@desplega.ai/agent-swarm 1.80.0 → 1.80.2

package/src/tests/workflow-input-redaction.test.ts

@@ -0,0 +1,232 @@
+import { afterAll, afterEach, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import { z } from "zod";
+import {
+  closeDb,
+  createWorkflow,
+  deleteWorkflow,
+  getWorkflowRunStepsByRunId,
+  initDb,
+  upsertSwarmConfig,
+} from "../be/db";
+import type { WorkflowDefinition } from "../types";
+import { startWorkflowExecution } from "../workflows/engine";
+import {
+  BaseExecutor,
+  type ExecutorDependencies,
+  type ExecutorResult,
+} from "../workflows/executors/base";
+import { ExecutorRegistry } from "../workflows/executors/registry";
+import {
+  getSecretInputKeys,
+  REDACTED_SECRET_VALUE,
+  redactSecretsForStorage,
+  resolveInputs,
+} from "../workflows/input";
+
+const TEST_DB_PATH = "./test-workflow-input-redaction.sqlite";
+
+// Captures the input it was invoked with so we can assert what the executor
+// actually receives (real value, not redacted).
+class CaptureExecutor extends BaseExecutor<
+  typeof CaptureExecutor.schema,
+  typeof CaptureExecutor.outSchema
+> {
+  static readonly schema = z.object({ tokenSeen: z.string().optional() });
+  static readonly outSchema = z.object({ ok: z.boolean() });
+
+  readonly type = "capture";
+  readonly mode = "instant" as const;
+  readonly configSchema = CaptureExecutor.schema;
+  readonly outputSchema = CaptureExecutor.outSchema;
+
+  static lastTokenSeen: string | undefined = undefined;
+
+  protected async execute(
+    config: z.infer<typeof CaptureExecutor.schema>,
+  ): Promise<ExecutorResult<z.infer<typeof CaptureExecutor.outSchema>>> {
+    CaptureExecutor.lastTokenSeen = config.tokenSeen;
+    return { status: "success", output: { ok: true } };
+  }
+}
+
+describe("getSecretInputKeys", () => {
+  test("flags secret.* references", () => {
+    const keys = getSecretInputKeys({ GITHUB_TOKEN: "secret.GITHUB_TOKEN" });
+    expect(keys.has("GITHUB_TOKEN")).toBe(true);
+    expect(keys.size).toBe(1);
+  });
+
+  test("flags sensitive env-var references", () => {
+    // biome-ignore lint/suspicious/noTemplateCurlyInString: testing env-var syntax
+    const keys = getSecretInputKeys({ GH: "${GITHUB_TOKEN}" });
+    expect(keys.has("GH")).toBe(true);
+  });
+
+  test("does not flag non-sensitive env-var references", () => {
+    // biome-ignore lint/suspicious/noTemplateCurlyInString: testing env-var syntax
+    const keys = getSecretInputKeys({ branch: "${GIT_BRANCH}", url: "${MCP_BASE_URL}" });
+    expect(keys.size).toBe(0);
+  });
+
+  test("does not flag literal strings", () => {
+    const keys = getSecretInputKeys({ name: "literal", count: "42" });
+    expect(keys.size).toBe(0);
+  });
+
+  test("handles undefined input", () => {
+    const keys = getSecretInputKeys(undefined);
+    expect(keys.size).toBe(0);
+  });
+
+  test("flags all sensitive-suffix env names", () => {
+    const keys = getSecretInputKeys({
+      // biome-ignore lint/suspicious/noTemplateCurlyInString: testing env-var syntax
+      a: "${FOO_TOKEN}",
+      // biome-ignore lint/suspicious/noTemplateCurlyInString: testing env-var syntax
+      b: "${BAR_API_KEY}",
+      // biome-ignore lint/suspicious/noTemplateCurlyInString: testing env-var syntax
+      c: "${BAZ_SECRET}",
+      // biome-ignore lint/suspicious/noTemplateCurlyInString: testing env-var syntax
+      d: "${QUX_PASSWORD}",
+    });
+    expect(keys.size).toBe(4);
+  });
+});
+
+describe("redactSecretsForStorage", () => {
+  test("returns ctx unchanged when no secret keys", () => {
+    const ctx = { input: { foo: "bar" } };
+    const out = redactSecretsForStorage(ctx, new Set());
+    expect(out).toBe(ctx);
+  });
+
+  test("redacts only declared secret keys in ctx.input", () => {
+    const ctx = {
+      trigger: { topic: "tuxedo" },
+      input: { GITHUB_TOKEN: "ghp_real_value_xxx", branch: "main" },
+    };
+    const out = redactSecretsForStorage(ctx, new Set(["GITHUB_TOKEN"]));
