@ansvar/ch-pest-management-mcp 0.1.0

package/.github/workflows/check-freshness.yml

@@ -0,0 +1,49 @@
+name: Check Data Freshness
+
+on:
+  schedule:
+    - cron: "0 8 * * *"
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  issues: write
+
+jobs:
+  freshness:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: npm
+      - run: npm ci
+      - name: Check freshness
+        id: check
+        run: |
+          if npm run freshness:check 2>&1; then
+            echo "stale=false" >> "$GITHUB_OUTPUT"
+          else
+            echo "stale=true" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Create issue if stale
+        if: steps.check.outputs.stale == 'true'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const existing = await github.rest.issues.listForRepo({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: 'data-stale',
+              state: 'open'
+            });
+            if (existing.data.length === 0) {
+              await github.rest.issues.create({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                title: 'Data is stale — re-ingestion needed',
+                body: 'The daily freshness check detected stale data. Run the ingestion workflow to update.\n\n`gh workflow run ingest.yml`',
+                labels: ['data-stale']
+              });
+            }

package/.github/workflows/ci.yml

@@ -0,0 +1,21 @@
+name: CI
+
+on:
+  push:
+    branches: [main, dev]
+  pull_request:
+    branches: [main]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: npm
+      - run: npm ci
+      - run: npm run typecheck
+      - run: npm run lint
+      - run: npm test

package/.github/workflows/codeql.yml

@@ -0,0 +1,25 @@
+name: CodeQL
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: "0 6 * * 1"
+
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+jobs:
+  analyze:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: github/codeql-action/init@v3
+        with:
+          languages: javascript-typescript
+      - uses: github/codeql-action/autobuild@v3
+      - uses: github/codeql-action/analyze@v3

package/.github/workflows/ghcr-build.yml

@@ -0,0 +1,45 @@
+name: Build and Push to GHCR
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+concurrency:
+  group: build-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ch-pest-management-mcp
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: docker/setup-buildx-action@v3
+      - uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - uses: docker/metadata-action@v5
+        id: meta
+        with:
+          images: ${{ env.REGISTRY }}/ansvar-systems/${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
+            type=sha,prefix=sha-,format=short
+      - uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          platforms: linux/amd64
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

package/.github/workflows/gitleaks.yml

@@ -0,0 +1,18 @@
+name: Gitleaks
+
+on:
+  push:
+    branches: [main, dev]
+  pull_request:
+    branches: [main]
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: gitleaks/gitleaks-action@v2
+        env:
+          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }}

package/.github/workflows/ingest.yml

@@ -0,0 +1,59 @@
+name: Re-ingest Data
+
+on:
+  schedule:
+    - cron: "0 4 1 * *"
+  workflow_dispatch:
+    inputs:
+      force:
+        description: "Force full rebuild even if no changes detected"
+        type: boolean
+        default: false
+
+permissions:
+  contents: write
+
+jobs:
+  ingest:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: npm
+      - run: npm ci
+
+      - name: Fetch upstream data
+        run: npm run ingest:fetch
+
+      - name: Check for changes
+        id: diff
+        run: |
+          if [ "${{ inputs.force }}" = "true" ] || npm run ingest:diff 2>&1 | grep -q "changes detected"; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "changed=false" >> "$GITHUB_OUTPUT"
+            echo "No upstream changes detected. Skipping rebuild."
+          fi
+
+      - name: Rebuild database
+        if: steps.diff.outputs.changed == 'true'
+        run: npm run ingest:full
+
+      - name: Run tests
+        if: steps.diff.outputs.changed == 'true'
+        run: npm test
+
+      - name: Update coverage
+        if: steps.diff.outputs.changed == 'true'
+        run: npm run coverage:update
+
+      - name: Commit updated database
+        if: steps.diff.outputs.changed == 'true'
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add data/database.db data/coverage.json data/.source-hashes.json
+          git diff --staged --quiet || git commit -m "chore: re-ingest data $(date +%Y-%m-%d)"
+          git push

package/.github/workflows/publish.yml

@@ -0,0 +1,24 @@
+name: Publish to npm
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          registry-url: "https://registry.npmjs.org"
+      - run: npm ci
+      - run: npm run build
+      - run: npm publish --provenance --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/CHANGELOG.md

