vibebox 0.0.0 → 0.0.1

package/Dockerfile

@@ -0,0 +1,85 @@
+FROM ubuntu:24.04
+
+ARG TZ=UTC
+ARG NODE_VERSION=24.12.0
+ARG NPM_VERSION=11.7.0
+ARG LOCAL_USER=coder
+ARG LOCAL_UID=1000
+ARG LOCAL_GID=1000
+ARG LOCAL_HOME=/home/coder
+
+ENV TZ="$TZ"
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    curl \
+    dnsutils \
+    fzf \
+    gh \
+    git \
+    gnupg2 \
+    iproute2 \
+    jq \
+    less \
+    lsof \
+    net-tools \
+    procps \
+    python3 \
+    python3-pip \
+    sudo \
+    unzip \
+    vim \
+    wget \
+    zsh \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Create parent directory for non-standard home paths (e.g., /Users/g on macOS)
+RUN mkdir -p $(dirname $LOCAL_HOME) 2>/dev/null || true
+
+# Create group and user
+RUN groupadd -g $LOCAL_GID $LOCAL_USER 2>/dev/null || true && \
+    GROUP_NAME=$(getent group $LOCAL_GID | cut -d: -f1) && \
+    useradd -m -s /bin/zsh -u $LOCAL_UID -g $GROUP_NAME -d $LOCAL_HOME $LOCAL_USER && \
+    echo "$LOCAL_USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
+
+USER $LOCAL_USER
+WORKDIR $LOCAL_HOME
+
+# Install nvm and Node.js
+ENV NVM_DIR="$LOCAL_HOME/.nvm"
+RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash && \
+    . "$NVM_DIR/nvm.sh" && \
+    nvm install $NODE_VERSION && \
+    nvm use $NODE_VERSION && \
+    nvm alias default $NODE_VERSION && \
+    npm install -g npm@$NPM_VERSION
+
+# Install Claude Code and sfw
+RUN curl -fsSL https://claude.ai/install.sh | bash && \
+    . "$NVM_DIR/nvm.sh" && npm install -g sfw
+
+# Configure zsh
+RUN echo 'export NVM_DIR="$HOME/.nvm"' >> $LOCAL_HOME/.zshrc && \
+    echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"' >> $LOCAL_HOME/.zshrc && \
+    echo 'export PS1="vibebox:%~ %(#.#.$) "' >> $LOCAL_HOME/.zshrc && \
+    echo 'setopt PROMPT_SUBST' >> $LOCAL_HOME/.zshrc && \
+    echo 'alias npm="sfw npm"' >> $LOCAL_HOME/.zshrc && \
+    echo 'alias npx="sfw npx"' >> $LOCAL_HOME/.zshrc && \
+    echo '$HOME/.local/bin/port-monitor.sh &!' >> $LOCAL_HOME/.zshrc
+
+# Copy container scripts
+COPY --chown=$LOCAL_USER:$LOCAL_GID container-scripts/ $LOCAL_HOME/.local/bin/
+RUN chmod +x $LOCAL_HOME/.local/bin/*.sh
+
+# Environment variables
+ENV SHELL=/bin/zsh \
+    TERM=xterm-256color \
+    COLORTERM=truecolor \
+    EDITOR=vim \
+    VISUAL=vim \
+    DEVCONTAINER=true \
+    PATH="$LOCAL_HOME/.local/bin:$LOCAL_HOME/.nvm/versions/node/v$NODE_VERSION/bin:$PATH" \
+    NODE_PATH="$LOCAL_HOME/.nvm/versions/node/v$NODE_VERSION/lib/node_modules"
+
+CMD ["/bin/zsh", "-c", "$HOME/.local/bin/startup.sh tail -f /dev/null"]

package/LICENSE.md

@@ -0,0 +1,7 @@
+Copyright 2026-present Giuseppe Gurgone
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/README.md

