rails-ai-context 0.15.5 → 0.15.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a9e71509ab3fcf2437fdd2616f8cb88140b478677abdd4ebd7cf6818eb8cead3
-  data.tar.gz: c6847c4a500d762665ea2493c0ee56943bfe2e601b645bf5e9ec97df81f7e495
+  metadata.gz: 39df765c4841adb33e68870093b8f58d02ff28dfe5e245ee81655902a9b0fb78
+  data.tar.gz: 58385dad4ad55a627d854a2611ed16f951ac0409d54d80e96966efa8b0e1613b
 SHA512:
-  metadata.gz: fb13a050a3e8200d1bac5f8d0d59bc1a67469a3fbe904682824541430f9f10755197fa3bd17858c08a2eedcc89f71c9da2dfffea8a8bcd0c177784f85ef511c6
-  data.tar.gz: 4e05a8e22c395b4091d336268aa3e3994f416b11d174e63d922b5979b46695a222176a0871253ddd940638ead977e2917d14998618a91c25ad4a6f891eca9694
+  metadata.gz: 49755cc6de2afc6a536b470abea60b5a873a9f73419754f4ad304dd8988b34ebfa65b7d69e9878e2c7bdd3418183e9a71da16007f374161e87f44259c209f5f7
+  data.tar.gz: 83441b234d6f429d4a066ec79dece90fd5685d5ee4a3e5df882241b21b2b79cddde40d9c0c4fa3ac79322bf26764cf694a4beaf8dc9c419c82d9bc96e37009e3

data/CHANGELOG.md

@@ -5,6 +5,34 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.15.7] - 2026-03-22
+
+### Improved
+
+- **Hybrid filter extraction** — controller filters now use reflection for complete names (handles inheritance + skips), with source parsing from the inheritance chain for only/except constraints.
+- **Callback source fallback** — when reflection returns nothing (e.g. CI), falls back to parsing callback declarations from model source files.
+- **ERB validation accuracy** — in-process compilation with `<%=` → `<%` pre-processing and yield wrapper eliminates false positives from block-form helpers.
+- **Schema static parser** — now extracts `null: false`, `default:`, `array: true` from schema.rb columns, and parses `add_foreign_key` declarations.
+- **Array column display** — schema tool shows PostgreSQL array types as `string[]`, `integer[]`, etc.
+- **Concern test lookup** — `rails_get_test_info(model:"PlanLimitable")` searches concern test paths.
+- **Controller flexible matching** — underscore-based normalization handles CamelCase, snake_case, and slash notation consistently.
+
+## [0.15.6] - 2026-03-22
+
+### Added
+
+- **7 new configurable options** — `excluded_controllers`, `excluded_route_prefixes`, `excluded_concerns`, `excluded_filters`, `excluded_middleware`, `search_extensions`, `concern_paths` for stack-specific customization.
+- **Configurable file size limits** — `max_file_size`, `max_test_file_size`, `max_schema_file_size`, `max_view_total_size`, `max_view_file_size`, `max_search_results`, `max_validate_files` all exposed via `Configuration`.
+- **Class methods in model detail** — `rails_get_model_details` now shows class methods section.
+- **Custom validate methods** — `validate :method_name` calls extracted from source and shown in model detail.
+
+### Fixed
+
+- **Schema defaults always visible** — Null and Default columns always shown (NOT NULL marked bold). Previous token-saving logic accidentally hid critical migration data.
+- **Optional associations** — `belongs_to` with `optional: true` now shows `[optional]` flag.
+- **Concern methods inline** — shows public methods from concern source files (e.g. `PlanLimitable — can_cook?, increment_cook_count!`).
+- **MCP tool error messages** — all tools now show available values on error/not-found for AI self-correction.
+
 ## [0.15.5] - 2026-03-22
 
