@agentbridge1/cli 0.0.8 → 0.0.9

package/dist/mcp/agentbridge-mcp.js

@@ -2980,7 +2980,7 @@ var require_compile = __commonJS({
       const schOrFunc = root.refs[ref];
       if (schOrFunc)
         return schOrFunc;
-      let _sch = resolve2.call(this, root, ref);
+      let _sch = resolve3.call(this, root, ref);
       if (_sch === void 0) {
         const schema = (_a = root.localRefs) === null || _a === void 0 ? void 0 : _a[ref];
         const { schemaId } = this.opts;
@@ -3007,7 +3007,7 @@ var require_compile = __commonJS({
     function sameSchemaEnv(s1, s2) {
       return s1.schema === s2.schema && s1.root === s2.root && s1.baseId === s2.baseId;
     }
-    function resolve2(root, ref) {
+    function resolve3(root, ref) {
       let sch;
       while (typeof (sch = this.refs[ref]) == "string")
         ref = sch;
@@ -3582,7 +3582,7 @@ var require_fast_uri = __commonJS({
       }
       return uri;
     }
-    function resolve2(baseURI, relativeURI, options) {
+    function resolve3(baseURI, relativeURI, options) {
       const schemelessOptions = options ? Object.assign({ scheme: "null" }, options) : { scheme: "null" };
       const resolved = resolveComponent(parse3(baseURI, schemelessOptions), parse3(relativeURI, schemelessOptions), schemelessOptions, true);
       schemelessOptions.skipEscape = true;
@@ -3809,7 +3809,7 @@ var require_fast_uri = __commonJS({
     var fastUri = {
       SCHEMES,
       normalize,
-      resolve: resolve2,
+      resolve: resolve3,
       resolveComponent,
       equal,
       serialize,
@@ -18892,7 +18892,7 @@ var Protocol = class {
           return;
         }
         const pollInterval = task2.pollInterval ?? this._options?.defaultTaskPollInterval ?? 1e3;
-        await new Promise((resolve2) => setTimeout(resolve2, pollInterval));
+        await new Promise((resolve3) => setTimeout(resolve3, pollInterval));
         options?.signal?.throwIfAborted();
       }
     } catch (error2) {
@@ -18909,7 +18909,7 @@ var Protocol = class {
    */
   request(request, resultSchema, options) {
     const { relatedRequestId, resumptionToken, onresumptiontoken, task, relatedTask } = options ?? {};
-    return new Promise((resolve2, reject) => {
+    return new Promise((resolve3, reject) => {
       const earlyReject = (error2) => {
         reject(error2);
       };
@@ -18987,7 +18987,7 @@ var Protocol = class {
           if (!parseResult.success) {
             reject(parseResult.error);
           } else {
-            resolve2(parseResult.data);
+            resolve3(parseResult.data);
           }
         } catch (error2) {
           reject(error2);
@@ -19248,12 +19248,12 @@ var Protocol = class {
       }
     } catch {
     }
-    return new Promise((resolve2, reject) => {
+    return new Promise((resolve3, reject) => {
       if (signal.aborted) {
         reject(new McpError(ErrorCode.InvalidRequest, "Request cancelled"));
         return;
       }
-      const timeoutId = setTimeout(resolve2, interval);
+      const timeoutId = setTimeout(resolve3, interval);
       signal.addEventListener("abort", () => {
         clearTimeout(timeoutId);
         reject(new McpError(ErrorCode.InvalidRequest, "Request cancelled"));
@@ -20353,7 +20353,7 @@ var McpServer = class {
     let task = createTaskResult.task;
     const pollInterval = task.pollInterval ?? 5e3;
     while (task.status !== "completed" && task.status !== "failed" && task.status !== "cancelled") {
-      await new Promise((resolve2) => setTimeout(resolve2, pollInterval));
+      await new Promise((resolve3) => setTimeout(resolve3, pollInterval));
       const updatedTask = await extra.taskStore.getTask(taskId);
       if (!updatedTask) {
         throw new McpError(ErrorCode.InternalError, `Task ${taskId} not found during polling`);
@@ -21002,20 +21002,161 @@ var StdioServerTransport = class {
     this.onclose?.();
   }
   send(message) {
-    return new Promise((resolve2) => {
+    return new Promise((resolve3) => {
       const json = serializeMessage(message);
       if (this._stdout.write(json)) {
-        resolve2();
+        resolve3();
       } else {
-        this._stdout.once("drain", resolve2);
+        this._stdout.once("drain", resolve3);
       }
     });
   }
 };
 
+// ../mcp/agentbridge-mcp.ts
+var import_node_fs3 = require("node:fs");
+var import_node_path2 = require("node:path");
+
 // src/session.ts
 var import_node_child_process2 = require("node:child_process");
 
+// src/intent-parser.ts
+var ACTIONS = ["fix", "add", "update", "refactor", "remove", "migrate", "rename", "revert", "delete", "implement", "improve", "patch"];
+var DOMAIN_KEYWORD_MAP = {
+  auth: ["auth", "login", "logout", "session", "token", "oauth", "jwt", "password", "signin", "signup", "sign-in", "sign-up", "register", "credential", "permission", "role"],
+  database: ["database", "db", "schema", "migration", "migrate", "prisma", "sql", "query", "table", "column", "index", "model", "seed", "orm"],
+  payments: ["payment", "payments", "billing", "stripe", "invoice", "subscription", "checkout", "webhook"],
+  api: ["api", "endpoint", "route", "handler", "controller", "request", "response", "rest", "graphql"],
+  ui: ["ui", "style", "css", "component", "page", "layout", "copy", "design", "render", "display", "view", "frontend", "html", "template"],
+  mcp: ["mcp", "agentbridge", "cursor", "rules"],
+  tests: ["test", "tests", "spec", "vitest", "jest", "coverage", "proof"]
+};
+var SYMPTOMS = {
+  "401": ["401", "unauthorized", "unauthenticated"],
+  "403": ["403", "forbidden"],
+  "404": ["404", "not found", "notfound"],
+  "500": ["500", "internal server error", "server error"],
+  "null": ["null", "undefined", "nan", "nil"],
+  "crash": ["crash", "crashes", "crashed", "exception", "throws", "throw"],
+  "loop": ["loop", "infinite loop", "recursion"],
+  "hang": ["hang", "hangs", "timeout", "deadlock"],
+  "slow": ["slow", "performance", "latency", "memory leak", "memory"],
+  "duplicate": ["duplicate", "duplicated", "twice"],
+  "missing": ["missing", "not showing", "not found"]
+};
+var ROUTE_RE = /(?<!\w)(\/[a-zA-Z0-9_-]+(?:\/[a-zA-Z0-9_:_-]+)*)/g;
+var FILE_RE = /\b([A-Za-z][A-Za-z0-9_-]*\.[a-z]{2,4})\b/g;
+var PASCAL_RE = /\b([A-Z][a-z]+(?:[A-Z][a-z]*)+)\b/g;
+var CAMEL_FN_RE = /\b([a-z][a-z0-9]*(?:[A-Z][a-z0-9]*)+)\b/g;
+var QUOTED_RE = /"([^"]+)"|'([^']+)'/g;
+function detectDomain(lower) {
+  for (const [domain, keywords] of Object.entries(DOMAIN_KEYWORD_MAP)) {
+    if (keywords.some((kw) => lower.includes(kw))) return domain;
+  }
+  return null;
+}
+function detectAction(lower) {
+  for (const action of ACTIONS) {
+    if (lower.startsWith(action) || lower.includes(` ${action} `)) return action;
+  }
+  return null;
+}
+function detectSymptom(lower) {
+  for (const [symptom, patterns] of Object.entries(SYMPTOMS)) {
+    if (patterns.some((p) => lower.includes(p))) return symptom;
+  }
+  return null;
+}
+function extractTargets(raw) {
+  const targets = /* @__PURE__ */ new Set();
+  for (const m of raw.matchAll(QUOTED_RE)) {
+    const phrase = m[1] ?? m[2];
+    if (phrase) targets.add(phrase.trim());
+  }
+  for (const m of raw.matchAll(ROUTE_RE)) {
+    targets.add(m[1]);
+  }
+  for (const m of raw.matchAll(FILE_RE)) {
+    targets.add(m[1]);
+  }
+  for (const m of raw.matchAll(PASCAL_RE)) {
+    targets.add(m[1]);
+  }
+  for (const m of raw.matchAll(CAMEL_FN_RE)) {
+    if (m[1].length <= 40) targets.add(m[1]);
+  }
+  return [...targets];
+}
+function inferLayers(domain, targets, symptom, action, rawLower) {
+  const layers = [];
+  const hasRoute = targets.some((t) => t.startsWith("/"));
+  const hasMigration = action === "migrate" || targets.some((t) => t.toLowerCase().includes("migration"));
+  if (domain === "auth") {
+    if (symptom === "401" || symptom === "403") layers.push("route_handler", "auth_middleware");
+    else if (hasRoute) layers.push("route_handler", "auth_middleware");
+    else layers.push("auth_middleware");
+  }
+  if (domain === "api") {
+    if (hasRoute) layers.push("route_handler");
+    else layers.push("route_handler");
+  }
+  if (domain === "database") {
+    if (hasMigration) layers.push("schema", "migration_file");
+    else layers.push("model", "query");
+  }
+  if (domain === "ui") {
+    layers.push("component", "view");
+  }
+  if (domain === "payments") {
+    if (targets.some((t) => t.toLowerCase().includes("webhook")) || rawLower.includes("webhook")) {
+      layers.push("webhook_handler");
+    } else {
+      layers.push("billing_handler");
+    }
+  }
+  if (domain === "mcp") {
+    layers.push("mcp_server", "config");
+  }
+  return layers;
+}
+function parseIntent(raw) {
+  if (!raw?.trim()) {
+    return { raw: raw ?? "", domain: null, targets: [], symptom: null, action: null, affected_layer: [] };
+  }
+  const lower = raw.toLowerCase();
+  const domain = detectDomain(lower);
+  const action = detectAction(lower);
+  const symptom = detectSymptom(lower);
+  const targets = extractTargets(raw);
+  const affected_layer = inferLayers(domain, targets, symptom, action, lower);
+  return { raw, domain, targets, symptom, action, affected_layer };
+}
+function buildTaskSpecificCriteria(parsed) {
+  const extra = [];
+  const routeTargets = parsed.targets.filter((t) => t.startsWith("/"));
+  const fileTargets = parsed.targets.filter((t) => t.includes("."));
+  const namedTargets = parsed.targets.filter((t) => !t.startsWith("/") && !t.includes("."));
+  if (routeTargets.length > 0 && parsed.domain === "auth" && parsed.symptom) {
+    extra.push(`The ${routeTargets[0]} route handler or its auth middleware chain is updated to address the ${parsed.symptom}.`);
+  } else if (routeTargets.length > 0 && parsed.domain === "api") {
+    extra.push(`The ${routeTargets[0]} endpoint handler is updated as intended.`);
+  } else if (routeTargets.length > 0) {
+    extra.push(`Changes are focused on the ${routeTargets[0]} route.`);
+  } else if (fileTargets.length > 0) {
+    extra.push(`Changes are focused on ${fileTargets[0]}.`);
+  } else if (namedTargets.length > 0) {
+    extra.push(`Changes are focused on ${namedTargets[0]}.`);
+  }
+  if (parsed.symptom && routeTargets.length > 0) {
+    extra.push(`Proof exists for the ${parsed.symptom} behavior on ${routeTargets[0]}.`);
+  } else if (parsed.symptom) {
+    extra.push(`Proof exists that the ${parsed.symptom} condition is resolved.`);
+  } else if (parsed.action && parsed.domain) {
+    extra.push(`Proof exists that the ${parsed.action} to the ${parsed.domain} layer is correct.`);
+  }
+  return extra;
+}
+
 // src/session-state.ts
 var import_node_fs2 = require("node:fs");
 var import_node_path = require("node:path");
@@ -21175,6 +21316,15 @@ function isLocalSessionState(value) {
   if (value.updatedAt !== void 0 && typeof value.updatedAt !== "string") return false;
   if (value.closedAt !== void 0 && typeof value.closedAt !== "string") return false;
   if (value.claimedPaths !== void 0 && !isStringArray(value.claimedPaths)) return false;
+  if (value.createdBy !== void 0 && value.createdBy !== "user_start" && value.createdBy !== "agent_hello") {
+    return false;
+  }
+  if (value.contractProfiles !== void 0 && !isStringArray(value.contractProfiles)) return false;
+  if (value.expectedSurfaces !== void 0 && !isStringArray(value.expectedSurfaces)) return false;
+  if (value.expectedFileAreas !== void 0 && !isStringArray(value.expectedFileAreas)) return false;
+  if (value.completionCriteria !== void 0 && !isStringArray(value.completionCriteria)) return false;
+  if (value.proofNeeded !== void 0 && !isStringArray(value.proofNeeded)) return false;
