docs(cli): rewrite /cli for the new TUI cockpit

content/docs/cli/commands/index.mdx

@@ -1,51 +1,60 @@
 ---
-title: Overview
-description: Reference for the Mogplex CLI command surface, with implemented standalone commands promoted and reserved names summarized separately.
+title: Slash Commands
+description: Every slash command you can type in the Mogplex CLI composer.
 ---
 
-Pick a command from the sidebar, or run `mogplex --help` in your terminal to see
-the full list.
+The CLI's command surface is **slash commands** in the composer. There are no top-level subcommands beyond bare `mogplex` (open the cockpit) and `mogplex --attach <runId>` (attach mode).
 
-Use the sidebar for the production-ready standalone commands. For the full flag
-list of any command name, run `mogplex <command> --help`. That output is the
-source of truth and reflects whichever CLI version you have installed.
+## Run control
 
-## Start here
+| Command | What it does |
+| --- | --- |
+| `/run <task>` | Start a new run with the given task as the initial prompt. |
+| `/pause` | Pause the active run. Agents stop at the next safe point. |
+| `/resume` | Resume a paused run. |
+| `/kill` | Cancel the active run. Agents are stopped; in-flight tool calls are interrupted. |
 
-The most important entrypoints for day-to-day use are:
+## Surface inspection
 
-- `mogplex` for an interactive session
-- `mogplex exec "<prompt>"` for a one-off task
-- `mogplex login` and `mogplex login status` for stored credentials
-- `mogplex slash list` for the slash-command registry
+| Command | What it does |
+| --- | --- |
+| `/agents` | List agents on the active run with status and current action. |
+| `/mcp` | Open the MCP drawer — per-server status and tools. |
+| `/memory` | Open the Memory drawer — browse and manage entries. |
+| `/diff` | Open the Diff drawer — inspect patches produced by the run. |
+| `/cost` | Open the Cost drawer — tokens, cost, projections per agent. |
 
-## Current state of the command surface
+## Cockpit control
 
-The help output currently lists more command names than the CLI has fully wired
-as standalone subcommands.
+| Command | What it does |
+| --- | --- |
+| `/model` | Open the Model Picker drawer — switch the run's model. |
+| `/permissions <mode>` | Set the active permission mode (`approval` or `auto`). Takes effect on next run. |
+| `/permissions` | (no arg) Show the resolved permission state and where each rule came from. |
+| `/export` | Open the Run Export drawer — serialize the run as JSON, JSONL, or Markdown. |
+| `/help` | Open the Command Palette to fuzzy-search every action. |
+| `/clear` | Clear the composer. |
+| `/quit` (alias `/exit`) | Clean exit. |
 
-In the current build, the most established standalone paths are:
+## Auth
 
-- `exec`
-- `login`
-- `slash`
+| Command | What it does |
+| --- | --- |
+| `/login` | Open the in-app login flow. |
+| `/logout` | Clear stored Mogplex token. The login screen appears next launch. |
 
-The additional names that still appear in `mogplex --help` but are not yet
-real standalone entrypoints are summarized on
-[Reserved Names](/cli/commands/reserved-names) instead of being treated as
-first-class command pages in the main nav.
+## Composing tasks
 
-## What this reference is for
+Anything that is **not** a slash command is sent to the active agent as a task or follow-up:
 
-Use the command pages when you already know the command you want and need the
-canonical name, aliases, or help entrypoint.
+```text
+> rebuild the validation layer using zod and update the tests
+```
 
-For interactive workflows that happen inside a live session, use
-`mogplex slash list` and the [Quickstart](/cli/quickstart).
+If you type a partial slash command, autocomplete candidates appear above the line. Unknown slash commands surface as inline composer errors so you don't accidentally send them as prompts.
 
-For auth behavior and credential precedence, use the
-[Authentication guide](/cli/guides/authentication).
+## See also
 
-For one-off scripting and slash execution, use the
-[Exec Mode guide](/cli/guides/exec-mode) and
-[Slash Commands guide](/cli/guides/slash-commands).
+- [Reference → Drawers](/cli/reference/drawers) — what each drawer does once opened.
+- [Concepts → Permissions](/cli/concepts/permissions) — what `/permissions <mode>` actually changes.
+- [Concepts → Attach](/cli/concepts/attach) — `--attach <runId>` for in-flight runs.

content/docs/cli/commands/meta.json

@@ -1,11 +1,5 @@
 {
   "title": "Commands",
   "defaultOpen": true,
-  "pages": [
-    "index",
-    "exec",
-    "login",
-    "slash",
-    "reserved-names"
-  ]
+  "pages": ["index"]
 }

content/docs/cli/concepts/approvals.mdx

@@ -0,0 +1,77 @@
+---
+title: Approvals
+description: How tool calls get gated, the approval queue, risk levels, and what auto-reject means.
+---
+
+When the active permission mode is `approval`, tool calls that would touch the workspace, write memory, run commands, delete files, use remote tools, or change the model pause and route through the **Approval drawer**.
+
+## The flow
+
+```
+agent wants to run something
+        │
+        ▼
+permission resolver: allow / ask / deny?
+        │
+        ├── allow ──► runs immediately, surfaces as a normal timeline event
+        ├── deny  ──► auto-rejected, surfaces as a denied event
+        └── ask   ──► joins the approval queue
+```
+
+Items in the queue render in the **Approval drawer** with:
+
+- the action and target
+- an inferred **risk level** (`low`, `medium`, `high`)
+- the agent that requested it
+- the tool involved
+- a quick approve/reject affordance
+
+## Actions that can be gated
+
+Any of these can hit the queue:
+
+| Action | What it usually means |
+| --- | --- |
+| `apply_patch` | Apply a code change |
+| `write_memory` | Write to long-term memory |
+| `run_command` | Execute a shell command |
+| `delete_file` | Delete a file or directory |
+| `use_remote_tool` | Call a remote MCP tool |
+| `change_model` | Switch the model mid-run |
+
+## Risk levels
+
+| Level | Examples |
+| --- | --- |
+| **low** | Read-only commands, dry-run patches |
+| **medium** | Writes inside the workspace, shell commands with side effects |
+| **high** | Deletes, network calls, anything outside the workspace |
+
+The drawer color-codes by risk so you can scan quickly.
+
+## Approve, reject, batch
+
+- **Approve** runs the action immediately and resumes the agent.
+- **Reject** marks the action as denied; the agent decides how to proceed (usually picking a different approach).
+- **Batch approve** is available when multiple items are queued and obviously related.
+
+The store keeps **optimistic state** — once you approve, the UI assumes success until the event-loop confirms or contradicts. That means the drawer feels instant even if core takes a moment to act.
+
+## Auto-reject
+
+If a request matches a `deny` rule from the resolved permissions ([Permissions](/cli/concepts/permissions)), it's **auto-rejected** without ever joining the queue. The denial still appears in the timeline so you can see what was attempted.
+
+## What `auto` mode changes
+
+In `auto` mode, no requests join the queue — everything runs immediately. This is the explicit user opt-in to "no questions asked" and maps to the most permissive runtime flags. Switch back with `/permissions approval` whenever you want the gates back.
+
+## Where approvals show up
+
+- **Approval drawer** — the queue, opened with `/help` → "Open Approval" or via the command palette.
+- **Priority alerts strip** — high-risk pending approvals surface here so they aren't missed if a drawer is closed.
+- **Timeline** — every approved/rejected/auto-rejected action appears as a structured event.
+
+## Read next
+
+- [Permissions](/cli/concepts/permissions) — how `allow` / `ask` / `deny` rules are configured.
+- [Reference → Drawers](/cli/reference/drawers) — the Approval drawer in detail.