skalpel 2.0.24 → 3.0.0

package/postinstall/lib/service-register.js

@@ -0,0 +1,293 @@
+// Step 3: per-OS service registration.
+//
+// SPEC.md §9.2 (launchd), §9.3 (systemd), §9.4 (Task Scheduler).
+//
+// On every supported OS we:
+//   1. Render the template with paths.templateValues().
+//   2. Write the rendered file to its OS-specific destination.
+//   3. Invoke the OS tool (launchctl / systemctl / schtasks) to load
+//      the unit.
+//
+// Idempotence: writing replaces any prior file at the same path.
+// launchctl bootout / systemctl daemon-reload / schtasks /Delete are
+// run before the new file is loaded so a stale unit is replaced.
+//
+// Dry-run: no filesystem writes, no exec — only log lines describing
+// what would happen.
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const crypto = require('crypto');
+const { spawnSync } = require('child_process');
+
+const log = require('./log');
+const paths = require('./paths');
+const template = require('./template');
+const rcEdit = require('./rc-edit');
+
+// B14: launchctl absolute path. SSH'd users may have a stripped PATH
+// that does not include /bin; fail fast with a real path so the
+// spawn error is "binary not found at known location" rather than
+// "PATH lookup failed".
+const LAUNCHCTL_PATH = '/bin/launchctl';
+
+// B10: launchd target (gui/<uid> vs system/) depends on whether a
+// graphical session is attached. Headless macOS (SSH login, CI box)
+// must use system/ because gui/<uid> requires Aqua.
+function launchdTarget() {
+  const headless = !!process.env.SSH_CLIENT || !process.env.DISPLAY;
+  if (headless) {
+    return 'system';
+  }
+  return `gui/${process.getuid()}`;
+}
+
+function templatePath() {
+  switch (process.platform) {
+    case 'darwin':
+      return path.join(template.templateDir('launchd'), 'com.skalpel.skalpeld.plist.tmpl');
+    case 'win32':
+      return path.join(template.templateDir('windows'), 'Task.xml.tmpl');
+    default:
+      return path.join(template.templateDir('systemd'), 'skalpeld.service.tmpl');
+  }
+}
+
+// renderedPowerShellPath is where service-register stages the rendered
+// register-task.ps1 (B8). The .tmpl on disk is never executed directly.
+function renderedPowerShellPath() {
+  return path.join(paths.configDir(), 'register-task.ps1');
+}
+
+function xmlEscapedValues(values) {
+  const out = {};
+  for (const [k, v] of Object.entries(values)) {
+    out[k] = rcEdit.xmlEscape(v);
+  }
+  return out;
+}
+
+function loadCommands() {
+  const dest = paths.servicePath();
+  switch (process.platform) {
+    case 'darwin': {
+      const target = launchdTarget(); // B10
+      const fullTarget =
+        target === 'system' ? 'system/ai.skalpel.daemon' : `${target}/ai.skalpel.daemon`;
+      const bootstrap = target === 'system' ? 'system' : target;
+      return [
+        [LAUNCHCTL_PATH, ['bootout', fullTarget], { allowFail: true }],
+        [LAUNCHCTL_PATH, ['bootstrap', bootstrap, dest]],
+        [LAUNCHCTL_PATH, ['enable', fullTarget]],
+        [LAUNCHCTL_PATH, ['kickstart', '-k', fullTarget]],
+      ];
+    }
+    case 'win32': {
+      const ps1 = renderedPowerShellPath();
+      return [
+        ['powershell.exe', ['-NoProfile', '-File', ps1, '-Action', 'register', '-XmlPath', dest]],
+      ];
+    }
+    default:
+      return [
+        ['systemctl', ['--user', 'daemon-reload']],
+        ['systemctl', ['--user', 'enable', 'skalpel-daemon.service']],
+        ['systemctl', ['--user', 'start', 'skalpel-daemon.service']],
+      ];
+  }
+}
+
+function unloadCommands() {
+  switch (process.platform) {
+    case 'darwin': {
+      const target = launchdTarget();
+      const fullTarget =
+        target === 'system' ? 'system/ai.skalpel.daemon' : `${target}/ai.skalpel.daemon`;
+      return [
+        [LAUNCHCTL_PATH, ['bootout', fullTarget], { allowFail: true }],
+      ];
+    }
+    case 'win32': {
+      const ps1 = renderedPowerShellPath();
+      return [
+        ['powershell.exe', ['-NoProfile', '-File', ps1, '-Action', 'unregister'], { allowFail: true }],
+      ];
+    }
+    default:
+      return [
+        ['systemctl', ['--user', 'disable', '--now', 'skalpel-daemon.service'], { allowFail: true }],
+      ];
+  }
+}
+
+// B42: validate the daemon binary exists at the path the service
+// unit will exec. SHA256 verification is deferred (TODO below) until
+// dist.shasum is populated in package.json. The existence check is
+// not deferred — running a service unit pointing at a missing binary
+// guarantees a startup failure.
+function verifyBinary() {
+  const bin = paths.binPath('skalpeld');
+  let stat;
+  try {
+    stat = fs.statSync(bin);
+  } catch (err) {
+    throw new Error(`service-register: skalpeld binary missing at ${bin}: ${err.message}`);
+  }
+  if (!stat.isFile()) {
+    throw new Error(`service-register: ${bin} is not a regular file`);
+  }
+  // TODO(B42): wire shasum verify when package.json/dist.shasum is populated.
+  // Compute SHA-256 over the binary and compare to the published shasum
+  // so an attacker cannot swap the binary post-install.
+  let pkg;
+  try {
+    pkg = require(path.join(__dirname, '..', '..', 'package.json'));
+  } catch (_) {
+    pkg = {};
+  }
+  const expected = pkg && pkg.dist && pkg.dist.shasum;
+  if (expected) {
+    const h = crypto.createHash('sha256');
+    h.update(fs.readFileSync(bin));
+    const got = h.digest('hex');
+    if (got !== expected) {
+      throw new Error(
+        `service-register: skalpeld shasum mismatch (got ${got}, want ${expected})`
+      );
+    }
+  }
+  return { bin, stat };
+}
+
+// B50: two-phase unregister with rollback markers. Phase 1 collects
+// what would be undone; phase 2 executes each step and on failure
+// runs the prior-step undo so the system does not end up in a
+// half-detached state.
+function unregister({ dryRun }) {
+  const dest = paths.servicePath();
+  if (dryRun) {
+    log.dryRun(`uninstall: would unregister service at ${dest}`);
+    for (const [bin, args] of unloadCommands()) {
+      log.dryRun(`  would run: ${bin} ${args.join(' ')}`);
+    }
+    log.dryRun(`  would rm ${dest}`);
+    return { dryRun: true };
+  }
+
+  // Phase 1: plan the steps.
+  const steps = unloadCommands().map(([bin, args, opts]) => ({
+    bin,
+    args,
+    allowFail: !!(opts && opts.allowFail),
+    done: false,
+  }));
+  const errors = [];
+
+  // Phase 2: execute. On hard failure, log every prior step (we do not
+  // attempt to re-bootstrap because that would re-install the daemon).
+  for (const step of steps) {
+    const r = spawnSync(step.bin, step.args, { stdio: 'inherit' });
+    if (r.status !== 0 && !step.allowFail) {
+      const msg = `uninstall: ${step.bin} ${step.args.join(' ')} exited ${r.status}`;
+      errors.push(msg);
+      log.warn(`${msg}; rolling forward to file removal`);
+    } else {
+      step.done = true;
+    }
+  }
+  log.info(
+    `uninstall: phase 2 complete: ${steps.filter((s) => s.done).length}/${steps.length} ok` +
+    (errors.length ? ` (${errors.length} errors)` : '')
+  );
+