+  if (value.riskyOmissions !== void 0 && !isStringArray(value.riskyOmissions)) return false;
   if (value.lastLocalVerificationRun !== void 0 && !isLocalVerificationRun(value.lastLocalVerificationRun)) {
     return false;
   }
@@ -21243,6 +21393,296 @@ function writeSessionState(state) {
   }
   (0, import_node_fs2.renameSync)(tempPath, path);
 }
+function clearSessionState() {
+  writeSessionState({
+    id: "none",
+    agentId: "none",
+    laneDomain: null,
+    status: "closed",
+    closeReason: "completed",
+    changedFiles: [],
+    crossings: [],
+    approvals: [],
+    domains: [],
+    createdAt: (/* @__PURE__ */ new Date(0)).toISOString()
+  });
+}
+
+// src/contract-intelligence.ts
+var MCP_RULE_PROFILE = "mcp_rules_config_install";
+var AUTH_PROFILE = "auth_login_session";
+var DB_PROFILE = "database_schema_migration";
+var UI_PROFILE = "ui_style_copy";
+var API_PROFILE = "api_endpoint";
+var TEST_PROFILE = "tests";
+var PAYMENTS_PROFILE = "payments_webhooks";
+var GENERIC_PROFILE = "generic";
+function unique(values) {
+  return [...new Set(values.map((value) => value.trim()).filter(Boolean))];
+}
+function matchIntent(intent, keywords) {
+  const lower = intent.toLowerCase();
+  return keywords.some((keyword) => lower.includes(keyword));
+}
+function detectProfiles(intent) {
+  const profiles = [];
+  if (matchIntent(intent, ["mcp"]) && matchIntent(intent, ["rule", "rules", "install", "setup", "config", "configuration"])) {
+    profiles.push(MCP_RULE_PROFILE);
+  }
+  if (matchIntent(intent, ["auth", "login", "session", "token", "oauth"])) {
+    profiles.push(AUTH_PROFILE);
+  }
+  if (matchIntent(intent, ["database", "db", "schema", "migration", "prisma", "sql"])) {
+    profiles.push(DB_PROFILE);
+  }
+  if (matchIntent(intent, ["ui", "style", "css", "copy", "layout", "component"])) {
+    profiles.push(UI_PROFILE);
+  }
+  if (matchIntent(intent, ["api", "endpoint", "route", "handler", "controller"])) {
+    profiles.push(API_PROFILE);
+  }
+  if (matchIntent(intent, ["test", "tests", "vitest", "jest", "proof"])) {
+    profiles.push(TEST_PROFILE);
+  }
+  if (matchIntent(intent, ["payment", "payments", "billing", "stripe", "webhook"])) {
+    profiles.push(PAYMENTS_PROFILE);
+  }
+  return profiles.length > 0 ? profiles : [GENERIC_PROFILE];
+}
+function profileBlueprint(profile) {
+  switch (profile) {
+    case MCP_RULE_PROFILE:
+      return {
+        expectedSurfaces: ["mcp", "rules_installation", "configuration_flow", "tests_or_manual_proof"],
+        expectedFileAreas: [
+          "mcp/**",
+          "mcp/agentbridge-mcp.ts",
+          "AGENTBRIDGE.md",
+          ".cursor/rules/**",
+          "cli/src/mcp-config.ts",
+          "cli/src/commands/setup-mcp.ts"
+        ],
+        completionCriteria: [
+          "MCP configuration path triggers AgentBridge rule installation.",
+          "Rules are created or updated in the expected Cursor rules location.",
+          "Existing rules/config are preserved or safely updated.",
+          "Re-running MCP configuration is idempotent and does not duplicate rules.",
+          "Proof exists that MCP configuration causes rules to be installed."
+        ],
+        proofNeeded: [
+          "Run MCP setup/configuration flow in a clean repo.",
+          "Confirm the AgentBridge Cursor rules file is created.",
+          "Run setup/configuration again to confirm idempotency.",
+          "Record test/manual proof output."
+        ],
+        riskyOmissions: [
+          "MCP server file changed but no install trigger wired to the configuration path.",
+          "Rules are installed only in local mode or only in server mode.",
+          "Existing Cursor rules are overwritten.",
+          "No idempotency check.",
+          "No proof that the auto-install behavior actually runs."
