@gempack/squad-mcp 0.3.1

package/.claude-plugin/marketplace.json

@@ -0,0 +1,20 @@
+{
+  "name": "gempack",
+  "owner": {
+    "name": "Gustavo",
+    "email": "next.uh@gmail.com"
+  },
+  "plugins": [
+    {
+      "name": "squad",
+      "source": {
+        "source": "github",
+        "repo": "ggemba/squad-mcp"
+      },
+      "description": "Squad-dev workflow: deterministic classification, risk scoring, agent selection, advisory orchestration over MCP, plus /squad and /squad-review slash commands.",
+      "version": "0.3.1",
+      "license": "Apache-2.0",
+      "homepage": "https://github.com/ggemba/squad-mcp"
+    }
+  ]
+}

package/.claude-plugin/plugin.json

@@ -0,0 +1,20 @@
+{
+  "name": "squad",
+  "version": "0.3.1",
+  "description": "Squad-dev workflow as a Claude Code plugin: classification, risk scoring, agent selection, advisory orchestration. Bundles an MCP server and the /squad and /squad-review slash commands.",
+  "license": "Apache-2.0",
+  "author": {
+    "name": "Gustavo",
+    "email": "next.uh@gmail.com"
+  },
+  "homepage": "https://github.com/ggemba/squad-mcp#readme",
+  "repository": "https://github.com/ggemba/squad-mcp",
+  "keywords": ["mcp", "squad-dev", "code-review", "advisory", "agent"],
+  "commands": "./commands/",
+  "mcpServers": {
+    "squad": {
+      "command": "node",
+      "args": ["${CLAUDE_PLUGIN_ROOT}/dist/index.js"]
+    }
+  }
+}

package/CHANGELOG.md

@@ -0,0 +1,282 @@
+# Changelog
+
+All notable changes to `squad-mcp` are documented in this file.
+
+The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and
+this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+Planned for `0.4.0`:
+
+- Promote bundled agent markdowns to Claude Code native plugin agents (rename to
+  kebab-case + add YAML frontmatter), with a migration path for existing
+  `%APPDATA%\squad-mcp\agents` overrides.
+- Retire the legacy `/squad` and `/squad-review` skills now that the plugin
+  ships them as slash commands.
+
+## [0.3.1] - 2026-05-02
+
+First public release on npm and as a Claude Code plugin.
+
+### Added
+
+#### Workflow composers
+
+- `compose_squad_workflow` — single deterministic pipeline that runs
+  `detect_changed_files` → `classify_work_type` → `score_risk` →
+  `select_squad` and returns the union of their outputs. Risk signals
+  (`touches_auth`, `touches_money`, `touches_migration`, `new_module`,
+  `api_contract_change`) are auto-inferred from the changed-file paths;
+  callers can override any of them, override `work_type`, or pass
+  `force_agents`.
+- `compose_advisory_bundle` — chains `compose_squad_workflow` with a
+  `slice_files_for_agent` call per selected agent and a `validate_plan_text`
+  pass on the supplied plan. Returns a single bundle ready for the host LLM
+  to dispatch parallel advisory reviews.
+
+#### Distribution
+
+- Public npm package `@gempack/squad-mcp` with [provenance attestations](https://docs.npmjs.com/generating-provenance-statements).
+  Any MCP-capable client (Claude Desktop, Cursor, Warp, …) can install with
+  `npx -y @gempack/squad-mcp`.
+- Claude Code plugin packaging: `.claude-plugin/plugin.json` registers the
+  bundled MCP server (`${CLAUDE_PLUGIN_ROOT}/dist/index.js`) plus the
+  `/squad` and `/squad-review` slash commands. Marketplace manifest at
+  `.claude-plugin/marketplace.json` exposes the plugin under the `gempack`
+  marketplace; users install via `/plugin marketplace add ggemba/squad-mcp`
+  followed by `/plugin install squad@gempack`.
+- Slash commands `commands/squad.md` and `commands/squad-review.md` codify
+  the squad-dev orchestration flow as user-invocable commands inside the
+  plugin. They reference the MCP tools and the inviolable rules
+  (no-implementation-before-approval, Codex-requires-consent,
+  TechLead-Consolidator-owns-final-verdict).
+
+#### Continuous integration
+
+- `.github/workflows/ci.yml` — runs `npm run lint`, `npm test`, and
+  `npm run build` on every pull request and `main` push, on Linux + Windows,
+  Node 20 + 22.
+- `.github/workflows/release.yml` — triggered by tags matching `v*.*.*`.
+  Verifies that `package.json` version matches the tag, then publishes to
+  npm with `--access public --provenance` using `NPM_TOKEN` and the
+  workflow's OIDC `id-token` permission.
+
+#### Licensing
+
+- Apache-2.0 `LICENSE` and `NOTICE` files added.
+- `package.json` declares `"license": "Apache-2.0"`, `repository`, `bugs`,
+  `homepage`, `keywords`, `author`, and a `publishConfig` block with
+  `access: "public"` and `provenance: true`.
+
+### Changed
+
+- Package renamed from `@gustavo/squad-mcp` (private) to
+  `@gempack/squad-mcp` (public).
+- `package.json` `files` array extended to ship `commands/`, `skills/`,
+  `.claude-plugin/`, `LICENSE`, `NOTICE`, and `CHANGELOG.md` alongside
+  `dist/` and `agents/`.
+- `.npmrc` access changed from `restricted` to `public`.
+- `SERVER_VERSION` in `src/index.ts` bumped to `0.3.1`.
+- README rewritten around the new install paths (Claude Code plugin first,
+  then `npx -y @gempack/squad-mcp` for other clients) and includes
+  badges for npm version, CI, and license.
+- `tests/integration/server-lifecycle.test.ts` and `tests/smoke.mjs` updated
+  to assert the full set of 12 registered tools.
+
+## [0.3.0] - 2026-05-02
+
+This release consolidates the work originally tracked as `0.2.0` (hardening,
+observability, error model) with the new `0.3.0` capabilities (cross-stack
+classification, changed-file detection, plan-text validation, multi-stack
+content signals). No `0.2.0` git tag was created; that scope ships as part of
+`0.3.0`.
+
+### Added
+
+#### New MCP tools
+
+- `classify_work_type` — heuristic classifier mapping a user prompt + changed
+  file paths to a `WorkType` (`Feature`, `Bug Fix`, `Refactor`, `Performance`,
+  `Security`, `Business Rule`) with `Low`/`Medium`/`High` confidence and a
+  per-signal evidence trail. Treated as a suggestion; the host can override.
+- `detect_changed_files` — wraps a hardened `git diff --name-status` to return
+  the changed files for a workspace. Supports `base_ref` (allowlisted refs
+  only — no leading `-`, no `..` substring, no `@{`, max 200 chars) and
+  `staged_only=true`. Default base is `HEAD~1..HEAD`. Enforces a 10s timeout
+  and a 1MB stdout cap.
+- `validate_plan_text` — advisory-only check for inviolable-rule violations in
+  a plan text: `git commit`/`git push` fences inside code blocks, emojis in
+  code blocks, non-English identifiers in code blocks, and implementation
