@fjall/ai-tools 2.18.1

package/LICENSE

@@ -0,0 +1,50 @@
+Fjall Proprietary Software Licence
+
+Copyright (c) 2026 Fjall. All rights reserved.
+
+This software, including all source, object, bundled, and minified forms
+("the Software"), is the proprietary and confidential property of Fjall.
+
+1. Permitted Use. Subject to the terms of this Licence, Fjall grants you
+   a non-exclusive, non-transferable, revocable licence to install the
+   Software via the npm registry and to execute it solely for the purpose
+   of deploying, operating, and managing your own applications and
+   infrastructure on cloud providers.
+
+2. Restrictions. You may NOT, and may not permit any third party to:
+   (a) copy, redistribute, sublicense, sell, rent, lease, or otherwise
+       transfer the Software;
+   (b) modify, adapt, translate, or create derivative works of the Software;
+   (c) reverse engineer, decompile, disassemble, deminify, or otherwise
+       attempt to derive the source code, structure, or organisation of
+       the Software, except to the minimum extent expressly permitted by
+       applicable mandatory law;
+   (d) use the Software, or any portion of it, to develop, train, or
+       improve any product or service that competes with Fjall;
+   (e) remove, alter, or obscure any proprietary notices contained in
+       the Software;
+   (f) publish, share, or otherwise disclose the Software or its contents
+       to any third party.
+
+3. Ownership. All right, title, and interest in and to the Software,
+   including all intellectual property rights, remain with Fjall. No
+   rights are granted except as expressly set out in this Licence.
+
+4. Termination. This Licence terminates automatically if you breach any
+   of its terms. Upon termination you must cease all use of the Software
+   and destroy all copies in your possession.
+
+5. Disclaimer of Warranty. THE SOFTWARE IS PROVIDED "AS IS" WITHOUT
+   WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
+   THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
+   AND NON-INFRINGEMENT.
+
+6. Limitation of Liability. IN NO EVENT SHALL FJALL BE LIABLE FOR ANY
+   INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
+   ARISING OUT OF OR RELATED TO THE SOFTWARE, EVEN IF ADVISED OF THE
+   POSSIBILITY OF SUCH DAMAGES.
+
+7. Governing Law. This Licence is governed by the laws of England and
+   Wales, without regard to conflict of laws principles.
+
+For commercial licensing enquiries, contact: contact@fjall.io

package/README.md

@@ -0,0 +1,19 @@
+# @fjall/ai-tools
+
+Shared AI tool schemas and registry used by the Fjall webapp AI assistant and `@fjall/cli`. Defines the Zod schemas, tool definitions, and routing primitives that keep model-facing tool contracts identical across both surfaces.
+
+## Installation
+
+```bash
+npm install @fjall/ai-tools
+```
+
+## Usage
+
+```typescript
+import { toolRegistry } from "@fjall/ai-tools";
+```
+
+## Licence
+
+Proprietary — see [LICENSE](./LICENSE).

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+export type { ToolTier, ToolSpec, AiToolName } from "./types.js";
+export { AI_TOOL_NAMES } from "./types.js";
+export { AI_TOOL_REGISTRY, getToolSpec } from "./registry.js";
+export * from "./schemas/index.js";

package/dist/index.js

@@ -0,0 +1,3 @@
+export { AI_TOOL_NAMES } from "./types.js";
+export { AI_TOOL_REGISTRY, getToolSpec } from "./registry.js";
+export * from "./schemas/index.js";

package/dist/registry.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Tool registry — metadata and schemas for all AI tools.
+ *
+ * This is the single source of truth for tool names, descriptions, tiers,
+ * and input schemas. The webapp imports these to build the Anthropic API
+ * tool array; the CLI imports them for AXI input validation.
+ */
+import type { ToolSpec } from "./types.js";
+/** All AI tool specifications, ordered: read tools first, then write tools. */
+export declare const AI_TOOL_REGISTRY: readonly ToolSpec[];
+/** Look up a tool spec by name. */
+export declare function getToolSpec(name: string): ToolSpec | undefined;

