Forem: Monde kim

From curl to agent-ready API package: FirstCall CLI walkthrough (real output)

Monde kim — Fri, 15 May 2026 02:17:44 +0000

When you hand an AI agent a raw curl command with an API key baked in, you're trusting it - and every tool it calls - to never log, retry, or forward that secret. That trust is hard to audit.

FirstCall is a local-first Rust workbench that turns verified API calls into redacted agent packages. Secret values are stripped before export. A 112-check validator runs before any agent can import the package. HTTP actually executes locally before a recipe is promoted - no "trust me it works."

Here is the full CLI lifecycle, run live against the v0.1.0 release binary.

CLI lifecycle demo

Step 1 - version

$ firstcall-cli version
firstcall-cli 0.1.0

Step 2 - package a verified recipe

$ firstcall-cli package \
    --recipe-json fixtures/verified-agent-recipe.json \
    --out ./tmp/demo-pkg

Exported agent package to ./tmp/demo-pkg

Step 3 - validate (112 checks)

$ firstcall-cli validate-package --dir ./tmp/demo-pkg

Package: ./tmp/demo-pkg
Status: valid
Checks passed: 112
Warnings: 0
Errors: 0
MCP compile smoke: not_requested

112 checks cover manifest integrity, redaction invariants, slot/auth consistency, and import-readiness flags.

Step 4 - inspect before import

$ firstcall-cli inspect-package --dir ./tmp/demo-pkg

Validation status: valid
Import readiness: ready
Requires local re-verification: yes
Raw secrets imported: no
Validation checks passed: 112
Validation errors: 0

Requires local re-verification: yes is set automatically on every import. A recipe cannot be re-exported without running local HTTP verification first.

Step 5 - import and list

$ firstcall-cli import-package --dir ./tmp/demo-pkg

Import status: imported
Imported recipe id: 1
Recipe: example_update_user
Method: POST
URL template: https://api.example.com/users/${user_id}?api_key=${FIRSTCALL_API_KEY}
Requires local re-verification: yes
Secrets imported: no
App storage modified: yes

$ firstcall-cli recipe-list

Recipes: 1
- ID: 1
  Recipe: example_update_user
  Method: POST
  Auth style: bearer
  Requires local re-verification: yes

The URL template shows named slots (${user_id}, ${FIRSTCALL_API_KEY}) - actual values are never stored in the package.

Live HTTP verify - GitHub API (real request)

$ FIRSTCALL_BEARER_TOKEN=$GITHUB_TOKEN \
    firstcall-cli verify --recipe-json fixtures/github-user-recipe.json

Recipe: GitHub Authenticated User
Method: GET
URL template: https://api.github.com/user
HTTP status: 200
Outcome: success
Blocker: none
Updated verification time: 2026-05-15T01:46:16Z

HTTP 200, real GitHub endpoint, token never written to output.

Desktop GUI workbench

The same trust chain runs in the desktop GUI: paste a curl command or OpenAPI spec, review the parsed candidate, fill runtime slots and auth, execute locally, review the attempt, promote to recipe.

Install

Download a binary for your OS from GitHub Releases - includes both firstcall (GUI) and firstcall-cli.

Or build from source:

cargo build --locked

CLI-only (no GUI dependencies):

cargo build --locked --bin firstcall-cli --no-default-features

What it accepts

curl, OpenAPI (local JSON/YAML), Postman Collection, HAR, .http/.rest, Hurl, Bruno/OpenCollection. GraphQL-over-HTTP is detected from JSON bodies.

Remote OpenAPI $ref and multipart file uploads are not supported in v0.1.

Repo: rad1092/firstcall-local-api-workbench
Release: v0.1.0
CLI docs: docs/cli-lifecycle.md

Launching gh-dep-risk: a GitHub CLI extension for dependency PR review

Monde kim — Thu, 16 Apr 2026 07:31:32 +0000

Update (May 2026): gh-dep-risk v0.2.0 is out.

The project now has broader static local fallback coverage across Python, Poetry, uv.lock, Go modules, Yarn Berry, and Bun text lockfiles. The repository slug is now https://github.com/rad1092/gh-dependency-risk, while the install path remains gh extension install rad1092/gh-dep-risk.

Read the v0.2.0 update: https://dev.to/rad1092/gh-dep-risk-v020-broader-local-fallback-for-dependency-pr-review-34pd

The original launch post is kept below for history.
I built gh-dep-risk to make pull request dependency review easier to run on demand.

It is a precompiled GitHub CLI extension. Reviewers can run it from the terminal, in CI, or from a manual GitHub Actions workflow without operating a server, webhook receiver, queue, database, dashboard, or GitHub App.

Repository: https://github.com/rad1092/gh-dependency-risk

Install path: gh extension install rad1092/gh-dep-risk
Latest release: https://github.com/rad1092/gh-dependency-risk/releases/latest

Why a CLI extension

Dependency review often needs a quick answer during code review:

what changed
why it might be risky
what the reviewer should check next
whether the PR should block at a chosen risk level

I wanted that flow to stay close to GitHub and gh, rather than adding another always-on service.

What it does

gh-dep-risk analyzes a pull request and produces a dependency risk summary.

It can output:

human-readable terminal output
stable JSON
markdown for PR comments
a reusable output bundle for workflow artifacts

It can also upsert one marker comment on a PR timeline with --comment, and it can return a blocking exit code with --fail-level.

Current support

The original release focused on JavaScript package managers for local fallback analysis:

npm: package.json + package-lock.json
pnpm: package.json + pnpm-lock.yaml
Yarn: package.json + yarn.lock with narrow Yarn Classic support

When GitHub Dependency Review provides data, the report can also surface dependency changes from other ecosystems. As of v0.2.0, local fallback support is broader; see the update above. This original note is kept as release history.

That distinction matters. I do not want the tool to pretend it can analyze an ecosystem locally if it cannot do that honestly from repository files.

Example commands

gh extension install rad1092/gh-dep-risk

gh dep-risk pr 123
gh dep-risk pr https://github.com/OWNER/REPO/pull/123
gh dep-risk pr 123 --format json
gh dep-risk pr 123 --comment
gh dep-risk pr 123 --fail-level high
gh dep-risk pr 123 --bundle-dir ./out

For monorepos:

gh dep-risk pr 123 --list-targets
gh dep-risk pr 123 --path apps/web
gh dep-risk pr 123 --path package.json --comment

Config file

Teams can put defaults in .gh-dep-risk.yml:

lang: en
fail_level: high
comment: true
path:
  - apps/web
no_registry: false

CLI flags still win over config values, so reviewers can override behavior per run.

Comment behavior

--comment uses PR timeline issue comments, not review comments.

The marker is:

<!-- gh-dep-risk -->

The tool maintains exactly one marker comment owned by the authenticated user. It does not edit or delete another author's marker comment.

Workflow mode

The repository includes a manual GitHub Actions workflow for no-local-install usage. It builds the CLI, runs the analysis once, writes a job summary, and uploads the human, JSON, markdown, and metadata bundle as artifacts.

This is still the same CLI engine. The workflow is a thin wrapper, not a server.

Design boundary

The project is intentionally small:

one Go binary
GitHub CLI extension shape
on-demand execution
no server or dashboard
no broad managed-service direction

The goal is a practical reviewer tool that is easy to install, easy to run, and honest about what it can and cannot analyze locally.