specli 0.0.5 → 0.0.8

package/dist/src/ai/tools.js

@@ -0,0 +1,1656 @@
+var __defProp = Object.defineProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, {
+      get: all[name],
+      enumerable: true,
+      configurable: true,
+      set: (newValue) => all[name] = () => newValue
+    });
+};
+
+// src/cli/runtime/body-flags.ts
+var exports_body_flags = {};
+__export(exports_body_flags, {
+  parseDotNotationFlags: () => parseDotNotationFlags,
+  generateBodyFlags: () => generateBodyFlags,
+  findMissingRequired: () => findMissingRequired
+});
+function generateBodyFlags(schema2, reservedFlags) {
+  if (!schema2 || schema2.type !== "object" || !schema2.properties) {
+    return [];
+  }
+  const flags = [];
+  const requiredSet = new Set(schema2.required ?? []);
+  collectFlags(schema2.properties, [], requiredSet, flags, reservedFlags);
+  return flags;
+}
+function collectFlags(properties, pathPrefix, requiredAtRoot, out, reservedFlags) {
+  for (const [name, propSchema] of Object.entries(properties)) {
+    if (!name || typeof name !== "string")
+      continue;
+    if (!propSchema || typeof propSchema !== "object")
+      continue;
+    const path = [...pathPrefix, name];
+    const flagName = `--${path.join(".")}`;
+    if (reservedFlags.has(flagName))
+      continue;
+    const t = propSchema.type;
+    if (t === "object" && propSchema.properties) {
+      const nestedRequired = new Set(propSchema.required ?? []);
+      collectFlags(propSchema.properties, path, nestedRequired, out, reservedFlags);
+    } else if (t === "string" || t === "number" || t === "integer" || t === "boolean") {
+      const isRequired = pathPrefix.length === 0 ? requiredAtRoot.has(name) : false;
+      out.push({
+        flag: flagName,
+        path,
+        type: t,
+        description: propSchema.description ?? `Body field '${path.join(".")}'`,
+        required: isRequired
+      });
+    }
+  }
+}
+function parseDotNotationFlags(flagValues, flagDefs) {
+  const result = {};
+  for (const def of flagDefs) {
+    const dotKey = def.path.join(".");
+    const value = flagValues[dotKey];
+    if (value === undefined)
+      continue;
+    setNestedValue(result, def.path, value, def.type);
+  }
+  return result;
+}
+function setNestedValue(obj, path, value, type) {
+  let current = obj;
+  for (let i = 0;i < path.length - 1; i++) {
+    const key = path[i];
+    if (!(key in current) || typeof current[key] !== "object") {
+      current[key] = {};
+    }
+    current = current[key];
+  }
+  const finalKey = path[path.length - 1];
+  if (type === "boolean") {
+    current[finalKey] = true;
+  } else if (type === "integer") {
+    current[finalKey] = Number.parseInt(String(value), 10);
+  } else if (type === "number") {
+    current[finalKey] = Number(String(value));
+  } else {
+    current[finalKey] = String(value);
+  }
+}
+function findMissingRequired(flagValues, flagDefs) {
+  const missing = [];
+  for (const def of flagDefs) {
+    if (!def.required)
+      continue;
+    const dotKey = def.path.join(".");
+    if (flagValues[dotKey] === undefined) {
+      missing.push(dotKey);
+    }
+  }
+  return missing;
+}
+
+// src/ai/tools.ts
+import { tool } from "ai";
+import { z } from "zod";
+
+// src/cli/strings.ts
+function kebabCase(input) {
+  const trimmed = input.trim();
+  if (!trimmed)
+    return "";
+  return trimmed.replace(/([a-z0-9])([A-Z])/g, "$1-$2").replace(/[\s_.:/]+/g, "-").replace(/[^a-zA-Z0-9-]/g, "-").replace(/-+/g, "-").replace(/^-|-$/g, "").toLowerCase();
+}
+
+// src/cli/auth-schemes.ts
+function parseOAuthFlow(flow) {
+  if (!flow)
+    return;
+  const scopesObj = flow.scopes;
+  const scopes = scopesObj && typeof scopesObj === "object" && !Array.isArray(scopesObj) ? Object.keys(scopesObj) : [];
+  return {
+    authorizationUrl: typeof flow.authorizationUrl === "string" ? flow.authorizationUrl : undefined,
+    tokenUrl: typeof flow.tokenUrl === "string" ? flow.tokenUrl : undefined,
+    refreshUrl: typeof flow.refreshUrl === "string" ? flow.refreshUrl : undefined,
+    scopes: scopes.sort()
+  };
+}
+function parseOAuthFlows(flows) {
+  if (!flows)
+    return;
+  const out = {};
+  const implicit = parseOAuthFlow(flows.implicit);
+  if (implicit)
+    out.implicit = implicit;
+  const password = parseOAuthFlow(flows.password);
+  if (password)
+    out.password = password;
+  const clientCredentials = parseOAuthFlow(flows.clientCredentials);
+  if (clientCredentials)
+    out.clientCredentials = clientCredentials;
+  const authorizationCode = parseOAuthFlow(flows.authorizationCode);
+  if (authorizationCode)
+    out.authorizationCode = authorizationCode;
+  return Object.keys(out).length ? out : undefined;
+}
+function listAuthSchemes(doc) {
+  const schemes = doc.components?.securitySchemes;
+  if (!schemes || typeof schemes !== "object")
+    return [];
+  const out = [];
+  for (const [key, raw] of Object.entries(schemes)) {
+    if (!raw || typeof raw !== "object")
+      continue;
+    const s = raw;
+    const type = s.type;
+    if (type === "http") {
+      const scheme = (s.scheme ?? "").toLowerCase();
+      if (scheme === "bearer") {
+        out.push({
+          key,
+          kind: "http-bearer",
+          scheme,
+          bearerFormat: s.bearerFormat,
+          description: s.description
+        });
+      } else if (scheme === "basic") {
+        out.push({
+          key,
+          kind: "http-basic",
+          scheme,
+          description: s.description
+        });
+      } else {
+        out.push({
+          key,
+          kind: "unknown",
+          scheme: s.scheme,
+          description: s.description
+        });
+      }
+      continue;
+    }
+    if (type === "apiKey") {
+      const where = s.in;
+      const loc = where === "header" || where === "query" || where === "cookie" ? where : undefined;
+      out.push({
+        key,
+        kind: "api-key",
+        name: s.name,
+        in: loc,
+        description: s.description
+      });
+      continue;
+    }
+    if (type === "oauth2") {
+      out.push({
+        key,
+        kind: "oauth2",
+        description: s.description,
+        oauthFlows: parseOAuthFlows(s.flows)
