Sealtun

First Decision

Classify the request before answering or editing:

• User operation: install, shell completion, guided init, login, up, discover local ports, expose HTTPS, remote HTTP upstream targets, SSH, or generic TCP, access cluster-internal Services/Pods with connect, generate protocol templates, secure public HTTP traffic, show/set policy, audit access, create/list/revoke/rotate temporary share links, rotate server secret, plan/add/verify a custom domain, inspect state, watch status, view or tune resources, stop/start/resume, clean up, export YAML, or use the dashboard. Read references/cli.md.
• Declarative configuration: sealtun.yaml, apply -f, diff -f, export, multi-tunnel management, stable names, ttl, Pod resources, HTTPS access policies, SSH tunnel declarations, or generic TCP tunnel declarations. Read references/declarative.md.
• Troubleshooting: login/profile mismatch, daemon/session issues, local port discovery/failures, SSH/TCP direct NodePort problems, remote Kubernetes problems, resource lists/resource occupancy, DNS, Ingress, certificate, logs, metrics, events, dashboard live updates, or dashboard behavior. Read references/troubleshooting.md.
• Skill maintenance or quality review: trigger precision, workflow scoring, or regression prompts for this skill. Read references/evals.md.

If the request is inside the Sealtun repository, prefer the current source tree and README over these references when they conflict. Use rg to inspect Cobra commands and flags before changing CLI usage guidance.

Intent Routing

Use the user's intent to choose the shortest safe path: