Problem
First-time users hit cryptic errors when API keys are missing or MCP auth is expired. No guided setup.
Proposed Solution
punch init should:
- Detect available LLM providers and guide API key setup
- Detect available MCP servers in the environment
- Walk through OAuth flows for services that need it (Gmail, Calendar, etc.)
- Test all connections before completing
- Generate a working
punch.toml with validated config
punch doctor should:
- Detect expired OAuth tokens with clear re-auth messages
- Test MCP server connections and report status
- Check for missing API keys with provider-specific guidance
- Surface actionable fixes, not raw errors
Problem
First-time users hit cryptic errors when API keys are missing or MCP auth is expired. No guided setup.
Proposed Solution
punch initshould:punch.tomlwith validated configpunch doctorshould: