npm - @hailer/mcp - Versions diffs - 1.1.11 → 1.1.13 - Mend

@hailer/mcp 1.1.11 → 1.1.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (252) hide show

package/dist/app.js +18 -5
package/dist/bot/bot-config.d.ts +12 -1
package/dist/bot/bot-config.js +98 -14
package/dist/bot/bot-manager.d.ts +13 -3
package/dist/bot/bot-manager.js +80 -25
package/dist/bot/bot.d.ts +46 -0
package/dist/bot/bot.js +542 -166
package/dist/bot/services/message-classifier.js +17 -0
package/dist/bot/services/permission-guard.d.ts +52 -0
package/dist/bot/services/permission-guard.js +149 -0
package/dist/bot/services/types.d.ts +5 -0
package/dist/bot/services/typing-indicator.d.ts +6 -1
package/dist/bot/services/typing-indicator.js +19 -3
package/dist/config.d.ts +6 -1
package/dist/config.js +43 -0
package/dist/core.js +3 -6
package/dist/mcp/UserContextCache.d.ts +5 -0
package/dist/mcp/UserContextCache.js +51 -19
package/dist/mcp/hailer-clients.d.ts +19 -1
package/dist/mcp/hailer-clients.js +157 -20
package/dist/mcp/session-store.d.ts +68 -0
package/dist/mcp/session-store.js +169 -0
package/dist/mcp/signal-handler.js +12 -12
package/dist/mcp/tool-registry.d.ts +17 -4
package/dist/mcp/tool-registry.js +37 -7
package/dist/mcp/tools/activity.js +99 -7
package/dist/mcp/tools/app-scaffold.js +304 -336
package/dist/mcp/tools/company.d.ts +9 -0
package/dist/mcp/tools/company.js +88 -0
package/dist/mcp/tools/discussion.js +68 -0
package/dist/mcp/tools/workflow-permissions.d.ts +15 -0
package/dist/mcp/tools/workflow-permissions.js +204 -0
package/dist/mcp/tools/workflow.js +57 -18
package/dist/mcp/utils/index.d.ts +2 -0
package/dist/mcp/utils/index.js +12 -1
package/dist/mcp/utils/role-utils.d.ts +74 -0
package/dist/mcp/utils/role-utils.js +151 -0
package/dist/mcp/utils/types.d.ts +43 -1
package/dist/mcp/utils/types.js +14 -0
package/dist/mcp/webhook-handler.d.ts +6 -0
package/dist/mcp/webhook-handler.js +11 -0
package/dist/mcp-server.d.ts +23 -2
package/dist/mcp-server.js +639 -111
package/dist/plugins/vipunen/client.d.ts +150 -0
package/dist/plugins/vipunen/client.js +535 -0
package/dist/plugins/vipunen/config/schema-config.json +19 -0
package/dist/plugins/vipunen/config/schema-doc.json +22 -0
package/dist/plugins/vipunen/index.d.ts +41 -0
package/dist/plugins/vipunen/index.js +88 -0
package/dist/plugins/vipunen/tools.d.ts +26 -0
package/dist/plugins/vipunen/tools.js +501 -0
package/package.json +2 -1
package/.claude/.context-watchdog.json +0 -1
package/.claude/.session-checked +0 -1
package/.claude/CLAUDE.md +0 -370
package/.claude/agents/agent-ada-skill-builder.md +0 -94
package/.claude/agents/agent-alejandro-function-fields.md +0 -342
package/.claude/agents/agent-bjorn-config-audit.md +0 -103
package/.claude/agents/agent-builder-agent-creator.md +0 -130
package/.claude/agents/agent-code-simplifier.md +0 -53
package/.claude/agents/agent-dmitri-activity-crud.md +0 -159
package/.claude/agents/agent-giuseppe-app-builder.md +0 -247
package/.claude/agents/agent-gunther-mcp-tools.md +0 -39
package/.claude/agents/agent-helga-workflow-config.md +0 -204
package/.claude/agents/agent-igor-activity-mover-automation.md +0 -125
package/.claude/agents/agent-ingrid-doc-templates.md +0 -261
package/.claude/agents/agent-ivan-monolith.md +0 -154
package/.claude/agents/agent-kenji-data-reader.md +0 -86
package/.claude/agents/agent-lars-code-inspector.md +0 -102
package/.claude/agents/agent-marco-mockup-builder.md +0 -110
package/.claude/agents/agent-marcus-api-documenter.md +0 -323
package/.claude/agents/agent-marketplace-publisher.md +0 -280
package/.claude/agents/agent-marketplace-reviewer.md +0 -309
package/.claude/agents/agent-permissions-handler.md +0 -208
package/.claude/agents/agent-simple-writer.md +0 -48
package/.claude/agents/agent-svetlana-code-review.md +0 -171
package/.claude/agents/agent-tanya-test-runner.md +0 -333
package/.claude/agents/agent-ui-designer.md +0 -100
package/.claude/agents/agent-viktor-sql-insights.md +0 -212
package/.claude/agents/agent-web-search.md +0 -55
package/.claude/agents/agent-yevgeni-discussions.md +0 -45
package/.claude/agents/agent-zara-zapier.md +0 -159
package/.claude/commands/app-squad.md +0 -135
package/.claude/commands/audit-squad.md +0 -158
package/.claude/commands/autoplan.md +0 -563
package/.claude/commands/cleanup-squad.md +0 -98
package/.claude/commands/config-squad.md +0 -106
package/.claude/commands/crud-squad.md +0 -87
package/.claude/commands/data-squad.md +0 -97
package/.claude/commands/debug-squad.md +0 -303
package/.claude/commands/doc-squad.md +0 -65
package/.claude/commands/handoff.md +0 -137
package/.claude/commands/health.md +0 -49
package/.claude/commands/help.md +0 -29
package/.claude/commands/help:agents.md +0 -151
package/.claude/commands/help:commands.md +0 -78
package/.claude/commands/help:faq.md +0 -79
package/.claude/commands/help:plugins.md +0 -50
package/.claude/commands/help:skills.md +0 -93
package/.claude/commands/help:tools.md +0 -75
package/.claude/commands/hotfix-squad.md +0 -112
package/.claude/commands/integration-squad.md +0 -82
package/.claude/commands/janitor-squad.md +0 -167
package/.claude/commands/learn-auto.md +0 -120
package/.claude/commands/learn.md +0 -120
package/.claude/commands/mcp-list.md +0 -27
package/.claude/commands/onboard-squad.md +0 -140
package/.claude/commands/plan-workspace.md +0 -732
package/.claude/commands/prd.md +0 -130
package/.claude/commands/project-status.md +0 -82
package/.claude/commands/publish.md +0 -138
package/.claude/commands/recap.md +0 -69
package/.claude/commands/restore.md +0 -64
package/.claude/commands/review-squad.md +0 -152
package/.claude/commands/save.md +0 -24
package/.claude/commands/stats.md +0 -19
package/.claude/commands/swarm.md +0 -210
package/.claude/commands/tool-builder.md +0 -39
package/.claude/commands/ws-pull.md +0 -44
package/.claude/hooks/_shared-memory.cjs +0 -305
package/.claude/hooks/_utils.cjs +0 -108
package/.claude/hooks/agent-failure-detector.cjs +0 -383
package/.claude/hooks/agent-usage-logger.cjs +0 -204
package/.claude/hooks/app-edit-guard.cjs +0 -494
package/.claude/hooks/auto-learn.cjs +0 -304
package/.claude/hooks/bash-guard.cjs +0 -272
package/.claude/hooks/builder-mode-manager.cjs +0 -354
package/.claude/hooks/bulk-activity-guard.cjs +0 -271
package/.claude/hooks/context-watchdog.cjs +0 -230
package/.claude/hooks/delegation-reminder.cjs +0 -465
package/.claude/hooks/design-system-lint.cjs +0 -271
package/.claude/hooks/post-scaffold-hook.cjs +0 -181
package/.claude/hooks/prompt-guard.cjs +0 -354
package/.claude/hooks/publish-template-guard.cjs +0 -147
package/.claude/hooks/session-start.cjs +0 -35
package/.claude/hooks/shared-memory-writer.cjs +0 -147
package/.claude/hooks/skill-injector.cjs +0 -140
package/.claude/hooks/skill-usage-logger.cjs +0 -258
package/.claude/hooks/src-edit-guard.cjs +0 -240
package/.claude/hooks/sync-marketplace-agents.cjs +0 -346
package/.claude/settings.json +0 -257
package/.claude/skills/SDK-activity-patterns/SKILL.md +0 -428
package/.claude/skills/SDK-document-templates/SKILL.md +0 -1033
package/.claude/skills/SDK-function-fields/SKILL.md +0 -542
package/.claude/skills/SDK-generate-skill/SKILL.md +0 -92
package/.claude/skills/SDK-init-skill/SKILL.md +0 -127
package/.claude/skills/SDK-insight-queries/SKILL.md +0 -787
package/.claude/skills/SDK-ws-config-skill/SKILL.md +0 -1139
package/.claude/skills/agent-structure/SKILL.md +0 -98
package/.claude/skills/api-documentation-patterns/SKILL.md +0 -474
package/.claude/skills/chrome-mcp-reference/SKILL.md +0 -370
package/.claude/skills/delegation-routing/SKILL.md +0 -202
package/.claude/skills/frontend-design/SKILL.md +0 -254
package/.claude/skills/hailer-activity-mover/SKILL.md +0 -213
package/.claude/skills/hailer-api-client/SKILL.md +0 -518
package/.claude/skills/hailer-app-builder/SKILL.md +0 -1434
package/.claude/skills/hailer-apps-pictures/SKILL.md +0 -269
package/.claude/skills/hailer-design-system/SKILL.md +0 -235
package/.claude/skills/hailer-monolith-automations/SKILL.md +0 -686
package/.claude/skills/hailer-permissions-system/SKILL.md +0 -121
package/.claude/skills/hailer-project-protocol/SKILL.md +0 -488
package/.claude/skills/hailer-rest-api/SKILL.md +0 -61
package/.claude/skills/hailer-rest-api/hailer-activities.md +0 -184
package/.claude/skills/hailer-rest-api/hailer-admin.md +0 -473
package/.claude/skills/hailer-rest-api/hailer-calendar.md +0 -256
package/.claude/skills/hailer-rest-api/hailer-feed.md +0 -249
package/.claude/skills/hailer-rest-api/hailer-insights.md +0 -195
package/.claude/skills/hailer-rest-api/hailer-messaging.md +0 -276
package/.claude/skills/hailer-rest-api/hailer-workflows.md +0 -283