+      });
+      continue;
+    }
+    if (type === "openIdConnect") {
+      out.push({
+        key,
+        kind: "openIdConnect",
+        description: s.description,
+        openIdConnectUrl: s.openIdConnectUrl
+      });
+      continue;
+    }
+    out.push({ key, kind: "unknown", description: s.description });
+  }
+  out.sort((a, b) => kebabCase(a.key).localeCompare(kebabCase(b.key)));
+  return out;
+}
+
+// src/cli/capabilities.ts
+function uniqueSorted(items, compare) {
+  const out = [...items];
+  out.sort(compare);
+  return out.filter((v, i) => i === 0 || compare(out[i - 1], v) !== 0);
+}
+function hasSecurity(requirements) {
+  if (!requirements?.length)
+    return false;
+  return true;
+}
+function deriveCapabilities(input) {
+  const serverHasVars = input.servers.some((s) => s.variableNames.length > 0);
+  const authKinds = uniqueSorted(input.authSchemes.map((s) => s.kind), (a, b) => a.localeCompare(b));
+  const hasSecurityRequirements = hasSecurity(input.doc.security) || input.operations.some((op) => hasSecurity(op.security));
+  const opHasBodies = input.operations.some((op) => Boolean(op.requestBody));
+  const cmdResources = input.commands?.resources ?? [];
+  const cmdActions = cmdResources.flatMap((r) => r.actions);
+  const cmdHasBodies = cmdActions.some((a) => Boolean(a.requestBody));
+  return {
+    servers: {
+      count: input.servers.length,
+      hasVariables: serverHasVars
+    },
+    auth: {
+      count: input.authSchemes.length,
+      kinds: authKinds,
+      hasSecurityRequirements
+    },
+    operations: {
+      count: input.operations.length,
+      hasRequestBodies: opHasBodies
+    },
+    commands: {
+      countResources: cmdResources.length,
+      countActions: cmdActions.length,
+      hasRequestBodies: cmdHasBodies
+    }
+  };
+}
+
+// src/cli/command-index.ts
+function buildCommandsIndex(commands) {
+  const byId = {};
+  for (const resource of commands?.resources ?? []) {
+    for (const action of resource.actions) {
+      byId[action.id] = action;
+    }
+  }
+  return { byId };
+}
+
+// src/cli/auth-requirements.ts
+function isSecurityRequirement(value) {
+  if (!value || typeof value !== "object")
+    return false;
+  if (Array.isArray(value))
+    return false;
+  for (const [k, v] of Object.entries(value)) {
+    if (typeof k !== "string")
+      return false;
+    if (!Array.isArray(v))
+      return false;
+    if (!v.every((s) => typeof s === "string"))
+      return false;
+  }
+  return true;
+}
+function normalizeSecurity(value) {
+  if (value == null)
+    return { requirements: [], source: "none" };
+  if (!Array.isArray(value))
+    return { requirements: [], source: "none" };
+  const reqs = value.filter(isSecurityRequirement);
+  if (reqs.length === 0)
+    return { requirements: [], source: "empty" };
+  return { requirements: reqs, source: "non-empty" };
+}
+function summarizeAuth(operationSecurity, globalSecurity, knownSchemes) {
+  const op = normalizeSecurity(operationSecurity);
+  if (op.source === "non-empty") {
+    return { alternatives: toAlternatives(op.requirements, knownSchemes) };
+  }
+  if (op.source === "empty") {
+    return { alternatives: [] };
+  }
+  const global = normalizeSecurity(globalSecurity);
+  if (global.source === "non-empty") {
+    return { alternatives: toAlternatives(global.requirements, knownSchemes) };
+  }
+  return { alternatives: [] };
+}
+function toAlternatives(requirements, knownSchemes) {
+  const known = new Set(knownSchemes.map((s) => s.key));
+  return requirements.map((req) => {
+    const out = [];
+    for (const [key, scopes] of Object.entries(req)) {
+      out.push({
+        key,
+        scopes: Array.isArray(scopes) ? scopes : []
+      });
+    }
+    out.sort((a, b) => a.key.localeCompare(b.key));
+    out.sort((a, b) => {
+      const ak = known.has(a.key) ? 0 : 1;
+      const bk = known.has(b.key) ? 0 : 1;
+      if (ak !== bk)
+        return ak - bk;
+      return a.key.localeCompare(b.key);
+    });
+    return out;
+  });
+}
+
+// src/cli/command-id.ts
+function buildCommandId(parts) {
+  const op = kebabCase(parts.operationKey.replace(/\s+/g, "-"));
+  return `${parts.specId}:${kebabCase(parts.resource)}:${kebabCase(parts.action)}:${op}`;
+}
+
+// src/cli/schema-shape.ts
+function getSchemaType(schema) {
+  if (!schema || typeof schema !== "object")
+    return "unknown";
+  const t = schema.type;
+  if (t === "string")
+    return "string";
+  if (t === "number")
+    return "number";
+  if (t === "integer")
+    return "integer";
+  if (t === "boolean")
+    return "boolean";
+  if (t === "array")
+    return "array";
+  if (t === "object")
+    return "object";
+  return "unknown";
+}
+function getSchemaFormat(schema) {
+  if (!schema || typeof schema !== "object")
+    return;
+  const f = schema.format;
+  return typeof f === "string" ? f : undefined;
+}
+function getSchemaEnumStrings(schema) {
+  if (!schema || typeof schema !== "object")
+    return;
+  const e = schema.enum;
+  if (!Array.isArray(e))
+    return;
+  const values = e.filter((v) => typeof v === "string");
+  return values.length ? values : undefined;
+}
+
+// src/cli/params.ts
+function deriveParamSpecs(op) {
+  const out = [];
+  for (const p of op.parameters) {
+    const flag = `--${kebabCase(p.name)}`;
+    const type = getSchemaType(p.schema);
+    const schemaObj = p.schema && typeof p.schema === "object" ? p.schema : undefined;
+    const itemsSchema = schemaObj && type === "array" && typeof schemaObj.items === "object" ? schemaObj.items : undefined;
+    out.push({
+      kind: p.in === "path" ? "positional" : "flag",
+      in: p.in,
+      name: p.name,
+      flag,
+      required: p.required,
+      description: p.description,
+      type,
+      format: getSchemaFormat(p.schema),
+      enum: getSchemaEnumStrings(p.schema),
+      itemType: type === "array" ? getSchemaType(itemsSchema) : undefined,
+      itemFormat: type === "array" ? getSchemaFormat(itemsSchema) : undefined,
+      itemEnum: type === "array" ? getSchemaEnumStrings(itemsSchema) : undefined,
+      schema: schemaObj
+    });
+  }
+  out.sort((a, b) => {
+    if (a.in !== b.in)
