unbrowse 2.12.4 → 3.0.0

package/dist/cli.js

@@ -22,12 +22,12 @@ var __promiseAll = (args) => Promise.all(args);
 var __require = /* @__PURE__ */ createRequire(import.meta.url);
 
 // ../../src/build-info.generated.ts
-var BUILD_GIT_SHA = "4967715e153e", BUILD_CODE_HASH = "1488fc1d92b7", BUILD_RELEASE_MANIFEST_BASE64 = "eyJzY2hlbWFfdmVyc2lvbiI6MSwicmVsZWFzZV92ZXJzaW9uIjoiMi4xMS4wIiwiZ2l0X3NoYSI6IjQ5Njc3MTVlMTUzZSIsImNvZGVfaGFzaCI6IjE0ODhmYzFkOTJiNyIsInRyYWNlX3ZlcnNpb24iOiIxNDg4ZmMxZDkyYjdANDk2NzcxNWUxNTNlIiwiaXNzdWVkX2F0IjoiMjAyNi0wNC0wM1QyMTo0ODoyNS4yNzhaIn0", BUILD_RELEASE_MANIFEST_SIGNATURE = "";
+var BUILD_RELEASE_VERSION = "3.0.0", BUILD_GIT_SHA = "0f2fd9a7fbd4", BUILD_CODE_HASH = "1488fc1d92b7", BUILD_RELEASE_MANIFEST_BASE64 = "eyJzY2hlbWFfdmVyc2lvbiI6MSwicmVsZWFzZV92ZXJzaW9uIjoiMy4wLjAiLCJnaXRfc2hhIjoiMGYyZmQ5YTdmYmQ0IiwiY29kZV9oYXNoIjoiMTQ4OGZjMWQ5MmI3IiwidHJhY2VfdmVyc2lvbiI6IjE0ODhmYzFkOTJiN0AwZjJmZDlhN2ZiZDQiLCJpc3N1ZWRfYXQiOiIyMDI2LTA0LTA0VDExOjU3OjQ1LjMwNloifQ", BUILD_RELEASE_MANIFEST_SIGNATURE = "", BUILD_DEFAULT_BACKEND_URL = "https://beta-api.unbrowse.ai";
 
 // ../../src/version.ts
 import { createHash } from "crypto";
 import { existsSync, readFileSync, readdirSync } from "fs";
-import { dirname, join } from "path";
+import { dirname, join, parse } from "path";
 import { fileURLToPath } from "url";
 function collectTsFiles(dir) {
   const results = [];
@@ -89,20 +89,47 @@ function computeCodeHash() {
 function getGitSha() {
   return BUILD_GIT_SHA?.trim() || "unknown";
 }
-function getPackageVersion() {
+function decodeBase64UrlJson(value) {
   try {
-    const pkg = JSON.parse(readFileSync(join(MODULE_DIR, "..", "package.json"), "utf-8"));
-    return typeof pkg.version === "string" ? pkg.version : "unknown";
+    if (!value)
+      return null;
+    return JSON.parse(Buffer.from(value, "base64url").toString("utf-8"));
   } catch {
-    return "unknown";
+    return null;
   }
 }
-var MODULE_DIR, CODE_HASH, GIT_SHA, PACKAGE_VERSION, TRACE_VERSION, RELEASE_MANIFEST_BASE64, RELEASE_MANIFEST_SIGNATURE;
+function getEmbeddedReleaseVersion() {
+  if (BUILD_RELEASE_VERSION?.trim())
+    return BUILD_RELEASE_VERSION.trim();
+  const manifest = decodeBase64UrlJson(BUILD_RELEASE_MANIFEST_BASE64?.trim() || "");
+  return typeof manifest?.release_version === "string" && manifest.release_version.trim() ? manifest.release_version.trim() : null;
+}
+function getPackageVersionForModuleDir(moduleDir) {
+  let dir = moduleDir;
+  const root = parse(dir).root;
+  while (true) {
+    try {
+      const pkg = JSON.parse(readFileSync(join(dir, "package.json"), "utf-8"));
+      return typeof pkg.version === "string" ? pkg.version : "unknown";
+    } catch {}
+    if (dir === root)
+      return "unknown";
+    dir = dirname(dir);
+  }
+}
+function getPackageVersion() {
+  const packageVersion = getPackageVersionForModuleDir(MODULE_DIR);
+  if (packageVersion !== "unknown")
+    return packageVersion;
+  return getEmbeddedReleaseVersion() ?? "unknown";
+}
+var MODULE_DIR, CODE_HASH, GIT_SHA, PACKAGE_VERSION, DEFAULT_BACKEND_URL, TRACE_VERSION, RELEASE_MANIFEST_BASE64, RELEASE_MANIFEST_SIGNATURE;
 var init_version = __esm(() => {
   MODULE_DIR = dirname(fileURLToPath(import.meta.url));
   CODE_HASH = BUILD_CODE_HASH?.trim() || computeCodeHash();
   GIT_SHA = getGitSha();
   PACKAGE_VERSION = getPackageVersion();
+  DEFAULT_BACKEND_URL = BUILD_DEFAULT_BACKEND_URL?.trim() || "https://beta-api.unbrowse.ai";
   TRACE_VERSION = `${CODE_HASH}@${GIT_SHA}`;
   RELEASE_MANIFEST_BASE64 = BUILD_RELEASE_MANIFEST_BASE64?.trim() || "";
   RELEASE_MANIFEST_SIGNATURE = BUILD_RELEASE_MANIFEST_SIGNATURE?.trim() || "";
@@ -362,7 +389,7 @@ var init_client = __esm(() => {
   init_cascade();
   init_wallet();
   init_telemetry_attribution();
-  API_URL2 = process.env.UNBROWSE_BACKEND_URL || "https://beta-api.unbrowse.ai";
+  API_URL2 = process.env.UNBROWSE_BACKEND_URL || DEFAULT_BACKEND_URL;
   PROFILE_NAME2 = sanitizeProfileName2(process.env.UNBROWSE_PROFILE ?? "");