@@ -1,3 +1,119 @@
-# Vibebox
+# vibebox
 
-Coming soon..
+A minimal CLI for running dev sandboxes and CLI agents in Docker containers. Each workspace gets its own isolated container with automatic credential sync and config isolation.
+
+With supply chain attacks on npm becoming increasingly common, sandboxing your dev environment protects your host machine from malicious packages.
+
+The architecture supports multiple agents. Currently only Claude Code is integrated.
+
+[Why vibebox instead of `docker sandbox`, raw docker, or devcontainers?](#why-vibebox)
+
+## Requirements
+
+- Docker Desktop
+- Agent CLI on host (optional - enables shared auth/config across workspaces)
+
+## Install
+
+```bash
+npm install -g vibebox
+```
+
+Add to your shell profile (optional):
+
+```bash
+alias claude="vibebox agent run claude"
+```
+
+## Usage
+
+```bash
+# Agent commands
+vibebox agent run <name> [args]   # Run agent in sandbox
+vibebox agent run claude --temp   # Temporary workspace, prompts to save on exit
+vibebox agent ls                  # List agents with install status
+vibebox agent install <name>      # Install agent in sandbox
+
+# Container commands
+vibebox enter             # Shell into sandbox
+vibebox exec <cmd>        # Run command in sandbox
+vibebox ls                # List sandboxes
+vibebox stop [--all]      # Stop sandbox(es)
+vibebox rm [--all]        # Remove sandbox(es)
+vibebox rebuild           # Rebuild image with current host config
+```
+
+## Port Management
+
+Default ports exposed: 5173, 3000, 3001, 4173, 8080 (dynamic host allocation)
+
+```bash
+vibebox ports list        # Show current port mappings
+vibebox ports add 4200    # Add custom port
+vibebox ports remove 3000 # Remove port
+```
+
+When a service starts listening inside the container, you'll see:
+```
+● Port 5173 → http://localhost:32770
+```
+
+For unmapped ports:
+```
+⊖ Port 9000 listening (not exposed)
+```
+
+## Image Build
+
+The Docker image is built to match your host environment. When you run `vibebox rebuild`, it:
+
+1. Detects host Node.js version (`node --version`)
+2. Detects host npm version (`npm --version`)
+3. Detects user info (username, UID, GID, home directory)
+4. Passes these as build arguments to Docker
+
+This ensures the container user and environment mirrors your host setup for seamless file permissions and tooling.
+
+## Version Management
+
+When agent versions differ between host and sandbox:
+
+```
+claude version mismatch! Host: 2.1.2, Sandbox: 2.1.0
+
+Choose update strategy:
+  [1] Sync to higher version (2.1.2)
+  [2] Update both to latest
+  [N] Cancel
+```
+
+## Why vibebox?
+
+### vs `docker sandbox`
+
+Docker Desktop includes an experimental `docker sandbox` command for running agents (Claude Code, Gemini) in containers. Here's why vibebox takes a different approach:
+
+- **Transparency over black box**: `docker sandbox` is opaque. You can't see what it mounts, how it configures the environment, or debug issues. vibebox is simple TypeScript you can read and modify.
+- **No `--dangerously-skip-permissions`**: `docker sandbox` runs Claude with all permissions bypassed. vibebox respects your existing Claude settings and permission model.
+- **Shared credentials**: `docker sandbox` doesn't share auth with your host, so you log in fresh every time you create a sandbox. vibebox syncs credentials bidirectionally with your system keychain.
+- **Works with any Docker runtime**: `docker sandbox` requires Docker Desktop. vibebox works with Docker Engine, Colima, or any docker-compliant api.
+- **Interactive shell access**: `vibebox enter` drops you into a shell inside the container. Useful for debugging, running commands, or working alongside the agent.
+- **Port management**: vibebox automatically exposes common dev ports with dynamic host allocation, shows you the mappings when services start, and lets you add custom ports.
+- **Persistent containers**: Containers persist between sessions. Your installed packages, build artifacts, and environment stay intact until you explicitly remove them.
+
+### vs raw docker
+
+- **Zero boilerplate**: No writing Dockerfiles, figuring out mount paths, or managing `docker run` flags. Just `vibebox agent run claude`.
+- **Automatic credential sync**: Credentials are extracted from your system keychain and mounted into the container. No manual token copying.
+- **User matching**: Container user matches your host UID/GID/home path, so file permissions just work.
+- **Built-in port detection**: When a service starts listening, vibebox shows you the mapped URL. No guessing which host port maps where.
+
+### vs devcontainers
+
+- **No IDE coupling**: Devcontainers are designed for VS Code. vibebox works from any terminal.
+- **Simpler model**: No `devcontainer.json`, no features, no lifecycle hooks. One command to start.
+- **Agent-first**: Built specifically for CLI agents with credential mounting, not general-purpose dev environments.
+
+## License
+
+MIT

package/container-scripts/port-monitor.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+# Vibebox port monitor - detects new listening ports and shows mappings
+# Started in background by .zshrc
+
+[[ -z "$VIBEBOX_PROJECT_ROOT" ]] && exit 0
+
+mappings_file="$VIBEBOX_PROJECT_ROOT/.vibebox/port-mappings.txt"
+previous=""
+
+# Wait for shell to settle
+sleep 2
+
+# Get initial state (don't report existing ports)
+previous=$(ss -tln 2>/dev/null | awk 'NR>1 {split($4,a,":"); print a[length(a)]}' | sort -nu | tr '\n' ' ')
+
+while true; do
+  sleep 3
+
+  current=$(ss -tln 2>/dev/null | awk 'NR>1 {split($4,a,":"); print a[length(a)]}' | sort -nu | tr '\n' ' ')
+
+  # Find new ports
+  for port in $current; do
+    [[ -z "$port" || "$port" == "*" ]] && continue
+    if ! echo "$previous" | grep -qw "$port"; then
+      if [[ -f "$mappings_file" ]]; then
+        mapping=$(grep "^${port}:" "$mappings_file" 2>/dev/null)
+        if [[ -n "$mapping" ]]; then
+          echo -e "\n ● Port $port → http://localhost:${mapping#*:}"
+        else
+          echo -e "\n ⊖ Port $port listening (not exposed)"
+        fi
+      fi
+    fi
+  done
+
+  previous="$current"
+done

package/container-scripts/startup.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+set -e
+
+# Run command with node if the first argument contains a "-" or is not a system command. The last
+# part inside the "{}" is a workaround for the following bug in ash/dash:
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
+if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
+  set -- node "$@"
+fi
+
+exec "$@"

package/container-scripts/watcher.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# Idle watcher - exits after TIMEOUT seconds of no lock files (except detached.lock)
+
+LOCKS_DIR="$HOME/.vibebox/locks"
+DETACHED_LOCK="$LOCKS_DIR/detached.lock"
+IDLE_FILE="$LOCKS_DIR/idle"
+TIMEOUT=${1:-300}
+
+# Ensure locks directory exists
+mkdir -p "$LOCKS_DIR"
+
+echo "Starting watcher with ${TIMEOUT}s idle timeout"
+
+while true; do
+  # If detached.lock exists, loop forever
+  if [ -f "$DETACHED_LOCK" ]; then
+    rm -f "$IDLE_FILE"
+    sleep 1
+    continue
+  fi
+
+  # Count session lock files (session-*.lock)
+  lock_count=$(find "$LOCKS_DIR" -name 'session-*.lock' 2>/dev/null | wc -l)
+
+  if [ "$lock_count" -eq 0 ]; then
+    # No session locks - check/start idle timer
+    if [ -f "$IDLE_FILE" ]; then
+      idle_start=$(cat "$IDLE_FILE")
+      now=$(date +%s)
+      elapsed=$((now - idle_start))
+      if [ "$elapsed" -ge "$TIMEOUT" ]; then
+        echo "Idle timeout of ${TIMEOUT}s reached. Exiting."
+        rm -f "$IDLE_FILE"
+        exit 0
+      fi
+    else
+      # Start idle timer
+      date +%s > "$IDLE_FILE"
+    fi
+  else
+    # Sessions active - reset idle timer
+    rm -f "$IDLE_FILE"
+  fi
+
+  sleep 1
+done

