@frontmcp/sdk 0.11.2 → 0.11.3

package/esm/index.mjs

@@ -406,6 +406,11 @@ var init_skill_tokens = __esm({
       hideFromDiscovery: tokenFactory.meta("skill:hideFromDiscovery"),
       toolValidation: tokenFactory.meta("skill:toolValidation"),
       visibility: tokenFactory.meta("skill:visibility"),
+      license: tokenFactory.meta("skill:license"),
+      compatibility: tokenFactory.meta("skill:compatibility"),
+      specMetadata: tokenFactory.meta("skill:specMetadata"),
+      allowedTools: tokenFactory.meta("skill:allowedTools"),
+      resources: tokenFactory.meta("skill:resources"),
       metadata: tokenFactory.meta("skill:metadata")
       // used in skill({}) construction
     };
@@ -2645,7 +2650,7 @@ function isFileInstructions(source) {
 function isUrlInstructions(source) {
   return typeof source === "object" && "url" in source;
 }
-var skillToolRefSchema, skillToolRefWithClassSchema, skillToolInputSchema, skillParameterSchema, skillExampleSchema, skillInstructionSourceSchema, skillMetadataSchema;
+var skillToolRefSchema, skillToolRefWithClassSchema, skillToolInputSchema, skillParameterSchema, skillExampleSchema, skillInstructionSourceSchema, skillResourcesSchema, skillMetadataSchema;
 var init_skill_metadata = __esm({
   "libs/sdk/src/common/metadata/skill.metadata.ts"() {
     "use strict";
@@ -2696,10 +2701,21 @@ var init_skill_metadata = __esm({
       }).strict()
       // URL
     ]);
+    skillResourcesSchema = z29.object({
+      scripts: z29.string().optional(),
+      references: z29.string().optional(),
+      assets: z29.string().optional()
+    });
     skillMetadataSchema = z29.object({
       id: z29.string().optional(),
-      name: z29.string().min(1),
-      description: z29.string().min(1),
+      name: z29.string().min(1).max(64).regex(/^[a-z0-9]([a-z0-9-]*[a-z0-9])?$/, {
+        message: "Skill name must be kebab-case: lowercase letters, numbers, and hyphens only. Must not start/end with a hyphen."
+      }).refine((n) => !n.includes("--"), {
+        message: "Skill name must not contain consecutive hyphens."
+      }),
+      description: z29.string().min(1).max(1024).refine((d) => !/<[a-zA-Z][^>]*>/.test(d), {
+        message: "Skill description must not contain XML/HTML tags (per Agent Skills spec)."
+      }),
       instructions: skillInstructionSourceSchema,
       tools: z29.array(skillToolInputSchema).optional(),
       tags: z29.array(z29.string().min(1)).optional(),
@@ -2708,7 +2724,12 @@ var init_skill_metadata = __esm({
       priority: z29.number().optional().default(0),
       hideFromDiscovery: z29.boolean().optional().default(false),
       toolValidation: z29.enum(["strict", "warn", "ignore"]).optional().default("warn"),
-      visibility: z29.enum(["mcp", "http", "both"]).optional().default("both")
+      visibility: z29.enum(["mcp", "http", "both"]).optional().default("both"),
+      license: z29.string().optional(),
+      compatibility: z29.string().max(500).optional(),
+      specMetadata: z29.record(z29.string(), z29.string()).optional(),
+      allowedTools: z29.string().optional(),
+      resources: skillResourcesSchema.optional()
     }).passthrough();
   }
 });
@@ -9333,7 +9354,11 @@ ${JSON.stringify(error.schema, null, 2)}
         this.logger.info("finalize: sending response", {
           tool: tool.metadata.name,
           hasContent: Array.isArray(result.content) && result.content.length > 0,
-          contentLength: Array.isArray(result.content) ? result.content.length : 0,
+          contentParts: Array.isArray(result.content) ? result.content.length : 0,
+          contentBytes: Array.isArray(result.content) ? result.content.reduce((sum, part) => {
+            const str = JSON.stringify(part);
+            return sum + (typeof Buffer !== "undefined" ? Buffer.byteLength(str, "utf8") : new TextEncoder().encode(str).byteLength);
+          }, 0) : 0,
           hasStructuredContent: result.structuredContent !== void 0,
           hasMeta: result._meta !== void 0,
           metaKeys: result._meta ? Object.keys(result._meta) : [],
@@ -13078,9 +13103,10 @@ var init_adapter_registry = __esm({
           const instance = new AdapterInstance(rec, deps, this.providers);
           this.instances.set(token, instance);
           readyArr.push(instance.ready);
+          this.logger?.verbose(`AdapterRegistry: initialized adapter '${rec.metadata.name}'`);
         }
         await Promise.all(readyArr);
-        this.logger?.debug("AdapterRegistry: initialization complete");
+        this.logger?.verbose(`AdapterRegistry: initialization complete (${this.instances.size} adapter(s))`);
       }
       getAdapters() {
         return [...this.instances.values()];
@@ -13217,9 +13243,46 @@ var init_skill_events = __esm({
   }
 });
 
+// libs/sdk/src/skill/skill-md-parser.ts
+import * as yaml from "js-yaml";
+import { readFile } from "@frontmcp/utils";
+function parseSkillMdFrontmatter(content) {
+  const trimmed = content.trimStart();
+  if (!trimmed.startsWith("---")) {
+    return { frontmatter: {}, body: content };
+  }
+  const closingIndex = trimmed.indexOf("\n---", 3);
+  if (closingIndex === -1) {
+    return { frontmatter: {}, body: content };
+  }
+  const yamlBlock = trimmed.substring(3, closingIndex).trim();
+  const afterClose = closingIndex + 4;
+  const bodyStart = trimmed[afterClose] === "\n" ? afterClose + 1 : afterClose;
+  const body = trimmed.substring(bodyStart);
+  let frontmatter = {};
+  try {
+    const parsed = yaml.load(yamlBlock);
+    if (typeof parsed === "object" && parsed !== null && !Array.isArray(parsed)) {
+      frontmatter = parsed;
+    }
+  } catch {
+    return { frontmatter: {}, body: content };
+  }
+  return { frontmatter, body };
+}
+function stripFrontmatter(content) {
+  const { body } = parseSkillMdFrontmatter(content);
+  return body;
+}
+var init_skill_md_parser = __esm({
+  "libs/sdk/src/skill/skill-md-parser.ts"() {
+    "use strict";
+  }
+});
+
 // libs/sdk/src/skill/skill.utils.ts
 import { isClass as isClass11, getMetadata as getMetadata13, depsOfClass as depsOfClass8 } from "@frontmcp/di";
-import { readFile } from "@frontmcp/utils";
+import { readFile as readFile2 } from "@frontmcp/utils";
 function collectSkillMetadata(cls) {
   const extended = getMetadata13(extendedSkillMetadata, cls);
   const seed = extended ? { ...extended } : {};
@@ -13285,7 +13348,8 @@ async function loadInstructions(source, basePath) {
   }
   if (isFileInstructions(source)) {
     const filePath = basePath ? `${basePath}/${source.file}` : source.file;
-    return readFile(filePath, "utf-8");
+    const content = await readFile2(filePath, "utf-8");
+    return stripFrontmatter(content);
   }
   if (isUrlInstructions(source)) {
     const response = await fetch(source.url);
@@ -13304,7 +13368,12 @@ function buildSkillContent(metadata, instructions) {
     instructions,
     tools: normalizeToolRefs(metadata.tools),
     parameters: metadata.parameters,
-    examples: metadata.examples
+    examples: metadata.examples,
+    license: metadata.license,
+    compatibility: metadata.compatibility,
+    specMetadata: metadata.specMetadata,
+    allowedTools: metadata.allowedTools,
+    resources: metadata.resources
   };
 }
 function normalizeToolRefs(tools) {
@@ -13338,6 +13407,14 @@ function formatSkillForLLM(skill, availableTools, missingTools) {
   parts.push("");
   parts.push(skill.description);
   parts.push("");
+  if (skill.license) {
+    parts.push(`**License:** ${skill.license}`);
+    parts.push("");
+  }
+  if (skill.compatibility) {
+    parts.push(`**Compatibility:** ${skill.compatibility}`);
+    parts.push("");
+  }
   if (missingTools.length > 0) {
     parts.push("> **Warning:** Some tools referenced by this skill are not available:");
     parts.push(`> Missing: ${missingTools.join(", ")}`);
@@ -13412,6 +13489,7 @@ var init_skill_utils = __esm({
     "use strict";
     init_common();
     init_errors();
+    init_skill_md_parser();
   }
 });
 
@@ -14697,6 +14775,7 @@ var init_plugin_registry = __esm({
     init_hooks_utils();
     init_errors();
     init_context();
+    init_common();
     PluginRegistry = class _PluginRegistry extends RegistryAbstract {
       /** providers by token */
       pProviders = /* @__PURE__ */ new Map();
@@ -14715,15 +14794,29 @@ var init_plugin_registry = __esm({
       scope;
       scopeInfo;
       owner;
+      logger;
       constructor(providers, list, owner, scopeInfo) {
         super("PluginRegistry", providers, list);
         this.scope = providers.getActiveScope();
         this.scopeInfo = scopeInfo;
         this.owner = owner;
+        try {
+          this.logger = providers.get(FrontMcpLogger)?.child("PluginRegistry");
+        } catch (e) {
+          console.debug("PluginRegistry: logger initialization failed", e);
+        }
       }
       getPlugins() {
         return [...this.instances.values()];
       }
+      /**
+       * Returns the names of all registered plugins from their definition records.
+       * Unlike getPlugins().map(p => p.metadata.name), this is safe because
+       * raw plugin instances (e.g. DynamicPlugin subclasses) may not carry a .metadata property.
+       */
+      getPluginNames() {
+        return [...this.defs.values()].map((rec) => rec.metadata.name);
+      }
       buildMap(list) {
         const tokens = /* @__PURE__ */ new Set();
         const defs = /* @__PURE__ */ new Map();
@@ -14750,6 +14843,7 @@ var init_plugin_registry = __esm({
         }
       }
       async initialize() {
+        this.logger?.verbose(`PluginRegistry: initializing ${this.tokens.size} plugin(s)`);
         for (const token of this.tokens) {
           const rec = this.defs.get(token);
           const deps = this.graph.get(token);
@@ -14857,6 +14951,9 @@ var init_plugin_registry = __esm({
             }
           }
           this.instances.set(token, pluginInstance);
+          this.logger?.verbose(
+            `PluginRegistry: registered plugin '${rec.metadata.name}' (${hooks.length} hook(s), ${contextExtensions?.length ?? 0} context extension(s))`
+          );
         }
       }
     };
@@ -15990,7 +16087,7 @@ var init_config_symbols = __esm({
 });
 
 // libs/sdk/src/builtin/config/providers/env-loader.ts
-import { readFile as readFile2, fileExists } from "@frontmcp/utils";
+import { readFile as readFile3, fileExists } from "@frontmcp/utils";
 import * as path from "path";
 function parseEnvContent(content) {
   const result = {};
@@ -16021,12 +16118,12 @@ async function loadEnvFiles(basePath = process.cwd(), envPath = ".env", localEnv
   const result = {};
   const envFile = path.resolve(basePath, envPath);
   if (await fileExists(envFile)) {
-    const content = await readFile2(envFile);
+    const content = await readFile3(envFile);
     Object.assign(result, parseEnvContent(content));
   }
   const localFile = path.resolve(basePath, localEnvPath);
   if (await fileExists(localFile)) {
-    const content = await readFile2(localFile);
+    const content = await readFile3(localFile);
     Object.assign(result, parseEnvContent(content));
   }
   return result;
@@ -16145,9 +16242,9 @@ var init_env_loader = __esm({
 });
 
 // libs/sdk/src/builtin/config/providers/config-loader.ts
-import * as yaml from "js-yaml";
+import * as yaml2 from "js-yaml";
 import * as path2 from "path";
-import { readFile as readFile3, fileExists as fileExists2 } from "@frontmcp/utils";
+import { readFile as readFile4, fileExists as fileExists2 } from "@frontmcp/utils";
 async function loadConfig(schema, options = {}) {
   const {
     basePath = process.cwd(),
@@ -16190,8 +16287,8 @@ async function loadYamlConfig(basePath, configPath) {
   for (const ext of extensions) {
     const fullPath = path2.resolve(basePath, baseName + ext);
     if (await fileExists2(fullPath)) {
-      const content = await readFile3(fullPath);
-      const parsed = yaml.load(content);
+      const content = await readFile4(fullPath);
+      const parsed = yaml2.load(content);
       if (parsed && typeof parsed === "object") {
         return parsed;
       }
@@ -16657,6 +16754,7 @@ var init_flow_instance = __esm({
       FlowClass;
       stages;
       hooks;
+      logger;
       constructor(scope, record, deps, globalProviders) {
         super(scope, record);
         this.deps = [...deps];
@@ -16665,6 +16763,7 @@ var init_flow_instance = __esm({
         this.ready = this.initialize();
         this.plan = this.record.metadata.plan;
         this.hooks = scope.providers.getHooksRegistry();
+        this.logger = scope.logger.child("FlowInstance");
       }
       async initialize() {
         const server = this.globalProviders.getActiveServer();
@@ -16699,7 +16798,8 @@ var init_flow_instance = __esm({
                     return writeHttpResponse(response, e.output);
                 }
               }
-              console.error("[FlowInstance] Unhandled error:", {
+              this.logger.error("Unhandled error in flow", {
+                flow: this.name,
                 name: e instanceof Error ? e.name : "UnknownError",
                 message: e instanceof Error ? e.message : String(e)
               });
@@ -16732,6 +16832,7 @@ var init_flow_instance = __esm({
         try {
           return this.globalProviders.get(FrontMcpContextStorage);
         } catch {
+          this.logger.verbose("getContextStorage: FrontMcpContextStorage not available");
           return void 0;
         }
       }
@@ -16765,6 +16866,7 @@ var init_flow_instance = __esm({
         );
       }
       async run(input, deps) {
+        this.logger.verbose(`run: starting flow '${this.name}'`);
         const scope = this.globalProviders.getActiveScope();
         const { FlowClass, plan: plan32, name: name33 } = this;
         const contextStorage = this.getContextStorage();
@@ -16800,10 +16902,10 @@ var init_flow_instance = __esm({
             try {
               metas.push(h2.metadata);
             } catch (e) {
-              console.warn(
-                "[flow] Ignoring injected hook that failed to materialize:",
-                e instanceof Error ? e.message : "Unknown error"
-              );
+              this.logger.warn("Ignoring injected hook that failed to materialize", {
+                flow: this.name,
+                error: e instanceof Error ? e.message : "Unknown error"
+              });
             }
           }
           if (metas.length) {
@@ -16911,6 +17013,7 @@ var init_flow_instance = __esm({
         };
         {
           const pre = await runStageGroup(plan32.pre, true);
+          this.logger.verbose(`run: PRE completed, outcome=${pre.outcome}`);
           if (pre.outcome === "respond") {
             const post = await runStageGroup(plan32.post, false);
             if (post.outcome === "unknown_error" || post.outcome === "fail") {
@@ -16949,6 +17052,7 @@ var init_flow_instance = __esm({
         }
         if (!responded) {
           const exec = await runStageGroup(plan32.execute, true);
+          this.logger.verbose(`run: EXECUTE completed, outcome=${exec.outcome}`);
           if (exec.outcome === "respond") {
           } else if (exec.outcome === "unknown_error" || exec.outcome === "fail") {
             try {
@@ -16967,6 +17071,7 @@ var init_flow_instance = __esm({
         }
         {
           const post = await runStageGroup(plan32.post, false);
+          this.logger.verbose(`run: POST completed, outcome=${post.outcome}`);
           if (post.outcome === "unknown_error" || post.outcome === "fail") {
             try {
               await runErrorStage();
@@ -18456,13 +18561,19 @@ var init_app_local_instance = __esm({
       appPrompts;
       appAgents;
       appSkills;
+      logger;
       constructor(record, scopeProviders) {
         super(record);
         this.scopeProviders = scopeProviders;
         this.id = this.metadata.id ?? idFromString(this.metadata.name);
+        try {
+          this.logger = scopeProviders.get(FrontMcpLogger)?.child("AppLocalInstance");
+        } catch {
+        }
         this.ready = this.initialize();
       }
       async initialize() {
+        this.logger?.verbose(`Initializing app: ${this.metadata.name} (id: ${this.id})`);
         this.appProviders = new ProviderRegistry(this.metadata.providers ?? [], this.scopeProviders);
         await this.appProviders.ready;
         const appOwner = {
@@ -18478,15 +18589,37 @@ var init_app_local_instance = __esm({
         };
         this.appPlugins = new PluginRegistry(this.appProviders, this.metadata.plugins ?? [], appOwner, scopeInfo);
         await this.appPlugins.ready;
+        this.logger?.verbose(`App ${this.metadata.name}: ${this.appPlugins.getPlugins().length} plugin(s) registered`);
         this.appAdapters = new AdapterRegistry(this.appProviders, this.metadata.adapters ?? []);
         await this.appAdapters.ready;
+        this.logger?.verbose(`App ${this.metadata.name}: ${this.appAdapters.getAdapters().length} adapter(s) found`);
         this.appTools = new ToolRegistry(this.appProviders, this.metadata.tools ?? [], appOwner);
         await this.appTools.ready;
+        const toolNames = this.appTools.getTools(true).map((t) => t.metadata.name);
+        this.logger?.verbose(
+          `App ${this.metadata.name}: ${toolNames.length} tool(s) registered: [${toolNames.join(", ")}]`
+        );
         this.appResources = new ResourceRegistry(this.appProviders, this.metadata.resources ?? [], appOwner);
         this.appPrompts = new PromptRegistry(this.appProviders, this.metadata.prompts ?? [], appOwner);
         this.appAgents = new AgentRegistry(this.appProviders, this.metadata.agents ?? [], appOwner);
         this.appSkills = new SkillRegistry(this.appProviders, this.metadata.skills ?? [], appOwner);
         await Promise.all([this.appResources.ready, this.appPrompts.ready, this.appAgents.ready, this.appSkills.ready]);
+        this.logger?.verbose(
+          `App ${this.metadata.name}: ${this.appResources.getResources().length} resource(s) registered`
+        );
+        this.logger?.verbose(`App ${this.metadata.name}: ${this.appPrompts.getPrompts().length} prompt(s) registered`);
+        const parts = [];
+        const toolCount = this.appTools.getTools(true).length;
+        const resourceCount = this.appResources.getResources().length;
+        const promptCount = this.appPrompts.getPrompts().length;
+        const adapterCount = this.appAdapters.getAdapters().length;
+        const pluginCount = this.appPlugins.getPlugins().length;
+        if (toolCount > 0) parts.push(`${toolCount} tool${toolCount !== 1 ? "s" : ""}`);
+        if (resourceCount > 0) parts.push(`${resourceCount} resource${resourceCount !== 1 ? "s" : ""}`);
+        if (promptCount > 0) parts.push(`${promptCount} prompt${promptCount !== 1 ? "s" : ""}`);
+        if (adapterCount > 0) parts.push(`${adapterCount} adapter${adapterCount !== 1 ? "s" : ""}`);
+        if (pluginCount > 0) parts.push(`${pluginCount} plugin${pluginCount !== 1 ? "s" : ""}`);
+        this.logger?.info(`${this.metadata.name}: ${parts.length > 0 ? parts.join(", ") : "no entries"}`);
       }
       get providers() {
         return this.appProviders;
@@ -20152,6 +20285,9 @@ var init_app_remote_instance = __esm({
       getPlugins() {
         return [];
       }
+      getPluginNames() {
+        return [];
+      }
     };
     EmptyAdapterRegistry = class {
       getAdapters() {
@@ -20532,15 +20668,21 @@ var AppRegistry;
 var init_app_registry = __esm({
   "libs/sdk/src/app/app.registry.ts"() {
     "use strict";
+    init_common();
     init_app_utils();
     init_regsitry();
     init_instances();
     init_errors();
     AppRegistry = class extends RegistryAbstract {
       owner;
+      logger;
       constructor(globalProviders, list, owner) {
         super("AppRegistry", globalProviders, list);
         this.owner = owner;
+        try {
+          this.logger = globalProviders.get(FrontMcpLogger)?.child("AppRegistry");
+        } catch {
+        }
       }
       buildMap(list) {
         const tokens = /* @__PURE__ */ new Set();
@@ -20569,6 +20711,7 @@ var init_app_registry = __esm({
       }
       /** Instantiate adapters, run fetch/transform, and populate registries. */
       async initialize() {
+        this.logger?.verbose(`AppRegistry: initializing ${this.tokens.size} app(s)`);
         const readyArr = [];
         for (const token of this.tokens) {
           const rec = this.defs.get(token);
@@ -20582,8 +20725,10 @@ var init_app_registry = __esm({
           }
           this.instances.set(token, app);
           readyArr.push(app.ready);
+          this.logger?.verbose(`AppRegistry: registered ${rec.kind} app '${rec.metadata.name}'`);
         }
         await Promise.all(readyArr);
+        this.logger?.debug(`AppRegistry: initialization complete (${this.instances.size} app(s))`);
       }
       getApps() {
         return [...this.instances.values()];
@@ -21123,12 +21268,19 @@ var init_session_verify_flow = __esm({
     name13 = "session:verify";
     Stage13 = StageHookOf(name13);
     SessionVerifyFlow = class extends FlowBase {
+      logger = this.scopeLogger.child("SessionVerifyFlow");
+      maskSub(sub) {
+        if (!sub) return "***";
+        if (sub.length <= 10) return "***" + sub.slice(-4);
+        return sub.slice(0, 6) + "***" + sub.slice(-4);
+      }
       /**
        * Create an anonymous session with consistent structure for both public and transparent-anon modes.
        * Encapsulates the shared logic for session creation, payload encryption, and user derivation.
        */
       createAnonymousSession(options) {
         const { authMode, issuer, scopes = ["anonymous"], sessionIdHeader } = options;
+        this.logger.verbose("createAnonymousSession", { authMode, hasExistingSession: !!sessionIdHeader });
         const machineId = getMachineId2();
         if (sessionIdHeader) {
           const existingPayload = decryptPublicSession(sessionIdHeader);
@@ -21191,6 +21343,12 @@ var init_session_verify_flow = __esm({
         const userAgent = request.headers?.["user-agent"] ?? void 0;
         const prmMetadataPath = `/.well-known/oauth-protected-resource${entryPath}${routeBase}`;
         const prmMetadataHeader = `Bearer resource_metadata="${baseUrl}${prmMetadataPath}"`;
+        this.logger.verbose("parseInput", {
+          hasAuthHeader: !!authorizationHeader,
+          hasToken: !!token,
+          sessionProtocol,
+          hasSessionId: !!sessionIdHeader
+        });
         this.state.set({
           baseUrl,
           authorizationHeader,
@@ -21210,6 +21368,7 @@ var init_session_verify_flow = __esm({
         if (this.state.token) {
           return;
         }
+        this.logger.info("handlePublicMode: allowing anonymous access (public mode)");
         this.createAnonymousSession({
           authMode: "public",
           issuer: "public",
@@ -21218,6 +21377,7 @@ var init_session_verify_flow = __esm({
         });
       }
       async handleAnonymousFallback() {
+        this.logger.verbose("handleAnonymousFallback: creating anonymous session (transparent-anon)");
         const authOptions = this.scope.auth?.options;
         const scopes = authOptions?.anonymousScopes ?? ["anonymous"];
         this.createAnonymousSession({
@@ -21228,6 +21388,7 @@ var init_session_verify_flow = __esm({
         });
       }
       async requireAuthorizationOrChallenge() {
+        this.logger.verbose("requireAuthorizationOrChallenge: returning 401");
         this.respond({
           kind: "unauthorized",
           prmMetadataHeader: this.state.required.prmMetadataHeader
@@ -21237,6 +21398,7 @@ var init_session_verify_flow = __esm({
         const jwks = this.get(JwksService2);
         const token = this.state.token;
         if (!token) {
+          this.logger.warn("verifyIfJwt: missing or empty bearer token, returning 401");
           this.respond({
             kind: "unauthorized",
             prmMetadataHeader: this.state.required.prmMetadataHeader
@@ -21244,6 +21406,7 @@ var init_session_verify_flow = __esm({
           return;
         }
         if (!isJwt(token)) {
+          this.logger.warn("verifyIfJwt: token is not a JWT, returning 401");
           this.respond({
             kind: "unauthorized",
             prmMetadataHeader: this.state.required.prmMetadataHeader
@@ -21252,6 +21415,7 @@ var init_session_verify_flow = __esm({
         }
         const auth = this.scope.auth;
         if (!auth) {
+          this.logger.warn("verifyIfJwt: auth registry not available, returning 401");
           this.respond({
             kind: "unauthorized",
             prmMetadataHeader: this.state.required.prmMetadataHeader
@@ -21260,6 +21424,8 @@ var init_session_verify_flow = __esm({
         }
         let verify;
         const authOptions = auth.options;
+        const mode = isTransparentMode(authOptions) ? "transparent" : "gateway";
+        this.logger.verbose(`verifyIfJwt: verifying using ${mode} mode`);
         if (isTransparentMode(authOptions)) {
           const primary = authOptions;
           const issuer = auth.issuer;
@@ -21280,6 +21446,7 @@ var init_session_verify_flow = __esm({
           this.state.set({ jwtPayload: result.payload });
           return;
         }
+        this.logger.warn("verifyIfJwt: JWT verification failed", { error: result.error });
         this.respond({
           kind: "unauthorized",
           prmMetadataHeader: this.state.required.prmMetadataHeader
@@ -21294,6 +21461,7 @@ var init_session_verify_flow = __esm({
           required: { token }
         } = this.state;
         const session = parseSessionHeader(sessionIdHeader, token);
+        this.logger.verbose("parseSessionHeader", { hasSessionId: !!sessionIdHeader, parsed: !!session });
         if (session) {
           this.state.set("session", session);
         }
@@ -21303,6 +21471,10 @@ var init_session_verify_flow = __esm({
           required: { token, user },
           session
         } = this.state;
+        this.logger.info("Session verified successfully", {
+          sub: this.maskSub(user.sub),
+          hasSession: !!session
+        });
         this.respond({
           kind: "authorized",
           authorization: {
@@ -25178,9 +25350,12 @@ function listToolsRequestHandler({
   return {
     requestSchema: ListToolsRequestSchema2,
     handler: async (request, ctx) => {
-      logger.verbose("tools/list: listing tools");
+      logger.verbose("tools/list requested");
+      const start = Date.now();
       try {
-        return await scope.runFlowForOutput("tools:list-tools", { request, ctx });
+        const result = await scope.runFlowForOutput("tools:list-tools", { request, ctx });
+        logger.verbose("tools/list completed", { durationMs: Date.now() - start });
+        return result;
       } catch (e) {
         logger.error("tools/list failed", {
           error: e instanceof Error ? { name: e.name, message: e.message, stack: e.stack } : e
@@ -25209,9 +25384,12 @@ function callToolRequestHandler({
     requestSchema: CallToolRequestSchema2,
     handler: async (request, ctx) => {
       const toolName = request.params?.name || "unknown";
-      logger.verbose(`tools/call: ${toolName}`);
+      logger.info(`tools/call: ${toolName}`);
+      const start = Date.now();
       try {
-        return await scope.runFlowForOutput("tools:call-tool", { request, ctx });
+        const result = await scope.runFlowForOutput("tools:call-tool", { request, ctx });
+        logger.verbose("tools/call completed", { tool: toolName, durationMs: Date.now() - start });
+        return result;
       } catch (e) {
         if (e instanceof FlowControl) {
           if (e.type === "respond") {
@@ -25256,9 +25434,12 @@ function listResourcesRequestHandler({
   return {
     requestSchema: ListResourcesRequestSchema2,
     handler: async (request, ctx) => {
-      logger.verbose("resources/list: listing resources");
+      logger.verbose("resources/list requested");
+      const start = Date.now();
       try {
-        return await scope.runFlowForOutput("resources:list-resources", { request, ctx });
+        const result = await scope.runFlowForOutput("resources:list-resources", { request, ctx });
+        logger.verbose("resources/list completed", { durationMs: Date.now() - start });
+        return result;
       } catch (e) {
         logger.error("resources/list failed", {
           error: e instanceof Error ? { name: e.name, message: e.message, stack: e.stack } : e
@@ -25285,9 +25466,12 @@ function listResourceTemplatesRequestHandler({
   return {
     requestSchema: ListResourceTemplatesRequestSchema2,
     handler: async (request, ctx) => {
-      logger.verbose("resources/listTemplates: listing resource templates");
+      logger.verbose("resources/listTemplates requested");
+      const start = Date.now();
       try {
-        return await scope.runFlowForOutput("resources:list-resource-templates", { request, ctx });
+        const result = await scope.runFlowForOutput("resources:list-resource-templates", { request, ctx });
+        logger.verbose("resources/listTemplates completed", { durationMs: Date.now() - start });
+        return result;
       } catch (e) {
         logger.error("resources/listTemplates failed", {
           error: e instanceof Error ? { name: e.name, message: e.message, stack: e.stack } : e
@@ -25313,9 +25497,12 @@ function readResourceRequestHandler({
     requestSchema: ReadResourceRequestSchema2,
     handler: async (request, ctx) => {
       const uri = request.params?.uri || "unknown";
-      logger.verbose(`resources/read: ${uri}`);
+      logger.info(`resources/read: ${uri}`);
+      const start = Date.now();
       try {
-        return await scope.runFlowForOutput("resources:read-resource", { request, ctx });
+        const result = await scope.runFlowForOutput("resources:read-resource", { request, ctx });
+        logger.verbose("resources/read completed", { uri, durationMs: Date.now() - start });
+        return result;
       } catch (e) {
         logger.error("resources/read failed", {
           uri,
@@ -25346,9 +25533,9 @@ function SubscribeRequestHandler({ scope }) {
       }
       const isNew = scope.notifications.subscribeResource(sessionId, uri);
       if (isNew) {
-        scope.logger.verbose(`resources/subscribe: Session ${sessionId.slice(0, 20)}... subscribed to ${uri}`);
+        scope.logger.info(`resources/subscribe: Session ${sessionId.slice(0, 20)}... subscribed to ${uri}`);
       } else {
-        scope.logger.verbose(`resources/subscribe: Session ${sessionId.slice(0, 20)}... already subscribed to ${uri}`);
+        scope.logger.debug(`resources/subscribe: Session ${sessionId.slice(0, 20)}... already subscribed to ${uri}`);
       }
       return {};
     }
@@ -25374,11 +25561,9 @@ function UnsubscribeRequestHandler({ scope }) {
       }
       const wasSubscribed = scope.notifications.unsubscribeResource(sessionId, uri);
       if (wasSubscribed) {
-        scope.logger.verbose(`resources/unsubscribe: Session ${sessionId.slice(0, 20)}... unsubscribed from ${uri}`);
+        scope.logger.info(`resources/unsubscribe: Session ${sessionId.slice(0, 20)}... unsubscribed from ${uri}`);
       } else {
-        scope.logger.verbose(
-          `resources/unsubscribe: Session ${sessionId.slice(0, 20)}... was not subscribed to ${uri}`
-        );
+        scope.logger.debug(`resources/unsubscribe: Session ${sessionId.slice(0, 20)}... was not subscribed to ${uri}`);
       }
       return {};
     }
@@ -25399,9 +25584,12 @@ function listPromptsRequestHandler({
   return {
     requestSchema: ListPromptsRequestSchema2,
     handler: async (request, ctx) => {
-      logger.verbose("prompts/list: listing prompts");
+      logger.verbose("prompts/list requested");
+      const start = Date.now();
       try {
-        return await scope.runFlowForOutput("prompts:list-prompts", { request, ctx });
+        const result = await scope.runFlowForOutput("prompts:list-prompts", { request, ctx });
+        logger.verbose("prompts/list completed", { durationMs: Date.now() - start });
+        return result;
       } catch (e) {
         logger.error("prompts/list failed", {
           error: e instanceof Error ? { name: e.name, message: e.message, stack: e.stack } : e
@@ -25427,9 +25615,12 @@ function getPromptRequestHandler({
     requestSchema: GetPromptRequestSchema2,
     handler: async (request, ctx) => {
       const promptName = request.params?.name || "unknown";
-      logger.verbose(`prompts/get: ${promptName}`);
+      logger.info(`prompts/get: ${promptName}`);
+      const start = Date.now();
       try {
-        return await scope.runFlowForOutput("prompts:get-prompt", { request, ctx });
+        const result = await scope.runFlowForOutput("prompts:get-prompt", { request, ctx });
+        logger.verbose("prompts/get completed", { prompt: promptName, durationMs: Date.now() - start });
+        return result;
       } catch (e) {
         logger.error("prompts/get failed", {
           prompt: promptName,
@@ -25455,9 +25646,12 @@ function completeRequestHandler({
   return {
     requestSchema: CompleteRequestSchema,
     handler: async (request, ctx) => {
-      logger.verbose("completion/complete: completing");
+      logger.verbose("completion/complete requested");
+      const start = Date.now();
       try {
-        return await scope.runFlowForOutput("completion:complete", { request, ctx });
+        const result = await scope.runFlowForOutput("completion:complete", { request, ctx });
+        logger.verbose("completion/complete completed", { durationMs: Date.now() - start });
+        return result;
       } catch (e) {
         logger.error("completion/complete failed", {
           error: e instanceof Error ? { name: e.name, message: e.message, stack: e.stack } : e
@@ -25708,6 +25902,9 @@ function formatSkillsForLlmCompact(skills) {
     if (tags && tags.length > 0) {
       lines.push(`Tags: ${tags.join(", ")}`);
     }
+    if (skill.metadata.license) {
+      lines.push(`License: ${skill.metadata.license}`);
+    }
     parts.push(lines.join("\n"));
   }
   return parts.join("\n\n---\n\n");
@@ -25734,6 +25931,14 @@ function formatSkillForLLMWithSchemas(skill, availableTools, missingTools, toolR
   parts.push("");
   parts.push(skill.description);
   parts.push("");
+  if (skill.license) {
+    parts.push(`**License:** ${skill.license}`);
+    parts.push("");
+  }
+  if (skill.compatibility) {
+    parts.push(`**Compatibility:** ${skill.compatibility}`);
+    parts.push("");
+  }
   if (missingTools.length > 0) {
     parts.push("> **Warning:** Some tools are not available:");
     parts.push(`> Missing: ${missingTools.join(", ")}`);
@@ -25818,7 +26023,12 @@ function skillToApiResponse(skill, loadResult) {
       type: p.type ?? "string"
     })),
     priority: skill.metadata.priority ?? 0,
-    visibility: skill.metadata.visibility ?? "both"
+    visibility: skill.metadata.visibility ?? "both",
+    license: skill.metadata.license,
+    compatibility: skill.metadata.compatibility,
+    specMetadata: skill.metadata.specMetadata,
+    allowedTools: skill.metadata.allowedTools,
+    resources: skill.metadata.resources
   };
   if (loadResult) {
     result.availableTools = loadResult.availableTools;
@@ -28435,10 +28645,12 @@ var init_handle_streamable_http_flow = __esm({
         const { request } = this.rawInput;
         const authorization = request[ServerRequestTokens.auth];
         const { token } = authorization;
+        const logger = this.scopeLogger.child("handle:streamable-http:parseInput");
         const raw = request.headers?.["mcp-session-id"];
         const rawMcpSessionHeader = typeof raw === "string" ? raw : void 0;
         const mcpSessionHeader = validateMcpSessionHeader(rawMcpSessionHeader);
         if (raw !== void 0 && !mcpSessionHeader) {
+          logger.warn("parseInput: invalid mcp-session-id header");
           this.respond(httpRespond.sessionNotFound("invalid session id"));
           return;
         }
@@ -28461,24 +28673,32 @@ var init_handle_streamable_http_flow = __esm({
           });
         }
         this.state.set(stateSchema18.parse({ token, session }));
+        logger.info("parseInput: session resolved", { sessionId: session.id?.slice(0, 20) });
       }
       async router() {
         const { request } = this.rawInput;
+        const logger = this.scopeLogger.child("handle:streamable-http:router");
         if (request.method.toUpperCase() === "GET") {
           this.state.set("requestType", "sseListener");
