fix: remove global CLI install, improve permission error on link

[tonychang04]

Summary

• Remove auto npm install -g @insforge/cli after link and create — this caused npx to find a stale global binary instead of fetching the latest from npm, which is what users hit when they first tried the CLI weeks ago then came back
• Better permission error on link --project-id — now shows "You're logged in as X, and you don't have access to project Y" instead of a cryptic 403

Test plan

• Run insforge link --project-id <invalid-id> while logged in — should show identity in error
• Run insforge link and insforge create — verify no global install step
• Verify npx @insforge/cli pulls latest after uninstalling any global version

🤖 Generated with Claude Code

Note

Remove global CLI install and improve permission error messaging in link command

• Removes the installCliGlobally function from skills.ts and all call sites in the create and link commands, so neither command attempts a global npm install of @insforge/cli.
• The link command now catches errors with exit code 4/5 or a 'not found' message when fetching project details, and re-throws a PERMISSION_DENIED error (exit code 5) that includes the logged-in user's identity and the inaccessible project ID.

^{Macroscope summarized f24ffc8.}

Summary by CodeRabbit

• Bug Fixes

  • Improved permission-denied messages during project linking to include the authenticated user identity when available.

• Changes

  • No longer attempts automatic global CLI installation during project creation or linking.
  • Bumped package version to 0.1.31.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2c9aef7a-d0ad-4e0e-b0aa-777dbaa5f20c

📥 Commits

Reviewing files that changed from the base of the PR and between bebe394 and f24ffc8.

📒 Files selected for processing (2)

• package.json
• src/commands/create.ts

✅ Files skipped from review due to trivial changes (1)

• package.json

🚧 Files skipped from review as they are similar to previous changes (1)

• src/commands/create.ts

---

Walkthrough

Removed the global CLI installation side-effect: calls to installCliGlobally() were removed from create and projects/link flows and the function was deleted from the skills module. projects/link now preserves auth credentials and adds targeted permission-denied error handling that includes the authenticated identity.

Changes

Cohort / File(s)	Summary
Command handlers src/commands/create.ts, src/commands/projects/link.ts	Removed calls to installCliGlobally(json). projects/link.ts now assigns requireAuth(...) to creds, wraps concurrent getProject/getProjectApiKey calls in a try/catch, and rethrows permission-denied CLIErrors including the authenticated user identity.
Skills module src/lib/skills.ts	Deleted exported installCliGlobally(json: boolean) and its global npm install detection/installation logic.
Package metadata package.json	Bumped package version from 0.1.30 → 0.1.31.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• feat(cli): add alternative authentication for link command #24: Modifies the same create/projects/link flows and overlaps on auth and post-setup behavior.
• feat: auto-install find-skills during create and link #25: Changes skills installation behavior and interactions with installSkills, related to removing global-CLI install.

Suggested reviewers

• jwfing
• Fermionic-Lyu

Poem

🐰 I nibbled at code beneath the moonlight,

Removed a global step to keep installs light.
Kept skills ready and errors named true,
A hop, a fix, and a version bumped too. 🥕

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: remove global CLI install, improve permission error on link' accurately and specifically summarizes the two main changes: removing global CLI installation and improving error messages in the link command.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/remove-global-install-improve-link-errors

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}