+      return a.in.localeCompare(b.in);
+    return a.name.localeCompare(b.name);
+  });
+  return out;
+}
+
+// src/cli/positional.ts
+function derivePositionals(action) {
+  const byName = new Map;
+  for (const name of action.pathArgs) {
+    const p = action.params.find((x) => x.in === "path" && x.name === name);
+    byName.set(name, {
+      name,
+      required: true,
+      description: p?.description,
+      type: p?.type ?? "unknown",
+      format: p?.format,
+      enum: p?.enum
+    });
+  }
+  return [...byName.values()];
+}
+function deriveFlags(action) {
+  return {
+    flags: action.params.filter((p) => p.kind === "flag").map((p) => ({
+      in: p.in,
+      name: p.name,
+      flag: p.flag,
+      required: p.required,
+      description: p.description,
+      type: p.type,
+      format: p.format,
+      enum: p.enum,
+      itemType: p.itemType,
+      itemFormat: p.itemFormat,
+      itemEnum: p.itemEnum
+    }))
+  };
+}
+
+// src/cli/types.ts
+function isJsonSchema(value) {
+  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
+}
+
+// src/cli/request-body.ts
+function getRequestBody(op) {
+  return op.requestBody;
+}
+function deriveRequestBodyInfo(op) {
+  const rb = getRequestBody(op);
+  if (!rb)
+    return;
+  const content = [];
+  for (const contentType of rb.contentTypes) {
+    const schema = rb.schemasByContentType[contentType];
+    content.push({
+      contentType,
+      required: rb.required,
+      schemaType: getSchemaType(schema),
+      schemaFormat: getSchemaFormat(schema),
+      schemaEnum: getSchemaEnumStrings(schema)
+    });
+  }
+  content.sort((a, b) => a.contentType.localeCompare(b.contentType));
+  const hasJson = content.some((c) => c.contentType.includes("json"));
+  const hasFormUrlEncoded = content.some((c) => c.contentType === "application/x-www-form-urlencoded");
+  const hasMultipart = content.some((c) => c.contentType.startsWith("multipart/"));
+  const bodyFlags = ["--data", "--file"];
+  const preferredContentType = content.find((c) => c.contentType === "application/json")?.contentType ?? content.find((c) => c.contentType.includes("json"))?.contentType ?? content[0]?.contentType;
+  const preferredSchema = preferredContentType ? rb.schemasByContentType[preferredContentType] : undefined;
+  return {
+    required: rb.required,
+    content,
+    hasJson,
+    hasFormUrlEncoded,
+    hasMultipart,
+    bodyFlags,
+    preferredContentType,
+    preferredSchema: isJsonSchema(preferredSchema) ? preferredSchema : undefined
+  };
+}
+
+// src/cli/command-model.ts
+function buildCommandModel(planned, options) {
+  const byResource = new Map;
+  for (const op of planned) {
+    const list = byResource.get(op.resource) ?? [];
+    const params = deriveParamSpecs(op);
+    const positionals = derivePositionals({ pathArgs: op.pathArgs, params });
+    const flags = deriveFlags({ pathArgs: op.pathArgs, params });
+    list.push({
+      id: buildCommandId({
+        specId: options.specId,
+        resource: op.resource,
+        action: op.action,
+        operationKey: op.key
+      }),
+      key: op.key,
+      action: op.action,
+      pathArgs: op.pathArgs,
+      method: op.method,
+      path: op.path,
+      operationId: op.operationId,
+      tags: op.tags,
+      summary: op.summary,
+      description: op.description,
+      deprecated: op.deprecated,
+      style: op.style,
+      params,
+      positionals,
+      flags: flags.flags,
+      auth: summarizeAuth(op.security, options.globalSecurity, options.authSchemes ?? []),
+      requestBody: deriveRequestBodyInfo(op),
+      requestBodySchema: deriveRequestBodyInfo(op)?.preferredSchema
+    });
+    byResource.set(op.resource, list);
+  }
+  const resources = [];
+  for (const [resource, actions] of byResource.entries()) {
+    actions.sort((a, b) => {
+      if (a.action !== b.action)
+        return a.action.localeCompare(b.action);
+      if (a.path !== b.path)
+        return a.path.localeCompare(b.path);
+      return a.method.localeCompare(b.method);
+    });
+    resources.push({ resource, actions });
+  }
+  resources.sort((a, b) => a.resource.localeCompare(b.resource));
+  return { resources };
+}
+
+// src/cli/pluralize.ts
+var IRREGULAR = {
+  person: "people",
+  man: "men",
+  woman: "women",
+  child: "children",
+  tooth: "teeth",
+  foot: "feet",
+  mouse: "mice",
+  goose: "geese"
+};
+var UNCOUNTABLE = new Set([
+  "metadata",
+  "information",
+  "equipment",
+  "money",
+  "series",
+  "species"
+]);
+function pluralize(word) {
+  const w = word.trim();
+  if (!w)
+    return w;
+  const lower = w.toLowerCase();
+  if (UNCOUNTABLE.has(lower))
+    return lower;
+  if (IRREGULAR[lower])
+    return IRREGULAR[lower];
+  if (lower.endsWith("s"))
+    return lower;
+  if (/[bcdfghjklmnpqrstvwxyz]y$/.test(lower)) {
+    return lower.replace(/y$/, "ies");
+  }
+  if (/(ch|sh|x|z)$/.test(lower)) {
+    return `${lower}es`;
+  }
+  return `${lower}s`;
+}
+
+// src/cli/naming.ts
+var GENERIC_TAGS = new Set(["default", "defaults", "api"]);
+function getPathSegments(path) {
+  return path.split("/").map((s) => s.trim()).filter(Boolean);
+}
+function getPathArgs(path) {
+  const args = [];
+  const re = /\{([^}]+)\}/g;
+  while (true) {
+    const match = re.exec(path);
+    if (!match)
+      break;
+    args.push(match[1]);
+  }
+  return args;
+}
+function pickResourceFromTags(tags) {
+  if (!tags.length)
+    return;
+  const first = tags[0]?.trim();
+  if (!first)
+    return;
+  if (GENERIC_TAGS.has(first.toLowerCase()))
+    return;
+  return first;
+}
+function splitOperationId(operationId) {
+  const trimmed = operationId.trim();
+  if (!trimmed)
+    return {};
+  if (trimmed.includes(".")) {
+    const [prefix, ...rest] = trimmed.split(".");
+    return { prefix, suffix: rest.join(".") };
+  }
+  if (trimmed.includes("__")) {
+    const [prefix, ...rest] = trimmed.split("__");
+    return { prefix, suffix: rest.join("__") };
+  }
+  if (trimmed.includes("_")) {
+    const [prefix, ...rest] = trimmed.split("_");
+    return { prefix, suffix: rest.join("_") };
+  }
+  return { suffix: trimmed };
+}
+function inferStyle(op) {
+  if (op.path.includes("."))
