skill-market-cli 1.0.0 → 1.1.0

package/examples/test-skill.yaml

@@ -0,0 +1,78 @@
+---
+name: code-reviewer
+purpose: Review code changes and provide constructive feedback on quality, style, and potential issues
+rootUrl: https://raw.githubusercontent.com/LSTM-Kirigaya/jinhui-skills/main/skills/code-reviewer/SKILL.md
+tags: ["code-review", "development", "quality"]
+model: claude-3-5-sonnet
+---
+
+# Code Reviewer Skill
+
+This skill helps review code changes and provide detailed feedback.
+
+## Usage Examples
+
+### Review a pull request
+
+Please review this pull request for code quality and potential issues:
+
+```diff
++ function calculateTotal(items) {
++   let total = 0;
++   for (let i = 0; i < items.length; i++) {
++     total += items[i].price;
++   }
++   return total;
++ }
+```
+
+### Check for security issues
+
+Review this code for potential security vulnerabilities:
+
+```javascript
+app.post('/login', (req, res) => {
+  const { username, password } = req.body;
+  const query = `SELECT * FROM users WHERE username = '${username}'`;
+  db.query(query, (err, results) => {
+    // ...
+  });
+});
+```
+
+## AI Execution Output Format
+
+When reviewing code, provide output in this structured format:
+
+1. **Summary** - Brief overview of the code changes
+2. **Quality Assessment** - Code quality rating (1-5 stars)
+3. **Issues Found** - List of specific issues with:
+   - Severity (Critical/High/Medium/Low)
+   - Location (line numbers)
+   - Description
+   - Suggested fix
+4. **Positive Aspects** - What was done well
+5. **Recommendations** - Actionable improvement suggestions
+
+## Required Fields
+
+Based on the skill format, the following fields are required when uploading:
+
+| Field | Type | Description |
+|-------|------|-------------|
+| name | string | Unique skill identifier (e.g., "code-reviewer") |
+| purpose | string | What this skill does |
+| rootUrl | string | GitHub raw URL to the SKILL.md file |
+| tags | array | Categories for the skill |
+| usageExamples | array | Example prompts with AI responses |
+| model | string | Recommended AI model (optional) |
+
+## Usage Example Structure
+
+Each usage example should include:
+- `prompt`: The user's input/query
+- `aiResponses`: Array of AI response items with:
+  - `type`: "thinking", "toolcall", or "message"
+  - `content`: The response content
+  - `toolName`: For toolcall type, the tool name
+  - `toolInput`: For toolcall type, the input parameters

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "skill-market-cli",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "CLI tool for managing skills on Skill Market",
   "main": "src/index.js",
   "bin": {
-    "skill-market-cli": "./bin/skill-market-cli.js",
-    "smcli": "./bin/skill-market-cli.js"
+    "skill-market-cli": "bin/skill-market-cli.js",
+    "smcli": "bin/skill-market-cli.js"
   },
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
@@ -35,10 +35,10 @@
   },
   "repository": {
     "type": "git",
-    "url": "https://github.com/yourusername/skill-market-cli.git"
+    "url": "git+https://github.com/LSTM-Kirigaya/skill-market-cli.git"
   },
   "homepage": "https://kirigaya.cn/ktools/skillmanager",
   "bugs": {
-    "url": "https://github.com/yourusername/skill-market-cli/issues"
+    "url": "https://github.com/LSTM-Kirigaya/skill-market-cli/issues"
   }
 }

package/src/api/client.js

@@ -9,6 +9,10 @@ class ApiClient {
     this.init();
   }
 
+  reinit() {
+    this.init();
+  }
+
   init() {
     const serverConfig = getServerConfig();
     this.client = axios.create({
@@ -101,12 +105,12 @@ class ApiClient {
   }
 
   async uploadSkill(data) {
-    const response = await this.client.post('/skill/upload', data);
+    const response = await this.client.post('/skill/ai/upload', data);
     return response.data;
   }
 
   async updateSkill(id, data) {
-    const response = await this.client.post(`/skill/update/${id}`, data);
+    const response = await this.client.post(`/skill/ai/update/${id}`, data);
     return response.data;
   }
 

package/src/auth/oauth.js

@@ -1,155 +1,196 @@
 const http = require('http');
-const url = require('url');
 const chalk = require('chalk');
 const open = require('open');
 const axios = require('axios');
-const { saveToken, getServerConfig, setServerConfig } = require('./token-store');
+const { saveToken, getServerConfig } = require('./token-store');
 