+    expect((out.input as Record<string, unknown>).GITHUB_TOKEN).toBe(REDACTED_SECRET_VALUE);
+    expect((out.input as Record<string, unknown>).branch).toBe("main");
+    // Trigger block untouched
+    expect(out.trigger).toEqual({ topic: "tuxedo" });
+  });
+
+  test("does not mutate the original ctx (executor still sees real value)", () => {
+    const ctx = { input: { GITHUB_TOKEN: "ghp_real" } };
+    redactSecretsForStorage(ctx, new Set(["GITHUB_TOKEN"]));
+    expect((ctx.input as Record<string, unknown>).GITHUB_TOKEN).toBe("ghp_real");
+  });
+
+  test("no-ops when ctx has no input block", () => {
+    const ctx = { trigger: {} };
+    const out = redactSecretsForStorage(ctx, new Set(["GITHUB_TOKEN"]));
+    expect(out).toBe(ctx);
+  });
+
+  test("no-ops when secret key isn't actually present in ctx.input", () => {
+    const ctx = { input: { unrelated: "x" } };
+    const out = redactSecretsForStorage(ctx, new Set(["GITHUB_TOKEN"]));
+    expect(out).toBe(ctx);
+  });
+});
+
+describe("end-to-end — workflow step persistence redacts secrets", () => {
+  beforeAll(() => {
+    initDb(TEST_DB_PATH);
+  });
+
+  afterAll(async () => {
+    closeDb();
+    try {
+      await unlink(TEST_DB_PATH);
+    } catch {
+      // ignore
+    }
+  });
+
+  let workflowId: string | null = null;
+
+  beforeEach(() => {
+    CaptureExecutor.lastTokenSeen = undefined;
+  });
+
+  afterEach(() => {
+    if (workflowId) {
+      try {
+        deleteWorkflow(workflowId);
+      } catch {
+        // ignore
+      }
+      workflowId = null;
+    }
+  });
+
+  test("ctx.input[secretKey] is redacted in workflow_run_steps but real value reaches the executor", async () => {
+    // Seed swarm config with a "secret" value
+    const SECRET_VALUE = "ghp_supersecret_token_value_abc123";
+    upsertSwarmConfig({
+      scope: "global",
+      key: "TEST_REDACTION_GITHUB_TOKEN",
+      value: SECRET_VALUE,
+      isSecret: true,
+    });
+
+    const def: WorkflowDefinition = {
+      nodes: [
+        {
+          id: "capture-node",
+          type: "capture",
+          config: { tokenSeen: "{{input.GITHUB_TOKEN}}" },
+        },
+      ],
+    };
+    const workflow = createWorkflow({
+      name: `redaction-test-${Date.now()}`,
+      definition: def,
+      triggers: [],
+      input: {
+        GITHUB_TOKEN: "secret.TEST_REDACTION_GITHUB_TOKEN",
+        plain: "not-a-secret",
+      },
+    });
+    workflowId = workflow.id;
+
+    const registry = new ExecutorRegistry();
+    const deps: ExecutorDependencies = {
+      db: {} as typeof import("../be/db"),
+      eventBus: { emit: () => {}, on: () => {}, off: () => {} },
+      interpolate: (t: string) => t,
+    };
+    registry.register(new CaptureExecutor(deps));
+
+    const runId = await startWorkflowExecution(workflow, {}, registry);
+    expect(runId).toBeDefined();
+
+    // Executor must see the REAL secret value (interpolated from live ctx)
+    expect(CaptureExecutor.lastTokenSeen).toBe(SECRET_VALUE);
+
+    // Persisted step.input must have the secret redacted
+    const steps = getWorkflowRunStepsByRunId(runId);
+    expect(steps.length).toBe(1);
+    const persistedInput = steps[0]!.input as Record<string, unknown>;
+    const persistedInputBlock = persistedInput.input as Record<string, unknown>;
+    expect(persistedInputBlock.GITHUB_TOKEN).toBe(REDACTED_SECRET_VALUE);
+    // Non-secret key untouched
+    expect(persistedInputBlock.plain).toBe("not-a-secret");
+    // The real secret string must NOT appear anywhere in the persisted JSON
+    const serialized = JSON.stringify(steps[0]);
+    expect(serialized.includes(SECRET_VALUE)).toBe(false);
+  });
+});
+
+describe("resolveInputs (unchanged behavior)", () => {
+  test("still resolves env-var references", () => {
+    process.env.TEST_REDACT_VAR = "resolved";
+    // biome-ignore lint/suspicious/noTemplateCurlyInString: testing env-var syntax
+    const out = resolveInputs({ x: "${TEST_REDACT_VAR}" });
+    expect(out.x).toBe("resolved");
+    delete process.env.TEST_REDACT_VAR;
+  });
+});

package/src/tests/workflow-swarm-script.test.ts

@@ -0,0 +1,273 @@
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import { z } from "zod";
+import {
+  closeDb,
+  createAgent,
+  createWorkflow,
+  getDb,
+  getWorkflowRun,
+  getWorkflowRunStepsByRunId,
+  initDb,
+} from "../be/db";
+import { upsertScriptByName } from "../be/scripts/db";
+import { setScriptEmbeddingProviderForTests } from "../be/scripts/embeddings";
+import type { Workflow, WorkflowDefinition } from "../types";
+import { startWorkflowExecution } from "../workflows/engine";
+import { InProcessEventBus } from "../workflows/event-bus";
+import {
+  BaseExecutor,
+  type ExecutorDependencies,
+  type ExecutorResult,
+} from "../workflows/executors/base";
+import { ExecutorRegistry } from "../workflows/executors/registry";
+import { SwarmScriptExecutor } from "../workflows/executors/swarm-script";
+import { interpolate } from "../workflows/template";
+
+const TEST_DB_PATH = "./test-workflow-swarm-script.sqlite";
+const API_KEY = "test-workflow-swarm-script-key-1234567890";
+
+const noOpEmbeddingProvider = {
+  name: "test/noop-workflow-script-embedding",
+  dimensions: 1,
+  async embed() {
+    return null;
+  },
+  async embedBatch(texts: string[]) {
+    return texts.map(() => null);
+  },
+};
+
+const signatureJson = JSON.stringify({
+  args: { type: "object" },
+  result: { type: "object" },
+});
+
+class EchoExecutor extends BaseExecutor<typeof EchoExecutor.schema, typeof EchoExecutor.outSchema> {
+  static readonly schema = z.object({ value: z.string() });
+  static readonly outSchema = z.object({ value: z.string() });
+
+  readonly type = "echo";
+  readonly mode = "instant" as const;
+  readonly configSchema = EchoExecutor.schema;
+  readonly outputSchema = EchoExecutor.outSchema;
+
+  protected async execute(
+    config: z.infer<typeof EchoExecutor.schema>,
+  ): Promise<ExecutorResult<z.infer<typeof EchoExecutor.outSchema>>> {
+    return { status: "success", output: { value: config.value } };
+  }
+}
+
+let savedEnv: NodeJS.ProcessEnv;
+let agentId: string;
+let deps: ExecutorDependencies;
+let registry: ExecutorRegistry;
+
+async function removeDbFiles(): Promise<void> {
+  for (const suffix of ["", "-wal", "-shm"]) {
+    try {
+      await unlink(TEST_DB_PATH + suffix);
+    } catch (error) {
+      if ((error as NodeJS.ErrnoException).code !== "ENOENT") throw error;
+    }
+  }
+}
+
+function makeWorkflow(def: WorkflowDefinition): Workflow {
+  const wf = createWorkflow({
+    name: `swarm-script-test-${crypto.randomUUID()}`,
+    definition: def,
+    createdByAgentId: agentId,
+  });
+  return wf;
+}
+
+async function saveScript(name: string, source: string) {
+  return upsertScriptByName({
+    name,
+    scope: "agent",
+    scopeId: agentId,
+    source,
+    description: `${name} test script`,
+    intent: "workflow-swarm-script test fixture",
+    signatureJson,
+    agentId,
+    typeChecked: true,
+  });
+}
+
+beforeAll(async () => {
+  savedEnv = { ...process.env };
+  await removeDbFiles();
+  initDb(TEST_DB_PATH);
+  process.env.AGENT_SWARM_API_KEY = API_KEY;
+  delete process.env.API_KEY;
+  setScriptEmbeddingProviderForTests(noOpEmbeddingProvider);
+
+  const agent = createAgent({ name: "workflow-script-agent", isLead: true, status: "idle" });
+  agentId = agent.id;
+
+  const eventBus = new InProcessEventBus();
+  const db = await import("../be/db");
+  deps = {
+    db,
+    eventBus,
+    interpolate: (template, ctx) => interpolate(template, ctx).result,
+  };
+  registry = new ExecutorRegistry();
+  registry.register(new EchoExecutor(deps));
+  registry.register(new SwarmScriptExecutor(deps));
+});
+
+afterAll(async () => {
+  setScriptEmbeddingProviderForTests(null);
+  closeDb();
+  await removeDbFiles();
+  for (const key of Object.keys(process.env)) {
+    if (!(key in savedEnv)) delete process.env[key];
+  }
+  for (const [key, value] of Object.entries(savedEnv)) {
+    if (value === undefined) delete process.env[key];
+    else process.env[key] = value;
+  }
+});
+
+beforeEach(() => {
+  getDb().run("DELETE FROM workflow_run_steps");
+  getDb().run("DELETE FROM workflow_runs");
+  getDb().run("DELETE FROM scripts");
+  getDb().run("DELETE FROM workflows");
+});
+
+describe("SwarmScriptExecutor", () => {
+  test("A workflow with one swarm-script node resolves by name + runs + returns result", async () => {
+    await saveScript(
