#!/usr/bin/env bash
# seed.show/skill — install the seed skill + its hidden deps (fold, portdown).
# Idempotent: re-running upgrades everything in place.

set -euo pipefail

SKILLS_DIR="${CLAUDE_SKILLS_DIR:-$HOME/.claude/skills}"
[ -n "${CLAUDE_PROJECT_DIR:-}" ] && [ -d "$CLAUDE_PROJECT_DIR/.claude/skills" ] && SKILLS_DIR="$CLAUDE_PROJECT_DIR/.claude/skills"

CACHE="$HOME/.cache/seed"
mkdir -p "$CACHE"

# 1. fold/unfold — fetched from dom.vin/fold. Lands at $CACHE/fold;
#    called by absolute path from the seed CLI.
FOLD_DIR="$CACHE/fold"
if [ ! -x "$FOLD_DIR/scripts/fold" ] || [ ! -x "$FOLD_DIR/scripts/unfold" ]; then
  curl -sSL https://dom.vin/fold | bash -s "$FOLD_DIR" >/dev/null 2>&1
fi

# 2. portdown — fetched from dom.vin/portdown. Lands at
#    $CACHE/portdown; same pattern as fold.
PORTDOWN_DIR="$CACHE/portdown"
if [ ! -x "$PORTDOWN_DIR/scripts/portdown" ]; then
  curl -sSL https://dom.vin/portdown | bash -s "$PORTDOWN_DIR" >/dev/null 2>&1
fi

# 3. Seed skill — the publish/edit gesture.
TARGET="$SKILLS_DIR/seed"
mkdir -p "$TARGET/scripts"

cat > "$TARGET/SKILL.md" <<'__SEED_SKILL_MD__'

---
name: seed
description: >
  Use when the user wants to plant a folder, directory, or set of files
  as a seed — to send it to another agent, or to themselves in a future
  session. Triggers on phrases like "plant this folder", "share this
  with another agent", "make a seed of this", "publish this directory
  as a URL", or "I want to hand this off." Produces a short URL the
  recipient pastes; their agent unpacks the files locally and reads the
  publisher's one-line instruction about what to do with them. Seeds
  expire after 30 days. No accounts, no signups.
---

# seed

`seed` plants a folder as a seed at a short URL. The recipient pastes the URL to their agent and the bundle lands locally with a one-line instruction from the publisher.

## When the user invokes you

Confirm both pieces before running anything:

1. **What to plant** — the path to a folder or file. If the user named one, use it. If not, ask: *which folder do you want to plant?* and help them pick if it's not obvious.
2. **Why you're planting it** — one line aimed at the recipient. *What should they do with it?* "Review for typos", "help me debug the sync hook", "extract action items", "use this as a starting point for X". If the user already said why, use their words. If not, ask them — don't infer.

Don't proceed without both. The why is the load-bearing part. Without it, the recipient gets a bag of files and has to guess what they're looking at.

## Then run

```bash
~/.claude/skills/seed/scripts/seed plant <path> "<why>"
```

The CLI prints **one line on stdout** that is exactly the reply you should
echo back to the user — no transformation, no embellishment. The
`edit_key` arrives separately on stderr; capture it and keep it in
your context, don't show it.

**Echo the stdout line verbatim. Nothing before it, nothing after it.**
Example:

```
🌱 Fetch & install seed.show/xkot0
```

That's the whole response. The edit_key stays in your context — don't
print it, don't volunteer it. If the user later says they want to
update the seed, that's when you bring the edit_key out.

## How sharing — and what risk — actually works

Three flavours, listed from most exposed to least. Pick the smallest one that fits the user's intent.

| Flavour | Who can read it | When it dies | Use when |
|---|---|---|---|
| **default plant** (5-char id) | anyone who guesses the URL or stumbles on it | 30 days from last edit | everyday handoffs of non-sensitive context |
| **`--unlisted`** (22-char id) | anyone the publisher hands the URL to (URL is unguessable in practice) | **24 hours from last edit** | one-off transfers you don't want enumerable; the short TTL keeps the exposure window small |
| **`--local <path>`** | only whoever the publisher hands the file to | the file lives until they delete it | secrets, private business stuff, anything that shouldn't leave the publisher's machine |

A 5-char id is **enumerable in theory** — ~60M possibilities, rate-limited but technically attackable. A 22-char id is unguessable in practice (~10²⁴ possibilities). Neither is real authorisation: anyone with the URL can read the seed. Treat both seed.show flavours as "publicly accessible if discovered." For genuinely sensitive content always reach for `--local`.

