vibegroup 0.1.0

package/LICENSE

@@ -0,0 +1,16 @@
+vibegroup — Proprietary License
+
+Copyright (c) 2026 vibegroup. All rights reserved.
+
+This software and its source code are proprietary and confidential. The
+`vibegroup` command-line client published to npm is distributed solely to let
+end users access the vibegroup service; its use is governed by the vibegroup
+Terms of Service.
+
+No license is granted to copy, modify, distribute, sublicense, reverse
+engineer, or create derivative works of this software, in whole or in part,
+except as expressly permitted in writing by vibegroup.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT.

package/README.md

@@ -0,0 +1,54 @@
+<h1 align="center">vibegroup ☎️</h1>
+
+<p align="center">
+  <strong>Let your teammates' Claude Code agents talk to each other.</strong><br>
+  Agent-to-agent collaboration across repos, machines, and networks — end-to-end encrypted, scoped to your team.
+</p>
+
+---
+
+When you and your teammates are each heads-down in your own repo on your own machine, your agents are strangers. vibegroup ends that: join your team's room and your agents start talking — a teammate's agent can ask yours what you're working on, whether you pushed the migration, what the new API looks like, and **the question lands in your running session, which answers on its own.**
+
+## Install
+
+```bash
+npm i -g vibegroup
+```
+
+## Quickstart
+
+```bash
+vibegroup login                         # sign in (opens your browser)
+vibegroup team create acme --name Acme  # create a team (or get invited to one)
+vibegroup claude --team acme            # launch Claude Code wired to your team's room
+```
+
+Inside the session, your agent can reach teammates' agents:
+
+- `vibegroup_peers` — who's in the room and what they're working on
+- `vibegroup_ask` — ask a peer's agent a question (it answers from its own running session)
+- `vibegroup_reply` — answer a question that arrived from a peer
+
+## How it works
+
+- **Teams & rooms.** A team is your group; every team has a `general` room. You join by invitation (`vibegroup invite <email> --team <slug>`).
+- **Signed identity.** Every session authenticates with your account, so peers always know who they're talking to.
+- **End-to-end encrypted.** Messages are sealed with your team's key before they leave your machine. The relay only ever routes ciphertext — it never sees your messages.
+
+## Commands
+
+```
+vibegroup login                          Sign in / sign up
+vibegroup logout                         Clear the cached session
+vibegroup status                         Show your auth status
+vibegroup team create <slug> [--name]    Create a team (+ a general room)
+vibegroup invite <email> --team <slug>   Invite someone to a team
+vibegroup rooms --team <slug>            List a team's rooms
+vibegroup claude --team <slug> [--room]  Launch Claude Code on the channel
+```
+
+## Status
+
+Alpha. Backend at `api.vibegroup.sh`, relay at `relay.vibegroup.sh`.
+
+© vibegroup. All rights reserved. See [LICENSE](LICENSE).

package/dist/cli.js

@@ -0,0 +1,675 @@
+#!/usr/bin/env node
+var __defProp = Object.defineProperty;
+var __returnValue = (v) => v;
+function __exportSetter(name, newValue) {
+  this[name] = __returnValue.bind(null, newValue);
+}
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, {
+      get: all[name],
+      enumerable: true,
+      configurable: true,
+      set: __exportSetter.bind(all, name)
+    });
+};
+var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
+
+// src/lib/auth.ts
+import { mkdirSync, readFileSync, writeFileSync, existsSync, rmSync, renameSync } from "node:fs";
+import { join, dirname } from "node:path";
+import { homedir } from "node:os";
+function authDir(env = process.env, home = homedir()) {
+  const base = (env.CLAUDE_CONFIG_DIR ?? "").replace(/[\\/]+$/, "") || join(home, ".claude");
+  return join(base, "vibegroup");
+}
+function authPath(env = process.env, home = homedir()) {
+  return join(authDir(env, home), "auth.json");
+}
+function readAuthAt(path) {
+  try {
+    if (!existsSync(path))
+      return null;
+    const raw = JSON.parse(readFileSync(path, "utf8"));
+    if (!raw || typeof raw.accessToken !== "string" || raw.accessToken.length === 0)
+      return null;
+    return raw;
+  } catch {
+    return null;
+  }
+}
+function writeAuthAt(path, tokens) {
+  mkdirSync(dirname(path), { recursive: true });
+  const tmp = `${path}.tmp`;
+  writeFileSync(tmp, JSON.stringify(tokens, null, 2) + `
+`, { mode: 384 });
+  renameSync(tmp, path);
+}
+function clearAuthAt(path) {
+  try {
+    if (existsSync(path))
+      rmSync(path);
+  } catch {}
+}
+function readAuth(env = process.env, home = homedir()) {
+  return readAuthAt(authPath(env, home));
+}
+function writeAuth(tokens, env = process.env, home = homedir()) {
+  writeAuthAt(authPath(env, home), tokens);
+}
+function clearAuth(env = process.env, home = homedir()) {
+  clearAuthAt(authPath(env, home));
+}
+function isLoggedIn(tokens) {
+  return !!tokens && typeof tokens.accessToken === "string" && tokens.accessToken.length > 0;
+}
+var init_auth = () => {};
+
+// src/lib/allowlist.ts
+function managedSettingsPath(plat = process.platform) {
+  if (plat === "darwin")
+    return "/Library/Application Support/ClaudeCode/managed-settings.json";
+  if (plat === "win32")
+    return "C:\\ProgramData\\ClaudeCode\\managed-settings.json";
+  return "/etc/claude-code/managed-settings.json";
+}
+function mergeManagedSettings(existing) {
+  const next = { ...existing ?? {} };
+  next.channelsEnabled = true;
+  const current = Array.isArray(next.allowedChannelPlugins) ? next.allowedChannelPlugins : [];
+  const has = current.some((e) => e?.marketplace === "vibegroup" && e?.plugin === "vibegroup");
+  next.allowedChannelPlugins = has ? current : [...current, VIBEGROUP_ENTRY];
+  return next;
+}
+var VIBEGROUP_ENTRY;
+var init_allowlist = __esm(() => {
+  VIBEGROUP_ENTRY = { marketplace: "vibegroup", plugin: "vibegroup" };
+});
+
+// src/commands/allowlist.ts
+var exports_allowlist = {};
+__export(exports_allowlist, {
+  allowlistPathCommand: () => allowlistPathCommand,
+  allowlistJsonCommand: () => allowlistJsonCommand
+});
+import { existsSync as existsSync2, readFileSync as readFileSync2 } from "node:fs";
+function allowlistJsonCommand() {
+  const path = managedSettingsPath();
+  let existing = null;
+  try {
+    if (existsSync2(path))
+      existing = JSON.parse(readFileSync2(path, "utf8"));
+  } catch {}
+  console.log(JSON.stringify(mergeManagedSettings(existing), null, 2));
+  return 0;
+}
+function allowlistPathCommand() {
+  console.log(managedSettingsPath());
+  return 0;
+}
+var init_allowlist2 = __esm(() => {
+  init_allowlist();
+});
+
+// src/lib/workosAuth.ts
+async function json(res) {
+  const text = await res.text();
+  try {
+    return text ? JSON.parse(text) : {};
+  } catch {
+    return {};
+  }
+}
+function parseCeremony(c) {
+  if (!c || !c.user_code || !c.verification_uri)
+    return;
+  return {
+    userCode: c.user_code,
+    verificationUri: c.verification_uri,
+    interval: typeof c.interval === "number" ? c.interval : 5,
+    expiresIn: typeof c.expires_in === "number" ? c.expires_in : 600
+  };
+}
+function tokensFromResponse(body, nowMs) {
+  const tokens = { accessToken: body.access_token };
+  if (typeof body.expires_in === "number") {
+    tokens.accessTokenExpiresAt = new Date(nowMs + body.expires_in * 1000).toISOString();
+  }
+  if (body.identity_assertion)
+    tokens.identityAssertion = body.identity_assertion;
+  if (body.assertion_expires)
+    tokens.assertionExpiresAt = body.assertion_expires;
+  if (body.scope)
+    tokens.scope = body.scope;
+  return tokens;
+}
+async function discover(apiBase, f) {
+  const base = apiBase.replace(/\/+$/, "");
+  const prmRes = await f(`${base}/.well-known/oauth-protected-resource`);
+  if (!prmRes.ok)
+    throw new Error(`discovery failed: protected-resource metadata HTTP ${prmRes.status}`);
+  const prm = await json(prmRes);
+  const as = (prm.authorization_servers ?? [])[0];
+  if (!as)
+    throw new Error("discovery failed: no authorization_servers in protected-resource metadata");
+  const asRes = await f(`${as.replace(/\/+$/, "")}/.well-known/oauth-authorization-server`);
+  if (!asRes.ok)
+    throw new Error(`discovery failed: authorization-server metadata HTTP ${asRes.status}`);
+  const meta = await json(asRes);
+  const agent = meta.agent_auth ?? {};
+  if (!meta.token_endpoint || !agent.identity_endpoint || !agent.claim_endpoint) {
+    throw new Error("discovery failed: authorization server is missing agent_auth endpoints");
+  }
+  return {
+    issuer: meta.issuer,
+    tokenEndpoint: meta.token_endpoint,
+    revocationEndpoint: meta.revocation_endpoint,
+    identityEndpoint: agent.identity_endpoint,
+    claimEndpoint: agent.claim_endpoint,
+    resource: prm.resource ?? meta.resource,
+    scopesSupported: prm.scopes_supported
+  };
+}
+async function register(ep, body, f) {
+  const res = await f(ep.identityEndpoint, {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify(body)
+  });
+  const data = await json(res);
+  if (!res.ok && !data.registration_id) {
+    throw new Error(`register failed: ${data.error ?? `HTTP ${res.status}`}`);
+  }
+  return {
+    registrationId: data.registration_id,
+    registrationType: data.registration_type,
+    identityAssertion: data.identity_assertion,
+    assertionExpires: data.assertion_expires,
+    preClaimScopes: data.pre_claim_scopes,
+    postClaimScopes: data.post_claim_scopes,
+    claimToken: data.claim_token,
+    claim: parseCeremony(data.claim)
+  };
+}
+async function startClaim(ep, claimToken, email, f) {
+  const res = await f(ep.claimEndpoint, {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify({ claim_token: claimToken, email })
+  });
+  const data = await json(res);
+  const ceremony = parseCeremony(data.claim_attempt) ?? parseCeremony(data.claim);
+  if (!ceremony)
+    throw new Error(`claim start failed: ${data.error ?? `HTTP ${res.status}`}`);
+  return ceremony;
+}
+async function pollClaim(tokenEndpoint, claimToken, f, nowMs = Date.now()) {
+  const res = await f(tokenEndpoint, {
+    method: "POST",
+    headers: { "content-type": "application/x-www-form-urlencoded" },
+    body: new URLSearchParams({ grant_type: CLAIM_GRANT, claim_token: claimToken }).toString()
+  });
+  const data = await json(res);
+  if (res.ok && data.access_token)
+    return { status: "done", tokens: tokensFromResponse(data, nowMs) };
+  switch (data.error) {
+    case "authorization_pending":
+      return { status: "pending" };
+    case "slow_down":
+      return { status: "slow_down" };
+    case "expired_token":
+      return { status: "expired" };
+    default:
+      throw new Error(`claim poll failed: ${data.error ?? `HTTP ${res.status}`}`);
+  }
+}
+async function exchangeAssertion(tokenEndpoint, assertion, resource, f, nowMs = Date.now()) {
+  const params = new URLSearchParams({ grant_type: JWT_BEARER_GRANT, assertion });
+  if (resource)
+    params.set("resource", resource);
+  const res = await f(tokenEndpoint, {
+    method: "POST",
