@blink-authority-com/claude-code-plugin 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 BLINK Authority
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,146 @@
+# @blink-authority-com/claude-code-plugin
+
+BLINK Authority's Claude Code Plugin -- AI-native development tools for ephemeral cryptographic signing. This MCP (Model Context Protocol) server gives Claude direct access to BLINK documentation, code scaffolding, signing envelope tools, and optional live BSEC integration for real-time VRF composite signing and verification.
+
+## Installation
+
+### Claude Code (CLI)
+
+```bash
+claude mcp add blink -- npx @blink-authority-com/claude-code-plugin
+```
+
+Or add to your project's `.mcp.json`:
+
+```json
+{
+  "mcpServers": {
+    "blink": {
+      "command": "npx",
+      "args": ["@blink-authority-com/claude-code-plugin"]
+    }
+  }
+}
+```
+
+### Claude Desktop
+
+Add to your Claude Desktop configuration file:
+
+```json
+{
+  "mcpServers": {
+    "blink": {
+      "command": "npx",
+      "args": ["@blink-authority-com/claude-code-plugin"]
+    }
+  }
+}
+```
+
+## Available Tools
+
+| Tool | Description | Example Usage |
+|------|-------------|---------------|
+| `search_blink_docs` | Search BLINK documentation | "How do I verify a VRF signature?" |
+| `get_api_endpoint` | Get API endpoint specs | "Show me the signing endpoint" |
+| `get_cli_command` | Get CLI command help | "How do I use blink sign?" |
+| `get_sdk_guide` | Get SDK integration guide | "TypeScript signing guide" |
+| `get_concept` | Explain a BLINK concept | "What is VRF key derivation?" |
+| `list_available_docs` | List all doc sections | "What docs are available?" |
+| `blink_scaffold` | Generate a BLINK project | "Create an express-api project" |
+| `blink_add_signing` | Add signing to existing code | "Add BLINK signing to this handler" |
+| `blink_decode_envelope` | Decode a signature envelope | "Decode this base64 envelope" |
+| `blink_generate_test_vectors` | Generate mock test vectors | "Generate 5 Ed25519 test vectors" |
+| `blink_verify_local` | Offline format verification | "Verify this envelope format" |
+| `blink_lint` | Lint for BLINK best practices | "Check this code for BLINK issues" |
+| `blink_hierarchy_design` | Design a key hierarchy | "Design keys for my org" |
+| `blink_sign_test` | Live BSEC signing (connected) | "Sign this payload with BSEC" |
+| `blink_verify_test` | Live BSEC verification (connected) | "Verify this envelope with BSEC" |
+
+## Resources and Prompts
+
+**Resources** (available via MCP resource protocol):
+- `blink://patterns` -- Common BLINK integration patterns
+- `blink://errors` -- Error codes with causes and fixes
+- `blink://changelog` -- Recent BLINK SDK/CLI/BSEC changes
+
+**Prompts** (available via MCP prompt protocol):
+- `blink-review` -- Review code for BLINK integration best practices
+- `blink-integrate` -- Guide BLINK integration into an existing project
+- `blink-debug` -- Debug signing or verification issues
+
+## Connected Mode
+
+Connected mode enables live signing and verification through a BSEC instance. This is optional -- all other tools work offline.
+
+```bash
+claude mcp add blink -- npx @blink-authority-com/claude-code-plugin \
+  --bsec-url https://your-bsec:8443 \
+  --bsec-token YOUR_SESSION_TOKEN
+```
+
+Or in `.mcp.json`:
+
+```json
+{
+  "mcpServers": {
+    "blink": {
+      "command": "npx",
+      "args": [
+        "@blink-authority-com/claude-code-plugin",
+        "--bsec-url", "https://your-bsec:8443",
+        "--bsec-token", "your-session-token"
+      ]
+    }
+  }
+}
+```
+
+When connected mode is enabled:
+- `blink_sign_test` sends payloads to BSEC for VRF composite signing
+- `blink_verify_test` performs server-side cryptographic verification
+- All connected tool responses include a warning that data is sent externally
+- Credentials are never logged or included in error messages
+
+For self-signed BSEC certificates, set `NODE_TLS_REJECT_UNAUTHORIZED=0` in your environment.
+
+## Examples
+
+### 1. Scaffold a New Project
+
+> "Create a BLINK notary service called my-notary in TypeScript"
+
+Claude will use `blink_scaffold` to generate a complete project with BSEC integration, signing middleware, and health checks.
+
+### 2. Debug a Verification Failure
+
+> "I'm getting a VRF proof chain error. Here's my code: ..."
+
+Claude will use `blink_lint` to check for common mistakes, `get_concept` to explain VRF verification, and `blink-debug` prompt for structured troubleshooting.
+
+### 3. Review Integration Code
+
+> "Review this signing handler for BLINK best practices"
+
+Claude will use `blink_lint` and the `blink-review` prompt to analyze your code for error handling, key lifecycle issues, and security patterns.
+
+## Configuration Options
+
+| Option | Description | Default |
+|--------|-------------|---------|
+| `--bsec-url` | BSEC instance URL for connected mode | _(none -- offline mode)_ |
+| `--bsec-token` | BSEC session token for authentication | _(none -- offline mode)_ |
+| `--cache-ttl` | Documentation cache TTL in seconds | `3600` |
+| `--docs-url` | Custom BLINK documentation URL | `https://docs.blink-authority.com` |
+
+## License
+
+MIT -- see [LICENSE](./LICENSE) for details.
+
+## Links
+
+- [BLINK Authority](https://blink-authority.com)
+- [npm package](https://www.npmjs.com/package/@blink-authority-com/claude-code-plugin)
+- [Documentation](https://docs.blink-authority.com)
+- [BLINK GitHub](https://github.com/blink-authority)

