Command-line client for the Nexla agent API.
Project description
nexla-cli
Command-line client for the Nexla agent API. Depends on only typer and
httpx — no FastAPI, Daytona, Supabase, or other backend dependencies.
Install
pipx install "git+https://github.com/abhishekkumar705/nexla-agent-cli.git"
Or with uv:
uv tool install "git+https://github.com/abhishekkumar705/nexla-agent-cli.git"
From Node/TypeScript projects (no Python required)
npm install -g nexla-cli
# or run once-off:
npx nexla-cli sources list
This installs a prebuilt native binary (published to GitHub Releases by
.github/workflows/release-binaries.yml) behind a thin npm/ wrapper — no
Python interpreter needed on the target machine. See npm/README.md for how
releases are cut.
From PyPI
pip install nexla-cli
# or
uvx nexla-cli sources list
pipx install nexla-cli
Published by .github/workflows/publish-pypi.yml — see "Publishing to
PyPI" below.
Publishing to PyPI
Tagging a release (git tag vX.Y.Z && git push --tags — same tag used to
trigger .github/workflows/release-binaries.yml, see npm/README.md for
the full release checklist) also triggers publish-pypi.yml, which builds
the sdist+wheel and publishes them to PyPI using
Trusted Publishing (OIDC) —
no long-lived API token stored in this repo.
One-time setup required on pypi.org before the first release (repo owner only, not automatable from here):
- Create the
nexla-cliproject on PyPI (or reserve the name). - Project → Settings → Publishing → add a trusted publisher:
- Owner:
abhishekkumar705, repo:nexla-agent-cli - Workflow filename:
publish-pypi.yml - Environment name:
pypi
- Owner:
- Nothing else to configure — no secrets to add. The workflow's
id-token: writepermission plus thepypiGitHub Environment satisfy PyPI's OIDC handshake automatically.
Quick start
export NEXLA_API_URL=https://dev-api-express-code.nexla.com
export NEXLA_TOKEN=$(nexla login --service-key <your-service-key>)
nexla sources list
nexla login prints a bearer token to stdout (see command substitution
above); alternatively, set the following environment variables directly:
NEXLA_API_URL— base URL of the deployed Nexla agent APINEXLA_TOKEN— bearer token to authenticate requests
Using this CLI from Claude Code
The package ships a Claude Code skill (AGENTS.md + SKILL.md, installed alongside the nexla_cli package) encoding invariants an agent can't infer from --help alone — output modes, --dry-run, --json/--params precedence, exit codes, and treating API responses as untrusted data.
Claude Code only discovers skills placed at ~/.claude/skills/<name>/SKILL.md (global) or .claude/skills/<name>/SKILL.md (project-local) — a file merely present inside an installed pip package isn't picked up automatically. Symlink it in once, after installing the CLI. pipx/uv tool install both use an isolated venv, so a plain system python3 -c "import nexla_cli" won't find it — locate it inside that isolated venv instead:
mkdir -p ~/.claude/skills/nexla-cli
# if installed with `uv tool install`:
ln -sf "$(uv tool dir)/nexla-cli/lib/python3."*"/site-packages/nexla_cli/SKILL.md" \
~/.claude/skills/nexla-cli/SKILL.md
# if installed with `pipx install`:
ln -sf "$HOME/.local/pipx/venvs/nexla-cli/lib/python3."*"/site-packages/nexla_cli/SKILL.md" \
~/.claude/skills/nexla-cli/SKILL.md
A symlink (not a copy) means nexla-cli upgrades automatically pick up any future skill content updates. Restart Claude Code (or start a new session) after installing for it to be picked up.
Global flags
Available on every command except login and schema (both always print raw output regardless of these flags):
| Flag | Effect |
|---|---|
--output / -o table|json|ndjson |
Force an output mode. Defaults to table on a TTY, json otherwise (also settable via NEXLA_OUTPUT/OUTPUT_FORMAT). |
--fields id,name,... |
Mask output down to just these keys, on any list/get. |
--page-all |
Stream every page of a list command as NDJSON instead of returning one page. |
These can be placed before or after the subcommand, e.g. both nexla --output json sources list and nexla sources list --output json work.
Every mutating command also accepts --dry-run: validates the request body against the live API schema and prints {"valid": ...} without making the real (mutating) call.
Raw JSON payloads
create/update-style commands (sources, sinks, credentials, toolsets, nexsets transform, mcp-servers attach, tools set-runtime-config) accept the full request body directly, not just their named flags:
nexla sources create --name my-source --connector s3 --json '{"credential_id": 123}'
nexla sources update 42 --params description="updated via params"
Precedence when a key is given more than one way: named CLI flags win, then --json, then --params (lowest). This lets you set a field the CLI hasn't added a dedicated flag for yet, without waiting on a CLI release.