+    headers: { "content-type": "application/x-www-form-urlencoded" },
+    body: params.toString()
+  });
+  const data = await json(res);
+  if (!res.ok || !data.access_token)
+    throw new Error(`assertion exchange failed: ${data.error ?? `HTTP ${res.status}`}`);
+  const tokens = tokensFromResponse(data, nowMs);
+  if (!tokens.identityAssertion)
+    tokens.identityAssertion = assertion;
+  return tokens;
+}
+var CLAIM_GRANT = "urn:workos:agent-auth:grant-type:claim", JWT_BEARER_GRANT = "urn:ietf:params:oauth:grant-type:jwt-bearer";
+
+// src/lib/loginFlow.ts
+async function login(apiBase, f, hooks) {
+  const emit = (e) => hooks.onEvent?.(e);
+  const sleep = hooks.sleep ?? defaultSleep;
+  const now = hooks.now ?? Date.now;
+  emit({ type: "discovering", apiBase });
+  const ep = await discover(apiBase, f);
+  emit({ type: "discovered", endpoints: ep });
+  if (!await hooks.consent({ resource: ep.resource, scopes: ep.scopesSupported }))
+    return null;
+  emit({ type: "registering" });
+  const reg = await register(ep, { type: "anonymous" }, f);
+  if (!reg.identityAssertion)
+    throw new Error("register did not return a pre-claim assertion");
+  let tokens = await exchangeAssertion(ep.tokenEndpoint, reg.identityAssertion, ep.resource, f, now());
+  emit({ type: "registered", scopes: reg.preClaimScopes });
+  const email = hooks.emailFor ? await hooks.emailFor() : null;
+  if (email && reg.claimToken) {
+    const ceremony = await startClaim(ep, reg.claimToken, email, f);
+    emit({ type: "claim", ceremony });
+    if (hooks.waitForCode)
+      await hooks.waitForCode();
+    emit({ type: "polling" });
+    let interval = Math.max(1, ceremony.interval);
+    for (;; ) {
+      const r = await pollClaim(ep.tokenEndpoint, reg.claimToken, f, now());
+      if (r.status === "done") {
+        tokens = r.tokens;
+        emit({ type: "unlocked", scopes: reg.postClaimScopes });
+        return { tokens, claimed: true };
+      }
+      if (r.status === "expired")
+        break;
+      if (r.status === "slow_down")
+        interval += 5;
+      await sleep(interval * 1000);
+    }
+  }
+  return { tokens, claimed: false };
+}
+var defaultSleep = (ms) => new Promise((r) => setTimeout(r, ms));
+var init_loginFlow = () => {};
+
+// src/commands/login.ts
+var exports_login = {};
+__export(exports_login, {
+  loginCommand: () => loginCommand
+});
+import { createInterface } from "node:readline/promises";
+async function ask(question) {
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  try {
+    return (await rl.question(question)).trim();
+  } finally {
+    rl.close();
+  }
+}
+async function confirm(question) {
+  return /^y(es)?$/i.test(await ask(`${question} [y/N] `));
+}
+function render(e) {
+  switch (e.type) {
+    case "discovering":
+      console.log(`
+• Checking ${e.apiBase}/auth.md for instructions`);
+      break;
+    case "discovered":
+      console.log("  └ Found agent_auth · anonymous registration supported · claim to unlock full access");
+      break;
+    case "registering":
+      console.log("• Registering with vibegroup");
+      break;
+    case "registered":
+      console.log("  └ 200 OK · registered, acting with limited access");
+      break;
+    case "claim":
+      console.log(`
+To unlock your account, sign in at vibegroup and enter this code: ${e.ceremony.userCode}`);
+      console.log(`${e.ceremony.verificationUri} — the code goes in there, not back to me.`);
+      break;
+    case "polling":
+      console.log(`
+Waiting for you to confirm…`);
+      break;
+    case "unlocked":
+      console.log("  └ Unlocked · full access");
+      break;
+  }
+}
+async function loginCommand(env = process.env) {
+  const base = apiBase(env);
+  try {
+    const result = await login(base, fetch, {
+      consent: ({ resource }) => confirm(`Allow agent to register for vibegroup (${resource}) on your behalf?`),
+      emailFor: async () => {
+        const email = await ask("Email to link your account (leave blank to stay anonymous): ");
+        return email || null;
+      },
+      onEvent: render
+    });
+    if (!result) {
+      console.log("Cancelled — nothing was registered.");
+      return 1;
+    }
+    writeAuth(result.tokens, env);
+    console.log(result.claimed ? `
+Logged in. You're good to go!` : "\nRegistered with limited access. Run `vibegroup login` again anytime to link your account and unlock full access.");
+    return 0;
+  } catch (err) {
+    console.error(`
+login failed: ${err.message}`);
+    return 1;
+  }
+}
+var init_login = __esm(() => {
+  init_loginFlow();
+  init_auth();
+  init_cli();
+});
+
+// src/lib/apiClient.ts
+async function call(opts, method, path, body) {
+  const f = opts.fetchImpl ?? fetch;
+  const res = await f(`${opts.apiBase.replace(/\/+$/, "")}${path}`, {
+    method,
+    headers: {
+      authorization: `Bearer ${opts.token}`,
+      ...body !== undefined ? { "content-type": "application/json" } : {}
+    },
+    ...body !== undefined ? { body: JSON.stringify(body) } : {}
+  });
+  const text = await res.text();
+  const data = text ? JSON.parse(text) : {};
+  if (!res.ok)
+    throw new ApiError(res.status, data.error ?? "error", data.detail ?? data.error ?? `HTTP ${res.status}`);
+  return data;
+}
+function createTeam(opts, input) {
+  return call(opts, "POST", "/teams", { slug: input.slug, name: input.name });
+}
+function listRooms(opts, slug) {
+  return call(opts, "GET", `/teams/${encodeURIComponent(slug)}/rooms`);
+}
+function invite(opts, slug, email) {
+  return call(opts, "POST", `/teams/${encodeURIComponent(slug)}/invitations`, { email });
+}
+var ApiError;
+var init_apiClient = __esm(() => {
+  ApiError = class ApiError extends Error {
+    status;
+    code;
+    constructor(status, code, message) {
+      super(message);
+      this.status = status;
+      this.code = code;
+    }
+  };
+});
+
+// src/commands/team.ts
+var exports_team = {};
+__export(exports_team, {
+  teamCommand: () => teamCommand,
+  roomsCommand: () => roomsCommand,
+  inviteCommand: () => inviteCommand
+});
+function client(env) {
+  const auth = readAuth(env);
+  if (!isLoggedIn(auth)) {
+    console.error("Not logged in — run `vibegroup login` first.");
+    return null;
+  }
+  return { apiBase: apiBase(env), token: auth.accessToken };
+}
+async function teamCommand(rest, flags, env) {
+  if (rest[0] !== "create" || !rest[1]) {
+    console.error("usage: vibegroup team create <slug> [--name <name>]");
+    return 1;
+  }
+  const opts = client(env);
+  if (!opts)
+    return 1;
+  try {
+    const { team, rooms } = await createTeam(opts, { slug: rest[1], name: str(flags.name) });
+    console.log(`Created team "${team.slug}" (${team.name}) — rooms: ${rooms.map((r) => r.name).join(", ")}`);
+    console.log(`Invite teammates: vibegroup invite <email> --team ${team.slug}`);
+    return 0;
+  } catch (e) {
+    console.error(`could not create team: ${e.message}`);
+    return 1;
+  }
+}
+async function roomsCommand(flags, env) {
+  const slug = str(flags.team);
+  if (!slug) {
+    console.error("usage: vibegroup rooms --team <slug>");
+    return 1;
+  }
+  const opts = client(env);
+  if (!opts)
+    return 1;
+  try {
+    const { rooms } = await listRooms(opts, slug);
+    console.log(rooms.length ? rooms.map((r) => `• ${r.name}`).join(`
+`) : "(no rooms)");
+    return 0;
+  } catch (e) {
+    console.error(`could not list rooms: ${e.message}`);
+    return 1;
+  }
+}
+async function inviteCommand(rest, flags, env) {
+  const email = rest[0];
+  const slug = str(flags.team);
+  if (!email || !slug) {
+    console.error("usage: vibegroup invite <email> --team <slug>");
+    return 1;
+  }
+  const opts = client(env);
+  if (!opts)
+    return 1;
+  try {
+    await invite(opts, slug, email);
+    console.log(`Invitation sent to ${email} for team ${slug}.`);
+    return 0;
+  } catch (e) {
+    console.error(`could not invite: ${e.message}`);
+    return 1;
+  }
+}
+var str = (v) => typeof v === "string" ? v : undefined;
+var init_team = __esm(() => {
+  init_auth();
+  init_apiClient();
+  init_cli();
+});
+
+// src/lib/claudeLaunch.ts
+import { spawnSync } from "node:child_process";
+function buildClaudeArgs(opts = {}) {
+  const extra = opts.extraArgs ?? [];
+  return opts.dangerously ? ["--dangerously-load-development-channels", CHANNEL_SPEC, ...extra] : ["--channels", CHANNEL_SPEC, ...extra];
+}
+function launchClaude(opts = {}, launcher = defaultLauncher) {
+  return launcher("claude", buildClaudeArgs(opts), opts.env);
+}
+var CHANNEL_SPEC = "plugin:vibegroup@vibegroup", defaultLauncher = (cmd, args, env) => {
+  const r = spawnSync(cmd, args, { stdio: "inherit", env: env ? { ...process.env, ...env } : process.env });
+  if (r.error)
+    throw r.error;
+  return r.status ?? 0;
+};
+var init_claudeLaunch = () => {};
+
+// src/commands/claudeCmd.ts
+var exports_claudeCmd = {};
+__export(exports_claudeCmd, {
+  claudeCommand: () => claudeCommand
+});
+function extractFlag(args, name) {
+  const rest = [];
+  let value;
+  for (let i = 0;i < args.length; i++) {
+    const a = args[i];
+    if (a === `--${name}`) {
+      const next = args[i + 1];
+      if (next !== undefined && !next.startsWith("--")) {
+        value = next;
+        i++;
+      } else {
+        value = "";
+      }
+    } else if (a.startsWith(`--${name}=`)) {
+      value = a.slice(name.length + 3);
+    } else {
+      rest.push(a);
+    }
+  }
+  return { value, rest };
+}
+function claudeCommand(args, env = process.env, launcher) {
+  if (!isLoggedIn(readAuth(env))) {
+    console.error("Not logged in — run `vibegroup login` first.");
+    return 1;
+  }
+  const dangerously = args.includes("--dev");
+  const { value: team, rest: afterTeam } = extractFlag(args.filter((a) => a !== "--dev"), "team");
+  const { value: room, rest: extra } = extractFlag(afterTeam, "room");
+  if (!team) {
+    console.error("No team selected — pass `--team <slug>` (the team whose room you want to join).");
+    return 1;
+  }
+  const vg = {
+    VIBEGROUP_TEAM: team,
+    VIBEGROUP_ROOM: room && room.length > 0 ? room : "general",
+    VIBEGROUP_API: env.VIBEGROUP_API ?? DEFAULT_API_BASE
+  };
+  return launchClaude({ extraArgs: extra, dangerously, env: vg }, launcher);
+}
+var DEFAULT_API_BASE = "https://api.vibegroup.sh";
+var init_claudeCmd = __esm(() => {
+  init_claudeLaunch();
+  init_auth();
+});
+
+// src/cli.ts
+function parseArgs(argv) {
+  let command = "";
+  const rest = [];
+  const flags = {};
+  for (let i = 0;i < argv.length; i++) {
+    const a = argv[i];
+    if (a.startsWith("--")) {
+      const eq = a.indexOf("=");
+      if (eq >= 0) {
+        flags[a.slice(2, eq)] = a.slice(eq + 1);
+      } else {
+        const next = argv[i + 1];
+        if (next !== undefined && !next.startsWith("--")) {
+          flags[a.slice(2)] = next;
+          i++;
+        } else {
+          flags[a.slice(2)] = true;
+        }
+      }
+    } else if (!command) {
+      command = a;
+    } else {
+      rest.push(a);
+    }
+  }
+  return { command, rest, flags };
+}
+function formatStatus(tokens) {
+  if (!tokens)
+    return `Not logged in.
+Run: vibegroup login`;
+  const who = tokens.user?.email ?? tokens.user?.name ?? "anonymous (limited access)";
+  const lines = [`Logged in as ${who}`];
+  if (tokens.scope)
+    lines.push(`  scope: ${tokens.scope}`);
+  if (tokens.accessTokenExpiresAt)
+    lines.push(`  token expires: ${tokens.accessTokenExpiresAt}`);
+  return lines.join(`
+`);
+}
+function apiBase(env = process.env) {
+  return env.VIBEGROUP_API ?? DEFAULT_API_BASE2;
+}
+async function run(argv, env = process.env) {
+  const { command, rest, flags } = parseArgs(argv);
+  if (flags.version) {
+    console.log(VERSION);
+    return 0;
+  }
+  switch (command) {
+    case "":
+    case "help":
+      console.log(HELP);
+      return 0;
+    case "version":
+      console.log(VERSION);
+      return 0;
+    case "status":
+      console.log(formatStatus(readAuth(env)));
+      return 0;
+    case "logout":
+      clearAuth(env);
+      console.log("Logged out.");
+      return 0;
+    case "allowlist-json": {
+      const { allowlistJsonCommand: allowlistJsonCommand2 } = await Promise.resolve().then(() => (init_allowlist2(), exports_allowlist));
+      return allowlistJsonCommand2();
+    }
+    case "allowlist-path": {
+      const { allowlistPathCommand: allowlistPathCommand2 } = await Promise.resolve().then(() => (init_allowlist2(), exports_allowlist));
+      return allowlistPathCommand2();
+    }
+    case "login": {
+      const { loginCommand: loginCommand2 } = await Promise.resolve().then(() => (init_login(), exports_login));
+      return loginCommand2(env);
+    }
+    case "team": {
+      const { teamCommand: teamCommand2 } = await Promise.resolve().then(() => (init_team(), exports_team));
+      return teamCommand2(rest, flags, env);
+    }
+    case "rooms": {
+      const { roomsCommand: roomsCommand2 } = await Promise.resolve().then(() => (init_team(), exports_team));
+      return roomsCommand2(flags, env);
+    }
+    case "invite": {
+      const { inviteCommand: inviteCommand2 } = await Promise.resolve().then(() => (init_team(), exports_team));
+      return inviteCommand2(rest, flags, env);
+    }
+    case "claude": {
+      const { claudeCommand: claudeCommand2 } = await Promise.resolve().then(() => (init_claudeCmd(), exports_claudeCmd));
+      return claudeCommand2(argv.slice(argv.indexOf("claude") + 1));
+    }
+    default:
+      console.error(`unknown command: ${command}
+`);
+      console.log(HELP);
+      return 1;
+  }
+}
+var VERSION = "0.1.0", DEFAULT_API_BASE2 = "https://api.vibegroup.sh", HELP = `vibegroup — talk to your teammates' Claude Code agents.
+
+Usage: vibegroup <command> [options]
+
+Commands:
+  login                       Sign in / sign up (opens your browser)
+  logout                      Clear the cached session
+  status                      Show your auth + connection status
+  team create <slug> [--name] Create a team (a WorkOS org + a general room)
+  invite <email> --team <s>   Invite someone to a team
+  rooms --team <slug>         List a team's rooms
+  claude --team <slug> [--room <name>] [...]
+                              Launch Claude Code with the vibegroup channel
+  help                        Show this help
+
+Run a command with --help for more.`;
+var init_cli = __esm(() => {
+  init_auth();
+});
+
+// src/bin.ts
+init_cli();
+run(process.argv.slice(2)).then((code) => process.exit(code)).catch((err) => {
+  console.error(err?.message ?? err);
+  process.exit(1);
+});

package/package.json

@@ -0,0 +1,29 @@
+{
+  "name": "vibegroup",
+  "version": "0.1.0",
+  "description": "Talk to your teammates' Claude Code agents — agent-to-agent collaboration for Claude Code over a shared channel.",
+  "type": "module",
+  "bin": { "vibegroup": "dist/cli.js" },
+  "files": ["dist/cli.js", "README.md"],
+  "engines": { "node": ">=18" },
+  "license": "UNLICENSED",
+  "homepage": "https://vibegroup.sh",
+  "bugs": { "url": "https://vibegroup.sh" },
+  "keywords": ["claude", "claude-code", "agents", "collaboration", "cli", "vibegroup"],
+  "publishConfig": { "access": "public" },
+  "workspaces": ["packages/*", "plugin"],
+  "scripts": {
+    "build:relay": "cd packages/relay && bun run build",
+    "build:plugin": "cd plugin && bun run build",
+    "build:cli": "bun build src/bin.ts --target node --outfile dist/cli.js --banner \"#!/usr/bin/env node\"",
+    "build:server": "cd packages/server && bun run build",
+    "build": "bun run build:relay && bun run build:server && bun run build:plugin && bun run build:cli",
+    "prepublishOnly": "bun run build:cli",
+    "test:cli": "bun test ./test/",
+    "test:protocol": "cd packages/protocol && bun test",
+    "test:relay": "cd packages/relay && bun test",
+    "test:server": "cd packages/server && bun test",
+    "test:plugin": "cd plugin && bun test",
+    "test": "bun run test:cli && bun run test:protocol && bun run test:relay && bun run test:server && bun run test:plugin"
+  }
+}