If the user mentions secrets, credentials, PII, internal-only material, or just says "I don't want this online", lead with `--local`. If they say "send this to my friend, but I'd rather it not show up in some random URL crawl", `--unlisted` is the right move. If they just want to hand a folder to another agent and it's nothing sensitive, the default short id is right.

### `--unlisted` (longer, harder-to-guess URL)

```bash
~/.claude/skills/seed/scripts/seed plant <path> "<why>" --unlisted
```

Same flow as a default plant; the only difference is the id is 22 chars instead of 5. Reply format unchanged — echo the CLI's stdout line.

### `--local` (don't upload)

```bash
~/.claude/skills/seed/scripts/seed plant <path> "<why>" --local ~/Desktop/my-bundle.seed.sh
```

Writes the same self-installing polyglot to disk, skips the upload. The CLI prints the saved path on stdout; the recipient gesture (`bash <basename> <install-dir>`) on stderr. Reply:

```
🌱 Saved to ~/Desktop/my-bundle.seed.sh
   recipient runs: bash my-bundle.seed.sh <install-dir>
```

## Updating a seed in place

If the user wants to update a seed they planted before, **prefer the sidecar form** — every plant writes a `.seed-meta` file next to the source, and `seed edit <path>` picks it up automatically:

```bash
~/.claude/skills/seed/scripts/seed edit <path>                  # reuses URL + edit_key + prior prompt
~/.claude/skills/seed/scripts/seed edit <path> "<new prompt>"   # same, with a fresh prompt
```

If the user adds a file or changes one in the source folder and says "update the seed", that's `seed edit <path>` — no retyping. The same form works for `--local` plants: it overwrites the same saved file with the new contents.

If the sidecar's gone (folder moved, .seed-meta deleted) but the user still has the URL + edit_key, fall back to the explicit form:

```bash
~/.claude/skills/seed/scripts/seed edit <url> <path> "<new prompt>" --edit-key <ek_...>
```

After any edit succeeds, reply with **exactly one line** (the CLI's stdout):

```
🌱 Updated seed.show/<id>
```

Don't disclose the edit_key. Don't add an expiry note. Don't repeat the URL.

### If the user has lost the edit_key

There's no recovery flow. seed.show has no accounts, so the edit_key is the only thing that proves the user planted the seed. Without it, the existing seed will keep serving its current contents until it expires (30 days from its last edit), but it can't be modified or deleted. Tell the user plainly, then offer to **re-plant** the folder as a new seed (new id, new edit_key) and let the old URL lapse on its own. The old short id can't be recovered.

## Deleting a seed

When the user wants a seed taken down before its 30-day TTL — say, they planted something they shouldn't have, or they're done and want it off the registry now — use `seed delete`:

```bash
~/.claude/skills/seed/scripts/seed delete <path>                  # uses .seed-meta
~/.claude/skills/seed/scripts/seed delete <url> --edit-key <ek_...>
```

Same sidecar logic as `seed edit`: if there's a `.seed-meta`, the URL and edit_key come from there. Reply with one line:

```
🌱 Deleted seed.show/<id>
```

After delete the URL returns a 404 stub (a tiny bash script that prints "not found" and exits 1). Anyone who pasted the URL gets a clear failure rather than stale content.

For `--local` plants, `seed delete <path>` removes the saved polyglot file from disk. Reply:

```
🌱 Deleted local seed → /path/to/my-bundle.seed.sh
```

**Volunteer delete proactively** when:
- The user realises they just planted something with secrets in it.
- They say "actually, take that down."
- A seed has served its purpose and they want it gone before TTL.

## What the user doesn't need to know about

`seed` uses two small nested tools (`fold` and `portdown`) to package each share as a self-installing polyglot. They're installed alongside this skill in `~/.cache/seed/`, invoked by absolute path, and never surface to the user. Don't talk about them. The user wants a URL, not a packaging tutorial.