 ### Fixed

data/README.md

@@ -295,22 +295,45 @@ end
 
 | Option | Default | Description |
 |--------|---------|-------------|
+| **Presets & Introspectors** | | |
 | `preset` | `:standard` | Introspector preset (`:standard` or `:full`) |
 | `introspectors` | 13 core | Array of introspector symbols |
+| **Context Generation** | | |
 | `context_mode` | `:compact` | `:compact` (≤150 lines) or `:full` (dump everything) |
 | `claude_max_lines` | `150` | Max lines for CLAUDE.md in compact mode |
-| `max_tool_response_chars` | `120_000` | Safety cap for MCP tool responses |
-| `excluded_models` | internal Rails models | Models to skip during introspection |
-| `excluded_paths` | `node_modules tmp log vendor .git` | Paths excluded from code search |
-| `sensitive_patterns` | `.env .env.* config/master.key config/credentials.yml.enc config/credentials/*.yml.enc *.pem *.key` | File patterns blocked from search and read tools |
+| `generate_root_files` | `true` | Generate root files (CLAUDE.md, etc.) — set `false` for split rules only |
+| `output_dir` | `Rails.root` | Output directory for generated context files |
+| **MCP Server** | | |
+| `server_name` | `"rails-ai-context"` | MCP server name |
+| `server_version` | gem version | MCP server version |
 | `auto_mount` | `false` | Auto-mount HTTP MCP endpoint |
 | `http_path` | `"/mcp"` | HTTP endpoint path |
 | `http_port` | `6029` | HTTP server port |
 | `http_bind` | `"127.0.0.1"` | HTTP server bind address |
 | `cache_ttl` | `30` | Cache TTL in seconds |
+| `max_tool_response_chars` | `120_000` | Safety cap for MCP tool responses |
 | `live_reload` | `:auto` | `:auto`, `true`, or `false` — MCP live reload |
 | `live_reload_debounce` | `1.5` | Debounce interval in seconds |
-| `generate_root_files` | `true` | Generate root files (CLAUDE.md, etc.) — set `false` for split rules only |
+| **Filtering & Exclusions** | | |
+| `excluded_models` | internal Rails models | Models to skip during introspection |
+| `excluded_paths` | `node_modules tmp log vendor .git` | Paths excluded from code search |
+| `sensitive_patterns` | `.env .env.* config/master.key config/credentials.yml.enc config/credentials/*.yml.enc *.pem *.key` | File patterns blocked from search and read tools |
+| `excluded_controllers` | `DeviseController` etc. | Controller classes hidden from listings |
+| `excluded_route_prefixes` | `action_mailbox/ active_storage/ rails/` etc. | Route controller prefixes hidden with app_only |
+| `excluded_concerns` | Rails/Devise/framework patterns | Regex patterns for concerns to hide |
+| `excluded_filters` | `verify_authenticity_token` etc. | Framework filter names hidden from controller output |
+| `excluded_middleware` | standard Rack/Rails middleware | Default middleware hidden from config output |
+| **File Size Limits** | | |
+| `max_file_size` | `2_000_000` | Per-file read limit for tools (bytes) |
+| `max_test_file_size` | `500_000` | Test file read limit (bytes) |
+| `max_schema_file_size` | `10_000_000` | schema.rb / structure.sql parse limit (bytes) |
+| `max_view_total_size` | `5_000_000` | Total aggregated view content for UI patterns (bytes) |
+| `max_view_file_size` | `500_000` | Per-view file during aggregation (bytes) |
+| `max_search_results` | `100` | Max search results per call |
+| `max_validate_files` | `20` | Max files per validate call |
+| **Search & Discovery** | | |
+| `search_extensions` | `rb js erb yml yaml json ts tsx vue svelte haml slim` | File extensions for Ruby fallback search |
+| `concern_paths` | `app/models/concerns app/controllers/concerns` | Where to look for concern source files |
 </details>
 
 ---

data/docs/GUIDE.md

@@ -297,6 +297,8 @@ Returns model details: associations, validations, scopes, enums, callbacks, conc
 |-------|------|-------------|
 | `model` | string | Model class name (e.g. `User`). Case-insensitive. Omit for listing. |
 | `detail` | string | `summary` / `standard` (default) / `full`. Ignored when model is specified. |
+| `limit` | integer | Max models to return when listing. Default: 50. |
+| `offset` | integer | Skip models for pagination. Default: 0. |
 
 **Examples:**
 
@@ -329,6 +331,7 @@ Returns all routes: HTTP verbs, paths, controller actions, route names.
 | `detail` | string | `summary` / `standard` (default) / `full` |
 | `limit` | integer | Max routes to return. Default: 100 (standard), 200 (full). |
 | `offset` | integer | Skip routes for pagination. Default: 0. |
+| `app_only` | boolean | Filter out internal Rails routes (Active Storage, Action Mailbox, Conductor, etc.). Default: true. |
 
 **Examples:**
 
@@ -386,7 +389,7 @@ rails_get_controllers(detail: "full")
 
 Returns application configuration. No parameters.
 