   recentLocalSkills2 = new Map;
   LOCAL_ONLY2 = process.env.UNBROWSE_LOCAL_ONLY === "1";
@@ -408,11 +435,12 @@ function readProbabilityEnv(name, fallback) {
   const parsed = Number.parseFloat(process.env[name] ?? "");
   return Number.isFinite(parsed) && parsed >= 0 && parsed <= 1 ? parsed : fallback;
 }
-var DEFAULT_PUBLISH_ENDPOINT_LIMIT, MIN_PUBLISH_RELIABILITY;
+var DEFAULT_PUBLISH_ENDPOINT_LIMIT, MIN_PUBLISH_RELIABILITY, CLOSURE_EDGE_KINDS;
 var init_publish_admission = __esm(() => {
   init_domain();
   DEFAULT_PUBLISH_ENDPOINT_LIMIT = readPositiveIntEnv("UNBROWSE_PUBLISH_ENDPOINT_LIMIT", 12);
   MIN_PUBLISH_RELIABILITY = readProbabilityEnv("UNBROWSE_PUBLISH_MIN_RELIABILITY", 0.2);
+  CLOSURE_EDGE_KINDS = new Set(["dependency", "auth", "parent_child", "pagination"]);
 });
 
 // ../../src/logger.ts
@@ -820,6 +848,11 @@ var init_settings = __esm(() => {
   init_domain();
 });
 
+// ../../src/publish/schema-review.ts
+var init_schema_review = __esm(() => {
+  init_sanitize();
+});
+
 // ../../src/indexer/index.ts
 import { join as join6 } from "node:path";
 var SKILL_SNAPSHOT_DIR, indexInFlight, pendingIndexJobs;
@@ -833,6 +866,8 @@ var init_indexer = __esm(async () => {
   init_artifact();
   init_publish();
   init_settings();
+  init_graph();
+  init_schema_review();
   await init_orchestrator();
   SKILL_SNAPSHOT_DIR = process.env.UNBROWSE_SKILL_SNAPSHOT_DIR ?? join6(process.env.HOME ?? "/tmp", ".unbrowse", "skill-snapshots");
   indexInFlight = new Map;
@@ -842,7 +877,8 @@ var init_indexer = __esm(async () => {
 // ../../src/payments/index.ts
 var PRICING_API_URL;
 var init_payments = __esm(() => {
-  PRICING_API_URL = process.env.UNBROWSE_BACKEND_URL ?? "https://beta-api.unbrowse.ai";
+  init_version();
+  PRICING_API_URL = process.env.UNBROWSE_BACKEND_URL ?? DEFAULT_BACKEND_URL;
 });
 
 // ../../src/execution/robots.ts
@@ -945,8 +981,9 @@ var init_planner = __esm(() => {
 // ../../src/client/graph-client.ts
 var API_URL3, GRAPH_TIMEOUT_MS;
 var init_graph_client = __esm(() => {
+  init_version();
   init_client();
-  API_URL3 = process.env.UNBROWSE_BACKEND_URL ?? "https://beta-api.unbrowse.ai";
+  API_URL3 = process.env.UNBROWSE_BACKEND_URL ?? DEFAULT_BACKEND_URL;
   GRAPH_TIMEOUT_MS = parseInt(process.env.UNBROWSE_GRAPH_TIMEOUT_MS ?? "4000", 10);
 });
 
@@ -963,6 +1000,7 @@ var init_dag_feedback = __esm(() => {
   init_client();
   init_graph_client();
   init_graph();
+  init_version();
   SESSION_ID = nanoid7();
   lastWriteAt = new Map;
   pendingTimers = new Map;
@@ -988,11 +1026,6 @@ var init_prefetch = __esm(async () => {
   await init_execution();
 });
 
-// ../../src/orchestrator/first-pass-action.ts
-var init_first_pass_action = __esm(() => {
-  init_client2();
-});
-
 // ../../src/orchestrator/timing-economics.ts
 var TOKEN_COST_PER_MILLION_USD = 3, TOKEN_COST_UC, SAVINGS_SOURCES;
 var init_timing_economics = __esm(() => {
@@ -1029,7 +1062,6 @@ var init_orchestrator = __esm(async () => {
   init_search_forms();
   init_trace_store();
   init_passive_publish();
-  init_first_pass_action();
   init_timing_economics();
   init_payments();
   init_wallet();
@@ -1180,10 +1212,20 @@ import { join as join3 } from "path";
 import { homedir as homedir2, hostname } from "os";
 import { randomBytes, createHash as createHash2 } from "crypto";
 import { createInterface } from "readline";
-var API_URL = process.env.UNBROWSE_BACKEND_URL || "https://beta-api.unbrowse.ai";
+var API_URL = process.env.UNBROWSE_BACKEND_URL || DEFAULT_BACKEND_URL;
 var PROFILE_NAME = sanitizeProfileName(process.env.UNBROWSE_PROFILE ?? "");
 var recentLocalSkills = new Map;
 var LOCAL_ONLY = process.env.UNBROWSE_LOCAL_ONLY === "1";
+function buildReleaseAttestationHeaders(manifestBase64, signature) {
+  const manifest = manifestBase64.trim();
+  const sig = signature.trim();
+  if (!manifest || !sig)
+    return {};
+  return {
+    "X-Unbrowse-Release-Manifest": manifest,
+    "X-Unbrowse-Release-Signature": sig
+  };
+}