@@ -0,0 +1,16 @@
+# Changelog
+
+## [0.1.0] - 2026-04-05
+
+### Added
+
+- Initial release with 10 MCP tools (3 meta + 7 domain)
+- SQLite + FTS5 database with schema for pests, treatments, IPM guidance, approved products
+- Dual transport: stdio (npm) and Streamable HTTP (Docker)
+- Jurisdiction validation (CH supported)
+- Tiered FTS5 search (phrase > AND > prefix > stemmed > OR > LIKE fallback)
+- Data freshness monitoring with 90-day staleness threshold
+- Docker image with non-root user, health check
+- CI/CD: TypeScript build, lint, test, CodeQL, Gitleaks, GHCR image build, ingestion, freshness check
+- Bilingual disclaimer (DE/EN), privacy statement, security policy
+- MCP registry (server.json) with public endpoint at mcp.ansvar.eu

package/CODEOWNERS

@@ -0,0 +1 @@
+* @ansvar-systems/engineering

package/COVERAGE.md

@@ -0,0 +1,66 @@
+# Coverage
+
+## Jurisdiction
+
+Switzerland (CH) only.
+
+## Dataset Summary
+
+| Category | Count |
+|----------|-------|
+| Pests (total) | 23 |
+| -- Insects | 9 |
+| -- Diseases | 8 |
+| -- Weeds | 6 |
+| Treatments | 30 |
+| IPM guidance records | 12 |
+| Approved products | 14 |
+| Prognosis systems | 4 |
+| Crop categories | 4 |
+| Tools | 10 |
+
+## Crop Categories
+
+- **Feldbau** (field crops): Winterweizen, Wintergerste, Winterraps, Kartoffeln, Zuckerrueben, Mais
+- **Rebbau** (viticulture): Reben
+- **Obstbau** (fruit): Apfel, Kirsche, Zwetschge
+- **Gemuese** (vegetables): Karotten, Salat, Zwiebeln
+
+## Prognosis Systems
+
+| System | Scope | URL |
+|--------|-------|-----|
+| PhytoPRE | Krautfaeule (potato/tomato late blight) | https://www.phytopre.ch |
+| SOPRA | Insect flight forecasting | https://www.sopra.info |
+| FusaProg | Fusarium risk in cereals | https://www.fusaprog.ch |
+| VitiMeteo | Vine disease forecasting | https://www.vitimeteo.info |
+
+## What Is Covered
+
+- Pest identification: names (DE), scientific names, lifecycle, damage descriptions, visual identification cues
+- Treatment recommendations: chemical products (W-number, active substance, dosage, waiting period, buffer zone) and non-chemical alternatives (biological, cultural, mechanical)
+- IPM guidance: OELN Schadschwellen (damage thresholds), monitoring methods, cultural controls, prognosis system references
+- Approved products: BLW Pflanzenschutzmittelverzeichnis entries with Auflagen and Aktionsplan status
+- Symptom-based differential diagnosis
+
+## What Is NOT Covered
+
+- Real-time prognosis data (PhytoPRE, SOPRA, FusaProg, VitiMeteo provide real-time data on their own portals -- this MCP references the systems but does not replicate live forecasts)
+- Cantonal deviations (some cantons have additional restrictions beyond federal OELN rules)
+- Organic-specific rules (Bio Suisse, Demeter -- only OELN/IP-Suisse requirements are included)
+- Seed treatment products (Beizmittel)
+- Fertiliser interactions with pest management
+- Veterinary pest control (livestock parasites)
+- Forest pest management (Eidg. Forschungsanstalt WSL scope)
+
+## Limitations
+
+- Product authorisations change frequently. Always verify current status on [psm.admin.ch](https://www.psm.admin.ch/de/produkte)
+- Professional use of plant protection products requires a Fachbewilligung PSM
+- Schadschwellen values are reference values from Agroscope -- field conditions vary
+- FTS search works best with German terms; English terms have partial coverage
+- Dataset is a curated subset, not a complete mirror of BLW or Agroscope databases
+
+## Data Freshness
+
+Run `check_data_freshness` to see the ingestion date. Threshold for staleness: 90 days. Re-ingestion: `gh workflow run ingest.yml`.