+  if (fs.existsSync(dest)) {
+    fs.unlinkSync(dest);
+    log.info(`uninstall: removed ${dest}`);
+  }
+  // Also remove the rendered helper PS1 on Windows.
+  const ps1 = renderedPowerShellPath();
+  if (process.platform === 'win32' && fs.existsSync(ps1)) {
+    fs.unlinkSync(ps1);
+    log.info(`uninstall: removed ${ps1}`);
+  }
+  return { removed: true, errors };
+}
+
+function run({ dryRun }) {
+  const tmpl = templatePath();
+  const dest = paths.servicePath();
+  const values = paths.templateValues();
+  const warnings = [];
+
+  if (dryRun) {
+    log.dryRun(`step 3 service-register: would render ${tmpl} → ${dest}`);
+    for (const [bin, args] of loadCommands()) {
+      log.dryRun(`  would run: ${bin} ${args.join(' ')}`);
+    }
+    return { skipped: false, dryRun: true, warnings };
+  }
+
+  if (!fs.existsSync(tmpl)) {
+    log.warn(
+      `service-register: template ${tmpl} missing — skipping service ` +
+      'registration. Daemon will still launch on first TUI invocation.'
+    );
+    return { skipped: true, reason: 'no-template', warnings };
+  }
+
+  // B42: verify the daemon binary is present. Log + record a
+  // warning when missing but continue writing the service file so
+  // the wizard remains best-effort under npm postinstall. The
+  // service unit itself will fail to start at boot, which is the
+  // signal an operator notices — better than silently writing a
+  // unit that may have a stale path baked in.
+  try {
+    verifyBinary();
+  } catch (err) {
+    log.warn(`service-register: ${err.message}; continuing — service unit will surface this at boot`);
+    warnings.push(err.message);
+  }
+
+  fs.mkdirSync(path.dirname(dest), { recursive: true });
+  // B49: explicit chmod after recursive mkdir — Node's mkdirSync
+  // honours mode only for the *leaf* directory, not the intermediate
+  // ones. The configDir + logsDir need a final chmod to land at
+  // 0o700 reliably across platforms.
+  fs.mkdirSync(paths.configDir(), { recursive: true, mode: 0o700 });
+  fs.chmodSync(paths.configDir(), 0o700);
+  fs.mkdirSync(paths.logsDir(), { recursive: true, mode: 0o700 });
+  fs.chmodSync(paths.logsDir(), 0o700);
+
+  const renderValues = process.platform === 'win32' ? xmlEscapedValues(values) : values;
+  const rendered = template.render(tmpl, renderValues);
+  fs.writeFileSync(dest, rendered, { mode: 0o644 });
+  log.info(`service-register: wrote ${dest}`);
+
+  if (process.platform === 'win32') {
+    const ps1Tmpl = path.join(template.templateDir('windows'), 'register-task.ps1.tmpl');
+    const ps1Path = renderedPowerShellPath();
+    const ps1Body = template.render(ps1Tmpl, values);
+    fs.writeFileSync(ps1Path, ps1Body, { mode: 0o755 });
+    log.info(`service-register: wrote ${ps1Path}`);
+  }
+
+  // B13: collect warnings on non-fatal failures and return them so
+  // the caller (postinstall/index.js) can decide whether to treat
+  // the wizard run as ok-with-warnings or fail.
+  for (const [bin, args, opts] of loadCommands()) {
+    const r = spawnSync(bin, args, { stdio: 'inherit' });
+    if (r.status !== 0 && !(opts && opts.allowFail)) {
+      const msg =
+        `service-register: ${bin} ${args.join(' ')} exited ${r.status}; ` +
+        'continuing without daemon-on-boot';
+      log.warn(msg);
+      warnings.push(msg);
+      return { skipped: false, registered: false, warnings };
+    }
+  }
+  return { skipped: false, registered: true, warnings };
+}
+
+module.exports = { run, unregister, templatePath, loadCommands, unloadCommands, launchdTarget };

package/postinstall/lib/sign-in.js

@@ -0,0 +1,98 @@
+// Step 2: sign in.
+//
+// SPEC.md §9.6 step 3 — run `skalpel login` in browser-loopback mode
+// inline. Manual-paste fallback if loopback bind fails.
+//
+// During npm postinstall the user's shell has not yet been re-sourced
+// so the `skalpel` command may not be on PATH. We resolve the
+// dispatch shim via require.resolve() (B7) so a renamed top-level
+// directory does not break the lookup, then invoke it via `node`.
+//
+// In dry-run mode we never spawn anything; we only log the action.
+
+'use strict';
+
+const path = require('path');
+const fs = require('fs');
+const { spawnSync } = require('child_process');
+
+const log = require('./log');
+const paths = require('./paths');
+
+// SIGN_IN_TIMEOUT_MS caps how long we wait for the spawned `skalpel
+// login` subprocess. SPEC.md §4.5 sets the loopback timeout at 5 min;
+// we add a small slack so the user has time to complete the browser
+// flow.
+const SIGN_IN_TIMEOUT_MS = 5 * 60 * 1000 + 30 * 1000;
+
+// resolveDispatcher returns the path to the dispatch shim. B7:
+// require.resolve('../../npm-bin/skalpel.js') is anchored to the
+// installed package layout — works whether the package is installed
+// globally or linked locally.
+function resolveDispatcher() {
+  // Try require.resolve first (handles symlinked / deduped layouts).
+  try {
+    return require.resolve('../../npm-bin/skalpel.js');
+  } catch (_) {
+    // Fall back to a path-join lookup so dev environments without a
+    // resolvable layout still work.
+    const guess = path.join(__dirname, '..', '..', 'npm-bin', 'skalpel.js');
+    if (fs.existsSync(guess)) {
+      return guess;
+    }
+    return null;
+  }
+}
+
+function run({ dryRun, prior }) {
+  if (prior) {
+    log.info('sign-in: prior auth.json detected — skipping browser flow');
+    return { skipped: true };
+  }
+
+  const dispatcher = resolveDispatcher();
+
+  if (dryRun) {
+    log.dryRun(
+      `step 2 sign-in: would exec \`node ${dispatcher || '<dispatcher-missing>'} login\` ` +
+      '(loopback browser flow with manual-paste fallback)'
+    );
+    return { skipped: false, dryRun: true };
+  }
+
+  if (!dispatcher) {
+    log.warn(
+      'sign-in: dispatch shim not resolvable; user must run `skalpel login` ' +
+      'manually after install'
+    );
+    return { skipped: true, reason: 'no-dispatcher' };
+  }
+
+  // B6: actually spawn `skalpel login`. The subprocess opens the
+  // browser, waits for the loopback callback, and writes auth.json.
+  // We propagate stdio so the user can see the prompt; we cap at
+  // SIGN_IN_TIMEOUT_MS so a runaway hang does not block npm install.
+  log.info(
+    'sign-in: launching `skalpel login` (loopback browser flow); ' +
+    `timeout ${Math.round(SIGN_IN_TIMEOUT_MS / 1000)}s`
+  );
+  const r = spawnSync(process.execPath, [dispatcher, 'login'], {
+    stdio: 'inherit',
+    timeout: SIGN_IN_TIMEOUT_MS,
+  });
+  if (r.error) {
+    log.warn(`sign-in: spawn error: ${r.error.message}; user can re-run \`skalpel login\``);
+    return { skipped: false, error: r.error.message };
+  }
+  if (r.status !== 0) {
+    log.warn(
+      `sign-in: \`skalpel login\` exited ${r.status}; user can re-run after install ` +
+      `(config dir: ${paths.configDir()})`
+    );
+    return { skipped: false, exitCode: r.status };
+  }
+  log.info(`sign-in: ok (config dir: ${paths.configDir()})`);
+  return { skipped: false, ok: true };
+}
+
+module.exports = { run, resolveDispatcher };

package/postinstall/lib/template.js

@@ -0,0 +1,36 @@
+// Minimal placeholder substitution for postinstall templates.
+//
+// Templates live alongside this file (postinstall/launchd/...,
+// postinstall/systemd/..., postinstall/windows/...). Each template
+// uses {{NAME}} placeholders; we replace them with the values from
+// paths.templateValues().
+//
+// We deliberately do not pull in handlebars/mustache: stdlib only
+// keeps the npm install footprint at zero, which matters for a
+// postinstall hook.
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+
+function render(templatePath, values) {
+  const raw = fs.readFileSync(templatePath, 'utf8');
+  return substitute(raw, values);
+}
+
+function substitute(body, values) {
+  return body.replace(/\{\{([A-Z_][A-Z0-9_]*)\}\}/g, (m, key) => {
+    if (Object.prototype.hasOwnProperty.call(values, key)) {
+      return String(values[key]);
+    }
+    // Leave unknown placeholders untouched so the operator sees them.
+    return m;
+  });
+}
+
+function templateDir(subdir) {
+  return path.join(__dirname, '..', subdir);
+}
+
+module.exports = { render, substitute, templateDir };

