rails-active-mcp 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: c88ad5ec7c769714d518060dff566fd4578f8831b02128be92f3f741d481886f
+  data.tar.gz: a57f58673130bfd1d3a66847cdcdf16c1b1629f1bb82a28ed75fb8ff44a01acc
+SHA512:
+  metadata.gz: ddb8d8c4627ea15b8290923c1dc00edb8e98e34ef6c26bf3b0ecce25c5cbb72cad22a7df5aa2d2bd4f7b878a8ac584b7df73f3e08128af10624aa0c0d3592997
+  data.tar.gz: 50ca2b25b14d8e927f916ce21cfca0c19d0bbd287aafd56416ef379174fffe5ee7959e29a6d6da1f5e95cec9b83e4b4fa352d68d3eb5778f75065e83f674febe

data/.idea/.gitignore

@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Editor-based HTTP Client requests
+/httpRequests/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml

data/.idea/discord.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="DiscordProjectSettings">
+    <option name="show" value="ASK" />
+    <option name="description" value="" />
+  </component>
+</project>

data/.idea/modules.xml

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/rails-active-mcp-gem.iml" filepath="$PROJECT_DIR$/.idea/rails-active-mcp-gem.iml" />
+    </modules>
+  </component>
+</project>

data/.idea/rails-active-mcp-gem.iml

@@ -0,0 +1,111 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="RUBY_MODULE" version="4">
+  <component name="ModuleRunConfigurationManager">
+    <shared />
+  </component>
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$">
+      <sourceFolder url="file://$MODULE_DIR$/features" isTestSource="true" />
+      <sourceFolder url="file://$MODULE_DIR$/spec" isTestSource="true" />
+      <sourceFolder url="file://$MODULE_DIR$/test" isTestSource="true" />
+    </content>
+    <orderEntry type="jdk" jdkName="asdf: 3.4.2" jdkType="RUBY_SDK" />
+    <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" scope="PROVIDED" name="actioncable (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="actionmailbox (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="actionmailer (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="actionpack (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="actiontext (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="actionview (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="activejob (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="activemodel (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="activerecord (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="activestorage (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="activesupport (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="ast (v2.4.3, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="base64 (v0.3.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="benchmark (v0.4.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="bigdecimal (v3.2.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="builder (v3.3.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="bundler (v2.6.9, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="byebug (v12.0.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="concurrent-ruby (v1.3.5, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="connection_pool (v2.5.3, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="crass (v1.0.6, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="date (v3.4.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="diff-lcs (v1.6.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="drb (v2.2.3, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="erb (v5.0.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="erubi (v1.13.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="factory_bot (v6.5.4, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="factory_bot_rails (v6.5.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="globalid (v1.2.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="i18n (v1.14.7, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="io-console (v0.8.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="irb (v1.15.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="json (v2.12.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="language_server-protocol (v3.17.0.5, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="lint_roller (v1.1.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="logger (v1.7.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="loofah (v2.24.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="mail (v2.8.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="marcel (v1.0.4, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="mini_mime (v1.1.5, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="mini_portile2 (v2.8.9, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="minitest (v5.25.5, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="net-imap (v0.5.9, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="net-pop (v0.1.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="net-protocol (v0.2.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="net-smtp (v0.5.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="nio4r (v2.7.4, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="nokogiri (v1.18.8, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="parallel (v1.27.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="parser (v3.3.8.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="pp (v0.6.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="prettyprint (v0.2.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="prism (v1.4.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="psych (v5.2.6, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="racc (v1.8.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rack (v3.1.16, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rack-session (v2.1.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rack-test (v2.2.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rackup (v2.2.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rails (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rails-dom-testing (v2.3.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rails-html-sanitizer (v1.6.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="railties (v8.0.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rainbow (v3.1.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rake (v13.3.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rdoc (v6.14.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="redcarpet (v3.6.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="regexp_parser (v2.10.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="reline (v0.6.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec (v3.13.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-core (v3.13.4, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-expectations (v3.13.5, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-mocks (v3.13.5, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-rails (v8.0.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-support (v3.13.4, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rubocop (v1.77.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rubocop-ast (v1.45.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rubocop-rails (v2.32.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rubocop-rspec (v3.6.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="ruby-progressbar (v1.13.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="securerandom (v0.4.1, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="sprockets (v4.2.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="sprockets-rails (v3.5.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="sqlite3 (v2.7.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="stringio (v3.1.7, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="thor (v1.3.2, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="timeout (v0.4.3, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="tzinfo (v2.0.6, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="unicode-display_width (v3.1.4, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="unicode-emoji (v4.0.4, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="uri (v1.0.3, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="useragent (v0.16.11, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="websocket-driver (v0.8.0, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="websocket-extensions (v0.1.5, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="yard (v0.9.37, asdf: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="zeitwerk (v2.7.3, asdf: 3.4.2) [gem]" level="application" />
+  </component>
+</module>

data/.idea/vcs.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>

data/README.md

@@ -0,0 +1,369 @@
+# Rails Active MCP
+
+A Ruby gem that provides secure Rails console access through Model Context Protocol (MCP) for AI agents and development tools like Warp Terminal. Built with a custom MCP server implementation for full control and flexibility.
+
+## Features
+
+- 🔒 **Safe Execution**: Advanced safety checks prevent dangerous operations
+- 🚀 **Custom MCP Server**: Built-in MCP server with no external dependencies
+- 📊 **Read-Only Queries**: Safe database querying with automatic result limiting
+- 🔍 **Code Analysis**: Dry-run capabilities to analyze code before execution
+- 📝 **Audit Logging**: Complete execution logging for security and debugging
+- ⚙️ **Configurable**: Flexible configuration for different environments
+- 🛡️ **Production Ready**: Strict safety modes for production environments
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'rails-active-mcp'
+```
+
+And then execute:
+
+```bash
+$ bundle install
+```
+
+Run the installer:
+
+```bash
+$ rails generate rails_active_mcp:install
+```
+
+This will:
+
+- Create an initializer with configuration options
+- Mount the custom MCP server at `/mcp`
+- Create a `mcp.ru` server file for standalone usage
+- Set up audit logging
+
+## Configuration
+
+The gem is configured in `config/initializers/rails_active_mcp.rb`:
+
+```ruby
+RailsActiveMcp.configure do |config|
+  # Basic settings
+  config.enabled = true
+  config.safe_mode = Rails.env.production?
+  config.default_timeout = 30
+  config.max_results = 100
+
+  # Model access control
+  config.allowed_models = %w[User Post Comment] # Empty = all allowed
+  config.blocked_models = %w[AdminUser Secret]
+
+  # Security settings
+  config.enable_mutation_tools = !Rails.env.production?
+  config.log_executions = true
+  config.audit_file = Rails.root.join("log", "rails_active_mcp.log")
+
+  # Environment presets
+  config.production_mode! # Very strict
+  config.strict_mode! # Safe defaults
+  config.permissive_mode! # Development friendly
+end
+```
+
+## Running the MCP Server
+
+You have several options for running the MCP server:
+
+### Option 1: Rails-mounted (recommended for development)
+
+```bash
+$ rails server
+# MCP server available at http://localhost:3000/mcp
+```
+
+### Option 2: Standalone server
+
+```bash
+$ bundle exec rails-active-mcp-server
+# Default: http://localhost:3001
+
+# Custom host/port
+$ bundle exec rails-active-mcp-server --host 0.0.0.0 --port 8080
+```
+
+### Option 3: Using rackup
+
+```bash
+$ rackup mcp.ru -p 3001
+```
+
+## Usage
+
+### With MCP Clients
+
+#### Warp Terminal Integration
+
+Add to your Warp MCP configuration:
+
+```json
+{
+  "mcpServers": {
+    "rails-console": {
+      "command": "curl",
+      "args": [
+        "-X",
+        "POST",
+        "-H",
+        "Content-Type: application/json",
+        "-d", "@-",
+        "http://localhost:3000/mcp"
+      ]
+    }
+  }
+}
+```
+
+Then in Warp, you can use prompts like:
+
+- "Show me all users created in the last week"
+- "What's the average order value?"
+- "Check the User model schema and associations"
+
+#### Claude Desktop / Cline
+
+Use the same configuration format as above, pointing to your MCP server.
+
+#### Custom MCP Clients
+
+The server implements the MCP protocol (JSONRPC 2.0). Connect any MCP-compatible client to:
+- **Rails-mounted**: `http://localhost:3000/mcp`
+- **Standalone**: `http://localhost:3001`
+
+### Direct Usage
+
+```ruby
+# Execute code safely
+result = RailsActiveMcp.execute("User.count")
+puts result[:return_value] # => 42
+
+# Check if code is safe
+RailsActiveMcp.safe?("User.delete_all") # => false
+
+# Analyze code without executing
+executor = RailsActiveMcp::ConsoleExecutor.new(RailsActiveMcp.config)
+analysis = executor.dry_run("User.delete_all")
+puts analysis[:estimated_risk] # => :critical
+```
+
+### Available MCP Tools
+
+#### `rails_console_execute`
+
+Execute Ruby code with safety checks:
+
+```json
+{
+  "method": "tools/call",
+  "params": {
+    "name": "rails_console_execute",
+    "arguments": {
+      "code": "User.where(active: true).count",
+      "timeout": 30
+    }
+  }
+}
+```
+
+#### Additional Tools
+
+The custom server includes built-in support for the main console execute tool. You can extend the server with additional tools by modifying the `McpServer` class in `lib/rails_active_mcp/mcp_server.rb`:
+
+```ruby
+def register_default_tools
+  # Built-in console execution tool
+  register_tool('rails_console_execute', 'Execute Ruby code safely', {...})
+
+  # Your custom tools
+  register_tool('my_custom_tool', 'Description', {...}) do |args|
+    # Tool implementation
+  end
+end
+```
+
+Common tool implementations can include:
+- Code safety analysis
+- Read-only database queries
+- Model schema inspection
+- Custom business logic tools
+
+## Safety Features
+
+### Automatic Detection of Dangerous Operations
+
+The gem automatically detects and blocks:
+
+- Mass deletions (`delete_all`, `destroy_all`)
+- System commands (`system`, `exec`, backticks)
+- File operations (`File.delete`, `FileUtils`)
+- Raw SQL execution
+- Code evaluation (`eval`, `send`)
+- Process manipulation (`exit`, `fork`)
+
+### Safety Levels
+
+- **Critical**: Never allowed (system commands, file deletion)
+- **High**: Blocked in safe mode (mass deletions, eval)
+- **Medium**: Logged but allowed (raw SQL, update_all)
+- **Low**: Generally safe (environment access, require)
+
+### Read-Only Mode
+
+The gem can detect read-only operations and provide additional safety:
+
+```ruby
+# These are considered safe read-only operations
+User.find(1)
+User.where(active: true).count
+Post.includes(:comments).limit(10)
+```
+
+## Rake Tasks
+
+```bash
+# Check code safety
+rails rails_active_mcp:check_safety['User.count']
+
+# Execute code
+rails rails_active_mcp:execute['User.count']
+
+# Test MCP tools
+rails rails_active_mcp:test_tools
+
+# View configuration
+rails rails_active_mcp:config
+
+# View audit log
+rails rails_active_mcp:audit_log[20]
+
+# Clear audit log
+rails rails_active_mcp:clear_audit_log
+```
+
+## Audit Logging
+
+All executions are logged to `log/rails_active_mcp.log`:
+
+```json
+{
+  "timestamp": "2025-01-15T10:30:00Z",
+  "code": "User.count",
+  "user": {
+    "environment": "development"
+  },
+  "safety_check": {
+    "safe": true,
+    "read_only": true,
+    "violations": []
+  }
+}
+```
+
+## Environment-Specific Configuration
+
+### Production
+
+```ruby
+config.production_mode!
+# - Very strict safety checks
+# - Read-only replica execution
+# - Comprehensive logging
+# - No mutation tools
+```
+
+### Development
+
+```ruby
+config.permissive_mode!
+# - Relaxed safety (but still protected)
+# - Mutation tools enabled
+# - Higher timeouts and limits
+```
+
+### Testing
+
+```ruby
+config.strict_mode!
+# - Safe defaults
+# - No mutations
+# - Fast timeouts
+```
+
+## Custom MCP Server Architecture
+
+Rails Active MCP provides a custom-built MCP server implementation with no external dependencies. The server:
+
+- Implements the Model Context Protocol (MCP)
+- Uses JSON-RPC 2.0 over HTTP
+- Supports essential MCP methods:
+  - `initialize` - Server capabilities
+  - `tools/list` - Available tools
+  - `tools/call` - Execute tools
+  - `resources/list` and `resources/read` - Resource access
+
+### Server Implementation
+
+The core server is implemented in `lib/rails_active_mcp/mcp_server.rb` and follows Rack middleware conventions, making it easy to mount in Rails or run standalone.
+
+### Extending the Server
+
+You can add custom tools and resources to the server by extending the registration methods:
+
+```ruby
+# In an initializer or plugin
+RailsActiveMcp.server.instance_eval do
+  register_tool('my_custom_tool', 'Description', {...}) do |args|
+    # Tool implementation
+  end
+end
+```
+
+## Error Handling
+
+The gem provides specific error types:
+
+- `RailsActiveMcp::SafetyError`: Code failed safety checks
+- `RailsActiveMcp::TimeoutError`: Execution timed out
+- `RailsActiveMcp::ExecutionError`: General execution failure
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+
+## Security
+
+This gem provides multiple layers of security, but always:
+
+- Review the configuration for your environment
+- Monitor the audit logs
+- Use read-only database replicas in production when possible
+- Restrict model access as needed
+- Test safety patterns thoroughly
+
+### Benefits of the Custom MCP Server
+
+- **No External Dependencies**: Reduced attack surface with minimal dependencies
+- **Full Control**: Complete visibility into the server implementation
+- **Customizable Security**: Easily add additional security layers or checks
+- **Simplified Deployment**: No need to manage external MCP server dependencies
+- **Protocol Isolation**: MCP protocol implementation is self-contained and auditable
+
+For security issues, please report using Github Issues.
+
+## Changelog
+
+See [CHANGELOG.md](CHANGELOG.md) for version history and changes.

