feat: Teams asset sharing dashboard, remove Claude Code installation, docs and pricing updates

.coderabbit.yaml

@@ -23,6 +23,7 @@ reviews:
   path_filters:
     # Exclude git-crypt encrypted directories from reviews (see .gitattributes)
     - "!launcher/**"
+    - "!console/**"
     - "!pilot/**"
     - "!docs/site/api/**"
 

.gitattributes

@@ -1,4 +1,9 @@
 launcher/** filter=git-crypt diff=git-crypt
 launcher/**/__init__.py !filter !diff
+console/** filter=git-crypt diff=git-crypt
+console/.gitignore !filter !diff
+console/package.json !filter !diff
+console/bun.lock !filter !diff
+console/tsconfig.json !filter !diff
 docs/site/api/** filter=git-crypt diff=git-crypt
 .gitattributes !filter !diff

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1 @@
 blank_issues_enabled: false
-contact_links:
-  - name: Feature Requests
-    url: https://pilot-shell.com/#pricing
-    about: Feature requests are available on the Team plan. Visit our pricing page for details.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,32 @@
+---
+name: Feature Request
+about: Suggest a new feature or improvement
+labels: enhancement, needs-triage
+---
+
+## Description
+
+<!-- A clear description of the feature or improvement -->
+
+## Use Case
+
+<!-- Why do you need this? What problem does it solve? -->
+
+## Proposed Solution
+
+<!-- How do you think this could work? (optional) -->
+
+## Alternatives Considered
+
+<!-- Any workarounds or alternatives you've tried (optional) -->
+
+## Environment
+
+- **OS**: <!-- e.g., macOS 15.3, Ubuntu 24.04 -->
+- **Pilot version**: <!-- pilot --version -->
+- **Tier**: <!-- Trial / Solo / Team -->
+
+## Checklist
+
+- [ ] I have searched existing issues to avoid duplicates
+- [ ] This is a feature request, not a bug report

.github/workflows/claude.yml

@@ -16,6 +16,7 @@ on:
     types: [opened, synchronize, ready_for_review, reopened]
     paths-ignore:
       - 'launcher/**'       # git-crypted - exclude from review
+      - 'console/**'        # git-crypted - exclude from review
       - 'docs/site/api/**'  # git-crypted - exclude from review
 
   # Manual trigger
@@ -95,6 +96,7 @@ jobs:
             IMPORTANT: The following paths are git-crypt encrypted and will appear as binary data.
             Do NOT flag them as issues or claim you cannot verify their contents:
             - launcher/**
+            - console/**
             - docs/site/api/**
             Skip these paths entirely in your review. Only review non-encrypted files.
 
@@ -114,6 +116,7 @@ jobs:
             IMPORTANT: The following paths are git-crypt encrypted and will appear as binary data.
             Do NOT flag them as issues or claim you cannot verify their contents:
             - launcher/**
+            - console/**
             - docs/site/api/**
             Skip these paths entirely in your review. Only review non-encrypted files.
 

.github/workflows/release-dev.yml

@@ -21,6 +21,14 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
+      - name: Install git-crypt
+        run: sudo apt-get update && sudo apt-get install -y git-crypt
+
+      - name: Unlock repository
+        env:
+          GIT_CRYPT_KEY: ${{ secrets.GIT_CRYPT_KEY }}
+        run: bash .github/workflows/scripts/setup-git-crypt.sh
+
       - name: Run Trivy filesystem scan
         uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
         with:
@@ -30,7 +38,7 @@ jobs:
           severity: "CRITICAL,HIGH"
           exit-code: "1"
           ignore-unfixed: true
-          skip-dirs: ".venv,node_modules,console/node_modules,launcher,docs/site/api"
+          skip-dirs: ".venv,node_modules,console/node_modules,launcher,docs/site/api,console"
           trivyignores: ".trivyignore"
           format: "table"
           output: trivy-results.txt
@@ -99,6 +107,14 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha || github.sha }}
 
