skillscat 0.1.0

package/dist/index.js

@@ -0,0 +1,3595 @@
+#!/usr/bin/env node
+import { Command } from 'commander';
+import pc from 'picocolors';
+import { existsSync, readFileSync, writeFileSync, mkdirSync, chmodSync, unlinkSync, readdirSync, rmSync, realpathSync, statSync } from 'node:fs';
+import { join, dirname, resolve, relative, isAbsolute } from 'node:path';
+import { createHash, randomBytes } from 'node:crypto';
+import os, { platform, homedir, hostname, release } from 'node:os';
+import * as readline from 'node:readline';
+import { spawnSync, execFileSync } from 'node:child_process';
+import { fileURLToPath } from 'node:url';
+import { createServer } from 'node:http';
+
+/**
+ * Parse repository source from various formats
+ */
+function parseSource(source) {
+    // GitHub shorthand: owner/repo
+    const shorthandMatch = source.match(/^([^\/\s]+)\/([^\/\s]+)$/);
+    if (shorthandMatch) {
+        return {
+            platform: 'github',
+            owner: shorthandMatch[1],
+            repo: shorthandMatch[2]
+        };
+    }
+    // GitHub URL: https://github.com/owner/repo or with tree/branch/path
+    const githubMatch = source.match(/github\.com\/([^\/]+)\/([^\/]+)(?:\/tree\/([^\/]+))?(?:\/(.+))?$/);
+    if (githubMatch) {
+        return {
+            platform: 'github',
+            owner: githubMatch[1],
+            repo: githubMatch[2].replace(/\.git$/, ''),
+            branch: githubMatch[3],
+            path: githubMatch[4]
+        };
+    }
+    // GitLab URL: https://gitlab.com/owner/repo or with -/tree/branch/path
+    const gitlabMatch = source.match(/gitlab\.com\/(.+?)(?:\/-\/tree\/([^\/]+))?(?:\/(.+))?$/);
+    if (gitlabMatch) {
+        const fullPath = gitlabMatch[1];
+        const parts = fullPath.split('/').filter(p => p && !p.startsWith('-'));
+        if (parts.length >= 2) {
+            const repo = parts.pop().replace(/\.git$/, '');
+            const owner = parts.join('/');
+            return {
+                platform: 'gitlab',
+                owner,
+                repo,
+                branch: gitlabMatch[2],
+                path: gitlabMatch[3]
+            };
+        }
+    }
+    // Git SSH URL: git@github.com:owner/repo.git
+    const sshMatch = source.match(/git@(github|gitlab)\.com:([^\/]+)\/(.+?)(?:\.git)?$/);
+    if (sshMatch) {
+        return {
+            platform: sshMatch[1],
+            owner: sshMatch[2],
+            repo: sshMatch[3]
+        };
+    }
+    return null;
+}
+/**
+ * Skill discovery directories (in order of priority)
+ */
+const SKILL_DISCOVERY_PATHS = [
+    '', // Root directory
+    'skills',
+    'skills/.curated',
+    'skills/.experimental',
+    'skills/.system',
+    '.opencode/skill',
+    '.claude/skills',
+    '.codex/skills',
+    '.cursor/skills',
+    '.agents/skills',
+    '.kilocode/skills',
+    '.roo/skills',
+    '.goose/skills',
+    '.gemini/skills',
+    '.agent/skills',
+    '.github/skills',
+    './skills',
+    '.factory/skills',
+    '.windsurf/skills'
+];
+/**
+ * Parse SKILL.md frontmatter
+ */
+function parseSkillFrontmatter(content) {
+    const frontmatterMatch = content.match(/^---\n([\s\S]*?)\n---/);
+    if (!frontmatterMatch)
+        return null;
+    const frontmatter = frontmatterMatch[1];
+    const metadata = {};
+    // Parse name
+    const nameMatch = frontmatter.match(/^name:\s*["']?(.+?)["']?\s*$/m);
+    if (nameMatch)
+        metadata.name = nameMatch[1].trim();
+    // Parse description
+    const descMatch = frontmatter.match(/^description:\s*["']?(.+?)["']?\s*$/m);
+    if (descMatch)
+        metadata.description = descMatch[1].trim();
+    // Parse allowed-tools
+    const toolsMatch = frontmatter.match(/^allowed-tools:\s*\[([^\]]+)\]/m);
+    if (toolsMatch) {
+        metadata['allowed-tools'] = toolsMatch[1].split(',').map(t => t.trim().replace(/["']/g, ''));
+    }
+    // Parse model
+    const modelMatch = frontmatter.match(/^model:\s*["']?(.+?)["']?\s*$/m);
+    if (modelMatch)
+        metadata.model = modelMatch[1].trim();
+    // Parse context
+    const contextMatch = frontmatter.match(/^context:\s*["']?(.+?)["']?\s*$/m);
+    if (contextMatch && contextMatch[1].trim() === 'fork')
+        metadata.context = 'fork';
+    if (!metadata.name || !metadata.description)
+        return null;
+    return metadata;
+}
+
+const DEFAULT_REGISTRY_URL$1 = 'https://skills.cat/registry';
+/**
+ * Get the platform-specific config directory
+ * - macOS: ~/Library/Application Support/skillscat/
+ * - Linux: ~/.config/skillscat/
+ * - Windows: %APPDATA%/skillscat/
+ */
+function getConfigDir() {
+    const os = platform();
+    const home = homedir();
+    if (os === 'darwin') {
+        return join(home, 'Library', 'Application Support', 'skillscat');
+    }
+    else if (os === 'win32') {
+        return join(process.env.APPDATA || join(home, 'AppData', 'Roaming'), 'skillscat');
+    }
+    else {
+        // Linux and other Unix-like systems
+        return join(process.env.XDG_CONFIG_HOME || join(home, '.config'), 'skillscat');
+    }
+}
+/**
+ * Get the path to auth.json
+ */
+function getAuthPath() {
+    return join(getConfigDir(), 'auth.json');
+}
+/**
+ * Get the path to settings.json
+ */
+function getSettingsPath() {
+    return join(getConfigDir(), 'settings.json');
+}
+/**
+ * Get the path to installed.json
+ */
+function getInstalledDbPath() {
+    return join(getConfigDir(), 'installed.json');
+}
+/**
+ * Get the cache directory path
+ */
+function getCacheDir() {
+    return join(getConfigDir(), 'cache');
+}
+/**
+ * Ensure the config directory exists
+ */
+function ensureConfigDir$1() {
+    const configDir = getConfigDir();
+    if (!existsSync(configDir)) {
+        mkdirSync(configDir, { recursive: true, mode: 0o700 });
+    }
+    if (process.platform !== 'win32') {
+        try {
+            chmodSync(configDir, 0o700);
+        }
+        catch {
+            // Best-effort permissions hardening.
+        }
+    }
+}
+/**
+ * Load settings from settings.json
+ */
+function loadSettings() {
+    try {
+        const settingsPath = getSettingsPath();
+        if (existsSync(settingsPath)) {
+            const content = readFileSync(settingsPath, 'utf-8');
+            return JSON.parse(content);
+        }
+    }
+    catch {
+        // Ignore errors, return empty settings
+    }
+    return {};
+}
+/**
+ * Save settings to settings.json
+ */
+function saveSettings(settings) {
+    ensureConfigDir$1();
+    const settingsPath = getSettingsPath();
+    writeFileSync(settingsPath, JSON.stringify(settings, null, 2));
+}
+/**
+ * Get a specific setting value
+ */
+function getSetting(key) {
+    const settings = loadSettings();
+    return settings[key];
+}
+/**
+ * Set a specific setting value
+ */
+function setSetting(key, value) {
+    const settings = loadSettings();
+    settings[key] = value;
+    saveSettings(settings);
+}
+/**
+ * Delete a specific setting
+ */
+function deleteSetting(key) {
+    const settings = loadSettings();
+    delete settings[key];
+    saveSettings(settings);
+}
+/**
+ * Get the registry URL (from settings or default)
+ */
+function getRegistryUrl() {
+    return getSetting('registry') || DEFAULT_REGISTRY_URL$1;
+}
+
+const MAX_CACHE_ITEMS = 100;
+const PRUNE_PERCENTAGE = 0.2;
+/**
+ * Get the skills cache directory
+ */
+function getSkillsCacheDir() {
+    return join(getCacheDir(), 'skills');
+}
+/**
+ * Get the cache index file path
+ */
+function getCacheIndexPath() {
+    return join(getCacheDir(), 'index.json');
+}
+/**
+ * Ensure cache directories exist
+ */
+function ensureCacheDir() {
+    const skillsDir = getSkillsCacheDir();
+    if (!existsSync(skillsDir)) {
+        mkdirSync(skillsDir, { recursive: true });
+    }
+}
+/**
+ * Generate a cache key from skill identifier
+ */
+function getCacheKey(owner, repo, skillPath) {
+    const pathPart = skillPath ? skillPath.replace(/\//g, '_').replace(/\.md$/i, '') : 'root';
+    return `${owner}_${repo}_${pathPart}`;
+}
+/**
+ * Calculate SHA256 content hash
+ */
+function calculateContentHash(content) {
+    return 'sha256:' + createHash('sha256').update(content).digest('hex');
+}
+/**
+ * Load the cache index
+ */
+function loadCacheIndex() {
+    try {
+        const indexPath = getCacheIndexPath();
+        if (existsSync(indexPath)) {
+            return JSON.parse(readFileSync(indexPath, 'utf-8'));
+        }
+    }
+    catch {
+        // Ignore errors
+    }
+    return { skills: {} };
+}
+/**
+ * Save the cache index
+ */
+function saveCacheIndex(index) {
+    ensureCacheDir();
+    writeFileSync(getCacheIndexPath(), JSON.stringify(index, null, 2));
+}
+/**
+ * Get cached skill if valid
+ */
+function getCachedSkill(owner, repo, skillPath) {
+    try {
+        const key = getCacheKey(owner, repo, skillPath);
+        const filePath = join(getSkillsCacheDir(), `${key}.json`);
+        if (!existsSync(filePath)) {
+            return null;
+        }
+        const cached = JSON.parse(readFileSync(filePath, 'utf-8'));
+        // Update last accessed time
+        cached.lastAccessedAt = Date.now();
+        writeFileSync(filePath, JSON.stringify(cached, null, 2));
+        // Update index
+        const index = loadCacheIndex();
+        index.skills[key] = { lastAccessedAt: cached.lastAccessedAt };
+        saveCacheIndex(index);
+        return cached;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Cache a skill
+ */
+function cacheSkill(owner, repo, content, source, skillPath, commitSha) {
+    try {
+        ensureCacheDir();
+        const key = getCacheKey(owner, repo, skillPath);
+        const filePath = join(getSkillsCacheDir(), `${key}.json`);
+        const now = Date.now();
+        const cached = {
+            content,
+            contentHash: calculateContentHash(content),
+            commitSha,
+            cachedAt: now,
+            lastAccessedAt: now,
+            source
+        };
+        writeFileSync(filePath, JSON.stringify(cached, null, 2));
+        // Update index
+        const index = loadCacheIndex();
+        index.skills[key] = { lastAccessedAt: now };
+        saveCacheIndex(index);
+        // Prune if needed
+        pruneCache();
+    }
+    catch {
+        // Ignore cache write errors
+    }
+}
+/**
+ * Prune cache to stay under MAX_CACHE_ITEMS
+ * Removes oldest 20% when limit is exceeded
+ */
+function pruneCache(maxItems = MAX_CACHE_ITEMS) {
+    try {
+        const index = loadCacheIndex();
+        const keys = Object.keys(index.skills);
+        if (keys.length <= maxItems) {
+            return;
+        }
+        // Sort by lastAccessedAt (oldest first)
+        const sorted = keys.sort((a, b) => {
+            return (index.skills[a]?.lastAccessedAt || 0) - (index.skills[b]?.lastAccessedAt || 0);
+        });
+        // Remove oldest PRUNE_PERCENTAGE
+        const toRemove = Math.ceil(keys.length * PRUNE_PERCENTAGE);
+        const keysToRemove = sorted.slice(0, toRemove);
+        const skillsDir = getSkillsCacheDir();
+        for (const key of keysToRemove) {
+            try {
+                const filePath = join(skillsDir, `${key}.json`);
+                if (existsSync(filePath)) {
+                    unlinkSync(filePath);
+                }
+                delete index.skills[key];
+            }
+            catch {
+                // Ignore individual file errors
+            }
+        }
+        saveCacheIndex(index);
+    }
+    catch {
+        // Ignore prune errors
+    }
+}
+
+const GITHUB_API$1 = 'https://api.github.com';
+const GITLAB_API = 'https://gitlab.com/api/v4';
+/**
+ * Get default branch for a GitHub repo
+ */
+async function getGitHubDefaultBranch(owner, repo) {
+    const response = await fetch(`${GITHUB_API$1}/repos/${owner}/${repo}`, {
+        headers: {
+            'Accept': 'application/vnd.github+json',
+            'User-Agent': 'skillscat-cli/1.0'
+        }
+    });
+    if (!response.ok) {
+        throw new Error(`Repository not found: ${owner}/${repo}`);
+    }
+    const data = await response.json();
+    return data.default_branch;
+}
+/**
+ * Get default branch for a GitLab repo
+ */
+async function getGitLabDefaultBranch(owner, repo) {
+    const projectPath = encodeURIComponent(`${owner}/${repo}`);
+    const response = await fetch(`${GITLAB_API}/projects/${projectPath}`, {
+        headers: { 'User-Agent': 'skillscat-cli/1.0' }
+    });
+    if (!response.ok) {
+        throw new Error(`Repository not found: ${owner}/${repo}`);
+    }
+    const data = await response.json();
+    return data.default_branch;
+}
+/**
+ * Fetch repository tree from GitHub
+ */
+async function fetchGitHubTree(owner, repo, branch) {
+    const response = await fetch(`${GITHUB_API$1}/repos/${owner}/${repo}/git/trees/${branch}?recursive=1`, {
+        headers: {
+            'Accept': 'application/vnd.github+json',
+            'User-Agent': 'skillscat-cli/1.0'
+        }
+    });
+    if (!response.ok) {
+        throw new Error(`Failed to fetch repository tree`);
+    }
+    const data = await response.json();
+    return data.tree;
+}
+/**
+ * Fetch file content from GitHub
+ */
+async function fetchGitHubFile(owner, repo, path, ref) {
+    const url = ref
+        ? `${GITHUB_API$1}/repos/${owner}/${repo}/contents/${path}?ref=${ref}`
+        : `${GITHUB_API$1}/repos/${owner}/${repo}/contents/${path}`;
+    const response = await fetch(url, {
+        headers: {
+            'Accept': 'application/vnd.github+json',
+            'User-Agent': 'skillscat-cli/1.0'
+        }
+    });
+    if (!response.ok) {
+        throw new Error(`File not found: ${path}`);
+    }
+    const data = await response.json();
+    if (data.encoding === 'base64' && data.content) {
+        return Buffer.from(data.content, 'base64').toString('utf-8');
+    }
+    throw new Error(`Unexpected file encoding: ${data.encoding}`);
+}
+/**
+ * Get file SHA from GitHub (for update checking)
+ */
+async function getGitHubFileSha(owner, repo, path, ref) {
+    const url = ref
+        ? `${GITHUB_API$1}/repos/${owner}/${repo}/contents/${path}?ref=${ref}`
+        : `${GITHUB_API$1}/repos/${owner}/${repo}/contents/${path}`;
+    const response = await fetch(url, {
+        headers: {
+            'Accept': 'application/vnd.github+json',
+            'User-Agent': 'skillscat-cli/1.0'
+        }
+    });
+    if (!response.ok)
+        return null;
+    const data = await response.json();
+    return data.sha;
+}
+/**
+ * Fetch file content from GitLab
+ */
+async function fetchGitLabFile(owner, repo, path, ref) {
+    const projectPath = encodeURIComponent(`${owner}/${repo}`);
+    const filePath = encodeURIComponent(path);
+    const branch = ref || 'main';
+    const response = await fetch(`${GITLAB_API}/projects/${projectPath}/repository/files/${filePath}?ref=${branch}`, {
+        headers: { 'User-Agent': 'skillscat-cli/1.0' }
+    });
+    if (!response.ok) {
+        // Try master branch
+        const masterResponse = await fetch(`${GITLAB_API}/projects/${projectPath}/repository/files/${filePath}?ref=master`, {
+            headers: { 'User-Agent': 'skillscat-cli/1.0' }
+        });
+        if (!masterResponse.ok) {
+            throw new Error(`File not found: ${path}`);
+        }
+        const data = await masterResponse.json();
+        if (data.encoding === 'base64' && data.content) {
+            return Buffer.from(data.content, 'base64').toString('utf-8');
+        }
+        throw new Error(`Unexpected file encoding`);
+    }
+    const data = await response.json();
+    if (data.encoding === 'base64' && data.content) {
+        return Buffer.from(data.content, 'base64').toString('utf-8');
+    }
+    throw new Error(`Unexpected file encoding`);
+}
+/**
+ * Fetch repository tree from GitLab
+ */