data/changelog.md

@@ -0,0 +1,59 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.1.0] - 2025-06-25
+
+### Added
+
+- Initial release of Rails Active MCP gem
+- Core MCP tools for Rails console access:
+    - `console_execute`: Execute Ruby code with safety checks
+    - `safe_query`: Execute read-only database queries
+    - `dry_run`: Analyze code safety without execution
+    - `model_info`: Get model schema and associations
+- Advanced safety checking system:
+    - Pattern-based dangerous operation detection
+    - Configurable safety levels (critical, high, medium, low)
+    - Read-only operation detection
+    - Custom safety pattern support
+- Comprehensive configuration system:
+    - Environment-specific presets (production, development, test)
+    - Model access control (allow/block lists)
+    - Timeout and result limiting
+    - Audit logging configuration
+- Rails integration:
+    - Rails engine for automatic setup
+    - Generator for easy installation
+    - Rake tasks for management and testing
+    - Active MCP integration
+- Security features:
+    - Execution timeout protection
+    - Result size limiting
+    - Complete audit logging
+    - Environment-based safety modes
+- Console executor with:
+    - Output capturing
+    - Error handling
+    - Execution timing
+    - Context isolation
+
+### Security
+
+- All dangerous operations blocked by default in safe mode
+- Production mode enables strictest safety settings
+- Comprehensive audit logging for security monitoring
+- Model access restrictions to prevent unauthorized data access
+
+## [0.0.1] - 2025-01-14
+
+### Added
+
+- Project initialization
+- Basic gem structure
+- Initial safety checker implementation