feat: AI-native Robinhood trading interface for agents

TypeScript monorepo providing a standalone API client (@rh-for-agents/client)
and MCP server with 18 tools for AI agents to interact with Robinhood.

- Standalone client library with session caching, multi-account support,
  and proper error handling (AuthenticationError, APIError)
- MCP server exposing tools for portfolio, trading, options, research,
  and account management via stdio transport
- Claude Code skills with three-layer progressive disclosure
  (SKILL.md → reference.md → client-api.md)
- Browser-based authentication via playwright-core: passive network
  interception of OAuth tokens (no DOM interaction, resilient to UI changes)
- Token refresh flow with device_token and expires_in (matching pyrh)
- AES-256-GCM encrypted token storage with OS keychain key management
- Order placement safety checks — explicit parameters, user confirmation required
- Full test suite with mocked HTTP layer (Vitest)
- Biome v2 for linting/formatting, strict TypeScript, ESM-only

Author: kevin1chun

.github/FUNDING.yml

@@ -0,0 +1 @@
+github: kevin1chun

.github/ISSUE_TEMPLATE/bug_report.md

@@ -6,7 +6,7 @@ labels: bug
 
 ## Environment
 
-- **rh-agent-tools version**:
+- **rh-for-agents version**:
 - **Bun version** (`bun --version`):
 - **OS**:
 - **MCP client** (Claude Code / Claude Desktop / other):

.github/dependabot.yml

@@ -0,0 +1,13 @@
+version: 2
+updates:
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: weekly
+    groups:
+      minor-and-patch:
+        update-types: [minor, patch]
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly

.github/workflows/ci.yml

@@ -2,15 +2,15 @@ name: CI
 
 on:
   push:
-    branches: [master]
+    branches: [main]
   pull_request:
-    branches: [master]
+    branches: [main]
 
 jobs:
   check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: oven-sh/setup-bun@v2
       - run: bun install --frozen-lockfile
       - run: bun run check

.github/workflows/release.yml

@@ -0,0 +1,31 @@
+name: Release
+on:
+  push:
+    tags: ["v*"]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write      # create GitHub Release
+      id-token: write      # npm provenance
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+          registry-url: "https://registry.npmjs.org"
+      - uses: oven-sh/setup-bun@v2
+      - run: bun install --frozen-lockfile
+      - run: bun run check
+      - run: bun run typecheck
+      - run: npx vitest run
+      - run: cd packages/client && npm publish --provenance --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+      - run: cd packages/server && npm publish --provenance --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+      - uses: softprops/action-gh-release@v2
+        with:
+          generate_release_notes: true

.gitignore

@@ -7,3 +7,4 @@ dist/
 .DS_Store
 *~
 coverage/
+.claude/

CHANGELOG.md

@@ -5,19 +5,39 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [0.3.0] - 2025-03-10
+## [0.2.0] - 2026-03-10
+
+### Added
+
+- **Token refresh flow** using `refresh_token` + `device_token` with `expires_in: 734000` (~8.5 days, matching pyrh). Sessions last significantly longer before requiring browser re-login.
+- Detailed encrypt/decrypt flow diagrams in `ARCHITECTURE.md`
+- Authentication section in `CLAUDE.md` documenting browser auth mechanism
+
+### Fixed
+
+- **device_token capture** in browser login — Robinhood's frontend sends OAuth requests as JSON, not form-urlencoded. The interceptor now parses JSON first, correctly capturing `device_token`.
+- **Release workflow** — added `setup-node` with `registry-url` for npm authentication
+
+### Changed
+
+- README prerequisites clarified: Google Chrome is required by `playwright-core` (no bundled browser)
+- Removed `robin_stocks` migration context from `ARCHITECTURE.md`
+- Removed OpenClaw MCP bridge references from README
+
+## [0.1.0] - 2026-03-10
 
 ### Added
 
 - **MCP Server** with 18 structured tools for any MCP-compatible AI agent
-- **Standalone client library** (`@rh-agent-tools/client`) with ~50 async methods
+- **Standalone client library** (`@rh-for-agents/client`) with ~50 async methods
 - **5 Claude Code skills**: setup, portfolio, research, trade, options
 - Browser-based authentication via Playwright (Chrome)
 - AES-256-GCM encrypted session storage with OS keychain key management
 - Multi-account support (first-class across all account-scoped methods)
-- Interactive onboarding TUI (`rh-agent-tools onboard`)
-- One-command install for Claude Code (`rh-agent-tools install`)
+- Interactive onboarding TUI (`rh-for-agents onboard`)
+- One-command install for Claude Code (`rh-for-agents install`)
 - Safety controls: blocked fund transfers, blocked bulk cancels, explicit order parameters
 - Support for Claude Code, Codex, and OpenClaw agents
 