+    return "rpc";
+  if (op.operationId?.includes(".") && op.method === "POST")
+    return "rpc";
+  return "rest";
+}
+function inferResource(op) {
+  const tag = pickResourceFromTags(op.tags);
+  if (tag)
+    return pluralize(kebabCase(tag));
+  if (op.operationId) {
+    const { prefix } = splitOperationId(op.operationId);
+    if (prefix) {
+      const fromId = kebabCase(prefix);
+      if (fromId === "ping")
+        return "ping";
+      return pluralize(fromId);
+    }
+  }
+  const segments = getPathSegments(op.path);
+  let first = segments[0] ?? "api";
+  first = first.includes(".") ? first.split(".")[0] : first;
+  if (first.toLowerCase() === "ping")
+    return "ping";
+  const cleaned = first.replace(/^\{.+\}$/, "");
+  return pluralize(kebabCase(cleaned || "api"));
+}
+function canonicalizeAction(action) {
+  const a = kebabCase(action);
+  if (a === "retrieve" || a === "read")
+    return "get";
+  if (a === "list" || a === "search")
+    return "list";
+  if (a === "create")
+    return "create";
+  if (a === "update" || a === "patch")
+    return "update";
+  if (a === "delete" || a === "remove")
+    return "delete";
+  return a;
+}
+function inferRestAction(op) {
+  if (op.operationId) {
+    const { suffix } = splitOperationId(op.operationId);
+    if (suffix) {
+      const fromId = canonicalizeAction(suffix);
+      if (fromId === "get" || fromId === "list" || fromId === "create" || fromId === "update" || fromId === "delete") {
+        return fromId;
+      }
+    }
+  }
+  const method = op.method.toUpperCase();
+  const args = getPathArgs(op.path);
+  const hasId = args.length > 0;
+  if (method === "GET" && !hasId)
+    return "list";
+  if (method === "POST" && !hasId)
+    return "create";
+  if (method === "GET" && hasId)
+    return "get";
+  if ((method === "PUT" || method === "PATCH") && hasId)
+    return "update";
+  if (method === "DELETE" && hasId)
+    return "delete";
+  return kebabCase(method);
+}
+function inferRpcAction(op) {
+  if (op.operationId) {
+    const { suffix } = splitOperationId(op.operationId);
+    if (suffix)
+      return canonicalizeAction(suffix);
+  }
+  const segments = getPathSegments(op.path);
+  const last = segments[segments.length - 1] ?? "";
+  if (last.includes(".")) {
+    const part = last.split(".").pop() ?? last;
+    return canonicalizeAction(part);
+  }
+  return kebabCase(op.method);
+}
+function planOperation(op) {
+  const style = inferStyle(op);
+  const resource = inferResource(op);
+  const action = style === "rpc" ? inferRpcAction(op) : inferRestAction(op);
+  return {
+    ...op,
+    key: op.key,
+    style,
+    resource,
+    action,
+    canonicalAction: action,
+    pathArgs: getPathArgs(op.path).map((a) => kebabCase(a))
+  };
+}
+function planOperations(ops) {
+  const planned = ops.map(planOperation);
+  const counts = new Map;
+  for (const op of planned) {
+    const key = `${op.resource}:${op.action}`;
+    counts.set(key, (counts.get(key) ?? 0) + 1);
+  }
+  const seen = new Map;
+  return planned.map((op) => {
+    const key = `${op.resource}:${op.action}`;
+    const total = counts.get(key) ?? 0;
+    if (total <= 1)
+      return op;
+    const idx = (seen.get(key) ?? 0) + 1;
+    seen.set(key, idx);
+    const suffix = op.operationId ? kebabCase(op.operationId) : kebabCase(`${op.method}-${op.path}`);
+    const disambiguatedAction = `${op.action}-${suffix}-${idx}`;
+    return {
+      ...op,
+      action: disambiguatedAction,
+      aliasOf: `${op.resource} ${op.canonicalAction}`
+    };
+  });
+}
+
+// src/cli/operations.ts
+function operationKey(method, path) {
+  return `${method.toUpperCase()} ${path}`;
+}
+var HTTP_METHODS = [
+  "get",
+  "post",
+  "put",
+  "patch",
+  "delete",
+  "options",
+  "head",
+  "trace"
+];
+function normalizeParam(p) {
+  if (!p || typeof p !== "object")
+    return;
+  const loc = p.in;
+  const name = p.name;
+  if (loc !== "path" && loc !== "query" && loc !== "header" && loc !== "cookie") {
+    return;
+  }
+  if (!name)
+    return;
+  return {
+    in: loc,
+    name,
+    required: Boolean(p.required || loc === "path"),
+    description: p.description,
+    schema: p.schema
+  };
+}
+function mergeParameters(pathParams, opParams) {
+  const merged = new Map;
+  for (const p of pathParams ?? []) {
+    const normalized = normalizeParam(p);
+    if (!normalized)
+      continue;
+    merged.set(`${normalized.in}:${normalized.name}`, normalized);
+  }
+  for (const p of opParams ?? []) {
+    const normalized = normalizeParam(p);
+    if (!normalized)
+      continue;
+    merged.set(`${normalized.in}:${normalized.name}`, normalized);
+  }
+  return [...merged.values()];
+}
+function normalizeRequestBody(rb) {
+  if (!rb)
+    return;
+  const content = rb.content ?? {};
+  const contentTypes = Object.keys(content);
+  const schemasByContentType = {};
+  for (const contentType of contentTypes) {
+    schemasByContentType[contentType] = content[contentType]?.schema;
+  }
+  return {
+    required: Boolean(rb.required),
+    contentTypes,
+    schemasByContentType
+  };
+}
+function indexOperations(doc) {
+  const out = [];
+  const paths = doc.paths ?? {};
+  for (const [path, rawPathItem] of Object.entries(paths)) {
+    if (!rawPathItem || typeof rawPathItem !== "object")
+      continue;
+    const pathItem = rawPathItem;
+    for (const method of HTTP_METHODS) {
+      const op = pathItem[method];
+      if (!op)
+        continue;
+      const parameters = mergeParameters(pathItem.parameters, op.parameters);
+      const normalizedMethod = method.toUpperCase();
+      out.push({
+        key: operationKey(normalizedMethod, path),
+        method: normalizedMethod,
+        path,
+        operationId: op.operationId,
+        tags: op.tags ?? [],
+        summary: op.summary,
+        description: op.description,
+        deprecated: op.deprecated,
+        security: op.security ?? doc.security,
+        parameters,
+        requestBody: normalizeRequestBody(op.requestBody)
+      });
+    }
+  }
+  out.sort((a, b) => {
+    if (a.path !== b.path)
+      return a.path.localeCompare(b.path);
+    return a.method.localeCompare(b.method);
+  });
+  return out;
+}
+
+// src/cli/schema.ts
+function buildSchemaOutput(loaded, operations, planned, servers, authSchemes, commands, commandsIndex, capabilities) {
+  return {
+    schemaVersion: 1,
+    openapi: {
+      version: loaded.doc.openapi,
+      title: loaded.doc.info?.title,
+      infoVersion: loaded.doc.info?.version
+    },
+    spec: {
+      id: loaded.id,
+      fingerprint: loaded.fingerprint,
+      source: loaded.source
+    },
+    capabilities,