package/DISCLAIMER.md

@@ -0,0 +1,39 @@
+# Haftungsausschluss / Disclaimer
+
+## Keine professionelle Beratung / Not Professional Advice
+
+Die von diesem Tool bereitgestellten Daten stellen keine professionelle Pflanzenschutzberatung dar. Die Angaben basieren auf dem Pflanzenschutzmittelverzeichnis des BLW (psm.admin.ch), den Pflanzenschutzempfehlungen von Agroscope, den OELN-Richtlinien und dem Aktionsplan Pflanzenschutzmittel. Die tatsaechlichen Verhaeltnisse auf dem einzelnen Betrieb koennen erheblich abweichen. Vor jeder Anwendung von Pflanzenschutzmitteln (PSM) ist die aktuelle Zulassung im Pflanzenschutzmittelverzeichnis zu pruefen. Fuer die berufliche Anwendung ist eine Fachbewilligung PSM erforderlich.
+
+The data served by this tool does not constitute professional crop protection advice. Data is sourced from the BLW Pflanzenschutzmittelverzeichnis (psm.admin.ch), Agroscope pest management recommendations, OELN guidelines, and the Aktionsplan Pflanzenschutzmittel. Individual farm conditions vary. Before any pesticide application, verify the current authorisation in the BLW product register. Professional use requires a Fachbewilligung PSM.
+
+## Datenquellen / Data Sources
+
+- **BLW Pflanzenschutzmittelverzeichnis** -- Bundesamt fuer Landwirtschaft (zugelassene Produkte, Wirkstoffe, Auflagen, Wartefristen)
+- **Agroscope Pflanzenschutzempfehlungen** -- Schadschwellen, Ueberwachungsmethoden, Prognosesysteme (PhytoPRE, SOPRA, FusaProg)
+- **AGRIDEA OELN-Pflanzenschutz-Checklisten** -- Pflanzenschutzanforderungen fuer Feldbau, Rebbau, Obstbau
+- **Aktionsplan Pflanzenschutzmittel** -- 50%-Risikoreduktionsziele, IPM-Strategie, Pufferstreifenanforderungen
+
+Daten der Bundesverwaltung werden unter dem Grundsatz des oeffentlichen Informationszugangs verwendet.
+
+Data from Swiss federal authorities is used under public-sector information access principles.
+
+## Kantonale Unterschiede / Cantonal Variation
+
+Swiss pest management regulation includes federal OELN rules and cantonal implementation. This tool provides federal-level reference values. Users must verify cantonal requirements, particularly:
+
+- **Pufferstreifen** (buffer zones): may vary by canton and water body classification
+- **Pflanzenschutz in Schutzzonen**: cantonal restrictions in protected areas
+- **Meldepflichten**: cantonal reporting obligations for regulated organisms
+- **Fachbewilligung PSM**: cantonal issuing authorities
+
+Bei Unsicherheit die kantonale Pflanzenschutzfachstelle oder AGRIDEA kontaktieren.
+
+## Aktualitaet / Currency
+
+Pflanzenschutzmittelzulassungen aendern sich laufend. Schadschwellen werden jaehrlich aktualisiert. Dieses Tool zeigt den Datenstand zum Zeitpunkt der letzten Aktualisierung. Die Funktion `check_data_freshness` zeigt das Alter der Daten.
+
+Product authorisations change continuously. Damage thresholds are updated annually. This tool shows data as of the last ingestion run. Use `check_data_freshness` to see the data age.
+
+## Keine Gewaehrleistung / No Warranty
+
+This software is provided "as is" without warranty of any kind. See the Apache-2.0 license for details.

package/Dockerfile

@@ -0,0 +1,26 @@
+FROM node:20-slim AS builder
+RUN apt-get update && apt-get install -y python3 make g++ && rm -rf /var/lib/apt/lists/*
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci
+COPY tsconfig.json ./
+COPY src/ src/
+RUN npm run build
+
+FROM node:20-slim
+RUN apt-get update && apt-get install -y python3 make g++ && rm -rf /var/lib/apt/lists/*
+RUN addgroup --system --gid 1001 nodejs && \
+    adduser --system --uid 1001 nodejs
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci --omit=dev && npm cache clean --force && apt-get purge -y python3 make g++ && apt-get autoremove -y
+COPY --from=builder /app/dist dist/
+COPY data/ data/
+RUN chown -R nodejs:nodejs /app/data
+USER nodejs
+ENV NODE_ENV=production
+ENV PORT=3000
+EXPOSE 3000
+HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
+  CMD node -e "require('http').get('http://localhost:' + process.env.PORT + '/health', (r) => { process.exit(r.statusCode === 200 ? 0 : 1) })"
+CMD ["node", "dist/http-server.js"]

package/LICENSE

@@ -0,0 +1,17 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+   Copyright 2026 Ansvar Systems

package/PRIVACY.md

@@ -0,0 +1,23 @@
+# Privacy Statement
+
+## No Data Collection
+
+This MCP server:
+
+- Does **not** collect, store, or transmit any user data
+- Does **not** use cookies, analytics, or telemetry
+- Does **not** require user accounts or authentication
+- Does **not** log queries or usage patterns
+- Does **not** store any client-side state
+
+## Data Served
+
+All data returned by this server is sourced from publicly available Swiss federal publications (BLW, Agroscope, AGRIDEA) and the Aktionsplan Pflanzenschutzmittel. No personal data, proprietary data, or confidential information is included.
+
+## Self-Hosting
+
+This server can be self-hosted. When you run it locally via npm or Docker, all processing happens on your machine. No external network calls are made at query time -- all data is embedded in the SQLite database.
+
+## Contact
+
+For privacy questions: privacy@ansvar.eu