+async function fetchGitLabTree(owner, repo, branch) {
+    const projectPath = encodeURIComponent(`${owner}/${repo}`);
+    const items = [];
+    let page = 1;
+    while (true) {
+        const response = await fetch(`${GITLAB_API}/projects/${projectPath}/repository/tree?ref=${branch}&recursive=true&per_page=100&page=${page}`, {
+            headers: { 'User-Agent': 'skillscat-cli/1.0' }
+        });
+        if (!response.ok)
+            break;
+        const data = await response.json();
+        if (data.length === 0)
+            break;
+        items.push(...data);
+        page++;
+        if (data.length < 100)
+            break;
+    }
+    return items;
+}
+/**
+ * Discover skills in a repository
+ */
+async function discoverSkills(source) {
+    const { platform, owner, repo, branch: sourceBranch, path: sourcePath } = source;
+    const skills = [];
+    try {
+        // Get default branch if not specified
+        const branch = sourceBranch || (platform === 'github'
+            ? await getGitHubDefaultBranch(owner, repo)
+            : await getGitLabDefaultBranch(owner, repo));
+        // If a specific path is provided, check only that path
+        if (sourcePath) {
+            const skillPath = sourcePath.endsWith('SKILL.md') ? sourcePath : `${sourcePath}/SKILL.md`;
+            try {
+                const content = platform === 'github'
+                    ? await fetchGitHubFile(owner, repo, skillPath, branch)
+                    : await fetchGitLabFile(owner, repo, skillPath, branch);
+                const metadata = parseSkillFrontmatter(content);
+                if (metadata) {
+                    const sha = platform === 'github'
+                        ? await getGitHubFileSha(owner, repo, skillPath, branch)
+                        : undefined;
+                    skills.push({
+                        name: metadata.name,
+                        description: metadata.description,
+                        path: skillPath,
+                        content,
+                        sha: sha || undefined,
+                        contentHash: calculateContentHash(content)
+                    });
+                }
+            }
+            catch {
+                // Skill not found at path
+            }
+            return skills;
+        }
+        // Fetch repository tree
+        const tree = platform === 'github'
+            ? await fetchGitHubTree(owner, repo, branch)
+            : await fetchGitLabTree(owner, repo, branch);
+        // Find all SKILL.md files
+        const skillFiles = tree.filter(item => item.path.endsWith('SKILL.md') &&
+            (item.type === 'blob' || item.type === 'file'));
+        // Sort by discovery path priority
+        skillFiles.sort((a, b) => {
+            const aDir = a.path.replace(/\/SKILL\.md$/, '');
+            const bDir = b.path.replace(/\/SKILL\.md$/, '');
+            const aPriority = SKILL_DISCOVERY_PATHS.findIndex(p => aDir === p || aDir.startsWith(p + '/'));
+            const bPriority = SKILL_DISCOVERY_PATHS.findIndex(p => bDir === p || bDir.startsWith(p + '/'));
+            // Lower index = higher priority, -1 means not in priority list
+            if (aPriority === -1 && bPriority === -1)
+                return 0;
+            if (aPriority === -1)
+                return 1;
+            if (bPriority === -1)
+                return -1;
+            return aPriority - bPriority;
+        });
+        // Fetch and parse each skill
+        for (const file of skillFiles) {
+            try {
+                const content = platform === 'github'
+                    ? await fetchGitHubFile(owner, repo, file.path, branch)
+                    : await fetchGitLabFile(owner, repo, file.path, branch);
+                const metadata = parseSkillFrontmatter(content);
+                if (metadata) {
+                    skills.push({
+                        name: metadata.name,
+                        description: metadata.description,
+                        path: file.path,
+                        content,
+                        sha: 'sha' in file ? file.sha : undefined,
+                        contentHash: calculateContentHash(content)
+                    });
+                }
+            }
+            catch {
+                // Skip files that can't be fetched
+            }
+        }
+        return skills;
+    }
+    catch (error) {
+        throw error;
+    }
+}
+/**
+ * Fetch a single skill by name from a repository
+ */
+async function fetchSkill$1(source, skillName) {
+    const skills = await discoverSkills(source);
+    return skills.find(s => s.name === skillName) || null;
+}
+
+const CONFIG_FILE = getAuthPath();
+function ensureConfigDir() {
+    ensureConfigDir$1();
+}
+function loadConfig() {
+    try {
+        if (existsSync(CONFIG_FILE)) {
+            const content = readFileSync(CONFIG_FILE, 'utf-8');
+            return JSON.parse(content);
+        }
+    }
+    catch {
+        // Ignore errors, return empty config
+    }
+    return {};
+}
+function saveConfig(config) {
+    ensureConfigDir();
+    writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2), { mode: 0o600 });
+    if (process.platform !== 'win32') {
+        try {
+            chmodSync(CONFIG_FILE, 0o600);
+        }
+        catch {
+            // Best-effort permissions hardening.
+        }
+    }
+}
+function clearConfig() {
+    try {
+        if (existsSync(CONFIG_FILE)) {
+            unlinkSync(CONFIG_FILE);
+        }
+    }
+    catch {
+        // Ignore errors
+    }
+}
+/**
+ * Get the base URL for the API (derived from registry URL)
+ */
+function getBaseUrl() {
+    const registryUrl = getRegistryUrl();
+    // Remove /registry suffix to get base URL
+    return registryUrl.replace(/\/registry$/, '');
+}
+/**
+ * Get client info for device authorization
+ */
+function getClientInfo() {
+    return {
+        os: `${platform()} ${release()}`,
+        hostname: hostname(),
+        version: '0.1.0',
+    };
+}
+/**
+ * Refresh the access token using the refresh token
+ */
+async function refreshAccessToken(refreshToken) {
+    try {
+        const response = await fetch(`${getBaseUrl()}/api/device/refresh`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ refresh_token: refreshToken }),
+        });
+        if (!response.ok) {
+            return null;
+        }
+        const data = await response.json();
+        const now = Date.now();
+        const result = {
+            accessToken: data.access_token,
+            accessTokenExpiresAt: now + data.expires_in * 1000,
+        };
+        if (data.refresh_token) {
+            result.refreshToken = data.refresh_token;
+            result.refreshTokenExpiresAt = now + (data.refresh_expires_in ?? 7776000) * 1000;
+        }
+        return result;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Get a valid access token, refreshing if necessary
+ */
+async function getValidToken() {
+    const config = loadConfig();
+    if (!config.accessToken) {
+        return null;
+    }
+    // API tokens set via `login --token` may not have an expiry timestamp.
+    if (!config.accessTokenExpiresAt) {
+        return config.accessToken;
+    }
+    // Check if access token is still valid (with 5 minute buffer)
+    const now = Date.now();
+    const bufferMs = 5 * 60 * 1000;
+    if (config.accessTokenExpiresAt && config.accessTokenExpiresAt - now > bufferMs) {
+        return config.accessToken;
+    }
+    // Token expired or expiring soon, try to refresh
+    if (config.refreshToken) {
+        // Check if refresh token is still valid
+        if (config.refreshTokenExpiresAt && config.refreshTokenExpiresAt < now) {
+            return null; // Refresh token expired, need to re-login
+        }
+        const newTokens = await refreshAccessToken(config.refreshToken);
+        if (newTokens) {
+            // Update config with new tokens
+            const updatedConfig = {
+                ...config,
+                accessToken: newTokens.accessToken,
+                accessTokenExpiresAt: newTokens.accessTokenExpiresAt,
+            };
+            if (newTokens.refreshToken) {
+                updatedConfig.refreshToken = newTokens.refreshToken;
+                updatedConfig.refreshTokenExpiresAt = newTokens.refreshTokenExpiresAt;
+            }
+            saveConfig(updatedConfig);
+            return newTokens.accessToken;
+        }
+    }
+    return null; // Could not refresh, need to re-login
+}
+/**
+ * Validate an access token by calling token auth endpoint.
+ */
+async function validateAccessToken(token) {
+    try {
+        const response = await fetch(`${getBaseUrl()}/api/tokens/validate`, {
+            headers: {
+                'Authorization': `Bearer ${token}`,
+                'Content-Type': 'application/json',
+            },
+        });
+        if (!response.ok) {
+            return null;
+        }
+        const data = await response.json();
+        if (!data.success) {
+            return null;
+        }
+        return data.user ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Set token directly (for --token flag)
+ */
+function setToken(token, user) {
+    const config = {
+        accessToken: token,
+        user,
+    };
+    saveConfig(config);
+}
+/**
+ * Set tokens from device authorization flow
+ */
+function setTokens(tokens) {
+    const config = {
+        accessToken: tokens.accessToken,
+        accessTokenExpiresAt: tokens.accessTokenExpiresAt,
+        refreshToken: tokens.refreshToken,
+        refreshTokenExpiresAt: tokens.refreshTokenExpiresAt,
+        user: tokens.user,
+    };
+    saveConfig(config);
+}
+function isAuthenticated() {
+    const config = loadConfig();
+    return !!config.accessToken;
+}
+function getUser() {
+    const config = loadConfig();
+    return config.user;
+}
+/**
+ * Generate a random state parameter for CSRF protection
+ */
+function generateRandomState() {
+    return randomBytes(32).toString('hex');
+}
+/**
+ * Generate a PKCE code verifier (43-128 chars, cryptographically random)
+ * Using 64 bytes = 86 chars base64url (within 43-128 range)
+ */
+function generateCodeVerifier() {
+    return randomBytes(64).toString('base64url');
+}
+/**
+ * Compute PKCE code challenge from verifier using SHA-256
+ * Returns base64url encoded hash (no padding)
+ */
+function computeCodeChallenge(verifier) {
+    return createHash('sha256').update(verifier).digest('base64url');
+}
+/**
+ * Initialize a CLI auth session
+ */
+async function initAuthSession(baseUrl, callbackUrl, state, clientInfo, pkce) {
+    const url = `${baseUrl}/auth/init`;
+    let response;
+    try {
+        response = await fetch(url, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                callback_url: callbackUrl,
+                state,
+                client_info: clientInfo,
+                code_challenge: pkce?.codeChallenge,
+                code_challenge_method: pkce?.codeChallengeMethod,
+            }),
+        });
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : 'Unknown error';
+        throw new Error(`Connection failed to ${url}: ${message}`);
+    }
+    if (!response.ok) {
+        const errorText = await response.text().catch(() => 'Unable to read response');
+        throw new Error(`HTTP ${response.status} from ${url}: ${errorText}`);
+    }
+    return response.json();
+}
+/**
+ * Exchange auth code for tokens
+ */
+async function exchangeCodeForTokens(baseUrl, code, sessionId, codeVerifier) {
+    const response = await fetch(`${baseUrl}/auth/token`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            code,
+            session_id: sessionId,
+            code_verifier: codeVerifier,
+        }),
+    });
+    if (!response.ok) {
+        const data = await response.json();
+        throw new Error(data.error || 'Failed to exchange code for tokens');
+    }
+    return response.json();
+}
+
+let verboseEnabled = false;
+/**
+ * Enable or disable verbose mode
+ */
+function setVerbose(enabled) {
+    verboseEnabled = enabled;
+}
+/**
+ * Check if verbose mode is enabled
+ */
+function isVerbose() {
+    return verboseEnabled;
+}
+/**
+ * Log a message only if verbose mode is enabled
+ */
+function verboseLog(message, ...args) {
+    if (!verboseEnabled)
+        return;
+    console.log(pc.dim(`[verbose] ${message}`), ...args);
+}
+/**
+ * Log request details
+ */
+function verboseRequest(method, url, headers) {
+    if (!verboseEnabled)
+        return;
+    console.log(pc.dim(`[verbose] ${pc.cyan(method)} ${url}`));
+    if (headers) {
+        for (const [key, value] of Object.entries(headers)) {
+            // Mask authorization header
+            const displayValue = key.toLowerCase() === 'authorization' ? '***' : value;
+            console.log(pc.dim(`[verbose]   ${key}: ${displayValue}`));
+        }
+    }
+}
+/**
+ * Log response details
+ */
+function verboseResponse(status, statusText, timing) {
+    if (!verboseEnabled)
+        return;
+    const statusColor = status >= 400 ? pc.red : status >= 300 ? pc.yellow : pc.green;
+    let message = `[verbose] ${statusColor(`${status} ${statusText}`)}`;
+    if (timing !== undefined) {
+        message += pc.dim(` (${timing}ms)`);
+    }
+    console.log(pc.dim(message));
+}
+/**
+ * Log config file locations
+ */
+function verboseConfig() {
+    if (!verboseEnabled)
+        return;
+    console.log(pc.dim('[verbose] Configuration:'));
+    console.log(pc.dim(`[verbose]   Config dir: ${getConfigDir()}`));
+    console.log(pc.dim(`[verbose]   Auth file: ${getAuthPath()}`));
+    console.log(pc.dim(`[verbose]   Settings file: ${getSettingsPath()}`));
+    console.log(pc.dim(`[verbose]   Installed DB: ${getInstalledDbPath()}`));
+    console.log(pc.dim(`[verbose]   Registry URL: ${getRegistryUrl()}`));
+}
+
+/**
+ * Network error codes and their friendly messages
+ */
+const NETWORK_ERRORS = {
+    ECONNREFUSED: 'Connection refused. The server may be down or unreachable.',
+    ENOTFOUND: 'Could not resolve hostname. Check your internet connection.',
+    ETIMEDOUT: 'Connection timed out. The server may be slow or unreachable.',
+    ECONNRESET: 'Connection was reset. Please try again.',
+    EPIPE: 'Connection was closed unexpectedly.',
+    EHOSTUNREACH: 'Host is unreachable. Check your network connection.',
+    ENETUNREACH: 'Network is unreachable. Check your internet connection.',
+    ECONNABORTED: 'Connection was aborted.',
+    EAI_AGAIN: 'DNS lookup timed out. Please try again.',
+    CERT_HAS_EXPIRED: 'SSL certificate has expired.',
+    DEPTH_ZERO_SELF_SIGNED_CERT: 'Self-signed certificate detected.',
+    UNABLE_TO_VERIFY_LEAF_SIGNATURE: 'Unable to verify SSL certificate.',
+    SELF_SIGNED_CERT_IN_CHAIN: 'Self-signed certificate in chain.',
+    UNABLE_TO_GET_ISSUER_CERT: 'Unable to get certificate issuer.',
+};
+/**
+ * HTTP status codes and their friendly messages
+ */
+const HTTP_ERRORS = {
+    400: 'Bad request. Please check your input.',
+    401: 'Authentication required. Run `skillscat login` first.',
+    403: 'Access denied. You do not have permission for this action.',
+    404: 'Not found. The requested resource does not exist.',
+    408: 'Request timed out. Please try again.',
+    429: 'Rate limit exceeded. Please wait and try again later.',
+    500: 'Server error. Please try again later.',
+    502: 'Bad gateway. The server may be temporarily unavailable.',
+    503: 'Service unavailable. Please try again later.',
+    504: 'Gateway timeout. The server is taking too long to respond.',
+};
+/**
+ * Parse a network error and return a friendly message
+ */
+function parseNetworkError(error) {
+    if (error instanceof Error) {
+        const code = error.code;