+        ],
+        contractProfiles: [MCP_RULE_PROFILE]
+      };
+    case AUTH_PROFILE:
+      return {
+        expectedSurfaces: ["auth", "session", "tests_or_manual_proof"],
+        expectedFileAreas: ["auth/**", "src/**/auth/**", "src/**/session/**", "middleware/**"],
+        completionCriteria: [
+          "Authentication/session flow handling is updated where intended.",
+          "Authorization boundaries remain explicit and unchanged outside scope.",
+          "Proof exists for the auth/session behavior change."
+        ],
+        proofNeeded: ["Run auth/session flow tests or a reproducible manual proof."],
+        riskyOmissions: [
+          "Auth logic changed without session or middleware checks.",
+          "No proof of login/session behavior."
+        ],
+        contractProfiles: [AUTH_PROFILE]
+      };
+    case DB_PROFILE:
+      return {
+        expectedSurfaces: ["database", "schema_migration", "tests_or_manual_proof"],
+        expectedFileAreas: ["prisma/**", "migrations/**", "src/**/db/**", "src/**/database/**"],
+        completionCriteria: [
+          "Schema/data-layer changes are applied in intended files.",
+          "Migration or compatibility impact is accounted for.",
+          "Proof exists for migration/query behavior."
+        ],
+        proofNeeded: ["Run migration/database verification command and capture output."],
+        riskyOmissions: [
+          "Schema changed without migration/compatibility proof.",
+          "No evidence of migration/query validation."
+        ],
+        contractProfiles: [DB_PROFILE]
+      };
+    case UI_PROFILE:
+      return {
+        expectedSurfaces: ["ui", "copy_or_style", "tests_or_manual_proof"],
+        expectedFileAreas: ["src/**/components/**", "src/**/pages/**", "src/**/*.css", "src/**/*.html"],
+        completionCriteria: [
+          "UI/copy/style surface for the contract is updated.",
+          "Unrelated UI areas are not changed unintentionally.",
+          "Proof exists for the visible behavior change."
+        ],
+        proofNeeded: ["Record manual verification steps (or visual/tests) for UI outcome."],
+        riskyOmissions: [
+          "UI files changed without a clear visible proof.",
+          "Broad style changes without scope evidence."
+        ],
+        contractProfiles: [UI_PROFILE]
+      };
+    case API_PROFILE:
+      return {
+        expectedSurfaces: ["api", "endpoint_logic", "tests_or_manual_proof"],
+        expectedFileAreas: ["src/**/routes/**", "src/**/api/**", "src/**/controllers/**"],
+        completionCriteria: [
+          "Target API/endpoint behavior is changed in the correct surface.",
+          "Request/response behavior is evidenced.",
+          "Proof exists for endpoint behavior."
+        ],
+        proofNeeded: ["Run endpoint tests or reproducible request/response proof."],
+        riskyOmissions: [
+          "Endpoint files changed without request/response evidence.",
+          "No proof for API behavior change."
+        ],
+        contractProfiles: [API_PROFILE]
+      };
+    case TEST_PROFILE:
+      return {
+        expectedSurfaces: ["tests", "proof"],
+        expectedFileAreas: ["**/*.test.ts", "**/*.spec.ts", "tests/**"],
+        completionCriteria: [
+          "Test/proof artifacts relevant to the contract are updated.",
+          "Test execution evidence is recorded."
+        ],
+        proofNeeded: ["Run tests and record command + result output."],
+        riskyOmissions: ["Tests changed but no execution proof recorded."],
+        contractProfiles: [TEST_PROFILE]
+      };
+    case PAYMENTS_PROFILE:
+      return {
+        expectedSurfaces: ["payments", "webhooks", "tests_or_manual_proof"],
+        expectedFileAreas: ["src/**/billing/**", "src/**/payments/**", "src/**/webhooks/**"],
+        completionCriteria: [
+          "Payments/webhook handling logic is updated in scope.",
+          "Critical payment side effects are evidenced.",
+          "Proof exists for payment/webhook behavior."
+        ],
+        proofNeeded: ["Run payment/webhook verification flow and capture output."],
+        riskyOmissions: [
+          "Webhook/payment logic changed without behavior proof.",
+          "No idempotency/effect validation for financial flows."