 function decodeBase64Json(value) {
   try {
     if (typeof globalThis !== "undefined" && typeof globalThis.atob === "function") {
@@ -1467,6 +1509,7 @@ async function findUsableApiKey() {
 }
 async function apiRequest(method, path, body, opts) {
   const key = opts?.noAuth ? "" : getApiKey();
+  const releaseAttestationHeaders = buildReleaseAttestationHeaders(RELEASE_MANIFEST_BASE64, RELEASE_MANIFEST_SIGNATURE);
   const controller = new AbortController;
   const timer = setTimeout(() => controller.abort(), opts?.timeoutMs ?? API_TIMEOUT_MS);
   let res;
@@ -1479,8 +1522,7 @@ async function apiRequest(method, path, body, opts) {
         "X-Unbrowse-Trace-Version": TRACE_VERSION,
         "X-Unbrowse-Code-Hash": CODE_HASH,
         "X-Unbrowse-Git-Sha": GIT_SHA,
-        ...RELEASE_MANIFEST_BASE64 ? { "X-Unbrowse-Release-Manifest": RELEASE_MANIFEST_BASE64 } : {},
-        ...RELEASE_MANIFEST_SIGNATURE ? { "X-Unbrowse-Release-Signature": RELEASE_MANIFEST_SIGNATURE } : {},
+        ...releaseAttestationHeaders,
         ...key ? { Authorization: `Bearer ${key}` } : {}
       },
       body: body ? JSON.stringify(body) : undefined,
@@ -1944,15 +1986,6 @@ function deriveListenEnv(baseUrl) {
   const port = url.port || (url.protocol === "https:" ? "443" : "80");
   return { HOST: host, PORT: port, UNBROWSE_URL: baseUrl };
 }
-function getVersion(metaUrl) {
-  try {
-    const root = getPackageRoot(metaUrl);
-    const pkg = JSON.parse(readFileSync4(path2.join(root, "package.json"), "utf-8"));
-    return pkg.version ?? "unknown";
-  } catch {
-    return "unknown";
-  }
-}
 function isCompiledBinary() {
   return !!(process.versions.bun && !process.argv[1]?.match(/\.(ts|js|mjs)$/));
 }
@@ -1998,7 +2031,7 @@ function spawnServer(baseUrl, metaUrl, pidFile, restartCount = 0) {
     base_url: baseUrl,
     started_at: new Date().toISOString(),
     entrypoint: spawnSpec.recordedEntrypoint,
-    version: getVersion(metaUrl),
+    version: PACKAGE_VERSION,
     code_hash: CODE_HASH,
     restart_count: restartCount
   };
@@ -2007,7 +2040,7 @@ function spawnServer(baseUrl, metaUrl, pidFile, restartCount = 0) {
 }
 var supervisor = new LocalSupervisor;
 async function ensureLocalServer(baseUrl, noAutoStart, metaUrl) {
-  const installedVersion = getVersion(metaUrl);
+  const installedVersion = PACKAGE_VERSION;
   const initialHealth = await fetchServerHealth(baseUrl);
   if (initialHealth) {
     const runningVersion = initialHealth.package_version;
@@ -2076,7 +2109,7 @@ function checkServerVersion(baseUrl, metaUrl, healthOverride) {
   const state = readPidState(pidFile);
   if (!state)
     return null;
-  const installed = getVersion(metaUrl);
+  const installed = PACKAGE_VERSION;
   const running = healthOverride?.runningVersion ?? state.version ?? "unknown";
   const runningCodeHash = healthOverride?.runningCodeHash ?? state.code_hash;
   return {
@@ -2118,6 +2151,9 @@ function resolveSiblingEntrypoint2(metaUrl, basename) {
   const file = fileURLToPath3(metaUrl);
   return path3.join(path3.dirname(file), `${basename}${path3.extname(file) || ".js"}`);
 }
+function isBundledVirtualEntrypoint(entrypoint) {
+  return entrypoint.startsWith("/$bunfs/");
+}
 function runtimeArgsForEntrypoint2(metaUrl, entrypoint) {
   if (path3.extname(entrypoint) !== ".ts")
     return [entrypoint];
@@ -2155,6 +2191,8 @@ init_sanitize();
 init_artifact();
 init_publish();
 init_settings();
+init_graph();
+init_schema_review();
 import { join as join8 } from "node:path";
 var SKILL_SNAPSHOT_DIR3 = process.env.UNBROWSE_SKILL_SNAPSHOT_DIR ?? join8(process.env.HOME ?? "/tmp", ".unbrowse", "skill-snapshots");
 var indexInFlight2 = new Map;
@@ -2656,9 +2694,9 @@ function loadInstallSource2(metaUrl) {
   return readJsonFile2(getInstallSourcePath2()) ?? resolveInstallSource2(metaUrl);
 }
 function compareSemver(a, b) {
-  const parse = (value) => value.split("-", 1)[0].split(".").map((part) => Number.parseInt(part, 10) || 0);
-  const left = parse(a);
-  const right = parse(b);
