overlord-cli 4.5.0 → 4.7.0

package/bin/_cli/auth.mjs

@@ -9,8 +9,10 @@ import {
   buildAuthHeaders,
   clearCredentials,
   getDefaultOverlordUrl,
+  getAuthStatus,
   loadCredentials,
   loadRuntime,
+  repairCredentials,
   saveCredentials
 } from './credentials.mjs';
 
@@ -460,7 +462,30 @@ export async function authLogin() {
   console.log('Logged in successfully!');
 }
 
-export function authStatus() {
+function printVerboseAuthStatus() {
+  const status = getAuthStatus();
+  if (!status.isLoggedIn) {
+    console.log('Not logged in. Run: ovld auth login');
+  } else {
+    console.log('Logged in');
+  }
+  console.log(`  Platform URL: ${status.platformUrl}`);
+  console.log(`  Platform source: ${status.platformUrlSource}`);
+  console.log(`  Token source: ${status.tokenSource}`);
+  console.log(`  Token present: ${status.tokenPresent ? 'yes' : 'no'}`);
+  console.log(`  Local secret: ${status.hasLocalSecret ? 'yes' : 'no'}`);
+  console.log(`  credentials.json: ${status.credentialsFileExists ? 'present' : 'missing'}`);
+  console.log(
+    `  electron-credentials.json: ${status.electronCredentialsFileExists ? 'present' : 'missing'}`
+  );
+}
+
+export function authStatus(args = []) {
+  if (args.includes('--verbose') || args.includes('-v')) {
+    printVerboseAuthStatus();
+    return;
+  }
+
   const creds = loadCredentials();
   if (!creds) {
     console.log('Not logged in. Run: ovld auth login');
@@ -478,13 +503,24 @@ export function authLogout() {
   console.log('Logged out.');
 }
 
-export async function runAuthCommand(subcommand) {
+export function authRepair() {
+  const result = repairCredentials();
+  if (result.repaired) {
+    console.log('Credentials repaired.');
+  } else {
+    console.log(`Credentials not repaired: ${result.reason}`);
+  }
+  printVerboseAuthStatus();
+}
+
+export async function runAuthCommand(subcommand, args = []) {
   if (!subcommand || subcommand === 'help' || subcommand === '--help') {
     console.log(`ovld auth <subcommand>
 
 Subcommands:
   login    Authorize the CLI via browser (works locally or over SSH)
-  status   Show current login status
+  status   Show current login status (use --verbose for redacted diagnostics)
+  repair   Mirror and chmod shared Desktop/CLI credentials when possible
   logout   Remove stored credentials
 `);
     return;
@@ -496,7 +532,12 @@ Subcommands:
   }
 
   if (subcommand === 'status') {
-    authStatus();
+    authStatus(args);
+    return;
+  }
+
+  if (subcommand === 'repair') {
+    authRepair();
     return;
   }
 

package/bin/_cli/credentials.mjs

@@ -9,6 +9,7 @@ import { fileURLToPath } from 'node:url';
 
 const CREDENTIALS_DIR = path.join(os.homedir(), '.ovld');
 const CREDENTIALS_FILE = path.join(CREDENTIALS_DIR, 'credentials.json');
+const ELECTRON_CREDENTIALS_FILE = path.join(CREDENTIALS_DIR, 'electron-credentials.json');
 const RUNTIME_FILE_PATTERN = /^runtime\..+\.json$/;
 const HOSTED_OVERLORD_URL = 'https://www.ovld.ai';
 const LOCAL_DEV_OVERLORD_URL = 'http://localhost:3000';
@@ -18,30 +19,121 @@ const LOCAL_SECRET_HEADER = 'X-Overlord-Local-Secret';
  * @typedef {{ access_token: string, platform_url: string, user_email?: string }} Credentials
  */
 