+        ],
+        contractProfiles: [PAYMENTS_PROFILE]
+      };
+    default:
+      return {
+        expectedSurfaces: ["implementation_surface", "tests_or_manual_proof"],
+        expectedFileAreas: ["**"],
+        completionCriteria: [
+          "Files changed align with the declared contract intent.",
+          "Proof exists for the intended behavior change."
+        ],
+        proofNeeded: ["Run relevant tests or provide manual proof output."],
+        riskyOmissions: ["Code changed without proof linked to the declared intent."],
+        contractProfiles: [GENERIC_PROFILE]
+      };
+  }
+}
+function buildContractIntelligence(intent, createdBy) {
+  const normalizedIntent = intent?.trim() ?? "";
+  const profiles = detectProfiles(normalizedIntent);
+  const combined = profiles.map((profile) => profileBlueprint(profile));
+  const baseCompletionCriteria = unique(combined.flatMap((item) => item.completionCriteria));
+  const parsed = parseIntent(normalizedIntent);
+  const taskCriteria = buildTaskSpecificCriteria(parsed);
+  const firstTask = taskCriteria[0];
+  const lastTask = taskCriteria[1];
+  const completionCriteria = unique([
+    ...firstTask ? [firstTask] : [],
+    ...baseCompletionCriteria.filter((c) => !c.toLowerCase().startsWith("proof")),
+    ...lastTask ? [lastTask] : [],
+    ...baseCompletionCriteria.filter((c) => c.toLowerCase().startsWith("proof"))
+  ]);
+  return {
+    expectedSurfaces: unique(combined.flatMap((item) => item.expectedSurfaces)),
+    expectedFileAreas: unique(combined.flatMap((item) => item.expectedFileAreas)),
+    completionCriteria,
+    proofNeeded: unique(combined.flatMap((item) => item.proofNeeded)),
+    riskyOmissions: unique(combined.flatMap((item) => item.riskyOmissions)),
+    contractProfiles: unique(combined.flatMap((item) => item.contractProfiles)),
+    createdBy
+  };
+}
+function localSessionToContractIntelligence(session) {
+  if (session.completionCriteria?.length && session.contractProfiles?.length) {
+    return {
+      contractProfiles: session.contractProfiles,
+      completionCriteria: session.completionCriteria,
+      proofNeeded: session.proofNeeded ?? [],
+      riskyOmissions: session.riskyOmissions ?? [],
+      expectedSurfaces: session.expectedSurfaces ?? [],
+      expectedFileAreas: session.expectedFileAreas ?? [],
+      createdBy: session.createdBy ?? "agent_hello"
+    };
+  }
+  return buildContractIntelligence(session.intent, session.createdBy ?? "agent_hello");
+}
+function sessionNeedsContractBackfill(session) {
+  return !session.completionCriteria?.length || !session.contractProfiles?.length;
+}
+function ensureSessionContractIntelligence(session) {
+  if (!sessionNeedsContractBackfill(session)) {
+    return session;
+  }
+  const createdBy = session.createdBy ?? (session.agentId?.trim() === "local" ? "user_start" : "agent_hello");
+  const contract = buildContractIntelligence(session.intent?.trim(), createdBy);
+  const updated = {
+    ...session,
+    createdBy,
+    contractProfiles: contract.contractProfiles,
+    expectedSurfaces: contract.expectedSurfaces,
+    expectedFileAreas: contract.expectedFileAreas,
+    completionCriteria: contract.completionCriteria,
+    proofNeeded: contract.proofNeeded,
+    riskyOmissions: contract.riskyOmissions
+  };
+  writeSessionState(updated);
+  return updated;
+}
+function buildProofRequiredCommands(contract) {
