feat(harris-teeter): add harris-teeter

[jwmoss]

harris-teeter

Read-only Harris Teeter grocery CLI for products, stores, coupons, cart, lists, account preferences, and recommendations through the logged-in web app session.

API: harris-teeter | Category: commerce | Press version: 4.0.2
Spec: Browser-sniffed internal spec from https://www.harristeeter.com/

CLI Shape

$ harris-teeter-pp-cli --help
Manage harris-teeter resources via the harris-teeter API.

Available Commands:
  account          Inspect logged-in customer preferences and membership state.
  auth             Manage authentication for Harris Teeter
  cart             List carts for the current logged-in Harris Teeter account.
  coupons          List available digital coupons, optionally filtered by UPC.
  lists            Inspect Harris Teeter shopping lists.
  products         Search Harris Teeter products, look up item details, and inspect search facets.
  recommendations  Inspect personalized grocery recommendations from the web app.
  stores           Find stores by ZIP code, city, state, or address text.

What This CLI Does

This CLI replays the Harris Teeter web app's browser-observed Atlas JSON endpoints with a logged-in Chrome session. It includes a live Chrome auth fallback for auth login --chrome, and it adds the Harris Teeter LAF/modality headers required for product and coupon endpoints.

The shipped surface is read-only: product search/detail, store lookup, digital coupons, cart/list/account inspection, and recommendation reads. It intentionally avoids checkout, ordering, or cart-write flows.

Manuscripts

• Research Brief
• Shipcheck Results

Validation Results

Check	Result
Manifest	PASS
Transcendence	PASS
Phase 5 live dogfood	PASS, quick 6/6
go mod tidy	PASS
go vet	PASS
go build	PASS
go test ./...	PASS
--help	PASS
--version	PASS
verify-skill	PASS
Manuscripts	PRESENT

Gaps

• MCP readiness is marked partial because this was generated from browser-observed traffic rather than a complete official public API.
• Auth depends on the user's logged-in Harris Teeter browser session.
• Store-specific product/coupon defaults are seeded from the captured store context and can be overridden with HARRIS_TEETER_LOCATION_ID, HARRIS_TEETER_FACILITY_ID, HARRIS_TEETER_MODALITY_TYPE, or HARRIS_TEETER_LAF_OBJECT.

[greptile-apps]

Greptile Summary

This PR adds a new harris-teeter read-only CLI to the commerce library, replaying browser-observed Atlas JSON endpoints with a logged-in Chrome session for products, stores, coupons, cart, lists, account, and recommendations. It follows the standard Printing Press shape with typed SQLite upserts, FTS5 search, adaptive rate limiting, and a multi-tool Chrome cookie extraction fallback chain.

• Auth: Cookies are extracted via pycookiecheat, cookies CLI, cookie-scoop, or a live CDP/agent-browser fallback; the token-refresh scaffold is present but intentionally inert (browser-session pattern, no OAuth token URL).
• Store: Per-resource typed tables (account, coupons, lists, products, recommendations) backed by a generic FTS5 resources table; schema versioning with PRAGMA user_version guards forward-incompatible opens.
• Client: Harris Teeter-specific LAF/modality headers injected on /atlas/ paths; 5-minute file cache with SHA-256 keys; adaptive rate limiter with 429 backoff.

Confidence Score: 5/5

Read-only grocery CLI with no mutating write paths; the two new findings are both non-blocking quality items that do not affect correctness of the shipped surface.

All shipped commands are read-only. The rate-limiter race only manifests under explicit --concurrency > 1 and degrades performance rather than correctness. The ResolveByName injection risk is latent in dead code with no current callers. Issues flagged in prior rounds are acknowledged in the PR description as known gaps. No data loss, auth bypass, or hard failure paths were found in the new code.

internal/store/store.go (ResolveByName JSON path) and internal/cliutil/ratelimit.go (Wait() TOCTOU) are worth a second look before the functions are called from higher-level commands.

Security Review

• store.go ResolveByName — JSON path injection (dead code): field is interpolated into json_extract('$.%s') via fmt.Sprintf with no validation; any future caller passing user-supplied field names could inject SQL. Flagged with a suggested identifier guard.
• store.go ListIDs — table name injection (flagged in prior review): resourceType is interpolated directly into SELECT id FROM %s; current callers are all internal but the signature accepts arbitrary strings.
• auth.go countCookiesForDomain: SQL built with fmt.Sprintf and passed to a sqlite3 subprocess; domain is hardcoded to .harristeeter.com so there is no current exploit path.

Important Files Changed

Filename	Overview
library/commerce/harris-teeter/internal/client/client.go	HTTP client with retry/rate-limit logic and per-endpoint Harris Teeter LAF headers. Cache-key non-determinism and dead token-refresh path flagged in prior review rounds; no new blocking issues found.
library/commerce/harris-teeter/internal/store/store.go	SQLite store with typed upsert dispatch, FTS5 indexing, and schema-version gating. ResolveByName JSON path injection (dead code, no current callers) flagged in this review.
library/commerce/harris-teeter/internal/cli/auth.go	Chrome cookie extraction with multi-tool fallback chain. Python path interpolation and sqlite3 query construction flagged in prior review round; no new blocking issues found.
library/commerce/harris-teeter/internal/cliutil/ratelimit.go	Adaptive rate limiter with 429-backoff and success ramp. TOCTOU race in Wait() allows burst requests under --concurrency > 1 (flagged in this review).
library/commerce/harris-teeter/internal/config/config.go	TOML config load/save for auth tokens and base URL. File written at 0o600, config dir at 0o700. No issues found.
library/commerce/harris-teeter/internal/cli/root.go	Root Cobra command with persistent flags and PersistentPreRunE for agent-mode defaults. Clean; no issues.

_{Reviews (2): Last reviewed commit: "chore(skills): add harris-teeter mirror" | Re-trigger Greptile}

[tmchow]

@jwmoss printing press is on v4.8. Can you please reprint after this merges?