+    servers,
+    authSchemes,
+    operations,
+    planned,
+    commands,
+    commandsIndex
+  };
+}
+
+// src/cli/server.ts
+function extractVariableNames(url) {
+  const names = [];
+  const re = /\{([^}]+)\}/g;
+  while (true) {
+    const match = re.exec(url);
+    if (!match)
+      break;
+    names.push(match[1] ?? "");
+  }
+  return names.map((n) => n.trim()).filter(Boolean);
+}
+function listServers(doc) {
+  const servers = doc.servers ?? [];
+  const out = [];
+  for (const raw of servers) {
+    const s = raw;
+    if (!s || typeof s !== "object")
+      continue;
+    if (typeof s.url !== "string")
+      continue;
+    const variableNames = extractVariableNames(s.url);
+    const variables = [];
+    const rawVars = s.variables && typeof s.variables === "object" && !Array.isArray(s.variables) ? s.variables : {};
+    for (const name of variableNames) {
+      const v = rawVars[name];
+      const def = v?.default;
+      const desc = v?.description;
+      variables.push({
+        name,
+        default: typeof def === "string" ? def : undefined,
+        enum: getSchemaEnumStrings(v),
+        description: typeof desc === "string" ? desc : undefined
+      });
+    }
+    out.push({
+      url: s.url,
+      description: typeof s.description === "string" ? s.description : undefined,
+      variables,
+      variableNames
+    });
+  }
+  return out;
+}
+
+// src/cli/spec-loader.ts
+import SwaggerParser from "@apidevtools/swagger-parser";
+
+// src/cli/crypto.ts
+async function sha256Hex(text) {
+  const data = new TextEncoder().encode(text);
+  const hash = await crypto.subtle.digest("SHA-256", data);
+  const bytes = new Uint8Array(hash);
+  let out = "";
+  for (const b of bytes)
+    out += b.toString(16).padStart(2, "0");
+  return out;
+}
+
+// src/cli/runtime/compat.ts
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { parse as parseYaml } from "yaml";
+var isBun = typeof globalThis.Bun !== "undefined";
+async function readFileText(path) {
+  if (isBun) {
+    return Bun.file(path).text();
+  }
+  return readFileSync(path, "utf-8");
+}
+async function fileExists(path) {
+  if (isBun) {
+    return Bun.file(path).exists();
+  }
+  return existsSync(path);
+}
+function parseYamlContent(text) {
+  if (isBun) {
+    const { YAML } = globalThis.Bun;
+    return YAML.parse(text);
+  }
+  return parseYaml(text);
+}
+
+// src/cli/spec-id.ts
+function getSpecId(loaded) {
+  const title = loaded.doc.info?.title;
+  const fromTitle = title ? kebabCase(title) : "";
+  if (fromTitle)
+    return fromTitle;
+  return loaded.fingerprint.slice(0, 12);
+}
+
+// src/cli/stable-json.ts
+function stableStringify(value, options) {
+  const visiting = new WeakSet;
+  return JSON.stringify(sort(value, visiting), null, options?.space);
+}
+function sort(value, visiting) {
+  if (value === null)
+    return null;
+  if (Array.isArray(value)) {
+    if (visiting.has(value))
+      return { __specli_circular: true };
+    visiting.add(value);
+    const out = value.map((v) => sort(v, visiting));
+    visiting.delete(value);
+    return out;
+  }
+  if (typeof value === "object") {
+    if (visiting.has(value))
+      return { __specli_circular: true };
+    visiting.add(value);
+    const obj = value;
+    const out = {};
+    for (const key of Object.keys(obj).sort()) {
+      out[key] = sort(obj[key], visiting);
+    }
+    visiting.delete(value);
+    return out;
+  }
+  return value;
+}
+
+// src/cli/spec-loader.ts
+function isProbablyUrl(input) {
+  return /^https?:\/\//i.test(input);
+}
+function parseSpecText(text) {
+  const trimmed = text.trimStart();
+  if (trimmed.startsWith("{") || trimmed.startsWith("[")) {
+    return JSON.parse(text);
+  }
+  return parseYamlContent(text);
+}
+async function loadSpec(options) {
+  const { spec, embeddedSpecText } = options;
+  let source;
+  let inputForParser;
+  if (typeof embeddedSpecText === "string") {
+    source = "embedded";
+    inputForParser = parseSpecText(embeddedSpecText);
+  } else if (spec) {
+    source = isProbablyUrl(spec) ? "url" : "file";
+    inputForParser = spec;
+  } else {
+    throw new Error("Missing spec. Provide --spec <url|path> or build with an embedded spec.");
+  }
+  const doc = await SwaggerParser.dereference(inputForParser);
+  if (!doc || typeof doc !== "object" || typeof doc.openapi !== "string") {
+    throw new Error("Loaded spec is not a valid OpenAPI document");
+  }
+  const fingerprint = await sha256Hex(stableStringify(doc));
+  const id = getSpecId({ doc, fingerprint });
+  return { source, id, fingerprint, doc };
+}
+
+// src/cli/runtime/context.ts
+async function buildRuntimeContext(options) {
+  const loaded = await loadSpec({
+    spec: options.spec,
+    embeddedSpecText: options.embeddedSpecText
+  });
+  const operations = indexOperations(loaded.doc);
+  const servers = listServers(loaded.doc);
+  const authSchemes = listAuthSchemes(loaded.doc);
+  const planned = planOperations(operations);
+  const commands = buildCommandModel(planned, {
+    specId: loaded.id,
+    globalSecurity: loaded.doc.security,
+    authSchemes
+  });
+  const commandsIndex = buildCommandsIndex(commands);
+  const capabilities = deriveCapabilities({
+    doc: loaded.doc,
+    servers,
+    authSchemes,
+    operations,
+    commands
+  });
+  const schema = buildSchemaOutput(loaded, operations, planned, servers, authSchemes, commands, commandsIndex, capabilities);
+  return {
+    loaded,
+    operations,
+    servers,
+    authSchemes,
+    planned,
+    commands,
+    commandsIndex,
+    capabilities,
+    schema
+  };
+}
+
+// src/cli/runtime/auth/resolve.ts
+var BEARER_COMPATIBLE_KINDS = new Set([
+  "http-bearer",
+  "oauth2",
+  "openIdConnect"
+]);
+function resolveAuthScheme(authSchemes, required, inputs) {
+  if (inputs.flagAuthScheme)
+    return inputs.flagAuthScheme;
+  if (inputs.profileAuthScheme && authSchemes.some((s) => s.key === inputs.profileAuthScheme)) {
+    return inputs.profileAuthScheme;
+  }
+  if (inputs.embeddedAuthScheme && authSchemes.some((s) => s.key === inputs.embeddedAuthScheme)) {
+    return inputs.embeddedAuthScheme;
+  }
+  const alts = required.alternatives;
+  if (alts.length === 1 && alts[0]?.length === 1)
+    return alts[0][0]?.key;
+  if (authSchemes.length === 1)
+    return authSchemes[0]?.key;
+  if (inputs.hasStoredToken && alts.length > 0) {
+    for (const alt of alts) {
+      if (alt.length !== 1)
+        continue;
+      const key = alt[0]?.key;
+      const scheme = authSchemes.find((s) => s.key === key);
+      if (scheme && BEARER_COMPATIBLE_KINDS.has(scheme.kind)) {
+        return key;
+      }
+    }
