feat(dec-001): C7 — kit install package + toreva CLI + examples

[gapview01]

Summary

Ships the kit half of DEC-001 v1.0 gate C7 (MCP server quartet — kit slice). Lets a Connect-mode user wire Toreva into Claude Desktop, OpenClaw, or Cursor in two commands and verify the result with a third.

• New toreva CLI (npx-installable): init --client=<claude-desktop|openclaw|cursor>, login (gateway device-code flow), doctor (config + token + first MCP call).
• README rewritten with install + first-run UX as the headline path.
• examples/<client>/ for each supported MCP client — JSON snippet + per-client README.
• 18 new unit tests (init / login / doctor) — full suite is 68 passing.

How it works

toreva init reads TOREVA_MCP_URL (default https://mcp.toreva.com), resolves the client's config path (with overrides for tests), and writes a stdio stanza:

"toreva": {
  "command": "npx",
  "args": ["-y", "@toreva/mcp"],
  "env": { "TOREVA_MCP_URL": "https://mcp.toreva.com" }
}

It preserves any existing mcpServers entries and refuses to clobber invalid JSON.

toreva login runs the gateway device-code flow (POST /auth/device → poll /auth/token) and persists the resulting token to ~/.config/toreva/config.json with mode 0600. TOREVA_AUTH_TOKEN short-circuits for CI.

toreva doctor reports config_present + auth_token + mcp_call (hits ${TOREVA_MCP_URL}/healthz with the bearer token); non-zero exit on failure.

Stub-until-gateway-ships flags

• TOREVA_MCP_URL — default https://mcp.toreva.com (per dispatch instruction).
• Token-shape and /auth/device, /auth/token, /healthz endpoint contracts are provisional. Gateway team owns the canonical shapes; tests use a mocked fetch so swapping is one-file change in packages/cli/src/commands/login.ts.

Coordination

Do not merge — coordinated launch with the gateway half of C7. Gateway must finalize MCP server URL + auth-token shape before merge so we can pin instead of stub.

Doctrine

po/docs/decisions/DEC-001-wallet-mode-architecture.md §"Connect integration mechanic — MCP".

Test plan

• pnpm build — all 4 workspace packages compile clean
• pnpm test — 68/68 passing (11 files; 18 new in packages/cli/src/__tests__/)
• Smoke: node bin/toreva --help prints usage
• Smoke: node bin/toreva init --client=cursor (with overrides) writes a valid stanza
• Live: post-gateway-merge, run npx toreva login against the real gateway
• Live: post-gateway-merge, run npx toreva doctor and confirm [ OK ] × 3
• Manual: install into a real Claude Desktop / OpenClaw / Cursor client and confirm tools appear

🤖 Generated with Claude Code

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 473583d767

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Pass relay auth token into MCP server stanza

buildServerStanza only injects TOREVA_MCP_URL, but the MCP server currently boots from RELAY_URL/RELAY_AUTH_TOKEN and hard-fails when RELAY_AUTH_TOKEN is missing (packages/mcp/src/server.ts). With the new documented flow (toreva init + toreva login), login writes a token to disk but nothing in the generated client stanza exposes that token to @toreva/mcp, so the first MCP launch still exits immediately with an auth-token error for users who don’t also set legacy env vars manually.

Useful? React with 👍 / 👎.