-      }
-    }
-  } else {
-    agent = await createNewAgent(dirName);
-  }
+  const agent = await provisionSelfMonitorAgent({
+    projectRoot,
+    source: CLAUDE_CODE_AGENT_SOURCE,
+    displayName: "Claude Code",
+    category: CLAUDE_CODE_AGENT_CATEGORY
+  });
   const monitoringEndpoint = `${getBaseUrl()}/api/monitoring/prompt`;
-  let apiKey = agent.apiKey?.key;
+  const apiKey = agent.apiKey?.key;
   if (!apiKey) {
-    console.log(
-      "\nThe API key for this agent is not available (it is only shown once at creation)."
+    console.error(
+      "Internal error: agent provisioned but no API key returned. Please re-run 'olakai monitor init'."
     );
-    apiKey = await promptUser("Paste the API key for this agent: ");
-    if (!apiKey) {
-      console.error("API key is required for monitoring.");
-      process.exit(1);
-    }
-    await validatePastedApiKey({
-      monitoringEndpoint,
-      apiKey,
-      expectedAgentId: agent.id,
-      expectedAgentName: agent.name,
-      expectedApiKeyId: agent.apiKey?.id ?? null
-    });
+    process.exit(1);
   }
   const claudeDir = getClaudeDir(projectRoot);
   if (!fs2.existsSync(claudeDir)) {
@@ -1364,7 +683,7 @@ Select agent (1-${agents.length}): `);
   };
   writeClaudeCodeConfig(projectRoot, monitorConfig);
   const configPath = getClaudeCodeConfigPath(projectRoot);
-  const configRel = path3.relative(projectRoot, configPath);
+  const configRel = path4.relative(projectRoot, configPath);
   console.log("");
   console.log(`\u2713 Agent "${agent.name}" configured (ID: ${agent.id})`);
   if (agent.apiKey?.key) {
@@ -1393,18 +712,6 @@ Select agent (1-${agents.length}): `);
     monitoringEndpoint
   };
 }
-async function createNewAgent(defaultName) {
-  const nameInput = await promptUser(`Agent name [${defaultName}]: `);
-  const agentName = nameInput || defaultName;
-  return createAgent({
-    name: agentName,
-    description: `Claude Code local agent for ${agentName}`,
-    role: "WORKER",
-    createApiKey: true,
-    category: CLAUDE_CODE_AGENT_CATEGORY,
-    source: CLAUDE_CODE_AGENT_SOURCE
-  });
-}
 async function uninstallClaudeCode(opts) {
   const projectRoot = opts.projectRoot ?? process.cwd();
   const settingsPath = getSettingsPath(projectRoot);
@@ -1433,13 +740,13 @@ async function uninstallClaudeCode(opts) {
   }
   if (!opts.keepConfig) {
     const configPath = getClaudeCodeConfigPath(projectRoot);
-    const configRel = path3.relative(projectRoot, configPath);
+    const configRel = path4.relative(projectRoot, configPath);
     if (deleteClaudeCodeConfig(projectRoot)) {
       console.log(`\u2713 Monitor config removed (${configRel})`);
     }
   } else {
     const configPath = getClaudeCodeConfigPath(projectRoot);
-    const configRel = path3.relative(projectRoot, configPath);
+    const configRel = path4.relative(projectRoot, configPath);
     console.log(`Monitor config retained at ${configRel}`);
   }
   console.log("");
@@ -1813,21 +1120,37 @@ var claudeCodePlugin = {
       if (fs4.existsSync(getLegacyClaudeMonitorConfigPath(projectRoot))) {
         return true;
       }
-      return false;
     } catch {
-      return false;
     }
+    return detectClaudeBinaryOnPath();
   }
 };
+function detectClaudeBinaryOnPath() {
+  try {
+    const probe = spawnSync(
+      process.platform === "win32" ? "where" : "which",
+      ["claude"],
+      {
+        stdio: ["ignore", "pipe", "ignore"],
+        timeout: 1e3
+      }
+    );