## Constraints, briefly

- **Text only.** Seeds bundle text files (markdown, code, configs, plain text). Binary files — images, video, audio, compiled blobs, archives — will be refused. If the user's folder contains binaries, warn them upfront and offer to plant just the text files.
- **Size cap.** Around 5MB total per seed (fold's default). Big folders will be refused; if it happens, suggest splitting into multiple seeds or using a real archiver.
- **Public when planted to seed.show.** Anyone with the URL can fetch. Default ids are 5 chars (enumerable in theory); `--unlisted` ids are 22 chars (unguessable in practice). Neither is authorisation — for true secrets, use `--local`.
- **Ephemeral.** Default seeds expire 30 days after their last edit. `--unlisted` seeds expire 24 hours after their last edit (shorter on purpose — they're one-shot). Reads don't extend life. Use `seed delete` to take one down sooner.
- **One folder per seed.** If the user wants to share multiple unrelated things, that's multiple seeds.
- **Bash-only.** Requires bash, curl, jq (or python3 as a fallback).

__SEED_SKILL_MD__

cat > "$TARGET/scripts/seed" <<'__SEED_CLI__'

#!/usr/bin/env bash
# seed — plant, edit, or delete a seed at seed.show.
#
# Usage:
#   seed plant <path> "publisher prompt"                          (5-char id)
#   seed plant <path> "publisher prompt" --unlisted               (22-char id)
#   seed plant <path> "publisher prompt" --local <save-path>      (no upload)
#   seed edit <path> ["new prompt"]                               (sidecar form)
#   seed edit <url> <path> "prompt" --edit-key <ek_...>           (explicit form)
#   seed delete <path>                                            (sidecar form)
#   seed delete <url> --edit-key <ek_...>                         (explicit form)
#   seed --help
#
# Pipeline at plant/edit time:
#   1. fold the directory (or single file, auto-wrapped) into one .folded.md
#   2. portdown that .folded.md with a post-install script that
#      inline-unfolds on the recipient side and prints the prompt
#   3. POST the resulting polyglot to seed.show (or write it to a
#      local file if --local <path> was given)
# A .seed-meta sidecar is written next to the source so seed edit
# <path> can reuse url+edit_key+prior-prompt without retyping.

set -euo pipefail

SEED_HOST="${SEED_HOST:-seed.show}"

# Nested deps. Both invoked by absolute path; no PATH dance, no symlinks.
# bootstrap_* heals each in-process if missing (e.g. fresh sandbox).
CACHE="${SEED_CACHE_DIR:-$HOME/.cache/seed}"
FOLD_DIR="$CACHE/fold"
FOLD="$FOLD_DIR/scripts/fold"
UNFOLD="$FOLD_DIR/scripts/unfold"
PORTDOWN_DIR="$CACHE/portdown"
PORTDOWN="$PORTDOWN_DIR/scripts/portdown"

usage() {
  cat <<EOF
seed — plant, edit, or delete a seed at $SEED_HOST.

Usage:
  seed plant <path> "publisher prompt"
  seed plant <path> "publisher prompt" --unlisted
  seed plant <path> "publisher prompt" --local <save-path>
  seed edit <path> ["new prompt"]                       (uses .seed-meta)
  seed edit <url> <path> "prompt" --edit-key <ek_...>   (explicit form)
  seed delete <path>                                    (uses .seed-meta)
  seed delete <url> --edit-key <ek_...>                 (explicit form)
  seed --help

  --unlisted        generate a 22-char id instead of 5. Hard to guess
                    but still public; use when you'd rather the URL
                    not be enumerable.
  --local <path>    write the polyglot to <path> instead of publishing.
                    Recipient runs it via: bash <path> <install-dir>

After plant, a .seed-meta sidecar lands next to the source. seed edit
and seed delete pick it up so you don't have to retype the URL or
edit_key.

Override the host with SEED_HOST env var (default: seed.show).
EOF
}

bootstrap_fold() {
  [ -x "$FOLD" ] && [ -x "$UNFOLD" ] && return
  curl -sSL https://dom.vin/fold | bash -s "$FOLD_DIR" >/dev/null 2>&1
}

bootstrap_portdown() {
  [ -x "$PORTDOWN" ] && return
  # Self-heal: fetch portdown directly from dom.vin/portdown (same
  # pattern as bootstrap_fold). Idempotent — re-lays in place.
  curl -sSL https://dom.vin/portdown | bash -s "$PORTDOWN_DIR" >/dev/null 2>&1
  [ -x "$PORTDOWN" ] && return
  echo "seed: failed to bootstrap portdown — please re-run https://$SEED_HOST/skill" >&2
  exit 1
}