package/dist/bsec-client.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Plugin BSEC Client — minimal HTTP client for connected mode.
+ *
+ * Uses Node.js built-in fetch to communicate with a BSEC instance.
+ * Credentials are NEVER logged, serialised, or included in error messages.
+ *
+ * @module bsec-client
+ */
+export interface SignResult {
+    signature: string;
+    ephemeral_public_key: string;
+    vrf_proof: string;
+    p_derive: string;
+    domain_input: string;
+    algo_suite_id: number;
+}
+export interface VerifyResult {
+    valid: boolean;
+    details: Record<string, unknown>;
+}
+export declare class BsecClientError extends Error {
+    readonly status: number;
+    constructor(status: number, context: string);
+}
+export declare class PluginBsecClient {
+    private readonly baseUrl;
+    private readonly token;
+    constructor(url: string, token: string);
+    health(): Promise<boolean>;
+    vrfCompositeSign(payload: Buffer, domainInput: string, algoSuiteId?: number): Promise<SignResult>;
+    verify(envelope: string, pDerive: string): Promise<VerifyResult>;
+    private request;
+}
+export declare function createPluginBsecClient(url: string, token: string): PluginBsecClient;
+//# sourceMappingURL=bsec-client.d.ts.map

package/dist/bsec-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bsec-client.d.ts","sourceRoot":"","sources":["../src/bsec-client.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,qBAAa,eAAgB,SAAQ,KAAK;IACxC,SAAgB,MAAM,EAAE,MAAM,CAAC;gBAEnB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAM5C;AAOD,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAS;gBAEnB,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM;IAShC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC;IAY1B,gBAAgB,CACpB,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,MAAM,EACnB,WAAW,GAAE,MAAU,GACtB,OAAO,CAAC,UAAU,CAAC;IA6BhB,MAAM,CACV,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,YAAY,CAAC;YA2BV,OAAO;CAyBtB;AAKD,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,gBAAgB,CASnF"}

package/dist/bsec-client.js

@@ -0,0 +1,122 @@
+/**
+ * Plugin BSEC Client — minimal HTTP client for connected mode.
+ *
+ * Uses Node.js built-in fetch to communicate with a BSEC instance.
+ * Credentials are NEVER logged, serialised, or included in error messages.
+ *
+ * @module bsec-client
+ */
+export class BsecClientError extends Error {
+    status;
+    constructor(status, context) {
+        // NEVER include raw BSEC error body in the message
+        super(`BSEC ${context} failed with status ${status}`);
+        this.name = 'BsecClientError';
+        this.status = status;
+    }
+}
+// ---------------------------------------------------------------------------
+// Client
+// ---------------------------------------------------------------------------
+const TIMEOUT_MS = 30_000;
+export class PluginBsecClient {
+    baseUrl;
+    token;
+    constructor(url, token) {
+        this.baseUrl = url.replace(/\/$/, '');
+        this.token = token;
+        // token is NEVER logged, NEVER in toString/inspect, NEVER in errors
+    }
+    // -------------------------------------------------------------------------
+    // Health check
+    // -------------------------------------------------------------------------
+    async health() {
+        try {
+            const response = await this.request('GET', '/v1/health');
+            return response.ok;
+        }
+        catch {
+            return false;
+        }
+    }
+    // -------------------------------------------------------------------------
+    // VRF composite sign
+    // -------------------------------------------------------------------------
+    async vrfCompositeSign(payload, domainInput, algoSuiteId = 1) {
+        const payloadBase64 = payload.toString('base64');
+        const domainInputBase64 = Buffer.from(domainInput, 'utf-8').toString('base64');
+        const response = await this.request('POST', '/v1/sign/vrf-composite', {
+            payload: payloadBase64,
+            domain_input: domainInputBase64,
+            algo_suite_id: algoSuiteId,
+        });
+        if (!response.ok) {
+            throw new BsecClientError(response.status, 'vrfCompositeSign');
+        }
+        const data = (await response.json());
+        return {
+            signature: data['signature'],
+            ephemeral_public_key: data['ephemeral_public_key'],
+            vrf_proof: data['vrf_proof'],
+            p_derive: data['vrf_public_key'],
+            domain_input: domainInput,
+            algo_suite_id: data['algo_suite_id'],
+        };
+    }
+    // -------------------------------------------------------------------------
+    // Verify (if endpoint available)
+    // -------------------------------------------------------------------------
+    async verify(envelope, pDerive) {
+        const response = await this.request('POST', '/v1/verify', {
+            envelope,
+            p_derive: pDerive,
+        });
+        if (!response.ok) {
+            // Verify endpoint may not exist on all BSEC versions
+            if (response.status === 404) {
+                return {
+                    valid: false,
+                    details: { error: 'BSEC verify endpoint not available on this instance' },
+                };
+            }
+            throw new BsecClientError(response.status, 'verify');
+        }
+        const data = (await response.json());
+        return {
+            valid: data['valid'],
+            details: data,
+        };
+    }
+    // -------------------------------------------------------------------------
+    // Internal fetch wrapper
+    // -------------------------------------------------------------------------
+    async request(method, path, body) {
+        const url = `${this.baseUrl}${path}`;
+        const headers = {
+            'Accept': 'application/vnd.blink.v2+json',
+            'x-blink-session': this.token,
+        };
+        const init = {
+            method,
+            headers,
+            signal: AbortSignal.timeout(TIMEOUT_MS),
+        };
+        if (body) {
+            headers['Content-Type'] = 'application/json';
+            init.body = JSON.stringify(body);
+        }
+        return fetch(url, init);
+    }
+}
+// ---------------------------------------------------------------------------
+// Factory
+// ---------------------------------------------------------------------------
+export function createPluginBsecClient(url, token) {
+    // Warn about self-signed certs
+    if (url.startsWith('https://') && !process.env['NODE_TLS_REJECT_UNAUTHORIZED']) {
+        process.stderr.write('[blink-plugin] Warning: connecting to BSEC over HTTPS. ' +
+            'Set NODE_TLS_REJECT_UNAUTHORIZED=0 for self-signed certificates.\n');
+    }
+    return new PluginBsecClient(url, token);
+}
+//# sourceMappingURL=bsec-client.js.map

package/dist/bsec-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bsec-client.js","sourceRoot":"","sources":["../src/bsec-client.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAmBH,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACxB,MAAM,CAAS;IAE/B,YAAY,MAAc,EAAE,OAAe;QACzC,mDAAmD;QACnD,KAAK,CAAC,QAAQ,OAAO,uBAAuB,MAAM,EAAE,CAAC,CAAC;QACtD,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAED,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAC9E,MAAM,UAAU,GAAG,MAAM,CAAC;AAE1B,MAAM,OAAO,gBAAgB;IACV,OAAO,CAAS;IAChB,KAAK,CAAS;IAE/B,YAAY,GAAW,EAAE,KAAa;QACpC,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,oEAAoE;IACtE,CAAC;IAED,4EAA4E;IAC5E,eAAe;IACf,4EAA4E;IAC5E,KAAK,CAAC,MAAM;QACV,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;YACzD,OAAO,QAAQ,CAAC,EAAE,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,qBAAqB;IACrB,4EAA4E;IAC5E,KAAK,CAAC,gBAAgB,CACpB,OAAe,EACf,WAAmB,EACnB,cAAsB,CAAC;QAEvB,MAAM,aAAa,GAAG,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACjD,MAAM,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAE/E,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,wBAAwB,EAAE;YACpE,OAAO,EAAE,aAAa;YACtB,YAAY,EAAE,iBAAiB;YAC/B,aAAa,EAAE,WAAW;SAC3B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,eAAe,CAAC,QAAQ,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAEhE,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,WAAW,CAAW;YACtC,oBAAoB,EAAE,IAAI,CAAC,sBAAsB,CAAW;YAC5D,SAAS,EAAE,IAAI,CAAC,WAAW,CAAW;YACtC,QAAQ,EAAE,IAAI,CAAC,gBAAgB,CAAW;YAC1C,YAAY,EAAE,WAAW;YACzB,aAAa,EAAE,IAAI,CAAC,eAAe,CAAW;SAC/C,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,iCAAiC;IACjC,4EAA4E;IAC5E,KAAK,CAAC,MAAM,CACV,QAAgB,EAChB,OAAe;QAEf,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,YAAY,EAAE;YACxD,QAAQ;YACR,QAAQ,EAAE,OAAO;SAClB,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,qDAAqD;YACrD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,EAAE,KAAK,EAAE,qDAAqD,EAAE;iBAC1E,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,eAAe,CAAC,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QACvD,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAChE,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,OAAO,CAAY;YAC/B,OAAO,EAAE,IAA+B;SACzC,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,yBAAyB;IACzB,4EAA4E;IACpE,KAAK,CAAC,OAAO,CACnB,MAAc,EACd,IAAY,EACZ,IAA8B;QAE9B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QAErC,MAAM,OAAO,GAA2B;YACtC,QAAQ,EAAE,+BAA+B;YACzC,iBAAiB,EAAE,IAAI,CAAC,KAAK;SAC9B,CAAC;QAEF,MAAM,IAAI,GAA0C;YAClD,MAAM;YACN,OAAO;YACP,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC;SACxC,CAAC;QAEF,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;YAC7C,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACnC,CAAC;QAED,OAAO,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IAC1B,CAAC;CACF;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAC9E,MAAM,UAAU,sBAAsB,CAAC,GAAW,EAAE,KAAa;IAC/D,+BAA+B;IAC/B,IAAI,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,EAAE,CAAC;QAC/E,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,yDAAyD;YACzD,oEAAoE,CACrE,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;AAC1C,CAAC"}

package/dist/docs/cache.d.ts

@@ -0,0 +1,19 @@
+/**
+ * BLINK Authority MCP Server — File-based Cache Manager
+ */
+import type { CacheManifest } from './types.js';
+export declare class CacheManager {
+    private cacheDir;
+    private manifestPath;
+    constructor(cacheDir?: string);
+    private ensureDir;
+    private keyToPath;
+    get(key: string): string | null;
+    set(key: string, content: string): void;
+    isStale(key: string, ttlMs: number): boolean;
+    getManifest(): CacheManifest;
+    private updateManifest;
+    getAllCachedKeys(): string[];
+    getAllCachedContent(): Map<string, string>;
+}
+//# sourceMappingURL=cache.d.ts.map