package/.claude/skills/insight-join-patterns/SKILL.md +0 -174
package/.claude/skills/integration-patterns/SKILL.md +0 -421
package/.claude/skills/json-only-output/SKILL.md +0 -72
package/.claude/skills/lsp-setup/SKILL.md +0 -160
package/.claude/skills/mcp-direct-tools/SKILL.md +0 -153
package/.claude/skills/optional-parameters/SKILL.md +0 -72
package/.claude/skills/publish-hailer-app/SKILL.md +0 -244
package/.claude/skills/testing-patterns/SKILL.md +0 -630
package/.claude/skills/tool-builder/SKILL.md +0 -250
package/.claude/skills/tool-parameter-usage/SKILL.md +0 -126
package/.claude/skills/tool-response-verification/SKILL.md +0 -92
package/.claude/skills/zapier-hailer-patterns/SKILL.md +0 -581
package/.hailer-mcp-port +0 -1
package/.mcp.json +0 -13
package/.opencode/agent/agent-ada-skill-builder.md +0 -35
package/.opencode/agent/agent-alejandro-function-fields.md +0 -39
package/.opencode/agent/agent-bjorn-config-audit.md +0 -36
package/.opencode/agent/agent-builder-agent-creator.md +0 -39
package/.opencode/agent/agent-code-simplifier.md +0 -31
package/.opencode/agent/agent-dmitri-activity-crud.md +0 -40
package/.opencode/agent/agent-giuseppe-app-builder.md +0 -37
package/.opencode/agent/agent-gunther-mcp-tools.md +0 -39
package/.opencode/agent/agent-helga-workflow-config.md +0 -204
package/.opencode/agent/agent-igor-activity-mover-automation.md +0 -46
package/.opencode/agent/agent-ingrid-doc-templates.md +0 -39
package/.opencode/agent/agent-ivan-monolith.md +0 -46
package/.opencode/agent/agent-kenji-data-reader.md +0 -53
package/.opencode/agent/agent-lars-code-inspector.md +0 -28
package/.opencode/agent/agent-marco-mockup-builder.md +0 -42
package/.opencode/agent/agent-marcus-api-documenter.md +0 -53
package/.opencode/agent/agent-marketplace-publisher.md +0 -44
package/.opencode/agent/agent-marketplace-reviewer.md +0 -42
package/.opencode/agent/agent-permissions-handler.md +0 -50
package/.opencode/agent/agent-simple-writer.md +0 -45
package/.opencode/agent/agent-svetlana-code-review.md +0 -39
package/.opencode/agent/agent-tanya-test-runner.md +0 -57
package/.opencode/agent/agent-ui-designer.md +0 -56
package/.opencode/agent/agent-viktor-sql-insights.md +0 -34
package/.opencode/agent/agent-web-search.md +0 -42
package/.opencode/agent/agent-yevgeni-discussions.md +0 -37
package/.opencode/agent/agent-zara-zapier.md +0 -53
package/.opencode/commands/app-squad.md +0 -135
package/.opencode/commands/audit-squad.md +0 -158
package/.opencode/commands/autoplan.md +0 -563
package/.opencode/commands/cleanup-squad.md +0 -98
package/.opencode/commands/config-squad.md +0 -106
package/.opencode/commands/crud-squad.md +0 -87
package/.opencode/commands/data-squad.md +0 -97
package/.opencode/commands/debug-squad.md +0 -303
package/.opencode/commands/doc-squad.md +0 -65
package/.opencode/commands/handoff.md +0 -137
package/.opencode/commands/health.md +0 -49
package/.opencode/commands/help-agents.md +0 -151
package/.opencode/commands/help-commands.md +0 -32
package/.opencode/commands/help-faq.md +0 -29
package/.opencode/commands/help-plugins.md +0 -28
package/.opencode/commands/help-skills.md +0 -7
package/.opencode/commands/help-tools.md +0 -40
package/.opencode/commands/help.md +0 -28
package/.opencode/commands/hotfix-squad.md +0 -112
package/.opencode/commands/integration-squad.md +0 -82
package/.opencode/commands/janitor-squad.md +0 -167
package/.opencode/commands/learn-auto.md +0 -120
package/.opencode/commands/learn.md +0 -120
package/.opencode/commands/mcp-list.md +0 -27
package/.opencode/commands/onboard-squad.md +0 -140
package/.opencode/commands/plan-workspace.md +0 -732
package/.opencode/commands/prd.md +0 -131
package/.opencode/commands/project-status.md +0 -82
package/.opencode/commands/publish.md +0 -138
package/.opencode/commands/recap.md +0 -69
package/.opencode/commands/restore.md +0 -64
package/.opencode/commands/review-squad.md +0 -152
package/.opencode/commands/save.md +0 -24
package/.opencode/commands/stats.md +0 -19
package/.opencode/commands/swarm.md +0 -210
package/.opencode/commands/tool-builder.md +0 -39
package/.opencode/commands/ws-pull.md +0 -44
package/.opencode/opencode.json +0 -21
package/inbox/failures.log +0 -1
package/inbox/usage.jsonl +0 -4
package/scripts/postinstall.cjs +0 -64
package/scripts/test-hal-tools.ts +0 -154