-**Returns:** cache store, session store, timezone, queue adapter, mailer settings, custom middleware, initializers, current attributes.
+**Returns:** cache store, session store, timezone, queue adapter, mailer settings, custom middleware (framework defaults are filtered out), notable initializers, CurrentAttributes classes.
 
 ```
 rails_get_config()
@@ -401,7 +404,7 @@ Returns test infrastructure details. Optionally filter by model or controller to
 
 | Param | Type | Description |
 |-------|------|-------------|
-| `model` | string | Show tests for a specific model (e.g. `User`). |
+| `model` | string | Show tests for a specific model (e.g. `User`). Also searches concern test paths (`spec/models/concerns/`, `test/models/concerns/`). |
 | `controller` | string | Show tests for a specific controller (e.g. `Cooks`). |
 | `detail` | string | `summary` / `standard` (default) / `full`. |
 
@@ -441,6 +444,108 @@ rails_get_conventions()
   → Architecture: [MVC, Service objects, Concerns], Patterns: [STI, Polymorphism], ...
 ```
 
+### rails_get_stimulus
+
+Returns Stimulus controller details: targets, values, actions, outlets, classes.
+
+**Parameters:**
+
+| Param | Type | Description |
+|-------|------|-------------|
+| `controller` | string | Specific Stimulus controller name (e.g. `hello`, `filter-form`). Case-insensitive. |
+| `detail` | string | `summary` / `standard` (default) / `full` |
+| `limit` | integer | Max controllers to return when listing. Default: 50. |
+| `offset` | integer | Skip controllers for pagination. Default: 0. |
+
+**Examples:**
+
+```
+rails_get_stimulus()
+  → Standard: controller names with targets and actions
+
+rails_get_stimulus(detail: "summary")
+  → Names with target/action counts
+
+rails_get_stimulus(controller: "filter-form")
+  → Full detail: targets, actions, values, outlets, classes, file path
+
+rails_get_stimulus(detail: "full")
+  → All controllers with all details
+```
+
+### rails_get_view
+
+Returns view template contents, partials, and Stimulus controller references.
+
+**Parameters:**
+
+| Param | Type | Description |
+|-------|------|-------------|
+| `controller` | string | Filter views by controller name (e.g. `cooks`, `brand_profiles`). Use `layouts` for layout files. |
+| `path` | string | Specific view path relative to `app/views` (e.g. `cooks/index.html.erb`). Returns full content. |
+| `detail` | string | `summary` / `standard` (default) / `full` |
+
+**Examples:**
+
+```
+rails_get_view()
+  → Standard: all view files with partial/stimulus refs
+
+rails_get_view(controller: "cooks")
+  → All templates and partials for CooksController
+
+rails_get_view(path: "cooks/index.html.erb")
+  → Full template content
+
+rails_get_view(controller: "layouts")
+  → Layout files
+
+rails_get_view(controller: "cooks", detail: "full")
+  → Full template content for all cooks views
+```
+
+### rails_get_edit_context
+
+Returns just enough context to make a surgical Edit to a file. Returns the target area with line numbers and surrounding code.
+
+**Parameters:**
+
+| Param | Type | Description |
+|-------|------|-------------|
+| `file` | string | **Required.** File path relative to Rails root (e.g. `app/models/cook.rb`). |
+| `near` | string | **Required.** What to find — a method name, keyword, or string to locate (e.g. `scope`, `def index`). |
+| `context_lines` | integer | Lines of context above and below the match. Default: 5. |
+
+**Examples:**
+
+```
+rails_get_edit_context(file: "app/models/cook.rb", near: "scope")
+  → Code around the first scope with line numbers, expanded to full method
+
+rails_get_edit_context(file: "app/controllers/cooks_controller.rb", near: "def index")
+  → The index action source with surrounding context
+```
+
+### rails_validate
+
+Validates syntax of multiple files at once (Ruby, ERB, JavaScript).
+
+**Parameters:**
+
+| Param | Type | Description |
+|-------|------|-------------|
+| `files` | array | **Required.** File paths relative to Rails root (e.g. `["app/models/cook.rb", "app/views/cooks/index.html.erb"]`). |
+
+**Examples:**
+
+```
+rails_validate(files: ["app/models/cook.rb"])
+  → ✓ app/models/cook.rb — syntax OK
+
+rails_validate(files: ["app/models/cook.rb", "app/controllers/cooks_controller.rb", "app/views/cooks/index.html.erb"])
+  → Checks all three files, reports pass/fail for each
+```
+
 ### rails_search_code
 