package/README.md

@@ -0,0 +1,98 @@
+# Switzerland Pest Management MCP
+
+MCP server for Swiss crop protection and pest management data. Covers pests (insects, diseases, weeds), approved plant protection products from the BLW Pflanzenschutzmittelverzeichnis, IPM (Integrierter Pflanzenschutz) guidance with OELN Schadschwellen, and prognosis systems (PhytoPRE, SOPRA, FusaProg, VitiMeteo).
+
+Built on data from the Bundesamt fuer Landwirtschaft (BLW), Agroscope, AGRIDEA, and the Aktionsplan Pflanzenschutzmittel.
+
+## Quick Start
+
+### npx (stdio)
+
+```bash
+npx -y @ansvar/ch-pest-management-mcp
+```
+
+### Docker (Streamable HTTP)
+
+```bash
+docker run -p 3000:3000 ghcr.io/ansvar-systems/ch-pest-management-mcp:latest
+```
+
+### Public endpoint (Streamable HTTP, no auth)
+
+```
+https://mcp.ansvar.eu/ch-pest-management/mcp
+```
+
+## Tools
+
+10 tools covering pest identification, treatment lookup, IPM guidance, approved products, and data provenance.
+
+| Tool | Description |
+|------|-------------|
+| `about` | Server metadata, version, coverage, data sources |
+| `list_sources` | All data sources with authority, URL, license, freshness |
+| `check_data_freshness` | Ingestion date, staleness status, refresh command |
+| `search_pests` | FTS5 search across pests, diseases, weeds (DE/EN) |
+| `get_pest_details` | Full pest profile: lifecycle, identification, treatments |
+| `get_treatments` | Chemical and non-chemical controls for a pest |
+| `get_ipm_guidance` | IPM guidance per crop: Schadschwellen, monitoring, OELN |
+| `search_crop_threats` | All pests/diseases/weeds threatening a crop |
+| `identify_from_symptoms` | Differential diagnosis from symptom descriptions |
+| `get_approved_products` | BLW-approved products: W-number, substances, Auflagen |
+
+Full parameter documentation: [TOOLS.md](TOOLS.md)
+
+## Coverage
+
+- **Jurisdiction:** Switzerland (CH)
+- **Pests:** 23 (9 insects, 8 diseases, 6 weeds)
+- **Treatments:** 30
+- **IPM guidance records:** 12
+- **Approved products:** 14
+- **Prognosis systems:** PhytoPRE, SOPRA, FusaProg, VitiMeteo
+- **Crop categories:** Feldbau, Rebbau, Obstbau, Gemuese
+- **Languages:** German (primary), English search supported
+
+Full coverage breakdown: [COVERAGE.md](COVERAGE.md)
+
+## Data Sources
+
+| Source | Authority | URL |
+|--------|-----------|-----|
+| Pflanzenschutzmittelverzeichnis | BLW | https://www.psm.admin.ch/de/produkte |
+| Pflanzenschutzempfehlungen | Agroscope | https://www.agroscope.admin.ch |
+| OELN-Pflanzenschutz-Checklisten | AGRIDEA | https://www.agridea.ch |
+| Aktionsplan Pflanzenschutzmittel | Bundesrat / BLW | https://www.blw.admin.ch |
+
+## Development
+
+```bash
+npm install
+npm run build
+npm test
+npm run lint
+```
+
+### Re-ingest data
+
+```bash
+npm run ingest          # incremental
+npm run ingest:full     # full rebuild
+npm run freshness:check # check staleness
+```
+
+## License
+
+Apache-2.0. See [LICENSE](LICENSE).
+
+Data sourced from Swiss federal authorities under public-sector information principles.
+
+## Links
+
+- [Ansvar MCP Network](https://ansvar.ai/mcp)
+- [TOOLS.md](TOOLS.md) -- full tool documentation
+- [COVERAGE.md](COVERAGE.md) -- dataset coverage
+- [DISCLAIMER.md](DISCLAIMER.md) -- legal disclaimer (DE/EN)
+- [SECURITY.md](SECURITY.md) -- vulnerability reporting
+- [PRIVACY.md](PRIVACY.md) -- privacy statement

package/SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please report it responsibly:
+
+1. **Do NOT open a public issue**
+2. Email security@ansvar.eu with:
+   - Description of the vulnerability
+   - Steps to reproduce
+   - Potential impact
+3. We will acknowledge within 48 hours and provide a timeline for fix
+
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| Latest  | Yes       |
+
+## Security Measures
+
+- All dependencies scanned via CodeQL, Gitleaks, and GitHub Advanced Security
+- No secrets stored in code -- all data is public domain
+- SQLite database is read-only at runtime
+- Container runs as non-root user (nodejs:1001) with health checks
+- No external network calls at query time -- all data embedded in SQLite