-/** @returns {Credentials | null} */
-export function loadCredentials() {
+function ensureCredentialsDir() {
+  fs.mkdirSync(CREDENTIALS_DIR, { recursive: true, mode: 0o700 });
+  try {
+    fs.chmodSync(CREDENTIALS_DIR, 0o700);
+  } catch {
+    // Best-effort hardening for existing directories.
+  }
+}
+
+function readJsonFile(filePath) {
   try {
-    const raw = fs.readFileSync(CREDENTIALS_FILE, 'utf8');
+    const raw = fs.readFileSync(filePath, 'utf8');
     return JSON.parse(raw);
   } catch {
     return null;
   }
 }
 
+function fileExists(filePath) {
+  try {
+    return fs.statSync(filePath).isFile();
+  } catch {
+    return false;
+  }
+}
+
+function writeJsonFileAtomic(filePath, data) {
+  ensureCredentialsDir();
+  const tempFile = `${filePath}.tmp-${process.pid}-${Date.now()}`;
+  fs.writeFileSync(tempFile, JSON.stringify(data, null, 2), { mode: 0o600 });
+  fs.renameSync(tempFile, filePath);
+  fs.chmodSync(filePath, 0o600);
+}
+
+function parseStoredCredentialsData(parsed, { requireAccessToken = false } = {}) {
+  if (!parsed || typeof parsed !== 'object') return null;
+
+  const accessToken = normalizeAgentToken(parsed.access_token);
+  const platformUrl = typeof parsed.platform_url === 'string' ? parsed.platform_url.trim() : '';
+  if (requireAccessToken && !accessToken) return null;
+  if (!accessToken && !platformUrl) return null;
+
+  return {
+    access_token: accessToken,
+    platform_url: platformUrl,
+    ...(typeof parsed.user_email === 'string' && parsed.user_email.trim()
+      ? { user_email: parsed.user_email.trim() }
+      : {})
+  };
+}
+
+function normalizeCredentialsForSave(data) {
+  const parsed = parseStoredCredentialsData(data, { requireAccessToken: true });
+  if (!parsed) return null;
+
+  const platformUrl = normalizePlatformUrl(parsed.platform_url);
+  if (!platformUrl) return null;
+
+  return {
+    ...parsed,
+    platform_url: platformUrl
+  };
+}
+
+/** @returns {Credentials | null} */
+export function loadCredentials() {
+  return (
+    parseStoredCredentialsData(readJsonFile(ELECTRON_CREDENTIALS_FILE), {
+      requireAccessToken: true
+    }) ??
+    parseStoredCredentialsData(readJsonFile(CREDENTIALS_FILE))
+  );
+}
+
 /** @param {Credentials} data */
 export function saveCredentials(data) {
-  fs.mkdirSync(CREDENTIALS_DIR, { recursive: true });
-  fs.writeFileSync(CREDENTIALS_FILE, JSON.stringify(data, null, 2), { mode: 0o600 });
+  const credentials = normalizeCredentialsForSave(data);
+  if (!credentials) {
+    throw new Error('Cannot save empty Overlord credentials.');
+  }
+
+  writeJsonFileAtomic(CREDENTIALS_FILE, credentials);
+
+  // `electron-credentials.json` is now the shared desktop/CLI credential record.
+  // Preserve Electron-only encrypted fields when CLI login refreshes the agent token.
+  const existingElectronCredentials = readJsonFile(ELECTRON_CREDENTIALS_FILE);
+  const electronPayload =
+    existingElectronCredentials && typeof existingElectronCredentials === 'object'
+      ? { ...existingElectronCredentials, ...credentials }
+      : credentials;
+  writeJsonFileAtomic(ELECTRON_CREDENTIALS_FILE, electronPayload);
 }
 
 export function clearCredentials() {
-  try {
-    fs.unlinkSync(CREDENTIALS_FILE);
-  } catch {
-    // Already gone
+  for (const filePath of [CREDENTIALS_FILE, ELECTRON_CREDENTIALS_FILE]) {
+    try {
+      fs.unlinkSync(filePath);
+    } catch {
+      // Already gone
+    }
   }
 }
 
+function getCredentialFileSource() {
+  const electronCredentials = parseStoredCredentialsData(readJsonFile(ELECTRON_CREDENTIALS_FILE), {
+    requireAccessToken: true
+  });
+  if (electronCredentials) return 'electron-credentials.json';
+
+  const cliCredentials = parseStoredCredentialsData(readJsonFile(CREDENTIALS_FILE));
+  if (cliCredentials) return 'credentials.json';
+
+  return 'none';
+}
+
 function getRuntimeFilePath(targetUrl) {
   try {
     const parsed = new URL(targetUrl);
@@ -254,6 +346,55 @@ export function resolveAuth() {
   };
 }
 
+export function getAuthStatus() {
+  const creds = loadCredentials();
+  const resolved = resolveAuth();
+
+  let tokenSource = 'fallback';
+  if (normalizeAgentToken(process.env.AGENT_TOKEN)) {
+    tokenSource = 'AGENT_TOKEN';
+  } else if (normalizeAgentToken(creds?.access_token)) {
+    tokenSource = getCredentialFileSource();
+  }
+
+  let platformUrlSource = 'default';
+  if (normalizePlatformUrl(process.env.OVERLORD_URL)) {
+    platformUrlSource = 'OVERLORD_URL';
+  } else if (normalizeStoredPlatformUrl(creds?.platform_url)) {
+    platformUrlSource = getCredentialFileSource();
+  }
+
+  return {
+    isLoggedIn: tokenSource !== 'fallback',
+    platformUrl: resolved.platformUrl,
+    platformUrlSource,
+    tokenPresent: tokenSource !== 'fallback',
+    tokenSource,
+    hasLocalSecret: Boolean(resolved.localSecret),
+    credentialsFileExists: fileExists(CREDENTIALS_FILE),
+    electronCredentialsFileExists: fileExists(ELECTRON_CREDENTIALS_FILE)
+  };
+}
+
+export function repairCredentials() {
+  const creds = loadCredentials();
+  if (!creds || !normalizeAgentToken(creds.access_token)) {
+    ensureCredentialsDir();
+    return {
+      repaired: false,
+      reason: 'No valid stored credentials with an access token were found.',
+      status: getAuthStatus()
+    };
+  }
+
+  saveCredentials(creds);
+
+  return {
+    repaired: true,
+    status: getAuthStatus()
+  };
+}
+
 function normalizeAgentToken(value) {
   if (typeof value !== 'string') return '';
   return value.trim();

package/bin/_cli/index.mjs

@@ -31,7 +31,7 @@ Usage:
   ${primaryCommand} attach [ticketId] [agent]  Search tickets and launch an agent (interactive)
   ${primaryCommand} create "<objective>"       Create a ticket with numbered project selection
   ${primaryCommand} prompt "<objective>"       Create a ticket, then launch an agent on it
-  ${primaryCommand} auth <subcommand>          Login, logout, or check auth status
+  ${primaryCommand} auth <subcommand>          Login, logout, repair, or check auth status
   ${primaryCommand} tickets <subcommand>       Create or list tickets
   ${primaryCommand} ticket <subcommand>        Work with a single ticket
   ${primaryCommand} protocol <subcommand>      Agent workflow commands
@@ -46,10 +46,12 @@ Usage:
 
 Agents:
   Use ${primaryCommand} protocol help for ticket lifecycle commands.
+  Key protocol commands: auth-status, discover-project, spawn, attach, connect, load-context.
 