+  }
+  return;
+}
+
+// src/cli/runtime/profile/secrets.ts
+var bunLiteral = "bun";
+function secretServiceForSpec(specId) {
+  return `specli:${specId}`;
+}
+function tokenSecretKey(specId, profile) {
+  return {
+    service: secretServiceForSpec(specId),
+    name: `profile:${profile}:token`
+  };
+}
+async function getToken(specId, profile) {
+  if (!isBun) {
+    return null;
+  }
+  const { secrets } = await import(bunLiteral);
+  const key = tokenSecretKey(specId, profile);
+  return await secrets.get({ service: key.service, name: key.name });
+}
+
+// src/cli/runtime/profile/store.ts
+function configDir() {
+  const home = process.env.HOME;
+  if (!home)
+    throw new Error("Missing HOME env var");
+  return `${home}/.config/specli`;
+}
+function configPathJson() {
+  return `${configDir()}/profiles.json`;
+}
+function configPathYaml() {
+  return `${configDir()}/profiles.yaml`;
+}
+async function readProfiles() {
+  const jsonPath = configPathJson();
+  const yamlPath = configPathYaml();
+  const jsonExists = await fileExists(jsonPath);
+  const yamlExists = await fileExists(yamlPath);
+  const filePath = jsonExists ? jsonPath : yamlExists ? yamlPath : null;
+  if (!filePath)
+    return { profiles: [] };
+  const text = await readFileText(filePath);
+  let parsed;
+  try {
+    parsed = parseYamlContent(text);
+  } catch {
+    parsed = JSON.parse(text);
+  }
+  const obj = parsed && typeof parsed === "object" ? parsed : {};
+  const profiles = Array.isArray(obj.profiles) ? obj.profiles : [];
+  return {
+    profiles: profiles.filter(Boolean),
+    defaultProfile: typeof obj.defaultProfile === "string" ? obj.defaultProfile : undefined
+  };
+}
+function getProfile(data, name) {
+  const wanted = name ?? data.defaultProfile;
+  if (!wanted)
+    return;
+  return data.profiles.find((p) => p?.name === wanted);
+}
+
+// src/cli/runtime/template.ts
+function extractTemplateVars(template) {
+  const out = [];
+  const re = /\{([^}]+)\}/g;
+  while (true) {
+    const match = re.exec(template);
+    if (!match)
+      break;
+    out.push((match[1] ?? "").trim());
+  }
+  return out.filter(Boolean);
+}
+function applyTemplate(template, vars, options) {
+  const encode = options?.encode ?? false;
+  return template.replace(/\{([^}]+)\}/g, (_, rawName) => {
+    const name = String(rawName).trim();
+    const value = vars[name];
+    if (typeof value !== "string") {
+      throw new Error(`Missing template variable: ${name}`);
+    }
+    return encode ? encodeURIComponent(value) : value;
+  });
+}
+
+// src/cli/runtime/server-url.ts
+function resolveServerUrl(input) {
+  const base = input.serverOverride || input.servers[0]?.url;
+  if (!base) {
+    throw new Error("No server URL found. Provide --server <url> or define servers in the OpenAPI spec.");
+  }
+  const names = extractTemplateVars(base);
+  if (!names.length)
+    return base;
+  const vars = {};
+  for (const name of names) {
+    const provided = input.serverVars[name];
+    if (typeof provided === "string") {
+      vars[name] = provided;
+      continue;
+    }
+    const match = input.servers.find((s) => s.url === base);
+    const v = match?.variables.find((x) => x.name === name);
+    if (typeof v?.default === "string") {
+      vars[name] = v.default;
+      continue;
+    }
+    throw new Error(`Missing server variable '${name}'. Provide --server-var ${name}=...`);
+  }
+  return applyTemplate(base, vars);
+}
+
+// src/cli/runtime/validate/ajv.ts
+import Ajv from "ajv";
+import addFormats from "ajv-formats";
+function createAjv() {
+  const ajv = new Ajv({
+    allErrors: true,
+    strict: false,
+    coerceTypes: false
+  });
+  addFormats(ajv);
+  return ajv;
+}
+// src/cli/runtime/validate/coerce.ts
+import { InvalidArgumentError } from "commander";
+// src/cli/runtime/validate/error.ts
+function formatAjvErrors(errors) {
+  if (!errors?.length)
+    return "Invalid input";
+  return errors.map((e) => {
+    const path = e.instancePath || e.schemaPath || "";
+    if (e.keyword === "required" && e.params && typeof e.params === "object" && "missingProperty" in e.params) {
+      const missing = String(e.params.missingProperty);
+      const where = e.instancePath || "/";
+      return `${where} missing required property '${missing}'`.trim();
+    }
+    const msg = e.message || "invalid";
+    return `${path} ${msg}`.trim();
+  }).join(`
+`);
+}
+// src/cli/runtime/validate/schema.ts
+function deriveValidationSchemas(action) {
+  const query = { type: "object", properties: {}, required: [] };
+  const header = { type: "object", properties: {}, required: [] };
+  const cookie = { type: "object", properties: {}, required: [] };
+  for (const p of action.params) {
+    if (p.kind !== "flag")
+      continue;
+    const target = p.in === "query" ? query : p.in === "header" ? header : p.in === "cookie" ? cookie : undefined;
+    if (!target)
+      continue;
+    const schema = p.schema ?? (p.type === "unknown" ? {} : { type: p.type });
+    target.properties[p.name] = schema;
+    if (p.required) {
+      if (!target.required)
+        target.required = [];
+      target.required.push(p.name);
+    }
+  }
+  if (!query.required?.length)
+    delete query.required;
+  if (!header.required?.length)
+    delete header.required;
+  if (!cookie.required?.length)
+    delete cookie.required;
+  return {
+    querySchema: Object.keys(query.properties).length ? query : undefined,
+    headerSchema: Object.keys(header.properties).length ? header : undefined,
+    cookieSchema: Object.keys(cookie.properties).length ? cookie : undefined
+  };
+}
+// src/cli/runtime/request.ts
+function parseKeyValuePairs(pairs) {
+  const out = {};
+  for (const pair of pairs ?? []) {
+    const idx = pair.indexOf("=");
+    if (idx === -1)
+      throw new Error(`Invalid pair '${pair}', expected name=value`);
+    const name = pair.slice(0, idx).trim();
+    const value = pair.slice(idx + 1).trim();
+    if (!name)
+      throw new Error(`Invalid pair '${pair}', missing name`);
+    out[name] = value;
+  }
+  return out;
+}
+function pickAuthSchemeKey(action, globals) {
+  if (globals.auth)
+    return globals.auth;
+  const req = action.auth.alternatives;
+  if (req.length === 1 && req[0]?.length === 1) {
+    return req[0][0]?.key;
+  }
+  return;
+}
+function applyAuth(headers, url, action, globals, authSchemes) {
+  const schemeKey = pickAuthSchemeKey(action, globals);
+  if (!schemeKey)
+    return { headers, url };
+  const scheme = authSchemes.find((s) => s.key === schemeKey);
+  if (!scheme) {
+    throw new Error(`Unknown auth scheme '${schemeKey}'. Available: ${authSchemes.map((s) => s.key).join(", ")}`);