+    if (probe.status === 0 && probe.stdout && probe.stdout.toString().trim()) {
+      return true;
+    }
+  } catch {
+  }
+  return false;
+}
 registerPlugin(claudeCodePlugin);
 
 // src/monitor/plugins/codex/index.ts
 import * as fs9 from "fs";
-import { spawnSync } from "child_process";
+import { spawnSync as spawnSync2 } from "child_process";
 
 // src/monitor/plugins/codex/install.ts
 import * as fs6 from "fs";
-import * as path5 from "path";
+import * as path6 from "path";
 import * as TOML from "@iarna/toml";
 
 // src/monitor/plugins/codex/hooks.ts
@@ -1903,7 +1226,7 @@ function hasOlakaiHooksInstalled(parsed) {
 
 // src/monitor/plugins/codex/config.ts
 import * as fs5 from "fs";
-import * as path4 from "path";
+import * as path5 from "path";
 function getCodexConfigPath2(projectRoot) {
   return getMonitorConfigPath(projectRoot, "codex");
 }
@@ -1919,7 +1242,7 @@ function loadCodexConfig(projectRoot) {
 }
 function writeCodexConfig(projectRoot, config) {
   const filePath = getCodexConfigPath2(projectRoot);
-  const dir = path4.dirname(filePath);
+  const dir = path5.dirname(filePath);
   if (!fs5.existsSync(dir)) {
     fs5.mkdirSync(dir, { recursive: true });
   }
@@ -1952,65 +1275,19 @@ async function installCodex(opts) {
     process.exit(1);
   }
   console.log("Setting up Codex CLI monitoring for this workspace...\n");
-  const dirName = path5.basename(projectRoot);
-  let agent;
-  const choice = await promptUser(
-    "Create a new agent or use an existing one? (new/existing) [new]: "
-  );
-  if (choice.toLowerCase() === "existing" || choice.toLowerCase() === "e") {
-    const agents = await listAgents();
-    if (agents.length === 0) {
-      console.log("No agents found. Creating a new one instead.\n");
-      agent = await createNewAgent2(dirName);
-    } else {
-      console.log("\nAvailable agents:");
-      for (let i = 0; i < agents.length; i++) {
-        console.log(
-          `  ${i + 1}. ${agents[i].name} (${agents[i].id.slice(0, 12)}...)`
-        );
-      }
-      const selection = await promptUser(`
-Select agent (1-${agents.length}): `);
-      const idx = parseInt(selection, 10) - 1;
-      if (isNaN(idx) || idx < 0 || idx >= agents.length) {
-        console.error("Invalid selection.");
-        process.exit(1);
-      }
-      agent = await getAgent(agents[idx].id);
-      if (!agent.apiKey?.key && !agent.apiKey?.isActive) {
-        console.log(
-          "\nThis agent has no active API key. Please create a new agent instead,"
-        );
-        console.log("or generate an API key via the Olakai dashboard.\n");
-        const createNew = await promptUser("Create a new agent? (y/n) [y]: ");
-        if (createNew.toLowerCase() !== "n") {
-          agent = await createNewAgent2(dirName);
-        } else {
-          process.exit(1);
-        }
-      }
-    }
-  } else {
-    agent = await createNewAgent2(dirName);
-  }
+  const agent = await provisionSelfMonitorAgent({
+    projectRoot,
+    source: CODEX_AGENT_SOURCE,
+    displayName: "Codex CLI",
+    category: CODEX_AGENT_CATEGORY
+  });
   const monitoringEndpoint = `${getBaseUrl()}/api/monitoring/prompt`;
-  let apiKey = agent.apiKey?.key;
+  const apiKey = agent.apiKey?.key;
   if (!apiKey) {
-    console.log(
-      "\nThe API key for this agent is not available (it is only shown once at creation)."
+    console.error(
+      "Internal error: agent provisioned but no API key returned. Please re-run 'olakai monitor init'."