+          logger.info("router: requestType=sseListener, method=GET");
           return;
         }
         const body = request.body;
         const method = body?.method;
         if (method === "initialize") {
           this.state.set("requestType", "initialize");
+          logger.info("router: requestType=initialize, method=POST");
         } else if (typeof method === "string" && method.startsWith("ui/")) {
           this.state.set("requestType", "extApps");
+          logger.info(`router: requestType=extApps, method=${method}`);
         } else if (ElicitResultSchema2.safeParse(request.body?.result).success) {
           this.state.set("requestType", "elicitResult");
+          logger.info("router: requestType=elicitResult, method=POST");
         } else if (method && RequestSchema.safeParse(request.body).success) {
           this.state.set("requestType", "message");
+          logger.info(`router: requestType=message, method=${method}`);
         } else {
+          logger.warn("router: invalid request, no valid method");
           this.respond(httpRespond.rpcError("Invalid Request"));
         }
       }
@@ -28488,7 +28708,7 @@ var init_handle_streamable_http_flow = __esm({
         const { request, response } = this.rawInput;
         const { token, session } = this.state.required;
         logger.info("onInitialize: creating transport", {
-          sessionId: session.id.slice(0, 30),
+          sessionId: session.id?.slice(0, 20),
           hasToken: !!token,
           tokenPrefix: token?.slice(0, 10)
         });
@@ -28521,12 +28741,12 @@ var init_handle_streamable_http_flow = __esm({
         let transport = await transportService.getTransporter("streamable-http", token, session.id);
         if (!transport) {
           try {
-            logger.info("onElicitResult: transport not in memory, checking stored session", {
+            logger.verbose("onElicitResult: transport not in memory, checking stored session", {
               sessionId: session.id?.slice(0, 20)
             });
             const storedSession = await transportService.getStoredSession("streamable-http", token, session.id);
             if (storedSession) {
-              logger.info("onElicitResult: recreating transport from stored session", {
+              logger.verbose("onElicitResult: recreating transport from stored session", {
                 sessionId: session.id?.slice(0, 20),
                 createdAt: storedSession.createdAt,
                 initialized: storedSession.initialized
@@ -28569,19 +28789,19 @@ var init_handle_streamable_http_flow = __esm({
           hasToken: !!token
         });
         let transport = await transportService.getTransporter("streamable-http", token, session.id);
-        logger.info("onMessage: getTransporter result", { found: !!transport });
+        logger.verbose("onMessage: getTransporter result", { found: !!transport });
         if (!transport) {
           try {
-            logger.info("onMessage: transport not in memory, checking Redis", {
+            logger.verbose("onMessage: transport not in memory, checking Redis", {
               sessionId: session.id?.slice(0, 20)
             });
             const storedSession = await transportService.getStoredSession("streamable-http", token, session.id);
-            logger.info("onMessage: getStoredSession result", {
+            logger.verbose("onMessage: getStoredSession result", {
               found: !!storedSession,
               initialized: storedSession?.initialized
             });
             if (storedSession) {
-              logger.info("Recreating transport from Redis session", {
+              logger.verbose("onMessage: recreating transport from stored session", {
                 sessionId: session.id?.slice(0, 20),
                 createdAt: storedSession.createdAt,
                 initialized: storedSession.initialized
@@ -28593,7 +28813,7 @@ var init_handle_streamable_http_flow = __esm({
                 storedSession,
                 response
               );
-              logger.info("onMessage: transport recreated successfully");
+              logger.verbose("onMessage: transport recreated successfully");
             }
           } catch (error) {
             logger.warn("Failed to recreate transport from stored session", {
@@ -28673,6 +28893,7 @@ var init_handle_streamable_http_flow = __esm({
           }
         }
         if (!transport) {
+          logger.warn("onSseListener: transport not found", { sessionId: session.id?.slice(0, 20) });
           this.respond(httpRespond.notFound("Session not found"));
           return;
         }
@@ -28691,12 +28912,12 @@ var init_handle_streamable_http_flow = __esm({
         let transport = await transportService.getTransporter("streamable-http", token, session.id);
         if (!transport) {
           try {
-            logger.info("onExtApps: transport not in memory, checking stored session", {
+            logger.verbose("onExtApps: transport not in memory, checking stored session", {
               sessionId: session.id?.slice(0, 20)
             });
             const storedSession = await transportService.getStoredSession("streamable-http", token, session.id);
             if (storedSession) {
-              logger.info("onExtApps: recreating transport from stored session", {
+              logger.verbose("onExtApps: recreating transport from stored session", {
                 sessionId: session.id?.slice(0, 20),
                 createdAt: storedSession.createdAt,
                 initialized: storedSession.initialized
@@ -28719,8 +28940,14 @@ var init_handle_streamable_http_flow = __esm({
         if (!transport) {
           const wasCreated = await transportService.wasSessionCreatedAsync("streamable-http", token, session.id);
           if (wasCreated) {
+            logger.info("onExtApps: session expired - client should re-initialize", {
+              sessionId: session.id?.slice(0, 20)
+            });
             this.respond(httpRespond.sessionExpired("session expired"));
           } else {
+            logger.warn("onExtApps: session not initialized - client attempted request without initializing", {
+              sessionId: session.id?.slice(0, 20)
+            });
             this.respond(httpRespond.sessionNotFound("session not initialized"));
           }
           return;
@@ -29005,9 +29232,11 @@ var init_handle_stateless_http_flow = __esm({
       name = name22;
       async parseInput() {
         const { request } = this.rawInput;
+        const logger = this.scope.logger.child("HandleStatelessHttpFlow");
         const auth = request[ServerRequestTokens.auth];
         const token = auth?.token;
         const isAuthenticated = !!token && token.length > 0;
+        logger.verbose("parseInput", { isAuthenticated, hasToken: !!token });
         this.state.set(
           stateSchema20.parse({
             token: token || void 0,
@@ -29017,28 +29246,44 @@ var init_handle_stateless_http_flow = __esm({
       }
       async router() {
         const { request } = this.rawInput;
+        const logger = this.scope.logger.child("HandleStatelessHttpFlow");
         const body = request.body;
         const method = body?.method;
         if (method === "initialize") {
           this.state.set("requestType", "initialize");
+          logger.info("router: requestType=initialize, method=POST");
         } else if (method && RequestSchema2.safeParse(request.body).success) {
           this.state.set("requestType", "message");