+  if (contract.contractProfiles.includes(MCP_RULE_PROFILE)) {
+    return [
+      "agentbridge verify npm run setup-mcp -- --local",
+      "agentbridge verify npm run setup-mcp -- --local  (run again to confirm idempotency)"
+    ];
+  }
+  if (contract.contractProfiles.includes(DB_PROFILE)) {
+    return [
+      "agentbridge verify npx prisma migrate status",
+      "agentbridge verify npm test"
+    ];
+  }
+  if (contract.contractProfiles.includes(AUTH_PROFILE) || contract.contractProfiles.includes(API_PROFILE) || contract.contractProfiles.includes(UI_PROFILE) || contract.contractProfiles.includes(TEST_PROFILE) || contract.contractProfiles.includes(PAYMENTS_PROFILE)) {
+    return ["agentbridge verify npm test"];
+  }
+  return ["agentbridge verify npm test"];
+}
+function buildLocalHelloPayload(session) {
+  const contract = localSessionToContractIntelligence(session);
+  const scopeSource = session.createdBy ?? (session.agentId?.trim() === "local" ? "user_start" : "agent_hello");
+  return {
+    contract: {
+      id: session.id,
+      intent: session.intent?.trim() ?? null,
+      created_by: scopeSource
+    },
+    done_checklist: contract.completionCriteria.slice(0, 4),
+    proof_required: buildProofRequiredCommands(contract),
+    warnings: contract.riskyOmissions.slice(0, 2)
+  };
+}
 
 // src/git-status.ts
 var import_node_child_process = require("node:child_process");
@@ -21340,11 +21780,20 @@ function openLocalSession(input) {
   const claimedPaths = [...new Set((input.claimedPaths ?? []).map((path) => path.trim()).filter(Boolean))];
   const baseline = captureLocalSessionBaseline();
   const now = baseline.startedAt;
+  const createdBy = input.createdBy ?? (input.agentId?.trim() === "local" ? "user_start" : "agent_hello");
+  const contract = buildContractIntelligence(input.intent?.trim(), createdBy);
   const state = {
     id: `local_${Date.now().toString(36)}`,
     agentId: input.agentId?.trim() || "local",
     laneDomain: input.laneDomain,
     intent: input.intent?.trim() || void 0,
+    createdBy,
+    contractProfiles: contract.contractProfiles,
+    expectedSurfaces: contract.expectedSurfaces,
+    expectedFileAreas: contract.expectedFileAreas,
+    completionCriteria: contract.completionCriteria,
+    proofNeeded: contract.proofNeeded,
+    riskyOmissions: contract.riskyOmissions,
     mode: input.mode,
     changeRequestId: input.changeRequestId,
     claimedPaths,
@@ -22135,6 +22584,84 @@ function toolJson(data) {
     ]
   };
 }
+function isRecord2(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function needsRulesAutoInstall(hello) {
+  return isRecord2(hello) && hello.rules_status === "not_installed";
+}
+function formatUnknownError(err) {
+  if (err instanceof Error) return err.message;
+  return String(err);
+}
+async function autoInstallRulesForProject(cfg, projectId) {
+  const installPath = `/v1/dev/projects/${encodeURIComponent(projectId)}/rules`;
+  const installRes = await bridgeJson(cfg, "GET", installPath);
+  if (!installRes.ok) {
+    return {
+      status: "failed",
+      step: "install_agentbridge_rules",
+      error: formatHttpFailure(installPath, installRes.status, installRes.text, installRes.json)
+    };
+  }
+  if (!isRecord2(installRes.json) || !Array.isArray(installRes.json.files)) {
+    return {
+      status: "failed",
+      step: "install_agentbridge_rules",
+      error: "Rules payload is missing a valid files[] list."
+    };
+  }
+  const repoRoot = process.env.AGENTBRIDGE_REPO_ROOT?.trim() || process.cwd();
+  const writtenFiles = [];
+  try {
+    for (const file of installRes.json.files) {
+      if (!isRecord2(file) || typeof file.path !== "string" || typeof file.content !== "string") {
+        throw new Error("Invalid rules file entry in server response.");
+      }
+      const absolutePath = (0, import_node_path2.resolve)(repoRoot, file.path);
+      (0, import_node_fs3.mkdirSync)((0, import_node_path2.dirname)(absolutePath), { recursive: true });
+      (0, import_node_fs3.writeFileSync)(absolutePath, `${file.content}
+`, "utf8");
+      writtenFiles.push(file.path);
+    }
+  } catch (err) {
+    return {
+      status: "failed",
+      step: "write_rules_files",
+      error: formatUnknownError(err)
+    };
+  }
+  const markPath = `/v1/dev/projects/${encodeURIComponent(projectId)}/rules/mark-installed`;
+  const markRes = await bridgeJson(cfg, "POST", markPath, {});
+  if (!markRes.ok) {
+    return {
+      status: "failed",
+      step: "mark_rules_installed",
+      error: formatHttpFailure(markPath, markRes.status, markRes.text, markRes.json)
+    };
+  }
+  return {
+    status: "installed",
+    repo_root: repoRoot,
+    written_files: writtenFiles
+  };
+}
+function localHelloResult(action, session, extras) {
+  const prepared = ensureSessionContractIntelligence(session);
+  const scopeSource = prepared.agentId === "local" ? "user_start" : "agent_hello";
+  const checklist = buildLocalHelloPayload(prepared);
+  return toolJson({
+    mode: "local",
+    action,
+    contract_id: prepared.id,
+    intent: prepared.intent ?? null,
+    scope_source: scopeSource,
+    status: prepared.status,
+    next_action: "Contract declared. Start implementation now; agentbridge watch will track this work contract.",
+    ...checklist,
+    ...extras ?? {}
+  });
+}
 function formatHttpFailure(path, status, text, json) {
   if (json && typeof json === "object" && "error" in json) {
     return `AgentBridge ${path} returned ${status}: ${JSON.stringify(json.error)}`;
@@ -22227,18 +22754,41 @@ async function main() {
     async (args) => {
       if (cfg.localOnly) {
         const existing = readSessionState();
+        const declaredIntent = args.intent?.trim() || args.note?.trim();
         if (isActiveLocalSession(existing)) {
-          return toolJson({
-            mode: "local",
-            action: "reuse",
-            contract: existing,
-            message: "Reusing active local work contract."
+          if (existing.agentId === "local") {
+            return localHelloResult("reuse", existing, {
+              scope_locked: true
+            });
+          }
+          const currentIntent = existing.intent?.trim();
+          if (!declaredIntent || declaredIntent === currentIntent) {
+            return localHelloResult("reuse", existing);
+          }
+          const canReplace = existing.changedFiles.length === 0 && existing.crossings.length === 0 && existing.approvals.length === 0;
+          if (!canReplace) {
+            return toolError(
+              `A different AgentBridge contract is already active.
+
+Current contract: ${currentIntent ?? "(unknown intent)"}
+Close the current contract in watch, then call agent_hello again with your new intent.`
+            );
+          }
+          clearSessionState();
+          const replaced = openLocalSession({
+            agentId: "mcp",
+            laneDomain: null,
+            intent: declaredIntent,
+            domains: [],
+            mode: "local_supervision"
+          });
+          return localHelloResult("replaced", replaced, {
+            replaced_contract_id: existing.id
           });
         }
-        const declaredIntent = args.intent?.trim() || args.note?.trim();
         if (!declaredIntent || isVagueIntent(declaredIntent)) {
           return toolError(
-            'No active AgentBridge contract.\n\nDeclare what you are about to do before editing files:\n  agent_hello({ intent: "Fix auth 401 on /rooms endpoint" })\n\nOr run in a terminal: agentbridge start "Fix auth 401 on /rooms endpoint"'
+            'No active AgentBridge contract.\n\nAgent must declare a concrete scope before editing files:\n  agent_hello({ intent: "Fix auth 401 on /rooms endpoint" })\n\nOr run in a terminal: agentbridge start "Fix auth 401 on /rooms endpoint"'
           );
         }
         const session = openLocalSession({
@@ -22248,12 +22798,7 @@ async function main() {
           domains: [],
           mode: "local_supervision"
         });
-        return toolJson({
-          mode: "local",
-          action: "created",
-          contract: session,
-          message: "Local work contract created."
-        });
+        return localHelloResult("created", session);
       }
       const resolvedProjectId = args.project_id ?? cfg.projectId;
       if (!resolvedProjectId) {
@@ -22271,7 +22816,20 @@ async function main() {
       const res = await bridgeJson(cfg, "POST", path, body);
       if (!res.ok)
         return toolError(formatHttpFailure(path, res.status, res.text, res.json));
-      return toolJson(res.json);
+      if (!needsRulesAutoInstall(res.json)) {
+        return toolJson(res.json);
+      }
+      const autoRulesInstall = await autoInstallRulesForProject(cfg, resolvedProjectId);
+      if (isRecord2(res.json)) {
+        return toolJson({
+          ...res.json,
+          auto_rules_install: autoRulesInstall
+        });
+      }
+      return toolJson({
+        hello: res.json,
+        auto_rules_install: autoRulesInstall
+      });
     }
   );
   server.registerTool(