+        if (code && NETWORK_ERRORS[code]) {
+            const isRetryable = ['ETIMEDOUT', 'ECONNRESET', 'EAI_AGAIN'].includes(code);
+            return {
+                message: NETWORK_ERRORS[code],
+                suggestion: isRetryable ? 'Try again in a few moments.' : 'Check your network settings.',
+                isRetryable,
+            };
+        }
+        // Check for SSL/TLS errors in message
+        if (error.message.includes('certificate') || error.message.includes('SSL') || error.message.includes('TLS')) {
+            return {
+                message: 'SSL/TLS certificate error.',
+                suggestion: 'The server certificate may be invalid or expired.',
+                isRetryable: false,
+            };
+        }
+        // Generic fetch error
+        if (error.message.includes('fetch')) {
+            return {
+                message: 'Unable to connect to the server.',
+                suggestion: 'Check your internet connection and try again.',
+                isRetryable: true,
+            };
+        }
+    }
+    return {
+        message: 'An unexpected network error occurred.',
+        suggestion: 'Please try again.',
+        isRetryable: true,
+    };
+}
+/**
+ * Parse an HTTP error and return a friendly message
+ */
+function parseHttpError(status, statusText) {
+    const message = HTTP_ERRORS[status] || `HTTP error ${status}${statusText ? `: ${statusText}` : ''}`;
+    const isRetryable = status >= 500 || status === 408 || status === 429;
+    let suggestion;
+    if (status === 401) {
+        suggestion = 'Run `skillscat login` to authenticate.';
+    }
+    else if (status === 429) {
+        suggestion = 'Wait a few minutes before trying again.';
+    }
+    else if (isRetryable) {
+        suggestion = 'Try again in a few moments.';
+    }
+    return { message, suggestion, isRetryable };
+}
+
+/**
+ * Parse a skill slug into owner and name components
+ * @param slug - Skill slug in format "owner/name"
+ * @returns Object with owner and name
+ * @throws Error if slug format is invalid
+ */
+function parseSlug(slug) {
+    const match = slug.match(/^([^/]+)\/(.+)$/);
+    if (!match) {
+        throw new Error(`Invalid slug format: ${slug}. Expected format: owner/name`);
+    }
+    return { owner: match[1], name: match[2] };
+}
+
+const GITHUB_API = 'https://api.github.com';
+async function getAuthHeaders() {
+    const token = await getValidToken();
+    const headers = {
+        'Content-Type': 'application/json',
+        'User-Agent': 'skillscat-cli/0.1.0',
+    };
+    if (token) {
+        headers['Authorization'] = `Bearer ${token}`;
+    }
+    return headers;
+}
+/**
+ * Parse GitHub URL to extract owner, repo, and skill path
+ */
+function parseGitHubUrl(url) {
+    // Match: https://github.com/owner/repo or https://github.com/owner/repo/tree/branch/path
+    const match = url.match(/github\.com\/([^\/]+)\/([^\/]+)(?:\/tree\/[^\/]+\/(.+))?/);
+    if (!match)
+        return null;
+    return {
+        owner: match[1],
+        repo: match[2].replace(/\.git$/, ''),
+        skillPath: match[3]
+    };
+}
+/**
+ * Fetch SKILL.md content directly from GitHub
+ */
+async function fetchFromGitHub(owner, repo, skillPath) {
+    const path = skillPath ? `${skillPath}/SKILL.md` : 'SKILL.md';
+    const url = `${GITHUB_API}/repos/${owner}/${repo}/contents/${path}`;
+    verboseLog(`Fetching from GitHub: ${url}`);
+    try {
+        const response = await fetch(url, {
+            headers: {
+                'Accept': 'application/vnd.github+json',
+                'User-Agent': 'skillscat-cli/0.1.0'
+            }
+        });
+        if (!response.ok) {
+            verboseLog(`GitHub fetch failed: ${response.status}`);
+            return null;
+        }
+        const data = await response.json();
+        if (data.encoding === 'base64' && data.content) {
+            return Buffer.from(data.content, 'base64').toString('utf-8');
+        }
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+async function fetchSkill(skillIdentifier) {
+    const { owner, name } = parseSlug(skillIdentifier);
+    const registryUrl = getRegistryUrl();
+    const url = `${registryUrl}/skill/${owner}/${name}`;
+    const headers = await getAuthHeaders();
+    const startTime = Date.now();
+    verboseRequest('GET', url, headers);
+    try {
+        const response = await fetch(url, { headers });
+        verboseResponse(response.status, response.statusText, Date.now() - startTime);
+        if (!response.ok) {
+            if (response.status === 404) {
+                return null;
+            }
+            const error = parseHttpError(response.status, response.statusText);
+            throw new Error(error.message);
+        }
+        const skill = await response.json();
+        // For private skills, return as-is (content from R2)
+        if (skill.visibility === 'private') {
+            verboseLog('Private skill - using registry content');
+            return skill;
+        }
+        // For public skills, try to use cache or fetch from GitHub
+        const githubInfo = skill.githubUrl ? parseGitHubUrl(skill.githubUrl) : null;
+        if (!githubInfo) {
+            verboseLog('No GitHub URL - using registry content');
+            return skill;
+        }
+        const { owner, repo, skillPath } = githubInfo;
+        // Check local cache first
+        const cached = getCachedSkill(owner, repo, skillPath);
+        if (cached) {
+            // If we have a contentHash from registry, validate cache
+            if (skill.contentHash && cached.contentHash === skill.contentHash) {
+                verboseLog('Using cached version (hash match)');
+                return { ...skill, content: cached.content };
+            }
+            // If no contentHash from registry, use cache if recent (< 1 hour)
+            if (!skill.contentHash && Date.now() - cached.cachedAt < 3600000) {
+                verboseLog('Using cached version (recent)');
+                return { ...skill, content: cached.content };
+            }
+        }
+        // Fetch fresh content from GitHub
+        verboseLog('Fetching from GitHub...');
+        const githubContent = await fetchFromGitHub(owner, repo, skillPath);
+        if (githubContent) {
+            // Cache the content
+            cacheSkill(owner, repo, githubContent, 'github', skillPath);
+            verboseLog('Cached GitHub content');
+            return {
+                ...skill,
+                content: githubContent,
+                contentHash: calculateContentHash(githubContent)
+            };
+        }
+        // Fall back to registry content (R2)
+        verboseLog('GitHub fetch failed - using registry content');
+        if (skill.content) {
+            cacheSkill(owner, repo, skill.content, 'registry', skillPath);
+        }
+        return skill;
+    }
+    catch (error) {
+        if (error instanceof Error && !error.message.includes('Authentication') && !error.message.includes('Access denied')) {
+            const networkError = parseNetworkError(error);
+            throw new Error(networkError.message);
+        }
+        throw error;
+    }
+}
+
+function sanitizeSkillDirName(skillName) {
+    const sanitized = skillName
+        .replace(/[\\/]/g, '-')
+        .replace(/[<>:"|?*]/g, '-')
+        .replace(/[\x00-\x1f\x7f]/g, '')
+        .trim()
+        .replace(/\s+/g, ' ')
+        .replace(/^\.+/, '')
+        .replace(/[. ]+$/, '');
+    if (!sanitized || sanitized === '.' || sanitized === '..') {
+        return 'skill';
+    }
+    return sanitized;
+}
+const AGENTS = [
+    {
+        id: 'amp',
+        name: 'Amp',
+        projectPath: '.agents/skills/',
+        globalPath: join(homedir(), '.config', 'agents', 'skills')
+    },
+    {
+        id: 'antigravity',
+        name: 'Antigravity',
+        projectPath: '.agent/skills/',
+        globalPath: join(homedir(), '.gemini', 'antigravity', 'skills')
+    },
+    {
+        id: 'claude-code',
+        name: 'Claude Code',
+        projectPath: '.claude/skills/',
+        globalPath: join(homedir(), '.claude', 'skills')
+    },
+    {
+        id: 'clawdbot',
+        name: 'Clawdbot',
+        projectPath: 'skills/',
+        globalPath: join(homedir(), '.clawdbot', 'skills')
+    },
+    {
+        id: 'codebuddy',
+        name: 'CodeBuddy',
+        projectPath: '.codebuddy/skills/',
+        globalPath: join(homedir(), '.codebuddy', 'skills')
+    },
+    {
+        id: 'codex',
+        name: 'Codex',
+        projectPath: '.codex/skills/',
+        globalPath: join(homedir(), '.codex', 'skills')
+    },
+    {
+        id: 'cursor',
+        name: 'Cursor',
+        projectPath: '.cursor/skills/',
+        globalPath: join(homedir(), '.cursor', 'skills')
+    },
+    {
+        id: 'droid',
+        name: 'Droid',
+        projectPath: '.factory/skills/',
+        globalPath: join(homedir(), '.factory', 'skills')
+    },
+    {
+        id: 'gemini-cli',
+        name: 'Gemini CLI',
+        projectPath: '.gemini/skills/',
+        globalPath: join(homedir(), '.gemini', 'skills')
+    },
+    {
+        id: 'github-copilot',
+        name: 'GitHub Copilot',
+        projectPath: '.github/skills/',
+        globalPath: join(homedir(), '.copilot', 'skills')
+    },
+    {
+        id: 'goose',
+        name: 'Goose',
+        projectPath: '.goose/skills/',
+        globalPath: join(homedir(), '.config', 'goose', 'skills')
+    },
+    {
+        id: 'kilo-code',
+        name: 'Kilo Code',
+        projectPath: '.kilocode/skills/',
+        globalPath: join(homedir(), '.kilocode', 'skills')
+    },
+    {
+        id: 'kiro-cli',
+        name: 'Kiro CLI',
+        projectPath: '.kiro/skills/',
+        globalPath: join(homedir(), '.kiro', 'skills')
+    },
+    {
+        id: 'neovate',
+        name: 'Neovate',
+        projectPath: '.neovate/skills/',
+        globalPath: join(homedir(), '.neovate', 'skills')
+    },
+    {
+        id: 'opencode',
+        name: 'OpenCode',
+        projectPath: '.opencode/skill/',
+        globalPath: join(homedir(), '.config', 'opencode', 'skill')
+    },
+    {
+        id: 'qoder',
+        name: 'Qoder',
+        projectPath: '.qoder/skills/',
+        globalPath: join(homedir(), '.qoder', 'skills')
+    },
+    {
+        id: 'roo-code',
+        name: 'Roo Code',
+        projectPath: '.roo/skills/',
+        globalPath: join(homedir(), '.roo', 'skills')
+    },
+    {
+        id: 'trae',
+        name: 'Trae',
+        projectPath: '.trae/skills/',
+        globalPath: join(homedir(), '.trae', 'skills')
+    },
+    {
+        id: 'windsurf',
+        name: 'Windsurf',
+        projectPath: '.windsurf/skills/',
+        globalPath: join(homedir(), '.codeium', 'windsurf', 'skills')
+    }
+];
+/**
+ * Detect which agents are installed by checking for their config directories
+ */
+function detectInstalledAgents() {
+    return AGENTS.filter(agent => {
+        // Check if global path exists (indicating agent is installed)
+        const globalDir = agent.globalPath.replace(/\/skills\/?$/, '').replace(/\/skill\/?$/, '');
+        return existsSync(globalDir);
+    });
+}
+/**
+ * Get agent by ID
+ */
+function getAgentById(id) {
+    return AGENTS.find(a => a.id === id || a.id === id.toLowerCase().replace(/\s+/g, '-'));
+}
+/**
+ * Get agents by IDs
+ */
+function getAgentsByIds(ids) {
+    return ids.map(id => getAgentById(id)).filter((a) => a !== undefined);
+}
+/**
+ * Get skill installation path for an agent
+ */
+function getSkillPath(agent, skillName, global) {
+    const basePath = global ? agent.globalPath : join(process.cwd(), agent.projectPath);
+    return join(basePath, sanitizeSkillDirName(skillName));
+}
+
+const CURRENT_DB_VERSION = 2;
+function defaultDb() {
+    return { version: CURRENT_DB_VERSION, skills: [] };
+}
+function normalizeSource(raw) {
+    if (!raw || typeof raw !== 'object')
+        return undefined;
+    const source = raw;
+    if ((source.platform !== 'github' && source.platform !== 'gitlab') ||
+        typeof source.owner !== 'string' ||
+        typeof source.repo !== 'string') {
+        return undefined;
+    }
+    return {
+        platform: source.platform,
+        owner: source.owner,
+        repo: source.repo,
+        branch: typeof source.branch === 'string' ? source.branch : undefined,
+        path: typeof source.path === 'string' ? source.path : undefined,
+    };
+}
+function getUpdateStrategy$1(skill) {
+    if (skill.updateStrategy === 'registry')
+        return 'registry';
+    if (skill.updateStrategy === 'git')
+        return 'git';
+    return skill.registrySlug ? 'registry' : 'git';
+}
+function normalizeSkill(raw) {
+    if (!raw || typeof raw !== 'object')
+        return null;
+    const candidate = raw;
+    if (typeof candidate.name !== 'string')
+        return null;
+    if (!Array.isArray(candidate.agents))
+        return null;
+    if (typeof candidate.global !== 'boolean')
+        return null;
+    if (typeof candidate.installedAt !== 'number')
+        return null;
+    const path = typeof candidate.path === 'string' && candidate.path ? candidate.path : 'SKILL.md';
+    const registrySlug = typeof candidate.registrySlug === 'string' ? candidate.registrySlug : undefined;
+    const source = normalizeSource(candidate.source);
+    return {
+        name: candidate.name,
+        description: typeof candidate.description === 'string' ? candidate.description : '',
+        source,
+        registrySlug,
+        updateStrategy: getUpdateStrategy$1({
+            updateStrategy: candidate.updateStrategy,
+            registrySlug,
+        }),
+        agents: Array.from(new Set(candidate.agents.filter((id) => typeof id === 'string'))),
+        global: candidate.global,
+        installedAt: candidate.installedAt,
+        sha: typeof candidate.sha === 'string' ? candidate.sha : undefined,
+        path,
+        contentHash: typeof candidate.contentHash === 'string' ? candidate.contentHash : undefined,
+    };
+}
+function loadDb() {
+    const dbPath = getInstalledDbPath();
+    if (!existsSync(dbPath)) {
+        return defaultDb();
+    }
+    try {
+        const content = readFileSync(dbPath, 'utf-8');
+        const parsed = JSON.parse(content);
+        if (!parsed || !Array.isArray(parsed.skills)) {
+            return defaultDb();
+        }
+        const normalized = parsed.skills
+            .map((skill) => normalizeSkill(skill))
+            .filter((skill) => skill !== null);
+        return {
+            version: CURRENT_DB_VERSION,
+            skills: normalized,
+        };
+    }
+    catch {
+        return defaultDb();
+    }
+}
+function saveDb(db) {
+    ensureConfigDir$1();
+    const dbPath = getInstalledDbPath();
+    writeFileSync(dbPath, JSON.stringify({ version: CURRENT_DB_VERSION, skills: db.skills }, null, 2), 'utf-8');
+}
+function sameSource(a, b) {
+    if (!a && !b)
+        return true;
+    if (!a || !b)
+        return false;
+    return (a.platform === b.platform &&
+        a.owner === b.owner &&
+        a.repo === b.repo &&
+        (a.branch ?? '') === (b.branch ?? '') &&
+        (a.path ?? '') === (b.path ?? ''));
+}
+function sameInstallationIdentity(a, b) {
+    return (a.name === b.name &&
+        a.global === b.global &&
+        a.path === b.path &&
+        (a.registrySlug ?? '') === (b.registrySlug ?? '') &&
+        getUpdateStrategy$1(a) === getUpdateStrategy$1(b) &&
+        sameSource(a.source, b.source));
+}
+/**
+ * Record a skill installation
+ */
+function recordInstallation(skill) {
+    const db = loadDb();
+    const normalized = normalizeSkill(skill);
+    if (!normalized) {
+        return;
+    }
+    // Replace only exact same installation identity.
