fix: disable memory without key

[Damin-Lee]

Summary

• do not launch browser auth from SessionStart when no API key is configured
• return a silent continue response so Claude Code sessions proceed without memory context
• rebuild plugin scripts from the source change

Verification

• no-key SessionStart hook returns {"continue":true,"suppressOutput":true}

[vorflux]

Reviewed — found 1 issue.

The silent-continue behavior is the right call for non-interactive environments (CI, headless shells) where the old browser popup would block indefinitely. However, removing startAuthFlow entirely breaks the documented re-authentication contract without providing a replacement path.

---

Review with Vorflux

[vorflux]

Breaking change: removes the only re-authentication path with no replacement.

startAuthFlow() is not called anywhere else in src/, and there is no /login command in plugin/commands/. This creates two concrete breakages:

1. First-time users with no env var, no project config, and no ~/.supermemory-claude/credentials.json will silently get no memory — with no indication of how to set up their key beyond reading the README.

2. Users who ran /claude-supermemory:logout are now stuck. logout.md explicitly tells them: "The next time a Supermemory hook runs, you'll be prompted to log in again via browser." After this change that promise is broken — the hook just silently continues with no memory and no prompt.

If the intent is to remove the auto-popup (reasonable for headless/CI environments), consider adding a /claude-supermemory:login command that explicitly triggers startAuthFlow(), and updating logout.md to point users there instead.