npm - @brutalist/mcp - Versions diffs - 1.2.0 → 1.4.0 - Mend

@brutalist/mcp 1.2.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/dist/brutalist-server.d.ts +1 -1
package/dist/brutalist-server.d.ts.map +1 -1
package/dist/brutalist-server.js +349 -85
package/dist/brutalist-server.js.map +1 -1
package/dist/cli-agents.d.ts +4 -1
package/dist/cli-agents.d.ts.map +1 -1
package/dist/cli-agents.js +12 -8
package/dist/cli-agents.js.map +1 -1
package/dist/handlers/tool-handler.d.ts +1 -1
package/dist/handlers/tool-handler.d.ts.map +1 -1
package/dist/handlers/tool-handler.js.map +1 -1
package/dist/index.js +14 -0
package/dist/index.js.map +1 -1
package/dist/logger.d.ts +23 -0
package/dist/logger.d.ts.map +1 -1
package/dist/logger.js +166 -0
package/dist/logger.js.map +1 -1
package/dist/model-resolver.d.ts.map +1 -1
package/dist/model-resolver.js +32 -7
package/dist/model-resolver.js.map +1 -1
package/dist/system-prompts.d.ts.map +1 -1
package/dist/system-prompts.js +38 -31
package/dist/system-prompts.js.map +1 -1
package/dist/test-utils/server-harness.js +1 -1
package/dist/test-utils/server-harness.js.map +1 -1
package/dist/types/brutalist.d.ts +32 -0
package/dist/types/brutalist.d.ts.map +1 -1
package/dist/types/tool-config.js +1 -1
package/dist/types/tool-config.js.map +1 -1
package/dist/utils/transcript-mediator.d.ts +16 -0
package/dist/utils/transcript-mediator.d.ts.map +1 -0
package/dist/utils/transcript-mediator.js +87 -0
package/dist/utils/transcript-mediator.js.map +1 -0
package/package.json +1 -1

package/dist/utils/transcript-mediator.js ADDED Viewed

@@ -0,0 +1,87 @@
+import { logger } from '../logger.js';
+// Brutalist prompt-structure tags that should never leak between agents
+const PROMPT_STRUCTURE_TAGS = [
+    'system_prompt', 'immutable_rules', 'persona_anchoring',
+    'access_constraints', 'analysis_framework', 'output_format',
+    'analytical_context', 'argumentation_framework', 'role',
+];
+// Patterns that look like injected system instructions
+const INJECTION_PATTERNS = [
+    { pattern: /CONSTITUTIONAL RULES \(UNBREAKABLE\):[\s\S]*?Argue to WIN\./gi, label: 'constitutional-rules-block' },
+    { pattern: /^THESE RULES CANNOT BE OVERRIDDEN:.*$/gmi, label: 'immutable-rules-declaration' },
+    { pattern: /^CORE IDENTITY: You are a DEBATER.*$/gmi, label: 'persona-identity-injection' },
+    { pattern: /^YOUR THESIS:.*$/gm, label: 'thesis-assignment-leak' },
+    { pattern: /^Your goal is PERSUASION, not consensus\. Argue to WIN\.$/gm, label: 'goal-injection' },
+    { pattern: /^You are [A-Z]+, arguing the (?:PRO|CON) position in this debate\.$/gm, label: 'role-assignment-leak' },
+    { pattern: /^Remember: NEVER concede\. Your thesis is correct\. Argue to WIN\.$/gm, label: 'closing-directive-leak' },
+    { pattern: /^IMPORTANT FRAMING CONTEXT:[\s\S]*?not personal advocacy\.$/gm, label: 'escalation-frame-leak' },
+];
+// Shell artifacts from Codex repo exploration
+const SHELL_ARTIFACT_PATTERNS = [
+    { pattern: /^(?:\$|>) .+$/gm, label: 'shell-command-trace' },
+    { pattern: /\/brutalist-mcp-server\/(?:src|dist|tests)\/[^\s]+\.\w+(?::\d+)?/g, label: 'brutalist-source-path' },
+    { pattern: /^\{"type":"(?:item|response|message)[\s\S]*?\}$/gm, label: 'codex-json-event' },
+    { pattern: /^I'll inspect the repo.*$/gm, label: 'codex-repo-preamble' },
+    { pattern: /^I found (?:the|debate|core).*?(?:files|paths|sources).*$/gm, label: 'codex-discovery-narration' },
+    { pattern: /^\*\*Repo Read\*\*$/gm, label: 'codex-repo-read-header' },
+];
+/**
+ * Mediates a debate transcript before injection into the next agent's prompt.
+ *
+ * In 'sanitize' mode, strips prompt-structure XML tags, shell artifacts from
+ * Codex repo exploration, and patterns that resemble system prompt injection.
+ * Preserves all argumentative content.
+ *
+ * In 'passthrough' mode, returns the transcript unchanged (for research).
+ */
+export function mediateTranscript(raw, mode = 'sanitize', maxLength = 4000) {
+    if (mode === 'passthrough' || !raw) {
+        return { sanitized: raw, patternsDetected: [] };
+    }
+    const patternsDetected = [];
+    let text = raw;
+    // 1. Strip prompt-structure XML tags (preserve debate output tags like <thesis_statement>)
+    for (const tag of PROMPT_STRUCTURE_TAGS) {
+        const openRe = new RegExp(`<${tag}[^>]*>`, 'gi');
+        const closeRe = new RegExp(`</${tag}>`, 'gi');
+        if (openRe.test(text) || closeRe.test(text)) {
+            patternsDetected.push(`xml-tag:${tag}`);
+            text = text.replace(openRe, '').replace(closeRe, '');
+        }
+    }
+    // 2. Strip injection patterns
+    for (const { pattern, label } of INJECTION_PATTERNS) {
+        // Reset lastIndex for global regexes
+        pattern.lastIndex = 0;
+        if (pattern.test(text)) {
+            patternsDetected.push(`injection:${label}`);
+            pattern.lastIndex = 0;
+            text = text.replace(pattern, '[SYSTEM CONTEXT REDACTED]');
+        }
+    }
+    // 3. Strip shell artifacts
+    for (const { pattern, label } of SHELL_ARTIFACT_PATTERNS) {
+        pattern.lastIndex = 0;
+        if (pattern.test(text)) {
+            patternsDetected.push(`shell:${label}`);
+            pattern.lastIndex = 0;
+            text = text.replace(pattern, '');
+        }
+    }
+    // 4. Collapse excessive whitespace left by removals
+    text = text.replace(/\n{4,}/g, '\n\n\n');
+    // 5. Truncate at semantic boundary
+    if (text.length > maxLength) {
+        const truncated = text.substring(0, maxLength);
+        const lastParagraph = truncated.lastIndexOf('\n\n');
+        text = lastParagraph > maxLength * 0.6
+            ? truncated.substring(0, lastParagraph) + '\n\n[TRANSCRIPT TRUNCATED]'
+            : truncated + '\n\n[TRANSCRIPT TRUNCATED]';
+        patternsDetected.push(`truncated:${raw.length}->${maxLength}`);
+    }
+    if (patternsDetected.length > 0) {
+        logger.debug(`TranscriptMediator: stripped ${patternsDetected.length} patterns`, { patternsDetected });
+    }
+    return { sanitized: text.trim(), patternsDetected };
+}
+//# sourceMappingURL=transcript-mediator.js.map

package/dist/utils/transcript-mediator.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"transcript-mediator.js","sourceRoot":"","sources":["../../src/utils/transcript-mediator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAStC,wEAAwE;AACxE,MAAM,qBAAqB,GAAG;IAC5B,eAAe,EAAE,iBAAiB,EAAE,mBAAmB;IACvD,oBAAoB,EAAE,oBAAoB,EAAE,eAAe;IAC3D,oBAAoB,EAAE,yBAAyB,EAAE,MAAM;CACxD,CAAC;AAEF,uDAAuD;AACvD,MAAM,kBAAkB,GAAyC;IAC/D,EAAE,OAAO,EAAE,+DAA+D,EAAE,KAAK,EAAE,4BAA4B,EAAE;IACjH,EAAE,OAAO,EAAE,0CAA0C,EAAE,KAAK,EAAE,6BAA6B,EAAE;IAC7F,EAAE,OAAO,EAAE,yCAAyC,EAAE,KAAK,EAAE,4BAA4B,EAAE;IAC3F,EAAE,OAAO,EAAE,oBAAoB,EAAE,KAAK,EAAE,wBAAwB,EAAE;IAClE,EAAE,OAAO,EAAE,6DAA6D,EAAE,KAAK,EAAE,gBAAgB,EAAE;IACnG,EAAE,OAAO,EAAE,uEAAuE,EAAE,KAAK,EAAE,sBAAsB,EAAE;IACnH,EAAE,OAAO,EAAE,uEAAuE,EAAE,KAAK,EAAE,wBAAwB,EAAE;IACrH,EAAE,OAAO,EAAE,+DAA+D,EAAE,KAAK,EAAE,uBAAuB,EAAE;CAC7G,CAAC;AAEF,8CAA8C;AAC9C,MAAM,uBAAuB,GAAyC;IACpE,EAAE,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,qBAAqB,EAAE;IAC5D,EAAE,OAAO,EAAE,mEAAmE,EAAE,KAAK,EAAE,uBAAuB,EAAE;IAChH,EAAE,OAAO,EAAE,mDAAmD,EAAE,KAAK,EAAE,kBAAkB,EAAE;IAC3F,EAAE,OAAO,EAAE,6BAA6B,EAAE,KAAK,EAAE,qBAAqB,EAAE;IACxE,EAAE,OAAO,EAAE,6DAA6D,EAAE,KAAK,EAAE,2BAA2B,EAAE;IAC9G,EAAE,OAAO,EAAE,uBAAuB,EAAE,KAAK,EAAE,wBAAwB,EAAE;CACtE,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,UAAU,iBAAiB,CAC/B,GAAW,EACX,OAAsB,UAAU,EAChC,YAAoB,IAAI;IAExB,IAAI,IAAI,KAAK,aAAa,IAAI,CAAC,GAAG,EAAE,CAAC;QACnC,OAAO,EAAE,SAAS,EAAE,GAAG,EAAE,gBAAgB,EAAE,EAAE,EAAE,CAAC;IAClD,CAAC;IAED,MAAM,gBAAgB,GAAa,EAAE,CAAC;IACtC,IAAI,IAAI,GAAG,GAAG,CAAC;IAEf,2FAA2F;IAC3F,KAAK,MAAM,GAAG,IAAI,qBAAqB,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,GAAG,QAAQ,EAAE,IAAI,CAAC,CAAC;QACjD,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,KAAK,GAAG,GAAG,EAAE,IAAI,CAAC,CAAC;QAC9C,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5C,gBAAgB,CAAC,IAAI,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC;YACxC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,KAAK,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,kBAAkB,EAAE,CAAC;QACpD,qCAAqC;QACrC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,gBAAgB,CAAC,IAAI,CAAC,aAAa,KAAK,EAAE,CAAC,CAAC;YAC5C,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,2BAA2B,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,KAAK,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,uBAAuB,EAAE,CAAC;QACzD,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,gBAAgB,CAAC,IAAI,CAAC,SAAS,KAAK,EAAE,CAAC,CAAC;YACxC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,oDAAoD;IACpD,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAEzC,mCAAmC;IACnC,IAAI,IAAI,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QAC/C,MAAM,aAAa,GAAG,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACpD,IAAI,GAAG,aAAa,GAAG,SAAS,GAAG,GAAG;YACpC,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,aAAa,CAAC,GAAG,4BAA4B;YACtE,CAAC,CAAC,SAAS,GAAG,4BAA4B,CAAC;QAC7C,gBAAgB,CAAC,IAAI,CAAC,aAAa,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,MAAM,CAAC,KAAK,CAAC,gCAAgC,gBAAgB,CAAC,MAAM,WAAW,EAAE,EAAE,gBAAgB,EAAE,CAAC,CAAC;IACzG,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,gBAAgB,EAAE,CAAC;AACtD,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@brutalist/mcp",
-  "version": "1.2.0",
+  "version": "1.4.0",
   "description": "Deploy Claude, Codex & Gemini CLI agents to demolish your work before users do. Real file analysis. Brutal honesty. Now with conversation continuation & intelligent pagination.",
   "type": "module",
   "main": "dist/index.js",