package/postinstall/snippets/bash.sh.tmpl

@@ -0,0 +1,12 @@
+# Reference snippet — bash form of the managed block. Identical body
+# to zsh.sh.tmpl per SPEC.md §9.5; the only difference is the rc-file
+# path the editor writes to (~/.bashrc or ~/.bash_profile).
+# >>> @skalpelai/skalpel begin (managed)
+# This block is managed by skalpel install. Do not edit by hand;
+# re-run `skalpel install` or `npx skalpel` to update.
+export ANTHROPIC_API_URL="http://127.0.0.1:7878"
+export ANTHROPIC_BASE_URL="http://127.0.0.1:7878"
+export OPENAI_BASE_URL="http://127.0.0.1:7878/v1"
+export OPENAI_API_BASE="http://127.0.0.1:7878/v1"
+export SKALPEL_PROXY_URL="http://127.0.0.1:7878"
+# <<< @skalpelai/skalpel end (managed)

package/postinstall/snippets/fish.fish.tmpl

@@ -0,0 +1,11 @@
+# Reference snippet — fish form of the managed block. SPEC.md §9.5
+# also allows the conf.d variant at ~/.config/fish/conf.d/skalpel.fish;
+# the editor uses the rc-file form to keep the four shells uniform.
+# >>> @skalpelai/skalpel begin (managed)
+# Managed by skalpel install; safe to delete.
+set -gx ANTHROPIC_API_URL "http://127.0.0.1:7878"
+set -gx ANTHROPIC_BASE_URL "http://127.0.0.1:7878"
+set -gx OPENAI_BASE_URL "http://127.0.0.1:7878/v1"
+set -gx OPENAI_API_BASE "http://127.0.0.1:7878/v1"
+set -gx SKALPEL_PROXY_URL "http://127.0.0.1:7878"
+# <<< @skalpelai/skalpel end (managed)

package/postinstall/snippets/powershell.ps1.tmpl

@@ -0,0 +1,12 @@
+# Reference snippet — PowerShell form of the managed block. The fence
+# uses the trailing >>> / <<< sigils per SPEC.md §9.5 so the marker
+# parses cleanly against PowerShell's $env:NAME prefix style.
+# >>> @skalpelai/skalpel begin (managed) >>>
+# This block is managed by skalpel install. Do not edit by hand;
+# re-run `skalpel install` or `npx skalpel` to update.
+$env:ANTHROPIC_API_URL = 'http://127.0.0.1:7878'
+$env:ANTHROPIC_BASE_URL = 'http://127.0.0.1:7878'
+$env:OPENAI_BASE_URL = 'http://127.0.0.1:7878/v1'
+$env:OPENAI_API_BASE = 'http://127.0.0.1:7878/v1'
+$env:SKALPEL_PROXY_URL = 'http://127.0.0.1:7878'
+# <<< @skalpelai/skalpel end (managed) <<<

package/postinstall/snippets/zsh.sh.tmpl

@@ -0,0 +1,13 @@
+# Reference snippet — zsh form of the managed block emitted by
+# postinstall/lib/rc-edit.js. The runtime body is computed in code
+# (so the active port is filled in from <CONFIG_DIR>/skalpeld.lock);
+# this template is for documentation/diff comparisons.
+# >>> @skalpelai/skalpel begin (managed)
+# This block is managed by skalpel install. Do not edit by hand;
+# re-run `skalpel install` or `npx skalpel` to update.
+export ANTHROPIC_API_URL="http://127.0.0.1:7878"
+export ANTHROPIC_BASE_URL="http://127.0.0.1:7878"
+export OPENAI_BASE_URL="http://127.0.0.1:7878/v1"
+export OPENAI_API_BASE="http://127.0.0.1:7878/v1"
+export SKALPEL_PROXY_URL="http://127.0.0.1:7878"
+# <<< @skalpelai/skalpel end (managed)