+    db.skills = db.skills.filter((existing) => !sameInstallationIdentity(existing, normalized));
+    db.skills.push(normalized);
+    saveDb(db);
+}
+/**
+ * Remove a skill record
+ */
+function removeInstallation(skillName, options) {
+    const db = loadDb();
+    const targetAgents = options?.agents;
+    db.skills = db.skills.flatMap((skill) => {
+        if (skill.name !== skillName) {
+            return [skill];
+        }
+        if (options?.source) {
+            if (!sameSource(skill.source, options.source)) {
+                return [skill];
+            }
+        }
+        if (options?.global !== undefined && skill.global !== options.global) {
+            return [skill];
+        }
+        if (targetAgents && targetAgents.length > 0) {
+            const remainingAgents = skill.agents.filter((agentId) => !targetAgents.includes(agentId));
+            if (remainingAgents.length === 0) {
+                return [];
+            }
+            return [{ ...skill, agents: remainingAgents }];
+        }
+        return [];
+    });
+    saveDb(db);
+}
+/**
+ * Get all installed skills
+ */
+function getInstalledSkills() {
+    const db = loadDb();
+    return db.skills;
+}
+
+/**
+ * Track a skill installation on the server.
+ * Non-blocking, fail-silent — should never interrupt the install flow.
+ */
+async function trackInstallation(slug) {
+    try {
+        const baseUrl = getBaseUrl();
+        const token = await getValidToken();
+        const headers = {
+            'Content-Type': 'application/json',
+            'User-Agent': 'skillscat-cli/0.1.0',
+        };
+        if (token) {
+            headers['Authorization'] = `Bearer ${token}`;
+        }
+        await fetch(`${baseUrl}/api/skills/${encodeURIComponent(slug)}/track-install`, {
+            method: 'POST',
+            headers,
+        });
+    }
+    catch {
+        // Fail silently — tracking should never block installation
+    }
+}
+
+function success(message) {
+    console.log(pc.green('✔') + ' ' + message);
+}
+function error(message) {
+    console.error(pc.red('✖') + ' ' + message);
+}
+function warn(message) {
+    console.warn(pc.yellow('⚠') + ' ' + message);
+}
+function info$1(message) {
+    console.log(pc.blue('ℹ') + ' ' + message);
+}
+function spinner(message) {
+    const frames = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏'];
+    let i = 0;
+    process.stdout.write(pc.cyan(frames[0]) + ' ' + message);
+    const interval = setInterval(() => {
+        i = (i + 1) % frames.length;
+        process.stdout.write('\r' + pc.cyan(frames[i]) + ' ' + message);
+    }, 80);
+    return {
+        stop: (succeeded = true) => {
+            clearInterval(interval);
+            process.stdout.write('\r');
+            if (succeeded) {
+                console.log(pc.green('✔') + ' ' + message);
+            }
+            else {
+                console.log(pc.red('✖') + ' ' + message);
+            }
+        },
+    };
+}
+function prompt(question) {
+    const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout,
+    });
+    return new Promise((resolve) => {
+        rl.question(question, (answer) => {
+            rl.close();
+            resolve(answer);
+        });
+    });
+}
+function box(content, title) {
+    const lines = content.split('\n');
+    const maxLength = Math.max(...lines.map((l) => l.length), title?.length || 0);
+    const width = maxLength + 4;
+    const top = '╭' + '─'.repeat(width - 2) + '╮';
+    const bottom = '╰' + '─'.repeat(width - 2) + '╯';
+    console.log(pc.dim(top));
+    if (title) {
+        console.log(pc.dim('│') + ' ' + pc.bold(title.padEnd(width - 3)) + pc.dim('│'));
+        console.log(pc.dim('│') + '─'.repeat(width - 2) + pc.dim('│'));
+    }
+    for (const line of lines) {
+        console.log(pc.dim('│') + ' ' + line.padEnd(width - 3) + pc.dim('│'));
+    }
+    console.log(pc.dim(bottom));
+}
+
+async function add(source, options) {
+    // Parse source
+    const repoSource = parseSource(source);
+    if (!repoSource) {
+        error('Invalid source. Supported formats:');
+        console.log(pc.dim('  owner/repo'));
+        console.log(pc.dim('  https://github.com/owner/repo'));
+        console.log(pc.dim('  https://gitlab.com/owner/repo'));
+        process.exit(1);
+    }
+    const sourceLabel = `${repoSource.owner}/${repoSource.repo}`;
+    info$1(`Fetching skills from ${pc.cyan(sourceLabel)}...`);
+    // Check cache first for each potential skill path
+    const cached = getCachedSkill(repoSource.owner, repoSource.repo, repoSource.path);
+    if (cached && !options.force) {
+        verboseLog('Found cached skill content');
+    }
+    // Discover skills
+    const discoverSpinner = spinner('Discovering skills');
+    let skills;
+    let installSource = repoSource;
+    let trackingSlug = `${repoSource.owner}/${repoSource.repo}`;
+    let updateStrategy = 'git';
+    let cacheOwner = repoSource.owner;
+    let cacheRepo = repoSource.repo;
+    let cachePath = repoSource.path;
+    let registrySlug;
+    try {
+        skills = await discoverSkills(repoSource);
+    }
+    catch (err) {
+        // GitHub/GitLab discovery failed — try the registry as fallback
+        verboseLog(`Git discovery failed: ${err instanceof Error ? err.message : 'unknown'}`);
+        verboseLog('Trying registry fallback...');
+        try {
+            const registrySkill = await fetchSkill(source);
+            if (registrySkill && registrySkill.content) {
+                const parsedGitSource = getSourceFromRegistrySkill(registrySkill);
+                installSource = parsedGitSource ?? installSource;
+                updateStrategy = 'registry';
+                registrySlug = getRegistrySlug$1(registrySkill, source);
+                trackingSlug = registrySlug;
+                if (parsedGitSource) {
+                    cacheOwner = parsedGitSource.owner;
+                    cacheRepo = parsedGitSource.repo;
+                    cachePath = parsedGitSource.path || registrySkill.skillPath;
+                }
+                else if (registrySkill.owner && registrySkill.repo) {
+                    cacheOwner = registrySkill.owner;
+                    cacheRepo = registrySkill.repo;
+                    cachePath = registrySkill.skillPath;
+                }
+                skills = [{
+                        name: registrySkill.name,
+                        description: registrySkill.description || '',
+                        path: registrySkill.skillPath
+                            ? (registrySkill.skillPath.endsWith('SKILL.md') ? registrySkill.skillPath : `${registrySkill.skillPath}/SKILL.md`)
+                            : 'SKILL.md',
+                        content: registrySkill.content,
+                        contentHash: registrySkill.contentHash,
+                    }];
+            }
+            else {
+                discoverSpinner.stop(false);
+                error(err instanceof Error ? err.message : 'Failed to discover skills');
+                process.exit(1);
+            }
+        }
+        catch {
+            discoverSpinner.stop(false);
+            error(err instanceof Error ? err.message : 'Failed to discover skills');
+            process.exit(1);
+        }
+    }
+    discoverSpinner.stop(true);
+    if (skills.length === 0) {
+        warn('No skills found in this repository.');
+        console.log(pc.dim('Make sure the repository contains SKILL.md files with valid frontmatter.'));
+        process.exit(1);
+    }
+    // List mode - just show skills and exit
+    if (options.list) {
+        console.log();
+        console.log(pc.bold(`Found ${skills.length} skill(s):`));
+        console.log();
+        for (const skill of skills) {
+            console.log(`  ${pc.cyan(skill.name)}`);
+            console.log(`  ${pc.dim(skill.description)}`);
+            console.log(`  ${pc.dim(`Path: ${skill.path}`)}`);
+            console.log();
+        }
+        console.log(pc.dim('─'.repeat(50)));
+        console.log(pc.dim('Install with:'));
+        console.log(`  ${pc.cyan(`npx skillscat add ${source}`)}`);
+        return;
+    }
+    // Filter skills by name if specified
+    let selectedSkills = skills;
+    if (options.skill && options.skill.length > 0) {
+        selectedSkills = skills.filter(s => options.skill.some(name => s.name.toLowerCase() === name.toLowerCase()));
+        if (selectedSkills.length === 0) {
+            error(`No skills found matching: ${options.skill.join(', ')}`);
+            console.log(pc.dim('Available skills:'));
+            for (const skill of skills) {
+                console.log(pc.dim(`  - ${skill.name}`));
+            }
+            process.exit(1);
+        }
+    }
+    // Detect or select agents
+    let targetAgents;
+    if (options.agent && options.agent.length > 0) {
+        targetAgents = getAgentsByIds(options.agent);
+        if (targetAgents.length === 0) {
+            error(`Invalid agent(s): ${options.agent.join(', ')}`);
+            console.log(pc.dim('Available agents:'));
+            for (const agent of AGENTS) {
+                console.log(pc.dim(`  - ${agent.id} (${agent.name})`));
+            }
+            process.exit(1);
+        }
+    }
+    else {
+        // Auto-detect installed agents
+        targetAgents = detectInstalledAgents();
+        if (targetAgents.length === 0) {
+            // No agents detected, ask user
+            if (!options.yes) {
+                console.log();
+                warn('No coding agents detected.');
+                console.log(pc.dim('Select agents to install skills for:'));
+                console.log();
+                for (let i = 0; i < AGENTS.length; i++) {
+                    console.log(`  ${pc.dim(`${i + 1}.`)} ${AGENTS[i].name} (${AGENTS[i].id})`);
+                }
+                console.log();
+                const response = await prompt('Enter agent numbers (comma-separated) or "all": ');
+                if (response.toLowerCase() === 'all') {
+                    targetAgents = AGENTS;
+                }
+                else {
+                    const indices = response.split(',').map(s => parseInt(s.trim()) - 1);
+                    targetAgents = indices
+                        .filter(i => i >= 0 && i < AGENTS.length)
+                        .map(i => AGENTS[i]);
+                }
+                if (targetAgents.length === 0) {
+                    error('No agents selected.');
+                    process.exit(1);
+                }
+            }
+            else {
+                // Default to Claude Code in --yes mode
+                targetAgents = AGENTS.filter(a => a.id === 'claude-code');
+            }
+        }
+    }
+    const isGlobal = options.global ?? false;
+    const locationLabel = isGlobal ? 'global' : 'project';
+    console.log();
+    console.log(pc.bold(`Installing ${selectedSkills.length} skill(s) to ${targetAgents.length} agent(s):`));
+    console.log();
+    // Show what will be installed
+    for (const skill of selectedSkills) {
+        console.log(`  ${pc.green('•')} ${pc.bold(skill.name)}`);
+        console.log(`    ${pc.dim(skill.description)}`);
+    }
+    console.log();
+    console.log(pc.dim('Target agents:'));
+    for (const agent of targetAgents) {
+        const path = isGlobal ? agent.globalPath : join(process.cwd(), agent.projectPath);
+        console.log(`  ${pc.cyan('•')} ${agent.name} → ${pc.dim(path)}`);
+    }
+    console.log();
+    // Confirmation
+    if (!options.yes) {
+        const confirm = await prompt(`Install to ${locationLabel} directory? [Y/n] `);
+        if (confirm.toLowerCase() === 'n') {
+            info$1('Installation cancelled.');
+            process.exit(0);
+        }
+    }
+    // Install skills
+    let installed = 0;
+    let skipped = 0;
+    for (const skill of selectedSkills) {
+        const activeAgentIds = new Set();
+        for (const agent of targetAgents) {
+            const skillDir = getSkillPath(agent, skill.name, isGlobal);
+            const skillFile = join(skillDir, 'SKILL.md');
+            const existedBefore = existsSync(skillFile);
+            // Check if already installed
+            if (existedBefore && !options.force) {
+                const existingContent = readFileSync(skillFile, 'utf-8');
+                if (existingContent === skill.content) {
+                    skipped++;
+                    activeAgentIds.add(agent.id);
+                    continue;
+                }
+                if (!options.yes) {
+                    warn(`${skill.name} already exists for ${agent.name}`);
+                    const overwrite = await prompt('Overwrite? [y/N] ');
+                    if (overwrite.toLowerCase() !== 'y') {
+                        skipped++;
+                        activeAgentIds.add(agent.id);
+                        continue;
+                    }
+                }
+            }
+            // Create directory and write file
+            try {
+                mkdirSync(dirname(skillFile), { recursive: true });
+                writeFileSync(skillFile, skill.content, 'utf-8');
+                installed++;
+                activeAgentIds.add(agent.id);
+                // Cache the skill content
+                if (cacheOwner && cacheRepo) {
+                    const cacheSkillPath = skill.path !== 'SKILL.md'
+                        ? skill.path.replace(/\/SKILL\.md$/, '')
+                        : cachePath?.replace(/\/SKILL\.md$/, '');
+                    cacheSkill(cacheOwner, cacheRepo, skill.content, updateStrategy === 'registry' ? 'registry' : 'github', cacheSkillPath, skill.sha);
+                    verboseLog(`Cached skill: ${skill.name}`);
+                }
+            }
+            catch (err) {
+                if (existedBefore) {
+                    activeAgentIds.add(agent.id);
+                }
+                error(`Failed to install ${skill.name} to ${agent.name}: ${err instanceof Error ? err.message : 'Unknown error'}`);
+            }
+        }
+        if (activeAgentIds.size > 0) {
+            recordInstallation({
+                name: skill.name,
+                description: skill.description,
+                source: installSource,
+                registrySlug,
+                updateStrategy,
+                agents: Array.from(activeAgentIds),
+                global: isGlobal,
+                installedAt: Date.now(),
+                sha: skill.sha,
+                path: skill.path,
+                contentHash: skill.contentHash
+            });
+            // Track installation on server (non-blocking, fail-silent)
+            trackInstallation(trackingSlug).catch(() => { });
+        }
+    }
+    console.log();
+    if (installed > 0) {
+        success(`Installed ${installed} skill(s) successfully!`);
+    }
+    if (skipped > 0) {
+        info$1(`Skipped ${skipped} skill(s) (already up to date)`);
+    }
+    console.log();
+    console.log(pc.dim('Skills are now available in your coding agents.'));
+    console.log(pc.dim('Restart your agent or start a new session to use them.'));
+}
+function getSourceFromRegistrySkill(skill) {
+    if (skill.githubUrl) {
+        const source = parseSource(skill.githubUrl);
+        if (source) {
+            return source;
+        }
+    }
+    if (skill.owner && skill.repo) {
+        return {
+            platform: 'github',
+            owner: skill.owner,
+            repo: skill.repo,
+            path: skill.skillPath,
+        };
+    }
+    return null;