package/dist/registry.js

@@ -0,0 +1,47 @@
+/**
+ * Tool registry — metadata and schemas for all AI tools.
+ *
+ * This is the single source of truth for tool names, descriptions, tiers,
+ * and input schemas. The webapp imports these to build the Anthropic API
+ * tool array; the CLI imports them for AXI input validation.
+ */
+import { queryInfrastructureSchema } from "./schemas/queryInfrastructure.js";
+import { queryComplianceSchema } from "./schemas/queryCompliance.js";
+import { queryCostsSchema } from "./schemas/queryCosts.js";
+import { queryMetricsSchema } from "./schemas/queryMetrics.js";
+import { getOrganisationOverviewSchema } from "./schemas/getOrganisationOverview.js";
+import { explainErrorSchema } from "./schemas/explainError.js";
+import { compareDeploymentsSchema } from "./schemas/compareDeployments.js";
+import { suggestRemediationSchema } from "./schemas/suggestRemediation.js";
+import { renderChartSchema } from "./schemas/renderChart.js";
+import { triggerDeploymentSchema } from "./schemas/triggerDeployment.js";
+import { manageSecretSchema } from "./schemas/manageSecret.js";
+import { updateConfigurationSchema } from "./schemas/updateConfiguration.js";
+import { manageDomainSchema } from "./schemas/manageDomain.js";
+import { provisionRegionSchema } from "./schemas/provisionRegion.js";
+function spec(name, description, inputSchema, tier, requiredRole) {
+    return { name, description, inputSchema, tier, requiredRole };
+}
+/** All AI tool specifications, ordered: read tools first, then write tools. */
+export const AI_TOOL_REGISTRY = [
+    // ── Read tools ──────────────────────────────────────────────────
+    spec("query_infrastructure", "Query infrastructure entities: applications, deployments, assets, or connected AWS accounts. Set `entity` to choose what to query. Optionally pass `id` to fetch a single record, or use filters like `applicationId` and `status` for deployments. Accounts exclude sensitive credential fields.", queryInfrastructureSchema, "read"),
+    spec("query_compliance", "Query compliance data. Use `mode: issues` to list findings with optional severity/status filters, `mode: counts` for a breakdown of open issues by severity, or `mode: summary` for the compliance score, total open issues, and last scan time.", queryComplianceSchema, "read"),
+    spec("query_costs", "Query AWS cost data for the organisation. Supports summary, trend, forecast, attribution, per-request, per-deployment, and month-to-date modes.", queryCostsSchema, "read"),
+    spec("query_metrics", "Query application metrics from ClickHouse. Supports time-series, latest snapshot, hourly sparklines, and org-wide summary modes.", queryMetricsSchema, "read"),
+    spec("get_organisation_overview", "Get a comprehensive organisation overview combining stats, compliance, cost summary, and deployment velocity. Supports selecting specific sections for faster responses.", getOrganisationOverviewSchema, "read"),
+    spec("explain_error", "Cross-reference logs, error fingerprints, and deployments to explain an error. Returns error fingerprints with AI summaries, optionally correlated with a deployment and matching log entries.", explainErrorSchema, "read"),
+    spec("compare_deployments", "Compare two deployments side-by-side including status, duration, branch, commit, and metric deltas (CPU, memory, error rate, response time) from 1-hour windows around each deployment.", compareDeploymentsSchema, "read"),
+    spec("suggest_remediation", "Gather context from a specific domain (compliance, cost, or performance) so the LLM can generate targeted remediation advice. Returns structured data about the most pressing issues in the chosen domain.", suggestRemediationSchema, "read"),
+    spec("render_chart", "Render a chart in the chat. Use this after gathering data from other tools to visualise trends, comparisons, or distributions. Supported kinds: timeseries (line chart with time x-axis), bar (vertical/horizontal bars), categoryBar (single-axis categorical bar). Pass the chart configuration with data points.", renderChartSchema, "read"),
+    // ── Write tools (require confirmation gate) ─────────────────────
+    spec("trigger_deployment", "Trigger a new deployment for an application. Verifies the application exists, has a connected AWS account and repository, and no active deployment is running. Creates a deployment record and enqueues it for processing.", triggerDeploymentSchema, "write", "admin"),
+    spec("manage_secret", "Manage application secrets stored in AWS SSM Parameter Store. Supports: list (show secret names without values), set (create or update), and delete. Never exposes secret values — the get operation is intentionally excluded.", manageSecretSchema, "write", "admin"),
+    spec("update_configuration", "Update an application's configuration — name, description, or config path. Only safe, non-security-sensitive fields can be changed. At least one field must be provided.", updateConfigurationSchema, "write", "admin"),
+    spec("manage_domain", "Manage custom domains for your applications. Currently supports listing connected environments/accounts. Add and remove operations direct users to the settings page for manual configuration.", manageDomainSchema, "read"),
+    spec("provision_region", "Add an AWS region to the organisation and deploy infrastructure to it. Shows a consequence preview (affected accounts, deployment shape) before asking the user to confirm. Requires admin role.", provisionRegionSchema, "write", "admin"),
+];
+/** Look up a tool spec by name. */
+export function getToolSpec(name) {
+    return AI_TOOL_REGISTRY.find((t) => t.name === name);
+}

package/dist/schemas/compareDeployments.d.ts

@@ -0,0 +1,6 @@
+import { z } from "zod";
+export declare const compareDeploymentsSchema: z.ZodObject<{
+    deploymentIdA: z.ZodString;
+    deploymentIdB: z.ZodString;
+}, z.core.$strict>;
+export type CompareDeploymentsInput = z.infer<typeof compareDeploymentsSchema>;

package/dist/schemas/compareDeployments.js

@@ -0,0 +1,9 @@
+import { z } from "zod";
+export const compareDeploymentsSchema = z
+    .object({
+    deploymentIdA: z.string().describe("First deployment ID (typically older)"),
+    deploymentIdB: z
+        .string()
+        .describe("Second deployment ID (typically newer)"),
+})
+    .strict();

package/dist/schemas/explainError.d.ts

@@ -0,0 +1,8 @@
+import { z } from "zod";
+export declare const explainErrorSchema: z.ZodObject<{
+    applicationId: z.ZodString;
+    errorPattern: z.ZodOptional<z.ZodString>;
+    deploymentId: z.ZodOptional<z.ZodString>;
+    hours: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strict>;
+export type ExplainErrorInput = z.infer<typeof explainErrorSchema>;

package/dist/schemas/explainError.js

@@ -0,0 +1,21 @@
+import { z } from "zod";
+export const explainErrorSchema = z
+    .object({
+    applicationId: z.string().describe("Application experiencing the error"),
+    errorPattern: z
+        .string()
+        .optional()
+        .describe("Error message or pattern to search for"),
+    deploymentId: z
+        .string()
+        .optional()
+        .describe("Deployment that may have introduced the error"),
+    hours: z
+        .number()
+        .int()
+        .min(1)
+        .max(168)
+        .optional()
+        .describe("Lookback window in hours (default 24)"),
+})
+    .strict();

package/dist/schemas/getOrganisationOverview.d.ts

@@ -0,0 +1,10 @@
+import { z } from "zod";
+export declare const getOrganisationOverviewSchema: z.ZodObject<{
+    sections: z.ZodOptional<z.ZodArray<z.ZodEnum<{
+        stats: "stats";
+        compliance: "compliance";
+        costs: "costs";
+        deployments: "deployments";
+    }>>>;
+}, z.core.$strict>;
+export type GetOrganisationOverviewInput = z.infer<typeof getOrganisationOverviewSchema>;

package/dist/schemas/getOrganisationOverview.js

@@ -0,0 +1,15 @@
+import { z } from "zod";
+const OVERVIEW_SECTIONS = [
+    "stats",
+    "compliance",
+    "costs",
+    "deployments",
+];
+export const getOrganisationOverviewSchema = z
+    .object({
+    sections: z
+        .array(z.enum(OVERVIEW_SECTIONS))
+        .optional()
+        .describe("Which sections to include (default: all). Omit sections for faster response."),
+})
+    .strict();

package/dist/schemas/index.d.ts

@@ -0,0 +1,14 @@
+export { queryInfrastructureSchema, type QueryInfrastructureInput, } from "./queryInfrastructure.js";
+export { queryComplianceSchema, type QueryComplianceInput, } from "./queryCompliance.js";
+export { queryCostsSchema, type QueryCostsInput } from "./queryCosts.js";
+export { queryMetricsSchema, type QueryMetricsInput } from "./queryMetrics.js";
+export { getOrganisationOverviewSchema, type GetOrganisationOverviewInput, } from "./getOrganisationOverview.js";
+export { explainErrorSchema, type ExplainErrorInput } from "./explainError.js";
+export { compareDeploymentsSchema, type CompareDeploymentsInput, } from "./compareDeployments.js";
+export { suggestRemediationSchema, type SuggestRemediationInput, } from "./suggestRemediation.js";
+export { renderChartSchema, type RenderChartInput } from "./renderChart.js";
+export { triggerDeploymentSchema, type TriggerDeploymentInput, } from "./triggerDeployment.js";
+export { manageSecretSchema, type ManageSecretInput } from "./manageSecret.js";
+export { updateConfigurationSchema, type UpdateConfigurationInput, } from "./updateConfiguration.js";
+export { manageDomainSchema, type ManageDomainInput } from "./manageDomain.js";
+export { provisionRegionSchema, type ProvisionRegionInput, } from "./provisionRegion.js";

package/dist/schemas/index.js

@@ -0,0 +1,14 @@
+export { queryInfrastructureSchema, } from "./queryInfrastructure.js";
+export { queryComplianceSchema, } from "./queryCompliance.js";
+export { queryCostsSchema } from "./queryCosts.js";
+export { queryMetricsSchema } from "./queryMetrics.js";
+export { getOrganisationOverviewSchema, } from "./getOrganisationOverview.js";
+export { explainErrorSchema } from "./explainError.js";
+export { compareDeploymentsSchema, } from "./compareDeployments.js";
+export { suggestRemediationSchema, } from "./suggestRemediation.js";
+export { renderChartSchema } from "./renderChart.js";
+export { triggerDeploymentSchema, } from "./triggerDeployment.js";
+export { manageSecretSchema } from "./manageSecret.js";
+export { updateConfigurationSchema, } from "./updateConfiguration.js";
+export { manageDomainSchema } from "./manageDomain.js";
+export { provisionRegionSchema, } from "./provisionRegion.js";

package/dist/schemas/manageDomain.d.ts

@@ -0,0 +1,9 @@
+import { z } from "zod";
+export declare const manageDomainSchema: z.ZodObject<{
+    operation: z.ZodEnum<{
+        list: "list";
+        add: "add";
+        remove: "remove";
+    }>;
+}, z.core.$strict>;
+export type ManageDomainInput = z.infer<typeof manageDomainSchema>;

package/dist/schemas/manageDomain.js

@@ -0,0 +1,8 @@
+import { z } from "zod";
+export const manageDomainSchema = z
+    .object({
+    operation: z
+        .enum(["list", "add", "remove"])
+        .describe("list: show configured environments/accounts; add/remove: redirects to settings page"),
+})
+    .strict();

package/dist/schemas/manageSecret.d.ts

@@ -0,0 +1,15 @@
+import { z } from "zod";
+export declare const manageSecretSchema: z.ZodObject<{
+    operation: z.ZodEnum<{
+        set: "set";
+        delete: "delete";
+        list: "list";
+    }>;
+    applicationId: z.ZodString;
+    app: z.ZodString;
+    cluster: z.ZodOptional<z.ZodString>;
+    service: z.ZodOptional<z.ZodString>;
+    name: z.ZodOptional<z.ZodString>;
+    value: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+export type ManageSecretInput = z.infer<typeof manageSecretSchema>;

package/dist/schemas/manageSecret.js

@@ -0,0 +1,26 @@
+import { z } from "zod";
+export const manageSecretSchema = z
+    .object({
+    operation: z
+        .enum(["set", "delete", "list"])
+        .describe("Operation to perform. Note: get is intentionally omitted — secret values are never exposed."),
+    applicationId: z
+        .string()
+        .describe("The application whose AWS account holds the secrets"),
+    app: z
+        .string()
+        .min(1)
+        .describe("SSM namespace app component (e.g. application name)"),
+    cluster: z.string().optional().describe("SSM namespace cluster component"),
+    service: z.string().optional().describe("SSM namespace service component"),
+    name: z
+        .string()
+        .optional()
+        .describe("Secret name (required for set and delete operations)"),
+    value: z
+        .string()
+        .max(4096)
+        .optional()
+        .describe("Secret value (required for set operation)"),
+})
+    .strict();

package/dist/schemas/provisionRegion.d.ts

@@ -0,0 +1,6 @@
+import { z } from "zod";
+export declare const provisionRegionSchema: z.ZodObject<{
+    region: z.ZodString;
+    connectedAwsAccountId: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+export type ProvisionRegionInput = z.infer<typeof provisionRegionSchema>;

package/dist/schemas/provisionRegion.js

@@ -0,0 +1,12 @@
+import { z } from "zod";
+export const provisionRegionSchema = z
+    .object({
+    region: z
+        .string()
+        .describe("AWS region code to add, e.g. 'ap-southeast-2'"),
+    connectedAwsAccountId: z
+        .string()
+        .optional()
+        .describe("Target connected-account id; only needed when the organisation has no organisation-tier account and multiple accounts are connected"),
+})
+    .strict();

package/dist/schemas/queryCompliance.d.ts

@@ -0,0 +1,21 @@
+import { z } from "zod";
+export declare const queryComplianceSchema: z.ZodObject<{
+    mode: z.ZodEnum<{
+        issues: "issues";
+        counts: "counts";
+        summary: "summary";
+    }>;
+    severity: z.ZodOptional<z.ZodEnum<{
+        critical: "critical";
+        high: "high";
+        medium: "medium";
+        low: "low";
+    }>>;
+    status: z.ZodOptional<z.ZodEnum<{
+        open: "open";
+        resolved: "resolved";
+        suppressed: "suppressed";
+    }>>;
+    limit: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strict>;
+export type QueryComplianceInput = z.infer<typeof queryComplianceSchema>;

package/dist/schemas/queryCompliance.js

@@ -0,0 +1,23 @@
+import { z } from "zod";
+export const queryComplianceSchema = z
+    .object({
+    mode: z
+        .enum(["issues", "counts", "summary"])
+        .describe("issues: list findings; counts: breakdown by severity; summary: compliance score and overview"),
+    severity: z
+        .enum(["critical", "high", "medium", "low"])
+        .optional()
+        .describe("Filter by severity (issues mode)"),
+    status: z
+        .enum(["open", "resolved", "suppressed"])
+        .optional()
+        .describe("Filter by status (issues mode)"),
+    limit: z
+        .number()
+        .int()
+        .min(1)
+        .max(50)
+        .optional()
+        .describe("Max results for issues mode (default 20)"),
+})
+    .strict();

package/dist/schemas/queryCosts.d.ts

@@ -0,0 +1,16 @@
+import { z } from "zod";
+export declare const queryCostsSchema: z.ZodObject<{
+    mode: z.ZodEnum<{
+        summary: "summary";
+        trend: "trend";
+        forecast: "forecast";
+        attribution: "attribution";
+        per_request: "per_request";
+        per_deployment: "per_deployment";
+        month_to_date: "month_to_date";
+    }>;
+    applicationId: z.ZodOptional<z.ZodString>;
+    days: z.ZodOptional<z.ZodNumber>;
+    forecastDays: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strict>;
+export type QueryCostsInput = z.infer<typeof queryCostsSchema>;

package/dist/schemas/queryCosts.js

@@ -0,0 +1,34 @@
+import { z } from "zod";
+export const queryCostsSchema = z
+    .object({
+    mode: z
+        .enum([
+        "summary",
+        "trend",
+        "forecast",
+        "attribution",
+        "per_request",
+        "per_deployment",
+        "month_to_date",
+    ])
+        .describe("summary: total + by-service; trend: daily with period comparison; forecast: linear regression projection; attribution: service breakdown; per_request/per_deployment: cost ratios for an app; month_to_date: MTD total"),
+    applicationId: z
+        .string()
+        .optional()
+        .describe("Required for per_request, per_deployment, and app-specific month_to_date"),
+    days: z
+        .number()
+        .int()
+        .min(1)
+        .max(90)
+        .optional()
+        .describe("Lookback period (default 30)"),
+    forecastDays: z
+        .number()
+        .int()
+        .min(1)
+        .max(30)
+        .optional()
+        .describe("Forecast horizon, only for forecast mode (default 7)"),
+})
+    .strict();

package/dist/schemas/queryInfrastructure.d.ts

@@ -0,0 +1,14 @@
+import { z } from "zod";
+export declare const queryInfrastructureSchema: z.ZodObject<{
+    entity: z.ZodEnum<{
+        application: "application";
+        deployment: "deployment";
+        asset: "asset";
+        account: "account";
+    }>;
+    id: z.ZodOptional<z.ZodString>;
+    applicationId: z.ZodOptional<z.ZodString>;
+    status: z.ZodOptional<z.ZodString>;
+    limit: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strict>;
+export type QueryInfrastructureInput = z.infer<typeof queryInfrastructureSchema>;

package/dist/schemas/queryInfrastructure.js

@@ -0,0 +1,24 @@
+import { z } from "zod";
+export const queryInfrastructureSchema = z
+    .object({
+    entity: z
+        .enum(["application", "deployment", "asset", "account"])
+        .describe("What to query"),
+    id: z.string().optional().describe("Specific entity ID for detail fetch"),
+    applicationId: z
+        .string()
+        .optional()
+        .describe("Filter by application (deployments only)"),
+    status: z
+        .string()
+        .optional()
+        .describe("Status filter (deployments: queued/pending/running/succeeded/failed)"),
+    limit: z
+        .number()
+        .int()
+        .min(1)
+        .max(100)
+        .optional()
+        .describe("Max results (default varies by entity)"),
+})
+    .strict();

package/dist/schemas/queryMetrics.d.ts

@@ -0,0 +1,13 @@
+import { z } from "zod";
+export declare const queryMetricsSchema: z.ZodObject<{
+    mode: z.ZodEnum<{
+        time_series: "time_series";
+        latest: "latest";
+        sparklines: "sparklines";
+        org_summary: "org_summary";
+    }>;
+    applicationId: z.ZodOptional<z.ZodString>;
+    hours: z.ZodOptional<z.ZodNumber>;
+    limit: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strict>;
+export type QueryMetricsInput = z.infer<typeof queryMetricsSchema>;

package/dist/schemas/queryMetrics.js

@@ -0,0 +1,23 @@
+import { z } from "zod";
+export const queryMetricsSchema = z
+    .object({
+    mode: z
+        .enum(["time_series", "latest", "sparklines", "org_summary"])
+        .describe("time_series: metric values over time for an app; latest: current metrics; sparklines: hourly mini-trends; org_summary: org-wide aggregates"),
+    applicationId: z.string().optional().describe("Required for time_series"),
+    hours: z
+        .number()
+        .int()
+        .min(1)
+        .max(168)
+        .optional()
+        .describe("Lookback hours (default 24)"),
+    limit: z
+        .number()
+        .int()
+        .min(1)
+        .max(500)
+        .optional()
+        .describe("Max data points for time_series (default 100)"),
+})
+    .strict();

package/dist/schemas/renderChart.d.ts

@@ -0,0 +1,40 @@
+import { z } from "zod";
+export declare const renderChartSchema: z.ZodObject<{
+    kind: z.ZodEnum<{
+        timeseries: "timeseries";
+        bar: "bar";
+        categoryBar: "categoryBar";
+    }>;
+    title: z.ZodOptional<z.ZodString>;
+    series: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        label: z.ZodString;
+        kind: z.ZodEnum<{
+            count: "count";
+            rate: "rate";
+            duration_ms: "duration_ms";
+            bytes: "bytes";
+            currency: "currency";
+            percent: "percent";
+        }>;
+        data: z.ZodArray<z.ZodObject<{
+            x: z.ZodNumber;
+            y: z.ZodNullable<z.ZodNumber>;
+        }, z.core.$strict>>;
+    }, z.core.$strict>>>;
+    data: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        label: z.ZodString;
+        value: z.ZodNumber;
+    }, z.core.$strict>>>;
+    unit: z.ZodOptional<z.ZodEnum<{
+        count: "count";
+        rate: "rate";
+        duration_ms: "duration_ms";
+        bytes: "bytes";
+        currency: "currency";
+        percent: "percent";
+    }>>;
+    stacked: z.ZodOptional<z.ZodBoolean>;
+    areaFill: z.ZodOptional<z.ZodBoolean>;
+}, z.core.$strict>;
+export type RenderChartInput = z.infer<typeof renderChartSchema>;