+          logger.info(`router: requestType=message, method=${method}`);
         } else {
+          logger.warn("router: invalid request, no valid method");
           this.respond(httpRespond.rpcError("Invalid Request"));
         }
       }
       async handleRequest() {
         const transportService = this.scope.transportService;
+        const logger = this.scope.logger.child("HandleStatelessHttpFlow");
         const { request, response } = this.rawInput;
         const { token, isAuthenticated, requestType } = this.state;
+        logger.info(`handleRequest: using ${isAuthenticated ? "authenticated" : "anonymous"} stateless transport`);
         const transport = isAuthenticated && token ? await transportService.getOrCreateAuthenticatedStatelessTransport("stateless-http", token, response) : await transportService.getOrCreateAnonymousStatelessTransport("stateless-http", response);
         if (!request.headers["mcp-session-id"]) {
           request.headers["mcp-session-id"] = "__stateless__";
+          logger.verbose("handleRequest: injected __stateless__ session ID");
         }
-        if (requestType === "initialize") {
-          await transport.initialize(request, response);
-        } else {
-          await transport.handleRequest(request, response);
+        logger.verbose(`handleRequest: requestType=${requestType}, forwarding to transport`);
+        try {
+          if (requestType === "initialize") {
+            await transport.initialize(request, response);
+          } else {
+            await transport.handleRequest(request, response);
+          }
+        } catch (error) {
+          logger.error("handleRequest: transport failed", {
+            requestType,
+            error: error instanceof Error ? { name: error.name, message: error.message } : String(error)
+          });
+          throw error;
         }
         this.handled();
       }
@@ -32877,7 +33122,11 @@ var init_call_agent_flow = __esm({
         this.logger.info("finalize: sending response", {
           agent: agent.metadata.name,
           hasContent: Array.isArray(result.content) && result.content.length > 0,
-          contentLength: Array.isArray(result.content) ? result.content.length : 0,
+          contentParts: Array.isArray(result.content) ? result.content.length : 0,
+          contentBytes: Array.isArray(result.content) ? result.content.reduce((sum, part) => {
+            const str = JSON.stringify(part);
+            return sum + (typeof Buffer !== "undefined" ? Buffer.byteLength(str, "utf8") : new TextEncoder().encode(str).byteLength);
+          }, 0) : 0,
           hasStructuredContent: result.structuredContent !== void 0,
           hasMeta: result._meta !== void 0,
           metaKeys: result._meta ? Object.keys(result._meta) : [],
@@ -33326,30 +33575,30 @@ var require_dist = __commonJS({
       sqliteStorageOptionsSchema: () => sqliteStorageOptionsSchema
     });
     module.exports = __toCommonJS2(index_exports);
-    var import_utils55 = __require("@frontmcp/utils");
+    var import_utils56 = __require("@frontmcp/utils");
     var HKDF_SALT = new TextEncoder().encode("frontmcp-sqlite-storage-v1");
     var HKDF_INFO = new TextEncoder().encode("aes-256-gcm-value-encryption");
     var KEY_LENGTH = 32;
     function deriveEncryptionKey(secret) {
       const ikm = new TextEncoder().encode(secret);
-      return (0, import_utils55.hkdfSha256)(ikm, HKDF_SALT, HKDF_INFO, KEY_LENGTH);
+      return (0, import_utils56.hkdfSha256)(ikm, HKDF_SALT, HKDF_INFO, KEY_LENGTH);
     }
     var SEPARATOR = ":";
     function encryptValue(key, plaintext) {
-      const iv = (0, import_utils55.randomBytes)(12);
+      const iv = (0, import_utils56.randomBytes)(12);
       const plaintextBytes = new TextEncoder().encode(plaintext);
-      const { ciphertext, tag } = (0, import_utils55.encryptAesGcm)(key, plaintextBytes, iv);
-      return [(0, import_utils55.base64urlEncode)(iv), (0, import_utils55.base64urlEncode)(tag), (0, import_utils55.base64urlEncode)(ciphertext)].join(SEPARATOR);
+      const { ciphertext, tag } = (0, import_utils56.encryptAesGcm)(key, plaintextBytes, iv);
+      return [(0, import_utils56.base64urlEncode)(iv), (0, import_utils56.base64urlEncode)(tag), (0, import_utils56.base64urlEncode)(ciphertext)].join(SEPARATOR);
     }
     function decryptValue(key, encrypted) {
       const parts = encrypted.split(SEPARATOR);
       if (parts.length !== 3) {
         throw new Error("Invalid encrypted value format");
       }
-      const iv = (0, import_utils55.base64urlDecode)(parts[0]);
-      const tag = (0, import_utils55.base64urlDecode)(parts[1]);
-      const ciphertext = (0, import_utils55.base64urlDecode)(parts[2]);
-      const plaintext = (0, import_utils55.decryptAesGcm)(key, ciphertext, iv, tag);
+      const iv = (0, import_utils56.base64urlDecode)(parts[0]);
+      const tag = (0, import_utils56.base64urlDecode)(parts[1]);
+      const ciphertext = (0, import_utils56.base64urlDecode)(parts[2]);
+      const plaintext = (0, import_utils56.decryptAesGcm)(key, ciphertext, iv, tag);
       return new TextDecoder().decode(plaintext);
     }
     var SqliteKvStore = class {
@@ -34227,10 +34476,13 @@ var init_scope_instance = __esm({
         const scopeProviders = this.scopeProviders;
         this.scopeHooks = new HookRegistry(scopeProviders, []);
         await this.scopeHooks.ready;
+        this.logger.verbose("HookRegistry initialized");
         this.scopeFlows = new FlowRegistry(scopeProviders, [HttpRequestFlow]);
         await this.scopeFlows.ready;
+        this.logger.verbose("FlowRegistry initialized");
         const transportConfig = this.metadata.transport;
         this.transportService = new TransportService(this, transportConfig?.persistence);
+        this.logger.verbose("TransportService initialized");
         const eventStoreConfig = transportConfig?.eventStore;
         if (eventStoreConfig?.enabled) {
           const { eventStore } = createEventStore(eventStoreConfig, this.logger);
@@ -34252,7 +34504,10 @@ var init_scope_instance = __esm({
         }
         this.scopeAuth = new AuthRegistry(this, scopeProviders, [], scopeRef, this.metadata.auth);
         await this.scopeAuth.ready;
+        this.logger.verbose("AuthRegistry initialized");
         this.scopeApps = new AppRegistry(this.scopeProviders, this.metadata.apps, scopeRef);
+        const appCount = this.metadata.apps.length;
+        this.logger.info(`Initializing ${appCount} app(s)...`);
         await this.scopeApps.ready;
         const serverPlugins = this.metadata.plugins ?? [];
         if (serverPlugins.length > 0) {
@@ -34264,15 +34519,20 @@ var init_scope_instance = __esm({
           };
           this.scopePlugins = new PluginRegistry(this.scopeProviders, serverPlugins, scopeRef, serverPluginScopeInfo);
           await this.scopePlugins.ready;
+          const pluginNames = this.scopePlugins.getPluginNames();
+          this.logger.verbose(`PluginRegistry initialized (${pluginNames.length} plugin(s): [${pluginNames.join(", ")}])`);
         }
         this.scopeTools = new ToolRegistry(this.scopeProviders, [], scopeRef);
         await this.scopeTools.ready;
+        const toolNames = this.scopeTools.getTools(true).map((t) => t.metadata.name);
+        this.logger.verbose(`ToolRegistry initialized with initial ${toolNames.length} tool(s): [${toolNames.join(", ")}]`);
         if (elicitationEnabled) {
           this.registerSendElicitationResultTool(scopeRef);
         }
         this.toolUIRegistry = new ToolUIRegistry();
         this.scopeResources = new ResourceRegistry(this.scopeProviders, [], scopeRef);
         await this.scopeResources.ready;
+        this.logger.verbose(`ResourceRegistry initialized (${this.scopeResources.getResources().length} resource(s))`);
         const toolsWithUI = this.scopeTools.getTools(true).filter((t) => hasUIConfig(t.metadata));
         if (toolsWithUI.length > 0) {
           this.scopeResources.registerDynamicResource(StaticWidgetResourceTemplate);
@@ -34378,10 +34638,13 @@ var init_scope_instance = __esm({
         }
         this.scopePrompts = new PromptRegistry(this.scopeProviders, [], scopeRef);
         await this.scopePrompts.ready;
+        this.logger.verbose(`PromptRegistry initialized (${this.scopePrompts.getPrompts().length} prompt(s))`);
         this.scopeAgents = new AgentRegistry(this.scopeProviders, [], scopeRef);
         await this.scopeAgents.ready;
+        this.logger.verbose(`AgentRegistry initialized (${this.scopeAgents.getAgents().length} agent(s))`);
         this.scopeSkills = new SkillRegistry(this.scopeProviders, this.metadata.skills ?? [], scopeRef);
         await this.scopeSkills.ready;
+        this.logger.verbose(`SkillRegistry initialized (${this.scopeSkills.getSkills().length} skill(s))`);
         if (this.scopeSkills.hasAny()) {
           const store = createSkillSessionStore({ type: "memory" });
           this._skillSession = new SkillSessionManager(
@@ -34438,6 +34701,7 @@ var init_scope_instance = __esm({
         });
         this.notificationService = new NotificationService(this);
         await this.notificationService.initialize();
+        this.logger.verbose("NotificationService initialized");
         await this.scopeFlows.registryFlows([
           SetLevelFlow,
           CompleteFlow,
@@ -34446,7 +34710,20 @@ var init_scope_instance = __esm({
           ElicitationResultFlow
         ]);
         await this.auth.ready;
-        this.logger.info("Initializing multi-app scope", this.metadata);
+        this.logger.info(`Scope ready \u2014 ${this.formatScopeSummary()}`);
+      }
+      formatScopeSummary() {
+        const entries = [];
+        const add = (count, label) => {
+          if (count > 0) entries.push(`${count} ${label}${count !== 1 ? "s" : ""}`);
+        };
+        add(this.scopeApps.getApps().length, "app");
+        add(this.scopeTools.getTools(true).length, "tool");
+        add(this.scopeResources.getResources().length, "resource");
+        add(this.scopePrompts.getPrompts().length, "prompt");
+        add(this.scopeAgents.getAgents().length, "agent");
+        add(this.scopeSkills.getSkills().length, "skill");
+        return entries.length > 0 ? entries.join(", ") : "empty";
       }
       get defaultScopeProviders() {
         return [
@@ -34685,6 +34962,7 @@ var ScopeRegistry;
 var init_scope_registry = __esm({
   "libs/sdk/src/scope/scope.registry.ts"() {
     "use strict";
+    init_common();
     init_regsitry();
     init_front_mcp_tokens2();
     init_app_utils();
@@ -34692,9 +34970,11 @@ var init_scope_registry = __esm({
     init_scope_instance();
     init_errors();
     ScopeRegistry = class extends RegistryAbstract {
+      logger;
       constructor(globalProviders) {
         const metadata = globalProviders.get(FrontMcpConfig);
         super("ScopeRegistry", globalProviders, metadata);
+        this.logger = globalProviders.get(FrontMcpLogger)?.child("ScopeRegistry");
       }
       buildMap(metadata) {
         const tokens = /* @__PURE__ */ new Set();
@@ -34751,6 +35031,7 @@ var init_scope_registry = __esm({
         }
       }
       async initialize() {
+        this.logger?.verbose(`ScopeRegistry: initializing ${this.tokens.size} scope(s)`);
         for (const token of this.tokens) {
           const rec = this.defs.get(token);
           let scope;
@@ -34766,7 +35047,9 @@ var init_scope_registry = __esm({
           }
           await scope.ready;
           this.instances.set(token, scope);
+          this.logger?.verbose(`ScopeRegistry: initialized scope '${tokenName16(token)}'`);
         }
+        this.logger?.verbose(`ScopeRegistry: initialization complete (${this.instances.size} scope(s))`);
       }
       /**
        * Get all initialized scope instances.
@@ -36201,6 +36484,7 @@ var init_front_mcp = __esm({
       logger;
       providers;
       scopes;
+      log;
       constructor(config) {
         this.config = config;
         this.ready = this.initialize();
@@ -36210,10 +36494,16 @@ var init_front_mcp = __esm({
         await this.providers.ready;
         this.logger = new LoggerRegistry(this.providers);
         await this.logger.ready;
+        this.log = this.providers.get(FrontMcpLogger);
+        const name33 = this.config.info?.name;
+        const version = this.config.info?.version;
+        const tag = [name33, version].filter(Boolean).join(" v");
+        this.log?.info(`Initializing FrontMCP${tag ? ` "${tag}"` : ""}...`);
         this.scopes = new ScopeRegistry(this.providers);
         await this.scopes.ready;
       }
       async start() {
+        this.log?.info("Starting FrontMCP server...");
         const server = this.providers.get(FrontMcpServer);
         if (!server) {
           throw new ServerNotFoundError();
@@ -36237,6 +36527,7 @@ var init_front_mcp = __esm({
         const frontMcp = new _FrontMcpInstance2(options);
         await frontMcp.ready;
         await frontMcp.start();
+        frontMcp.log?.info("FrontMCP bootstrap complete");
       }
       /**
        * Creates and initializes a FrontMCP instance without starting the HTTP server.
@@ -36257,6 +36548,7 @@ var init_front_mcp = __esm({
           throw new ServerNotFoundError();
         }
         server.prepare();
+        frontMcp.log?.info("FrontMCP handler created (serverless mode)");
         return server.getHandler();
       }
       /**
@@ -36316,6 +36608,7 @@ var init_front_mcp = __esm({
         if (scopes.length === 0) {
           throw new InternalMcpError("No scopes initialized. Ensure at least one app is configured.");
         }
+        frontMcp.log?.info("FrontMCP direct server created");
         return new DirectMcpServerImpl(scopes[0]);
       }
       /**
@@ -36383,7 +36676,7 @@ var init_front_mcp = __esm({
         const frontMcp = new _FrontMcpInstance2(parsedConfig);
         await frontMcp.ready;
         await frontMcp.start();
-        console.log(`MCP server listening on unix://${socketPath}`);
+        frontMcp.log?.info(`MCP server listening on unix://${socketPath}`);
         const cleanup = async () => {
           try {
             if (await fileExists4(socketPath)) {
@@ -39451,6 +39744,36 @@ var init_skill_entry = __esm({
       getPriority() {
         return this.metadata.priority ?? 0;
       }
+      /**
+       * Get the skill's license.
+       */
+      getLicense() {
+        return this.metadata.license;
+      }
+      /**
+       * Get the skill's compatibility notes.
+       */
+      getCompatibility() {
+        return this.metadata.compatibility;
+      }
+      /**
+       * Get the skill's spec metadata (arbitrary key-value pairs).
+       */
+      getSpecMetadata() {
+        return this.metadata.specMetadata;
+      }
+      /**
+       * Get the skill's allowed tools (space-delimited string).
+       */
+      getAllowedTools() {
+        return this.metadata.allowedTools;
+      }
+      /**
+       * Get the skill's bundled resource directories.
+       */
+      getResources() {
+        return this.metadata.resources;
+      }
     };
   }
 });