+      - name: Install git-crypt
+        run: sudo apt-get update && sudo apt-get install -y git-crypt
+
+      - name: Unlock repository
+        env:
+          GIT_CRYPT_KEY: ${{ secrets.GIT_CRYPT_KEY }}
+        run: bash .github/workflows/scripts/setup-git-crypt.sh
+
       - name: Setup Bun
         uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2
         with:
@@ -123,6 +139,14 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha || github.sha }}
 
+      - name: Install git-crypt
+        run: sudo apt-get update && sudo apt-get install -y git-crypt
+
+      - name: Unlock repository
+        env:
+          GIT_CRYPT_KEY: ${{ secrets.GIT_CRYPT_KEY }}
+        run: bash .github/workflows/scripts/setup-git-crypt.sh
+
       - name: Setup Node.js
         uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
         with:

.github/workflows/release.yml

@@ -71,6 +71,14 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
+      - name: Install git-crypt
+        run: sudo apt-get update && sudo apt-get install -y git-crypt
+
+      - name: Unlock repository
+        env:
+          GIT_CRYPT_KEY: ${{ secrets.GIT_CRYPT_KEY }}
+        run: bash .github/workflows/scripts/setup-git-crypt.sh
+
       - name: Run Trivy vulnerability and secret scanner
         uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
         with:
@@ -80,7 +88,7 @@ jobs:
           severity: 'CRITICAL,HIGH'
           exit-code: '1'
           ignore-unfixed: true
-          skip-dirs: '.venv,node_modules,console/node_modules,launcher,docs/site/api'
+          skip-dirs: '.venv,node_modules,console/node_modules,launcher,docs/site/api,console'
           trivyignores: '.trivyignore'
           format: 'table'
           output: trivy-results.txt
@@ -148,6 +156,14 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
+      - name: Install git-crypt
+        run: sudo apt-get update && sudo apt-get install -y git-crypt
+
+      - name: Unlock repository
+        env:
+          GIT_CRYPT_KEY: ${{ secrets.GIT_CRYPT_KEY }}
+        run: bash .github/workflows/scripts/setup-git-crypt.sh
+
       - name: Setup Bun
         uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2
         with:
@@ -172,6 +188,14 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
+      - name: Install git-crypt
+        run: sudo apt-get update && sudo apt-get install -y git-crypt
+
+      - name: Unlock repository
+        env:
+          GIT_CRYPT_KEY: ${{ secrets.GIT_CRYPT_KEY }}
+        run: bash .github/workflows/scripts/setup-git-crypt.sh
+
       - name: Setup Node.js
         uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
         with:

.gitignore

@@ -228,13 +228,15 @@ CLAUDE.md
 .vercel
 .mcp.json
 demo
+sx.json
 .env**
 playwright/
 .claude.backup.*
 *.backup
-.claude/config/
 .claude/skills/
 .claude/rules/
+.claude/commands/
+.claude/agents/
 .claude/.pilot-*-baseline.json
 .DS_Store
 

.trivyignore

@@ -5,9 +5,9 @@
 #   CVE-2024-12345                     # Suppress a specific CVE
 #   generic-api-key:path/to/file.txt   # Suppress a secret finding in a specific file
 #
-# Note: launcher/ and docs/site/api/ are excluded from scanning via skip-dirs
-# in the workflow because they are git-crypt encrypted — their binary content
-# would produce false-positive secret detections.
+# Note: launcher/, console/, and docs/site/api/ are git-crypt encrypted.
+# In CI, the security-scan job decrypts them before scanning.
+# The pre-commit hook skips launcher/ and docs/site/api/ via skip-dirs.
 #
 # See: https://aquasecurity.github.io/trivy/latest/docs/configuration/filtering/
 

LICENSE

@@ -271,7 +271,7 @@ CLAIM.
 ================================================================================
 
 For licensing inquiries: https://pilot-shell.com
-For bug reports (Trial & Solo): https://github.com/maxritter/pilot-shell/issues
-For priority support & feature requests (Team): mail@maxritter.net
+For bug reports & feature requests: https://github.com/maxritter/pilot-shell/issues
+For priority support (Team): mail@maxritter.net
 
 ================================================================================

README.md

@@ -46,7 +46,9 @@ This isn't a vibe coding tool, it's true agentic engineering, but without the ad
 