package/dist/schemas/renderChart.js

@@ -0,0 +1,45 @@
+import { z } from "zod";
+const seriesKindEnum = z.enum([
+    "count",
+    "rate",
+    "duration_ms",
+    "bytes",
+    "currency",
+    "percent",
+]);
+export const renderChartSchema = z
+    .object({
+    kind: z.enum(["timeseries", "bar", "categoryBar"]),
+    title: z.string().optional(),
+    series: z
+        .array(z
+        .object({
+        id: z.string(),
+        label: z.string(),
+        kind: seriesKindEnum,
+        data: z.array(z
+            .object({
+            x: z
+                .number()
+                .describe("Unix timestamp in milliseconds, or numeric value"),
+            y: z.number().nullable(),
+        })
+            .strict()),
+    })
+        .strict())
+        .optional()
+        .describe("Series data for timeseries and bar charts"),
+    data: z
+        .array(z
+        .object({
+        label: z.string(),
+        value: z.number(),
+    })
+        .strict())
+        .optional()
+        .describe("Category data for categoryBar charts"),
+    unit: seriesKindEnum.optional(),
+    stacked: z.boolean().optional(),
+    areaFill: z.boolean().optional(),
+})
+    .strict();

package/dist/schemas/suggestRemediation.d.ts

@@ -0,0 +1,11 @@
+import { z } from "zod";
+export declare const suggestRemediationSchema: z.ZodObject<{
+    domain: z.ZodEnum<{
+        compliance: "compliance";
+        cost: "cost";
+        performance: "performance";
+    }>;
+    applicationId: z.ZodOptional<z.ZodString>;
+    issueId: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+export type SuggestRemediationInput = z.infer<typeof suggestRemediationSchema>;

package/dist/schemas/suggestRemediation.js

@@ -0,0 +1,16 @@
+import { z } from "zod";
+export const suggestRemediationSchema = z
+    .object({
+    domain: z
+        .enum(["compliance", "cost", "performance"])
+        .describe("What type of issue to remediate"),
+    applicationId: z
+        .string()
+        .optional()
+        .describe("Specific application context"),
+    issueId: z
+        .string()
+        .optional()
+        .describe("Specific compliance issue ID for targeted advice"),
+})
+    .strict();

package/dist/schemas/triggerDeployment.d.ts

@@ -0,0 +1,7 @@
+import { z } from "zod";
+export declare const triggerDeploymentSchema: z.ZodObject<{
+    applicationId: z.ZodString;
+    environment: z.ZodOptional<z.ZodString>;
+    branch: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+export type TriggerDeploymentInput = z.infer<typeof triggerDeploymentSchema>;

package/dist/schemas/triggerDeployment.js

@@ -0,0 +1,14 @@
+import { z } from "zod";
+export const triggerDeploymentSchema = z
+    .object({
+    applicationId: z.string().describe("The application ID to deploy"),
+    environment: z
+        .string()
+        .optional()
+        .describe("Target environment (e.g. production, staging)"),
+    branch: z
+        .string()
+        .optional()
+        .describe("Git branch to deploy from (defaults to repository default)"),
+})
+    .strict();

package/dist/schemas/updateConfiguration.d.ts

@@ -0,0 +1,8 @@
+import { z } from "zod";
+export declare const updateConfigurationSchema: z.ZodObject<{
+    applicationId: z.ZodString;
+    name: z.ZodOptional<z.ZodString>;
+    description: z.ZodOptional<z.ZodString>;
+    configPath: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+export type UpdateConfigurationInput = z.infer<typeof updateConfigurationSchema>;