+  }
+  if (scheme.kind === "http-bearer" || scheme.kind === "oauth2" || scheme.kind === "openIdConnect") {
+    const token = globals.bearerToken ?? globals.oauthToken;
+    if (!token)
+      throw new Error("Missing token. Provide --bearer-token <token>.");
+    headers.set("Authorization", `Bearer ${token}`);
+    return { headers, url };
+  }
+  if (scheme.kind === "http-basic") {
+    if (!globals.username)
+      throw new Error("Missing --username for basic auth");
+    if (!globals.password)
+      throw new Error("Missing --password for basic auth");
+    const raw = `${globals.username}:${globals.password}`;
+    const encoded = Buffer.from(raw, "utf8").toString("base64");
+    headers.set("Authorization", `Basic ${encoded}`);
+    return { headers, url };
+  }
+  if (scheme.kind === "api-key") {
+    if (!scheme.name)
+      throw new Error(`apiKey scheme '${scheme.key}' missing name`);
+    if (!scheme.in)
+      throw new Error(`apiKey scheme '${scheme.key}' missing location`);
+    if (!globals.apiKey)
+      throw new Error("Missing --api-key for apiKey auth");
+    if (scheme.in === "header") {
+      headers.set(scheme.name, globals.apiKey);
+    }
+    if (scheme.in === "query") {
+      url.searchParams.set(scheme.name, globals.apiKey);
+    }
+    if (scheme.in === "cookie") {
+      const existing = headers.get("Cookie");
+      const part = `${scheme.name}=${globals.apiKey}`;
+      headers.set("Cookie", existing ? `${existing}; ${part}` : part);
+    }
+    return { headers, url };
+  }
+  return { headers, url };
+}
+async function buildRequest(input) {
+  const defaultProfileName = "default";
+  const profilesFile = await readProfiles();
+  const profile = getProfile(profilesFile, defaultProfileName);
+  const embedded = input.embeddedDefaults;
+  const embeddedServerVars = parseKeyValuePairs(embedded?.serverVars);
+  const cliServerVars = parseKeyValuePairs(input.globals.serverVar);
+  const serverVars = { ...embeddedServerVars, ...cliServerVars };
+  const serverUrl = resolveServerUrl({
+    serverOverride: input.globals.server ?? profile?.server ?? embedded?.server,
+    servers: input.servers,
+    serverVars
+  });
+  const pathVars = {};
+  for (let i = 0;i < input.action.positionals.length; i++) {
+    const pos = input.action.positionals[i];
+    const raw = input.action.pathArgs[i];
+    const value = input.positionalValues[i];
+    if (typeof raw === "string" && typeof value === "string") {
+      pathVars[raw] = value;
+    }
+    if (pos?.name && typeof value === "string") {
+      pathVars[pos.name] = value;
+    }
+  }
+  const path = applyTemplate(input.action.path, pathVars, { encode: true });
+  const baseUrl = serverUrl.endsWith("/") ? serverUrl : `${serverUrl}/`;
+  const relativePath = path.startsWith("/") ? path.slice(1) : path;
+  const url = new URL(relativePath, baseUrl);
+  const headers = new Headers;
+  const queryValues = {};
+  const headerValues = {};
+  const cookieValues = {};
+  for (const p of input.action.params) {
+    if (p.kind !== "flag")
+      continue;
+    const optValue = input.flagValues[optionKeyFromFlag(p.flag)];
+    if (typeof optValue === "undefined")
+      continue;
+    if (p.in === "query") {
+      queryValues[p.name] = optValue;
+    }
+    if (p.in === "header") {
+      headerValues[p.name] = optValue;
+    }
+    if (p.in === "cookie") {
+      cookieValues[p.name] = optValue;
+    }
+  }
+  const schemas = deriveValidationSchemas(input.action);
+  const ajv2 = createAjv();
+  if (schemas.querySchema) {
+    const validate = ajv2.compile(schemas.querySchema);
+    if (!validate(queryValues)) {
+      throw new Error(formatAjvErrors(validate.errors));
+    }
+  }
+  if (schemas.headerSchema) {
+    const validate = ajv2.compile(schemas.headerSchema);
+    if (!validate(headerValues)) {
+      throw new Error(formatAjvErrors(validate.errors));
+    }
+  }
+  if (schemas.cookieSchema) {
+    const validate = ajv2.compile(schemas.cookieSchema);
+    if (!validate(cookieValues)) {
+      throw new Error(formatAjvErrors(validate.errors));
+    }
+  }
+  for (const [name, value] of Object.entries(queryValues)) {
+    if (Array.isArray(value)) {
+      for (const item of value) {
+        url.searchParams.append(name, String(item));
+      }
+      continue;
+    }
+    url.searchParams.set(name, String(value));
+  }
+  for (const [name, value] of Object.entries(headerValues)) {
+    headers.set(name, String(value));
+  }
+  for (const [name, value] of Object.entries(cookieValues)) {
+    const existing = headers.get("Cookie");
+    const part = `${name}=${String(value)}`;
+    headers.set("Cookie", existing ? `${existing}; ${part}` : part);
+  }
+  let body;
+  if (input.action.requestBody) {
+    const bodyFlagDefs = input.bodyFlagDefs ?? [];
+    const hasBodyFlags = bodyFlagDefs.some((def) => {
+      const dotKey = def.path.join(".");
+      return input.flagValues[dotKey] !== undefined;
+    });
+    const contentType = input.action.requestBody.preferredContentType;
+    if (contentType)
+      headers.set("Content-Type", contentType);
+    const schema2 = input.action.requestBodySchema;
+    const requiredFields = bodyFlagDefs.filter((d) => d.required);
+    if (!hasBodyFlags) {
+      if (requiredFields.length > 0) {
+        const flagList = requiredFields.map((d) => `--${d.path.join(".")}`);
+        throw new Error(`Required: ${flagList.join(", ")}`);
+      }
+      if (input.action.requestBody.required) {
+        body = "{}";
+      }
+    } else {
+      if (!contentType?.includes("json")) {
+        throw new Error("Body field flags are only supported for JSON request bodies.");
+      }
+      const { findMissingRequired: findMissingRequired2, parseDotNotationFlags: parseDotNotationFlags2 } = await Promise.resolve().then(() => exports_body_flags);
+      const missing = findMissingRequired2(input.flagValues, bodyFlagDefs);
+      if (missing.length > 0) {
+        const missingFlags = missing.map((m) => `--${m}`).join(", ");
+        throw new Error(`Missing required fields: ${missingFlags}`);
+      }
+      const built = parseDotNotationFlags2(input.flagValues, bodyFlagDefs);
+      if (schema2) {
+        const validate = ajv2.compile(schema2);
+        if (!validate(built)) {
+          throw new Error(formatAjvErrors(validate.errors));
+        }
+      }
+      body = JSON.stringify(built);
+    }
+  }
+  const storedToken = profile?.name ? await getToken(input.specId, profile.name) : null;
+  const resolvedAuthScheme = resolveAuthScheme(input.authSchemes, input.action.auth, {
+    flagAuthScheme: input.globals.auth,