+  const parse2 = (value) => value.split("-", 1)[0].split(".").map((part) => Number.parseInt(part, 10) || 0);
+  const left = parse2(a);
+  const right = parse2(b);
   const max = Math.max(left.length, right.length);
   for (let i = 0;i < max; i++) {
     const diff = (left[i] ?? 0) - (right[i] ?? 0);
@@ -2807,15 +2845,9 @@ function resolveResultError(result) {
 function resolveLoginUrl(result, fallbackUrl) {
   return result.result?.login_url ?? fallbackUrl ?? "";
 }
-function hasIndexingFallback(result) {
-  return result.result?.indexing_fallback_available === true;
-}
 function isResolveSuccessResult(result) {
-  const resultObj = result.result;
   if (resolveResultError(result))
     return false;
-  if (resultObj?.status === "browse_session_open")
-    return false;
   return !!result.result || Array.isArray(result.available_endpoints);
 }
 async function withPendingNotice(promise, message, delayMs = 3000) {
@@ -2997,51 +3029,15 @@ async function cmdResolve(flags) {
       body.force_capture = true;
     body.projection = { raw: true };
     const startedAt = Date.now();
-    async function resolveOnce(message = "Still working. First-time capture/indexing for a site can take 20-80s. Waiting is usually better than falling back.") {
+    async function resolveOnce(message = "Still working. Searching cached routes...") {
       return withPendingNotice(api2("POST", "/v1/intent/resolve", body), message);
     }
     let result = await resolveOnce();
-    let attemptedForceCapture = !!body.force_capture;
-    let attemptedCookieImport = false;
-    let attemptedInteractiveLogin = false;
-    while (true) {
-      const resultError = resolveResultError(result);
-      if (resultError === "payment_required" && hasIndexingFallback(result) && url && !attemptedForceCapture) {
-        attemptedForceCapture = true;
-        body.force_capture = true;
-        info("Marketplace search is paid here. Falling back to free live capture on the exact URL...");
-        result = await resolveOnce("Running free live capture...");
-        continue;
-      }
-      if (resultError === "auth_required") {
-        const loginUrl = resolveLoginUrl(result, url);
-        if (!loginUrl)
-          break;
-        if (!attemptedCookieImport) {
-          attemptedCookieImport = true;
-          info("Site requires authentication. Trying browser cookie import first...");
-          const stealResult = await api2("POST", "/v1/auth/steal", { url: loginUrl });
-          const cookiesStored = typeof stealResult.cookies_stored === "number" ? stealResult.cookies_stored : Number(stealResult.cookies_stored ?? 0);
-          if (stealResult.success === true && cookiesStored > 0) {
-            info(`Imported ${cookiesStored} browser cookies. Retrying...`);
-            result = await resolveOnce("Retrying after browser cookie import...");
-            continue;
-          }
-        }
-        if (!attemptedInteractiveLogin) {
-          attemptedInteractiveLogin = true;
-          info("Site requires authentication. Opening browser for login...");
-          const loginResult = await api2("POST", "/v1/auth/login", { url: loginUrl });
-          if (loginResult.error || loginResult.success === false) {
-            const message = typeof loginResult.error === "string" ? loginResult.error : "interactive login did not produce a reusable session";
-            throw new Error(`Login failed: ${message}. Run: unbrowse login --url "${loginUrl}"`);
-          }
-          info("Login complete. Retrying...");
-          result = await resolveOnce("Retrying after login...");
-          continue;
-        }
-      }
-      break;
+    const resultError = resolveResultError(result);
+    if (resultError === "auth_required") {
+      const loginUrl = resolveLoginUrl(result, url);
+      if (loginUrl)
+        info(`Authentication required. Run: unbrowse login --url "${loginUrl}"`);
     }
     if (explicitEndpointId && result.available_endpoints) {
       const skillId = resolveSkillId();
