@ai-dossier/mcp-server 1.0.1

package/dist/index.js

@@ -0,0 +1,332 @@
+#!/usr/bin/env node
+"use strict";
+/**
+ * Dossier MCP Server
+ * Model Context Protocol server for dossier automation standard
+ * Enables LLMs to discover, verify, and execute dossiers securely
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@ai-dossier/core");
+const index_js_1 = require("@modelcontextprotocol/sdk/server/index.js");
+const stdio_js_1 = require("@modelcontextprotocol/sdk/server/stdio.js");
+const types_js_1 = require("@modelcontextprotocol/sdk/types.js");
+const concept_js_1 = require("./resources/concept.js");
+const protocol_js_1 = require("./resources/protocol.js");
+const security_js_1 = require("./resources/security.js");
+const listDossiers_js_1 = require("./tools/listDossiers.js");
+const readDossier_js_1 = require("./tools/readDossier.js");
+const verifyDossier_js_1 = require("./tools/verifyDossier.js");
+const logger_js_1 = require("./utils/logger.js");
+const response_js_1 = require("./utils/response.js");
+// Create MCP server instance
+const server = new index_js_1.Server({
+    name: '@ai-dossier/mcp-server',
+    version: '1.0.0',
+}, {
+    capabilities: {
+        tools: {},
+        resources: {},
+        prompts: {},
+    },
+});
+// Register tools
+server.setRequestHandler(types_js_1.ListToolsRequestSchema, async () => {
+    logger_js_1.logger.debug('Listing tools');
+    return {
+        tools: [
+            {
+                name: 'verify_dossier',
+                description: '🔒 Security verification - Verify integrity (checksum) and authenticity (signature) of a dossier. Returns ALLOW/WARN/BLOCK recommendation.',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        path: {
+                            type: 'string',
+                            description: 'Path to dossier file (.ds.md)',
+                        },
+                        trusted_keys_path: {
+                            type: 'string',
+                            description: 'Path to trusted-keys.txt (default: ~/.dossier/trusted-keys.txt)',
+                        },
+                    },
+                    required: ['path'],
+                },
+            },
+            {
+                name: 'read_dossier',
+                description: 'Read and parse a dossier file. Returns metadata and content. Should be called AFTER verify_dossier passes.',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        path: {
+                            type: 'string',
+                            description: 'Path to dossier file (.ds.md)',
+                        },
+                    },
+                    required: ['path'],
+                },
+            },
+            {
+                name: 'list_dossiers',
+                description: 'Discover available dossiers in a directory. Scans for *.ds.md files and returns metadata.',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        path: {
+                            type: 'string',
+                            description: 'Directory to search (default: current working directory)',
+                        },
+                        recursive: {
+                            type: 'boolean',
+                            description: 'Search subdirectories recursively (default: true)',
+                        },
+                    },
+                },
+            },
+        ],
+    };
+});
+// Handle tool calls
+server.setRequestHandler(types_js_1.CallToolRequestSchema, async (request) => {
+    const { name, arguments: args } = request.params;
+    logger_js_1.logger.info('Tool call received', { tool: name, arguments: args });
+    try {
+        switch (name) {
+            case 'verify_dossier': {
+                const result = await (0, verifyDossier_js_1.verifyDossier)(args);
+                return (0, response_js_1.createToolResponse)(result);
+            }
+            case 'read_dossier': {
+                const result = (0, readDossier_js_1.readDossier)(args);