+    profileAuthScheme: profile?.authScheme,
+    embeddedAuthScheme: embedded?.auth,
+    hasStoredToken: Boolean(storedToken)
+  });
+  const tokenFromProfile = resolvedAuthScheme ? storedToken : null;
+  const globalsWithProfileAuth = {
+    ...input.globals,
+    auth: resolvedAuthScheme,
+    bearerToken: input.globals.bearerToken ?? input.globals.oauthToken ?? tokenFromProfile ?? undefined
+  };
+  const final = applyAuth(headers, url, input.action, globalsWithProfileAuth, input.authSchemes);
+  const req = new Request(final.url.toString(), {
+    method: input.action.method,
+    headers: final.headers,
+    body
+  });
+  const curl = buildCurl(req, body);
+  return { request: req, curl };
+}
+function buildCurl(req, body) {
+  const parts = ["curl", "-sS", "-X", req.method];
+  for (const [k, v] of req.headers.entries()) {
+    parts.push("-H", shellQuote(`${k}: ${v}`));
+  }
+  if (typeof body === "string") {
+    parts.push("--data", shellQuote(body));
+  }
+  parts.push(shellQuote(req.url));
+  return parts.join(" ");
+}
+function shellQuote(value) {
+  return `'${value.replace(/'/g, `'\\''`)}'`;
+}
+function optionKeyFromFlag(flag) {
+  const name = flag.replace(/^--/, "");
+  return name.replace(/-([a-z])/g, (_, c) => String(c).toUpperCase());
+}
+
+// src/cli/runtime/execute.ts
+async function execute(input) {
+  const { request, curl } = await buildRequest({
+    specId: input.specId,
+    action: input.action,
+    positionalValues: input.positionalValues,
+    flagValues: input.flagValues,
+    globals: input.globals,
+    servers: input.servers,
+    authSchemes: input.authSchemes,
+    embeddedDefaults: input.embeddedDefaults,
+    bodyFlagDefs: input.bodyFlagDefs
+  });
+  const res = await fetch(request);
+  const contentType = res.headers.get("content-type") ?? "";
+  const text = await res.text();
+  let body = text;
+  if (contentType.includes("json") && text) {
+    try {
+      body = JSON.parse(text);
+    } catch {}
+  }
+  return {
+    ok: res.ok,
+    status: res.status,
+    body,
+    curl
+  };
+}
+
+// src/ai/tools.ts
+var contextCache = new Map;
+async function getContext(spec) {
+  let ctx = contextCache.get(spec);
+  if (!ctx) {
+    ctx = await buildRuntimeContext({ spec });
+    contextCache.set(spec, ctx);
+  }
+  return ctx;
+}
+function findAction(ctx, resource, action) {
+  const r = ctx.commands.resources.find((r2) => r2.resource.toLowerCase() === resource.toLowerCase());
+  return r?.actions.find((a) => a.action.toLowerCase() === action.toLowerCase());
+}
+function specli(options) {
+  const {
+    spec,
+    server,
+    serverVars,
+    bearerToken,
+    apiKey,
+    basicAuth,
+    authScheme
+  } = options;
+  return tool({
+    description: `Execute API operations. Commands: "list" (show resources/actions), "help" (action details), "exec" (call API).`,
+    inputSchema: z.object({
+      command: z.enum(["list", "help", "exec"]).describe("Command to run"),
+      resource: z.string().optional().describe("Resource name (e.g. users)"),
+      action: z.string().optional().describe("Action name (e.g. list, get, create)"),
+      args: z.array(z.string()).optional().describe("Positional arguments"),
+      flags: z.record(z.string(), z.unknown()).optional().describe("Named flags")
+    }),
+    execute: async ({ command, resource, action, args, flags }) => {
+      const ctx = await getContext(spec);
+      if (command === "list") {
+        return {
+          resources: ctx.commands.resources.map((r) => ({
+            name: r.resource,
+            actions: r.actions.map((a) => ({
+              name: a.action,
+              summary: a.summary,
+              method: a.method,
+              path: a.path,
+              args: a.positionals.map((p) => p.name),
+              requiredFlags: a.flags.filter((f) => f.required).map((f) => f.flag)
+            }))
+          }))
+        };
+      }
+      if (command === "help") {
+        if (!resource)
+          return { error: "Missing resource" };
+        const r = ctx.commands.resources.find((r2) => r2.resource.toLowerCase() === resource.toLowerCase());
+        if (!r)
+          return { error: `Unknown resource: ${resource}` };
+        if (!action) {
+          return {
+            resource: r.resource,
+            actions: r.actions.map((a2) => a2.action)
+          };
+        }
+        const a = r.actions.find((a2) => a2.action.toLowerCase() === action.toLowerCase());
+        if (!a)
+          return { error: `Unknown action: ${action}` };
+        return {
+          action: a.action,
+          method: a.method,
+          path: a.path,
+          summary: a.summary,
+          args: a.positionals.map((p) => ({
+            name: p.name,
+            description: p.description
+          })),
+          flags: a.flags.map((f) => ({
+            name: f.flag,
+            type: f.type,
+            required: f.required,
+            description: f.description
+          }))
+        };
+      }
+      if (command === "exec") {
+        if (!resource || !action)
+          return { error: "Missing resource or action" };
+        const actionDef = findAction(ctx, resource, action);
+        if (!actionDef)
+          return { error: `Unknown: ${resource} ${action}` };
+        const positionalValues = args ?? [];
+        if (positionalValues.length < actionDef.positionals.length) {
+          return {
+            error: `Missing args: ${actionDef.positionals.slice(positionalValues.length).map((p) => p.name).join(", ")}`
+          };
+        }
+        const globals = {
+          server,
+          serverVar: serverVars ? Object.entries(serverVars).map(([k, v]) => `${k}=${v}`) : undefined,
+          auth: authScheme,
+          bearerToken,
+          apiKey,
+          username: basicAuth?.username,
+          password: basicAuth?.password
+        };
+        try {
+          const result = await execute({
+            specId: ctx.loaded.id,
+            action: actionDef,
+            positionalValues,
+            flagValues: flags ?? {},
+            globals,
+            servers: ctx.servers,
+            authSchemes: ctx.authSchemes
+          });
+          return { status: result.status, ok: result.ok, body: result.body };
+        } catch (err) {
+          return { error: err instanceof Error ? err.message : String(err) };
+        }
+      }
+      return { error: `Unknown command: ${command}` };
+    }
+  });
+}
+function clearSpecliCache(spec) {
+  if (spec)
+    contextCache.delete(spec);
+  else
+    contextCache.clear();
+}
+export {
+  specli,
+  clearSpecliCache
+};
+
+//# debugId=7378D9634BF6BBAD64756E2164756E21