@elliotding/ai-agent-mcp 0.1.1 → 0.1.3

package/src/tools/upload-resource.ts

@@ -21,12 +21,80 @@ import { MCPServerError, createValidationError } from '../types/errors';
 import type { UploadResourceParams, UploadResourceResult, ToolResult, FileEntry } from '../types/tools';
 import type { ResourceType } from '../types/resources';
 
+type ResourceCategory = 'command' | 'skill' | 'rule' | 'mcp';
+
+/**
+ * Infer the resource type from the uploaded file list ONLY when the user has
+ * not explicitly stated a type. If the user declared a type, that always wins.
+ *
+ * Auto-detection rules (in priority order, applied only when declaredType is absent):
+ *   1. Any file named "mcp-config.json"       → mcp
+ *   2. Any file named "SKILL.md"              → skill
+ *   3. Single file ending with ".mdc"         → rule
+ *   4. Single file ending with ".md"          → command
+ *   5. Cannot determine                       → throw validation error
+ */
+function inferResourceType(
+  declaredType: ResourceCategory | undefined,
+  files: FileEntry[]
+): ResourceCategory {
+  // User explicitly specified the type — honour it unconditionally.
+  if (declaredType) return declaredType;
+
+  const names = files.map((f) => path.basename(f.path).toLowerCase());
+
+  if (names.includes('mcp-config.json')) return 'mcp';
+  if (names.includes('skill.md'))        return 'skill';
+  if (files.length === 1) {
+    if (names[0]!.endsWith('.mdc')) return 'rule';
+    if (names[0]!.endsWith('.md'))  return 'command';
+  }
+
+  throw createValidationError(
+    'type',
+    'required',
+    'Cannot auto-detect the resource type from the provided files. ' +
+    'Please specify "type" explicitly: "command" (single .md), "skill" (contains SKILL.md), ' +
+    '"rule" (single .mdc), or "mcp" (contains mcp-config.json).'
+  );
+}
+
+/**
+ * Derive a human-readable resource name from the primary file in the upload list.
+ * The original filename (without extension) is used as-is — never renamed.
+ *
+ *   - Single-file upload:  strip extension from the filename.
+ *                          "code-review.md" → "code-review"
+ *                          "csp-agent.mdc"  → "csp-agent"
+ *   - Multi-file upload:   use the top-level directory name when the first
+ *                          path contains a directory component.
+ *                          "code-review/SKILL.md" → "code-review"
+ *                          Falls back to the first file's base name otherwise.
+ *
+ * Returns undefined when the files array is empty (caller should error).
+ */
+function deriveNameFromFiles(files: FileEntry[]): string | undefined {
+  if (!files || files.length === 0) return undefined;
+
+  const first = files[0]!.path;
+
+  // For paths like "code-review/SKILL.md", use the top-level directory.
+  const dir = path.dirname(first);
+  if (dir && dir !== '.') return dir;
+
+  // Strip extension from bare filename.
+  const base = path.basename(first, path.extname(first));
+  return base || undefined;
+}
+
 /**
  * Validate and return the files[] array.
  * Each entry path must be a relative path with no traversal.
  * For MCP resources, mcp-config.json must be present.
+ *
+ * @param resolvedType The already-inferred resource type (never undefined here).
  */
-function collectFiles(typedParams: UploadResourceParams): FileEntry[] {
+function collectFiles(typedParams: UploadResourceParams, resolvedType: string): FileEntry[] {
   if (!typedParams.files || typedParams.files.length === 0) {
     throw createValidationError(
       'files',
@@ -48,17 +116,34 @@ function collectFiles(typedParams: UploadResourceParams): FileEntry[] {
 
   // MCP resources must include mcp-config.json so the client can auto-register
   // the server in ~/.cursor/mcp.json after sync_resources installs it.
-  if (typedParams.type === 'mcp') {
+  if (resolvedType === 'mcp') {
     const hasMcpConfig = typedParams.files.some(
       (f) => path.basename(f.path) === 'mcp-config.json'
     );
     if (!hasMcpConfig) {
+      // Look for other files that might already describe the server configuration
+      // (e.g. pyproject.toml, package.json, README.md, config.json, server.py).
+      // If found, surface a targeted hint so the user knows exactly what to create.
+      const configHints = typedParams.files
+        .map((f) => path.basename(f.path))
+        .filter((n) =>
+          /\.(toml|yaml|yml|json|cfg|ini|conf|py|js|ts|md)$/i.test(n) &&
+          n !== 'mcp-config.json'
+        );
+
+      const hintNote =
+        configHints.length > 0
+          ? `\nFound related files (${configHints.join(', ')}) that may already describe the server ` +
+            `configuration — please create "mcp-config.json" based on those files.`
+          : '';
+
       throw createValidationError(
         'files',
         'required',
         'MCP resources must include a "mcp-config.json" file. ' +
-        'This file tells the client how to start the MCP server after installation. ' +
-        'Required format:\n' +
+        'This file tells the client how to start the MCP server after installation.' +
+        hintNote +
+        '\n\nRequired format:\n' +
         '{\n' +
         '  "name": "<server-name>",\n' +
         '  "command": "python3",          // or "node", "uvx", etc.\n' +
@@ -79,11 +164,26 @@ export async function uploadResource(params: unknown): Promise<ToolResult<Upload
   logger.info({ tool: 'upload_resource', params }, 'upload_resource called');
 
