@checkstack/catalog-backend 1.3.0 → 1.4.0

package/src/ai/catalog-delete-system.ts

@@ -0,0 +1,77 @@
+import { z } from "zod";
+import { qualifyAccessRuleId } from "@checkstack/common";
+import type { RpcClient, AuthUser } from "@checkstack/backend-api";
+import {
+  CatalogApi,
+  catalogAccess,
+  pluginMetadata,
+} from "@checkstack/catalog-common";
+import type { AiProposalPreview } from "@checkstack/ai-common";
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+
+/** Input for `catalog.deleteSystem`: the system id to remove. */
+export const CatalogDeleteSystemInputSchema = z.object({
+  id: z.string(),
+});
+export type CatalogDeleteSystemInput = z.infer<
+  typeof CatalogDeleteSystemInputSchema
+>;
+
+/** Output returned once a human applies the deletion. */
+export interface CatalogDeleteSystemApplyResult {
+  id: string;
+  deleted: true;
+}
+
+/**
+ * `catalog.deleteSystem` - delete a system by id.
+ *
+ * `effect: "destructive"` - deletion is irreversible, so it ALWAYS routes through
+ * the propose/apply confirm card in BOTH permission modes (it can never
+ * auto-apply). `dryRun` resolves the target system so the confirm card names
+ * exactly what will be removed; `execute` (reached only via `apply`) performs the
+ * delete via the contract's POSITIONAL string id. Authorization is the
+ * `system.manage` rule the UI delete requires.
+ */
+export function createCatalogDeleteSystemTool(): RegisteredAiTool<
+  CatalogDeleteSystemInput,
+  CatalogDeleteSystemApplyResult
+> {
+  const dryRun = async ({
+    input,
+    rpcClient,
+  }: {
+    input: CatalogDeleteSystemInput;
+    principal: AuthUser;
+    rpcClient: RpcClient;
+  }): Promise<AiProposalPreview<CatalogDeleteSystemInput>> => {
+    const catalogClient = rpcClient.forPlugin(CatalogApi);
+    const system = await catalogClient.getSystem({ systemId: input.id });
+    if (!system) {
+      throw new Error(
+        `No system found with id "${input.id}". List systems first to get a valid id.`,
+      );
+    }
+    return {
+      summary: `Delete system "${system.name}". This is permanent and also removes its group memberships and associations.`,
+      payload: { id: input.id },
+    };
+  };
+
+  return {
+    name: "catalog.deleteSystem",
+    description:
+      "Delete a system by id. DESTRUCTIVE and irreversible - it also removes the system's group memberships and associations. Never deletes directly; a person must approve the confirmation. Find the id with the catalog read tools first.",
+    effect: "destructive",
+    input: CatalogDeleteSystemInputSchema,
+    requiredAccessRules: [
+      qualifyAccessRuleId(pluginMetadata, catalogAccess.system.manage),
+    ],
+    dryRun,
+    async execute({ input, rpcClient }) {
+      const catalogClient = rpcClient.forPlugin(CatalogApi);
+      await catalogClient.deleteSystem(input.id);
+      return { id: input.id, deleted: true };
+    },
+  };
+}