 Auth:
   ${primaryCommand} auth login               Authorize CLI via browser
   ${primaryCommand} auth status              Show login status
+  ${primaryCommand} auth repair              Repair shared Desktop/CLI credentials
   ${primaryCommand} auth logout              Remove stored credentials
 
 Tickets:

package/bin/_cli/protocol.mjs

@@ -5,7 +5,7 @@ import fs from 'node:fs';
 import os from 'node:os';
 import path from 'node:path';
 
-import { buildAuthHeaders, resolveAuth } from './credentials.mjs';
+import { buildAuthHeaders, getAuthStatus, resolveAuth } from './credentials.mjs';
 
 /**
  * Parse simple CLI flags: --key value or --key=value
@@ -51,6 +51,36 @@ export function resolveProtocolTicketDelegate(flags = {}, agentIdentifier = '')
   return resolvedAgent || null;
 }
 
+export function resolveProtocolModelIdentifier(flags = {}) {
+  const explicitModel = typeof flags.model === 'string' ? flags.model.trim() : '';
+  if (explicitModel) return explicitModel;
+
+  const envModel =
+    process.env.OVERLORD_MODEL_IDENTIFIER?.trim() ||
+    process.env.MODEL_IDENTIFIER?.trim() ||
+    process.env.AGENT_MODEL?.trim();
+  return envModel || null;
+}
+
+function resolveProtocolMetadata(flags = {}, base = {}) {
+  const metadata = { ...base };
+
+  if (flags['metadata-json']) {
+    const parsed = JSON.parse(String(flags['metadata-json']));
+    if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
+      throw new Error('--metadata-json must be a JSON object');
+    }
+    Object.assign(metadata, parsed);
+  }
+
+  const modelIdentifier = resolveProtocolModelIdentifier(flags);
+  if (modelIdentifier) {
+    metadata.model = modelIdentifier;
+  }
+
+  return metadata;
+}
+
 /**
  * Default request timeout in milliseconds. Overridable via --timeout flag or
  * OVERLORD_TIMEOUT env var. A bounded timeout prevents indefinite spinner hangs
@@ -446,9 +476,7 @@ async function protocolAttach(args) {
     agentIdentifier: resolveProtocolAgentIdentifier(flags),
     connectionMethod: String(flags.method ?? 'cli'),
     ...(externalSessionId !== undefined ? { externalSessionId } : {}),
-    metadata: {
-      cwd: process.cwd()
-    }
+    metadata: resolveProtocolMetadata(flags, { cwd: process.cwd() })
   };
 
   const data = await apiPost(
@@ -589,6 +617,31 @@ async function protocolAsk(args) {
   console.log(JSON.stringify(data, null, 2));
 }
 
+// ---------------------------------------------------------------------------
+// permission-request
+// ---------------------------------------------------------------------------
+
+async function protocolPermissionRequest(args) {
+  const flags = parseFlags(args);
+  const ticketId = requireFlag(flags, 'ticket-id', 'TICKET_ID');
+  const payload = flags['payload-file']
+    ? await readJsonFileOrStdin(String(flags['payload-file']), '--payload-file')
+    : {};
+
+  const { platformUrl, agentToken, localSecret } = resolveAuth();
+  const timeoutMs = resolveTimeout(flags);
+
+  const data = await apiPost(
+    platformUrl,
+    agentToken,
+    localSecret,
+    `/api/protocol/permission-request?ticketId=${encodeURIComponent(ticketId)}`,
+    payload,
+    timeoutMs
+  );
+  console.log(JSON.stringify(data, null, 2));
+}
+
 // ---------------------------------------------------------------------------
 // read-context
 // ---------------------------------------------------------------------------
@@ -933,7 +986,7 @@ async function protocolConnect(args) {
     ticketId,
     agentIdentifier: resolveProtocolAgentIdentifier(flags),
     connectionMethod: String(flags.method ?? 'cli'),
-    metadata: {}
+    metadata: resolveProtocolMetadata(flags, { cwd: process.cwd() })
   };
 
   const data = await apiPost(
@@ -995,7 +1048,7 @@ async function protocolSpawn(args) {
     objective,
     agentIdentifier,
     connectionMethod: String(flags.method ?? 'cli'),
-    metadata: {},
+    metadata: resolveProtocolMetadata(flags, { cwd: process.cwd() }),
     ...(flags.title ? { title: String(flags.title) } : {}),
     ...(flags.priority ? { priority: String(flags.priority) } : {}),
     ...(flags['project-id'] ? { projectId: String(flags['project-id']) } : {}),
@@ -1029,6 +1082,34 @@ async function protocolSpawn(args) {
   }
 }
 