@@ -3063,26 +3059,6 @@ async function cmdResolve(flags) {
         result = await withPendingNotice(api2("POST", `/v1/skills/${skillId}/execute`, execBody(bestEndpoint.endpoint_id)), "Executing best endpoint...");
       }
     }
-    const resultObj = result.result;
-    if (resultObj?.status === "browse_session_open") {
-      info(`No cached API. Browser session open on ${resultObj.domain ?? resultObj.url}.`);
-      info(`Preferred flow: snap -> click/fill/eval -> submit -> sync -> close.`);
-      info(`Use these commands to get your data:`);
-      const commands = resultObj.commands ?? [
-        resultObj.session_id ? `unbrowse snap --session ${resultObj.session_id} --filter interactive` : "unbrowse snap --filter interactive",
-        resultObj.session_id ? `unbrowse click --session ${resultObj.session_id} <ref>` : "unbrowse click <ref>",
-        resultObj.session_id ? `unbrowse fill --session ${resultObj.session_id} <ref> <value>` : "unbrowse fill <ref> <value>",
-        resultObj.session_id ? `unbrowse submit --session ${resultObj.session_id} --wait-for "/next-step"` : 'unbrowse submit --wait-for "/next-step"',
-        resultObj.session_id ? `unbrowse sync --session ${resultObj.session_id}` : "unbrowse sync",
-        resultObj.session_id ? `unbrowse close --session ${resultObj.session_id}` : "unbrowse close"
-      ];
-      for (const cmd of commands)
-        info(`  ${cmd}`);
-      info(`For JS-heavy forms: prefer real date/time clicks first, inspect hidden inputs with eval when needed, then submit.`);
-      info(`All traffic is being passively captured. Run "unbrowse close" when done.`);
-      output(slimTrace(result), !!flags.pretty);
-      return;
-    }
     if (Date.now() - startedAt > 3000 && result.source === "live-capture") {
       info("Live capture finished. Future runs against this site should be much faster.");
     }
@@ -3293,7 +3269,7 @@ async function cmdExecute(flags) {
         ...result.next_actions ? { next_actions: result.next_actions } : {}
       };
       if (trace?.skill_id && trace?.endpoint_id && limited.length > 0) {
-        out._review_hint = `After presenting results, improve this endpoint's description with what it returns plus any audience/eligibility/pricing/validity caveats: unbrowse review --skill ${trace.skill_id} --endpoints '[{"endpoint_id":"${trace.endpoint_id}","description":"DESCRIBE WHAT THIS RETURNS AND ANY IMPORTANT CONSTRAINTS","action_kind":"ACTION","resource_kind":"RESOURCE"}]'`;
+        out._review_hint = `After presenting results, review this endpoint's contract: description plus request/response schema notes where needed. Example: unbrowse review --skill ${trace.skill_id} --endpoints '[{"endpoint_id":"${trace.endpoint_id}","description":"DESCRIBE WHAT THIS RETURNS AND ANY IMPORTANT CONSTRAINTS","action_kind":"ACTION","resource_kind":"RESOURCE","parameter_reviews":[{"location":"query","name":"q","description":"Search query text","type":"string","required":true}],"response_reviews":[{"path":"items[].url","description":"Canonical result URL","type":"string"}]}]'`;
       }
       output(out, !!flags.pretty);
       return;
@@ -3357,7 +3333,7 @@ async function cmdReview(flags) {
     die("--skill is required");
   const endpointsJson = flags.endpoints;
   if (!endpointsJson)
-    die("--endpoints is required (JSON array of {endpoint_id, description?, action_kind?, resource_kind?})");
+    die("--endpoints is required (JSON array of {endpoint_id, description?, action_kind?, resource_kind?, parameter_reviews?, response_reviews?})");
   const endpoints = JSON.parse(endpointsJson);
   if (!Array.isArray(endpoints) || endpoints.length === 0)
     die("--endpoints must be a non-empty JSON array");
@@ -3395,6 +3371,17 @@ async function cmdPublish(flags) {
     }), !!flags.pretty);
   }
 }
+async function cmdPublishBundle(flags) {
+  const presetPath = flags.preset;
+  if (!presetPath)
+    die("--preset is required");