   try {
-    const resourceType = typedParams.type;
-    const resourceId = typedParams.resource_id;
-    const resourceName = typedParams.name ?? resourceId; // API uses "name" field
-    const targetSource = typedParams.target_source ?? 'csp'; // default to "csp" repo
-    const force = (typedParams as any).force || false;
+    const resourceId   = typedParams.resource_id;
+    const userToken    = typedParams.user_token;
+    const targetSource = typedParams.target_source ?? 'csp';
+    const force        = (typedParams as any).force || false;
+
+    // User-declared type always wins; auto-detect only when omitted.
+    const resourceType = inferResourceType(typedParams.type, typedParams.files);
+
+    // Name: explicit user value > derived from filename (no extension).
+    // Never fall back to resource_id — that is an internal identifier, not a name.
+    const derivedName = typedParams.name ?? deriveNameFromFiles(typedParams.files);
+    if (!derivedName) {
+      throw createValidationError(
+        'name',
+        'required',
+        'Could not determine a resource name from the provided files. ' +
+        'Please provide a "name" field explicitly.'
+      );
+    }
+    const resourceName = derivedName;
 
     logger.info({ resourceId, resourceType, targetSource }, 'Upload target resolved');
 
@@ -124,25 +224,28 @@ export async function uploadResource(params: unknown): Promise<ToolResult<Upload
     }
 
     // ========== Step 4: Collect files ==========
-    const fileEntries = collectFiles(typedParams);
+    const fileEntries = collectFiles(typedParams, resourceType);
     logger.info({ resourceId, fileCount: fileEntries.length }, 'Files collected for upload');
 
     // ========== Step 5: Call CSP API — upload (staging) ==========
     logger.info({ resourceName, resourceType, targetSource }, 'Calling CSP upload API...');
-    const uploadResp = await apiClient.uploadResourceFiles({
-      type: resourceType,
-      name: resourceName,
-      files: fileEntries,
-      target_source: targetSource,
-      force,
-    });
+    const uploadResp = await apiClient.uploadResourceFiles(
+      {
+        type: resourceType,
+        name: resourceName,
+        files: fileEntries,
+        target_source: targetSource,
+        force,
+      },
+      userToken
+    );
 
     const uploadId = uploadResp.upload_id;
     logger.info({ uploadId, expiresAt: uploadResp.expires_at }, 'Upload staged successfully');
 
     // ========== Step 6: Call CSP API — finalize (Git commit) ==========
     logger.info({ uploadId }, 'Calling CSP finalize API...');
-    const finalizeResp = await apiClient.finalizeResourceUpload(uploadId, typedParams.message);
+    const finalizeResp = await apiClient.finalizeResourceUpload(uploadId, typedParams.message, userToken);
 
     const finalResourceId = finalizeResp.resource_id;
     const version = finalizeResp.version ?? '1.0.0';
@@ -182,15 +285,31 @@ export const uploadResourceTool = {
   name: 'upload_resource',
   description:
     'Upload a new AI resource (command, skill, rule, or mcp) to a CSP source repository. ' +
-    'The user selects files from anywhere on their local machine — read each file and pass its content in files[]. ' +
-    'ALWAYS confirm two things with the user before uploading: ' +
-    '(1) the resource type (command/skill/rule/mcp), and ' +
-    '(2) the target source repo (e.g. "csp" (default) or "client-sdk-ai-hub"). ' +
-    'The tool uses a two-step CSP API: first stages files and gets an upload_id, then finalizes the Git commit. ' +
-    'Pass files[] — an array of {path, content} entries. ' +
-    'path is the filename the resource should be stored as (e.g. "csp-ai-agent.mdc", "SKILL.md"). ' +
-    'Single-file upload: one entry in files[]. Multi-file upload: multiple entries. ' +
-    'No restriction on file extensions — mcp packages may include .py, .js, package.json, etc.',
+    'The user selects files from their local machine — read each file and pass its content in files[]. ' +
+    'ALWAYS confirm the target source repo with the user (e.g. "csp" (default) or "client-sdk-ai-hub"). ' +
+
+    '\n\nResource type rules:\n' +
+    '  • If the user explicitly states the type, use it as-is — no overriding.\n' +
+    '  • If the user does NOT state a type, auto-detect from file structure:\n' +
+    '      - Contains mcp-config.json  → type="mcp"\n' +
+    '      - Contains SKILL.md         → type="skill"\n' +
+    '      - Single .mdc file          → type="rule"\n' +
+    '      - Single .md file           → type="command"\n' +
+    '  • If the user says type="mcp" but mcp-config.json is missing, the tool will\n' +
+    '    return an error with a hint about creating mcp-config.json.\n' +
+
+    '\n\nResource name rules:\n' +
+    '  • If the user provides a name, use it.\n' +
+    '  • Otherwise derive the name from the filename WITHOUT its extension.\n' +
+    '    Keep the original filename — NEVER rename files (e.g. do not rename any .md file).\n' +
+    '    Examples: "code-review.md" → name="code-review"; "code-review/SKILL.md" → name="code-review".\n' +
+
+    '\n\nPass files[] — an array of {path, content} entries. ' +
+    'path must be the original filename as-is (relative, no path traversal). ' +
+    'No restriction on file extensions — mcp packages may include .py, .js, package.json, etc.\n' +
+
+    '\nIMPORTANT: Always read the CSP_API_TOKEN from the user\'s environment and pass it as user_token ' +
+    'so that each user\'s API calls use their own identity.',
   inputSchema: {
     type: 'object' as const,
     properties: {
@@ -206,11 +325,11 @@ export const uploadResourceTool = {
         type: 'string',
         enum: ['command', 'skill', 'rule', 'mcp'],
         description:
-          'Resource category — MUST be confirmed with the user. ' +
+          'Resource category. Auto-detected from file structure — only set explicitly when detection is ambiguous. ' +
           'command: single .md slash-command file; ' +
-          'skill: directory with SKILL.md + supporting files; ' +
+          'skill: directory or file set containing SKILL.md; ' +
           'rule: single .mdc Cursor rule file; ' +
-          'mcp: MCP server package — MUST include mcp-config.json (defines command/args/env for auto-registration into ~/.cursor/mcp.json).',
+          'mcp: MCP server package — MUST include mcp-config.json.',
       },
       message: {
         type: 'string',
@@ -251,8 +370,15 @@ export const uploadResourceTool = {
         description: 'Overwrite if a resource with the same name already exists',
         default: false,
       },
+      user_token: {
+        type: 'string',
+        description:
+          'CSP API token for the current user. Read this from the CSP_API_TOKEN environment ' +
+          'variable configured in the user\'s mcp.json. When provided, this token is used ' +
+          'for all CSP API calls in this request instead of the server-level fallback token.',
+      },
     },
-    required: ['resource_id', 'type', 'message', 'files'],
+    required: ['resource_id', 'message', 'files'],
   },
   handler: uploadResource,
 };

package/src/types/tools.ts

@@ -35,6 +35,12 @@ export interface SyncResourcesParams {
   mode?: 'check' | 'incremental' | 'full';
   scope?: 'global' | 'workspace' | 'all';
   types?: string[];
+  /**
+   * CSP API token from the user's mcp.json env configuration.
+   * Overrides the server-level fallback token so that each user
+   * makes API calls with their own identity.
+   */
+  user_token?: string;
 }
 
 export interface McpSetupItem {
@@ -83,6 +89,8 @@ export interface ManageSubscriptionParams {
   auto_sync?: boolean;
   scope?: 'global' | 'workspace';
   notify?: boolean;
+  /** CSP API token from the user's mcp.json env configuration. */
+  user_token?: string;
 }
 
 export interface ManageSubscriptionResult {
@@ -106,6 +114,8 @@ export interface SearchResourcesParams {
   team?: string;
   type?: string;
   keyword: string;
+  /** CSP API token from the user's mcp.json env configuration. */
+  user_token?: string;
 }
 
 export interface SearchResourcesResult {
@@ -131,9 +141,10 @@ export interface FileEntry {
 
 export interface UploadResourceParams {
   resource_id: string;
-  type: 'command' | 'skill' | 'rule' | 'mcp';
+  /** Resource category. Optional — auto-detected from file structure when omitted. */
+  type?: 'command' | 'skill' | 'rule' | 'mcp';
   message: string;
-  /** Human-readable resource name sent to the CSP API. Defaults to resource_id. */
+  /** Human-readable resource name sent to the CSP API. Defaults to the primary file name (without extension). */
   name?: string;
   /** Target source repo from ai-resources-config.json (e.g. "csp", "client-sdk-ai-hub"). Defaults to default_source. */
   target_source?: string;
@@ -147,6 +158,8 @@ export interface UploadResourceParams {
   // ---- Optional fields ----
   title?: string;
   metadata?: Record<string, unknown>;
+  /** CSP API token from the user's mcp.json env configuration. */
+  user_token?: string;
 }
 
 export interface UploadResourceResult {
@@ -161,6 +174,8 @@ export interface UploadResourceResult {
 export interface UninstallResourceParams {
   resource_id_or_name: string;
   remove_from_account?: boolean;
+  /** CSP API token from the user's mcp.json env configuration. */
+  user_token?: string;
 }
 
 export interface UninstallResourceResult {