+// ---------------------------------------------------------------------------
+// auth-status (agent-friendly auth diagnostics)
+// ---------------------------------------------------------------------------
+
+async function protocolAuthStatus() {
+  const status = getAuthStatus();
+
+  console.log(
+    JSON.stringify(
+      {
+        ok: status.isLoggedIn,
+        authStatus: {
+          isLoggedIn: status.isLoggedIn,
+          platformUrl: status.platformUrl,
+          platformUrlSource: status.platformUrlSource,
+          tokenSource: status.tokenSource,
+          tokenPresent: status.tokenPresent,
+          hasLocalSecret: status.hasLocalSecret,
+          credentialsFileExists: status.credentialsFileExists,
+          electronCredentialsFileExists: status.electronCredentialsFileExists
+        }
+      },
+      null,
+      2
+    )
+  );
+}
+
 // ---------------------------------------------------------------------------
 // Router
 // ---------------------------------------------------------------------------
@@ -1053,6 +1134,7 @@ Project discovery:
   Use --project-id to override automatic resolution on spawn or ticket creation.
 
 Subcommands:
+  auth-status               Return machine-readable auth status for agent runtimes
   discover-project          Resolve a project from the current working directory
   attach                    Start a ticket session and return full working context
   connect                   Start a lightweight session without full context
@@ -1061,6 +1143,7 @@ Subcommands:
   update                    Post progress, activity events, and optional change rationales
   record-change-rationales  Persist structured change rationales without a progress update
   ask                       Post a blocking question and move the ticket to review
+  permission-request        Notify Overlord that the agent is requesting tool permission
   read-context              Read shared persistent context for this ticket
   write-context             Write shared persistent context for future sessions
   deliver                   Finish work, send artifacts, and move the ticket to review
@@ -1072,7 +1155,7 @@ Subcommands:
 Environment fallback:
   --session-key <- SESSION_KEY
   --ticket-id   <- TICKET_ID
-  auth/host     <- OVERLORD_URL, AGENT_TOKEN
+  auth/host     <- OVERLORD_URL, AGENT_TOKEN, or shared credentials from ovld auth/Desktop login
   --timeout     <- OVERLORD_TIMEOUT
 
 Common flags:
@@ -1080,8 +1163,15 @@ Common flags:
   --ticket-id <id>            Ticket id when the subcommand operates on an existing ticket
   --session-key <key>         Session key returned by attach/connect/spawn
   --agent <identifier>        Agent identifier sent to Overlord (default: AGENT_IDENTIFIER or claude-code)
+  --model <identifier>        Model identifier to snapshot on executing objectives
   --method <connectionMethod> Connection method sent to Overlord (default: cli)
 
+auth-status:
+  Purpose:
+    Check whether the local runtime has usable Overlord credentials.
+  Returns:
+    JSON with ok=true|false plus authStatus fields describing token and host sources.
+
 discover-project:
   Purpose:
     Resolve the Overlord project that corresponds to the current (or given) working directory.
@@ -1101,8 +1191,10 @@ attach:
     --ticket-id <id>
   Optional:
     --agent <identifier>
+    --model <identifier>
     --method <connectionMethod>
     --external-session-id <id|null>  Store the native agent thread/session id, or clear it with null
+    --metadata-json <json>     Extra session metadata object
   Returns:
     Full JSON including session.sessionKey, ticket, history, artifacts, sharedState, and promptContext
   Notes:
@@ -1115,7 +1207,9 @@ connect:
     --ticket-id <id>
   Optional:
     --agent <identifier>
+    --model <identifier>
     --method <connectionMethod>
+    --metadata-json <json>     Extra session metadata object
   Returns:
     Session JSON and SESSION_KEY on stderr when available
 