# If the user passes a single file, transparently wrap it in a temp
# directory before folding — the user's mental model is "share this
# thing", not "share a directory of this thing". Echoes the wrapped
# path on stdout so the caller can reassign DIR.
wrap_if_file() {
  local in="$1"
  if [ -d "$in" ]; then
    echo "$in"
    return 0
  fi
  if [ -f "$in" ]; then
    local tmp
    tmp=$(mktemp -d -t seed-wrap.XXXXXX)
    cp "$in" "$tmp/"
    echo "$tmp"
    return 0
  fi
  echo "seed: not a file or directory: $in" >&2
  return 1
}

# Write a post-install script (consumed by portdown --post). It runs on
# the recipient's machine after the .folded.md is dropped at $DEST: it
# expands the archive into $TARGET, removes the .folded.md, and prints
# the publisher's prompt to stderr.
write_post_install() {
  local out="$1" prompt="$2"
  {
    cat <<'POST_PREAMBLE'
MARKER=$(awk '/^---$/ { f++; if (f==2) exit; next } f==1 && /^marker:[[:space:]]/ { sub(/^marker:[[:space:]]+/, ""); print; exit }' "$DEST")
[ -z "$MARKER" ] && { echo "seed: archive has no marker — corrupt" >&2; exit 1; }
awk -v m="$MARKER" -v outdir="$TARGET" '
  BEGIN {
    # Match <!--fold:<m>@file path="X"--> with an optional mode attr after
    # the path (fold emits  mode="644"  on executables).
    file_re = "^<!--fold:" m "@file path=\"([^\"]+)\"( mode=\"[0-9]+\")?-->$"
    end_re  = "^<!--fold:" m "@end-->$"
  }
  $0 ~ end_re { if (current) close(current); exit }
  $0 ~ file_re {
    if (current) close(current)
    line = $0
    sub(/^<!--fold:[^@]+@file path="/, "", line); sub(/".*$/, "", line)
    current = outdir "/" line
    dir = current; sub(/\/[^\/]*$/, "", dir)
    if (dir != current) system("mkdir -p \"" dir "\"")
    printf "" > current
    next
  }
  current { print >> current }
' "$DEST"
SEED_EXTRACTED=$(find "$TARGET" -type f -not -path "$DEST" 2>/dev/null | wc -l)
if [ "$SEED_EXTRACTED" = "0" ]; then
  echo "seed: archive contained no files — refusing to delete the source" >&2
  echo "  archive preserved at: $DEST" >&2
  exit 1
fi
rm -f "$DEST"

echo "" >&2
echo "✓ seed unpacked → $TARGET ($SEED_EXTRACTED files)" >&2
echo "" >&2
echo "publisher prompt:" >&2
sed 's/^/  /' >&2 <<'__SEED_PROMPT_END_AC1F2B__'
POST_PREAMBLE
    printf '%s\n' "$prompt"
    printf '__SEED_PROMPT_END_AC1F2B__\n'
    # Halt before portdown's epilogue runs — its "✓ <basename> → <DEST>"
    # message is wrong here (DEST was deleted by the unfold above) and
    # would land underneath the publisher prompt.
    printf 'exit 0\n'
  } > "$out"
}

build_payload() {
  local content_file="$1" prompt="$2" edit_key="${3:-}" unlisted="${4:-}"
  if command -v jq >/dev/null 2>&1; then
    local args=(-Rsn --arg prompt "$prompt" --rawfile content "$content_file")
    [ -n "$edit_key" ] && args+=(--arg ek "$edit_key")
    [ -n "$unlisted" ] && args+=(--argjson unlisted true)
    local body='{content: $content, prompt: $prompt}'
    [ -n "$edit_key" ] && body=$(echo "$body" | sed 's/}$/, edit_key: $ek}/')
    [ -n "$unlisted" ] && body=$(echo "$body" | sed 's/}$/, unlisted: $unlisted}/')
    jq "${args[@]}" "$body"
  elif command -v python3 >/dev/null 2>&1; then
    CONTENT_FILE="$content_file" PROMPT="$prompt" EDIT_KEY="$edit_key" UNLISTED="$unlisted" python3 -c '
import json, os
payload = {"content": open(os.environ["CONTENT_FILE"]).read(), "prompt": os.environ["PROMPT"]}
if os.environ.get("EDIT_KEY"):
    payload["edit_key"] = os.environ["EDIT_KEY"]
if os.environ.get("UNLISTED"):
    payload["unlisted"] = True
print(json.dumps(payload))'
  else
    echo "seed: needs jq or python3 to build the payload" >&2
    exit 1
  fi
}