package/src/ai/catalog-remove-system-from-group.test.ts

@@ -0,0 +1,55 @@
+import { describe, expect, test, mock } from "bun:test";
+import type { AuthUser, RpcClient } from "@checkstack/backend-api";
+import { createCatalogRemoveSystemFromGroupTool } from "./catalog-remove-system-from-group";
+
+const principal: AuthUser = {
+  type: "user",
+  id: "u1",
+  accessRules: ["catalog.system.manage", "catalog.group.manage"],
+};
+
+function fakeRpcClient({
+  removeSystemFromGroup,
+}: {
+  removeSystemFromGroup: ReturnType<typeof mock>;
+}): RpcClient {
+  return {
+    forPlugin: () => ({ removeSystemFromGroup }),
+  } as unknown as RpcClient;
+}
+
+describe("catalog.removeSystemFromGroup tool", () => {
+  test("declares mutate effect (reversible unassignment) + the system manage rule", () => {
+    const tool = createCatalogRemoveSystemFromGroupTool();
+    expect(tool.name).toBe("catalog.removeSystemFromGroup");
+    expect(tool.effect).toBe("mutate");
+    expect(tool.requiredAccessRules).toEqual(["catalog.system.manage"]);
+    expect(typeof tool.dryRun).toBe("function");
+  });
+
+  test("dryRun summarizes the unassignment and NEVER mutates", async () => {
+    const removeSystemFromGroup = mock(() => Promise.resolve({ success: true }));
+    const rpcClient = fakeRpcClient({ removeSystemFromGroup });
+    const tool = createCatalogRemoveSystemFromGroupTool();
+    const input = { groupId: "grp1", systemId: "sys1" };
+    const preview = await tool.dryRun!({ input, principal, rpcClient });
+    expect(removeSystemFromGroup).not.toHaveBeenCalled();
+    expect(preview.summary).toContain("sys1");
+    expect(preview.summary).toContain("grp1");
+    expect(preview.payload).toEqual(input);
+  });
+
+  test("execute (apply) calls removeSystemFromGroup with { groupId, systemId }", async () => {
+    const removeSystemFromGroup = mock(() => Promise.resolve({ success: true }));
+    const rpcClient = fakeRpcClient({ removeSystemFromGroup });
+    const tool = createCatalogRemoveSystemFromGroupTool();
+    const input = { groupId: "grp1", systemId: "sys1" };
+    const result = await tool.execute({ input, principal, rpcClient });
+    expect(removeSystemFromGroup).toHaveBeenCalledWith(input);
+    expect(result).toEqual({
+      groupId: "grp1",
+      systemId: "sys1",
+      removed: true,
+    });
+  });
+});

package/src/ai/catalog-remove-system-from-group.ts

@@ -0,0 +1,74 @@
+import { z } from "zod";
+import { qualifyAccessRuleId } from "@checkstack/common";
+import type { RpcClient, AuthUser } from "@checkstack/backend-api";
+import {
+  CatalogApi,
+  catalogAccess,
+  pluginMetadata,
+} from "@checkstack/catalog-common";
+import type { AiProposalPreview } from "@checkstack/ai-common";
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+
+/** Input for `catalog.removeSystemFromGroup`: the group + system to unassign. */
+export const CatalogRemoveSystemFromGroupInputSchema = z.object({
+  groupId: z.string(),
+  systemId: z.string(),
+});
+export type CatalogRemoveSystemFromGroupInput = z.infer<
+  typeof CatalogRemoveSystemFromGroupInputSchema
+>;
+
+/** Output returned once a human applies the membership change. */
+export interface CatalogRemoveSystemFromGroupApplyResult {
+  groupId: string;
+  systemId: string;
+  removed: true;
+}
+
+/**
+ * `catalog.removeSystemFromGroup` - remove a system from a group.
+ *
+ * `effect: "mutate"` - this is a reversible UNASSIGNMENT (the system and group
+ * both still exist; only the membership edge is dropped), so it is `mutate`, NOT
+ * `destructive`. It auto-applies in AUTO mode and is confirm-gated in APPROVE
+ * mode. Membership is part of the system surface, so authorization is the
+ * `system.manage` rule (matching the contract).
+ */
+export function createCatalogRemoveSystemFromGroupTool(): RegisteredAiTool<
+  CatalogRemoveSystemFromGroupInput,
+  CatalogRemoveSystemFromGroupApplyResult
+> {
+  const dryRun = async ({
+    input,
+  }: {
+    input: CatalogRemoveSystemFromGroupInput;
+    principal: AuthUser;
+    rpcClient: RpcClient;
+  }): Promise<AiProposalPreview<CatalogRemoveSystemFromGroupInput>> => {
+    return {
+      summary: `Remove system "${input.systemId}" from group "${input.groupId}".`,
+      payload: input,
+    };
+  };
+
+  return {
+    name: "catalog.removeSystemFromGroup",
+    description:
+      "Remove a system from a group by their ids. This only removes the membership; the system and group are kept. Never changes membership directly; a person must approve unless the conversation is in auto mode. Find the ids with the catalog read tools first.",
+    effect: "mutate",
+    input: CatalogRemoveSystemFromGroupInputSchema,
+    requiredAccessRules: [
+      qualifyAccessRuleId(pluginMetadata, catalogAccess.system.manage),
+    ],
+    dryRun,
+    async execute({ input, rpcClient }) {
+      const catalogClient = rpcClient.forPlugin(CatalogApi);
+      await catalogClient.removeSystemFromGroup(input);
+      return {
+        groupId: input.groupId,
+        systemId: input.systemId,
+        removed: true,
+      };
+    },
+  };
+}