-const DEFAULT_SERVER_URL = 'https://kirigaya.cn';
 const CLIENT_ID = 'skill-market-cli';
 
-// 获取 OAuth 配置
+function getApiRoot() {
+  const serverConfig = getServerConfig();
+  return serverConfig.apiBase || `${serverConfig.baseURL}/api`;
+}
+
 async function getOAuthConfig() {
+  const serverConfig = getServerConfig();
+  const apiRoot = getApiRoot();
+
   try {
-    const serverConfig = getServerConfig();
-    const response = await axios.get(`${serverConfig.baseURL}/oauth/config`);
+    const response = await axios.get(`${apiRoot}/oauth/config`);
     if (response.data && response.data.code === 200) {
-      return response.data.data;
+      const data = response.data.data || {};
+      return {
+        ...data,
+        authorizeURL: `${serverConfig.baseURL}/oauth/authorize`,
+        tokenURL: `${apiRoot}/oauth/token`,
+        userinfoURL: `${apiRoot}/oauth/userinfo`
+      };
     }
   } catch (e) {
-    // 使用默认配置
+    // 使用下方默认配置
   }
+
   return {
     clientId: CLIENT_ID,
     redirectUri: 'http://localhost:0/callback',
-    authorizeURL: `${DEFAULT_SERVER_URL}/oauth/authorize`,
-    tokenURL: `${DEFAULT_SERVER_URL}/oauth/token`,
+    authorizeURL: `${serverConfig.baseURL}/oauth/authorize`,
+    tokenURL: `${apiRoot}/oauth/token`,
+    userinfoURL: `${apiRoot}/oauth/userinfo`,
     scopes: ['skill:read', 'skill:write', 'user:read']
   };
 }
 
-// 启动本地回调服务器
-function startCallbackServer(port = 0) {
-  return new Promise((resolve, reject) => {
-    const server = http.createServer((req, res) => {
-      const parsedUrl = url.parse(req.url, true);
-      const { code, error, error_description } = parsedUrl.query;
-
-      if (error) {
-        res.writeHead(400, { 'Content-Type': 'text/html; charset=utf-8' });
-        res.end(`
-          <!DOCTYPE html>
-          <html>
-          <head><title>授权失败</title></head>
-          <body style="text-align:center;padding:50px;font-family:sans-serif;">
-            <h1 style="color:#f44336;">❌ 授权失败</h1>
-            <p>${error_description || error}</p>
-            <p>请关闭此窗口并返回命令行</p>
-          </body>
-          </html>
-        `);
-        server.close();
-        reject(new Error(error_description || error));
-        return;
-      }
+function startCallbackServer() {
+  let resolveCode;
+  let rejectCode;
 
-      if (code) {
-        res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
-        res.end(`
-          <!DOCTYPE html>
-          <html>
-          <head><title>授权成功</title></head>
-          <body style="text-align:center;padding:50px;font-family:sans-serif;background:linear-gradient(135deg,#667eea,#764ba2);">
-            <div style="background:white;padding:40px;border-radius:12px;box-shadow:0 10px 40px rgba(0,0,0,0.2);display:inline-block;">
-              <div style="font-size:64px;color:#4CAF50;">✓</div>
-              <h1 style="color:#333;">授权成功</h1>
-              <p style="color:#666;">您已成功授权 Skill Market CLI</p>
-              <p style="color:#999;font-size:14px;">请关闭此窗口并返回命令行</p>
-            </div>
-          </body>
-          </html>
-        `);
-        server.close();
-        resolve(code);
-      }
-    });
+  const codePromise = new Promise((resolve, reject) => {
+    resolveCode = resolve;
+    rejectCode = reject;
+  });
+
+  const server = http.createServer((req, res) => {
+    let pathname;
+    let code;
+    let error;
+    let error_description;
+    try {
+      const base = `http://127.0.0.1:${server.address().port}`;
+      const u = new URL(req.url || '/', base);
+      pathname = u.pathname;
+      code = u.searchParams.get('code');
+      error = u.searchParams.get('error');
+      error_description = u.searchParams.get('error_description');
+    } catch {
+      res.writeHead(400, { 'Content-Type': 'text/plain; charset=utf-8' });
+      res.end('Bad request');
+      return;
+    }
+
+    if (pathname === '/favicon.ico') {
+      res.writeHead(204);
+      res.end();
+      return;
+    }
+
+    if (error) {
+      res.writeHead(400, { 'Content-Type': 'text/html; charset=utf-8' });
+      res.end(`<!DOCTYPE html><html><head><meta charset="utf-8"><title>授权未通过</title></head>
+<body style="font-family:sans-serif;text-align:center;padding:48px;">
+<h1>授权未通过</h1><p>${error_description || error}</p><p>请关闭此窗口，回到终端继续操作。</p>
+</body></html>`);
+      server.close();
+      rejectCode(new Error(error_description || error));
+      return;
+    }
 
-    server.listen(port, () => {
+    if (code) {
+      res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
+      res.end(`<!DOCTYPE html><html><head><meta charset="utf-8"><title>授权完成</title></head>
+<body style="font-family:sans-serif;text-align:center;padding:48px;">
+<h1>授权完成</h1><p>本窗口可关闭，请回到终端查看登录结果。</p>
+</body></html>`);
+      server.close();
+      resolveCode(code);
+      return;
+    }
+
+    res.writeHead(404, { 'Content-Type': 'text/plain' });
+    res.end('Not found');
+  });
+
+  return new Promise((resolve, reject) => {
+    server.listen(0, () => {
       const actualPort = server.address().port;
-      console.log(chalk.gray(`Callback server listening on port ${actualPort}`));
+      console.log(chalk.gray(`本地回调服务已启动，端口：${actualPort}`));
+      resolve({ port: actualPort, codePromise });
     });
 
     server.on('error', reject);
   });
 }
 
-// 执行 OAuth 登录流程
+function formatApiError(err) {
+  const d = err.response && err.response.data;
+  if (!d) return err.message || String(err);
+  if (typeof d === 'string') return d;
+  if (d.error_description) return d.error_description;
+  if (d.error) return d.error;
+  try {
+    return JSON.stringify(d);
+  } catch {
+    return err.message;
+  }
+}
+
 async function login(options = {}) {
-  console.log(chalk.blue('🔐 Starting OAuth login flow...\n'));
+  const serverConfig = getServerConfig();
+
+  console.log(chalk.bold('Skill Market 登录'));
+  console.log(chalk.gray(`站点地址：${serverConfig.baseURL}`));
 
-  // 获取 OAuth 配置
   const oauthConfig = await getOAuthConfig();
-  console.log(chalk.gray(`Server: ${oauthConfig.authorizeURL}`));
 
-  // 启动本地回调服务器
-  let callbackPort = 0;
-  const callbackPromise = startCallbackServer(callbackPort);
+  const { port, codePromise } = await startCallbackServer();
+  const redirectUri = `http://localhost:${port}/callback`;
 
-  // 构造授权 URL
   const state = generateRandomString(16);
-  const redirectUri = `http://localhost:${callbackPort}/callback`;
-  
-  const authUrl = new URL(oauthConfig.authorizeURL);
+  const authorizeURL = oauthConfig.authorizeURL || `${serverConfig.baseURL}/oauth/authorize`;
+  const authUrl = new URL(authorizeURL);
   authUrl.searchParams.set('response_type', 'code');
   authUrl.searchParams.set('client_id', oauthConfig.clientId);
   authUrl.searchParams.set('redirect_uri', redirectUri);
-  authUrl.searchParams.set('scope', oauthConfig.scopes.join(' '));
+  const scopeVal = oauthConfig.scopes;
+  const scopeStr = Array.isArray(scopeVal)
+    ? scopeVal.join(' ')
+    : (scopeVal || 'skill:read skill:write user:read');
+  authUrl.searchParams.set('scope', scopeStr);
   authUrl.searchParams.set('state', state);
 
-  console.log(chalk.cyan('\n📱 Please authorize the CLI in your browser.\n'));
-  console.log(chalk.gray('Authorization URL:'));
-  console.log(chalk.underline(authUrl.toString()));
-  console.log();
+  console.log('');
+  console.log('请在浏览器中完成授权（将自动打开页面；若未打开，请复制下方链接到浏览器）：');
+  console.log(chalk.cyan(authUrl.toString()));
+  console.log('');
 
-  // 自动打开浏览器
   if (options.open !== false) {
     try {
       await open(authUrl.toString());
-      console.log(chalk.gray('Browser opened automatically.\n'));
+      console.log(chalk.gray('已尝试打开系统默认浏览器。'));
     } catch (e) {
-      console.log(chalk.yellow('Could not open browser automatically.'));
-      console.log(chalk.yellow('Please open the URL manually.\n'));
+      console.log(chalk.yellow('无法自动打开浏览器，请手动访问上方链接。'));
     }
   }
 