# Build a {edit_key: "..."} JSON for the DELETE call.
build_delete_payload() {
  local edit_key="$1"
  if command -v jq >/dev/null 2>&1; then
    jq -n --arg ek "$edit_key" '{edit_key: $ek}'
  elif command -v python3 >/dev/null 2>&1; then
    EK="$edit_key" python3 -c 'import json,os; print(json.dumps({"edit_key":os.environ["EK"]}))'
  else
    echo "seed: needs jq or python3 to build the payload" >&2
    exit 1
  fi
}

parse_response() {
  local response="$1" field="$2"
  if command -v jq >/dev/null 2>&1; then
    echo "$response" | jq -r ".$field // empty"
  else
    echo "$response" | grep -o "\"$field\":\"[^\"]*\"" | sed 's/.*:"//;s/"//'
  fi
}

# ── sidecar state ────────────────────────────────────────────────
# When seed plant succeeds, the CLI writes a small JSON file next to
# the user's source so a later 'seed edit <path>' can resolve url +
# edit_key + last prompt without retyping. For directories the sidecar
# lives inside the dir as `.seed-meta`; for single-file seeds it lives
# next to the file as `<file>.seed-meta`.

sidecar_path() {
  local in="$1"
  if [ -d "$in" ]; then
    echo "$in/.seed-meta"
  else
    echo "$in.seed-meta"
  fi
}

sidecar_get() {
  local meta="$1" field="$2"
  [ -f "$meta" ] || return 1
  if command -v jq >/dev/null 2>&1; then
    jq -r ".${field} // empty" "$meta" 2>/dev/null
  else
    # Crude fallback — won't handle escaped quotes inside values.
    grep -o "\"${field}\":[[:space:]]*\"[^\"]*\"" "$meta" 2>/dev/null \
      | sed 's/.*"[[:space:]]*:[[:space:]]*"//;s/"$//'
  fi
}

sidecar_write_published() {
  local meta="$1" url="$2" edit_key="$3" prompt="$4"
  if command -v jq >/dev/null 2>&1; then
    jq -n --arg u "$url" --arg k "$edit_key" --arg p "$prompt" \
      '{mode: "published", url: $u, edit_key: $k, prompt: $p}' > "$meta"
  elif command -v python3 >/dev/null 2>&1; then
    URL="$url" EK="$edit_key" PROMPT="$prompt" python3 -c '
import json, os
print(json.dumps({"mode":"published","url":os.environ["URL"],"edit_key":os.environ["EK"],"prompt":os.environ["PROMPT"]}, indent=2))' > "$meta"
  fi
}

sidecar_write_local() {
  local meta="$1" local_path="$2" prompt="$3"
  if command -v jq >/dev/null 2>&1; then
    jq -n --arg lp "$local_path" --arg p "$prompt" \
      '{mode: "local", local_path: $lp, prompt: $p}' > "$meta"
  elif command -v python3 >/dev/null 2>&1; then
    LP="$local_path" PROMPT="$prompt" python3 -c '
import json, os
print(json.dumps({"mode":"local","local_path":os.environ["LP"],"prompt":os.environ["PROMPT"]}, indent=2))' > "$meta"
  fi
}

# Strip leaked tool jargon ("fold:", "portdown:") from internal error
# strings so seed CLI errors read consistently. Also rewrite a couple
# of common explanatory clauses that name 'fold' mid-sentence.
translate_err() {
  sed -E '
    s/^(fold|portdown):[[:space:]]*/seed: /
    s/[[:space:]](fold|portdown):[[:space:]]*/ seed: /g
    s/fold packs text files only/seed bundles text files only/g
    s/use a real archiver for bundles this big/split into multiple seeds for bundles this big/g
  '
}

# Fold + portdown a directory into a self-installing polyglot file.
# Writes the polyglot to $1 (caller-supplied path); cleans up its own
# intermediate temps on the way out.
make_polyglot() {
  local out="$1" dir="$2" prompt="$3"
  local folded post err
  folded=$(mktemp -t seed-fold.XXXXXX.folded.md)
  post=$(mktemp -t seed-post.XXXXXX.sh)