+      "add-one",
+      `export default async (args: { value: number }) => ({ value: args.value + 1 });`,
+    );
+
+    const executor = new SwarmScriptExecutor(deps);
+    const wf = makeWorkflow({ nodes: [] });
+    const result = await executor.run({
+      config: { scriptName: "add-one", args: { value: 6 } },
+      context: {},
+      meta: {
+        runId: crypto.randomUUID(),
+        stepId: crypto.randomUUID(),
+        nodeId: "script",
+        workflowId: wf.id,
+        dryRun: false,
+      },
+    });
+
+    expect(result.status).toBe("success");
+    expect(result.output?.result).toEqual({ value: 7 });
+    expect(result.output?.scriptName).toBe("add-one");
+  });
+
+  test("pinHash correctly resolves to a historic script_versions row", async () => {
+    const first = await saveScript("versioned", `export default async () => ({ version: "old" });`);
+    await saveScript("versioned", `export default async () => ({ version: "new" });`);
+
+    const executor = new SwarmScriptExecutor(deps);
+    const wf = makeWorkflow({ nodes: [] });
+    const result = await executor.run({
+      config: { scriptName: "versioned", pinHash: first.script.contentHash },
+      context: {},
+      meta: {
+        runId: crypto.randomUUID(),
+        stepId: crypto.randomUUID(),
+        nodeId: "script",
+        workflowId: wf.id,
+        dryRun: false,
+      },
+    });
+
+    expect(result.status).toBe("success");
+    expect(result.output?.result).toEqual({ version: "old" });
+    expect(result.output?.contentHash).toBe(first.script.contentHash);
+    expect(result.output?.version).toBe(1);
+  });
+
+  test("inputs mapping from a predecessor node correctly populates args", async () => {
+    await saveScript(
+      "from-input",
+      `export default async (args: { value: string }) => ({ seen: args.value });`,
+    );
+    const wf = makeWorkflow({
+      nodes: [
+        { id: "source", type: "echo", config: { value: "mapped-value" }, next: "script" },
+        {
+          id: "script",
+          type: "swarm-script",
+          inputs: { sourceValue: "source.value" },
+          config: { scriptName: "from-input", args: { value: "{{sourceValue}}" } },
+        },
+      ],
+    });
+
+    const runId = await startWorkflowExecution(wf, {}, registry);
+    const run = getWorkflowRun(runId);
+    const steps = getWorkflowRunStepsByRunId(runId);
+    const scriptStep = steps.find((step) => step.nodeId === "script");
+
+    expect(run?.status).toBe("completed");
+    expect(scriptStep?.status).toBe("completed");
+    expect(scriptStep?.output).toMatchObject({ result: { seen: "mapped-value" } });
+  });
+
+  test("fsMode workspace-rw is rejected at config validation with a clear error message", async () => {
+    await saveScript("noop", `export default async () => ({ ok: true });`);
+    const executor = new SwarmScriptExecutor(deps);
+    const wf = makeWorkflow({ nodes: [] });
+    const result = await executor.run({
+      config: { scriptName: "noop", fsMode: "workspace-rw" },
+      context: {},
+      meta: {
+        runId: crypto.randomUUID(),
+        stepId: crypto.randomUUID(),
+        nodeId: "script",
+        workflowId: wf.id,
+        dryRun: false,
+      },
+    });
+
+    expect(result.status).toBe("failed");
+    expect(result.error).toContain("workspace-rw");
+
+    const success = await executor.run({
+      config: { scriptName: "noop", fsMode: "none" },
+      context: {},
+      meta: {
+        runId: crypto.randomUUID(),
+        stepId: crypto.randomUUID(),
+        nodeId: "script",
+        workflowId: wf.id,
+        dryRun: false,
+      },
+    });
+    expect(success.status).toBe("success");
+  });
+
+  test("Failure in the script surfaces as a workflow-node failure", async () => {
+    await saveScript("throws", `export default async () => { throw new Error("boom"); };`);
+    const executor = new SwarmScriptExecutor(deps);
+    const wf = makeWorkflow({ nodes: [] });
+    const result = await executor.run({
+      config: { scriptName: "throws" },
+      context: {},
+      meta: {
+        runId: crypto.randomUUID(),
+        stepId: crypto.randomUUID(),
+        nodeId: "script",
+        workflowId: wf.id,
+        dryRun: false,
+      },
+    });
+
+    expect(result.status).toBe("failed");
+    expect(result.error).toContain("boom");
+    expect(result.output?.exitCode).not.toBe(0);
+  });
+});