-[0.3.0]: https://github.com/kevin1chun/rh-agent-tools/releases/tag/v0.3.0
+[0.2.0]: https://github.com/kevin1chun/rh-for-agents/compare/v0.1.0...v0.2.0
+[0.1.0]: https://github.com/kevin1chun/rh-for-agents/releases/tag/v0.1.0

CLAUDE.md

@@ -1,10 +1,10 @@
-# rh-agent-tools
+# rh-for-agents
 
 AI-native Robinhood trading interface — TypeScript monorepo with a standalone API client and MCP server.
 
 ## Project Structure
-- `packages/client/` — `@rh-agent-tools/client`: Standalone Robinhood API client
-- `packages/server/` — `rh-agent-tools`: MCP server with 18 tools
+- `packages/client/` — `@rh-for-agents/client`: Standalone Robinhood API client
+- `packages/server/` — `rh-for-agents`: MCP server with 18 tools
 - `.claude/skills/` — Claude Code skills for interactive use (SKILL.md only, no scripts)
 - `docs/` — Architecture, access controls, use cases, contributing
 
@@ -15,12 +15,12 @@ AI-native Robinhood trading interface — TypeScript monorepo with a standalone
 - **Validation**: Zod v3.24 (API responses + MCP tool schemas)
 - **Testing**: Vitest (not `bun test` — module isolation matters)
 - **Linting**: Biome v2
-- **Browser Auth**: playwright-core (browser auth)
+- **Browser Auth**: playwright-core (drives system Chrome, no bundled browser)
 
 ## Running the MCP Server
 ```bash
 bun install
-bun packages/server/bin/rh-agent-tools.ts
+bun packages/server/bin/rh-for-agents.ts
 ```
 
 ## Development
@@ -33,7 +33,7 @@ npx vitest run      # all tests (use vitest, NOT bun test)
 ## Skills
 Canonical skill source is `packages/server/skills/`. Local `.claude/skills/` contains symlinks for development.
 
-Install MCP server + skills: `bun packages/server/bin/rh-agent-tools.ts install`
+Install MCP server + skills: `bun packages/server/bin/rh-for-agents.ts install`
 
 Skills use three-layer progressive disclosure:
 1. **SKILL.md** — MCP tool orchestration (default)
@@ -49,7 +49,7 @@ Available skills:
 
 ## Client Patterns
 ```typescript
-import { RobinhoodClient, getClient } from "@rh-agent-tools/client";
+import { RobinhoodClient, getClient } from "@rh-for-agents/client";
 
 // Class-based
 const client = new RobinhoodClient();
@@ -62,10 +62,18 @@ await rh.restoreSession();
 ```
 - All methods are `async` (native `fetch` under the hood)
 - Multi-account is first-class: every account-scoped method accepts `accountNumber`
-- Session cached to `~/.rh-agent-tools/session.enc` (AES-256-GCM, key in OS keychain)
+- Session cached to `~/.rh-for-agents/session.enc` (AES-256-GCM, key in OS keychain)
+- Token refresh via `refresh_token` + `device_token` when access token expires
 - Proper exceptions: `AuthenticationError`, `APIError`
 - **Do NOT use `phoenix.robinhood.com`** — it rejects TLS. Use `api.robinhood.com` endpoints only.
 
+## Authentication
+- Browser login (`robinhood_browser_login`) opens system Chrome via playwright-core
+- Purely passive — Playwright intercepts `/oauth2/token` network traffic, never interacts with the DOM
+- Request body (JSON) → captures `device_token`; Response → captures `access_token` + `refresh_token`
+- Tokens encrypted with AES-256-GCM, key stored in OS keychain (never on disk)
+- `restoreSession()` validates cached token, falls back to refresh, then directs to browser login
+
 ## Safety Rules
 - **NEVER** place bulk cancel operations
 - **NEVER** call fund transfer functions