 Ripgrep-powered regex search across the codebase.
@@ -450,8 +555,10 @@ Ripgrep-powered regex search across the codebase.
 | Param | Type | Description |
 |-------|------|-------------|
 | `pattern` | string | **Required.** Regex pattern to search for. |
+| `path` | string | Subdirectory to search in (e.g. `app/models`, `config`). Default: entire app. |
 | `file_type` | string | Filter by file type (e.g. `rb`, `erb`, `js`). Alphanumeric only. |
-| `max_results` | integer | Max results to return. Default: 20, max: 100. |
+| `max_results` | integer | Max results to return. Default: 30, max: 100. |
+| `context_lines` | integer | Lines of context before and after each match (like grep -C). Default: 0, max: 5. |
 
 **Examples:**
 
@@ -464,18 +571,28 @@ rails_search_code(pattern: "class.*Controller", file_type: "rb")
 
 rails_search_code(pattern: "def create", file_type: "rb", max_results: 50)
   → First 50 create methods across the codebase
+
+rails_search_code(pattern: "current_user", path: "app/controllers")
+  → Search only in app/controllers/
+
+rails_search_code(pattern: "validates", context_lines: 2)
+  → Matches with 2 lines of context before and after
 ```
 
-**Security:** Uses `Open3.capture2` with array arguments (no shell injection). Validates file_type. Blocks path traversal. Respects `excluded_paths` config.
+**Security:** Uses `Open3.capture2` with array arguments (no shell injection). Validates file_type. Blocks path traversal. Respects `excluded_paths` and `sensitive_patterns` config.
 
 ### Detail Level Summary
 
-| Level | What it returns | Default limit | Best for |
-|-------|----------------|---------------|----------|
+All tools that support `detail` use these three levels. Default limits vary by tool — schema defaults shown below:
+
+| Level | What it returns | Schema default limit | Best for |
+|-------|----------------|---------------------|----------|
 | `summary` | Names + counts | 50 | Getting the landscape, understanding what exists |
 | `standard` | Names + key details | 15 | Working context, column types, action names |
 | `full` | Everything | 5 | Deep inspection, indexes, FKs, constraints |
 
+Other tools default to higher limits (e.g. models/controllers/stimulus: 50 for all levels, routes: 100/200).
+
 ### Recommended Workflow
 
 1. **Start with `detail:"summary"`** to see what exists
@@ -636,6 +753,55 @@ RailsAiContext.configure do |config|
   # Paths to exclude from code search
   config.excluded_paths += %w[vendor/bundle]
 
+  # Sensitive file patterns blocked from search and read tools
+  # config.sensitive_patterns += %w[config/my_secret.yml]
+
+  # Controllers hidden from listings (e.g. Devise internals)
+  # config.excluded_controllers += %w[MyInternalController]
+
+  # Route prefixes hidden with app_only (e.g. admin frameworks)
+  # config.excluded_route_prefixes += %w[admin/]
+
+  # Regex patterns for concerns to hide from model output
+  # config.excluded_concerns += [/MyInternal::/]
+
+  # Framework filter names hidden from controller output
+  # config.excluded_filters += %w[my_internal_filter]
+
+  # Default middleware hidden from config output
+  # config.excluded_middleware += %w[MyMiddleware]
+
+  # --- File size limits ---
+
+  # Per-file read limit for tools (default: 2MB)
+  # config.max_file_size = 2_000_000
+
+  # Test file read limit (default: 500KB)
+  # config.max_test_file_size = 500_000
+
+  # schema.rb / structure.sql parse limit (default: 10MB)
+  # config.max_schema_file_size = 10_000_000
+
+  # Total aggregated view content for UI patterns (default: 5MB)
+  # config.max_view_total_size = 5_000_000
+
+  # Per-view file during aggregation (default: 500KB)
+  # config.max_view_file_size = 500_000
+
+  # Max search results per call (default: 100)
+  # config.max_search_results = 100
+
+  # Max files per validate call (default: 20)
+  # config.max_validate_files = 20
+
+  # --- Search and file discovery ---
+
+  # File extensions for Ruby fallback search
+  # config.search_extensions = %w[rb js erb yml yaml json ts tsx vue svelte haml slim]
+
+  # Where to look for concern source files