 ### Prerequisites
 
-**Claude Subscription:** Solo developers should choose [Max 5x](https://claude.com/pricing) for moderate usage or [Max 20x](https://claude.com/pricing) for heavy usage. Teams should use [Team Premium](https://claude.com/pricing) (6.25x usage per member, SSO, admin tools, billing management). Companies with stricter compliance or procurement requirements should use [Enterprise](https://claude.com/pricing).
+**Claude Code:** Pilot Shell installs on top of Claude Code — install it first [via npm](https://www.npmjs.com/package/@anthropic-ai/claude-code) or the [native installer](https://docs.anthropic.com/en/docs/claude-code/setup).
+
+**Claude Subscription:** Solo developers should choose [Max 5x](https://claude.com/pricing) for moderate usage or [Max 20x](https://claude.com/pricing) for heavy usage. Teams should use [Team Premium](https://claude.com/pricing) (6.25x usage per member, SSO, admin tools, billing management). Companies with stricter compliance or procurement requirements should use [Enterprise](https://claude.com/pricing) (API based pricing applies per usage).
 
 **Terminal:** [cmux](https://www.cmux.dev/) is the best terminal for Pilot Shell on macOS — built on the Ghostty rendering engine with native split panes, workspace tabs, and Claude Code notification hooks. On Linux, [Ghostty](https://ghostty.org/download) is the recommended terminal. Both are free and open source.
 
@@ -71,7 +73,7 @@ After installation, `cd` into any project and run `pilot` or `ccp` to start Pilo
 8-step installer with progress tracking, rollback on failure, and idempotent re-runs:
 
 1. **Prerequisites** — Checks Homebrew, Node.js, Python 3.12+, uv, git
-2. **Dependencies** — Installs Vexor, playwright-cli, Claude Code, property-based testing tools
+2. **Dependencies** — Installs Vexor, playwright-cli, language servers, property-based testing tools
 3. **Shell integration** — Auto-configures bash, fish, and zsh with `pilot` alias
 4. **Config & Claude files** — Sets up `.claude/` plugin, rules, commands, hooks, MCP servers
 5. **VS Code extensions** — Installs recommended extensions for your stack
@@ -157,7 +159,7 @@ Just chat — no plan, no approval gate. Quality hooks and TDD enforcement still
 | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `/sync`  | Explores your codebase, discovers conventions, builds a search index, updates project rules. Run once initially, then anytime your project changes. |
 | `/learn` | Captures non-obvious discoveries as reusable skills. Triggers automatically or on demand.                                                           |
-| `/vault` | Shares rules, commands, and skills across your team via a private Git repository.                                                                   |
+| Teams    | Share rules, skills, commands, and agents across your team via the Console dashboard (Team plan).                                                   |
 
 ### Extensibility
 
@@ -185,11 +187,27 @@ A local web dashboard with 7 views and real-time notifications when Claude needs
 | **Memories**       | Browsable observations — decisions, discoveries, bugfixes — with type filters and search |
 | **Sessions**       | Active and past sessions with observation counts and duration                            |
 | **Usage**          | Daily token costs, model routing breakdown, and usage trends                             |
-| **Vault**          | Shared team assets with version tracking                                                 |
+| **Teams**          | Shared team assets with push, install, and management (Team plan)                        |
 | **Settings**       | Model selection per command/sub-agent, extended context toggle                           |
 
 </details>
 
+### Team Asset Sharing
+
+Share rules, skills, commands, and agents across your team from a central, private Git repository:
+
+<img src="docs/img/teams.png" alt="Teams Dashboard — shared asset management" width="700">
+
+<details>
+<summary><b>What Teams includes</b></summary>
+
+- **Shared asset management** — Push and install rules, skills, commands, and agents from the Console UI
+- **Project-scoped** — Assets are tied to repositories, so each project gets exactly what it needs
+- **Automatic versioning** — See installed vs. latest versions at a glance
+- **Guided onboarding** — New team members get a step-by-step screen to setup
+
+</details>
+
 ---
 