+}
+function getRegistrySlug$1(skill, fallback) {
+    if (skill.slug && skill.slug.includes('/')) {
+        return skill.slug;
+    }
+    if (skill.owner && skill.repo) {
+        return `${skill.owner}/${skill.repo}`;
+    }
+    const parsedFallback = parseSource(fallback);
+    if (parsedFallback) {
+        return `${parsedFallback.owner}/${parsedFallback.repo}`;
+    }
+    return fallback;
+}
+
+function discoverLocalSkills(agents, global) {
+    const skills = [];
+    for (const agent of agents) {
+        const basePath = global ? agent.globalPath : join(process.cwd(), agent.projectPath);
+        if (!existsSync(basePath))
+            continue;
+        try {
+            const entries = readdirSync(basePath, { withFileTypes: true });
+            for (const entry of entries) {
+                if (!entry.isDirectory())
+                    continue;
+                const skillFile = join(basePath, entry.name, 'SKILL.md');
+                if (!existsSync(skillFile))
+                    continue;
+                try {
+                    const content = readFileSync(skillFile, 'utf-8');
+                    const metadata = parseSkillFrontmatter(content);
+                    skills.push({
+                        name: metadata?.name || entry.name,
+                        description: metadata?.description || '',
+                        agent: agent.name,
+                        location: global ? 'global' : 'project',
+                        path: join(basePath, entry.name)
+                    });
+                }
+                catch {
+                    // Skip invalid skill files
+                }
+            }
+        }
+        catch {
+            // Skip inaccessible directories
+        }
+    }
+    return skills;
+}
+async function list(options) {
+    // Determine which agents to check
+    let agents;
+    if (options.agent && options.agent.length > 0) {
+        agents = getAgentsByIds(options.agent);
+        if (agents.length === 0) {
+            error(`Invalid agent(s): ${options.agent.join(', ')}`);
+            process.exit(1);
+        }
+    }
+    else {
+        agents = AGENTS;
+    }
+    const skills = [];
+    // Collect skills based on options
+    if (options.all) {
+        skills.push(...discoverLocalSkills(agents, false));
+        skills.push(...discoverLocalSkills(agents, true));
+    }
+    else if (options.global) {
+        skills.push(...discoverLocalSkills(agents, true));
+    }
+    else {
+        // Default: show project skills
+        skills.push(...discoverLocalSkills(agents, false));
+    }
+    if (skills.length === 0) {
+        warn('No skills installed.');
+        console.log();
+        console.log(pc.dim('Install skills with:'));
+        console.log(`  ${pc.cyan('npx skillscat add <owner>/<repo>')}`);
+        console.log();
+        console.log(pc.dim('Or search for skills:'));
+        console.log(`  ${pc.cyan('npx skillscat search <query>')}`);
+        return;
+    }
+    console.log();
+    console.log(pc.bold(`Installed skills (${skills.length}):`));
+    console.log();
+    // Group by agent
+    const byAgent = new Map();
+    for (const skill of skills) {
+        const key = `${skill.agent} (${skill.location})`;
+        if (!byAgent.has(key)) {
+            byAgent.set(key, []);
+        }
+        byAgent.get(key).push(skill);
+    }
+    for (const [agentKey, agentSkills] of byAgent) {
+        console.log(pc.cyan(agentKey));
+        for (const skill of agentSkills) {
+            console.log(`  ${pc.green('•')} ${pc.bold(skill.name)}`);
+            if (skill.description) {
+                console.log(`    ${pc.dim(skill.description)}`);
+            }
+        }
+        console.log();
+    }
+    // Show tracked skills from database
+    const dbSkills = getInstalledSkills();
+    if (dbSkills.length > 0) {
+        console.log(pc.dim('─'.repeat(50)));
+        console.log(pc.dim(`Tracked installations: ${dbSkills.length}`));
+        console.log(pc.dim('Run `npx skillscat update --check` to check for updates.'));
+    }
+}
+
+async function search(query, options = {}) {
+    const limit = parseInt(options.limit || '20', 10);
+    // Show verbose config info
+    if (isVerbose()) {
+        verboseConfig();
+    }
+    const searchSpinner = spinner(query ? `Searching for "${query}"` : 'Fetching trending skills');
+    let result;
+    try {
+        const params = new URLSearchParams();
+        if (query)
+            params.set('q', query);
+        if (options.category)
+            params.set('category', options.category);
+        params.set('limit', String(limit));
+        // Include private skills when authenticated
+        const token = await getValidToken();
+        const headers = { 'User-Agent': 'skillscat-cli/1.0' };
+        if (token) {
+            headers['Authorization'] = `Bearer ${token}`;
+            params.set('include_private', 'true');
+        }
+        const registryUrl = getRegistryUrl();
+        const url = `${registryUrl}/search?${params}`;
+        const startTime = Date.now();
+        verboseRequest('GET', url, headers);
+        const response = await fetch(url, { headers });
+        verboseResponse(response.status, response.statusText, Date.now() - startTime);
+        if (!response.ok) {
+            if (response.status === 429) {
+                searchSpinner.stop(false);
+                const httpError = parseHttpError(429);
+                warn(httpError.message);
+                if (httpError.suggestion) {
+                    console.log(pc.dim(httpError.suggestion));
+                }
+                process.exit(1);
+            }
+            const httpError = parseHttpError(response.status, response.statusText);
+            throw new Error(httpError.message);
+        }
+        result = await response.json();
+    }
+    catch (err) {
+        searchSpinner.stop(false);
+        // Check for network errors
+        const networkError = parseNetworkError(err);
+        if (networkError.message.includes('connect') || networkError.message.includes('resolve') || networkError.message.includes('network')) {
+            // Fallback: show help for direct GitHub/GitLab usage
+            console.log();
+            info$1(networkError.message);
+            if (networkError.suggestion) {
+                console.log(pc.dim(networkError.suggestion));
+            }
+            console.log();
+            console.log(pc.dim('You can still install skills directly from GitHub/GitLab:'));
+            console.log();
+            console.log(`  ${pc.cyan('npx skillscat add vercel-labs/agent-skills')}`);
+            console.log(`  ${pc.cyan('npx skillscat add owner/repo')}`);
+            console.log();
+            console.log(pc.dim('Popular skill repositories:'));
+            console.log(`  ${pc.dim('•')} vercel-labs/agent-skills - React, Next.js best practices`);
+            console.log(`  ${pc.dim('•')} anthropics/claude-code-skills - Official Claude Code skills`);
+            return;
+        }
+        error(err instanceof Error ? err.message : 'Failed to search skills');
+        process.exit(1);
+    }
+    searchSpinner.stop(true);
+    if (result.skills.length === 0) {
+        warn('No skills found.');
+        if (query) {
+            console.log(pc.dim('Try a different search term or browse categories.'));
+        }
+        console.log();
+        console.log(pc.dim('You can also install skills directly from GitHub/GitLab:'));
+        console.log(`  ${pc.cyan('npx skillscat add owner/repo')}`);
+        return;
+    }
+    console.log();
+    console.log(pc.bold(`Found ${result.total} skill(s):`));
+    console.log();
+    for (const skill of result.skills) {
+        const identifier = skill.slug || `${skill.owner}/${skill.repo}`;
+        const platformIcon = skill.platform === 'github' ? '' : ' (GitLab)';
+        const privateLabel = skill.visibility === 'private' ? pc.red(' [private]') : '';
+        console.log(`  ${pc.bold(pc.cyan(identifier))}${pc.dim(platformIcon)}${privateLabel}`);
+        if (skill.description) {
+            console.log(`  ${pc.dim(skill.description)}`);
+        }
+        console.log(`  ${pc.yellow('★')} ${skill.stars}  ${pc.dim('|')}  ` +
+            pc.dim(skill.categories.length > 0 ? skill.categories.join(', ') : 'uncategorized'));
+        console.log();
+    }
+    console.log(pc.dim('─'.repeat(50)));
+    console.log();
+    console.log(pc.dim('Install a skill:'));
+    console.log(`  ${pc.cyan('npx skillscat add <owner>/<repo>')}`);
+    console.log();
+    console.log(pc.dim('View skill details:'));
+    console.log(`  ${pc.cyan('npx skillscat info <owner>/<repo>')}`);
+}
+
+async function remove(skillName, options) {
+    // Determine which agents to check
+    let agents;
+    if (options.agent && options.agent.length > 0) {
+        agents = getAgentsByIds(options.agent);
+        if (agents.length === 0) {
+            error(`Invalid agent(s): ${options.agent.join(', ')}`);
+            process.exit(1);
+        }
+    }
+    else {
+        agents = AGENTS;
+    }
+    const isGlobal = options.global ?? false;
+    let removed = 0;
+    let notFound = 0;
+    for (const agent of agents) {
+        const skillDir = getSkillPath(agent, skillName, isGlobal);
+        if (!existsSync(skillDir)) {
+            notFound++;
+            continue;
+        }
+        try {
+            rmSync(skillDir, { recursive: true });
+            removed++;
+            success(`Removed ${skillName} from ${agent.name}`);
+        }
+        catch (err) {
+            error(`Failed to remove from ${agent.name}: ${err instanceof Error ? err.message : 'Unknown error'}`);
+        }
+    }
+    if (removed > 0) {
+        removeInstallation(skillName, {
+            agents: agents.map((agent) => agent.id),
+            global: isGlobal,
+        });
+    }
+    if (removed === 0) {
+        if (notFound === agents.length) {
+            warn(`Skill "${skillName}" not found.`);
+            // Check if it exists in the other location
+            const otherLocation = !isGlobal;
+            for (const agent of agents) {
+                const otherDir = getSkillPath(agent, skillName, otherLocation);
+                if (existsSync(otherDir)) {
+                    console.log(pc.dim(`Found in ${otherLocation ? 'global' : 'project'} directory.`));
+                    console.log(pc.dim(`Use ${otherLocation ? '--global' : ''} flag to remove.`));
+                    break;
+                }
+            }
+        }
+    }
+    else {
+        console.log();
+        success(`Removed ${skillName} from ${removed} agent(s).`);
+    }
+}
+
+function getUpdateStrategy(skill) {
+    if (skill.updateStrategy === 'registry')
+        return 'registry';
+    if (skill.updateStrategy === 'git')
+        return 'git';
+    return skill.registrySlug ? 'registry' : 'git';
+}
+function getRegistrySlug(skill) {
+    if (skill.registrySlug && skill.registrySlug.includes('/')) {
+        return skill.registrySlug;
+    }
+    if (skill.source?.owner && skill.source?.repo) {
+        return `${skill.source.owner}/${skill.source.repo}`;
+    }
+    return null;
+}
+async function update(skillName, options) {
+    const installedSkills = getInstalledSkills();
+    if (installedSkills.length === 0) {
+        warn('No tracked skill installations found.');
+        console.log(pc.dim('Install skills with `npx skillscat add <source>` to track them.'));
+        return;
+    }
+    // Filter by skill name if provided
+    let skillsToCheck = installedSkills;
+    if (skillName) {
+        skillsToCheck = installedSkills.filter(s => s.name.toLowerCase() === skillName.toLowerCase());
+        if (skillsToCheck.length === 0) {
+            error(`Skill "${skillName}" not found in tracked installations.`);
+            console.log(pc.dim('Available tracked skills:'));
+            for (const skill of installedSkills) {
+                console.log(pc.dim(`  - ${skill.name}`));
+            }
+            process.exit(1);
+        }
+    }
+    // Determine which agents to update
+    let agents;
+    if (options.agent && options.agent.length > 0) {
+        agents = getAgentsByIds(options.agent);
+        if (agents.length === 0) {
+            error(`Invalid agent(s): ${options.agent.join(', ')}`);
+            process.exit(1);
+        }
+    }
+    else {
+        agents = AGENTS;
+    }
+    console.log();
+    info$1(`Checking ${skillsToCheck.length} skill(s) for updates...`);
+    console.log();
+    const updates = [];
+    // Check each skill for updates
+    for (const skill of skillsToCheck) {
+        const checkSpinner = spinner(`Checking ${skill.name}`);
+        try {
+            const strategy = getUpdateStrategy(skill);
+            if (strategy === 'registry') {
+                const slug = getRegistrySlug(skill);
+                if (!slug) {
+                    checkSpinner.stop(false);
+                    warn(`${skill.name}: Missing registry slug; cannot check updates`);
+                    continue;
+                }
+                const latestSkill = await fetchSkill(slug);
+                if (!latestSkill || !latestSkill.content) {
+                    checkSpinner.stop(false);
+                    warn(`${skill.name}: Skill no longer exists in registry`);
+                    continue;
+                }
+                const latestHash = latestSkill.contentHash || calculateContentHash(latestSkill.content);
+                const hasUpdate = skill.contentHash ? latestHash !== skill.contentHash : true;
+                if (!hasUpdate) {
+                    checkSpinner.stop(true);
+                    console.log(pc.dim(`  ${skill.name}: Up to date`));
+                    continue;
+                }
+                checkSpinner.stop(true);
+                updates.push({
+                    skill,
+                    newContent: latestSkill.content,
+                    newContentHash: latestHash,
+                    cacheOwner: skill.source?.owner || latestSkill.owner,
+                    cacheRepo: skill.source?.repo || latestSkill.repo,
+                    cacheSource: 'registry',
+                });
+                console.log(`  ${pc.yellow('⬆')} ${skill.name}: Update available`);
+                continue;
+            }
+            if (!skill.source) {
+                checkSpinner.stop(false);
+                warn(`${skill.name}: Missing source repository; cannot check updates`);
+                continue;
+            }
+            const latestSkill = await fetchSkill$1(skill.source, skill.name);
+            if (!latestSkill) {
+                checkSpinner.stop(false);
+                warn(`${skill.name}: Skill no longer exists in source repository`);
+                continue;
+            }
+            // Compare by contentHash first, then by SHA
+            const latestHash = latestSkill.contentHash || calculateContentHash(latestSkill.content);
+            const hasUpdate = skill.contentHash
+                ? latestHash !== skill.contentHash
+                : (latestSkill.sha && skill.sha ? latestSkill.sha !== skill.sha : true);
+            if (!hasUpdate) {
+                checkSpinner.stop(true);
+                console.log(pc.dim(`  ${skill.name}: Up to date`));
+                continue;
+            }
+            checkSpinner.stop(true);
+            updates.push({
+                skill,
+                newContent: latestSkill.content,
+                newSha: latestSkill.sha,