+  # config.concern_paths = %w[app/models/concerns app/controllers/concerns]
+
   # --- Live reload ---
 
   # Auto-invalidate MCP tool caches on file changes
@@ -667,6 +833,7 @@ end
 | `cache_ttl` | Integer | `30` | Cache TTL in seconds for introspection results |
 | `excluded_models` | Array | internal Rails models | Models to skip |
 | `excluded_paths` | Array | `node_modules tmp log vendor .git` | Paths excluded from code search |
+| `sensitive_patterns` | Array | `.env`, `.key`, `.pem`, credentials | File patterns blocked from search and read tools |
 | `output_dir` | String | `nil` (Rails.root) | Where to write context files |
 | `auto_mount` | Boolean | `false` | Auto-mount HTTP MCP endpoint |
 | `http_path` | String | `"/mcp"` | HTTP endpoint path |
@@ -675,7 +842,22 @@ end
 | `live_reload` | Symbol/Boolean | `:auto` | `:auto`, `true`, or `false` — enable MCP live reload |
 | `live_reload_debounce` | Float | `1.5` | Debounce interval in seconds for live reload |
 | `server_name` | String | `"rails-ai-context"` | MCP server name |
+| `server_version` | String | gem version | MCP server version |
 | `generate_root_files` | Boolean | `true` | Generate root files (CLAUDE.md, .windsurfrules, etc.) — set `false` for split rules only |
+| `max_file_size` | Integer | `2_000_000` | Per-file read limit for tools (2MB) |
+| `max_test_file_size` | Integer | `500_000` | Test file read limit (500KB) |
+| `max_schema_file_size` | Integer | `10_000_000` | schema.rb / structure.sql parse limit (10MB) |
+| `max_view_total_size` | Integer | `5_000_000` | Total aggregated view content for UI patterns (5MB) |
+| `max_view_file_size` | Integer | `500_000` | Per-view file during aggregation (500KB) |
+| `max_search_results` | Integer | `100` | Max search results per call |
+| `max_validate_files` | Integer | `20` | Max files per validate call |
+| `excluded_controllers` | Array | `DeviseController`, etc. | Controller classes hidden from listings |
+| `excluded_route_prefixes` | Array | `action_mailbox/`, `active_storage/`, etc. | Route controller prefixes hidden with `app_only` |
+| `excluded_concerns` | Array | framework regex patterns | Regex patterns for concerns to hide from model output |
+| `excluded_filters` | Array | `verify_authenticity_token`, etc. | Framework filter names hidden from controller output |
+| `excluded_middleware` | Array | standard Rails middleware | Default middleware hidden from config output |
+| `search_extensions` | Array | `rb js erb yml yaml json ts tsx vue svelte haml slim` | File extensions for Ruby fallback search |
+| `concern_paths` | Array | `app/models/concerns app/controllers/concerns` | Where to look for concern source files |
 
 ### Root file generation
 
@@ -712,7 +894,7 @@ These run by default. Fast and cover core Rails structure.
 | `controllers` | Actions, filters (before/after/around with only/except), strong params methods, parent class, API controller detection, concerns. |
 | `tests` | Test framework (rspec/minitest), factories/fixtures with locations and counts, system tests, CI config files, coverage tool, test helpers, VCR cassettes. |
 | `migrations` | Total count, schema version, pending migrations, recent migration history with detected actions (create_table, add_column, etc.), migration statistics. |
-| `config` | Cache store, session store, timezone, middleware stack, initializers, credentials keys, CurrentAttributes classes. |
+| `config` | Cache store, session store, timezone, queue adapter, mailer settings, middleware stack, initializers, credentials status, CurrentAttributes classes. |
 | `stimulus` | Stimulus controllers with targets, values (with types), actions, outlets, classes. Extracted from JS/TS files. |
 | `view_templates` | View file contents, partial references, Stimulus data attributes, UI pattern extraction, model field usage in partials. |
 | `design_tokens` | Auto-detects CSS framework (Tailwind v3/v4, Bootstrap, Sass, plain CSS) and extracts design tokens from config files and built CSS. |
@@ -750,7 +932,7 @@ config.preset = :full
 