package/dist/agents/auth.js

@@ -0,0 +1,71 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getCredentialStore = getCredentialStore;
+exports.readCredentialsFile = readCredentialsFile;
+const node_child_process_1 = require("node:child_process");
+const node_fs_1 = require("node:fs");
+const node_os_1 = require("node:os");
+function getCredentialStore() {
+    switch ((0, node_os_1.platform)()) {
+        case "darwin":
+            return {
+                get: (service, account) => {
+                    try {
+                        return (0, node_child_process_1.execSync)(`security find-generic-password -a "${account}" -s "${service}" -w`, { encoding: "utf8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+                    }
+                    catch {
+                        return null;
+                    }
+                },
+                set: (service, account, value) => {
+                    const hexData = Buffer.from(value, "utf-8").toString("hex");
+                    const input = `add-generic-password -U -a "${account}" -s "${service}" -X "${hexData}"\n`;
+                    (0, node_child_process_1.execSync)("security -i", {
+                        input,
+                        stdio: ["pipe", "pipe", "pipe"],
+                    });
+                },
+            };
+        case "win32":
+            return {
+                get: (service, account) => {
+                    try {
+                        const cmd = `powershell -Command "(Get-StoredCredential -Target '${service}:${account}').GetNetworkCredential().Password"`;
+                        return (0, node_child_process_1.execSync)(cmd, { encoding: "utf8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+                    }
+                    catch {
+                        return null;
+                    }
+                },
+                set: (service, account, value) => {
+                    const cmd = `powershell -Command "New-StoredCredential -Target '${service}:${account}' -Password '${value}' -Persist LocalMachine"`;
+                    (0, node_child_process_1.execSync)(cmd);
+                },
+            };
+        default:
+            // Linux: secret-tool (libsecret)
+            return {
+                get: (service, account) => {
+                    try {
+                        return (0, node_child_process_1.execSync)(`secret-tool lookup service "${service}" account "${account}"`, { encoding: "utf8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+                    }
+                    catch {
+                        return null;
+                    }
+                },
+                set: (service, account, value) => {
+                    (0, node_child_process_1.execSync)(`echo -n "${value}" | secret-tool store --label="${service}" service "${service}" account "${account}"`);
+                },
+            };
+    }
+}
+function readCredentialsFile(path) {
+    try {
+        if (!(0, node_fs_1.existsSync)(path))
+            return null;
+        return JSON.parse((0, node_fs_1.readFileSync)(path, "utf8"));
+    }
+    catch {
+        return null;
+    }
+}