package/src/ai/catalog-update-group.test.ts

@@ -0,0 +1,85 @@
+import { describe, expect, test, mock } from "bun:test";
+import type { AuthUser, RpcClient } from "@checkstack/backend-api";
+import { createCatalogUpdateGroupTool } from "./catalog-update-group";
+
+const principal: AuthUser = {
+  type: "user",
+  id: "u1",
+  accessRules: ["catalog.system.manage", "catalog.group.manage"],
+};
+
+const group = {
+  id: "grp1",
+  name: "Payments",
+  systemIds: [],
+  metadata: null,
+  createdAt: new Date(),
+  updatedAt: new Date(),
+};
+
+function fakeRpcClient({
+  getGroups,
+  updateGroup,
+}: {
+  getGroups: ReturnType<typeof mock>;
+  updateGroup: ReturnType<typeof mock>;
+}): RpcClient {
+  return {
+    forPlugin: () => ({ getGroups, updateGroup }),
+  } as unknown as RpcClient;
+}
+
+describe("catalog.updateGroup tool", () => {
+  test("declares mutate effect + the group manage rule", () => {
+    const tool = createCatalogUpdateGroupTool();
+    expect(tool.name).toBe("catalog.updateGroup");
+    expect(tool.effect).toBe("mutate");
+    expect(tool.requiredAccessRules).toEqual(["catalog.group.manage"]);
+    expect(typeof tool.dryRun).toBe("function");
+  });
+
+  test("dryRun resolves the target via getGroups + returns a diff", async () => {
+    const getGroups = mock(() => Promise.resolve([group]));
+    const updateGroup = mock(() => Promise.resolve(group));
+    const rpcClient = fakeRpcClient({ getGroups, updateGroup });
+    const tool = createCatalogUpdateGroupTool();
+    const preview = await tool.dryRun!({
+      input: { id: "grp1", data: { name: "Billing" } },
+      principal,
+      rpcClient,
+    });
+    expect(updateGroup).not.toHaveBeenCalled();
+    expect(preview.summary).toContain("Payments");
+    expect(preview.diff).toEqual([
+      { path: "name", before: "Payments", after: "Billing" },
+    ]);
+  });
+
+  test("dryRun throws a clear error when the id is unknown", async () => {
+    const rpcClient = fakeRpcClient({
+      getGroups: mock(() => Promise.resolve([group])),
+      updateGroup: mock(),
+    });
+    const tool = createCatalogUpdateGroupTool();
+    await expect(
+      tool.dryRun!({
+        input: { id: "nope", data: { name: "x" } },
+        principal,
+        rpcClient,
+      }),
+    ).rejects.toThrow(/No group found/);
+  });
+
+  test("execute (apply) updates via updateGroup", async () => {
+    const updateGroup = mock(() => Promise.resolve(group));
+    const rpcClient = fakeRpcClient({
+      getGroups: mock(() => Promise.resolve([group])),
+      updateGroup,
+    });
+    const tool = createCatalogUpdateGroupTool();
+    const input = { id: "grp1", data: { name: "Billing" } };
+    const result = await tool.execute({ input, principal, rpcClient });
+    expect(updateGroup).toHaveBeenCalledWith(input);
+    expect(result).toEqual({ group });
+  });
+});

package/src/ai/catalog-update-group.ts

@@ -0,0 +1,88 @@
+import { z } from "zod";
+import { qualifyAccessRuleId } from "@checkstack/common";
+import type { RpcClient, AuthUser } from "@checkstack/backend-api";
+import {
+  CatalogApi,
+  catalogAccess,
+  pluginMetadata,
+  type Group,
+} from "@checkstack/catalog-common";
+import { computeFieldDiff, type AiProposalPreview } from "@checkstack/ai-common";
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+
+/**
+ * Input for `catalog.updateGroup`. Mirrors the contract's (module-private)
+ * `UpdateGroupInputSchema`: the group id plus a PARTIAL data body. Only the
+ * provided fields change; `metadata` is nullable so it can be explicitly cleared.
+ */
+export const CatalogUpdateGroupInputSchema = z.object({
+  id: z.string(),
+  data: z.object({
+    name: z.string().optional(),
+    metadata: z.record(z.string(), z.unknown()).nullable().optional(),
+  }),
+});
+export type CatalogUpdateGroupInput = z.infer<
+  typeof CatalogUpdateGroupInputSchema
+>;
+
+/** Output returned once a human applies the update (the updated group). */
+export interface CatalogUpdateGroupApplyResult {
+  group: Group;
+}
+
+/**
+ * `catalog.updateGroup` - update an existing group by id with a partial body.
+ *
+ * `effect: "mutate"` - a non-destructive change, so it auto-applies in AUTO mode
+ * and is confirm-gated in APPROVE mode. `dryRun` lists groups, finds the target,
+ * and returns a before -> after field diff. There is no single-group fetch on the
+ * contract, so the dry-run resolves it from `getGroups()`.
+ */
+export function createCatalogUpdateGroupTool(): RegisteredAiTool<
+  CatalogUpdateGroupInput,
+  CatalogUpdateGroupApplyResult
+> {
+  const dryRun = async ({
+    input,
+    rpcClient,
+  }: {
+    input: CatalogUpdateGroupInput;
+    principal: AuthUser;
+    rpcClient: RpcClient;
+  }): Promise<AiProposalPreview<CatalogUpdateGroupInput>> => {
+    const catalogClient = rpcClient.forPlugin(CatalogApi);
+    const groups = await catalogClient.getGroups();
+    const group = groups.find((g) => g.id === input.id);
+    if (!group) {
+      throw new Error(
+        `No group found with id "${input.id}". List groups first to get a valid id.`,
+      );
+    }
+    const before = { name: group.name, metadata: group.metadata };
+    const after = { ...before, ...input.data };
+    const diff = computeFieldDiff({ before, after });
+    return {
+      summary: `Update group "${group.name}".`,
+      payload: input,
+      diff,
+    };
+  };
+
+  return {
+    name: "catalog.updateGroup",
+    description:
+      "Update an existing group by id with a partial body (only provided fields change). Never updates directly; a person must approve unless the conversation is in auto mode. Find the id with the catalog read tools first.",
+    effect: "mutate",
+    input: CatalogUpdateGroupInputSchema,
+    requiredAccessRules: [
+      qualifyAccessRuleId(pluginMetadata, catalogAccess.group.manage),
+    ],
+    dryRun,
+    async execute({ input, rpcClient }) {
+      const catalogClient = rpcClient.forPlugin(CatalogApi);
+      const group = await catalogClient.updateGroup(input);
+      return { group };
+    },
+  };
+}

package/src/ai/catalog-update-system.test.ts

@@ -0,0 +1,87 @@
+import { describe, expect, test, mock } from "bun:test";
+import type { AuthUser, RpcClient } from "@checkstack/backend-api";
+import { createCatalogUpdateSystemTool } from "./catalog-update-system";
+
+const principal: AuthUser = {
+  type: "user",
+  id: "u1",
+  accessRules: ["catalog.system.manage", "catalog.group.manage"],
+};
+
+const system = {
+  id: "sys1",
+  name: "Checkout API",
+  description: "Handles checkout",
+  metadata: null,
+  createdAt: new Date(),
+  updatedAt: new Date(),
+};
+
+function fakeRpcClient({
+  getSystem,
+  updateSystem,
+}: {
+  getSystem: ReturnType<typeof mock>;
+  updateSystem: ReturnType<typeof mock>;
+}): RpcClient {
+  return {
+    forPlugin: () => ({ getSystem, updateSystem }),
+  } as unknown as RpcClient;
+}
+
+describe("catalog.updateSystem tool", () => {
+  test("declares mutate effect + the system manage rule", () => {
+    const tool = createCatalogUpdateSystemTool();
+    expect(tool.name).toBe("catalog.updateSystem");
+    expect(tool.effect).toBe("mutate");
+    expect(tool.requiredAccessRules).toEqual(["catalog.system.manage"]);
+    expect(typeof tool.dryRun).toBe("function");
+  });
+
+  test("dryRun fetches via getSystem with the systemId key + returns a diff", async () => {
+    const getSystem = mock(() => Promise.resolve(system));
+    const updateSystem = mock(() => Promise.resolve(system));
+    const rpcClient = fakeRpcClient({ getSystem, updateSystem });
+    const tool = createCatalogUpdateSystemTool();
+    const preview = await tool.dryRun!({
+      input: { id: "sys1", data: { name: "Checkout" } },
+      principal,
+      rpcClient,
+    });
+    // systemId-key trap: the contract's getSystem input is { systemId }.
+    expect(getSystem).toHaveBeenCalledWith({ systemId: "sys1" });
+    expect(updateSystem).not.toHaveBeenCalled();
+    expect(preview.summary).toContain("Checkout API");
+    expect(preview.diff).toEqual([
+      { path: "name", before: "Checkout API", after: "Checkout" },
+    ]);
+  });
+
+  test("dryRun throws a clear error when the id is unknown", async () => {
+    const rpcClient = fakeRpcClient({
+      getSystem: mock(() => Promise.resolve(null)),
+      updateSystem: mock(),
+    });
+    const tool = createCatalogUpdateSystemTool();
+    await expect(
+      tool.dryRun!({
+        input: { id: "nope", data: { name: "x" } },
+        principal,
+        rpcClient,
+      }),
+    ).rejects.toThrow(/No system found/);
+  });
+
+  test("execute (apply) updates via updateSystem", async () => {
+    const updateSystem = mock(() => Promise.resolve(system));
+    const rpcClient = fakeRpcClient({
+      getSystem: mock(() => Promise.resolve(system)),
+      updateSystem,
+    });
+    const tool = createCatalogUpdateSystemTool();
+    const input = { id: "sys1", data: { name: "Checkout" } };
+    const result = await tool.execute({ input, principal, rpcClient });
+    expect(updateSystem).toHaveBeenCalledWith(input);
+    expect(result).toEqual({ system });
+  });
+});

package/src/ai/catalog-update-system.ts

@@ -0,0 +1,93 @@
+import { z } from "zod";
+import { qualifyAccessRuleId } from "@checkstack/common";
+import type { RpcClient, AuthUser } from "@checkstack/backend-api";
+import {
+  CatalogApi,
+  catalogAccess,
+  pluginMetadata,
+  type System,
+} from "@checkstack/catalog-common";
+import { computeFieldDiff, type AiProposalPreview } from "@checkstack/ai-common";
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+
+/**
+ * Input for `catalog.updateSystem`. Mirrors the contract's (module-private)
+ * `UpdateSystemInputSchema`: the system id plus a PARTIAL data body. Only the
+ * provided fields change; `description` / `metadata` are nullable so they can be
+ * explicitly cleared.
+ */
+export const CatalogUpdateSystemInputSchema = z.object({
+  id: z.string(),
+  data: z.object({
+    name: z.string().optional(),
+    description: z.string().nullable().optional(),
+    metadata: z.record(z.string(), z.unknown()).nullable().optional(),
+  }),
+});
+export type CatalogUpdateSystemInput = z.infer<
+  typeof CatalogUpdateSystemInputSchema
+>;
+
+/** Output returned once a human applies the update (the updated system). */
+export interface CatalogUpdateSystemApplyResult {
+  system: System;
+}
+
+/**
+ * `catalog.updateSystem` - update an existing system by id with a partial body.
+ *
+ * `effect: "mutate"` - a non-destructive change, so it auto-applies in AUTO mode
+ * and is confirm-gated in APPROVE mode. `dryRun` fetches the live system, merges
+ * the partial body, and returns a before -> after field diff so the confirm card
+ * shows exactly what changes.
+ */
+export function createCatalogUpdateSystemTool(): RegisteredAiTool<
+  CatalogUpdateSystemInput,
+  CatalogUpdateSystemApplyResult
+> {
+  const dryRun = async ({
+    input,
+    rpcClient,
+  }: {
+    input: CatalogUpdateSystemInput;
+    principal: AuthUser;
+    rpcClient: RpcClient;
+  }): Promise<AiProposalPreview<CatalogUpdateSystemInput>> => {
+    const catalogClient = rpcClient.forPlugin(CatalogApi);
+    const system = await catalogClient.getSystem({ systemId: input.id });
+    if (!system) {
+      throw new Error(
+        `No system found with id "${input.id}". List systems first to get a valid id.`,
+      );
+    }
+    const before = {
+      name: system.name,
+      description: system.description,
+      metadata: system.metadata,
+    };
+    const after = { ...before, ...input.data };
+    const diff = computeFieldDiff({ before, after });
+    return {
+      summary: `Update system "${system.name}".`,
+      payload: input,
+      diff,
+    };
+  };
+
+  return {
+    name: "catalog.updateSystem",
+    description:
+      "Update an existing system by id with a partial body (only provided fields change). Never updates directly; a person must approve unless the conversation is in auto mode. Find the id with the catalog read tools first.",
+    effect: "mutate",
+    input: CatalogUpdateSystemInputSchema,
+    requiredAccessRules: [
+      qualifyAccessRuleId(pluginMetadata, catalogAccess.system.manage),
+    ],
+    dryRun,
+    async execute({ input, rpcClient }) {
+      const catalogClient = rpcClient.forPlugin(CatalogApi);
+      const system = await catalogClient.updateSystem(input);
+      return { system };
+    },
+  };
+}