     );
-    apiKey = await promptUser("Paste the API key for this agent: ");
-    if (!apiKey) {
-      console.error("API key is required for monitoring.");
-      process.exit(1);
-    }
-    await validatePastedApiKey({
-      monitoringEndpoint,
-      apiKey,
-      expectedAgentId: agent.id,
-      expectedAgentName: agent.name,
-      expectedApiKeyId: agent.apiKey?.id ?? null
-    });
+    process.exit(1);
   }
   const { configExisted: codexConfigExisted } = installCodexHooksConfig();
   const monitorConfig = {
@@ -2023,7 +1300,7 @@ Select agent (1-${agents.length}): `);
   };
   writeCodexConfig(projectRoot, monitorConfig);
   const configPath = getCodexConfigPath2(projectRoot);
-  const configRel = path5.relative(projectRoot, configPath);
+  const configRel = path6.relative(projectRoot, configPath);
   console.log("");
   console.log(`\u2713 Agent "${agent.name}" configured (ID: ${agent.id})`);
   if (agent.apiKey?.key) {
@@ -2060,18 +1337,6 @@ Select agent (1-${agents.length}): `);
     monitoringEndpoint
   };
 }
-async function createNewAgent2(defaultName) {
-  const nameInput = await promptUser(`Agent name [${defaultName}]: `);
-  const agentName = nameInput || defaultName;
-  return createAgent({
-    name: agentName,
-    description: `Codex CLI local agent for ${agentName}`,
-    role: "WORKER",
-    createApiKey: true,
-    category: CODEX_AGENT_CATEGORY,
-    source: CODEX_AGENT_SOURCE
-  });
-}
 function installCodexHooksConfig() {
   const homeDir = getCodexHomeDir();
   const configPath = getCodexConfigPath();
@@ -2099,13 +1364,13 @@ async function uninstallCodex(opts) {
   }
   if (!opts.keepConfig) {
     const configPath = getCodexConfigPath2(projectRoot);
-    const configRel = path5.relative(projectRoot, configPath);
+    const configRel = path6.relative(projectRoot, configPath);
     if (deleteCodexConfig(projectRoot)) {
       console.log(`\u2713 Monitor config removed (${configRel})`);
     }
   } else {
     const configPath = getCodexConfigPath2(projectRoot);
-    const configRel = path5.relative(projectRoot, configPath);
+    const configRel = path6.relative(projectRoot, configPath);
     console.log(`Monitor config retained at ${configRel}`);
   }
   console.log("");
@@ -2143,7 +1408,7 @@ function readCodexConfigToml(configPath) {
   }
 }
 function writeCodexConfigToml(configPath, data) {
-  const dir = path5.dirname(configPath);
+  const dir = path6.dirname(configPath);
   if (!fs6.existsSync(dir)) {
     fs6.mkdirSync(dir, { recursive: true });
   }
@@ -2152,7 +1417,7 @@ function writeCodexConfigToml(configPath, data) {
 }
 
 // src/monitor/plugins/codex/status.ts
-import path6 from "path";
+import path7 from "path";
 import * as fs7 from "fs";
 async function getCodexStatus(opts) {
   const projectRoot = opts?.projectRoot ?? process.cwd();
@@ -2192,7 +1457,7 @@ function isHooksBlockInstalled() {
 
 // src/monitor/plugins/codex/transcript.ts
 import * as fs8 from "fs";
-import * as path7 from "path";
+import * as path8 from "path";
 function emptyRollout() {
   return {
     prompt: "",
@@ -2232,7 +1497,7 @@ function findRolloutPathForSession(sessionId, sessionsDir = getCodexSessionsDir(
     }
     for (const entry of entries) {
       if (filesScanned++ > merged.maxFiles) break;
-      const full = path7.join(dir, entry.name);
+      const full = path8.join(dir, entry.name);
       if (entry.isDirectory()) {
         queue.push(full);
         continue;
@@ -2526,7 +1791,7 @@ var codexPlugin = {
 };
 function detectCodexBinaryOnPath() {
   try {
-    const probe = spawnSync(
+    const probe = spawnSync2(
       process.platform === "win32" ? "where" : "which",
       ["codex"],
       {
@@ -2550,11 +1815,11 @@ import * as os7 from "os";
 // src/monitor/plugins/cursor/install.ts
 import * as fs11 from "fs";
 import * as os4 from "os";
-import * as path10 from "path";
+import * as path11 from "path";
 
 // src/monitor/plugins/cursor/config.ts
 import * as fs10 from "fs";
-import * as path8 from "path";
+import * as path9 from "path";
 function getCursorConfigPath(projectRoot) {
   return getMonitorConfigPath(projectRoot, "cursor");
 }
@@ -2570,7 +1835,7 @@ function loadCursorConfig(projectRoot) {