 ```ruby
 # Start with standard, add specific ones
-config.introspectors += %i[views turbo auth api stimulus]
+config.introspectors += %i[views turbo auth api]
 
 # Or build from scratch
 config.introspectors = %i[schema models routes gems auth api]

data/lib/rails_ai_context/configuration.rb

@@ -60,6 +60,26 @@ module RailsAiContext
     # When false, only generates split rule files (.claude/rules/, .cursor/rules/, etc.)
     attr_accessor :generate_root_files
 
+    # File size limits (bytes) — increase for larger projects
+    attr_accessor :max_file_size          # Per-file read limit for tools (default: 2MB)
+    attr_accessor :max_test_file_size     # Test file read limit (default: 500KB)
+    attr_accessor :max_schema_file_size   # schema.rb / structure.sql parse limit (default: 10MB)
+    attr_accessor :max_view_total_size    # Total aggregated view content for UI patterns (default: 5MB)
+    attr_accessor :max_view_file_size     # Per-view file during aggregation (default: 500KB)
+    attr_accessor :max_search_results     # Max search results per call (default: 100)
+    attr_accessor :max_validate_files     # Max files per validate call (default: 20)
+
+    # Filtering — customize what's hidden from AI output
+    attr_accessor :excluded_controllers   # Controller classes hidden from listings (e.g. DeviseController)
+    attr_accessor :excluded_route_prefixes # Route controller prefixes hidden with app_only (e.g. action_mailbox/)
+    attr_accessor :excluded_concerns      # Regex patterns for concerns to hide (e.g. /Devise::Models/)
+    attr_accessor :excluded_filters       # Framework filter names hidden from controller output
+    attr_accessor :excluded_middleware     # Default middleware hidden from config output
+
+    # Search and file discovery
+    attr_accessor :search_extensions      # File extensions for Ruby fallback search (default: rb,js,erb,yml,yaml,json)
+    attr_accessor :concern_paths          # Where to look for concern source files (default: app/models/concerns)
+
     def initialize
       @server_name         = "rails-ai-context"
       @server_version      = RailsAiContext::VERSION
@@ -87,6 +107,41 @@ module RailsAiContext
       @live_reload              = :auto
       @live_reload_debounce     = 1.5
       @generate_root_files      = true
+      @max_file_size            = 2_000_000
+      @max_test_file_size       = 500_000
+      @max_schema_file_size     = 10_000_000
+      @max_view_total_size      = 5_000_000
+      @max_view_file_size       = 500_000
+      @max_search_results       = 100
+      @max_validate_files       = 20
+      @excluded_controllers     = %w[DeviseController Devise::OmniauthCallbacksController]
+      @excluded_route_prefixes  = %w[action_mailbox/ active_storage/ rails/ conductor/ devise/ turbo/]
+      @excluded_concerns        = [
+        /::Generated/,
+        /\A(ActiveRecord|ActiveModel|ActiveSupport|ActionText|ActionMailbox|ActiveStorage)/,
+        /\A(ActionDispatch|ActionController|ActionView|AbstractController)/,
+        /\A(Devise::Models|Devise::Orm|Bullet::|Turbo::|GlobalID::|Rolify::)/
+      ]
+      @excluded_filters         = %w[
+        verify_authenticity_token verify_same_origin_request
+        turbo_tracking_request_id handle_unverified_request
+        mark_for_same_origin_verification
+      ]
+      @excluded_middleware      = %w[
+        Rack::Sendfile ActionDispatch::Static ActionDispatch::Executor
+        ActionDispatch::ServerTiming Rack::Runtime
+        ActionDispatch::RequestId ActionDispatch::RemoteIp
+        Rails::Rack::Logger ActionDispatch::ShowExceptions
+        ActionDispatch::DebugExceptions ActionDispatch::Callbacks
+        ActionDispatch::Cookies ActionDispatch::Session::CookieStore
+        ActionDispatch::Flash ActionDispatch::ContentSecurityPolicy::Middleware
+        ActionDispatch::PermissionsPolicy::Middleware ActionDispatch::ActionableExceptions
+        Rack::Head Rack::ConditionalGet Rack::ETag Rack::TempfileReaper
+        ActiveRecord::Migration::CheckPending ActionDispatch::HostAuthorization
+        Rack::MethodOverride ActionDispatch::Session::AbstractSecureStore
+      ]
+      @search_extensions        = %w[rb js erb yml yaml json ts tsx vue svelte haml slim]
+      @concern_paths            = %w[app/models/concerns app/controllers/concerns]
     end
 