package/src/tools/memory-rate.ts

@@ -2,6 +2,7 @@ import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import * as z from "zod";
 import { REFERENCES_SOURCE_MAX_LENGTH, sanitizeReferencesSource } from "@/be/memory/raters/types";
 import { createToolRegistrar } from "@/tools/utils";
+import { getApiKey } from "@/utils/api-key";
 
 /**
  * Plan: thoughts/taras/plans/2026-05-05-memory-rater-v1.5/step-5.md §1
@@ -92,7 +93,7 @@ export const registerMemoryRateTool = (server: McpServer) => {
       }
 
       const apiUrl = process.env.MCP_BASE_URL || `http://localhost:${process.env.PORT || "3013"}`;
-      const apiKey = process.env.API_KEY || "";
+      const apiKey = getApiKey();
 
       const event = {
         memoryId: id,

package/src/tools/script-common.ts

@@ -0,0 +1,88 @@
+import type { CallToolResult } from "@modelcontextprotocol/sdk/types.js";
+import * as z from "zod";
+import { getApiKey } from "@/utils/api-key";
+import type { RequestInfo } from "./utils";
+
+export const SCRIPT_TRANSPORT_ERROR =
+  "script_* tools require HTTP MCP transport — agent identity is not available over stdio in this build. Switch to MCP_BASE_URL=http://... or invoke the HTTP API directly.";
+
+export const scriptNameSchema = z.string().min(1).max(200);
+export const scriptScopeSchema = z.enum(["agent", "global"]);
+export const scriptFsModeSchema = z.enum(["none", "workspace-rw"]);
+
+export const scriptToolOutputSchema = z.object({
+  success: z.boolean(),
+  status: z.number(),
+  data: z.unknown().optional(),
+  error: z.string().optional(),
+});
+
+export type ScriptToolStructuredContent = z.infer<typeof scriptToolOutputSchema>;
+
+function apiBaseUrl(): string {
+  return (process.env.MCP_BASE_URL || `http://localhost:${process.env.PORT || "3013"}`).replace(
+    /\/+$/,
+    "",
+  );
+}
+
+function toolError(message: string, status = 400): CallToolResult {
+  return {
+    isError: true,
+    content: [{ type: "text", text: message }],
+    structuredContent: {
+      success: false,
+      status,
+      error: message,
+    } satisfies ScriptToolStructuredContent,
+  };
+}
+
+export async function proxyScriptsApi(args: {
+  method: "GET" | "POST" | "DELETE";
+  path: string;
+  body?: unknown;
+  requestInfo: RequestInfo;
+  successMessage: (data: unknown) => string;
+}): Promise<CallToolResult> {
+  if (!args.requestInfo.agentId) return toolError(SCRIPT_TRANSPORT_ERROR);
+
+  const apiKey = getApiKey();
+  const res = await fetch(`${apiBaseUrl()}${args.path}`, {
+    method: args.method,
+    headers: {
+      Authorization: `Bearer ${apiKey}`,
+      "X-Agent-ID": args.requestInfo.agentId,
+      "Content-Type": "application/json",
+    },
+    body: args.body === undefined ? undefined : JSON.stringify(args.body),
+  });
+
+  const text = await res.text();
+  let data: unknown;
+  if (text) {
+    try {
+      data = JSON.parse(text);
+    } catch {
+      data = { error: text };
+    }
+  }
+
+  const error =
+    typeof data === "object" && data !== null && "error" in data
+      ? String((data as { error: unknown }).error)
+      : undefined;
+
+  if (!res.ok) {
+    return toolError(error ?? `Scripts API request failed with ${res.status}`, res.status);
+  }
+
+  return {
+    content: [{ type: "text", text: args.successMessage(data) }],
+    structuredContent: {
+      success: true,
+      status: res.status,
+      data,
+    } satisfies ScriptToolStructuredContent,
+  };
+}