+                return (0, response_js_1.createToolResponse)(result);
+            }
+            case 'list_dossiers': {
+                const result = (0, listDossiers_js_1.listDossiers)(args);
+                return (0, response_js_1.createToolResponse)(result);
+            }
+            default:
+                throw new Error(`Unknown tool: ${name}`);
+        }
+    }
+    catch (error) {
+        logger_js_1.logger.error('Tool execution error', {
+            tool: name,
+            error: (0, core_1.getErrorMessage)(error),
+            stack: (0, core_1.getErrorStack)(error),
+        });
+        return (0, response_js_1.createToolResponse)({ error: { message: (0, core_1.getErrorMessage)(error), tool: name } }, true);
+    }
+});
+// Register resources
+server.setRequestHandler(types_js_1.ListResourcesRequestSchema, async () => {
+    logger_js_1.logger.debug('Listing resources');
+    return {
+        resources: [
+            {
+                uri: 'dossier://protocol',
+                name: 'Dossier Execution Protocol',
+                description: 'How to execute dossiers safely and effectively',
+                mimeType: 'text/markdown',
+            },
+            {
+                uri: 'dossier://security',
+                name: 'Security Architecture',
+                description: 'Security model, signing, verification, and trust management',
+                mimeType: 'text/markdown',
+            },
+            {
+                uri: 'dossier://concept',
+                name: 'Dossier Concept',
+                description: 'Introduction to dossiers - what they are and why to use them',
+                mimeType: 'text/markdown',
+            },
+        ],
+    };
+});
+// Handle resource reads
+server.setRequestHandler(types_js_1.ReadResourceRequestSchema, async (request) => {
+    const { uri } = request.params;
+    logger_js_1.logger.info('Resource read requested', { uri });
+    try {
+        let content;
+        switch (uri) {
+            case 'dossier://protocol':
+                content = (0, protocol_js_1.getProtocolResource)();
+                break;
+            case 'dossier://security':
+                content = (0, security_js_1.getSecurityResource)();
+                break;
+            case 'dossier://concept':
+                content = (0, concept_js_1.getConceptResource)();
+                break;
+            default:
+                throw new Error(`Unknown resource: ${uri}`);
+        }
+        return {
+            contents: [
+                {
+                    uri,
+                    mimeType: 'text/markdown',
+                    text: content,
+                },
+            ],
+        };
+    }
+    catch (error) {
+        logger_js_1.logger.error('Resource read error', {
+            uri,
+            error: (0, core_1.getErrorMessage)(error),
+            stack: (0, core_1.getErrorStack)(error),
+        });
+        throw error;
+    }
+});
+// Register prompts
+server.setRequestHandler(types_js_1.ListPromptsRequestSchema, async () => {
+    logger_js_1.logger.debug('Listing prompts');
+    return {
+        prompts: [
+            {
+                name: 'execute-dossier',
+                description: 'Run a dossier with verification and protocol',
+                arguments: [
+                    {
+                        name: 'dossier_path',
+                        description: 'Path or URL to the dossier file',
+                        required: true,
+                    },
+                ],
+            },
+            {
+                name: 'create-dossier',
+                description: 'Author a new dossier with proper structure',
+                arguments: [
+                    {
+                        name: 'title',
+                        description: 'Title for the new dossier',
+                        required: true,
+                    },
+                    {
+                        name: 'category',
+                        description: 'Category (e.g., devops, authoring)',
+                        required: false,
+                    },
+                    {
+                        name: 'risk_level',
+                        description: 'Risk level: low, medium, high, critical',
+                        required: false,
+                    },
+                ],
+            },
+        ],
+    };
+});
+// Handle prompt requests
+server.setRequestHandler(types_js_1.GetPromptRequestSchema, async (request) => {
+    const { name, arguments: args } = request.params;
+    logger_js_1.logger.info('Prompt requested', { prompt: name, arguments: args });
+    switch (name) {
+        case 'execute-dossier': {
+            const dossierPath = args?.dossier_path;
+            if (!dossierPath) {
+                throw new Error('dossier_path argument is required');
+            }
+            return {
+                messages: [
+                    {
+                        role: 'user',
+                        content: {
+                            type: 'text',
+                            text: `Execute the dossier at: ${dossierPath}
+
+Follow the Dossier Execution Protocol:
+
+1. **VERIFY** - Run \`dossier verify ${dossierPath}\` to check integrity and signature
+   - If verification fails, STOP and report the issue
+   - If signature is from untrusted source, ask user whether to proceed
+
+2. **READ** - Use the read_dossier tool to get the dossier content
+
+3. **EXECUTE** - Follow the instructions in the dossier body
+   - Respect any risk_level warnings
+   - Ask for confirmation before destructive operations
+   - Report progress as you complete each step
+
+4. **REPORT** - Summarize what was accomplished`,
+                        },
+                    },
+                ],
+            };
+        }
+        case 'create-dossier': {
+            const title = args?.title;
+            if (!title) {
+                throw new Error('title argument is required');
+            }
+            const category = args?.category;
+            const riskLevel = args?.risk_level;
+            const filename = `${title.toLowerCase().replace(/\s+/g, '-')}.ds.md`;
+            return {
+                messages: [
+                    {
+                        role: 'user',
+                        content: {
+                            type: 'text',
+                            text: `Create a new dossier: "${title}"
+${category ? `Category: ${category}` : ''}
+${riskLevel ? `Risk level: ${riskLevel}` : ''}
+Suggested filename: ${filename}
+
+**Instructions**: Execute the meta-dossier at:
+https://raw.githubusercontent.com/imboard-ai/ai-dossier/main/examples/authoring/create-dossier.ds.md
+
+This meta-dossier contains the official template and authoring instructions.
+Follow its guidance to create "${title}" with proper structure.`,
+                        },
+                    },
+                ],
+            };
+        }
+        default:
+            throw new Error(`Unknown prompt: ${name}`);
+    }
+});
+// Start server
+async function main() {
+    try {
+        const transport = new stdio_js_1.StdioServerTransport();
+        await server.connect(transport);
+        logger_js_1.logger.info('Dossier MCP Server started', {
+            name: '@ai-dossier/mcp-server',
+            version: '1.0.0',
+            transport: 'stdio',
+        });
+        // Keep process alive
+        process.stdin.resume();
+    }
+    catch (error) {
+        logger_js_1.logger.error('Failed to start server', {
+            error: (0, core_1.getErrorMessage)(error),
+            stack: (0, core_1.getErrorStack)(error),
+        });
+        process.exit(1);
+    }
+}
+// Handle graceful shutdown
+process.on('SIGINT', () => {
+    logger_js_1.logger.info('Received SIGINT, shutting down gracefully');
+    process.exit(0);
+});
+process.on('SIGTERM', () => {
+    logger_js_1.logger.info('Received SIGTERM, shutting down gracefully');
+    process.exit(0);
+});
+// Run server
+main().catch((error) => {
+    logger_js_1.logger.error('Fatal error', {
+        error: (0, core_1.getErrorMessage)(error),
+        stack: (0, core_1.getErrorStack)(error),
+    });
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;AAEA;;;;GAIG;;AAEH,2CAAkE;AAClE,wEAAmE;AACnE,wEAAiF;AACjF,iEAO4C;AAC5C,uDAA4D;AAC5D,yDAA8D;AAC9D,yDAA8D;AAC9D,6DAA+E;AAC/E,2DAA4E;AAC5E,+DAAkF;AAClF,iDAA2C;AAC3C,qDAAyD;AAEzD,6BAA6B;AAC7B,MAAM,MAAM,GAAG,IAAI,iBAAM,CACvB;IACE,IAAI,EAAE,wBAAwB;IAC9B,OAAO,EAAE,OAAO;CACjB,EACD;IACE,YAAY,EAAE;QACZ,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;KACZ;CACF,CACF,CAAC;AAEF,iBAAiB;AACjB,MAAM,CAAC,iBAAiB,CAAC,iCAAsB,EAAE,KAAK,IAAI,EAAE;IAC1D,kBAAM,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IAC9B,OAAO;QACL,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,gBAAgB;gBACtB,WAAW,EACT,4IAA4I;gBAC9I,WAAW,EAAE;oBACX,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,+BAA+B;yBAC7C;wBACD,iBAAiB,EAAE;4BACjB,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,iEAAiE;yBAC/E;qBACF;oBACD,QAAQ,EAAE,CAAC,MAAM,CAAC;iBACnB;aACF;YACD;gBACE,IAAI,EAAE,cAAc;gBACpB,WAAW,EACT,4GAA4G;gBAC9G,WAAW,EAAE;oBACX,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,+BAA+B;yBAC7C;qBACF;oBACD,QAAQ,EAAE,CAAC,MAAM,CAAC;iBACnB;aACF;YACD;gBACE,IAAI,EAAE,eAAe;gBACrB,WAAW,EACT,2FAA2F;gBAC7F,WAAW,EAAE;oBACX,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,0DAA0D;yBACxE;wBACD,SAAS,EAAE;4BACT,IAAI,EAAE,SAAS;4BACf,WAAW,EAAE,mDAAmD;yBACjE;qBACF;iBACF;aACF;SACF;KACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,oBAAoB;AACpB,MAAM,CAAC,iBAAiB,CAAC,gCAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAEjD,kBAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEnE,IAAI,CAAC;QACH,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,gBAAgB,CAAC,CAAC,CAAC;gBACtB,MAAM,MAAM,GAAG,MAAM,IAAA,gCAAa,EAAC,IAAqC,CAAC,CAAC;gBAC1E,OAAO,IAAA,gCAAkB,EAAC,MAAM,CAAC,CAAC;YACpC,CAAC;YAED,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,MAAM,MAAM,GAAG,IAAA,4BAAW,EAAC,IAAmC,CAAC,CAAC;gBAChE,OAAO,IAAA,gCAAkB,EAAC,MAAM,CAAC,CAAC;YACpC,CAAC;YAED,KAAK,eAAe,CAAC,CAAC,CAAC;gBACrB,MAAM,MAAM,GAAG,IAAA,8BAAY,EAAC,IAAoC,CAAC,CAAC;gBAClE,OAAO,IAAA,gCAAkB,EAAC,MAAM,CAAC,CAAC;YACpC,CAAC;YAED;gBACE,MAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,kBAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE;YACnC,IAAI,EAAE,IAAI;YACV,KAAK,EAAE,IAAA,sBAAe,EAAC,KAAK,CAAC;YAC7B,KAAK,EAAE,IAAA,oBAAa,EAAC,KAAK,CAAC;SAC5B,CAAC,CAAC;QAEH,OAAO,IAAA,gCAAkB,EAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,IAAA,sBAAe,EAAC,KAAK,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IAC9F,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,qBAAqB;AACrB,MAAM,CAAC,iBAAiB,CAAC,qCAA0B,EAAE,KAAK,IAAI,EAAE;IAC9D,kBAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAClC,OAAO;QACL,SAAS,EAAE;YACT;gBACE,GAAG,EAAE,oBAAoB;gBACzB,IAAI,EAAE,4BAA4B;gBAClC,WAAW,EAAE,gDAAgD;gBAC7D,QAAQ,EAAE,eAAe;aAC1B;YACD;gBACE,GAAG,EAAE,oBAAoB;gBACzB,IAAI,EAAE,uBAAuB;gBAC7B,WAAW,EAAE,6DAA6D;gBAC1E,QAAQ,EAAE,eAAe;aAC1B;YACD;gBACE,GAAG,EAAE,mBAAmB;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,WAAW,EAAE,8DAA8D;gBAC3E,QAAQ,EAAE,eAAe;aAC1B;SACF;KACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,wBAAwB;AACxB,MAAM,CAAC,iBAAiB,CAAC,oCAAyB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IACpE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAE/B,kBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;IAEhD,IAAI,CAAC;QACH,IAAI,OAAe,CAAC;QAEpB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,oBAAoB;gBACvB,OAAO,GAAG,IAAA,iCAAmB,GAAE,CAAC;gBAChC,MAAM;YAER,KAAK,oBAAoB;gBACvB,OAAO,GAAG,IAAA,iCAAmB,GAAE,CAAC;gBAChC,MAAM;YAER,KAAK,mBAAmB;gBACtB,OAAO,GAAG,IAAA,+BAAkB,GAAE,CAAC;gBAC/B,MAAM;YAER;gBACE,MAAM,IAAI,KAAK,CAAC,qBAAqB,GAAG,EAAE,CAAC,CAAC;QAChD,CAAC;QAED,OAAO;YACL,QAAQ,EAAE;gBACR;oBACE,GAAG;oBACH,QAAQ,EAAE,eAAe;oBACzB,IAAI,EAAE,OAAO;iBACd;aACF;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,kBAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE;YAClC,GAAG;YACH,KAAK,EAAE,IAAA,sBAAe,EAAC,KAAK,CAAC;YAC7B,KAAK,EAAE,IAAA,oBAAa,EAAC,KAAK,CAAC;SAC5B,CAAC,CAAC;QAEH,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,mBAAmB;AACnB,MAAM,CAAC,iBAAiB,CAAC,mCAAwB,EAAE,KAAK,IAAI,EAAE;IAC5D,kBAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAChC,OAAO;QACL,OAAO,EAAE;YACP;gBACE,IAAI,EAAE,iBAAiB;gBACvB,WAAW,EAAE,8CAA8C;gBAC3D,SAAS,EAAE;oBACT;wBACE,IAAI,EAAE,cAAc;wBACpB,WAAW,EAAE,iCAAiC;wBAC9C,QAAQ,EAAE,IAAI;qBACf;iBACF;aACF;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,WAAW,EAAE,4CAA4C;gBACzD,SAAS,EAAE;oBACT;wBACE,IAAI,EAAE,OAAO;wBACb,WAAW,EAAE,2BAA2B;wBACxC,QAAQ,EAAE,IAAI;qBACf;oBACD;wBACE,IAAI,EAAE,UAAU;wBAChB,WAAW,EAAE,oCAAoC;wBACjD,QAAQ,EAAE,KAAK;qBAChB;oBACD;wBACE,IAAI,EAAE,YAAY;wBAClB,WAAW,EAAE,yCAAyC;wBACtD,QAAQ,EAAE,KAAK;qBAChB;iBACF;aACF;SACF;KACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,yBAAyB;AACzB,MAAM,CAAC,iBAAiB,CAAC,iCAAsB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IACjE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAEjD,kBAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEnE,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,iBAAiB,CAAC,CAAC,CAAC;YACvB,MAAM,WAAW,GAAG,IAAI,EAAE,YAAsB,CAAC;YACjD,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;YACvD,CAAC;YACD,OAAO;gBACL,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,MAAM;wBACZ,OAAO,EAAE;4BACP,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,2BAA2B,WAAW;;;;uCAInB,WAAW;;;;;;;;;;;gDAWF;yBACnC;qBACF;iBACF;aACF,CAAC;QACJ,CAAC;QAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;YACtB,MAAM,KAAK,GAAG,IAAI,EAAE,KAAe,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAChD,CAAC;YACD,MAAM,QAAQ,GAAG,IAAI,EAAE,QAA8B,CAAC;YACtD,MAAM,SAAS,GAAG,IAAI,EAAE,UAAgC,CAAC;YACzD,MAAM,QAAQ,GAAG,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAC;YAErE,OAAO;gBACL,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,MAAM;wBACZ,OAAO,EAAE;4BACP,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,0BAA0B,KAAK;EACjD,QAAQ,CAAC,CAAC,CAAC,aAAa,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE;EACvC,SAAS,CAAC,CAAC,CAAC,eAAe,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE;sBACvB,QAAQ;;;;;;iCAMG,KAAK,0BAA0B;yBACnD;qBACF;iBACF;aACF,CAAC;QACJ,CAAC;QAED;YACE,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,EAAE,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,eAAe;AACf,KAAK,UAAU,IAAI;IACjB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,IAAI,+BAAoB,EAAE,CAAC;QAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAEhC,kBAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;YACxC,IAAI,EAAE,wBAAwB;YAC9B,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,OAAO;SACnB,CAAC,CAAC;QAEH,qBAAqB;QACrB,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,kBAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;YACrC,KAAK,EAAE,IAAA,sBAAe,EAAC,KAAK,CAAC;YAC7B,KAAK,EAAE,IAAA,oBAAa,EAAC,KAAK,CAAC;SAC5B,CAAC,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,2BAA2B;AAC3B,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;IACxB,kBAAM,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC;AAEH,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;IACzB,kBAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC;AAEH,aAAa;AACb,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,kBAAM,CAAC,KAAK,CAAC,aAAa,EAAE;QAC1B,KAAK,EAAE,IAAA,sBAAe,EAAC,KAAK,CAAC;QAC7B,KAAK,EAAE,IAAA,oBAAa,EAAC,KAAK,CAAC;KAC5B,CAAC,CAAC;IACH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/parsers/signatureVerifier.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Signature verification for dossier authenticity
+ * Uses the unified verifier module
+ */
+import { type AuthenticityResult, type DossierFrontmatter } from '@ai-dossier/core';
+/**
+ * Verify dossier authenticity (signature + trust)
+ */
+export declare function verifyAuthenticity(body: string, frontmatter: DossierFrontmatter, trustedKeysPath?: string): Promise<AuthenticityResult>;
+//# sourceMappingURL=signatureVerifier.d.ts.map

package/dist/parsers/signatureVerifier.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signatureVerifier.d.ts","sourceRoot":"","sources":["../../src/parsers/signatureVerifier.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EAIxB,MAAM,kBAAkB,CAAC;AAG1B;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,kBAAkB,EAC/B,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,kBAAkB,CAAC,CA0E7B"}

package/dist/parsers/signatureVerifier.js

@@ -0,0 +1,85 @@
+"use strict";
+/**
+ * Signature verification for dossier authenticity
+ * Uses the unified verifier module
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyAuthenticity = verifyAuthenticity;
+const core_1 = require("@ai-dossier/core");
+const logger_1 = require("../utils/logger");
+/**
+ * Verify dossier authenticity (signature + trust)
+ */
+async function verifyAuthenticity(body, frontmatter, trustedKeysPath) {
+    const signature = frontmatter.signature;
+    // No signature present
+    if (!signature) {
+        logger_1.logger.info('No signature found in dossier');
+        return {
+            status: 'unsigned',
+            message: 'No signature found - authenticity cannot be verified',
+            isTrusted: false,
+        };
+    }
+    // Load trusted keys
+    const trustedKeys = (0, core_1.loadTrustedKeys)(trustedKeysPath);
+    const isTrusted = trustedKeys.has(signature.public_key || signature.key_id);
+    const trustedAs = isTrusted
+        ? trustedKeys.get(signature.public_key || signature.key_id)
+        : undefined;
+    // Verify signature
+    try {
+        const isValid = await (0, core_1.verifySignature)(body, signature);
+        if (!isValid) {
+            logger_1.logger.error('SIGNATURE VERIFICATION FAILED');
+            return {
+                status: 'invalid',
+                message: 'SIGNATURE VERIFICATION FAILED',
+                signer: signature.signed_by,
+                keyId: signature.key_id,
+                publicKey: signature.public_key,
+                isTrusted,
+                trustedAs,
+            };
+        }
+        // Signature is valid - check if trusted
+        if (isTrusted) {
+            logger_1.logger.info('Verified signature from TRUSTED source', { trustedAs });
+            return {
+                status: 'verified',
+                message: `Verified signature from trusted source: ${trustedAs}`,
+                signer: signature.signed_by,
+                keyId: signature.key_id,
+                publicKey: signature.public_key,
+                isTrusted: true,
+                trustedAs,
+            };
+        }
+        else {
+            logger_1.logger.warn('Valid signature but key is NOT in trusted list');
+            return {
+                status: 'signed_unknown',
+                message: 'Valid signature but key is not in trusted list',
+                signer: signature.signed_by,
+                keyId: signature.key_id,
+                publicKey: signature.public_key,
+                isTrusted: false,
+            };
+        }
+    }
+    catch (err) {
+        logger_1.logger.error('Signature verification error', {
+            error: (0, core_1.getErrorMessage)(err),
+        });
+        return {
+            status: 'error',
+            message: `Verification error: ${(0, core_1.getErrorMessage)(err)}`,
+            signer: signature.signed_by,
+            keyId: signature.key_id,
+            publicKey: signature.public_key,
+            isTrusted,
+            trustedAs,
+        };
+    }
+}
+//# sourceMappingURL=signatureVerifier.js.map

package/dist/parsers/signatureVerifier.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"signatureVerifier.js","sourceRoot":"","sources":["../../src/parsers/signatureVerifier.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAcH,gDA8EC;AA1FD,2CAM0B;AAC1B,4CAAyC;AAEzC;;GAEG;AACI,KAAK,UAAU,kBAAkB,CACtC,IAAY,EACZ,WAA+B,EAC/B,eAAwB;IAExB,MAAM,SAAS,GAAG,WAAW,CAAC,SAAS,CAAC;IAExC,uBAAuB;IACvB,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,eAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC7C,OAAO;YACL,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,sDAAsD;YAC/D,SAAS,EAAE,KAAK;SACjB,CAAC;IACJ,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,IAAA,sBAAe,EAAC,eAAe,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,UAAU,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC;IAC5E,MAAM,SAAS,GAAG,SAAS;QACzB,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,UAAU,IAAI,SAAS,CAAC,MAAM,CAAC;QAC3D,CAAC,CAAC,SAAS,CAAC;IAEd,mBAAmB;IACnB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,IAAA,sBAAe,EAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAEvD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,eAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;YAC9C,OAAO;gBACL,MAAM,EAAE,SAAS;gBACjB,OAAO,EAAE,+BAA+B;gBACxC,MAAM,EAAE,SAAS,CAAC,SAAS;gBAC3B,KAAK,EAAE,SAAS,CAAC,MAAM;gBACvB,SAAS,EAAE,SAAS,CAAC,UAAU;gBAC/B,SAAS;gBACT,SAAS;aACV,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,IAAI,SAAS,EAAE,CAAC;YACd,eAAM,CAAC,IAAI,CAAC,wCAAwC,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;YACrE,OAAO;gBACL,MAAM,EAAE,UAAU;gBAClB,OAAO,EAAE,2CAA2C,SAAS,EAAE;gBAC/D,MAAM,EAAE,SAAS,CAAC,SAAS;gBAC3B,KAAK,EAAE,SAAS,CAAC,MAAM;gBACvB,SAAS,EAAE,SAAS,CAAC,UAAU;gBAC/B,SAAS,EAAE,IAAI;gBACf,SAAS;aACV,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,eAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;YAC9D,OAAO;gBACL,MAAM,EAAE,gBAAgB;gBACxB,OAAO,EAAE,gDAAgD;gBACzD,MAAM,EAAE,SAAS,CAAC,SAAS;gBAC3B,KAAK,EAAE,SAAS,CAAC,MAAM;gBACvB,SAAS,EAAE,SAAS,CAAC,UAAU;gBAC/B,SAAS,EAAE,KAAK;aACjB,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE;YAC3C,KAAK,EAAE,IAAA,sBAAe,EAAC,GAAG,CAAC;SAC5B,CAAC,CAAC;QACH,OAAO;YACL,MAAM,EAAE,OAAO;YACf,OAAO,EAAE,uBAAuB,IAAA,sBAAe,EAAC,GAAG,CAAC,EAAE;YACtD,MAAM,EAAE,SAAS,CAAC,SAAS;YAC3B,KAAK,EAAE,SAAS,CAAC,MAAM;YACvB,SAAS,EAAE,SAAS,CAAC,UAAU;YAC/B,SAAS;YACT,SAAS;SACV,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/resources/concept.d.ts

@@ -0,0 +1,7 @@
+/**
+ * dossier://concept resource
+ * Provides an introduction to the dossier concept (condensed README.md)
+ */
+/** Get condensed concept/introduction from README.md */
+export declare const getConceptResource: () => string;
+//# sourceMappingURL=concept.d.ts.map

package/dist/resources/concept.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"concept.d.ts","sourceRoot":"","sources":["../../src/resources/concept.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,wDAAwD;AACxD,eAAO,MAAM,kBAAkB,cAA+C,CAAC"}

package/dist/resources/concept.js

@@ -0,0 +1,11 @@
+"use strict";
+/**
+ * dossier://concept resource
+ * Provides an introduction to the dossier concept (condensed README.md)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getConceptResource = void 0;
+const resourceLoader_1 = require("../utils/resourceLoader");
+/** Get condensed concept/introduction from README.md */
+exports.getConceptResource = (0, resourceLoader_1.createResourceLoader)('README.md', 'concept');
+//# sourceMappingURL=concept.js.map

package/dist/resources/concept.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"concept.js","sourceRoot":"","sources":["../../src/resources/concept.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,4DAA+D;AAE/D,wDAAwD;AAC3C,QAAA,kBAAkB,GAAG,IAAA,qCAAoB,EAAC,WAAW,EAAE,SAAS,CAAC,CAAC"}

package/dist/resources/protocol.d.ts

@@ -0,0 +1,7 @@
+/**
+ * dossier://protocol resource
+ * Provides the Dossier Execution Protocol to LLM context
+ */
+/** Get PROTOCOL.md content */
+export declare const getProtocolResource: () => string;
+//# sourceMappingURL=protocol.d.ts.map

package/dist/resources/protocol.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"protocol.d.ts","sourceRoot":"","sources":["../../src/resources/protocol.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,8BAA8B;AAC9B,eAAO,MAAM,mBAAmB,cAAkD,CAAC"}

package/dist/resources/protocol.js

@@ -0,0 +1,11 @@
+"use strict";
+/**
+ * dossier://protocol resource
+ * Provides the Dossier Execution Protocol to LLM context
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getProtocolResource = void 0;
+const resourceLoader_1 = require("../utils/resourceLoader");
+/** Get PROTOCOL.md content */
+exports.getProtocolResource = (0, resourceLoader_1.createResourceLoader)('PROTOCOL.md', 'protocol');
+//# sourceMappingURL=protocol.js.map

package/dist/resources/protocol.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"protocol.js","sourceRoot":"","sources":["../../src/resources/protocol.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,4DAA+D;AAE/D,8BAA8B;AACjB,QAAA,mBAAmB,GAAG,IAAA,qCAAoB,EAAC,aAAa,EAAE,UAAU,CAAC,CAAC"}

package/dist/resources/security.d.ts

@@ -0,0 +1,7 @@
+/**
+ * dossier://security resource
+ * Provides the Security Architecture documentation to LLM context
+ */
+/** Get security/ARCHITECTURE.md content */
+export declare const getSecurityResource: () => string;
+//# sourceMappingURL=security.d.ts.map

package/dist/resources/security.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/resources/security.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,2CAA2C;AAC3C,eAAO,MAAM,mBAAmB,cAA+D,CAAC"}

package/dist/resources/security.js

@@ -0,0 +1,11 @@
+"use strict";
+/**
+ * dossier://security resource
+ * Provides the Security Architecture documentation to LLM context
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getSecurityResource = void 0;
+const resourceLoader_1 = require("../utils/resourceLoader");
+/** Get security/ARCHITECTURE.md content */
+exports.getSecurityResource = (0, resourceLoader_1.createResourceLoader)('security/ARCHITECTURE.md', 'security');
+//# sourceMappingURL=security.js.map

package/dist/resources/security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.js","sourceRoot":"","sources":["../../src/resources/security.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,4DAA+D;AAE/D,2CAA2C;AAC9B,QAAA,mBAAmB,GAAG,IAAA,qCAAoB,EAAC,0BAA0B,EAAE,UAAU,CAAC,CAAC"}

package/dist/tools/listDossiers.d.ts

@@ -0,0 +1,19 @@
+/**
+ * list_dossiers tool - Discover dossiers in a directory
+ * Scans for *.ds.md files and returns metadata
+ */
+import { type DossierListItem } from '@ai-dossier/core';
+export interface ListDossiersInput {
+    path?: string;
+    recursive?: boolean;
+}
+export interface ListDossiersOutput {
+    dossiers: DossierListItem[];
+    scannedPath: string;
+    count: number;
+}
+/**
+ * List all dossiers in a directory
+ */
+export declare function listDossiers(input: ListDossiersInput): ListDossiersOutput;
+//# sourceMappingURL=listDossiers.d.ts.map

package/dist/tools/listDossiers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"listDossiers.d.ts","sourceRoot":"","sources":["../../src/tools/listDossiers.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAE,KAAK,eAAe,EAAqC,MAAM,kBAAkB,CAAC;AAG3F,MAAM,WAAW,iBAAiB;IAChC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;CACf;AAyCD;;GAEG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,iBAAiB,GAAG,kBAAkB,CA4DzE"}

package/dist/tools/listDossiers.js

@@ -0,0 +1,104 @@
+"use strict";
+/**
+ * list_dossiers tool - Discover dossiers in a directory
+ * Scans for *.ds.md files and returns metadata
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.listDossiers = listDossiers;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const core_1 = require("@ai-dossier/core");
+const logger_1 = require("../utils/logger");
+/**
+ * Recursively find all .ds.md files in a directory
+ */
+function findDossierFiles(dir, basePath, recursive) {
+    const files = [];
+    try {
+        const entries = (0, node_fs_1.readdirSync)(dir);
+        for (const entry of entries) {
+            const fullPath = (0, node_path_1.join)(dir, entry);
+            try {
+                const stat = (0, node_fs_1.statSync)(fullPath);
+                if (stat.isDirectory()) {
+                    // Skip node_modules, .git, etc.
+                    if (entry.startsWith('.') || entry === 'node_modules' || entry === 'dist') {
+                        continue;
+                    }
+                    if (recursive) {
+                        files.push(...findDossierFiles(fullPath, basePath, recursive));
+                    }
+                }
+                else if (stat.isFile() && entry.endsWith('.ds.md')) {
+                    files.push(fullPath);
+                }
+            }
+            catch (err) {
+                // Skip files we can't stat (permission errors, etc.)
+                logger_1.logger.warn('Could not stat file', { path: fullPath, error: (0, core_1.getErrorMessage)(err) });
+            }
+        }
+    }
+    catch (err) {
+        logger_1.logger.error('Could not read directory', { dir, error: (0, core_1.getErrorMessage)(err) });
+    }
+    return files;
+}
+/**
+ * List all dossiers in a directory
+ */
+function listDossiers(input) {
+    const searchPath = input.path || process.cwd();
+    const recursive = input.recursive !== false; // default true
+    // Validate path stays within the current working directory
+    const resolvedPath = (0, node_path_1.resolve)(searchPath);
+    const cwd = process.cwd();
+    if (!resolvedPath.startsWith(`${cwd}/`) && resolvedPath !== cwd) {
+        throw new Error(`Access denied: path "${searchPath}" is outside the working directory`);
+    }
+    logger_1.logger.info('Scanning for dossiers', { searchPath, recursive });
+    const dossierFiles = findDossierFiles(searchPath, searchPath, recursive);
+    const dossiers = [];
+    for (const filePath of dossierFiles) {
+        try {
+            const parsed = (0, core_1.parseDossierFile)(filePath);
+            const { frontmatter } = parsed;
+            // Extract name from filename (without .ds.md)
+            const fileName = filePath.split('/').pop();
+            if (!fileName)
+                continue;
+            const name = fileName.replace('.ds.md', '');
+            dossiers.push({
+                name,
+                path: (0, node_path_1.relative)(searchPath, filePath),
+                version: frontmatter.version,
+                protocol: frontmatter.protocol_version,
+                status: frontmatter.status,
+                objective: frontmatter.objective,
+                riskLevel: frontmatter.risk_level,
+            });
+            logger_1.logger.debug('Found dossier', {
+                name,
+                path: filePath,
+                title: frontmatter.title,
+            });
+        }
+        catch (err) {
+            logger_1.logger.warn('Could not parse dossier file', {
+                path: filePath,
+                error: (0, core_1.getErrorMessage)(err),
+            });
+        }
+    }
+    logger_1.logger.info('Dossier scan completed', {
+        searchPath,
+        count: dossiers.length,
+        foundFiles: dossierFiles.length,
+    });
+    return {
+        dossiers,
+        scannedPath: searchPath,
+        count: dossiers.length,
+    };
+}
+//# sourceMappingURL=listDossiers.js.map