package/dist/mcp/tools/company.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+/**
+ * Company Tools
+ *
+ * Tools for managing workspace-level company settings in Hailer:
+ * - Set user role (owner, admin, guest, inviter, feedAdmin, customRole)
+ */
+import { Tool } from '../tool-registry';
+export declare const setUserRoleTool: Tool;
+//# sourceMappingURL=company.d.ts.map

package/dist/mcp/tools/company.js ADDED Viewed

@@ -0,0 +1,88 @@
+"use strict";
+/**
+ * Company Tools
+ *
+ * Tools for managing workspace-level company settings in Hailer:
+ * - Set user role (owner, admin, guest, inviter, feedAdmin, customRole)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.setUserRoleTool = void 0;
+const zod_1 = require("zod");
+const tool_registry_1 = require("../tool-registry");
+const index_1 = require("../utils/index");
+const tool_helpers_1 = require("../utils/tool-helpers");
+const request_logger_1 = require("../../lib/request-logger");
+const logger = (0, index_1.createLogger)({ component: 'company-tools' });
+// ============================================================================
+// TOOL 1: SET USER ROLE
+// ============================================================================
+const roleSections = ['owner', 'admin', 'guest', 'inviter', 'feedAdmin', 'customRole'];
+const setUserRoleDescription = `Set a user's role in the workspace.
+Sections:
+- owner: Transfer/revoke workspace ownership (owner only)
+- admin: Grant/revoke admin role (value: true/false)
+- guest: Grant/revoke guest role (value: true/false)
+- inviter: Grant/revoke inviter role (value: true/false)
+- feedAdmin: Grant/revoke feed admin role (value: true/false)
+- customRole: Assign/remove a custom role (value: customRole ID string)
+Required permissions:
+- owner: only the workspace owner can change
+- admin/guest/feedAdmin: must be admin
+- customRole: must be admin or owner`;
+exports.setUserRoleTool = {
+    name: 'set_user_role',
+    group: tool_registry_1.ToolGroup.WRITE,
+    description: setUserRoleDescription,
+    schema: zod_1.z.object({
+        section: zod_1.z
+            .enum(roleSections)
+            .describe('Which role to change: owner, admin, guest, inviter, feedAdmin, or customRole'),
+        uid: zod_1.z
+            .string()
+            .describe('Target user ID'),
+        value: zod_1.z
+            .union([zod_1.z.coerce.boolean(), zod_1.z.string()])
+            .describe('true/false to grant/revoke the role, or a custom role ID string for customRole section'),
+        workspaceId: zod_1.z
+            .string()
+            .optional()
+            .describe('Workspace ID. Defaults to the current session workspace.'),
+    }),
+    async execute(args, context) {
+        logger.debug('Setting user role', {
+            section: args.section,
+            uid: args.uid,
+            value: args.value,
+            apiKey: context.apiKey.substring(0, 8) + '...',
+        });
+        try {
+            const workspaceId = (0, tool_helpers_1.getResolvedWorkspaceId)(args, context);
+            const payload = {
+                section: args.section,
+                uid: args.uid,
+                value: args.value,
+            };
+            if (workspaceId) {
+                payload.workspaceId = workspaceId;
+            }
+            const result = await context.hailer.request('company.set_user_data', [payload]);
+            return (0, index_1.textResponse)(JSON.stringify({
+                success: true,
+                section: args.section,
+                uid: args.uid,
+                value: args.value,
+                workspaceId,
+                result,
+            }, null, 2));
+        }
+        catch (error) {
+            if (!request_logger_1.RequestLogger.getCurrent())
+                logger.error('Error setting user role', error);
+            const msg = error?.msg || error?.message || (0, index_1.getErrorMessage)(error);
+            return (0, index_1.errorResponse)(`Error setting user role: ${msg}`);
+        }
+    },
+};
+//# sourceMappingURL=company.js.map

package/dist/mcp/tools/discussion.js CHANGED Viewed

@@ -304,6 +304,32 @@ exports.fetchDiscussionMessagesTool = {
             const messageCount = messages.length;
             const userMessages = messages.filter((m) => m.type === "user");
             const recentMessage = messages[0];
+            function extractForwardedMessage(fwd, depth = 0) {
+                if (depth > 10)
+                    return null;
+                const fwdUserInfo = (0, workspace_cache_1.getUserById)(context.workspaceCache, fwd.uid);
+                let fwdUsername = `User ${fwd.uid}`;
+                if (fwdUserInfo) {
+                    const fullName = `${fwdUserInfo.firstname || ''} ${fwdUserInfo.lastname || ''}`.trim();
+                    fwdUsername = fullName || fwdUserInfo.fullName || `User ${fwd.uid}`;
+                }
+                const extracted = {
+                    _id: fwd._id,
+                    uid: fwd.uid,
+                    username: fwdUsername,
+                    created: new Date(fwd.created).toLocaleString(),
+                    msg: fwd.msg || '',
+                    type: fwd.type
+                };
+                if (fwd.forwardMessageId)
+                    extracted.forwardMessageId = fwd.forwardMessageId;
+                if (fwd.forwardMessage) {
+                    const nested = extractForwardedMessage(fwd.forwardMessage, depth + 1);
+                    if (nested)
+                        extracted.forwardMessage = nested;
+                }
+                return extracted;
+            }
             const optimizedMessages = messages.map((msg) => {
                 let cleanMsg = msg.msg || '';
                 if (cleanMsg) {
@@ -333,6 +359,14 @@ exports.fetchDiscussionMessagesTool = {
                 if (msg.replyTo) {
                     optimizedMsg.replyTo = msg.replyTo;
                 }
+                if (msg.forwardMessageId) {
+                    optimizedMsg.forwardMessageId = msg.forwardMessageId;
+                }
+                if (msg.forwardMessage) {
+                    const forwarded = extractForwardedMessage(msg.forwardMessage, 0);
+                    if (forwarded)
+                        optimizedMsg.forwardMessage = forwarded;
+                }
                 return optimizedMsg;
             });
             const optimizedResult = {
@@ -434,6 +468,32 @@ exports.fetchPreviousDiscussionMessagesTool = {
             const messageCount = messages.length;
             const userMessages = messages.filter((m) => m.type === "user");
             const oldestMessage = messages.length > 0 ? messages[messages.length - 1] : null;
+            function extractForwardedMessage(fwd, depth = 0) {
+                if (depth > 10)
+                    return null;
+                const fwdUserInfo = (0, workspace_cache_1.getUserById)(context.workspaceCache, fwd.uid);
+                let fwdUsername = `User ${fwd.uid}`;
+                if (fwdUserInfo) {
+                    const fullName = `${fwdUserInfo.firstname || ''} ${fwdUserInfo.lastname || ''}`.trim();
+                    fwdUsername = fullName || fwdUserInfo.fullName || `User ${fwd.uid}`;
+                }
+                const extracted = {
+                    _id: fwd._id,
+                    uid: fwd.uid,
+                    username: fwdUsername,
+                    created: new Date(fwd.created).toLocaleString(),
+                    msg: fwd.msg || '',
+                    type: fwd.type
+                };
+                if (fwd.forwardMessageId)
+                    extracted.forwardMessageId = fwd.forwardMessageId;
+                if (fwd.forwardMessage) {
+                    const nested = extractForwardedMessage(fwd.forwardMessage, depth + 1);
+                    if (nested)
+                        extracted.forwardMessage = nested;
+                }
+                return extracted;
+            }
             const optimizedMessages = messages.map((msg) => {
                 let cleanMsg = msg.msg || '';
                 if (cleanMsg) {
@@ -456,6 +516,14 @@ exports.fetchPreviousDiscussionMessagesTool = {
                 if (msg.replyTo) {
                     optimizedMsg.replyTo = msg.replyTo;
                 }
+                if (msg.forwardMessageId) {
+                    optimizedMsg.forwardMessageId = msg.forwardMessageId;
+                }
+                if (msg.forwardMessage) {
+                    const forwarded = extractForwardedMessage(msg.forwardMessage, 0);
+                    if (forwarded)
+                        optimizedMsg.forwardMessage = forwarded;
+                }
                 return optimizedMsg;
             });
             const optimizedResult = {

package/dist/mcp/tools/workflow-permissions.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+/**
+ * Workflow Permission Tools
+ *
+ * Tools for managing workflow member permissions in Hailer workspaces:
+ * - List members and their permission levels
+ * - Grant user or team access with a specific permission level
+ * - Revoke user or team access
+ * - Check what permissions a specific user has
+ */
+import { Tool } from '../tool-registry';
+export declare const listWorkflowPermissionsTool: Tool;
+export declare const grantWorkflowPermissionTool: Tool;
+export declare const revokeWorkflowPermissionTool: Tool;
+export declare const checkUserPermissionsTool: Tool;
+//# sourceMappingURL=workflow-permissions.d.ts.map

package/dist/mcp/tools/workflow-permissions.js ADDED Viewed

@@ -0,0 +1,204 @@
+"use strict";
+/**
+ * Workflow Permission Tools
+ *
+ * Tools for managing workflow member permissions in Hailer workspaces:
+ * - List members and their permission levels
+ * - Grant user or team access with a specific permission level
+ * - Revoke user or team access
+ * - Check what permissions a specific user has
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkUserPermissionsTool = exports.revokeWorkflowPermissionTool = exports.grantWorkflowPermissionTool = exports.listWorkflowPermissionsTool = void 0;
+const zod_1 = require("zod");
+const tool_registry_1 = require("../tool-registry");
+const index_1 = require("../utils/index");
+const tool_helpers_1 = require("../utils/tool-helpers");
+const request_logger_1 = require("../../lib/request-logger");
+const logger = (0, index_1.createLogger)({ component: 'workflow-permissions-tools' });
+/** Ensure memberId has the required prefix (user_, team_, network_, group_) */
+function ensureMemberPrefix(memberId) {
+    if (memberId.startsWith('user_') || memberId.startsWith('team_') ||
+        memberId.startsWith('network_') || memberId.startsWith('group_')) {
+        return memberId;
+    }
+    return `user_${memberId}`;
+}
+// ============================================================================
+// TOOL 1: LIST WORKFLOW PERMISSIONS
+// ============================================================================
+exports.listWorkflowPermissionsTool = {
+    name: 'list_workflow_permissions',
+    group: tool_registry_1.ToolGroup.READ,
+    description: 'List members and their permission levels for a workflow',
+    schema: zod_1.z.object({
+        workflowId: zod_1.z
+            .string()
+            .describe('The workflow ID to list permissions for'),
+    }),
+    async execute(args, context) {
+        logger.debug('Listing workflow permissions', {
+            workflowId: args.workflowId,
+            apiKey: context.apiKey.substring(0, 8) + '...',
+        });
+        try {
+            const result = await context.hailer.request('v2.process.member.list', [args.workflowId]);
+            return (0, index_1.textResponse)(JSON.stringify(result, null, 2));
+        }
+        catch (error) {
+            if (!request_logger_1.RequestLogger.getCurrent())
+                logger.error('Error listing workflow permissions', error);
+            const msg = error?.msg || error?.message || (0, index_1.getErrorMessage)(error);
+            return (0, index_1.errorResponse)(`Error listing workflow permissions: ${msg}`);
+        }
+    },
+};
+// ============================================================================
+// TOOL 2: GRANT WORKFLOW PERMISSION
+// ============================================================================
+const permissionLevels = ['admin', 'any', 'ownteam', 'own'];
+exports.grantWorkflowPermissionTool = {
+    name: 'grant_workflow_permission',
+    group: tool_registry_1.ToolGroup.WRITE,
+    description: 'Grant a user or team access to a workflow with a specific permission level',
+    schema: zod_1.z.object({
+        workflowId: zod_1.z
+            .string()
+            .describe('The workflow ID to grant permission on'),
+        memberId: zod_1.z
+            .string()
+            .describe('The user ID or team ID to grant access to'),
+        level: zod_1.z
+            .enum(permissionLevels)
+            .describe('Permission level: admin (full access), any (all activities), ownteam (own team activities), own (own activities only)'),
+    }),
+    async execute(args, context) {
+        logger.debug('Granting workflow permission', {
+            workflowId: args.workflowId,
+            memberId: args.memberId,
+            level: args.level,
+            apiKey: context.apiKey.substring(0, 8) + '...',
+        });
+        try {
+            const prefixedMemberId = ensureMemberPrefix(args.memberId);
+            // Step 1: Add as member first (may fail if already a member — that's OK)
+            try {
+                await context.hailer.request('v2.process.member.add', [args.workflowId, prefixedMemberId]);
+            }
+            catch (addError) {
+                logger.debug('member.add failed (possibly already a member), continuing to grant', {
+                    error: (0, index_1.getErrorMessage)(addError),
+                });
+            }
+            // Step 2: Set the permission level
+            const result = await context.hailer.request('v2.process.permissions.grant', [
+                args.workflowId,
+                prefixedMemberId,
+                args.level,
+            ]);
+            return (0, index_1.textResponse)(JSON.stringify({
+                success: true,
+                workflowId: args.workflowId,
+                memberId: prefixedMemberId,
+                level: args.level,
+                result,
+            }, null, 2));
+        }
+        catch (error) {
+            if (!request_logger_1.RequestLogger.getCurrent())
+                logger.error('Error granting workflow permission', error);
+            const msg = error?.msg || error?.message || (0, index_1.getErrorMessage)(error);
+            return (0, index_1.errorResponse)(`Error granting workflow permission: ${msg}`);
+        }
+    },
+};
+// ============================================================================
+// TOOL 3: REVOKE WORKFLOW PERMISSION
+// ============================================================================
+exports.revokeWorkflowPermissionTool = {
+    name: 'revoke_workflow_permission',
+    group: tool_registry_1.ToolGroup.WRITE,
+    description: "Remove a user or team's access to a workflow",
+    schema: zod_1.z.object({
+        workflowId: zod_1.z
+            .string()
+            .describe('The workflow ID to revoke permission on'),
+        memberId: zod_1.z
+            .string()
+            .describe('The user ID or team ID to remove access from'),
+    }),
+    async execute(args, context) {
+        logger.debug('Revoking workflow permission', {
+            workflowId: args.workflowId,
+            memberId: args.memberId,
+            apiKey: context.apiKey.substring(0, 8) + '...',
+        });
+        try {
+            const prefixedMemberId = ensureMemberPrefix(args.memberId);
+            // Step 1: Deny permissions (may fail if no explicit grant — that's OK)
+            try {
+                await context.hailer.request('v2.process.permissions.deny', [args.workflowId, prefixedMemberId]);
+            }
+            catch (denyError) {
+                logger.debug('permissions.deny failed (possibly no explicit grant), continuing to remove', {
+                    error: (0, index_1.getErrorMessage)(denyError),
+                });
+            }
+            // Step 2: Remove from members
+            const result = await context.hailer.request('v2.process.member.remove', [
+                args.workflowId,
+                prefixedMemberId,
+            ]);
+            return (0, index_1.textResponse)(JSON.stringify({
+                success: true,
+                workflowId: args.workflowId,
+                memberId: prefixedMemberId,
+                result,
+            }, null, 2));
+        }
+        catch (error) {
+            if (!request_logger_1.RequestLogger.getCurrent())
+                logger.error('Error revoking workflow permission', error);
+            const msg = error?.msg || error?.message || (0, index_1.getErrorMessage)(error);
+            return (0, index_1.errorResponse)(`Error revoking workflow permission: ${msg}`);
+        }
+    },
+};
+// ============================================================================
+// TOOL 4: CHECK USER PERMISSIONS
+// ============================================================================
+exports.checkUserPermissionsTool = {
+    name: 'check_user_permissions',
+    group: tool_registry_1.ToolGroup.READ,
+    description: 'Check what permissions a specific user has in the workspace',
+    schema: zod_1.z.object({
+        userId: zod_1.z
+            .string()
+            .describe('The user ID to check permissions for'),
+        workspaceId: zod_1.z
+            .string()
+            .optional()
+            .describe('The workspace ID to check permissions in. Defaults to the current workspace.'),
+    }),
+    async execute(args, context) {
+        logger.debug('Checking user permissions', {
+            userId: args.userId,
+            apiKey: context.apiKey.substring(0, 8) + '...',
+        });
+        try {
+            const workspaceId = (0, tool_helpers_1.getResolvedWorkspaceId)(args, context);
+            const result = await context.hailer.request('v3.user.permissions', [
+                args.userId,
+                workspaceId,
+            ]);
+            return (0, index_1.textResponse)(JSON.stringify(result, null, 2));
+        }
+        catch (error) {
+            if (!request_logger_1.RequestLogger.getCurrent())
+                logger.error('Error checking user permissions', error);
+            const msg = error?.msg || error?.message || (0, index_1.getErrorMessage)(error);
+            return (0, index_1.errorResponse)(`Error checking user permissions: ${msg}`);
+        }
+    },
+};
+//# sourceMappingURL=workflow-permissions.js.map

package/dist/mcp/tools/workflow.js CHANGED Viewed

@@ -54,7 +54,13 @@ function parseErrorType(errorMessage) {
 // ============================================================================
 // READ TOOLS - Workflow Schema and Information
 // ============================================================================
-const getWorkflowSchemaDescription = `📋 Get workflow field schema and structure - REQUIRED before using list_activities to understand available fields. Shows all field IDs, labels, types, and options. Requires both workflowId and phaseId (use list_workflow_phases first).`;
+const getWorkflowSchemaDescription = `Get workflow field structure - CALL THIS BEFORE create_activity or update_activity.
+**Hailer Concept:** Shows all fields (columns) in a workflow with their IDs, types, and options. You MUST know field IDs to create or update activities.
+**Returns:** Field IDs, labels, types (text, numeric, date, dropdown, user, activitylink), required status, dropdown options.
+**Critical:** Never guess field IDs - always get them from this tool first.`;
 exports.getWorkflowSchemaTool = {
     name: 'get_workflow_schema',
     group: tool_registry_1.ToolGroup.READ,
@@ -179,7 +185,13 @@ exports.getWorkflowSchemaTool = {
         }
     },
 };
-const listWorkflowPhasesDescription = `📊 List available phases in a workflow - Required before using list_activities to get phase IDs. Use this first to see all phases, then call list_activities for each phase to get complete workflow overview. TIP: Also call get_workflow_schema to understand field structure.`;
+const listWorkflowPhasesDescription = `List phases (stages/statuses) in a workflow - REQUIRED to get phase IDs.
+**Hailer Concept:** Phases are stages like "New" → "In Progress" → "Done". Activities move through phases as work progresses.
+**When to use:** Before list_activities (need phaseId), before create_activity (need initial phase), before update_activity (to move to new phase).
+**Returns:** Phase names, IDs, which phase is initial (for new items), which is endpoint (completed).`;
 exports.listWorkflowPhasesTool = {
     name: 'list_workflow_phases',
     group: tool_registry_1.ToolGroup.READ,
@@ -258,7 +270,15 @@ exports.listWorkflowPhasesTool = {
         }
     },
 };
-const listWorkflowsDescription = `List workflows - Get workflow info with optional detailed data`;
+const listWorkflowsDescription = `List workflows (processes/pipelines) in the Hailer workspace.
+**Hailer Concept:** A Workflow is like a database table or Kanban board - it defines a process with fields (columns) and phases (stages). Examples: "Sales Pipeline", "Customer Database", "Project Tasks".
+**When to use:** To see all available workflows, find workflow IDs, or understand the workspace structure.
+**Returns:** Workflow names, IDs, activity counts, and relationships between workflows.
+**Next steps:** Use \`list_workflow_phases\` to see stages, then \`get_workflow_schema\` for field structure.`;
 exports.listWorkflowsTool = {
     name: 'list_workflows',
     group: tool_registry_1.ToolGroup.READ,
@@ -1069,23 +1089,15 @@ ${errorMessage}
 // ============================================================================
 // TOOL 5: LIST WORKFLOWS MINIMAL
 // ============================================================================
-const listWorkflowsMinimalDescription = `🧪 [PLAYGROUND] List workflows with minimal output - Returns only id and name to avoid token limits
+const listWorkflowsMinimalDescription = `Quick list of all workflows - START HERE to find workflow IDs.
-**⚡ PERFORMANCE ADVANTAGE:**
-- Uses cached data from init (v2.core.init) - **ZERO extra API calls**
-- Returns activity counts for ALL workflows in one call
-- **Preferred method for getting bulk workflow counts**
-- Much faster and more efficient than calling \`count_activities\` for each workflow
+**Hailer Concept:** Returns all workflows (processes/boards) with their IDs and names. This is usually your FIRST CALL to discover what's available.
-**When to use this vs count_activities:**
-- ✅ Use \`list_workflows_minimal\` for: Bulk counts, workflow discovery, listing all workflows with counts
-- ❌ Use \`count_activities\` for: Phase-level breakdown, real-time count for single workflow
+**When to use:** User asks "show my tasks", "what workflows do I have", "find customers" - use this to locate the right workflow ID.
-**Response includes**:
-- Workflow ID and name
-- Activity count (from cached init data)
-- Starred status
-- Workspace ID`;
+**Returns:** Workflow name, ID, activity count. Use the ID in subsequent calls.
+**Typical flow:** list_workflows_minimal → list_workflow_phases → get_workflow_schema → list_activities`;
 const listWorkflowsMinimalSchema = zod_1.z.object({
     workspace: zod_1.z.string().optional().describe("Optional workspace ID or name"),
     limit: zod_1.z.coerce.number().optional().describe("Maximum number of workflows to return"),
@@ -1313,7 +1325,34 @@ const updateWorkflowPhaseSchema = zod_1.z.object({
 // ============================================================================
 // CORE INIT TOOL - Workspace overview for terminal Claude Code sessions
 // ============================================================================
-const coreInitDescription = `Load workspace context - call once at session start to get workflows, phases, teams with IDs`;
+const coreInitDescription = `🚀 START HERE - Load workspace context and learn how to use Hailer tools.
+## What is Hailer?
+Hailer is a workspace platform. Key concepts:
+- **Workflow** = process/board (like "Tasks", "Customers", "Sales Pipeline")
+- **Activity** = item/record/card in a workflow
+- **Phase** = stage/status (like "New" → "In Progress" → "Done")
+- **Field** = property/column on an activity (name, date, priority, etc.)
+## How to use these tools:
+**Step 1 - Find workflow:** \`list_workflows_minimal\` → get workflow ID
+**Step 2 - Get phases:** \`list_workflow_phases(workflowId)\` → get phase IDs
+**Step 3 - Get fields:** \`get_workflow_schema(workflowId, phaseId)\` → get field IDs
+**Step 4 - Read/Write:**
+- \`list_activities\` - see items (requires workflowId, phaseId, fields[])
+- \`create_activity\` - create item (requires workflowId, use field IDs from schema)
+- \`update_activity\` - update item (requires activityId, use field IDs)
+## Field value formats:
+- Text: \`"value"\`
+- Number: \`42\`
+- Date: Unix timestamp in ms \`1730937600000\`
+- Dropdown: exact option string \`"High"\`
+- User: user ID string \`"5f8a1b2c..."\`
+## This tool returns:
+All workflows, phases, fields, and teams with IDs. Reference this data for all other calls.`;
 exports.coreInitTool = {
     name: 'core_init',
     group: tool_registry_1.ToolGroup.READ,

package/dist/mcp/utils/index.d.ts CHANGED Viewed

@@ -12,5 +12,7 @@ export { transformActivity, transformActivities, transformFields, transformField
 export { textResponse, errorResponse, successResponse, jsonResponse, paginatedResponse, listResponse, getErrorMessage, withErrorHandling, isErrorResponse } from './response-builder';
 export { normalizePagination, calculatePaginationMeta, formatPaginationText } from './pagination';
 export type { PaginationMeta, PaginationOptions } from './pagination';
+export { deriveUserRole, getAllowedGroups, findCurrentUserMember, extractWorkspaceRoles, getAllowedGroupsForWorkspace, getMaxRole, checkWorkspaceAccess } from './role-utils';
 export type * from './types';
+export { normalizeInitProcesses } from './types';
 //# sourceMappingURL=index.d.ts.map

package/dist/mcp/utils/index.js CHANGED Viewed

@@ -4,7 +4,7 @@
  * Provides centralized access to all utility functions and types
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.formatPaginationText = exports.calculatePaginationMeta = exports.normalizePagination = exports.isErrorResponse = exports.withErrorHandling = exports.getErrorMessage = exports.listResponse = exports.paginatedResponse = exports.jsonResponse = exports.successResponse = exports.errorResponse = exports.textResponse = exports.formatActivityListResponse = exports.formatUserName = exports.formatTimestamp = exports.transformWorkflowFields = exports.transformPhases = exports.transformWorkflow = exports.findFieldByKey = exports.transformFieldValue = exports.transformFields = exports.transformActivities = exports.transformActivity = exports.HailerApiClient = exports.createSuccessResponse = exports.createErrorResponse = exports.handleApiResponse = exports.makeApiCall = exports.HailerApiError = exports.LogTag = exports.LogLevel = exports.logger = exports.createLogger = void 0;
+exports.normalizeInitProcesses = exports.checkWorkspaceAccess = exports.getMaxRole = exports.getAllowedGroupsForWorkspace = exports.extractWorkspaceRoles = exports.findCurrentUserMember = exports.getAllowedGroups = exports.deriveUserRole = exports.formatPaginationText = exports.calculatePaginationMeta = exports.normalizePagination = exports.isErrorResponse = exports.withErrorHandling = exports.getErrorMessage = exports.listResponse = exports.paginatedResponse = exports.jsonResponse = exports.successResponse = exports.errorResponse = exports.textResponse = exports.formatActivityListResponse = exports.formatUserName = exports.formatTimestamp = exports.transformWorkflowFields = exports.transformPhases = exports.transformWorkflow = exports.findFieldByKey = exports.transformFieldValue = exports.transformFields = exports.transformActivities = exports.transformActivity = exports.HailerApiClient = exports.createSuccessResponse = exports.createErrorResponse = exports.handleApiResponse = exports.makeApiCall = exports.HailerApiError = exports.LogTag = exports.LogLevel = exports.logger = exports.createLogger = void 0;
 // Logging utilities
 var logger_1 = require("../../lib/logger");
 Object.defineProperty(exports, "createLogger", { enumerable: true, get: function () { return logger_1.createLogger; } });
@@ -50,4 +50,15 @@ var pagination_1 = require("./pagination");
 Object.defineProperty(exports, "normalizePagination", { enumerable: true, get: function () { return pagination_1.normalizePagination; } });
 Object.defineProperty(exports, "calculatePaginationMeta", { enumerable: true, get: function () { return pagination_1.calculatePaginationMeta; } });
 Object.defineProperty(exports, "formatPaginationText", { enumerable: true, get: function () { return pagination_1.formatPaginationText; } });
+// Role-based access control
+var role_utils_1 = require("./role-utils");
+Object.defineProperty(exports, "deriveUserRole", { enumerable: true, get: function () { return role_utils_1.deriveUserRole; } });
+Object.defineProperty(exports, "getAllowedGroups", { enumerable: true, get: function () { return role_utils_1.getAllowedGroups; } });
+Object.defineProperty(exports, "findCurrentUserMember", { enumerable: true, get: function () { return role_utils_1.findCurrentUserMember; } });
+Object.defineProperty(exports, "extractWorkspaceRoles", { enumerable: true, get: function () { return role_utils_1.extractWorkspaceRoles; } });
+Object.defineProperty(exports, "getAllowedGroupsForWorkspace", { enumerable: true, get: function () { return role_utils_1.getAllowedGroupsForWorkspace; } });
+Object.defineProperty(exports, "getMaxRole", { enumerable: true, get: function () { return role_utils_1.getMaxRole; } });
+Object.defineProperty(exports, "checkWorkspaceAccess", { enumerable: true, get: function () { return role_utils_1.checkWorkspaceAccess; } });
+var types_1 = require("./types");
+Object.defineProperty(exports, "normalizeInitProcesses", { enumerable: true, get: function () { return types_1.normalizeInitProcesses; } });
 //# sourceMappingURL=index.js.map

package/dist/mcp/utils/role-utils.d.ts ADDED Viewed

@@ -0,0 +1,74 @@
+/**
+ * Role-Based Access Control Utilities
+ *
+ * Derives user role from workspace member flags and maps roles to ToolGroups.
+ * Used by UserContextCache to determine tool access at context creation time.
+ */
+import { ToolGroup } from '../tool-registry';
+import { UserRole, WorkspaceMember, WorkspaceInfo } from './types';
+/**
+ * Derive user role from workspace member flags
+ * Priority: owner > admin > guest > member
+ *
+ * @param member - Workspace member from v2.core.init
+ * @returns UserRole - 'owner' | 'admin' | 'guest' | 'member'
+ */
+export declare function deriveUserRole(member: WorkspaceMember): UserRole;
+/**
+ * Map user role to allowed ToolGroups
+ *
+ * @param role - User role derived from workspace member
+ * @param enableNuclear - Optional override to disable NUCLEAR even for owners
+ * @returns Array of ToolGroups the user can access
+ */
+export declare function getAllowedGroups(role: UserRole, enableNuclear?: boolean): ToolGroup[];
+/**
+ * Find current user in workspace members array
+ *
+ * @param members - Array of workspace members from init.network.members
+ * @param currentUserId - Current user's ID
+ * @returns WorkspaceMember if found, undefined otherwise
+ */
+export declare function findCurrentUserMember(members: WorkspaceMember[], currentUserId: string): WorkspaceMember | undefined;
+/**
+ * Extract user roles from all workspaces
+ * Returns a map of workspaceId → UserRole
+ *
+ * @param networks - Record of workspace ID to WorkspaceInfo from init.networks
+ * @param currentUserId - Current user's ID
+ * @returns Record mapping workspace IDs to UserRoles
+ */
+export declare function extractWorkspaceRoles(networks: Record<string, WorkspaceInfo>, currentUserId: string): Record<string, UserRole>;
+/**
+ * Get allowed groups for a specific workspace
+ *
+ * @param workspaceRoles - Map of workspace IDs to UserRoles
+ * @param workspaceId - Target workspace ID
+ * @param enableNuclear - Optional override to disable NUCLEAR even for owners
+ * @returns Array of ToolGroups the user can access in the specified workspace
+ */
+export declare function getAllowedGroupsForWorkspace(workspaceRoles: Record<string, UserRole>, workspaceId: string, enableNuclear?: boolean): ToolGroup[];
+/**
+ * Get the highest role across all workspaces
+ * Used to determine which tools to show at startup (max potential access)
+ *
+ * @param workspaceRoles - Map of workspace IDs to UserRoles
+ * @returns Highest UserRole across all workspaces
+ */
+export declare function getMaxRole(workspaceRoles: Record<string, UserRole>): UserRole;
+/**
+ * Check if user has access to a specific ToolGroup in a workspace
+ * Used for runtime permission validation when tools are called with workspaceId
+ *
+ * @param workspaceRoles - Map of workspace IDs to UserRoles
+ * @param currentWorkspaceId - Current default workspace ID
+ * @param targetWorkspaceId - Target workspace ID (or undefined to use current)
+ * @param requiredGroup - ToolGroup required for the operation
+ * @param enableNuclear - Optional override to disable NUCLEAR even for owners
+ * @returns Object with allowed boolean and optional reason string
+ */
+export declare function checkWorkspaceAccess(workspaceRoles: Record<string, UserRole>, currentWorkspaceId: string, targetWorkspaceId: string | undefined, requiredGroup: ToolGroup, enableNuclear?: boolean): {
+    allowed: boolean;
+    reason?: string;
+};
+//# sourceMappingURL=role-utils.d.ts.map