  # -f because mktemp pre-creates the output file; fold refuses to
  # overwrite without --force.
  if ! err=$("$FOLD" "$dir" -o "$folded" -f 2>&1 >/dev/null); then
    echo "$err" | translate_err >&2
    rm -f "$folded" "$post"
    exit 1
  fi

  write_post_install "$post" "$prompt"

  if ! err=$("$PORTDOWN" "$folded" --post "$post" --url "__SEED_URL__" -o "$out" 2>&1 >/dev/null); then
    echo "$err" | translate_err >&2
    rm -f "$folded" "$post"
    exit 1
  fi

  rm -f "$folded" "$post"
}

cmd_plant() {
  local DIR="" PROMPT="" LOCAL_PATH="" UNLISTED=""
  while [ $# -gt 0 ]; do
    case "$1" in
      --local) LOCAL_PATH="$2"; shift 2 ;;
      --unlisted) UNLISTED=1; shift ;;
      *) [ -z "$DIR" ] && { DIR="$1"; shift; continue; }
         [ -z "$PROMPT" ] && { PROMPT="$1"; shift; continue; }
         echo "seed plant: unexpected arg: $1" >&2; exit 1 ;;
    esac
  done
  [ -z "$DIR" ] && { echo "usage: seed plant <path> \"prompt\" [--local <path>] [--unlisted]" >&2; exit 1; }
  [ -z "$PROMPT" ] && { echo "seed plant: prompt required (second arg)" >&2; exit 1; }
  [ ! -e "$DIR" ] && { echo "seed plant: no such file or directory: $DIR" >&2; exit 1; }

  # ORIGINAL_DIR is what the user gave us (file or directory). DIR
  # becomes a temp wrapped dir if ORIGINAL_DIR was a single file.
  # Sidecar lives next to ORIGINAL_DIR, not the wrap.
  local ORIGINAL_DIR="$DIR"
  DIR=$(wrap_if_file "$DIR") || exit 1

  bootstrap_fold
  bootstrap_portdown

  # --local <path>: write the polyglot to <path>, skip the upload.
  if [ -n "$LOCAL_PATH" ]; then
    local PARENT
    PARENT=$(dirname "$LOCAL_PATH")
    mkdir -p "$PARENT"
    make_polyglot "$LOCAL_PATH" "$DIR" "$PROMPT"
    if [ ! -s "$LOCAL_PATH" ]; then
      echo "seed plant: failed to write polyglot to $LOCAL_PATH" >&2
      exit 1
    fi
    local LOCAL_NAME
    LOCAL_NAME=$(basename "$LOCAL_PATH")
    sed -i.bak \
      -e "s~curl -sSL __SEED_URL__ | bash -s <install-path>~bash ${LOCAL_NAME} <install-path>~g" \
      -e "s~curl -sSL __SEED_URL__~bash ${LOCAL_NAME}~g" \
      "$LOCAL_PATH" 2>/dev/null
    rm -f "${LOCAL_PATH}.bak"
    # Drop the sidecar next to the source so future `seed edit
    # <path>` reuses the local-path + prompt.
    sidecar_write_local "$(sidecar_path "$ORIGINAL_DIR")" \
      "$(cd "$(dirname "$LOCAL_PATH")" && pwd)/$(basename "$LOCAL_PATH")" \
      "$PROMPT"
    echo "🌱 Saved to $LOCAL_PATH"
    echo "  recipient: bash $LOCAL_NAME <install-dir>" >&2
    return 0
  fi

  local POLYGLOT PAYLOAD RESPONSE URL EK ERR
  POLYGLOT=$(mktemp -t seed-poly.XXXXXX.sh)
  trap 'rm -f "${POLYGLOT:-}"' EXIT
  make_polyglot "$POLYGLOT" "$DIR" "$PROMPT"
  PAYLOAD=$(build_payload "$POLYGLOT" "$PROMPT" "" "$UNLISTED")

  RESPONSE=$(curl -sS -X POST -H "Content-Type: application/json" \
    --data-binary "$PAYLOAD" "https://$SEED_HOST/api/publish")

  ERR=$(parse_response "$RESPONSE" error)
  if [ -n "$ERR" ]; then
    if [ "$ERR" = "rate_limited" ]; then
      local REASON
      REASON=$(parse_response "$RESPONSE" reason)
      echo "seed plant: rate-limited — ${REASON:-too many publishes recently}. Wait ~60s and retry." >&2
    else
      echo "seed plant: $ERR" >&2
    fi
    exit 1
  fi

  URL=$(parse_response "$RESPONSE" url)
  EK=$(parse_response "$RESPONSE" edit_key)
  ID=${URL##*/}