+  directives appearing before any approval marker. Never blocking — caller
+  decides what to do with findings.
+
+#### Cross-stack detection
+
+- `CONTENT_SIGNALS` extended beyond .NET with patterns for:
+  - **TypeScript / Node**: Express, Prisma, TypeORM, Sequelize, Mongoose,
+    bcrypt, Passport, JWT (`jsonwebtoken`), React hooks, Next.js.
+  - **Python**: SQLAlchemy, Django/Flask/FastAPI, Alembic, pytest, unittest,
+    `@app.route` / `@router.<verb>` HTTP routes.
+  - **Go**: GORM, sqlx, gin, chi, echo.
+- `ContentSignal.ext_filter` (optional list of lowercase extensions) gates
+  patterns to specific file types so cross-stack tokens (e.g. `Schema(`,
+  `describe(...)`) do not fire in unrelated languages.
+- `PATH_HINTS` extended with `models/`, `api/`, `handlers/`, `middleware/`,
+  `services/` folder conventions.
+- `AGENT_NAMES` and `AGENT_NAMES_TUPLE` exported from `ownership-matrix.ts` so
+  zod schemas and external consumers can derive the canonical agent list from
+  a single source of truth.
+
+#### Error model
+
+- `SquadError` class with stable `SquadErrorCode` codes:
+  `PATH_TRAVERSAL_DENIED`, `PATH_REQUIRES_WORKSPACE`, `PATH_INVALID`,
+  `AGENT_DIR_MISSING`, `UNKNOWN_AGENT`, `INVALID_INPUT`, `INTERNAL_ERROR`,
+  `GIT_EXEC_DENIED`, `GIT_EXEC_TIMEOUT`, `GIT_NOT_FOUND`,
+  `GIT_OUTPUT_TOO_LARGE`, `GIT_NOT_A_REPO`. Codes propagate to MCP tool
+  responses as `{ error: { code, message, details } }`.
+
+#### Hardened git execution
+
+- `src/exec/git.ts` provides a single `runGit(subcommand, args, cwd, opts)`
+  entry point with multiple defenses:
+  - **Subcommand allowlist**: only `diff` and `status`.
+  - **Argument validation**: rejects `-c`, `--config`, `--exec-path`,
+    `--upload-pack`, `--receive-pack`, and arguments containing NUL bytes.
+  - **Ref validation**: regex allowlist, no leading `-`, no `..`/`@{`/`.lock`
+    substrings, no trailing `.`, max 200 chars.
+  - **CWD validation**: must be absolute, must exist, must be a directory,
+    must contain a `.git` entry. Resolved via `realpath`.
+  - **Hardening prefix**: every invocation prepends `-c core.fsmonitor=false
+    -c diff.external= -c core.hooksPath=NUL` (or `/dev/null`).
+  - **Environment scrub**: drops user env, sets `GIT_TERMINAL_PROMPT=0`,
+    `GIT_OPTIONAL_LOCKS=0`, `GIT_CONFIG_NOSYSTEM=1`,
+    `GIT_CEILING_DIRECTORIES=<parent of cwd>`.
+  - **Resource caps**: 10s default timeout, 1MB stdout cap, 256KB stderr cap.
+    Oversize output and timeout each kill the child (SIGTERM, then SIGKILL
+    after 1s) and surface as distinct error codes.
+  - **Binary resolution**: resolves `git` from `PATH` once and caches; on
+    Windows requires a `.exe` extension.
+
+#### Path safety
+
+- `src/util/path-safety.ts` exposes `resolveSafePath(workspaceRoot, file, ctx)`
+  with two modes:
+  - When `workspaceRoot` is `undefined`, the path is returned verbatim and
+    callers must treat it as path-only (no fs reads). Absolute or
+    `..`-bearing paths are rejected.
+  - When `workspaceRoot` is set, both the root and the candidate are
+    resolved through `realpath` and the relative result is checked
+    lexically. Symlink escape is rejected.
+- Rejects malformed input up front: NUL bytes, leading `~`, NTFS Alternate
+  Data Stream markers (`:` after drive letter).
+- `readSnippet(absPath)` reads up to `MAX_BYTES` (16 KB) from a previously
+  validated path and returns `null` for missing/unreadable files (silent).
+- Documented residual TOCTOU window between `realpath()` and `fs.open()` —
+  acceptable for a single-user dev tool.
+
+#### Structured observability
+
+- `src/observability/logger.ts` provides a JSON-line logger that writes to
+  **stderr only** (stdout is reserved for JSON-RPC frames in stdio mode).
+- Levels: `error` / `warn` / `info` / `debug`. Active level is read from
+  `SQUAD_LOG_LEVEL` env var (defaults to `info`) and can be overridden via
+  `setLogLevel`.
+- `LogEntry` carries `tool`, `request_id`, `duration_ms`, `outcome`
+  (`success` / `tool_error` / `invalid_input` / `unknown_tool` /
+  `internal_error`), `input_shape`, `output_shape`, `error_code`, `details`.
+- Free-form values are truncated to 256 chars and arrays/objects are reduced
+  to shape descriptors so logs cannot leak full inputs.
+- `setupProcessHandlers()` installs `unhandledRejection` and
+  `uncaughtException` handlers that emit a final structured record before
+  exiting with code `1`.
+
+#### Tool dispatcher tracing
+
+- `dispatchTool` now generates a `request_id` per call and emits one log
+  entry on entry, one on validation failure, and one on completion (with
+  `duration_ms` and `outcome`). Errors are mapped: `SquadError` → tool
+  response with the original code; everything else → `INTERNAL_ERROR` with a
+  redacted message.
+- Resource registry mirrors the same pattern for `agent://*` and
+  `severity://*` URIs.
+
+#### Tests
+
+- `tests/path-safety.test.ts` (15 tests).
+- `tests/exec-git.test.ts` (21 tests).
+- `tests/classify-work-type.test.ts` (11 tests).
+- `tests/validate-plan-text.test.ts` (26 tests).
+- `tests/dispatch-tool.test.ts` (5 tests).
+- `tests/consolidate-extended.test.ts` (3 tests).
+- `tests/select-squad-extended.test.ts` (6 tests).
+- `tests/integration/stdout-purity.test.ts` — guards that the server emits
+  only JSON-RPC frames on stdout under both happy and failure paths.
+- `tests/integration/server-lifecycle.test.ts` — drives a real stdio server
+  through `initialize`, `tools/list`, `tools/call`, `resources/list`,
+  `prompts/list`, and clean shutdown; includes a cross-stack fixture
+  scenario (`tests/fixtures/express.ts`, `fastapi.py`, `gin.go`).
+
+#### Tooling
+
+- `tools/sync-agents.mjs` mirrors the bundled `agents/` markdowns into
+  `~/.claude/agents/<agent>.md`, normalizing each file's frontmatter so the
+  Claude Code native agent loader can pick them up. Also copies
+  `_Severity-and-Ownership.md`, `Skill-Squad-Dev.md`, and
+  `Skill-Squad-Review.md` into `~/.claude/agents/_squad-shared/`.
+
+### Changed
+
+- `ContentSignal` interface gains the optional `ext_filter: string[]`
+  property. Existing signals without `ext_filter` continue to match all file
+  types — purely additive.
+- `dispatchTool` wraps every handler in a uniform error envelope and stops
+  surfacing raw `Error.message` text on the wire. Callers depending on the
+  old plain-text errors must read `error.code` instead.
+- Resource registry uses `SquadError('UNKNOWN_AGENT', …)` instead of
+  throwing a plain `Error` for unknown URIs.
+
+### Fixed
+
+- `SERVER_VERSION` in `src/index.ts` is now `0.3.0`, matching `package.json`.
+  Previously it lagged at `0.2.0` and the MCP `initialize` response
+  advertised the wrong version to clients.
+
+## [0.1.0] - 2026-05-02
+
+Initial scaffold. Marked here for completeness — no `0.1.0` git tag was
+created; the scaffold lives at commit `548adc2` and the agent guardrail
+update at commit `052c2ad`.
+
+### Added
+
+- MCP server skeleton over stdio with `@modelcontextprotocol/sdk` and Zod
+  schemas.
+- Deterministic tools: `score_risk`, `select_squad`,
+  `slice_files_for_agent`, `apply_consolidation_rules`.
+- Agent registry tools: `list_agents`, `get_agent_definition`,
+  `init_local_config` (copies bundled defaults to
+  `%APPDATA%\squad-mcp\agents` or `$XDG_CONFIG_HOME/squad-mcp/agents`).
+- Agent loader with override priority: `$SQUAD_AGENTS_DIR` env var → local
+  config dir → bundled `agents/`.
+- 9 agent markdowns + 3 shared docs bundled: `PO`, `TechLead-Planner`,
+  `TechLead-Consolidator`, `Senior-Architect`, `Senior-DBA`,
+  `Senior-Developer`, `Senior-Dev-Reviewer`, `Senior-Dev-Security`,
+  `Senior-QA`, `_Severity-and-Ownership`, `Skill-Squad-Dev`,
+  `Skill-Squad-Review`.
+- Resources for each agent (`agent://<name>`) and shared spec
+  (`severity://<slug>`).
+- Prompts: `squad_orchestration`, `agent_advisory`, `consolidator`.
+- Domain-specific guardrails added to senior agents (`052c2ad`):
+  Senior-DBA query budget + concurrency, Senior-Developer
+  application-level concurrency + failure-mode analysis, Senior-Architect
+  conformance audit, Senior-Dev-Security dependency CVE scanning,
+  Senior-QA property-based testing.
+- Smoke test (`tests/smoke.mjs`) plus initial unit tests for `score_risk`,
+  `select_squad`, `consolidate`.
+
+[Unreleased]: https://github.com/ggemba/squad-mcp/compare/v0.3.1...HEAD
+[0.3.1]: https://github.com/ggemba/squad-mcp/releases/tag/v0.3.1
+[0.3.0]: https://github.com/ggemba/squad-mcp/releases/tag/v0.3.0
+[0.1.0]: https://github.com/ggemba/squad-mcp/commit/548adc2

package/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for describing the origin of the Work and
+      reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Support. While redistributing the Work or
+      Derivative Works thereof, You may choose to offer, and charge a
+      fee for, acceptance of support, warranty, indemnity, or other
+      liability obligations and/or rights consistent with this License.
+      However, in accepting such obligations, You may act only on Your
+      own behalf and on Your sole responsibility, not on behalf of any
+      other Contributor, and only if You agree to indemnify, defend, and
+      hold each Contributor harmless for any liability incurred by, or
+      claims asserted against, such Contributor by reason of your accepting
+      any such warranty or support.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2026 Gustavo
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied. See the License for the specific language governing
+   permissions and limitations under the License.

package/NOTICE

@@ -0,0 +1,11 @@
+squad-mcp
+Copyright 2026 Gustavo
+
+This product includes software developed by Gustavo and contributors,
+distributed under the terms of the Apache License, Version 2.0 (see LICENSE).
+
+Third-party dependencies retain their own licenses; see node_modules or
+package-lock.json for the full list. Notable runtime dependencies:
+
+  - @modelcontextprotocol/sdk (MIT, https://github.com/modelcontextprotocol/typescript-sdk)
+  - zod (MIT, https://github.com/colinhacks/zod)