 ## Demo
@@ -269,11 +287,11 @@ Opus for planning — where reasoning quality matters most. Sonnet for implement
 <details>
 <summary><b>Phase-by-phase breakdown</b></summary>
 
-| Phase                 | Default | Why                                                                                                                                               |
-| --------------------- | ------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **Planning**          | Opus    | Exploring your codebase, designing architecture, and writing the spec requires deep reasoning. A good plan is the foundation of everything.       |
-| **Plan Verification** | Sonnet  | The plan-reviewer sub-agent validates completeness and challenges assumptions. Conditional: skipped for simple plans (≤3 tasks, clear scope).     |
-| **Implementation**    | Sonnet  | With a solid plan, writing code is straightforward. Sonnet is fast, cost-effective, and produces high-quality code when guided by a clear spec.   |
+| Phase                 | Default | Why                                                                                                                                                |
+| --------------------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------- |
+| **Planning**          | Opus    | Exploring your codebase, designing architecture, and writing the spec requires deep reasoning. A good plan is the foundation of everything.        |
+| **Plan Verification** | Sonnet  | The plan-reviewer sub-agent validates completeness and challenges assumptions. Conditional: skipped for simple plans (≤3 tasks, clear scope).      |
+| **Implementation**    | Sonnet  | With a solid plan, writing code is straightforward. Sonnet is fast, cost-effective, and produces high-quality code when guided by a clear spec.    |
 | **Code Verification** | Sonnet  | The unified spec-reviewer agent handles deep code review (compliance + quality + goal). The orchestrator runs mechanical checks and applies fixes. |
 
 Choose between Sonnet 4.6 and Opus 4.6 for the main session, each command, and sub-agents. A global "Extended Context (1M)" toggle enables the 1M token context window across all models simultaneously. **Note:** 1M context models require a Max (20x) or Enterprise subscription — not available to all users.
@@ -314,7 +332,7 @@ Production-tested best practices loaded into every session. Core rules cover wor
 <details>
 <summary><b>Collaboration</b></summary>
 
-- `team-vault.md` — Team Vault asset sharing via sx
+- `team-sharing.md` — Teams asset sharing via sx
 
 </details>
 
@@ -415,10 +433,10 @@ The `pilot` binary (`~/.pilot/bin/pilot`) manages sessions, worktrees, licensing
 
 Pilot Shell is source-available under a commercial license. See the [LICENSE](LICENSE) file for full terms.
 
-| Tier     | Seats | Includes                                                                     |
-| :------- | :---- | :--------------------------------------------------------------------------- |
-| **Solo** | 1     | All features, continuous updates, bug reports via [GitHub Issues][gh-issues] |
-| **Team** | Multi | Solo + multiple seats, priority email support, feature requests              |
+| Tier     | Seats | Includes                                                                           |
+| :------- | :---- | :--------------------------------------------------------------------------------- |
+| **Solo** | 1     | All features, continuous updates, community support via [GitHub Issues][gh-issues] |
+| **Team** | Multi | Solo + team asset sharing, seat management, priority support                       |
 
 All plans work across multiple personal machines and Dev Containers — one subscription, all your devices.
 
@@ -516,7 +534,7 @@ Yes. Pilot Shell installs once globally and works across all your projects — y
 <details>
 <summary><b>Can I add my own rules, commands, and skills?</b></summary>
 
-Yes. Create your own in your project's `.claude/` folder — rules, commands, and skills are all plain markdown files. Your project-level assets are loaded alongside Pilot Shell's built-in defaults and take precedence when they overlap. `/sync` auto-discovers your codebase patterns and generates project-specific rules for you. `/learn` extracts reusable knowledge from sessions into custom skills. Hooks can be extended for additional languages. Use `/vault` to share your custom assets across your team.
+Yes. Create your own in your project's `.claude/` folder — rules, commands, and skills are all plain markdown files. Your project-level assets are loaded alongside Pilot Shell's built-in defaults and take precedence when they overlap. `/sync` auto-discovers your codebase patterns and generates project-specific rules for you. `/learn` extracts reusable knowledge from sessions into custom skills. Hooks can be extended for additional languages. Use the Teams dashboard in the Console to share your custom assets across your team.
 
 </details>