@@ -1167,6 +1261,15 @@ ask:
   Notes:
     After ask succeeds, stop working until the human responds
 
+permission-request:
+  Purpose:
+    Notify Overlord that the local agent runtime is requesting tool permission.
+    This is primarily used by installed permission hooks.
+  Required:
+    --ticket-id <id>
+  Optional:
+    --payload-file <path|->   Hook JSON payload, or stdin when "-"
+
 read-context:
   Purpose:
     Read persistent shared context written by earlier sessions
@@ -1226,7 +1329,9 @@ spawn:
     --parent-session-key <key>
     --parent-ticket-id <id>
     --agent <identifier>
+    --model <identifier>
     --method <connectionMethod>
+    --metadata-json <json>     Extra session metadata object
   Returns:
     New ticket/session JSON plus SESSION_KEY and TICKET_ID on stderr when available
 
@@ -1275,6 +1380,7 @@ artifact-upload-file:
     --metadata-json <json>
 
 Examples:
+  ovld protocol auth-status
   ovld protocol discover-project
   ovld protocol discover-project --working-directory /path/to/repo
   ovld protocol spawn --agent codex --objective "Implement feature X"   # auto-resolves project from cwd
@@ -1303,6 +1409,7 @@ Examples:
   }
 
   if (subcommand === 'discover-project') { await protocolDiscoverProject(args); return; }
+  if (subcommand === 'auth-status') { await protocolAuthStatus(); return; }
   if (subcommand === 'attach') { await protocolAttach(args); return; }
   if (subcommand === 'connect') { await protocolConnect(args); return; }
   if (subcommand === 'load-context') { await protocolLoadContext(args); return; }
@@ -1314,6 +1421,7 @@ Examples:
   if (subcommand === 'update') { await protocolUpdate(args); return; }
   if (subcommand === 'record-change-rationales') { await protocolRecordChangeRationales(args); return; }
   if (subcommand === 'ask') { await protocolAsk(args); return; }
+  if (subcommand === 'permission-request') { await protocolPermissionRequest(args); return; }
   if (subcommand === 'read-context') { await protocolReadContext(args); return; }
   if (subcommand === 'write-context') { await protocolWriteContext(args); return; }
   if (subcommand === 'deliver') { await protocolDeliver(args); return; }

package/bin/_cli/setup.mjs

@@ -195,13 +195,9 @@ ovld protocol artifact-upload-file --session-key <sessionKey> --ticket-id $TICKE
 const PERMISSION_HOOK_SCRIPT = `#!/bin/bash
 # Overlord PermissionRequest notification hook (managed by Overlord)
 BODY=$(cat -)
-if [ -n "$OVERLORD_URL" ] && [ -n "$AGENT_TOKEN" ] && [ -n "$TICKET_ID" ]; then
-  curl -sf -m 5 \\
-    -X POST "$OVERLORD_URL/api/protocol/permission-request?ticketId=$TICKET_ID" \\
-    -H "Authorization: Bearer $AGENT_TOKEN" \\
-    -H "X-Overlord-Local-Secret: $OVERLORD_LOCAL_SECRET" \\
-    -H "Content-Type: application/json" \\
-    -d "$BODY" \\
+if [ -n "$TICKET_ID" ] && command -v ovld >/dev/null 2>&1; then
+  { if [ -n "$BODY" ]; then printf '%s' "$BODY"; else printf '{}'; fi; } \\
+    | ovld protocol permission-request --ticket-id "$TICKET_ID" --payload-file - \\
     >/dev/null 2>&1 &
   disown
 fi
@@ -823,9 +819,7 @@ function installOpenCode() {
       bash: {
         '*': 'ask',
         ...existingBash,
-        'ovld protocol *': 'allow',
-        'curl -sS -X POST *': 'allow',
-        'curl -s -X POST *': 'allow'
+        'ovld protocol *': 'allow'
       }
     }
   });
@@ -904,8 +898,7 @@ function installCursor() {
   const mergedAllow = Array.from(
     new Set([
       ...asStringArray(permissions.allow),
-      'Shell(ovld protocol:*)',
-      'Shell(curl -sS -X POST:*)'
+      'Shell(ovld protocol:*)'
     ])
   );
   writeJsonFile(paths.settingsFile, {
@@ -939,12 +932,6 @@ function installGemini() {
     'commandPrefix = "ovld protocol"',
     'decision = "allow"',
     'priority = 900',
-    '',
-    '[[rule]]',
-    'toolName = "run_shell_command"',
-    'commandPrefix = "curl -sS -X POST"',
-    'decision = "allow"',
-    'priority = 900',
     ''
   ].join('\n');
   writeTextFile(paths.policyFile, policyContent);
@@ -1277,21 +1264,7 @@ function installClaudePermissions(platformUrl) {
     if (!Array.isArray(settings.permissions.allow)) settings.permissions.allow = [];
   }
 
-  const PROTOCOL_ENDPOINTS = [
-    'attach', 'update', 'ask', 'read-context', 'write-context', 'deliver',
-    'create-ticket', 'list-tickets', 'record-change-rationales', 'spawn',
-    'discover-project', 'load-context', 'artifact-upload-file', 'artifact-download-url'
-  ];
-
-  const entries = [];
-  for (const endpoint of PROTOCOL_ENDPOINTS) {
-    entries.push(`Bash(curl -s -X POST "${platformUrl}/api/protocol/${endpoint}":*)`);
-  }
-  entries.push(`Bash(curl -s -H 'Authorization::*)`);
-  for (const endpoint of PROTOCOL_ENDPOINTS) {
-    entries.push(`Bash(curl -s -X POST "$OVERLORD_URL/api/protocol/${endpoint}":*)`);
-  }
-  entries.push(`Bash(curl -s -H "Authorization::*)`);
+  const entries = ['Bash(ovld protocol:*)'];
 
   const existing = new Set(settings.permissions.allow);
   const toAdd = entries.filter((e) => !existing.has(e));
@@ -1353,9 +1326,7 @@ function installOpenCodePermissions(_platformUrl) {
       bash: {
         '*': 'ask',
         ...existingBash,
-        'ovld protocol *': 'allow',
-        'curl -sS -X POST *': 'allow',
-        'curl -s -X POST *': 'allow'
+        'ovld protocol *': 'allow'
       }
     }
   };
@@ -1374,21 +1345,12 @@ function installOpenCodePermissions(_platformUrl) {
   return true;
 }
 
-function installCodexPermissions(platformUrl) {
+function installCodexPermissions() {
   console.log(`--- Codex ---`);
   console.log('  Codex does not support file-based permission configuration.');
-  console.log('  To warm up permissions, run the following commands once inside a Codex session:');
-  console.log('  (Codex will prompt for approval; approve each one to persist the prefix.)\n');
-
-  const PROTOCOL_ENDPOINTS = [
-    'attach', 'update', 'ask', 'read-context', 'write-context', 'deliver',
-    'create-ticket', 'list-tickets'
-  ];
-
-  for (const endpoint of PROTOCOL_ENDPOINTS) {
-    console.log(`  curl -s -X POST "${platformUrl}/api/protocol/${endpoint}" -H "Content-Type: application/json" -H "Authorization: Bearer \\$AGENT_TOKEN" -d '{}'`);
-  }
-  console.log(`  curl -s -H "Authorization: Bearer \\$AGENT_TOKEN" "${platformUrl}/api/protocol/context/test"`);
+  console.log('  To warm up permissions, run the following command once inside a Codex session:');
+  console.log('  (Codex will prompt for approval; approve it to persist the prefix.)\n');
+  console.log('  ovld protocol help');
   console.log();
   return true;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "overlord-cli",
-  "version": "4.5.0",
+  "version": "4.7.0",
   "description": "Overlord CLI — launch AI agents on tickets from anywhere",
   "type": "module",
   "bin": {

package/plugins/claude/README.md

@@ -6,8 +6,8 @@ Claude Code plugin that exposes the Overlord local ticket workflow to any Claude
 