package/dist/schemas/updateConfiguration.js

@@ -0,0 +1,27 @@
+import { z } from "zod";
+export const updateConfigurationSchema = z
+    .object({
+    applicationId: z.string().describe("Application to update"),
+    name: z
+        .string()
+        .min(1)
+        .max(100)
+        .optional()
+        .describe("New application name"),
+    description: z
+        .string()
+        .max(500)
+        .optional()
+        .describe("New application description"),
+    configPath: z
+        .string()
+        .max(500)
+        .optional()
+        .describe("New IaC configuration path"),
+})
+    .strict()
+    .refine((input) => input.name !== undefined ||
+    input.description !== undefined ||
+    input.configPath !== undefined, {
+    message: "At least one of 'name', 'description', or 'configPath' must be provided",
+});

package/dist/types.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Shared type definitions for the AI tool system.
+ *
+ * These types are used by both the webapp (tool execution) and
+ * CLI (AXI command validation) to ensure parity.
+ */
+import type { z } from "zod";
+/** Tool access tier — read tools auto-execute, write tools require confirmation. */
+export type ToolTier = "read" | "write";
+/** A tool definition without execution logic — schemas and metadata only. */
+export interface ToolSpec {
+    /** Machine name, e.g. "query_infrastructure" */
+    name: string;
+    /** Human-readable description for the AI model */
+    description: string;
+    /** Zod input schema — validated at both webapp and CLI boundaries */
+    inputSchema: z.ZodType;
+    /** Access tier */
+    tier: ToolTier;
+    /** Minimum role required (only meaningful for write tools) */
+    requiredRole?: string;
+}
+/** Canonical tool names — single source of truth across webapp and CLI. */
+export declare const AI_TOOL_NAMES: readonly ["query_infrastructure", "query_compliance", "query_costs", "query_metrics", "get_organisation_overview", "explain_error", "compare_deployments", "suggest_remediation", "render_chart", "trigger_deployment", "manage_secret", "update_configuration", "manage_domain", "provision_region"];
+export type AiToolName = (typeof AI_TOOL_NAMES)[number];

package/dist/types.js

@@ -0,0 +1,23 @@
+/**
+ * Shared type definitions for the AI tool system.
+ *
+ * These types are used by both the webapp (tool execution) and
+ * CLI (AXI command validation) to ensure parity.
+ */
+/** Canonical tool names — single source of truth across webapp and CLI. */
+export const AI_TOOL_NAMES = [
+    "query_infrastructure",
+    "query_compliance",
+    "query_costs",
+    "query_metrics",
+    "get_organisation_overview",
+    "explain_error",
+    "compare_deployments",
+    "suggest_remediation",
+    "render_chart",
+    "trigger_deployment",
+    "manage_secret",
+    "update_configuration",
+    "manage_domain",
+    "provision_region",
+];

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@fjall/ai-tools",
+  "version": "2.18.1",
+  "description": "Shared AI tool schemas and registry for Fjall webapp and CLI",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    },
+    "./schemas": {
+      "types": "./dist/schemas/index.d.ts",
+      "default": "./dist/schemas/index.js"
+    },
+    "./registry": {
+      "types": "./dist/registry.d.ts",
+      "default": "./dist/registry.js"
+    }
+  },
+  "files": [
+    "dist/"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "clean": "rm -rf ./dist",
+    "clean:node": "rm -rf ./node_modules",
+    "build": "npm run clean && npx tsc",
+    "watch": "npm run build && npx tsc-watch",
+    "watch:only": "npx tsc-watch",
+    "format": "prettier --write \"src/**/*.{ts,json}\"",
+    "format:check": "prettier --check \"src/**/*.{ts,json}\"",
+    "test": "vitest run",
+    "typecheck": "npx tsc --noEmit"
+  },
+  "license": "SEE LICENSE IN LICENSE",
+  "devDependencies": {
+    "@types/node": "^25.6.0",
+    "prettier": "^3.8.3",
+    "tsc-watch": "^7.2.0",
+    "typescript": "^6.0.3",
+    "vitest": "^4.1.5"
+  },
+  "dependencies": {
+    "zod": "^4.4.3"
+  },
+  "engines": {
+    "node": ">=22.0.0"
+  },
+  "gitHead": "abea3c09d4831635e41a91cbd526beeb9ab58443"
+}