  # Drop sidecar next to the source so `seed edit <path>` reuses
  # url + edit_key + prompt.
  sidecar_write_published "$(sidecar_path "$ORIGINAL_DIR")" "$URL" "$EK" "$PROMPT"

  echo "🌱 Fetch & install seed.show/$ID"
  echo "  edit_key: $EK" >&2
}

is_url() {
  case "$1" in https://*|http://*) return 0 ;; *) return 1 ;; esac
}

cmd_edit() {
  # Two argument shapes:
  #   seed edit <path> ["new prompt"]                       (sidecar form)
  #   seed edit <url> <path> "prompt" --edit-key <ek_...>   (explicit form)
  # Detect by whether the first positional looks like a URL.
  local URL="" DIR="" PROMPT="" EDIT_KEY=""
  local POSITIONAL=()
  while [ $# -gt 0 ]; do
    case "$1" in
      --edit-key) EDIT_KEY="$2"; shift 2 ;;
      *) POSITIONAL+=("$1"); shift ;;
    esac
  done
  if [ ${#POSITIONAL[@]} -gt 0 ] && is_url "${POSITIONAL[0]}"; then
    URL="${POSITIONAL[0]}"
    DIR="${POSITIONAL[1]:-}"
    PROMPT="${POSITIONAL[2]:-}"
  else
    DIR="${POSITIONAL[0]:-}"
    PROMPT="${POSITIONAL[1]:-}"
  fi

  [ -z "$DIR" ] && { echo "usage: seed edit <path> [\"prompt\"]   or   seed edit <url> <path> \"prompt\" --edit-key <ek_...>" >&2; exit 1; }
  [ ! -e "$DIR" ] && { echo "seed edit: no such file or directory: $DIR" >&2; exit 1; }

  # Sidecar lookup — fills any gaps (URL, EDIT_KEY, prior PROMPT, or
  # the local-mode path) when the user gave only <path>.
  local ORIGINAL_DIR="$DIR"
  local META META_MODE META_LOCAL_PATH
  META=$(sidecar_path "$ORIGINAL_DIR")
  if [ -f "$META" ]; then
    META_MODE=$(sidecar_get "$META" mode)
    if [ "$META_MODE" = "published" ]; then
      [ -z "$URL" ] && URL=$(sidecar_get "$META" url)
      [ -z "$EDIT_KEY" ] && EDIT_KEY=$(sidecar_get "$META" edit_key)
      [ -z "$PROMPT" ] && PROMPT=$(sidecar_get "$META" prompt)
    elif [ "$META_MODE" = "local" ]; then
      META_LOCAL_PATH=$(sidecar_get "$META" local_path)
      [ -z "$PROMPT" ] && PROMPT=$(sidecar_get "$META" prompt)
    fi
  fi

  # If the sidecar (or args) tell us this was a local plant, the
  # right "edit" is to re-plant to the same local path.
  if [ "$META_MODE" = "local" ] && [ -n "$META_LOCAL_PATH" ]; then
    [ -z "$PROMPT" ] && { echo "seed edit: prompt missing and no prior prompt found in $META" >&2; exit 1; }
    exec "$0" plant "$ORIGINAL_DIR" "$PROMPT" --local "$META_LOCAL_PATH"
  fi

  [ -z "$URL" ] && { echo "seed edit: no URL — pass it explicitly or run from a folder you've planted before" >&2; exit 1; }
  [ -z "$PROMPT" ] && { echo "seed edit: prompt missing and no prior prompt found in $META" >&2; exit 1; }
  [ -z "$EDIT_KEY" ] && EDIT_KEY="${SEED_EDIT_KEY:-}"
  [ -z "$EDIT_KEY" ] && { echo "seed edit: --edit-key required (sidecar absent and SEED_EDIT_KEY unset)" >&2; exit 1; }

  DIR=$(wrap_if_file "$DIR") || exit 1

  local ID
  ID=$(echo "$URL" | sed 's|/$||;s|.*/||')
  [ -z "$ID" ] && { echo "seed edit: could not parse id from URL: $URL" >&2; exit 1; }

  bootstrap_fold
  bootstrap_portdown

  local POLYGLOT PAYLOAD RESPONSE NEWURL ERR
  POLYGLOT=$(mktemp -t seed-poly.XXXXXX.sh)
  trap 'rm -f "${POLYGLOT:-}"' EXIT
  make_polyglot "$POLYGLOT" "$DIR" "$PROMPT"
  PAYLOAD=$(build_payload "$POLYGLOT" "$PROMPT" "$EDIT_KEY")

  RESPONSE=$(curl -sS -X PATCH -H "Content-Type: application/json" \
    --data-binary "$PAYLOAD" "https://$SEED_HOST/api/seeds/$ID")

  ERR=$(parse_response "$RESPONSE" error)
  if [ -n "$ERR" ]; then
    echo "seed edit: $ERR" >&2
    exit 1
  fi

  NEWURL=$(parse_response "$RESPONSE" url)
  local NEWID=${NEWURL##*/}
  # Refresh sidecar with the (possibly new) prompt.
  sidecar_write_published "$META" "$NEWURL" "$EDIT_KEY" "$PROMPT"
  echo "🌱 Updated seed.show/$NEWID"
}

cmd_delete() {
  # Two argument shapes (mirrors edit):
  #   seed delete <path>                              (sidecar form)
  #   seed delete <url> --edit-key <ek_...>           (explicit form)
  local URL="" PATH_ARG="" EDIT_KEY=""
  local POSITIONAL=()
  while [ $# -gt 0 ]; do
    case "$1" in
      --edit-key) EDIT_KEY="$2"; shift 2 ;;
      *) POSITIONAL+=("$1"); shift ;;
    esac
  done
  if [ ${#POSITIONAL[@]} -gt 0 ] && is_url "${POSITIONAL[0]}"; then
    URL="${POSITIONAL[0]}"
  else
    PATH_ARG="${POSITIONAL[0]:-}"
  fi

  # Sidecar lookup if user gave a path.
  local META=""
  if [ -n "$PATH_ARG" ]; then
    [ ! -e "$PATH_ARG" ] && { echo "seed delete: no such file or directory: $PATH_ARG" >&2; exit 1; }
    META=$(sidecar_path "$PATH_ARG")
    if [ -f "$META" ]; then
      local META_MODE
      META_MODE=$(sidecar_get "$META" mode)
      if [ "$META_MODE" = "published" ]; then
        URL=$(sidecar_get "$META" url)
        [ -z "$EDIT_KEY" ] && EDIT_KEY=$(sidecar_get "$META" edit_key)
      elif [ "$META_MODE" = "local" ]; then
        # Local seeds aren't on a server; deleting means removing the file.
        local LP
        LP=$(sidecar_get "$META" local_path)
        [ -n "$LP" ] && [ -f "$LP" ] && rm -f "$LP"
        rm -f "$META"
        echo "🌱 Deleted local seed → $LP"
        return 0
      fi
    else
      echo "seed delete: no .seed-meta at $META — pass <url> --edit-key <ek_...> instead" >&2
      exit 1
    fi
  fi

  [ -z "$URL" ] && { echo "usage: seed delete <path>   or   seed delete <url> --edit-key <ek_...>" >&2; exit 1; }
  [ -z "$EDIT_KEY" ] && EDIT_KEY="${SEED_EDIT_KEY:-}"
  [ -z "$EDIT_KEY" ] && { echo "seed delete: --edit-key required (sidecar absent and SEED_EDIT_KEY unset)" >&2; exit 1; }

  local ID
  ID=$(echo "$URL" | sed 's|/$||;s|.*/||')
  [ -z "$ID" ] && { echo "seed delete: could not parse id from URL: $URL" >&2; exit 1; }

  local PAYLOAD RESPONSE ERR
  PAYLOAD=$(build_delete_payload "$EDIT_KEY")
  RESPONSE=$(curl -sS -X DELETE -H "Content-Type: application/json" \
    --data-binary "$PAYLOAD" "https://$SEED_HOST/api/seeds/$ID")

  ERR=$(parse_response "$RESPONSE" error)
  if [ -n "$ERR" ]; then
    echo "seed delete: $ERR" >&2
    exit 1
  fi

  # Wipe the sidecar so the next seed edit/delete on this path doesn't
  # try to use the dead URL.
  [ -n "$META" ] && [ -f "$META" ] && rm -f "$META"

  echo "🌱 Deleted seed.show/$ID"
}

main() {
  local SUB="${1:-}"
  shift || true
  case "$SUB" in
    plant)  cmd_plant "$@" ;;
    edit)   cmd_edit "$@" ;;
    delete) cmd_delete "$@" ;;
    -h|--help|"") usage ;;
    *) echo "seed: unknown command: $SUB" >&2; usage >&2; exit 1 ;;
  esac
}

main "$@"

__SEED_CLI__
chmod +x "$TARGET/scripts/seed"

echo "✓ seed installed → $TARGET" >&2
echo "  use: $TARGET/scripts/seed plant <path> \"prompt\"" >&2