+                newContentHash: latestHash,
+                cacheOwner: skill.source.owner,
+                cacheRepo: skill.source.repo,
+                cacheSource: 'github',
+            });
+            console.log(`  ${pc.yellow('⬆')} ${skill.name}: Update available`);
+        }
+        catch (err) {
+            checkSpinner.stop(false);
+            console.log(pc.dim(`  ${skill.name}: Failed to check (${err instanceof Error ? err.message : 'Unknown error'})`));
+        }
+    }
+    console.log();
+    if (updates.length === 0) {
+        success('All skills are up to date!');
+        return;
+    }
+    // Check only mode
+    if (options.check) {
+        info$1(`${updates.length} skill(s) have updates available.`);
+        console.log(pc.dim('Run `npx skillscat update` to install updates.'));
+        return;
+    }
+    // Install updates
+    info$1(`Installing ${updates.length} update(s)...`);
+    console.log();
+    let updated = 0;
+    for (const { skill, newContent, newSha, newContentHash, cacheOwner, cacheRepo, cacheSource } of updates) {
+        const skillAgents = skill.agents
+            .map(id => agents.find(a => a.id === id))
+            .filter((a) => a !== undefined);
+        if (skillAgents.length === 0) {
+            skillAgents.push(...agents.filter(a => skill.agents.includes(a.id)));
+        }
+        for (const agent of skillAgents) {
+            const skillDir = getSkillPath(agent, skill.name, skill.global);
+            const skillFile = join(skillDir, 'SKILL.md');
+            try {
+                mkdirSync(dirname(skillFile), { recursive: true });
+                writeFileSync(skillFile, newContent, 'utf-8');
+                updated++;
+                // Cache the updated content
+                if (cacheOwner && cacheRepo) {
+                    cacheSkill(cacheOwner, cacheRepo, newContent, cacheSource, skill.path !== 'SKILL.md' ? skill.path.replace(/\/SKILL\.md$/, '') : undefined, newSha);
+                    verboseLog(`Cached updated skill: ${skill.name}`);
+                }
+            }
+            catch (err) {
+                error(`Failed to update ${skill.name} for ${agent.name}`);
+            }
+        }
+        // Update database record
+        recordInstallation({
+            ...skill,
+            sha: newSha,
+            contentHash: newContentHash,
+            installedAt: Date.now()
+        });
+    }
+    console.log();
+    success(`Updated ${updated} skill(s) successfully!`);
+}
+
+const PACKAGE_NAME = 'skillscat';
+function safeExec(command, args) {
+    try {
+        const output = execFileSync(command, args, {
+            encoding: 'utf8',
+            stdio: ['ignore', 'pipe', 'ignore'],
+        });
+        return output.trim();
+    }
+    catch {
+        return null;
+    }
+}
+function safeRealpath(targetPath) {
+    try {
+        return realpathSync(targetPath);
+    }
+    catch {
+        return targetPath;
+    }
+}
+function getNpmGlobalRoot() {
+    return safeExec('npm', ['root', '-g']);
+}
+function getPnpmGlobalRoot() {
+    return safeExec('pnpm', ['root', '-g']);
+}
+function getBunGlobalRoot() {
+    const bunInstall = process.env.BUN_INSTALL || join(os.homedir(), '.bun');
+    const root = join(bunInstall, 'install', 'global', 'node_modules');
+    return existsSync(root) ? root : null;
+}
+function isPathInside(child, parent) {
+    const rel = relative(parent, child);
+    return rel === '' || (!rel.startsWith('..') && !isAbsolute(rel));
+}
+function resolvePackageRoot() {
+    const scriptPath = process.argv[1]
+        ? resolve(process.argv[1])
+        : fileURLToPath(import.meta.url);
+    let dir = dirname(scriptPath);
+    for (let i = 0; i < 10; i++) {
+        if (existsSync(join(dir, 'package.json'))) {
+            return dir;
+        }
+        const parent = dirname(dir);
+        if (parent === dir)
+            break;
+        dir = parent;
+    }
+    return null;
+}
+function getManagerInfos() {
+    const managers = [];
+    const npmRoot = getNpmGlobalRoot();
+    if (npmRoot) {
+        managers.push({
+            manager: 'npm',
+            globalRoot: npmRoot,
+            installCommand: 'npm install -g skillscat',
+            upgradeArgs: ['install', '-g', `${PACKAGE_NAME}@latest`],
+        });
+    }
+    const pnpmRoot = getPnpmGlobalRoot();
+    if (pnpmRoot) {
+        managers.push({
+            manager: 'pnpm',
+            globalRoot: pnpmRoot,
+            installCommand: 'pnpm add -g skillscat',
+            upgradeArgs: ['add', '-g', `${PACKAGE_NAME}@latest`],
+        });
+    }
+    const bunRoot = getBunGlobalRoot();
+    if (bunRoot) {
+        managers.push({
+            manager: 'bun',
+            globalRoot: bunRoot,
+            installCommand: 'bun add -g skillscat',
+            upgradeArgs: ['add', '-g', `${PACKAGE_NAME}@latest`],
+        });
+    }
+    return managers;
+}
+function isGloballyInstalled(manager) {
+    return existsSync(join(manager.globalRoot, PACKAGE_NAME, 'package.json'));
+}
+function formatManagerList(managers) {
+    return managers.map((m) => m.manager).join(', ');
+}
+async function selfUpgrade(options) {
+    const managers = getManagerInfos();
+    const installedManagers = managers.filter(isGloballyInstalled);
+    if (installedManagers.length === 0) {
+        warn('Global installation not detected.');
+        info$1('Install skillscat globally first, then run `skillscat self-upgrade`.');
+        console.log(pc.dim('  npm install -g skillscat'));
+        console.log(pc.dim('  pnpm add -g skillscat'));
+        console.log(pc.dim('  bun add -g skillscat'));
+        return;
+    }
+    let selected;
+    if (options.manager) {
+        const normalized = options.manager.toLowerCase();
+        if (!['npm', 'pnpm', 'bun'].includes(normalized)) {
+            error(`Unknown package manager: ${options.manager}`);
+            info$1('Use one of: npm, pnpm, bun');
+            process.exit(1);
+        }
+        selected = installedManagers.find((m) => m.manager === normalized);
+        if (!selected) {
+            error(`No global ${normalized} installation found for ${PACKAGE_NAME}.`);
+            const managerInfo = managers.find((m) => m.manager === normalized);
+            if (managerInfo) {
+                info$1(`Install globally first with: ${managerInfo.installCommand}`);
+            }
+            process.exit(1);
+        }
+    }
+    else {
+        const packageRoot = resolvePackageRoot();
+        const realPackageRoot = packageRoot ? safeRealpath(packageRoot) : null;
+        if (realPackageRoot) {
+            selected = installedManagers.find((m) => isPathInside(realPackageRoot, safeRealpath(m.globalRoot)));
+        }
+        if (!selected) {
+            if (installedManagers.length === 1) {
+                selected = installedManagers[0];
+            }
+            else {
+                const userAgent = process.env.npm_config_user_agent || '';
+                if (userAgent.includes('pnpm')) {
+                    selected = installedManagers.find((m) => m.manager === 'pnpm');
+                }
+                else if (userAgent.includes('bun')) {
+                    selected = installedManagers.find((m) => m.manager === 'bun');
+                }
+                else if (userAgent.includes('npm')) {
+                    selected = installedManagers.find((m) => m.manager === 'npm');
+                }
+                if (!selected) {
+                    selected = installedManagers[0];
+                }
+                warn(`Multiple global installs detected (${formatManagerList(installedManagers)}). Using ${selected.manager}.`);
+                info$1('Run `skillscat self-upgrade --manager <npm|pnpm|bun>` to choose a different manager.');
+            }
+        }
+    }
+    if (!selected) {
+        error('Unable to determine a package manager for self-upgrade.');
+        process.exit(1);
+    }
+    info$1(`Updating skillscat via ${selected.manager}...`);
+    verboseLog(`Running: ${selected.manager} ${selected.upgradeArgs.join(' ')}`);
+    const result = spawnSync(selected.manager, selected.upgradeArgs, { stdio: 'inherit' });
+    if (result.error) {
+        error(`Failed to run ${selected.manager}.`);
+        if (result.error instanceof Error) {
+            console.error(pc.dim(result.error.message));
+        }
+        process.exit(1);
+    }
+    if (result.status !== 0) {
+        error(`${selected.manager} exited with code ${result.status ?? 'unknown'}.`);
+        process.exit(result.status ?? 1);
+    }
+    success('Skillscat CLI updated to the latest version.');
+}
+
+async function info(source) {
+    // Parse source
+    const repoSource = parseSource(source);
+    if (!repoSource) {
+        error('Invalid source. Supported formats:');
+        console.log(pc.dim('  owner/repo'));
+        console.log(pc.dim('  https://github.com/owner/repo'));
+        console.log(pc.dim('  https://gitlab.com/owner/repo'));
+        process.exit(1);
+    }
+    const sourceLabel = `${repoSource.owner}/${repoSource.repo}`;
+    const infoSpinner = spinner(`Fetching info for ${sourceLabel}`);
+    let skills;
+    try {
+        skills = await discoverSkills(repoSource);
+    }
+    catch (err) {
+        infoSpinner.stop(false);
+        error(err instanceof Error ? err.message : 'Failed to fetch repository info');
+        process.exit(1);
+    }
+    infoSpinner.stop(true);
+    console.log();
+    console.log(pc.bold(pc.cyan(sourceLabel)));
+    console.log();
+    // Repository info
+    console.log(pc.dim('Platform:     ') + repoSource.platform);
+    console.log(pc.dim('Owner:        ') + repoSource.owner);
+    console.log(pc.dim('Repository:   ') + repoSource.repo);
+    if (repoSource.branch) {
+        console.log(pc.dim('Branch:       ') + repoSource.branch);
+    }
+    if (repoSource.path) {
+        console.log(pc.dim('Path:         ') + repoSource.path);
+    }
+    console.log();
+    console.log(pc.dim('─'.repeat(50)));
+    console.log();
+    if (skills.length === 0) {
+        console.log(pc.yellow('No skills found in this repository.'));
+        console.log();
+        console.log(pc.dim('To create a skill, add a SKILL.md file with:'));
+        console.log(pc.dim(''));
+        console.log(pc.dim('  ---'));
+        console.log(pc.dim('  name: my-skill'));
+        console.log(pc.dim('  description: What this skill does'));
+        console.log(pc.dim('  ---'));
+        console.log(pc.dim(''));
+        console.log(pc.dim('  # My Skill'));
+        console.log(pc.dim('  Instructions for the agent...'));
+        return;
+    }
+    console.log(pc.bold(`Skills (${skills.length}):`));
+    console.log();
+    for (const skill of skills) {
+        console.log(`  ${pc.green('•')} ${pc.bold(skill.name)}`);
+        console.log(`    ${pc.dim(skill.description)}`);
+        console.log(`    ${pc.dim(`Path: ${skill.path}`)}`);
+        console.log();
+    }
+    console.log(pc.dim('─'.repeat(50)));
+    console.log();
+    console.log(pc.bold('Install:'));
+    console.log(`  ${pc.cyan(`npx skillscat add ${source}`)}`);
+    console.log();
+    // Show compatible agents
+    console.log(pc.bold('Compatible agents:'));
+    console.log(`  ${AGENTS.map(a => a.name).join(', ')}`);
+}
+
+/**
+ * Local HTTP server to receive OAuth callback from browser
+ */
+const PORT_RANGE_START = 9876;
+const PORT_RANGE_END = 9886;
+const TIMEOUT_MS = 5 * 60 * 1000; // 5 minutes
+/**
+ * Try to start a server on a port, returns null if port is in use
+ */
+function tryStartServer(port, handler) {
+    return new Promise((resolve) => {
+        const server = createServer(handler);
+        server.on('error', (err) => {
+            if (err.code === 'EADDRINUSE') {
+                resolve(null);
+            }
+            else {
+                resolve(null);
+            }
+        });
+        server.listen(port, '127.0.0.1', () => {
+            resolve(server);
+        });
+    });
+}
+/**
+ * Start a local callback server on an available port
+ */
+async function startCallbackServer(expectedState) {
+    let server = null;
+    let port = PORT_RANGE_START;
+    // Try ports in range until one is available
+    while (port <= PORT_RANGE_END && !server) {
+        let resolveCallback;
+        let rejectCallback;
+        const callbackPromise = new Promise((resolve, reject) => {
+            resolveCallback = resolve;
+            rejectCallback = reject;
+        });
+        const handler = (req, res) => {
+            if (req.method !== 'GET' || !req.url?.startsWith('/callback')) {
+                res.writeHead(404);
+                res.end('Not Found');
+                return;
+            }
+            const url = new URL(req.url, `http://localhost:${port}`);
+            const code = url.searchParams.get('code');
+            const state = url.searchParams.get('state');
+            const error = url.searchParams.get('error');
+            // Return simple OK response (this is called via fetch, not browser navigation)
+            res.writeHead(200, {
+                'Content-Type': 'text/plain',
+                'Access-Control-Allow-Origin': '*',
+            });
+            res.end('OK');
+            if (error) {
+                rejectCallback(new Error(error));
+                return;
+            }
+            if (!code || !state) {
+                rejectCallback(new Error('Missing code or state'));
+                return;
+            }
+            if (state !== expectedState) {
+                rejectCallback(new Error('State mismatch'));
+                return;
+            }
+            resolveCallback({ code, state });
+        };
+        server = await tryStartServer(port, handler);
+        if (server) {
+            const currentPort = port;
+            let timeoutId;
+            const waitForCallback = () => {
+                return new Promise((resolve, reject) => {
+                    timeoutId = setTimeout(() => {
+                        server?.close();
+                        reject(new Error('Authorization timed out'));
+                    }, TIMEOUT_MS);
+                    callbackPromise
+                        .then((result) => {
+                        clearTimeout(timeoutId);
+                        // Give browser time to receive response before closing
+                        setTimeout(() => server?.close(), 100);
+                        resolve(result);
+                    })
+                        .catch((err) => {
+                        clearTimeout(timeoutId);
+                        setTimeout(() => server?.close(), 100);
+                        reject(err);
+                    });
+                });
+            };
+            const close = () => {
+                clearTimeout(timeoutId);
+                server?.close();
+            };
+            return {
+                port: currentPort,
+                waitForCallback,
+                close,
+            };
+        }
+        port++;
+    }
+    throw new Error(`Could not find available port in range ${PORT_RANGE_START}-${PORT_RANGE_END}`);
+}
+
+async function login(options) {
+    getBaseUrl();
+    const registryUrl = getRegistryUrl();
+    // If token is provided directly, use it
+    if (options.token) {
+        const sp = spinner('Validating token...');
+        try {
+            const user = await validateAccessToken(options.token);
+            if (!user) {
+                sp.stop(false);
+                error('Invalid token. Please check your token and try again.');