package/dist/docs/cache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.d.ts","sourceRoot":"","sources":["../../src/docs/cache.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAKhD,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,YAAY,CAAS;gBAEjB,QAAQ,CAAC,EAAE,MAAM;IAM7B,OAAO,CAAC,SAAS;IAIjB,OAAO,CAAC,SAAS;IAMjB,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAU/B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI;IAOvC,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO;IAY5C,WAAW,IAAI,aAAa;IAW5B,OAAO,CAAC,cAAc;IAYtB,gBAAgB,IAAI,MAAM,EAAE;IAK5B,mBAAmB,IAAI,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC;CAU3C"}

package/dist/docs/cache.js

@@ -0,0 +1,92 @@
+/**
+ * BLINK Authority MCP Server — File-based Cache Manager
+ */
+import { mkdirSync, readFileSync, writeFileSync, existsSync, statSync } from 'node:fs';
+import { join, dirname } from 'node:path';
+import { homedir } from 'node:os';
+const CACHE_DIR = join(homedir(), '.blink-mcp', 'cache');
+const MANIFEST_PATH = join(CACHE_DIR, 'manifest.json');
+export class CacheManager {
+    cacheDir;
+    manifestPath;
+    constructor(cacheDir) {
+        this.cacheDir = cacheDir ?? CACHE_DIR;
+        this.manifestPath = cacheDir ? join(cacheDir, 'manifest.json') : MANIFEST_PATH;
+        this.ensureDir(this.cacheDir);
+    }
+    ensureDir(dir) {
+        mkdirSync(dir, { recursive: true });
+    }
+    keyToPath(key) {
+        // key like "api/signing" -> ~/.blink-mcp/cache/api/signing.md
+        const safePath = key.replace(/[^a-zA-Z0-9/_-]/g, '_');
+        return join(this.cacheDir, `${safePath}.md`);
+    }
+    get(key) {
+        const filePath = this.keyToPath(key);
+        if (!existsSync(filePath))
+            return null;
+        try {
+            return readFileSync(filePath, 'utf-8');
+        }
+        catch {
+            return null;
+        }
+    }
+    set(key, content) {
+        const filePath = this.keyToPath(key);
+        this.ensureDir(dirname(filePath));
+        writeFileSync(filePath, content, 'utf-8');
+        this.updateManifest(key);
+    }
+    isStale(key, ttlMs) {
+        const filePath = this.keyToPath(key);
+        if (!existsSync(filePath))
+            return true;
+        try {
+            const stat = statSync(filePath);
+            const age = Date.now() - stat.mtimeMs;
+            return age > ttlMs;
+        }
+        catch {
+            return true;
+        }
+    }
+    getManifest() {
+        if (!existsSync(this.manifestPath)) {
+            return { lastFetchedAt: '', docCount: 0, documents: {} };
+        }
+        try {
+            return JSON.parse(readFileSync(this.manifestPath, 'utf-8'));
+        }
+        catch {
+            return { lastFetchedAt: '', docCount: 0, documents: {} };
+        }
+    }
+    updateManifest(key) {
+        const manifest = this.getManifest();
+        manifest.lastFetchedAt = new Date().toISOString();
+        manifest.documents[key] = {
+            sourceUrl: key,
+            fetchedAt: new Date().toISOString(),
+            path: key,
+        };
+        manifest.docCount = Object.keys(manifest.documents).length;
+        writeFileSync(this.manifestPath, JSON.stringify(manifest, null, 2), 'utf-8');
+    }
+    getAllCachedKeys() {
+        const manifest = this.getManifest();
+        return Object.keys(manifest.documents);
+    }
+    getAllCachedContent() {
+        const result = new Map();
+        for (const key of this.getAllCachedKeys()) {
+            const content = this.get(key);
+            if (content) {
+                result.set(key, content);
+            }
+        }
+        return result;
+    }
+}
+//# sourceMappingURL=cache.js.map

package/dist/docs/cache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/docs/cache.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACvF,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGlC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;AACzD,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;AAEvD,MAAM,OAAO,YAAY;IACf,QAAQ,CAAS;IACjB,YAAY,CAAS;IAE7B,YAAY,QAAiB;QAC3B,IAAI,CAAC,QAAQ,GAAG,QAAQ,IAAI,SAAS,CAAC;QACtC,IAAI,CAAC,YAAY,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC;QAC/E,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAEO,SAAS,CAAC,GAAW;QAC3B,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,CAAC;IAEO,SAAS,CAAC,GAAW;QAC3B,8DAA8D;QAC9D,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,QAAQ,KAAK,CAAC,CAAC;IAC/C,CAAC;IAED,GAAG,CAAC,GAAW;QACb,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;QACvC,IAAI,CAAC;YACH,OAAO,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACzC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,GAAG,CAAC,GAAW,EAAE,OAAe;QAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClC,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAC1C,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAED,OAAO,CAAC,GAAW,EAAE,KAAa;QAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;QACvC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAChC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC;YACtC,OAAO,GAAG,GAAG,KAAK,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,WAAW;QACT,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;YACnC,OAAO,EAAE,aAAa,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;QAC3D,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;QAC9D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,aAAa,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;QAC3D,CAAC;IACH,CAAC;IAEO,cAAc,CAAC,GAAW;QAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,QAAQ,CAAC,aAAa,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAClD,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG;YACxB,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,IAAI,EAAE,GAAG;SACV,CAAC;QACF,QAAQ,CAAC,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC;QAC3D,aAAa,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IAC/E,CAAC;IAED,gBAAgB;QACd,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAED,mBAAmB;QACjB,MAAM,MAAM,GAAG,IAAI,GAAG,EAAkB,CAAC;QACzC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC;YAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAC9B,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}

package/dist/docs/fetcher.d.ts

@@ -0,0 +1,19 @@
+/**
+ * BLINK Authority MCP Server — HTTP Content Fetcher
+ */
+export declare function fetchDoc(url: string): Promise<string>;
+/**
+ * Parse llms.txt to discover all document URLs.
+ * Expected format: lines containing markdown links like [Title](url)
+ * or plain URLs ending in .md
+ */
+export declare function parseLlmsTxt(content: string, baseUrl: string): Array<{
+    title: string;
+    url: string;
+    path: string;
+}>;
+/**
+ * Fetch all docs listed in llms.txt, with concurrency limiting.
+ */
+export declare function fetchAllDocs(baseUrl: string): Promise<Map<string, string>>;
+//# sourceMappingURL=fetcher.d.ts.map

package/dist/docs/fetcher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetcher.d.ts","sourceRoot":"","sources":["../../src/docs/fetcher.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,wBAAsB,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAgB3D;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,KAAK,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,CAuBlH;AAED;;GAEG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CA6BhF"}

package/dist/docs/fetcher.js

@@ -0,0 +1,81 @@
+/**
+ * BLINK Authority MCP Server — HTTP Content Fetcher
+ */
+const REQUEST_TIMEOUT_MS = 10_000;
+const CONCURRENT_LIMIT = 5;
+export async function fetchDoc(url) {
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+    try {
+        const response = await fetch(url, {
+            signal: controller.signal,
+            headers: { 'User-Agent': 'blink-docs-mcp/1.0' },
+        });
+        if (!response.ok) {
+            throw new Error(`HTTP ${response.status} fetching ${url}`);
+        }
+        return await response.text();
+    }
+    finally {
+        clearTimeout(timer);
+    }
+}
+/**
+ * Parse llms.txt to discover all document URLs.
+ * Expected format: lines containing markdown links like [Title](url)
+ * or plain URLs ending in .md
+ */
+export function parseLlmsTxt(content, baseUrl) {
+    const docs = [];
+    const lines = content.split('\n');
+    for (const line of lines) {
+        // Match markdown links: [Title](path)
+        const mdMatch = line.match(/\[([^\]]+)\]\(([^)]+)\)/);
+        if (mdMatch) {
+            const title = mdMatch[1];
+            let url = mdMatch[2];
+            // Make relative URLs absolute
+            if (url.startsWith('/')) {
+                url = `${baseUrl}${url}`;
+            }
+            else if (!url.startsWith('http')) {
+                url = `${baseUrl}/${url}`;
+            }
+            // Derive a cache path from the URL
+            const path = url.replace(baseUrl, '').replace(/^\//, '').replace(/\.md$/, '');
+            docs.push({ title, url, path });
+        }
+    }
+    return docs;
+}
+/**
+ * Fetch all docs listed in llms.txt, with concurrency limiting.
+ */
+export async function fetchAllDocs(baseUrl) {
+    const llmsTxtUrl = `${baseUrl}/llms.txt`;
+    const llmsTxt = await fetchDoc(llmsTxtUrl);
+    const docEntries = parseLlmsTxt(llmsTxt, baseUrl);
+    const results = new Map();
+    // Process in batches of CONCURRENT_LIMIT
+    for (let i = 0; i < docEntries.length; i += CONCURRENT_LIMIT) {
+        const batch = docEntries.slice(i, i + CONCURRENT_LIMIT);
+        const promises = batch.map(async (entry) => {
+            try {
+                const content = await fetchDoc(entry.url);
+                return { path: entry.path, content };
+            }
+            catch (err) {
+                process.stderr.write(`[blink-mcp] Warning: failed to fetch ${entry.url}: ${err}\n`);
+                return null;
+            }
+        });
+        const batchResults = await Promise.all(promises);
+        for (const result of batchResults) {
+            if (result) {
+                results.set(result.path, result.content);
+            }
+        }
+    }
+    return results;
+}
+//# sourceMappingURL=fetcher.js.map

package/dist/docs/fetcher.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetcher.js","sourceRoot":"","sources":["../../src/docs/fetcher.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAClC,MAAM,gBAAgB,GAAG,CAAC,CAAC;AAE3B,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,GAAW;IACxC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,kBAAkB,CAAC,CAAC;IAEvE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,OAAO,EAAE,EAAE,YAAY,EAAE,oBAAoB,EAAE;SAChD,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,QAAQ,QAAQ,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC,CAAC;QAC7D,CAAC;QACD,OAAO,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC/B,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAAC,OAAe,EAAE,OAAe;IAC3D,MAAM,IAAI,GAAwD,EAAE,CAAC;IACrE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,sCAAsC;QACtC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACtD,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACzB,IAAI,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACrB,8BAA8B;YAC9B,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxB,GAAG,GAAG,GAAG,OAAO,GAAG,GAAG,EAAE,CAAC;YAC3B,CAAC;iBAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACnC,GAAG,GAAG,GAAG,OAAO,IAAI,GAAG,EAAE,CAAC;YAC5B,CAAC;YACD,mCAAmC;YACnC,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YAC9E,IAAI,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAe;IAChD,MAAM,UAAU,GAAG,GAAG,OAAO,WAAW,CAAC;IACzC,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,UAAU,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAElD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE1C,yCAAyC;IACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,IAAI,gBAAgB,EAAE,CAAC;QAC7D,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,gBAAgB,CAAC,CAAC;QACxD,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACzC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC1C,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;YACvC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wCAAwC,KAAK,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC,CAAC;gBACpF,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACjD,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE,CAAC;YAClC,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/docs/parser.d.ts

@@ -0,0 +1,33 @@
+/**
+ * BLINK Authority MCP Server — Markdown Parser
+ */
+import type { DocSection } from './types.js';
+/**
+ * Parse a markdown document into structured sections split by headings.
+ */
+export declare function parseDocument(markdown: string, path: string): DocSection[];
+/**
+ * Extract structured API endpoint info from a parsed doc section.
+ */
+export declare function extractApiInfo(sections: DocSection[]): {
+    method: string;
+    apiPath: string;
+    description: string;
+    requestFormat: string;
+    responseFormat: string;
+    codeExample: string;
+};
+/**
+ * Extract CLI command info from parsed doc sections.
+ */
+export declare function extractCliInfo(sections: DocSection[]): {
+    description: string;
+    usage: string;
+    flags: Array<{
+        flag: string;
+        description: string;
+        required: boolean;
+    }>;
+    examples: string[];
+};
+//# sourceMappingURL=parser.d.ts.map

package/dist/docs/parser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parser.d.ts","sourceRoot":"","sources":["../../src/docs/parser.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,UAAU,EAAE,CA0E1E;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,QAAQ,EAAE,UAAU,EAAE,GAAG;IACtD,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;CACrB,CA+BA;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,QAAQ,EAAE,UAAU,EAAE,GAAG;IACtD,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,OAAO,CAAA;KAAE,CAAC,CAAC;IACvE,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB,CA+BA"}