+  const hosts = typeof flags.hosts === "string" ? flags.hosts.split(",").map((host) => host.trim()).filter(Boolean) : undefined;
+  output(await api2("POST", "/v1/foundry/publish-bundle", {
+    preset_path: presetPath,
+    ...typeof flags["site-url"] === "string" ? { site_url: flags["site-url"] } : {},
+    ...hosts?.length ? { hosts } : {}
+  }), !!flags.pretty);
+}
 async function cmdSettings(flags) {
   const body = {};
   if (typeof flags["auto-publish"] === "string") {
@@ -3442,61 +3429,7 @@ async function cmdCleanupStale(flags) {
   output(await withPendingNotice(api2("POST", "/v1/stale/cleanup", body), "Cleaning stale endpoints..."), !!flags.pretty);
 }
 async function cmdSearch(flags) {
-  const intent = flags.intent;
-  if (!intent)
-    die("--intent is required");
-  const domain = flags.domain;
-  const path9 = domain ? "/v1/search/domain" : "/v1/search";
-  const body = { intent, k: Number(flags.k) || 5 };
-  if (domain)
-    body.domain = domain;
-  const hostType = detectTelemetryHostType();
-  await ensureCliInstallTracked(hostType);
-  await recordFunnelTelemetryEvent("cli_invoked", {
-    source: "cli",
-    hostType,
-    properties: { command: "search" }
-  });
-  await recordFunnelTelemetryEvent("search_started", {
-    source: "cli",
-    hostType,
-    properties: {
-      command: "search",
-      intent,
-      domain: domain ?? null,
-      k: body.k
-    }
-  });
-  try {
-    const result = await api2("POST", path9, body);
-    const results = Array.isArray(result.results) ? result.results : [];
-    await recordFunnelTelemetryEvent("search_completed", {
-      source: "cli",
-      hostType,
-      properties: {
-        command: "search",
-        intent,
-        domain: domain ?? null,
-        k: body.k,
-        result_count: results.length
-      }
-    });
-    output(result, !!flags.pretty);
-  } catch (error) {
-    const message = error instanceof Error ? error.message : String(error);
-    await recordFunnelTelemetryEvent("search_failed", {
-      source: "cli",
-      hostType,
-      properties: {
-        command: "search",
-        intent,
-        domain: domain ?? null,
-        failure_stage: "search",
-        failure_reason: message
-      }
-    });
-    throw error;
-  }
+  await cmdResolve(flags);
 }
 async function cmdSessions(flags) {
   const domain = flags.domain;
@@ -3595,20 +3528,20 @@ var CLI_REFERENCE = {
     { name: "mcp", usage: "[--no-auto-start]", desc: "Run the stdio MCP server" },
     { name: "setup", usage: "[--opencode auto|global|project|off] [--no-start]", desc: "Bootstrap browser deps + Open Code command" },
     { name: "upgrade", usage: "", desc: "Check latest release and print the right upgrade command" },
-    { name: "resolve", usage: '--intent "..." --url "..." [opts]', desc: "Resolve intent \u2192 search/capture/execute" },
+    { name: "resolve", usage: '--intent "..." [--domain "..."] [--url "..."] [opts]', desc: "Search cached indexed/published routes and optionally execute the top trusted endpoint" },
     { name: "execute", usage: "--skill ID --endpoint ID [opts]", desc: "Execute a specific endpoint" },
     { name: "feedback", usage: "--skill ID --endpoint ID --rating N", desc: "Submit feedback (mandatory after resolve)" },
-    { name: "review", usage: "--skill ID --endpoints '[...]'", desc: "Push reviewed descriptions/metadata back to skill" },
+    { name: "review", usage: "--skill ID --endpoints '[...]'", desc: "Push reviewed descriptions/schema metadata back to a captured skill before publish" },
     { name: "index", usage: "--skill ID", desc: "Recompute local graph/contracts/export from cached skill state only" },
-    { name: "publish", usage: "--skill ID [--confirm-publish] [--endpoints '[...]']", desc: "Re-index locally, then publish/share from cached skill state; without endpoints returns review metadata first" },
+    { name: "publish", usage: "--skill ID [--confirm-publish] [--endpoints '[...]']", desc: "Re-index locally, inspect publish-review metadata, then publish/share from cached skill state" },