+                process.exit(1);
+            }
+            setToken(options.token, user);
+            sp.stop(true);
+            success('Successfully logged in with API token.');
+            return;
+        }
+        catch {
+            sp.stop(false);
+            error('Failed to validate token. Please check your internet connection.');
+            process.exit(1);
+        }
+    }
+    // Check if already authenticated
+    if (isAuthenticated()) {
+        const user = getUser();
+        warn(`Already logged in${user?.name ? ` as ${user.name}` : ''}.`);
+        info$1('Run `skillscat logout` to sign out first.');
+        return;
+    }
+    // OAuth-style callback flow
+    let initSpinner = spinner('Starting authorization...');
+    // Step 1: Generate state, PKCE verifier/challenge, and start local callback server
+    const state = generateRandomState();
+    const codeVerifier = generateCodeVerifier();
+    const codeChallenge = computeCodeChallenge(codeVerifier);
+    let callbackServer;
+    try {
+        callbackServer = await startCallbackServer(state);
+    }
+    catch (err) {
+        initSpinner.stop(false);
+        error('Failed to start local server for authorization.');
+        info$1('Please ensure ports 9876-9886 are available.');
+        process.exit(1);
+    }
+    const callbackUrl = `http://localhost:${callbackServer.port}/callback`;
+    const clientInfo = getClientInfo();
+    // Step 2: Initialize auth session with server (including PKCE)
+    let session;
+    try {
+        session = await initAuthSession(registryUrl, callbackUrl, state, clientInfo, {
+            codeChallenge,
+            codeChallengeMethod: 'S256',
+        });
+        initSpinner.stop(true);
+    }
+    catch (err) {
+        initSpinner.stop(false);
+        callbackServer.close();
+        error('Failed to initialize authorization session.');
+        if (err instanceof Error) {
+            console.log(pc.dim(`Error: ${err.message}`));
+        }
+        process.exit(1);
+    }
+    // Step 3: Open browser to authorization page
+    const authUrl = `${registryUrl}/auth/login?session=${encodeURIComponent(session.session_id)}`;
+    console.log();
+    box(authUrl, 'Authorize in Browser');
+    console.log();
+    // Try to open browser without invoking a shell
+    const { execFile } = await import('child_process');
+    const platformName = process.platform;
+    const browserCommand = platformName === 'darwin'
+        ? { command: 'open', args: [authUrl] }
+        : platformName === 'win32'
+            ? { command: 'rundll32', args: ['url.dll,FileProtocolHandler', authUrl] }
+            : { command: 'xdg-open', args: [authUrl] };
+    execFile(browserCommand.command, browserCommand.args, (err) => {
+        if (!err) {
+            info$1('Browser opened automatically');
+        }
+    });
+    const waitSpinner = spinner('Waiting for authorization... (Press Ctrl+C to cancel)');
+    // Handle Ctrl+C gracefully
+    let cancelled = false;
+    const cleanup = () => {
+        cancelled = true;
+        waitSpinner.stop(false);
+        callbackServer.close();
+        console.log();
+        warn('Authorization cancelled.');
+        process.exit(0);
+    };
+    process.on('SIGINT', cleanup);
+    // Step 4: Wait for callback
+    try {
+        const result = await callbackServer.waitForCallback();
+        waitSpinner.stop(true);
+        // Step 5: Exchange code for tokens (with PKCE verifier)
+        const exchangeSpinner = spinner('Exchanging authorization code...');
+        const tokens = await exchangeCodeForTokens(registryUrl, result.code, session.session_id, codeVerifier);
+        const now = Date.now();
+        setTokens({
+            accessToken: tokens.access_token,
+            accessTokenExpiresAt: now + tokens.expires_in * 1000,
+            refreshToken: tokens.refresh_token,
+            refreshTokenExpiresAt: now + tokens.refresh_expires_in * 1000,
+            user: tokens.user,
+        });
+        exchangeSpinner.stop(true);
+        console.log();
+        success(`Successfully logged in as ${tokens.user.name || 'user'}!`);
+        process.removeListener('SIGINT', cleanup);
+    }
+    catch (err) {
+        process.removeListener('SIGINT', cleanup);
+        if (cancelled)
+            return;
+        waitSpinner.stop(false);
+        const message = err instanceof Error ? err.message : 'Unknown error';
+        if (message === 'access_denied') {
+            console.log();
+            error('Authorization denied.');
+            process.exit(1);
+        }
+        if (message === 'Authorization timed out') {
+            console.log();
+            error('Authorization timed out. Please try again.');
+            process.exit(1);
+        }
+        console.log();
+        error(`Authorization failed: ${message}`);
+        process.exit(1);
+    }
+}
+
+async function logout() {
+    if (!isAuthenticated()) {
+        console.log(pc.yellow('Not currently logged in.'));
+        return;
+    }
+    const user = getUser();
+    clearConfig();
+    console.log(pc.green(`Successfully logged out${user?.name ? ` from ${user.name}` : ''}.`));
+}
+
+async function whoami() {
+    if (!isAuthenticated()) {
+        console.log(pc.yellow('Not logged in.'));
+        console.log(pc.dim('Run `skillscat login` to authenticate.'));
+        return;
+    }
+    const cachedUser = getUser();
+    const token = await getValidToken();
+    if (!token) {
+        console.log(pc.yellow('Token expired.'));
+        console.log(pc.dim('Run `skillscat login` to re-authenticate.'));
+        return;
+    }
+    const user = await validateAccessToken(token);
+    if (user) {
+        console.log(pc.green('Logged in'));
+        if (user.name) {
+            console.log(`  Username: ${pc.cyan(user.name)}`);
+        }
+        else if (cachedUser?.name) {
+            console.log(`  Username: ${pc.cyan(cachedUser.name)}`);
+        }
+        if (user.email) {
+            console.log(`  Email: ${pc.dim(user.email)}`);
+        }
+        else if (cachedUser?.email) {
+            console.log(`  Email: ${pc.dim(cachedUser.email)}`);
+        }
+        console.log(`  Token: ${pc.dim(token.slice(0, 11) + '...')}`);
+        return;
+    }
+    console.log(pc.yellow('Token may be invalid or expired.'));
+    console.log(pc.dim('Run `skillscat login` to re-authenticate.'));
+}
+
+/**
+ * Get preview of skill metadata before publishing
+ */
+async function getPreview(content, token, org) {
+    const baseUrl = getRegistryUrl().replace('/registry', '');
+    const response = await fetch(`${baseUrl}/api/skills/upload/preview`, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${token}`,
+            'User-Agent': 'skillscat-cli/0.1.0',
+            'Origin': baseUrl,
+        },
+        body: JSON.stringify({
+            content,
+            org: org || undefined,
+        }),
+    });
+    return response.json();
+}
+async function publish(skillPath, options) {
+    // Check authentication/session validity
+    const token = await getValidToken();
+    if (!token) {
+        console.error(pc.red('Authentication required or session expired.'));
+        console.log(pc.dim('Run `skillscat login` to authenticate.'));
+        process.exit(1);
+    }
+    // Resolve skill path
+    const resolvedPath = resolve(skillPath);
+    let skillMdPath = resolvedPath;
+    // If path is a directory, look for SKILL.md
+    if (existsSync(resolvedPath) && !resolvedPath.endsWith('.md')) {
+        skillMdPath = resolve(resolvedPath, 'SKILL.md');
+    }
+    if (!existsSync(skillMdPath)) {
+        console.error(pc.red(`SKILL.md not found at ${skillMdPath}`));
+        process.exit(1);
+    }
+    // Read SKILL.md content
+    const content = readFileSync(skillMdPath, 'utf-8');
+    // Get preview first
+    console.log(pc.cyan('Analyzing skill...'));
+    console.log();
+    try {
+        const previewResult = await getPreview(content, token, options.org);
+        if (!previewResult.success || !previewResult.preview) {
+            console.error(pc.red(`Failed to analyze skill: ${previewResult.error || 'Unknown error'}`));
+            process.exit(1);
+        }
+        const { preview, warnings, suggestedVisibility, canPublishPrivate } = previewResult;
+        // Determine final visibility
+        // - If --private flag is set, use private (if allowed)
+        // - Otherwise use suggested visibility from API
+        let visibility;
+        if (options.private) {
+            // User wants private, check if allowed
+            if (canPublishPrivate === false) {
+                console.error(pc.red('Cannot publish as private: identical content exists as a public skill.'));
+                console.log(pc.dim('The skill will be published as public instead.'));
+                visibility = 'public';
+            }
+            else {
+                visibility = 'private';
+            }
+        }
+        else {
+            // Use suggested visibility (public if org connected to GitHub, private otherwise)
+            visibility = suggestedVisibility || 'private';
+        }
+        // Show preview box
+        const previewContent = [
+            `Name: ${pc.cyan(preview.name)}`,
+            `Slug: ${pc.cyan(preview.slug)}`,
+            `Description: ${preview.description ? pc.dim(preview.description.slice(0, 60) + (preview.description.length > 60 ? '...' : '')) : pc.dim('(none)')}`,
+            `Categories: ${preview.categories.length > 0 ? pc.cyan(preview.categories.join(', ')) : pc.dim('(auto-classified)')}`,
+            `Visibility: ${pc.dim(visibility)}`,
+        ].join('\n');
+        box(previewContent, 'Skill Preview');
+        console.log();
+        // Show warnings
+        if (warnings && warnings.length > 0) {
+            for (const w of warnings) {
+                warn(w);
+            }
+            console.log();
+        }
+        // Show immutable slug warning
+        console.log(pc.yellow('⚠️  Warning: The slug cannot be changed after publishing.'));
+        console.log();
+        // Confirm unless --yes flag is provided
+        if (!options.yes) {
+            const answer = await prompt(`Publish ${pc.cyan(preview.slug)}? [y/N] `);
+            if (answer.toLowerCase() !== 'y' && answer.toLowerCase() !== 'yes') {
+                console.log(pc.dim('Cancelled.'));
+                process.exit(0);
+            }
+            console.log();
+        }
+        // Proceed with upload
+        console.log(pc.cyan('Publishing skill...'));
+        // Prepare form data
+        const formData = new FormData();
+        formData.append('skill_md', new Blob([content], { type: 'text/markdown' }), 'SKILL.md');
+        formData.append('name', options.name || preview.name);
+        formData.append('visibility', visibility);
+        if (options.org) {
+            formData.append('org', options.org);
+        }
+        if (options.description) {
+            formData.append('description', options.description);
+        }
+        const uploadToken = await getValidToken();
+        if (!uploadToken) {
+            console.error(pc.red('Session expired. Please run `skillscat login` and try again.'));
+            process.exit(1);
+        }
+        const baseUrl = getRegistryUrl().replace('/registry', '');
+        const response = await fetch(`${baseUrl}/api/skills/upload`, {
+            method: 'POST',
+            headers: {
+                'Authorization': `Bearer ${uploadToken}`,
+                'User-Agent': 'skillscat-cli/0.1.0',
+                'Origin': baseUrl,
+            },
+            body: formData,
+        });
+        const result = await response.json();
+        if (!response.ok || !result.success) {
+            console.error(pc.red(`Failed to publish: ${result.error || result.message || 'Unknown error'}`));
+            process.exit(1);
+        }
+        console.log(pc.green('✔ Skill published successfully!'));
+        console.log();
+        console.log(`  Slug: ${pc.cyan(result.slug)}`);
+        console.log(`  Visibility: ${pc.dim(visibility)}`);
+        if (result.categories && result.categories.length > 0) {
+            console.log(`  Categories: ${pc.dim(result.categories.join(', '))}`);
+        }
+        console.log();
+        console.log(pc.dim('To install this skill:'));
+        console.log(pc.cyan(`  skillscat add ${result.slug}`));
+    }
+    catch (error) {
+        console.error(pc.red('Failed to connect to registry.'));
+        if (error instanceof Error) {
+            console.error(pc.dim(error.message));
+        }
+        process.exit(1);
+    }
+}
+
+/**
+ * Check if a URL is a valid GitHub URL
+ */
+function isValidGitHubUrl(url) {
+    // Support HTTPS format
+    if (/^https?:\/\/github\.com\/[\w.-]+\/[\w.-]+/.test(url)) {
+        return true;
+    }
+    // Support SSH format
+    if (/^git@github\.com:[\w.-]+\/[\w.-]+/.test(url)) {
+        return true;
+    }
+    // Support shorthand format (owner/repo)
+    if (/^[\w.-]+\/[\w.-]+$/.test(url)) {
+        return true;
+    }
+    return false;
+}
+/**
+ * Normalize GitHub URL to HTTPS format
+ */
+function normalizeGitHubUrl(url) {
+    // Already HTTPS
+    if (url.startsWith('https://github.com/')) {
+        return url.replace(/\.git$/, '');
+    }
+    // HTTP to HTTPS
+    if (url.startsWith('http://github.com/')) {
+        return url.replace('http://', 'https://').replace(/\.git$/, '');
+    }
+    // SSH format: git@github.com:owner/repo.git
+    const sshMatch = url.match(/^git@github\.com:(.+)$/);
+    if (sshMatch) {
+        return `https://github.com/${sshMatch[1].replace(/\.git$/, '')}`;
+    }
+    // Shorthand format: owner/repo
+    if (/^[\w.-]+\/[\w.-]+$/.test(url)) {
+        return `https://github.com/${url}`;
+    }
+    return url;
+}
+/**
+ * Extract repository URL from package.json
+ */
+function getRepoUrlFromPackageJson(cwd) {
+    const packageJsonPath = join(cwd, 'package.json');
+    if (!existsSync(packageJsonPath)) {
+        return null;
+    }
+    try {
+        const content = readFileSync(packageJsonPath, 'utf-8');
+        const pkg = JSON.parse(content);
+        // Check 'repository' field
+        if (pkg.repository) {
+            if (typeof pkg.repository === 'string') {
+                // Could be shorthand "owner/repo" or full URL
+                return pkg.repository;
+            }
+            if (typeof pkg.repository === 'object' && pkg.repository.url) {
+                return pkg.repository.url;
+            }
+        }
+        // Check 'repo' field (alternative)
+        if (pkg.repo && typeof pkg.repo === 'string') {
+            return pkg.repo;
+        }
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Find SKILL.md file in the current directory or its subdirectories
+ * Returns the path relative to the repo root where SKILL.md is located
+ */
+function findSkillMd(cwd, maxDepth = 3) {
+    // First check if SKILL.md exists in current directory
+    const skillMdPath = join(cwd, 'SKILL.md');
+    const skillMdPathLower = join(cwd, 'skill.md');
+    if (existsSync(skillMdPath) || existsSync(skillMdPathLower)) {
+        return ''; // Root directory
+    }
+    // Search in subdirectories (up to maxDepth)
+    function searchDir(dir, depth) {
+        if (depth > maxDepth)
+            return null;
+        try {
+            const entries = readdirSync(dir);
+            for (const entry of entries) {
+                // Skip dot folders
+                if (entry.startsWith('.'))
+                    continue;
+                const fullPath = join(dir, entry);
+                try {
+                    const stat = statSync(fullPath);
+                    if (stat.isDirectory()) {
+                        // Check for SKILL.md in this directory
+                        const skillPath = join(fullPath, 'SKILL.md');
+                        const skillPathLower = join(fullPath, 'skill.md');
+                        if (existsSync(skillPath) || existsSync(skillPathLower)) {
+                            return relative(cwd, fullPath);
+                        }
+                        // Recurse into subdirectory
+                        const found = searchDir(fullPath, depth + 1);
+                        if (found !== null) {
+                            return found;
+                        }
+                    }
+                }
+                catch {
+                    // Skip inaccessible entries
+                }
+            }
+        }
+        catch {
+            // Skip inaccessible directories
+        }
+        return null;
+    }
+    return searchDir(cwd, 1);
+}
+/**
+ * Find the git root directory
+ */
+function findGitRoot(cwd) {
+    let dir = cwd;
+    while (true) {
+        if (existsSync(join(dir, '.git'))) {
+            return dir;
+        }
+        const parent = dirname(dir);
+        if (parent === dir) {
+            break;
+        }
+        dir = parent;
+    }
+    return null;
+}
+async function submit(urlArg, _options) {
+    // Step 1: Check authentication
+    if (!isAuthenticated()) {
+        console.error(pc.red('Authentication required.'));
+        console.log(pc.dim('Run `skillscat login` first.'));
+        process.exit(1);
+    }
+    // Step 2: Determine the URL and skill path to submit
+    let repoUrl;
+    let skillPath;
+    const cwd = process.cwd();
+    if (urlArg) {
+        // URL provided as argument
+        repoUrl = urlArg;
+    }
+    else {
+        // Try to find SKILL.md in current workspace first
+        const gitRoot = findGitRoot(cwd);
+        if (gitRoot) {
+            // Find SKILL.md relative to git root
+            const foundPath = findSkillMd(gitRoot);
+            if (foundPath !== null) {
+                // Found SKILL.md - get repo URL from package.json or git remote
+                const extractedUrl = getRepoUrlFromPackageJson(gitRoot);
+                if (extractedUrl) {
+                    repoUrl = extractedUrl;
+                    skillPath = foundPath;
+                    if (foundPath) {
+                        console.log(pc.dim(`Found SKILL.md at: ${foundPath}/SKILL.md`));
+                    }
+                    else {
+                        console.log(pc.dim('Found SKILL.md at repository root'));
+                    }
+                }
+                else {
+                    console.error(pc.red('Found SKILL.md but could not determine repository URL.'));
+                    console.log(pc.dim('Add a "repository" field to package.json or provide the URL as argument.'));
+                    process.exit(1);
+                }
+            }
+            else {
+                // No SKILL.md found - fall back to package.json
+                const extractedUrl = getRepoUrlFromPackageJson(cwd);
+                if (!extractedUrl) {
+                    console.error(pc.red('No SKILL.md found and no repository URL provided.'));
+                    console.log();
+                    console.log('Usage:');
+                    console.log(pc.dim('  skillscat submit <github-url>'));
+                    console.log(pc.dim('  skillscat submit                  # auto-detect from workspace'));
+                    console.log();
+                    console.log('Make sure your project has:');
+                    console.log(pc.dim('  - A SKILL.md file in the repository'));
+                    console.log(pc.dim('  - A "repository" field in package.json'));
+                    process.exit(1);
+                }
+                repoUrl = extractedUrl;
+                console.log(pc.dim(`Using repository from package.json: ${repoUrl}`));
+            }
+        }
+        else {
+            // Not in a git repository - try package.json
+            const extractedUrl = getRepoUrlFromPackageJson(cwd);
+            if (!extractedUrl) {
+                console.error(pc.red('No repository URL provided.'));
+                console.log();
+                console.log('Usage:');
+                console.log(pc.dim('  skillscat submit <github-url>'));
+                console.log(pc.dim('  skillscat submit                  # reads from package.json'));
+                console.log();
+                console.log('Examples:');
+                console.log(pc.dim('  skillscat submit https://github.com/owner/repo'));
+                console.log(pc.dim('  skillscat submit owner/repo'));
+                process.exit(1);
+            }
+            repoUrl = extractedUrl;
+            console.log(pc.dim(`Using repository from package.json: ${repoUrl}`));
+        }
+    }
+    // Step 3: Validate and normalize URL
+    if (!isValidGitHubUrl(repoUrl)) {
+        console.error(pc.red('Invalid GitHub URL.'));
+        console.log();
+        console.log('Supported formats:');
+        console.log(pc.dim('  https://github.com/owner/repo'));
+        console.log(pc.dim('  git@github.com:owner/repo.git'));
+        console.log(pc.dim('  owner/repo'));
+        process.exit(1);
+    }
+    const normalizedUrl = normalizeGitHubUrl(repoUrl);
+    // Step 4: Get valid token (with auto-refresh)
+    const token = await getValidToken();
+    if (!token) {
+        console.error(pc.red('Session expired. Please log in again.'));
+        console.log(pc.dim('Run `skillscat login` to authenticate.'));
+        process.exit(1);
+    }
+    // Step 5: Submit to API
+    const displayUrl = skillPath ? `${normalizedUrl} (path: ${skillPath})` : normalizedUrl;
+    console.log(pc.cyan(`Submitting: ${displayUrl}`));
+    try {
+        const baseUrl = getBaseUrl();
+        const response = await fetch(`${baseUrl}/api/submit`, {
+            method: 'POST',
+            headers: {
+                'Authorization': `Bearer ${token}`,
+                'Content-Type': 'application/json',
+                'Origin': baseUrl,
+            },
+            body: JSON.stringify({
+                url: normalizedUrl,
+                skillPath: skillPath,
+            }),
+        });
+        const result = await response.json();
+        // Handle different response statuses
+        if (response.status === 401) {
+            console.error(pc.red('Authentication failed.'));
+            console.log(pc.dim('Your session may have expired. Run `skillscat login` to re-authenticate.'));
+            process.exit(1);
+        }
+        if (response.status === 409 && result.existingSlug) {
+            console.error(pc.yellow('This skill already exists in the registry.'));
+            console.log();
+            console.log(`View it at: ${pc.cyan(`${baseUrl}/skills/${result.existingSlug}`)}`);
+            console.log(`Install with: ${pc.cyan(`skillscat add ${result.existingSlug}`)}`);
+            process.exit(1);
+        }
+        if (response.status === 404) {
+            console.error(pc.red('Repository not found.'));
+            console.log(pc.dim('Please check the URL and ensure the repository is public.'));
+            process.exit(1);
+        }
+        if (response.status === 400) {
+            console.error(pc.red(`Submission failed: ${result.error || 'Invalid request'}`));
+            if (result.error?.includes('SKILL.md')) {
+                console.log();
+                console.log(pc.dim('Make sure your repository has a SKILL.md file in the root directory.'));
+                console.log(pc.dim('Learn more: https://skillscat.com/docs/skill-format'));
+            }
+            if (result.error?.includes('fork') || result.error?.includes('Fork')) {
+                console.log();
+                console.log(pc.dim('Please submit the original repository instead of a fork.'));
+            }
+            process.exit(1);
+        }
+        if (!response.ok || !result.success) {
+            console.error(pc.red(`Submission failed: ${result.error || result.message || 'Unknown error'}`));
+            process.exit(1);
+        }
+        // Success!
+        console.log();
+        console.log(pc.green('Skill submitted successfully!'));
+        console.log(pc.dim(result.message || 'It will appear in the catalog once processed.'));
+    }
+    catch (error) {
+        console.error(pc.red('Failed to connect to SkillsCat.'));
+        if (error instanceof Error) {
+            console.error(pc.dim(error.message));
+        }
+        process.exit(1);
+    }
+}
+
+/**
+ * Find skill by slug using two-segment path
+ */
+async function findSkillBySlug(slug, token) {
+    const { owner, name } = parseSlug(slug);
+    const response = await fetch(`${getBaseUrl()}/api/skills/${owner}/${name}`, {
+        method: 'GET',
+        headers: {
+            'Authorization': `Bearer ${token}`,
+            'User-Agent': 'skillscat-cli/0.1.0',
+        },
+    });
+    if (!response.ok) {
+        return null;
+    }
+    const data = await response.json();
+    return data.data?.skill || null;
+}
+async function unpublishSkill(slug, options) {
+    // Check authentication/session validity.
+    const token = await getValidToken();
+    if (!token) {
+        console.error(pc.red('Authentication required or session expired.'));
+        console.log(pc.dim('Run `skillscat login` to authenticate.'));
+        process.exit(1);
+    }
+    // Validate slug format
+    if (!slug.includes('/')) {
+        console.error(pc.red('Invalid slug format. Expected format: owner/skill-name'));
+        process.exit(1);
+    }
+    console.log(pc.cyan('Looking up skill...'));
+    try {
+        // Find the skill first
+        const skill = await findSkillBySlug(slug, token);
+        if (!skill) {
+            console.error(pc.red(`Skill not found: ${slug}`));
+            process.exit(1);
+        }
+        // Check if it's a private (uploaded) skill
+        if (skill.sourceType !== 'upload') {
+            console.error(pc.red('Cannot unpublish GitHub-sourced skills.'));
+            console.log(pc.dim('Remove the SKILL.md from your repository instead.'));
+            process.exit(1);
+        }
+        console.log();
+        console.log(`Skill: ${pc.cyan(skill.name)}`);
+        console.log(`Slug: ${pc.cyan(skill.slug)}`);
+        console.log();
+        // Confirm unless --yes flag is provided
+        if (!options.yes) {
+            warn('This action cannot be undone!');
+            console.log();
+            const answer = await prompt(`Unpublish ${pc.red(slug)}? Type the slug to confirm: `);
+            if (answer !== slug) {
+                console.log(pc.dim('Cancelled.'));
+                process.exit(0);
+            }
+            console.log();
+        }
+        // Unpublish the skill using two-segment path
+        console.log(pc.cyan('Unpublishing skill...'));
+        const latestToken = await getValidToken();
+        if (!latestToken) {
+            console.error(pc.red('Session expired. Please run `skillscat login` and try again.'));
+            process.exit(1);
+        }
+        const baseUrl = getBaseUrl();
+        const { owner, name } = parseSlug(slug);
+        const response = await fetch(`${baseUrl}/api/skills/${owner}/${name}`, {
+            method: 'DELETE',
+            headers: {
+                'Authorization': `Bearer ${latestToken}`,
+                'User-Agent': 'skillscat-cli/0.1.0',
+                'Origin': baseUrl,
+            },
+        });
+        const result = await response.json();
+        if (!response.ok || !result.success) {
+            console.error(pc.red(`Failed to unpublish: ${result.error || result.message || 'Unknown error'}`));
+            process.exit(1);
+        }
+        console.log(pc.green('✔ Skill unpublished successfully!'));
+    }
+    catch (error) {
+        console.error(pc.red('Failed to connect to registry.'));
+        if (error instanceof Error) {
+            console.error(pc.dim(error.message));
+        }
+        process.exit(1);
+    }
+}
+
+const DEFAULT_REGISTRY_URL = 'https://skills.cat/registry';
+const VALID_KEYS = ['registry'];
+async function configSet(key, value, options = {}) {
+    if (isVerbose()) {
+        verboseConfig();
+    }
+    if (!VALID_KEYS.includes(key)) {
+        console.error(pc.red(`Unknown config key: ${key}`));
+        console.log(pc.dim(`Valid keys: ${VALID_KEYS.join(', ')}`));
+        process.exit(1);
+    }
+    setSetting(key, value);
+    console.log(pc.green(`Set ${key} = ${value}`));
+}
+async function configGet(key, options = {}) {
+    if (isVerbose()) {
+        verboseConfig();
+    }
+    if (!VALID_KEYS.includes(key)) {
+        console.error(pc.red(`Unknown config key: ${key}`));
+        console.log(pc.dim(`Valid keys: ${VALID_KEYS.join(', ')}`));
+        process.exit(1);
+    }
+    const value = getSetting(key);
+    if (value !== undefined) {
+        console.log(value);
+    }
+    else {
+        // Show default value
+        if (key === 'registry') {
+            console.log(pc.dim(`(default) ${DEFAULT_REGISTRY_URL}`));
+        }
+        else {
+            console.log(pc.dim('(not set)'));
+        }
+    }
+}
+async function configList(options = {}) {
+    if (isVerbose()) {
+        verboseConfig();
+    }
+    const settings = loadSettings();
+    console.log(pc.bold('Configuration:'));
+    console.log();
+    console.log(`  ${pc.cyan('Config directory:')} ${getConfigDir()}`);
+    console.log();
+    console.log(pc.bold('Settings:'));
+    // Show registry
+    const registry = settings.registry;
+    if (registry) {
+        console.log(`  ${pc.cyan('registry:')} ${registry}`);
+    }
+    else {
+        console.log(`  ${pc.cyan('registry:')} ${pc.dim(`(default) ${DEFAULT_REGISTRY_URL}`)}`);
+    }
+    console.log();
+    console.log(pc.dim('Use `skillscat config set <key> <value>` to change settings.'));
+}
+async function configDelete(key, options = {}) {
+    if (isVerbose()) {
+        verboseConfig();
+    }
+    if (!VALID_KEYS.includes(key)) {
+        console.error(pc.red(`Unknown config key: ${key}`));
+        console.log(pc.dim(`Valid keys: ${VALID_KEYS.join(', ')}`));
+        process.exit(1);
+    }
+    deleteSetting(key);
+    console.log(pc.green(`Deleted ${key} (reset to default)`));
+}
+
+const program = new Command();
+program
+    .name('skillscat')
+    .description('CLI for installing agent skills from GitHub repositories')
+    .version('0.1.0')
+    .option('-v, --verbose', 'Enable verbose output')
+    .hook('preAction', (thisCommand) => {
+    const opts = thisCommand.opts();
+    if (opts.verbose) {
+        setVerbose(true);
+    }
+});
+// Main add command
+program
+    .command('add <source>')
+    .alias('a')
+    .alias('install')
+    .alias('i')
+    .description('Add a skill from a repository')
+    .option('-g, --global', 'Install to user directory instead of project')
+    .option('-a, --agent <agents...>', 'Target specific agents (e.g., claude-code, cursor)')
+    .option('-s, --skill <skills...>', 'Install specific skills by name')
+    .option('-l, --list', 'List available skills without installing')
+    .option('-y, --yes', 'Skip confirmation prompts')
+    .option('-f, --force', 'Overwrite existing skills')
+    .action(add);
+// Remove command
+program
+    .command('remove <skill>')
+    .alias('rm')
+    .alias('uninstall')
+    .description('Remove an installed skill')
+    .option('-g, --global', 'Remove from user directory')
+    .option('-a, --agent <agents...>', 'Remove from specific agents')
+    .action(remove);
+// List command
+program
+    .command('list')
+    .alias('ls')
+    .description('List installed skills')
+    .option('-g, --global', 'List skills from user directory')
+    .option('-a, --agent <agents...>', 'List skills for specific agents')
+    .option('--all', 'List all skills (project + global)')
+    .action(list);
+// Update command
+program
+    .command('update [skill]')
+    .alias('upgrade')
+    .description('Update installed skills')
+    .option('-a, --agent <agents...>', 'Update for specific agents')
+    .option('--check', 'Check for updates without installing')
+    .action(update);
+// Self-upgrade command
+program
+    .command('self-upgrade')
+    .description('Upgrade the SkillsCat CLI itself')
+    .option('-m, --manager <manager>', 'Package manager to use (npm, pnpm, bun)')
+    .action(selfUpgrade);
+// Search command (uses SkillsCat registry)
+program
+    .command('search [query]')
+    .alias('find')
+    .description('Search skills in the SkillsCat registry')
+    .option('-c, --category <category>', 'Filter by category')
+    .option('-l, --limit <number>', 'Limit results', '20')
+    .action(search);
+// Info command
+program
+    .command('info <source>')
+    .description('Show detailed information about a skill or repository')
+    .action(info);
+// Login command
+program
+    .command('login')
+    .description('Authenticate with SkillsCat')
+    .option('-t, --token <token>', 'Use an API token directly')
+    .action(login);
+// Logout command
+program
+    .command('logout')
+    .description('Sign out from SkillsCat')
+    .action(logout);
+// Whoami command
+program
+    .command('whoami')
+    .description('Show current authenticated user')
+    .action(whoami);
+// Publish command
+program
+    .command('publish <path>')
+    .description('Publish a skill to SkillsCat')
+    .option('-n, --name <name>', 'Skill name')
+    .option('-o, --org <org>', 'Publish under an organization')
+    .option('-p, --private', 'Force private visibility (default: public if org connected to GitHub)')
+    .option('-d, --description <desc>', 'Skill description')
+    .option('-y, --yes', 'Skip confirmation prompt')
+    .action(publish);
+// Submit command
+program
+    .command('submit [url]')
+    .description('Submit a GitHub repository to SkillsCat registry')
+    .action(submit);
+// Unpublish command
+program
+    .command('unpublish <slug>')
+    .alias('delete')
+    .description('Unpublish a private skill from SkillsCat')
+    .option('-y, --yes', 'Skip confirmation prompt')
+    .action(unpublishSkill);
+// Config command with subcommands
+const configCommand = program
+    .command('config')
+    .description('Manage CLI configuration');
+configCommand
+    .command('set <key> <value>')
+    .description('Set a configuration value')
+    .action(configSet);
+configCommand
+    .command('get <key>')
+    .description('Get a configuration value')
+    .action(configGet);
+configCommand
+    .command('list')
+    .description('List all configuration values')
+    .action(configList);
+configCommand
+    .command('delete <key>')
+    .alias('rm')
+    .description('Delete a configuration value (reset to default)')
+    .action(configDelete);
+// Error handling
+program.exitOverride((err) => {
+    if (err.code === 'commander.help') {
+        process.exit(0);
+    }
+    console.error(pc.red(`Error: ${err.message}`));
+    process.exit(1);
+});
+program.parse();