package/postinstall/systemd/skalpeld.service.tmpl

@@ -0,0 +1,33 @@
+# systemd user unit for the Skalpel local proxy daemon.
+# SPEC.md §9.3 — installed at ~/.config/systemd/user/skalpel-daemon.service
+# Postinstall placeholders: {{USER}} {{HOME}} {{BIN}} {{CONFIG_DIR}}.
+[Unit]
+Description=Skalpel daemon (local proxy) — user={{USER}}
+Documentation=https://skalpel.ai/docs/cli
+After=default.target
+
+[Service]
+Type=simple
+ExecStart="{{BIN}}/skalpeld" --service-mode
+Restart=on-failure
+RestartSec=10s
+
+# Process hygiene
+StandardOutput=append:{{CONFIG_DIR}}/logs/skalpeld.log
+StandardError=append:{{CONFIG_DIR}}/logs/skalpeld.log
+WorkingDirectory={{HOME}}
+
+# Sandboxing (best-effort; user units can't enforce all of these).
+PrivateTmp=true
+ProtectSystem=strict
+ReadWritePaths={{CONFIG_DIR}}
+NoNewPrivileges=true
+
+# Allow bind to 127.0.0.1:<port> (privileged binds not needed; ports >= 1024).
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+
+Environment="SKALPEL_CONFIG_DIR={{CONFIG_DIR}}"
+Environment="HOME={{HOME}}"
+
+[Install]
+WantedBy=default.target

package/postinstall/windows/Task.xml.tmpl

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Task version="1.4" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
+  <RegistrationInfo>
+    <Date>2026-05-03T10:00:00</Date>
+    <Author>skalpel</Author>
+    <Description>Skalpel daemon (local proxy) — user={{USER}}</Description>
+    <URI>\Skalpel\skalpel-daemon</URI>
+  </RegistrationInfo>
+  <Triggers>
+    <LogonTrigger>
+      <Enabled>true</Enabled>
+      <UserId>{{USER}}</UserId>
+    </LogonTrigger>
+  </Triggers>
+  <Principals>
+    <Principal id="Author">
+      <UserId>{{USER}}</UserId>
+      <LogonType>InteractiveToken</LogonType>
+      <RunLevel>LeastPrivilege</RunLevel>
+    </Principal>
+  </Principals>
+  <Settings>
+    <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
+    <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
+    <StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>
+    <AllowHardTerminate>false</AllowHardTerminate>
+    <RestartOnFailure>
+      <Interval>PT10S</Interval>
+      <Count>3</Count>
+    </RestartOnFailure>
+    <Hidden>true</Hidden>
+    <ExecutionTimeLimit>PT0S</ExecutionTimeLimit>
+  </Settings>
+  <Actions Context="Author">
+    <Exec>
+      <Command>{{BIN}}\skalpeld.exe</Command>
+      <Arguments>--service-mode</Arguments>
+      <WorkingDirectory>{{CONFIG_DIR}}</WorkingDirectory>
+    </Exec>
+  </Actions>
+  <!-- Home reference for postinstall renderer: {{HOME}} -->
+</Task>

package/postinstall/windows/register-task.ps1.tmpl

@@ -0,0 +1,45 @@
+# register-task.ps1 — register or unregister the Skalpel daemon Scheduled Task.
+#
+# Invoked by postinstall/lib/service-register.js. Runs as the current
+# user (no elevation); the task itself runs as the same user at logon.
+#
+# Placeholders rendered by postinstall/lib/template.js:
+#   {{USER}}        — interactive user (also written into Task.xml)
+#   {{HOME}}        — user's home directory
+#   {{BIN}}         — directory containing skalpeld.exe
+#   {{CONFIG_DIR}}  — %APPDATA%\skalpel
+#
+# This file is a TEMPLATE; the renderer substitutes the placeholders
+# above before the script is invoked.
+
+[CmdletBinding()]
+param(
+    [Parameter(Mandatory = $true)]
+    [ValidateSet('register', 'unregister')]
+    [string]$Action,
+
+    [Parameter()]
+    [string]$XmlPath = '{{CONFIG_DIR}}\Task.xml',
+
+    [Parameter()]
+    [string]$TaskName = 'Skalpel\skalpel-daemon'
+)
+
+$ErrorActionPreference = 'Stop'
+
+Write-Host "skalpel install: register-task.ps1 user={{USER}} home={{HOME}} bin={{BIN}}"
+
+switch ($Action) {
+    'register' {
+        if (-not (Test-Path -LiteralPath $XmlPath)) {
+            Write-Error "Task XML not found at $XmlPath"
+            exit 1
+        }
+        & schtasks.exe /Create /XML $XmlPath /TN $TaskName /F | Out-Host
+        & schtasks.exe /Run /TN $TaskName | Out-Host
+    }
+    'unregister' {
+        & schtasks.exe /End /TN $TaskName 2>$null | Out-Host
+        & schtasks.exe /Delete /TN $TaskName /F | Out-Host
+    }
+}