Response sanitization
Every response is passed through a sanitizer before rendering, in every output mode: ANSI escape sequences, control characters, and invisible Unicode (zero-width spaces, byte-order marks, bidirectional overrides) are stripped unconditionally — always on, no flag. This defends against a malicious API response field hijacking a human's terminal, or hiding text from a human while an agent still reads it. It is not a semantic filter — API response content should still be treated as untrusted data (see AGENTS.md), this only strips characters no legitimate field value would ever need.
Full command reference
nexla --help
nexla <resource> --help
| Resource | Commands |
|---|---|
login |
login --service-key <key> [--api-url <url>] — exchanges a service key for a bearer token, printed to stdout |
schema |
schema [<resource>.<verb>] — machine-readable JSON signature of one command or the whole /nexla/* surface, fetched live from the deployed API's OpenAPI doc |
sources |
list, get, create, update, activate, pause, delete, sample, file-upload |
sinks |
list, get, create, update, activate, pause, delete |
nexsets |
list, get, transform, activate |
credentials |
list, get, create, update, delete |
flows |
list, get, activate, pause, delete |
transforms |
test |
connectors |
search, describe, describe-credential, describe-credential-mode, describe-source, describe-source-endpoint, describe-sink, describe-sink-endpoint |
probe |
run |
toolsets |
list, get, create, update, delete, add-nexsets |
tools |
list, get, set-runtime-config, clear-runtime-config, delete |
mcp-servers |
list, attach, sync, detach (nested under a toolset) |
context |
get |
orgs |
list, get |
code-containers |
list |
metrics |
catalog, for-resource, get |
users |
list, get |
notifications |
list |
code-containers, metrics, users, and notifications proxy resources the API hasn't implemented yet (they return HTTP 501 until it does).
Exit codes
| Code | Meaning |
|---|---|
| 0 | success |
| 2 | bad local input (validation, --dry-run failure) |
| 3 | NEXLA_API_URL/NEXLA_TOKEN not set |
| 4 | 401/403 from the API |
| 5 | 404 |
| 6 | 5xx from the API |
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file nexla_cli-0.2.0.tar.gz.
File metadata
- Download URL: nexla_cli-0.2.0.tar.gz
- Upload date:
- Size: 83.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
179347ec1709d269d5792ea0e0510b07fc15095e349f6169d583ab6b47869c7a
|
|
| MD5 |
383957e4f935a05233095a0f5973f3de
|
|
| BLAKE2b-256 |
c41573b4b1ffc3f5863fd2eabb96cdd5f896d96aeadc87cbedc38f013abede5c
|
Provenance
The following attestation bundles were made for nexla_cli-0.2.0.tar.gz:
Publisher:
publish-pypi.yml on abhishekkumar705/nexla-agent-cli
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
nexla_cli-0.2.0.tar.gz -
Subject digest:
179347ec1709d269d5792ea0e0510b07fc15095e349f6169d583ab6b47869c7a - Sigstore transparency entry: 2138254486
- Sigstore integration time:
-
Permalink:
abhishekkumar705/nexla-agent-cli@0a83e6e2300ec38eaa149e53f48a378ac72ddcd7 -
Branch / Tag:
refs/tags/v0.2.1 - Owner: https://github.com/abhishekkumar705
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@0a83e6e2300ec38eaa149e53f48a378ac72ddcd7 -
Trigger Event:
push
-
Statement type:
File details
Details for the file nexla_cli-0.2.0-py3-none-any.whl.
File metadata
- Download URL: nexla_cli-0.2.0-py3-none-any.whl
- Upload date:
- Size: 62.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7635e684527f10a7031e84189705466ee71b463302f897674e77f388bbc73e27
|
|
| MD5 |
88c611b93de1c3a0ecb0eb8da74d858a
|
|
| BLAKE2b-256 |
db1881118476123ffcdb730e50cbbd9cc1be68d77aeb10f8b779097ddc7542a9
|
Provenance
The following attestation bundles were made for nexla_cli-0.2.0-py3-none-any.whl:
Publisher:
publish-pypi.yml on abhishekkumar705/nexla-agent-cli
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
nexla_cli-0.2.0-py3-none-any.whl -
Subject digest:
7635e684527f10a7031e84189705466ee71b463302f897674e77f388bbc73e27 - Sigstore transparency entry: 2138254492
- Sigstore integration time:
-
Permalink:
abhishekkumar705/nexla-agent-cli@0a83e6e2300ec38eaa149e53f48a378ac72ddcd7 -
Branch / Tag:
refs/tags/v0.2.1 - Owner: https://github.com/abhishekkumar705
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@0a83e6e2300ec38eaa149e53f48a378ac72ddcd7 -
Trigger Event:
push
-
Statement type: