troxy-cli 1.4.5 → 1.4.7

package/bin/troxy.js

@@ -61,22 +61,6 @@ switch (command) {
     break;
 
   // ── Auth ──────────────────────────────────────────────────────
-  case 'connect': {
-    const k = flags.key;
-    if (!k || !k.startsWith('txy-')) {
-      console.error('\n  Usage: troxy connect --key txy-...\n');
-      process.exit(1);
-    }
-    // Validate key before saving
-    process.stdout.write('\n  Validating key... ');
-    await api.agentStatus(k);
-    console.log('✓');
-    const { saveConfig } = await import('../src/config.js');
-    saveConfig({ apiKey: k });
-    console.log('  Key saved to ~/.troxy/config.json\n');
-    break;
-  }
-
   case 'login':
     await runLogin(flags);
     break;
@@ -87,6 +71,26 @@ switch (command) {
     break;
 
   case 'rotate-key': {
+    if (flags.help || flags.h) {
+      console.log(`
+  troxy rotate-key [options]
+
+  Creates a new MCP API key, saves it to ~/.troxy/config.json, and optionally
+  revokes the old key. Login required.
+
+  Options:
+    --name <name>    Name for the new key (default: "Rotated key")
+    --revoke-old     Revoke the old key immediately after creating the new one
+
+  Examples:
+    troxy rotate-key
+    troxy rotate-key --revoke-old
+    troxy rotate-key --name "My Agent Key" --revoke-old
+
+  After rotating: update TROXY_API_KEY in your MCP config and restart the MCP server.
+`);
+      process.exit(0);
+    }
     const jwt = requireJwt();
     const { loadConfig, saveConfig } = await import('../src/config.js');
     const oldKey    = loadConfig()?.apiKey;
@@ -143,6 +147,28 @@ switch (command) {
 
   // ── Simulate a payment evaluation ────────────────────────────
   case 'pay': {
+    if (flags.help || flags.h) {
+      console.log(`
+  troxy pay --merchant <name> --amount <n> [options]
+
+  Simulates a payment evaluation request — identical to what your AI agent sends.
+  Use this to test your policies. Login required.
+
+  Required:
+    --merchant <name>   Merchant name (e.g. "Amazon")
+    --amount <n>        Payment amount in USD
+
+  Optional:
+    --card <alias>      Card alias (default: "Work")
+    --category <cat>    Merchant category (e.g. travel, software, food)
+
+  Examples:
+    troxy pay --merchant "Amazon" --amount 50
+    troxy pay --merchant "Amazon" --amount 350 --card "Work"
+    troxy pay --merchant "Delta"  --amount 250 --card "Work" --category travel
+`);
+      process.exit(0);
+    }
     requireJwt();
     const apiKey   = loadConfig()?.apiKey || process.env.TROXY_API_KEY;
     if (!apiKey) { console.error('  No API key. Run: troxy init --key txy-...\n'); process.exit(1); }
@@ -179,6 +205,21 @@ switch (command) {
     break;
 
   case 'insights': {
+    if (flags.help || flags.h) {
+      console.log(`
+  troxy insights [options]
+
+  Shows a spending and decision summary for a given period. Login required.
+
+  Options:
+    --period <days>   Number of days to look back (default: 30)
+
+  Examples:
+    troxy insights
+    troxy insights --period 7
+`);
+      process.exit(0);
+    }
     const jwt    = requireJwt();
     const period = Number(flags.period || 30);
     const data   = await api.agentInsights(jwt, period);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "troxy-cli",
-  "version": "1.4.5",
+  "version": "1.4.7",
   "description": "AI payment control — protect your agent's payments with policies",
   "type": "module",
   "bin": {

package/src/activity.js

@@ -1,15 +1,35 @@
 import { api }               from './api.js';
 import { requireJwt }        from './auth.js';
+import { loadConfig }        from './config.js';
 import { table }             from './print.js';
 
 const ICON = { ALLOW: '✓', BLOCK: '✗', ESCALATE: '⏳', NOTIFY: '~' };
 
 export async function runActivity(flags) {
-  const jwt   = requireJwt();
-  const limit = Number(flags.limit || 20);
-  const mine  = !!flags.mine;
+  if (flags.help || flags.h) {
+    console.log(`
+  troxy activity [options]
 
-  const data = await api.agentActivity(jwt, limit, mine);
+  Shows recent payment decisions across all your MCPs. Login required.
+
+  Options:
+    --limit <n>   Number of rows to show (default: 20, max: 200)
+    --mine        Show only decisions from this machine's MCP
+
+  Examples:
+    troxy activity
+    troxy activity --limit 50
+    troxy activity --mine
+`);
+    process.exit(0);
+  }
+
+  const jwt         = requireJwt();
+  const limit       = Number(flags.limit || 20);
+  const mine        = !!flags.mine;
+  const tokenPrefix = mine ? (loadConfig()?.apiKey || '').substring(0, 11) : undefined;
+
+  const data = await api.agentActivity(jwt, limit, mine, tokenPrefix);
   const rows = data?.activity || [];
 
   if (!rows.length) { console.log('\n  No activity yet.\n'); return; }

package/src/api.js

@@ -66,17 +66,12 @@ export const api = {
   resumeToken: (jwt, id)       => request('POST',  `/tokens/${id}/resume`, { jwt }),
   renameToken: (jwt, id, name) => request('PATCH', `/tokens/${id}/name`,   { jwt, body: { name } }),
 
-  // MCP daemon endpoints (agent API key — used by MCP server only)
-  mcpPause:  (apiKey) => request('POST',  '/mcp/pause',  { apiKey }),
-  mcpResume: (apiKey) => request('POST',  '/mcp/resume', { apiKey }),
-  mcpRename: (apiKey, name) => request('PATCH', '/mcp/name', { apiKey, body: { name } }),
-
   // Agent read-only API (JWT session auth — run: troxy login)
   agentStatus:   (jwt)              => request('GET', '/agent/status',   { jwt }),
   agentPolicies: (jwt)              => request('GET', '/agent/policies',  { jwt }),
   agentMcps:     (jwt)              => request('GET', '/agent/mcps',      { jwt }),
   agentCards:    (jwt)              => request('GET', '/agent/cards',      { jwt }),
-  agentActivity: (jwt, limit, mine) => request('GET', `/agent/activity?limit=${limit || 20}${mine ? '&mine=true' : ''}`, { jwt }),
+  agentActivity: (jwt, limit, mine, tokenPrefix) => request('GET', `/agent/activity?limit=${limit || 20}${mine ? `&mine=true&token_prefix=${encodeURIComponent(tokenPrefix || '')}` : ''}`, { jwt }),
   agentInsights: (jwt, period)      => request('GET', `/agent/insights?period=${period || 30}`, { jwt }),
 };
 

package/src/mcps.js

@@ -3,7 +3,17 @@ import { loadConfig, saveConfig }  from './config.js';
 import { requireJwt }              from './auth.js';
 import { table }                   from './print.js';
 
+const HELP = {
+  list:   `  troxy mcps list\n\n  Lists all MCP connections on your account — name, prefix, status, last seen,\n  policies assigned, default action, and which one is this machine.\n`,
+  rename: `  troxy mcps rename --name <new-name>\n\n  Renames this machine's MCP. The new name appears in the dashboard immediately.\n\n  Options:\n    --name   New name for this machine's MCP\n\n  Example:\n    troxy mcps rename --name "My Laptop"\n`,
+};
+
 export async function runMcps([sub], flags) {
+  if (flags.help || flags.h) {
+    console.log('\n' + (HELP[sub] || `  troxy mcps <subcommand> [options]\n\n  Subcommands:\n    list     List all MCP connections\n    rename   Rename this machine's MCP\n\n  Run 'troxy mcps <subcommand> --help' for subcommand help.\n`));
+    process.exit(0);
+  }
+
   switch (sub || 'list') {
     case 'list': {
       const jwt = requireJwt();

package/src/policies.js

@@ -10,7 +10,21 @@ function _scope(p) {
   return 'no MCPs applied';
 }
 
+const HELP = {
+  list:     `  troxy policies list\n\n  Lists all policies in your account with their action, scope, status, and conditions.\n`,
+  describe: `  troxy policies describe --name <policy-name>\n\n  Shows full details for a single policy.\n\n  Options:\n    --name   Name of the policy (use single quotes for names with special chars)\n`,
+  create:   `  troxy policies create --name <name> --action <action> [options]\n\n  Creates a new policy. Login required.\n\n  Required:\n    --name     Policy name\n    --action   ALLOW, BLOCK, NOTIFY, or ESCALATE\n\n  Optional conditions:\n    --field      Field to match: amount, merchant_name, merchant_category,\n                 merchant_country, currency, agent_name, hour, day_of_week\n    --operator   eq, neq, gt, gte, lt, lte, contains, between\n    --value      Comparison value (e.g. 500, amazon, Monday)\n    --value2     Upper bound for 'between' operator\n\n  Scope:\n    --mcp <name>   Scope policy to a specific MCP only (default: all MCPs)\n                   Run 'troxy mcps list' to see MCP names.\n\n  Examples:\n    troxy policies create --name "Block large" --action BLOCK --field amount --operator gte --value 500\n    troxy policies create --name "Block Amazon" --action BLOCK --field merchant_name --operator contains --value amazon\n    troxy policies create --name "Cap spend" --action BLOCK --mcp "My Laptop" --field amount --operator gte --value 200\n`,
+  enable:   `  troxy policies enable --name <policy-name>\n\n  Enables a disabled policy.\n\n  Options:\n    --name   Name of the policy to enable\n`,
+  disable:  `  troxy policies disable --name <policy-name>\n\n  Disables a policy without deleting it.\n\n  Options:\n    --name   Name of the policy to disable\n`,
+  delete:   `  troxy policies delete --name <policy-name>\n\n  Permanently deletes a policy.\n\n  Options:\n    --name   Name of the policy to delete\n`,
+};
+
 export async function runPolicies([sub, ...args], flags) {
+  if (flags.help || flags.h) {
+    console.log('\n' + (HELP[sub] || `  troxy policies <subcommand> [options]\n\n  Subcommands:\n    list       List all policies\n    describe   Show details for a policy\n    create     Create a new policy\n    enable     Enable a policy\n    disable    Disable a policy\n    delete     Delete a policy\n\n  Run 'troxy policies <subcommand> --help' for subcommand help.\n`));
+    process.exit(0);
+  }
+
   // Read-only subcommands work with a login session
   const readOnly = !sub || sub === 'list' || sub === 'describe';