     def preset=(name)

data/lib/rails_ai_context/introspectors/config_introspector.rb

@@ -3,7 +3,7 @@
 module RailsAiContext
   module Introspectors
     # Extracts application configuration: cache store, session store,
-    # timezone, middleware stack, initializers, credentials keys.
+    # timezone, middleware stack, initializers, credentials status.
     class ConfigIntrospector
       attr_reader :app
 

data/lib/rails_ai_context/introspectors/controller_introspector.rb

@@ -9,12 +9,9 @@ module RailsAiContext
     class ControllerIntrospector
       attr_reader :app
 
-      # Framework filters inherited from ActionController::Base — suppress to reduce noise
-      FRAMEWORK_FILTERS = %w[
-        verify_authenticity_token verify_same_origin_request
-        turbo_tracking_request_id handle_unverified_request
-        mark_for_same_origin_verification
-      ].freeze
+      def excluded_filters
+        RailsAiContext.configuration.excluded_filters
+      end
 
       def initialize(app)
         @app = app
@@ -153,30 +150,63 @@ module RailsAiContext
         actions.sort
       end
 
-      # Prefer source-based parsing for filters — always reflects current file state.
-      # Falls back to reflection for controllers without readable source files.
+      # Hybrid approach: reflection for complete filter names (handles inheritance + skips),
+      # source parsing from inheritance chain for only/except constraints.
       def extract_filters(ctrl, source = nil)
+        if ctrl.respond_to?(:_process_action_callbacks)
+          reflection_filters = ctrl._process_action_callbacks.filter_map do |cb|
+            next if cb.filter.is_a?(Proc) || cb.filter.to_s.start_with?("_")
+            next if excluded_filters.include?(cb.filter.to_s)
+            { name: cb.filter.to_s, kind: cb.kind.to_s }
+          end
+
+          if reflection_filters.any?
+            # Collect only/except constraints from source files in the inheritance chain
+            source_constraints = collect_source_constraints(ctrl, source)
+            reflection_filters.each do |f|
+              if (sc = source_constraints[f[:name]])
+                f[:only] = sc[:only] if sc[:only]&.any?
+                f[:except] = sc[:except] if sc[:except]&.any?
+              end
+            end
+            return reflection_filters
+          end
+        end
+
+        # Fallback to source parsing when reflection is unavailable
         if source
           filters = extract_filters_from_source(source)
           return filters if filters.any?
         end
-        return [] unless ctrl.respond_to?(:_process_action_callbacks)
-
-        ctrl._process_action_callbacks.filter_map do |cb|
-          next if cb.filter.is_a?(Proc) || cb.filter.to_s.start_with?("_")
-          next if FRAMEWORK_FILTERS.include?(cb.filter.to_s)
-
-          filter = { name: cb.filter.to_s, kind: cb.kind.to_s }
-          filter[:only] = cb.instance_variable_get(:@if)&.filter_map { |c| extract_action_condition(c) }&.flatten
-          filter[:except] = cb.instance_variable_get(:@unless)&.filter_map { |c| extract_action_condition(c) }&.flatten
-          filter.delete(:only) if filter[:only]&.empty?
-          filter.delete(:except) if filter[:except]&.empty?
-          filter
-        end
+
+        []
       rescue
         []
       end
 
