fix: fix: hire-an-agent fails — unbound user_pass, admin auth, silent repo creation failure, unauthenticated clone (#184)

bin/disinto

@@ -2711,10 +2711,8 @@ disinto_hire_an_agent() {
     echo "  Repo '${agent_name}/.profile' already exists"
   else
     # Get user token for creating repo
+    # Always try to get token using user_pass (set in Step 1 for new users, reset for existing)
     local user_token=""
-    if [ "$user_exists" = true ]; then
-      # Try to get token for the new user
-      # Note: user_pass was set in Step 1; for existing users this will fail (unknown password)
     user_token=$(curl -sf -X POST \
       -u "${agent_name}:${user_pass}" \
       -H "Content-Type: application/json" \
@@ -2729,7 +2727,6 @@ disinto_hire_an_agent() {
         "${forge_url}/api/v1/users/${agent_name}/tokens" 2>/dev/null \
         | jq -r '.[0].sha1 // empty') || user_token=""
     fi
-    fi
 
     # Fall back to admin token if user token not available
     if [ -z "$user_token" ]; then
@@ -2762,8 +2759,8 @@ disinto_hire_an_agent() {
       create_output=$(curl -sf -X POST \
         -H "Authorization: token ${user_token}" \
         -H "Content-Type: application/json" \
-        "${forge_url}/api/v1/admin/repos" \
-        -d "{\"owner\":\"${agent_name}\",\"name\":\".profile\",\"description\":\"${agent_name}'s .profile repo\",\"private\":true,\"auto_init\":false}" 2>&1) || true
+        "${forge_url}/api/v1/admin/users/${agent_name}/repos" \
+        -d "{\"name\":\".profile\",\"description\":\"${agent_name}'s .profile repo\",\"private\":true,\"auto_init\":false}" 2>&1) || true
 
       if echo "$create_output" | grep -q '"id":\|[0-9]'; then
         repo_created=true