package/src/ai/catalog.projection.test.ts

@@ -0,0 +1,37 @@
+import { describe, expect, test } from "bun:test";
+import { buildProjectedTool } from "@checkstack/ai-backend";
+import { catalogContract, pluginMetadata } from "@checkstack/catalog-common";
+
+describe("catalog read projections", () => {
+  test("catalog.listSystems projects getSystems as a read tool with the system read rule", () => {
+    const tool = buildProjectedTool({
+      procedure: catalogContract.getSystems,
+      sourcePluginMetadata: pluginMetadata,
+      procedureKey: "getSystems",
+      name: "catalog.listSystems",
+      description:
+        "List all systems (services/resources) with their ids and names. Read-only.",
+      effect: "read",
+      execute: () => Promise.resolve({}),
+    });
+    expect(tool.name).toBe("catalog.listSystems");
+    expect(tool.effect).toBe("read");
+    expect(tool.requiredAccessRules).toEqual(["catalog.system.read"]);
+  });
+
+  test("catalog.listGroups projects getGroups as a read tool with the group read rule", () => {
+    const tool = buildProjectedTool({
+      // unavoidable oRPC typing cast (established projection pattern):
+      procedure: catalogContract.getGroups,
+      sourcePluginMetadata: pluginMetadata,
+      procedureKey: "getGroups",
+      name: "catalog.listGroups",
+      description: "List all system groups with ids and names. Read-only.",
+      effect: "read",
+      execute: () => Promise.resolve({}),
+    });
+    expect(tool.name).toBe("catalog.listGroups");
+    expect(tool.effect).toBe("read");
+    expect(tool.requiredAccessRules).toEqual(["catalog.group.read"]);
+  });
+});

package/src/ai/register-ai-tools.ts

@@ -0,0 +1,35 @@
+import type { RegisteredAiTool } from "@checkstack/ai-backend";
+import { createCatalogCreateSystemTool } from "./catalog-create-system";
+import { createCatalogUpdateSystemTool } from "./catalog-update-system";
+import { createCatalogDeleteSystemTool } from "./catalog-delete-system";
+import { createCatalogCreateGroupTool } from "./catalog-create-group";
+import { createCatalogUpdateGroupTool } from "./catalog-update-group";
+import { createCatalogDeleteGroupTool } from "./catalog-delete-group";
+import { createCatalogAddSystemToGroupTool } from "./catalog-add-system-to-group";
+import { createCatalogRemoveSystemFromGroupTool } from "./catalog-remove-system-from-group";
+
+/**
+ * The catalog plugin's AI tools, registered into the AI registry via
+ * `aiToolExtensionPoint` from this plugin's own init - NOT centralized in
+ * ai-backend. This is the canonical pattern any plugin uses to contribute AI
+ * tools without ai-backend depending on it.
+ *
+ * Create/update + membership tools are `mutate` (auto-applies in AUTO mode,
+ * confirm-gated in APPROVE mode); the two delete tools are `destructive` (always
+ * confirm-gated). All go through the USER-SCOPED client passed at call time, so
+ * handler-side authorization is enforced exactly as a direct UI/RPC call; the
+ * resolver gate + the propose/apply re-check at propose AND apply time are the
+ * additional authorization authority.
+ */
+export function buildCatalogAiTools(): RegisteredAiTool[] {
+  return [
+    createCatalogCreateSystemTool(),
+    createCatalogUpdateSystemTool(),
+    createCatalogDeleteSystemTool(),
+    createCatalogCreateGroupTool(),
+    createCatalogUpdateGroupTool(),
+    createCatalogDeleteGroupTool(),
+    createCatalogAddSystemToGroupTool(),
+    createCatalogRemoveSystemFromGroupTool(),
+  ];
+}

package/src/automations.test.ts

@@ -9,7 +9,7 @@
  * failure path.
  */
 import { describe, expect, it, mock } from "bun:test";
-import type { Logger } from "@checkstack/backend-api";
+import type { Logger, RpcClient } from "@checkstack/backend-api";
 import { createMockLogger } from "@checkstack/test-utils-backend";
 
 import {
@@ -33,6 +33,7 @@ const ctxBase = {
   getService: async <T,>(): Promise<T> => {
     throw new Error("not used");
   },
+  rpcClient: { forPlugin: () => ({}) } as unknown as RpcClient,
 };
 
 // ─── Triggers ──────────────────────────────────────────────────────────