+      # Walk up the controller inheritance chain and collect filter constraints from source files
+      def collect_source_constraints(ctrl, current_source = nil)
+        constraints = {}
+        klass = ctrl
+        while klass && klass.name
+          break if klass.name.start_with?("ActionController::", "AbstractController::")
+          break if klass == ActionController::Base
+          break if defined?(ActionController::API) && klass == ActionController::API
+
+          src = (klass == ctrl) ? (current_source || read_source(klass)) : read_source(klass)
+          if src
+            extract_filters_from_source(src).each do |sf|
+              # First definition wins (most specific controller in chain)
+              constraints[sf[:name]] ||= sf
+            end
+          end
+          klass = klass.superclass
+        end
+        constraints
+      rescue
+        {}
+      end
+
       def extract_filters_from_source(source)
         filters = []
         source.each_line do |line|

data/lib/rails_ai_context/introspectors/model_introspector.rb

@@ -59,6 +59,7 @@ module RailsAiContext
           table_name: model.table_name,
           associations: extract_associations(model),
           validations: extract_validations(model),
+          custom_validates: extract_custom_validates(model),
           scopes: extract_scopes(model),
           enums: extract_enums(model),
           callbacks: extract_callbacks(model),
@@ -109,6 +110,17 @@ module RailsAiContext
         []
       end
 
+      # Extract custom validate :method_name calls from source
+      # These are business-rule validators that model.validators doesn't include
+      def extract_custom_validates(model)
+        source_path = model_source_path(model)
+        return [] unless source_path && File.exist?(source_path)
+
+        File.read(source_path).scan(/^\s*validate\s+:(\w+)/).flatten
+      rescue
+        []
+      end
+
       def model_source_path(model)
         root = app.root.to_s
         underscored = model.name.underscore
@@ -133,7 +145,7 @@ module RailsAiContext
           after_commit after_rollback
         ]
 
-        callback_types.each_with_object({}) do |type, hash|
+        result = callback_types.each_with_object({}) do |type, hash|
           callbacks = model.send(:"_#{type}_callbacks").reject do |cb|
             cb.filter.to_s.start_with?(*EXCLUDED_CALLBACKS) || cb.filter.is_a?(Proc)
           end
@@ -142,6 +154,29 @@ module RailsAiContext
 
           hash[type.to_s] = callbacks.map { |cb| cb.filter.to_s }
         end
+
+        # If reflection returned nothing, fall back to source parsing
+        return result if result.any?
+        extract_callbacks_from_source(model)
+      rescue
+        extract_callbacks_from_source(model)
+      end
+
+      # Parse callback declarations from model source file
+      def extract_callbacks_from_source(model)
+        source_path = model_source_path(model)
+        return {} unless source_path && File.exist?(source_path)
+
+        source = File.read(source_path)
+        callbacks = {}
+        source.each_line do |line|
+          if (match = line.match(/\A\s*(before_validation|after_validation|before_save|after_save|before_create|after_create|before_update|after_update|before_destroy|after_destroy|after_commit|after_rollback)\s+:(\w+)/))
+            type = match[1]
+            method_name = match[2]
+            (callbacks[type] ||= []) << method_name
+          end
+        end
+        callbacks
       rescue
         {}
       end
@@ -156,16 +191,18 @@ module RailsAiContext
 
       def framework_concern?(name)
         return true if name.nil?
-        return true if name.include?("::Generated")
-        return true if name.match?(/\A(ActiveRecord|ActiveModel|ActiveSupport|ActionText|ActionMailbox|ActiveStorage|ActionDispatch|ActionController|ActionView|AbstractController)/)
-        return true if name.match?(/\A(Devise::Models|Devise::Orm|Bullet::|Turbo::|GlobalID::|Rolify::)/)
-        return true if %w[Kernel JSON PP Marshal MessagePack].include?(name)
-        false
+        return true if %w[Kernel JSON PP Marshal MessagePack].any? { |prefix| name == prefix || name.start_with?("#{prefix}::") }
+        return true if name.start_with?("ActiveModel::", "ActiveRecord::", "ActiveSupport::")
+        RailsAiContext.configuration.excluded_concerns.any? { |pattern| name.match?(pattern) }
       end
 
       def extract_public_class_methods(model)
+        scope_names = extract_scopes(model).map(&:to_s)
         (model.methods - ActiveRecord::Base.methods - Object.methods)
-          .reject { |m| m.to_s.start_with?("_", "autosave") }
+          .reject { |m|
+            ms = m.to_s
+            ms.start_with?("_", "autosave") || scope_names.include?(ms)
+          }
           .sort
           .first(30) # Cap to avoid noise
           .map(&:to_s)