 - `skills/overlord-ticket/SKILL.md` — durable attach → update → ask → deliver workflow.
 - `commands/{connect,load,spawn}.md` — slash commands for session routing and ticket creation.
-- `hooks/hooks.json` + `scripts/permission-hook.sh` — PermissionRequest notifier that posts to `/api/protocol/permission-request` on the Overlord platform.
-- `userConfig` for `overlord_url` (non-sensitive) and `agent_token` (sensitive → OS keychain) so the hook and CLI know where to talk.
+- `hooks/hooks.json` + `scripts/permission-hook.sh` — PermissionRequest notifier that calls `ovld protocol permission-request`.
+- `userConfig` for legacy `overlord_url` and `agent_token` installs. Current installs should authenticate with `ovld auth login` or Overlord Desktop; env vars remain optional overrides for remote shells, CI, and explicit token injection.
 
 ## Requirements
 
@@ -29,7 +29,7 @@ claude plugin marketplace add cooperativ/overlord-marketplace
 claude plugin install overlord@cooperativ
 ```
 
-The plugin prompts for `overlord_url` and `agent_token` at install time. The token is persisted to the OS keychain; the URL is stored in `~/.claude/settings.json` under `pluginConfigs["overlord"].options`.
+Older plugin versions prompted for `overlord_url` and `agent_token` at install time. The current hook goes through `ovld protocol`, so the CLI resolves auth from env vars or the shared `~/.ovld` credentials written by CLI/Desktop login.
 
 ## Namespaced components
 

package/plugins/overlord/README.md

@@ -14,7 +14,7 @@ personal marketplace entry at `~/.agents/plugins/marketplace.json`.
 ## Requirements
 
 - Install the Overlord CLI so `ovld` is available on `PATH`.
-- Ensure `OVERLORD_URL` and `AGENT_TOKEN` are available when the target Overlord instance requires them.
+- Authenticate with `ovld auth login` or Overlord Desktop. `OVERLORD_URL` and `AGENT_TOKEN` are optional overrides, mainly for remote shells, CI, or explicit token injection.
 - Optionally set `OVLD_BIN` if the CLI lives at a non-standard path.
 
 ## Tool coverage

package/plugins/overlord/scripts/overlord-mcp.mjs

@@ -51,16 +51,20 @@ const tools = [
       properties: {
         ticket_id: { type: 'string', description: 'Target ticket ID' },
         agent: { type: 'string' },
+        model: { type: 'string' },
         method: { type: 'string' },
-        external_session_id: { type: ['string', 'null'] }
+        external_session_id: { type: ['string', 'null'] },
+        metadata: { type: 'object' }
       },
       required: ['ticket_id']
     },
     toCliFlags: args => ({
       'ticket-id': args.ticket_id,
       agent: args.agent,
+      model: args.model,
       method: args.method,
-      'external-session-id': args.external_session_id
+      'external-session-id': args.external_session_id,
+      'metadata-json': args.metadata
     }),
     subcommand: 'attach'
   },
@@ -116,6 +120,8 @@ const tools = [
         parent_session_key: { type: 'string' },
         parent_ticket_id: { type: 'string' },
         agent: { type: 'string' },
+        model: { type: 'string' },
+        metadata: { type: 'object' },
         method: { type: 'string' }
       },
       required: ['objective']
@@ -133,6 +139,8 @@ const tools = [
       'parent-session-key': args.parent_session_key,
       'parent-ticket-id': args.parent_ticket_id,
       agent: args.agent,
+      model: args.model,
+      'metadata-json': args.metadata,
       method: args.method
     }),
     subcommand: 'spawn'