+    { name: "publish-bundle", usage: "--preset path [--hosts codex,claude,openclaw] [--site-url https://www.unbrowse.ai]", desc: "Derive foundry bundle/share/host artifacts from one preset and write the public share manifest" },
     { name: "settings", usage: "[--auto-publish on|off] [--publish-blacklist domains] [--publish-promptlist domains]", desc: "Show or update local capture/publish policy settings" },
     { name: "login", usage: '--url "..."', desc: "Interactive browser login" },
     { name: "skills", usage: "", desc: "List all skills" },
     { name: "skill", usage: "<id>", desc: "Get skill details" },
     { name: "cleanup-stale", usage: "[--skill ID] [--domain host] [--limit N]", desc: "Verify skills and evict stale cached endpoints" },
-    { name: "search", usage: '--intent "..." [--domain "..."]', desc: "Search marketplace" },
     { name: "sessions", usage: '--domain "..." [--limit N]', desc: "Debug session logs" },
-    { name: "go", usage: "<url> [--session id]", desc: "Open a live Kuri browser tab for capture-first workflows" },
+    { name: "go", usage: "<url> [--session id]", desc: "Open a fresh Kuri browser tab, or reuse explicit --session" },
     { name: "submit", usage: "[--session id] [--form-selector sel] [--submit-selector sel] [--wait-for hint] [--assist-site-state]", desc: "Submit current form. Thin browser-native proxy by default; site-state assist and same-origin rehydrate are explicit opt-ins" },
     { name: "snap", usage: "[--session id] [--filter interactive]", desc: "A11y snapshot with @eN refs" },
     { name: "click", usage: "[--session id] <ref>", desc: "Click element by ref (e.g. e5)" },
@@ -3624,8 +3557,8 @@ var CLI_REFERENCE = {
     { name: "eval", usage: "[--session id] <expression>", desc: "Evaluate JavaScript" },
     { name: "back", usage: "[--session id]", desc: "Navigate back" },
     { name: "forward", usage: "[--session id]", desc: "Navigate forward" },
-    { name: "sync", usage: "[--session id]", desc: "Checkpoint current capture, keep tab open, queue background index + publish" },
-    { name: "close", usage: "[--session id]", desc: "Checkpoint capture, queue background index + publish, then close browse session" }
+    { name: "sync", usage: "[--session id]", desc: "Checkpoint current capture, keep tab open, queue background index + publish, then inspect via skill/publish review" },
+    { name: "close", usage: "[--session id]", desc: "Checkpoint capture, queue background index + publish, close browse session, then inspect via skill/publish review" }
   ],
   globalFlags: [
     { flag: "--pretty", desc: "Indented JSON output" },
@@ -3635,19 +3568,19 @@ var CLI_REFERENCE = {
     { flag: "--opencode auto|global|project|off", desc: "setup: install /unbrowse command for Open Code" }
   ],
   resolveExecuteFlags: [
+    { flag: "--execute", desc: "Auto-execute the top trusted endpoint from resolve" },
     { flag: "--schema", desc: "Show response schema + extraction hints only (no data)" },
     { flag: '--path "data.items[]"', desc: "Drill into result before extract/output" },
     { flag: '--extract "field1,alias:deep.path.to.val"', desc: "Pick specific fields (no piping needed)" },
     { flag: "--limit N", desc: "Cap array output to N items" },
     { flag: "--endpoint-id ID", desc: "Pick a specific endpoint" },
     { flag: "--dry-run", desc: "Preview mutations" },
-    { flag: "--force-capture", desc: "Bypass caches, re-capture" },
     { flag: "--params '{...}'", desc: "Extra params as JSON" }
   ],
   examples: [
     "unbrowse setup",
     "unbrowse mcp",
-    'unbrowse resolve --intent "top stories" --url "https://news.ycombinator.com" --execute',
+    'unbrowse resolve --intent "top stories" --domain "news.ycombinator.com" --url "https://news.ycombinator.com" --execute',
     'unbrowse resolve --intent "get timeline" --url "https://x.com"',
     'unbrowse go "https://www.mandai.com/en/ticketing/admission-and-rides/parks-selection.html"',
     "unbrowse snap --filter interactive",
@@ -3657,10 +3590,11 @@ var CLI_REFERENCE = {
     "unbrowse execute --skill abc --endpoint def --schema --pretty",
     'unbrowse execute --skill abc --endpoint def --path "data.items[]" --extract "name,url" --limit 10 --pretty',
     "unbrowse feedback --skill abc --endpoint def --rating 5",
-    `unbrowse review --skill abc --endpoints '[{"endpoint_id":"def","description":"..."}]'`,
+    `unbrowse review --skill abc --endpoints '[{"endpoint_id":"def","description":"...","parameter_reviews":[{"location":"query","name":"q","description":"Search query","type":"string","required":true}],"response_reviews":[{"path":"items[].title","description":"Listing title","type":"string"}]}]'`,
     "unbrowse index --skill abc --pretty",
     "unbrowse publish --skill abc --pretty",
     "unbrowse publish --skill abc --confirm-publish --pretty",
+    "unbrowse publish-bundle --preset skills/x-account-operator/foundry-preset.json --pretty",
     'unbrowse settings --auto-publish off --publish-blacklist "linkedin.com,x.com" --publish-promptlist "github.com" --pretty',
     `unbrowse publish --skill abc --endpoints '[{"endpoint_id":"def","description":"Search court judgments by keywords","action_kind":"search","resource_kind":"judgment"}]'`
   ]
@@ -3688,7 +3622,7 @@ function printHelp() {
   for (const e of r.examples) {
     lines.push(`  ${e}`);
   }
-  lines.push("", "Browser workflow:", "  1. go -> open the live tab you want to work in", "  2. snap -> inspect refs and confirm the page state", "  3. click/fill/eval -> set real page state", "  4. submit -> prefer DOM submit; keep traversal browser-native; opt into same-origin rehydrate only for explicit replay/recovery debugging", "  5. sync -> checkpoint the current step and queue background index + publish", "  6. close -> final checkpoint + queue background index + publish, then close the session");
+  lines.push("", "Browser workflow:", "  1. go -> open the live tab you want to work in", "  2. snap -> inspect refs and confirm the page state", "  3. click/fill/eval -> set real page state", "  4. submit -> prefer DOM submit; keep traversal browser-native; opt into same-origin rehydrate only for explicit replay/recovery debugging", "  5. sync -> checkpoint the current step and queue background index + publish", "  6. close -> final checkpoint + queue background index + publish, then close the session", "  7. skill/publish --pretty -> inspect the fresh captured endpoints and review context", "  8. review/publish -> annotate and share the contract; resolve is for later reuse, not first-pass capture validation");
   lines.push("", "JS-heavy forms:", "  Prefer real calendar/time clicks before submit.", "  If the UI is flaky, inspect hidden inputs/cookies with eval, then submit the real form.");
   lines.push("");
   process.stderr.write(lines.join(`
@@ -3745,7 +3679,8 @@ async function cmdUpgrade(flags) {
 }
 async function cmdMcp(flags) {
   const entrypoint = resolveSiblingEntrypoint2(import.meta.url, "mcp");
-  const child = spawn3(process.execPath, [...runtimeArgsForEntrypoint2(import.meta.url, entrypoint), ...flags["no-auto-start"] ? ["--no-auto-start"] : []], {
+  const childArgs = isBundledVirtualEntrypoint(entrypoint) ? ["mcp-serve", ...flags["no-auto-start"] ? ["--no-auto-start"] : []] : [...runtimeArgsForEntrypoint2(import.meta.url, entrypoint), ...flags["no-auto-start"] ? ["--no-auto-start"] : []];
+  const child = spawn3(process.execPath, childArgs, {
     cwd: process.cwd(),
     stdio: "inherit",
     env: {
@@ -4097,6 +4032,7 @@ async function main() {
     "review",
     "index",
     "publish",
+    "publish-bundle",
     "settings",
     "login",
     "skills",
@@ -4169,6 +4105,8 @@ async function main() {
       return cmdIndex(flags);
     case "publish":
       return cmdPublish(flags);
+    case "publish-bundle":
+      return cmdPublishBundle(flags);
     case "settings":
       return cmdSettings(flags);
     case "login":