package/dist/agents/claude/index.js

@@ -0,0 +1,176 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.claude = void 0;
+exports.getCredentialPaths = getCredentialPaths;
+const auth_1 = require("../auth");
+const node_child_process_1 = require("node:child_process");
+const node_fs_1 = require("node:fs");
+const node_os_1 = require("node:os");
+const node_path_1 = require("node:path");
+const node_crypto_1 = require("node:crypto");
+const KEYCHAIN_SERVICES = [
+    "Claude Code-credentials",
+    "claude-code-credentials",
+    "claude.ai",
+];
+function getKeychainServiceName() {
+    const configDir = process.env.CLAUDE_CONFIG_DIR;
+    if (configDir) {
+        const hash = (0, node_crypto_1.createHash)("sha256")
+            .update(configDir)
+            .digest("hex")
+            .substring(0, 8);
+        return `Claude Code-credentials-${hash}`;
+    }
+    return "Claude Code-credentials";
+}
+function extractFromKeychain() {
+    const store = (0, auth_1.getCredentialStore)();
+    const user = (0, node_os_1.userInfo)().username;
+    for (const svc of KEYCHAIN_SERVICES) {
+        const data = store.get(svc, user);
+        if (data) {
+            try {
+                const creds = JSON.parse(data);
+                if (creds.claudeAiOauth?.accessToken)
+                    return creds;
+            }
+            catch {
+                continue;
+            }
+        }
+    }
+    return null;
+}
+function compareFreshness(first, second) {
+    const firstExpiry = first?.claudeAiOauth?.expiresAt;
+    const secondExpiry = second?.claudeAiOauth?.expiresAt;
+    if (!first?.claudeAiOauth?.accessToken && !second?.claudeAiOauth?.accessToken) {
+        return "unknown";
+    }
+    if (!first?.claudeAiOauth?.accessToken)
+        return "second";
+    if (!second?.claudeAiOauth?.accessToken)
+        return "first";
+    if (firstExpiry === undefined && secondExpiry === undefined)
+        return "equal";
+    if (firstExpiry === undefined)
+        return "second";
+    if (secondExpiry === undefined)
+        return "first";
+    if (firstExpiry > secondExpiry)
+        return "first";
+    if (secondExpiry > firstExpiry)
+        return "second";
+    return "equal";
+}
+exports.claude = {
+    name: "claude",
+    command: "claude",
+    configDir: (0, node_path_1.join)((0, node_os_1.homedir)(), ".claude"),
+    isInstalledOnHost: () => {
+        try {
+            (0, node_child_process_1.execSync)("claude --version", { stdio: "pipe" });
+            return true;
+        }
+        catch {
+            return false;
+        }
+    },
+    dockerArgs: ({ workspace, home, containerOnly }) => {
+        const claudeDir = (0, node_path_1.join)(home, ".claude");
+        const configCopy = (0, node_path_1.join)(workspace, ".vibebox", "claude.json");
+        const config = (0, node_path_1.join)(home, ".claude.json");
+        // Container-only mode: minimal mounts, container manages its own ~/.claude
+        if (containerOnly) {
+            return [
+                // Mount config copy (not the original, to prevent corruption)
+                "-v", `${configCopy}:${config}`,
+            ];
+        }
+        // Host mode: mount ~/.claude with selective hiding for isolation
+        const projectFolder = workspace.replace(/\//g, "-");
+        const emptyDir = (0, node_path_1.join)(workspace, ".vibebox", "empty");
+        const emptyFile = (0, node_path_1.join)(workspace, ".vibebox", "empty-file");
+        const credentials = (0, node_path_1.join)(claudeDir, ".credentials.json");
+        return [
+            // Mount ~/.claude with selective hiding
+            "-v", `${claudeDir}:${claudeDir}`,
+            "-v", `${emptyDir}:${claudeDir}/projects`,
+            "-v", `${emptyFile}:${claudeDir}/history.jsonl`,
+            "-v", `${claudeDir}/projects/${projectFolder}:${claudeDir}/projects/${projectFolder}`,
+            // Mount credentials
+            "-v", `${credentials}:${credentials}`,
+            // Mount config copy (not the original, to prevent corruption)
+            "-v", `${configCopy}:${config}`,
+        ];
+    },
+    install: (containerName) => {
+        console.log("Installing Claude Code...");
+        (0, node_child_process_1.execSync)(`docker exec ${containerName} bash -c "curl -fsSL https://claude.ai/install.sh | sh"`, { stdio: "inherit" });
+    },
+    setup: ({ workspace, containerOnly }) => {
+        const home = (0, node_os_1.homedir)();
+        const claudeDir = (0, node_path_1.join)(home, ".claude");