 }
 function writeCursorConfig(projectRoot, config) {
   const filePath = getCursorConfigPath(projectRoot);
-  const dir = path8.dirname(filePath);
+  const dir = path9.dirname(filePath);
   if (!fs10.existsSync(dir)) {
     fs10.mkdirSync(dir, { recursive: true });
   }
@@ -2593,14 +1858,14 @@ function deleteCursorConfig(projectRoot) {
 
 // src/monitor/plugins/cursor/paths.ts
 import * as os3 from "os";
-import * as path9 from "path";
+import * as path10 from "path";
 var CURSOR_DIR_NAME = ".cursor";
 var CURSOR_HOOKS_FILE = "hooks.json";
 function getCursorUserDir(homeDir = os3.homedir()) {
-  return path9.join(homeDir, CURSOR_DIR_NAME);
+  return path10.join(homeDir, CURSOR_DIR_NAME);
 }
 function getCursorHooksPath(homeDir = os3.homedir()) {
-  return path9.join(getCursorUserDir(homeDir), CURSOR_HOOKS_FILE);
+  return path10.join(getCursorUserDir(homeDir), CURSOR_HOOKS_FILE);
 }
 
 // src/monitor/plugins/cursor/hooks-config.ts
@@ -2698,7 +1963,7 @@ function readJsonFileTolerant(filePath) {
   }
 }
 function writeJsonFileWithDir(filePath, data) {
-  const dir = path10.dirname(filePath);
+  const dir = path11.dirname(filePath);
   if (!fs11.existsSync(dir)) {
     fs11.mkdirSync(dir, { recursive: true });
   }
@@ -2720,26 +1985,19 @@ async function installCursor(opts) {
     `Activity from this workspace (${projectRoot}) will be associated with`
   );
   console.log("the agent you select below.\n");
-  const dirName = path10.basename(projectRoot);
-  const agent = await chooseOrCreateAgent(dirName);
+  const agent = await provisionSelfMonitorAgent({
+    projectRoot,
+    source: CURSOR_AGENT_SOURCE,
+    displayName: "Cursor",
+    category: CURSOR_AGENT_CATEGORY
+  });
   const monitoringEndpoint = `${getBaseUrl()}/api/monitoring/prompt`;
-  let apiKey = agent.apiKey?.key;
+  const apiKey = agent.apiKey?.key;
   if (!apiKey) {
-    console.log(
-      "\nThe API key for this agent is not available (it is only shown once at creation)."
+    console.error(
+      "Internal error: agent provisioned but no API key returned. Please re-run 'olakai monitor init'."
     );
-    apiKey = await promptUser("Paste the API key for this agent: ");
-    if (!apiKey) {
-      console.error("API key is required for monitoring.");
-      process.exit(1);
-    }
-    await validatePastedApiKey({
-      monitoringEndpoint,
-      apiKey,
-      expectedAgentId: agent.id,
-      expectedAgentName: agent.name,
-      expectedApiKeyId: agent.apiKey?.id ?? null
-    });
+    process.exit(1);
   }
   const cursorDir = getCursorUserDir(homeDir);
   if (!fs11.existsSync(cursorDir)) {
@@ -2759,8 +2017,8 @@ async function installCursor(opts) {
   };
   writeCursorConfig(projectRoot, monitorConfig);
   const configPath = getCursorConfigPath(projectRoot);
-  const configRel = path10.relative(projectRoot, configPath);
-  const hooksDisplay = `~/${path10.join(CURSOR_DIR_NAME, CURSOR_HOOKS_FILE)}`;
+  const configRel = path11.relative(projectRoot, configPath);
+  const hooksDisplay = `~/${path11.join(CURSOR_DIR_NAME, CURSOR_HOOKS_FILE)}`;
   console.log("");
   console.log(`\u2713 Agent "${agent.name}" configured (ID: ${agent.id})`);
   if (agent.apiKey?.key) {
@@ -2787,57 +2045,6 @@ async function installCursor(opts) {
     monitoringEndpoint
   };
 }
-async function chooseOrCreateAgent(defaultName) {
-  const choice = await promptUser(
-    "Create a new agent or use an existing one? (new/existing) [new]: "
-  );
-  if (choice.toLowerCase() === "existing" || choice.toLowerCase() === "e") {
-    const agents = await listAgents();
-    if (agents.length === 0) {
-      console.log("No agents found. Creating a new one instead.\n");
-      return createNewAgent3(defaultName);
-    }
-    console.log("\nAvailable agents:");
-    for (let i = 0; i < agents.length; i++) {
-      console.log(
-        `  ${i + 1}. ${agents[i].name} (${agents[i].id.slice(0, 12)}...)`
-      );
-    }
-    const selection = await promptUser(`
-Select agent (1-${agents.length}): `);
-    const idx = parseInt(selection, 10) - 1;
-    if (isNaN(idx) || idx < 0 || idx >= agents.length) {
-      console.error("Invalid selection.");
-      process.exit(1);
-    }
-    const fetched = await getAgent(agents[idx].id);
-    if (!fetched.apiKey?.key && !fetched.apiKey?.isActive) {
-      console.log(
-        "\nThis agent has no active API key. Please create a new agent instead,"
-      );
-      console.log("or generate an API key via the Olakai dashboard.\n");
-      const createNew = await promptUser("Create a new agent? (y/n) [y]: ");
-      if (createNew.toLowerCase() !== "n") {
-        return createNewAgent3(defaultName);
-      }
-      process.exit(1);
-    }
-    return fetched;
-  }
-  return createNewAgent3(defaultName);
-}
-async function createNewAgent3(defaultName) {
-  const nameInput = await promptUser(`Agent name [${defaultName}]: `);
-  const agentName = nameInput || defaultName;
-  return createAgent({
-    name: agentName,
-    description: `Cursor local agent for ${agentName}`,
-    role: "WORKER",
-    createApiKey: true,
-    category: CURSOR_AGENT_CATEGORY,
-    source: CURSOR_AGENT_SOURCE
-  });
-}
 async function uninstallCursor(opts) {
   const projectRoot = opts.projectRoot ?? process.cwd();
   const homeDir = opts.homeDir ?? os4.homedir();
@@ -2862,20 +2069,20 @@ async function uninstallCursor(opts) {
       writeJsonFileWithDir(hooksPath, cleaned);
     }
     console.log(
-      `\u2713 Olakai hooks removed from ~/${path10.join(CURSOR_DIR_NAME, CURSOR_HOOKS_FILE)}`
+      `\u2713 Olakai hooks removed from ~/${path11.join(CURSOR_DIR_NAME, CURSOR_HOOKS_FILE)}`
     );
   } else {
     console.log("No Cursor hooks file found.");
   }
   if (!opts.keepConfig) {
     const configPath = getCursorConfigPath(projectRoot);
-    const configRel = path10.relative(projectRoot, configPath);
+    const configRel = path11.relative(projectRoot, configPath);
     if (deleteCursorConfig(projectRoot)) {
       console.log(`\u2713 Monitor config removed (${configRel})`);
     }
   } else {
     const configPath = getCursorConfigPath(projectRoot);
-    const configRel = path10.relative(projectRoot, configPath);
+    const configRel = path11.relative(projectRoot, configPath);
     console.log(`Monitor config retained at ${configRel}`);
   }
   console.log("");
@@ -2888,7 +2095,7 @@ async function uninstallCursor(opts) {
 // src/monitor/plugins/cursor/status.ts
 import * as fs12 from "fs";
 import * as os5 from "os";
-import * as path11 from "path";
+import * as path12 from "path";
 async function getCursorStatus(opts) {
   const projectRoot = opts?.projectRoot ?? process.cwd();
   const homeDir = opts?.homeDir ?? os5.homedir();
@@ -3080,10 +2287,10 @@ function extractCursorMeta(payload) {
 // src/monitor/plugins/cursor/pairing-state.ts
 import * as fs13 from "fs";
 import * as os6 from "os";
-import * as path12 from "path";
+import * as path13 from "path";
 var STATE_DIR_SEGMENTS2 = [".olakai", "cursor-pairings"];
 function getPairingsDir(homeDir) {
-  return path12.join(homeDir, ...STATE_DIR_SEGMENTS2);
+  return path13.join(homeDir, ...STATE_DIR_SEGMENTS2);
 }
 function sanitizeKeyFragment(value) {
   return value.replace(/[^A-Za-z0-9._-]/g, "_");
@@ -3094,7 +2301,7 @@ function getPairingKey(conversationId, generationId) {
   return `${conv}__${sanitizeKeyFragment(generationId)}`;
 }
 function getPairingFile(conversationId, generationId, homeDir) {
-  return path12.join(
+  return path13.join(
     getPairingsDir(homeDir),
     `${getPairingKey(conversationId, generationId)}.json`
   );
@@ -3160,7 +2367,7 @@ function listPendingPrompts(homeDir = os6.homedir()) {
   const result = [];
   for (const name of files) {
     if (!name.endsWith(".json")) continue;
-    const filePath = path12.join(dir, name);
+    const filePath = path13.join(dir, name);
     try {
       const raw = fs13.readFileSync(filePath, "utf-8");
       const parsed = JSON.parse(raw);
@@ -3476,7 +2683,7 @@ function describeDetection(plugin, projectRoot) {
       } catch {
       }
       try {
-        const settings = path13.join(projectRoot, ".claude", "settings.json");
+        const settings = path14.join(projectRoot, ".claude", "settings.json");
         if (fs15.existsSync(settings)) {
           return "found .claude/settings.json";
         }
@@ -3564,26 +2771,34 @@ async function initCommand(options) {
   try {
     const resolved = resolveProfileName();
     const profileName = resolved?.name ?? "default";
-    const host = await resolveHost(profileName, options, interactive);
-    setHostOverride(host);
+    let optedReAuth = false;
     if (isTokenValid()) {
       const file = readProfilesFile();
       const existing = file.profiles[profileName];
       const who = existing?.email ?? "unknown";
+      const where = existing?.host ?? "(unknown host)";
       if (options.nonInteractive) {
         console.log(
-          `Already authenticated as ${who} on ${host} (profile: ${profileName}).`
+          `Already authenticated as ${who} on ${where} (profile: ${profileName}).`
         );
         return;
       }
       const answer = await promptUser(
-        `Already authenticated as ${who} on ${host} (profile: ${profileName}). Re-authenticate? [y/N]: `
+        `Already authenticated as ${who} on ${where} (profile: ${profileName}). Re-authenticate? [y/N]: `
       );
       if (answer.trim().toLowerCase() !== "y") {
         console.log("Keeping existing credentials. Run 'olakai logout' to sign out.");
         return;
       }
+      optedReAuth = true;
     }
+    const host = await resolveHost(
+      profileName,
+      options,
+      interactive,
+      optedReAuth
+    );
+    setHostOverride(host);
     const email = await resolveEmail(options, interactive);
     console.log(`
 Contacting ${host} for ${email}...`);
@@ -3684,7 +2899,7 @@ function isSafeOpenUrl(raw) {
     return false;
   }
 }
-async function resolveHost(profileName, options, interactive) {
+async function resolveHost(profileName, options, interactive, forceHostPrompt = false) {
   const fromFlag = options.host?.trim() || process.env.OLAKAI_HOST?.trim();
   if (fromFlag) {
     return getBaseUrl();
@@ -3692,7 +2907,8 @@ async function resolveHost(profileName, options, interactive) {
   const file = readProfilesFile();
   const existing = file.profiles[profileName];
   if (existing?.host) {
-    if (!interactive || isTokenValid()) {
+    const shouldOfferSwitch = interactive && (forceHostPrompt || !isTokenValid());
+    if (!shouldOfferSwitch) {
       return existing.host;
     }
     const keep = await promptUser(
@@ -3790,7 +3006,11 @@ We sent a 6-digit code to ${ctx.emailObfuscated} (expires in ${expiryMin} min).`
       console.log("Codes are 6 digits. Try again.");
       continue;
     }
-    const result = await postHandshakeVerify({ email, code: trimmed });
+    let result = await postHandshakeVerify({ email, code: trimmed });
+    if (result.kind === "error" && result.code === "network_error") {
+      console.log("(Network error verifying code \u2014 retrying once...)");
+      result = await postHandshakeVerify({ email, code: trimmed });
+    }
     if (result.kind === "ok") {
       const consentToken = result.data.consentToken;
       await runExchange(consentToken, profileName, email);
@@ -3829,7 +3049,9 @@ We sent a 6-digit code to ${ctx.emailObfuscated} (expires in ${expiryMin} min).`
         );
         throw new InitAbortedError("", 1);
       case "network_error":
-        console.error(`Network error: ${result.message}`);
+        console.error(
+          `Network error${result.causeCode ? ` (${result.causeCode})` : ""}: ${result.message}`
+        );
         throw new InitAbortedError("", 1);
       default:
         console.error(
@@ -3840,7 +3062,11 @@ We sent a 6-digit code to ${ctx.emailObfuscated} (expires in ${expiryMin} min).`
   }
 }
 async function runExchange(consentToken, profileName, email) {
-  const result = await postHandshakeExchange({ consentToken });
+  let result = await postHandshakeExchange({ consentToken });
+  if (result.kind === "error" && result.code === "network_error") {
+    console.log("(Network error exchanging consent \u2014 retrying once...)");
+    result = await postHandshakeExchange({ consentToken });
+  }
   if (result.kind === "error") {
     switch (result.code) {
       case "invalid_consent":
@@ -3863,6 +3089,11 @@ async function runExchange(consentToken, profileName, email) {
           "Olakai is temporarily unavailable. Try again in a minute."
         );
         break;
+      case "network_error":
+        console.error(
+          `Network error exchanging consent${result.causeCode ? ` (${result.causeCode})` : ""}: ${result.message}`
+        );
+        break;
       default:
         console.error(`Exchange failed (${result.code}): ${result.message}`);
     }
@@ -3897,7 +3128,9 @@ function handleHandshakeError(err) {
       console.error("Olakai is temporarily unavailable. Try again in a minute.");
       break;
     case "network_error":
-      console.error(`Network error contacting Olakai: ${err.message}`);
+      console.error(
+        `Network error contacting Olakai${err.causeCode ? ` (${err.causeCode})` : ""}: ${err.message}`
+      );
       break;
     default:
       console.error(`Handshake failed (${err.code}): ${err.message}`);
@@ -5303,7 +4536,7 @@ async function statusCommand(options) {
     return;
   }
   if (plugin.id === "claude-code") {
-    const { printClaudeCodeStatus } = await import("./status-NK4PX2NS.js");
+    const { printClaudeCodeStatus } = await import("./status-USHUUHK6.js");
     await printClaudeCodeStatus({ projectRoot: process.cwd() });
     return;
   }
@@ -5319,6 +4552,24 @@ async function statusCommand(options) {
 async function disableCommand(options) {
   const toolId = await resolveToolFromOptions(options.tool, "disable");
   const plugin = getPlugin(toolId);
+  let agentIdToDelete;
+  if (options.deleteAgent) {
+    try {
+      const report = await plugin.status({ projectRoot: process.cwd() });
+      if (report.configured && report.agentId) {
+        agentIdToDelete = report.agentId;
+      } else {
+        console.log(
+          "No monitor config found in this workspace \u2014 nothing to delete remotely."
+        );
+      }
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      console.warn(
+        `Couldn't read local monitor config to identify the agent (${msg}). Proceeding with local-only uninstall.`
+      );
+    }
+  }
   await runPluginAction(
     plugin,
     () => plugin.uninstall({
@@ -5326,6 +4577,22 @@ async function disableCommand(options) {
       keepConfig: options.keepConfig
     })
   );
+  if (agentIdToDelete) {
+    const { deleteAgent: deleteAgent2 } = await import("./api-63UDJX5M.js");
+    try {
+      await deleteAgent2(agentIdToDelete);
+      console.log(`\u2713 Remote agent ${agentIdToDelete} deleted.`);
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      console.error(
+        `Local uninstall succeeded, but remote agent delete failed: ${msg}`
+      );
+      console.error(
+        `You can retry by visiting the Olakai dashboard, or rerun 'olakai monitor disable --tool ${toolId} --delete-agent' (the local config is gone, so the agent id won't be re-discovered \u2014 use the dashboard).`
+      );
+      process.exit(1);
+    }
+  }
 }
 async function runPluginAction(plugin, fn) {
   try {
@@ -5450,6 +4717,9 @@ function registerMonitorCommand(program2) {
   ).option(
     "--keep-config",
     "Keep the monitor config file (only remove hooks)"
+  ).option(
+    "--delete-agent",
+    "Also delete the remote agent on the Olakai backend. Useful when retiring a workspace permanently. Self-monitor owner or ADMIN only."
   ).action(disableCommand);
   for (const plugin of listPlugins()) {
     plugin.registerCommands?.(monitor);