-  // 等待回调
   try {
-    const code = await callbackPromise;
-    console.log(chalk.green('✅ Authorization code received'));
-
-    // 交换 Token
-    console.log(chalk.gray('Exchanging code for token...'));
-    
-    const tokenResponse = await axios.post(oauthConfig.tokenURL, {
-      grant_type: 'authorization_code',
-      code: code,
-      redirect_uri: redirectUri,
-      client_id: oauthConfig.clientId,
-      client_secret: 'dummy-secret' // 实际使用时需要从安全的地方获取
-    });
+    const code = await codePromise;
+    console.log(chalk.gray('已收到授权码，正在换取访问令牌…'));
+
+    const tokenURL = oauthConfig.tokenURL;
+    const tokenResponse = await axios.post(
+      tokenURL,
+      {
+        grant_type: 'authorization_code',
+        code: code,
+        redirect_uri: redirectUri,
+        client_id: oauthConfig.clientId,
+        client_secret: 'dummy-secret'
+      },
+      {
+        headers: { 'Content-Type': 'application/json' }
+      }
+    );
 
     const { access_token, refresh_token, expires_in } = tokenResponse.data;
 
-    // 获取用户信息
-    const userResponse = await axios.get(`${oauthConfig.authorizeURL.replace('/authorize', '/userinfo')}`, {
+    const userinfoURL = oauthConfig.userinfoURL;
+    const userResponse = await axios.get(userinfoURL, {
       headers: {
-        'Authorization': `Bearer ${access_token}`
+        Authorization: `Bearer ${access_token}`
       }
     });
 
     const user = userResponse.data;
 
-    // 保存 Token
     const expiresAt = Date.now() + (expires_in * 1000);
     saveToken(access_token, refresh_token, expiresAt, {
       name: user.name,
@@ -157,38 +198,46 @@ async function login(options = {}) {
       picture: user.picture
     });
 
-    console.log();
-    console.log(chalk.green('✅ Login successful!'));
-    console.log(chalk.cyan(`👤 Welcome, ${user.name}!`));
-    console.log();
+    console.log('');
+    console.log(chalk.green('登录成功'));
+    console.log(chalk.gray(`当前用户：${user.name || user.sub || '（未返回名称）'}`));
+    console.log('');
 
     return true;
   } catch (error) {
-    console.error();
-    console.error(chalk.red('❌ Login failed:'), error.message);
-    if (error.response) {
-      console.error(chalk.red('Server response:'), error.response.data);
+    console.log('');
+    console.log(chalk.red('登录失败'));
+    console.log(chalk.red(formatApiError(error)));
+    if (error.response && error.response.data && process.env.DEBUG) {
+      console.log(chalk.gray(JSON.stringify(error.response.data, null, 2)));
     }
+    console.log('');
     return false;
   }
 }
 
-// 刷新 Token
 async function refreshAccessToken() {
   const { refreshToken } = require('./token-store').getToken();
   if (!refreshToken) {
-    throw new Error('No refresh token available');
+    throw new Error('无刷新令牌，请重新登录');
   }
 
   const oauthConfig = await getOAuthConfig();
-  
+  const tokenURL = oauthConfig.tokenURL;
+
   try {
-    const response = await axios.post(oauthConfig.tokenURL, {
-      grant_type: 'refresh_token',
-      refresh_token: refreshToken,
-      client_id: oauthConfig.clientId,
-      client_secret: 'dummy-secret'
-    });
+    const response = await axios.post(
+      tokenURL,
+      {
+        grant_type: 'refresh_token',
+        refresh_token: refreshToken,
+        client_id: oauthConfig.clientId,
+        client_secret: 'dummy-secret'
+      },
+      {
+        headers: { 'Content-Type': 'application/json' }
+      }
+    );
 
     const { access_token, refresh_token, expires_in } = response.data;
     const expiresAt = Date.now() + (expires_in * 1000);
@@ -198,11 +247,10 @@ async function refreshAccessToken() {
 
     return access_token;
   } catch (error) {
-    throw new Error('Failed to refresh token: ' + error.message);
+    throw new Error('刷新令牌失败：' + formatApiError(error));
   }
 }
 