package/src/tools/script-delete.ts

@@ -0,0 +1,35 @@
+import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import * as z from "zod";
+import { createToolRegistrar } from "@/tools/utils";
+import {
+  proxyScriptsApi,
+  scriptNameSchema,
+  scriptScopeSchema,
+  scriptToolOutputSchema,
+} from "./script-common";
+
+export const SCRIPT_DELETE_DESCRIPTION =
+  "Remove a swarm-shared script from the catalog. Versions table preserves history.";
+
+export const registerScriptDeleteTool = (server: McpServer) => {
+  createToolRegistrar(server)(
+    "script-delete",
+    {
+      title: "Script Delete",
+      description: SCRIPT_DELETE_DESCRIPTION,
+      annotations: { destructiveHint: true, openWorldHint: false },
+      inputSchema: z.object({
+        name: scriptNameSchema.describe("Script name to delete."),
+        scope: scriptScopeSchema.default("agent").describe("Script scope to delete from."),
+      }),
+      outputSchema: scriptToolOutputSchema,
+    },
+    async ({ name, scope }, requestInfo) =>
+      proxyScriptsApi({
+        method: "DELETE",
+        path: `/api/scripts/${encodeURIComponent(name)}?scope=${encodeURIComponent(scope)}`,
+        requestInfo,
+        successMessage: () => "Script delete completed.",
+      }),
+  );
+};

package/src/tools/script-query-types.ts

@@ -0,0 +1,37 @@
+import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import * as z from "zod";
+import { createToolRegistrar } from "@/tools/utils";
+import {
+  proxyScriptsApi,
+  scriptNameSchema,
+  scriptScopeSchema,
+  scriptToolOutputSchema,
+} from "./script-common";
+
+export const SCRIPT_QUERY_TYPES_DESCRIPTION =
+  "Fetch the signature + the auto-generated `swarm-sdk.d.ts` (derived from the live MCP tool registry) + the `stdlib.d.ts` blobs — for IDE-style introspection before authoring or running a script. The same types are used by `script-upsert`'s typecheck pass, so they are authoritative.";
+
+export const registerScriptQueryTypesTool = (server: McpServer) => {
+  createToolRegistrar(server)(
+    "script-query-types",
+    {
+      title: "Script Query Types",
+      description: SCRIPT_QUERY_TYPES_DESCRIPTION,
+      annotations: { readOnlyHint: true, openWorldHint: false },
+      inputSchema: z.object({
+        name: scriptNameSchema.describe("Script name whose signature should be fetched."),
+        scope: scriptScopeSchema.optional().describe("Optional scope for script resolution."),
+      }),
+      outputSchema: scriptToolOutputSchema,
+    },
+    async ({ name, scope }, requestInfo) => {
+      const query = scope ? `?scope=${encodeURIComponent(scope)}` : "";
+      return proxyScriptsApi({
+        method: "GET",
+        path: `/api/scripts/${encodeURIComponent(name)}/types${query}`,
+        requestInfo,
+        successMessage: () => "Script type query completed.",
+      });
+    },
+  );
+};