+        const credFile = (0, node_path_1.join)(claudeDir, ".credentials.json");
+        // Ensure directories exist
+        (0, node_fs_1.mkdirSync)((0, node_path_1.join)(workspace, ".vibebox", "empty"), { recursive: true });
+        // Create empty overlay file
+        const emptyFile = (0, node_path_1.join)(workspace, ".vibebox", "empty-file");
+        if (!(0, node_fs_1.existsSync)(emptyFile))
+            (0, node_fs_1.writeFileSync)(emptyFile, "");
+        // Create minimal config to skip onboarding and trust prompts
+        const configCopy = (0, node_path_1.join)(workspace, ".vibebox", "claude.json");
+        const minimalConfig = {
+            hasCompletedOnboarding: true,
+            projects: {
+                [workspace]: {
+                    allowedTools: [],
+                    hasTrustDialogAccepted: true,
+                    hasCompletedProjectOnboarding: true,
+                },
+            },
+        };
+        (0, node_fs_1.writeFileSync)(configCopy, JSON.stringify(minimalConfig, null, 2));
+        // Container-only mode: skip credential sync, agent will prompt for login
+        if (containerOnly)
+            return;
+        // Host mode: sync credentials from system credential store
+        (0, node_fs_1.mkdirSync)(claudeDir, { recursive: true });
+        // Clean up if credentials file is a directory (Claude bug)
+        if ((0, node_fs_1.existsSync)(credFile) && (0, node_fs_1.lstatSync)(credFile).isDirectory()) {
+            (0, node_fs_1.rmSync)(credFile, { recursive: true, force: true });
+        }
+        // Sync credentials from system credential store (macOS only for now)
+        if (process.platform === "darwin") {
+            const keychainCreds = extractFromKeychain();
+            const fileCreds = (0, auth_1.readCredentialsFile)(credFile);
+            const freshness = compareFreshness(keychainCreds, fileCreds);
+            if (freshness === "first" || freshness === "equal") {
+                if (!keychainCreds)
+                    throw new Error("No credentials. Run: claude auth login");
+                (0, node_fs_1.writeFileSync)(credFile, JSON.stringify(keychainCreds, null, 2));
+            }
+            else if (freshness === "second" && fileCreds) {
+                // File is fresher, sync back to keychain
+                const store = (0, auth_1.getCredentialStore)();
+                store.set(getKeychainServiceName(), (0, node_os_1.userInfo)().username, JSON.stringify(fileCreds));
+            }
+            else if (!keychainCreds && !fileCreds) {
+                throw new Error("No credentials. Run: claude auth login");
+            }
+        }
+        else {
+            if (!(0, node_fs_1.existsSync)(credFile)) {
+                throw new Error("No credentials. Run: claude auth login");
+            }
+        }
+    },
+    versionCommand: "claude --version",
+};
+function getCredentialPaths() {
+    return {
+        credentials: (0, node_path_1.join)((0, node_os_1.homedir)(), ".claude", ".credentials.json"),
+        config: (0, node_path_1.join)((0, node_os_1.homedir)(), ".claude.json"),
+    };
+}

package/dist/agents/index.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.agents = void 0;
+exports.detectInstalledAgents = detectInstalledAgents;
+exports.isAgentInstalled = isAgentInstalled;
+const node_child_process_1 = require("node:child_process");
+const claude_1 = require("./claude");
+exports.agents = {
+    claude: claude_1.claude,
+};
+function detectInstalledAgents() {
+    return Object.entries(exports.agents)
+        .filter(([_, agent]) => agent.isInstalledOnHost())
+        .map(([name]) => name);
+}
+function isAgentInstalled(containerName, agent) {
+    try {
+        (0, node_child_process_1.execSync)(`docker exec ${containerName} which ${agent.command}`, { stdio: "pipe" });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}

package/dist/agents/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/auth.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getCredentialPaths = void 0;
+exports.ensureCredentials = ensureCredentials;
+// Re-export from Claude agent for backward compatibility
+const claude_1 = require("./agents/claude");
+Object.defineProperty(exports, "getCredentialPaths", { enumerable: true, get: function () { return claude_1.getCredentialPaths; } });
+function ensureCredentials() {
+    // Delegates to Claude agent's setup with current working directory
+    claude_1.claude.setup?.({ workspace: process.cwd() });
+}