-// 生成随机字符串
 function generateRandomString(length) {
   const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
   let result = '';

package/src/auth/token-store.js

@@ -70,7 +70,7 @@ function isLoggedIn() {
   return true;
 }
 
-// 获取服务器配置
+// 获取服务器配置（默认与 --mode production 一致）
 function getServerConfig() {
   const config = getConfig();
   return config.server || {

package/src/commands/login.js

@@ -3,16 +3,15 @@ const { isLoggedIn } = require('../auth/token-store');
 const { login: oauthLogin } = require('../auth/oauth');
 
 async function login(options) {
-  // 检查是否已登录
   if (isLoggedIn()) {
-    console.log(chalk.yellow('⚠️  You are already logged in.'));
-    console.log(chalk.gray('Use "skill-market-cli logout" to logout first.\n'));
+    console.log(chalk.yellow('当前已处于登录状态。'));
+    console.log(chalk.gray('如需重新登录，请先执行：skill-market-cli logout'));
+    console.log('');
     return;
   }
 
-  // 执行登录
   const success = await oauthLogin(options);
-  
+
   if (!success) {
     process.exit(1);
   }

package/src/commands/logout.js

@@ -4,21 +4,21 @@ const apiClient = require('../api/client');
 
 async function logout() {
   if (!isLoggedIn()) {
-    console.log(chalk.yellow('⚠️  You are not logged in.\n'));
+    console.log(chalk.yellow('当前未登录，无需登出。'));
+    console.log('');
     return;
   }
 
   try {
-    // 通知服务器登出（撤销 Token）
     await apiClient.client.post('/oauth/logout');
   } catch (e) {
-    // 忽略错误
+    // 忽略网络错误，仍清除本地凭证
   }
 
-  // 清除本地 Token
   clearToken();
 
-  console.log(chalk.green('✅ Logged out successfully.\n'));
+  console.log(chalk.green('已登出本地凭证'));
+  console.log('');
 }
 
 module.exports = logout;

package/src/commands/run-example.js

@@ -3,6 +3,7 @@ const path = require('path');
 const chalk = require('chalk');
 const inquirer = require('inquirer');
 const YAML = require('yaml');
+const { runExampleAndCollect } = require('../lib/run-example-collect');
 
 /**
  * Run user examples and collect AI responses
@@ -213,60 +214,4 @@ async function addExampleInteractively(skillFilePath, skillContent, model) {
   }
 }
 
-/**
- * 运行示例并收集 AI 响应
- * 这里需要集成 AI API，目前使用模拟数据
- */
-async function runExampleAndCollect(prompt, model) {
-  console.log(chalk.blue('\n🤖 Running example with AI...'));
-  console.log(chalk.gray(`Model: ${model}\n`));
-
-  // 这里应该调用实际的 AI API
-  // 目前模拟一个典型的 AI 响应流程
-  
-  console.log(chalk.gray('Simulating AI response collection...'));
-  console.log(chalk.gray('In production, this would call the AI API and capture:'));
-  console.log(chalk.gray('  1. Thinking steps'));
-  console.log(chalk.gray('  2. Tool calls'));
-  console.log(chalk.gray('  3. Final message\n'));
-
-  // 模拟 AI 响应
-  const simulatedResponses = [
-    {
-      type: 'thinking',
-      content: `Let me analyze this request: "${prompt}". The user wants me to help them with a specific task. I'll break this down into steps and execute the appropriate tools.`
-    },
-    {
-      type: 'toolcall',
-      toolName: 'read_file',
-      toolInput: { path: './README.md' }
-    },
-    {
-      type: 'toolcall',
-      toolName: 'write_file',
-      toolInput: { 
-        path: './output.txt', 
-        content: `Processed: ${prompt}` 
-      }
-    },
-    {
-      type: 'message',
-      content: `I've processed your request: "${prompt}". Here's what I did:\n\n1. Analyzed the requirements\n2. Read the relevant files\n3. Generated the output\n\nThe task is now complete!`
-    }
-  ];
-
-  // 模拟处理时间
-  await new Promise(resolve => setTimeout(resolve, 1000));
-
-  console.log(chalk.gray('Collected responses:'));
-  simulatedResponses.forEach((resp, i) => {
-    const icon = resp.type === 'thinking' ? '💭' : 
-                 resp.type === 'toolcall' ? '🔧' : '💬';
-    console.log(chalk.gray(`  ${icon} [${resp.type}]`));
-  });
-  console.log();
-
-  return simulatedResponses;
-}
-
 module.exports = runExample;