@heyclaude/mcp 0.1.2 → 0.3.0

package/CHANGELOG.md

@@ -1,5 +1,30 @@
 # @heyclaude/mcp Changelog
 
+## 0.3.0 - Safety Metadata and Submission Policy
+
+- Expose registry `safetyNotes` and `privacyNotes` in MCP search, detail,
+  copyable asset, comparison, and install guidance responses.
+- Accept `safety_notes` and `privacy_notes` in submission draft helpers with
+  the same short-note limits used by HeyClaude intake.
+- Support source-backed and copyable-content skill submissions without requiring
+  community ZIP/MCPB package hosting.
+- Reflect the review-gated import policy: submission helpers can prepare issues
+  and local checks, but never create issues, open PRs, merge, publish, or mirror
+  package artifacts.
+
+## 0.2.0 - Discovery and Submission Drafting
+
+- Add read-only discovery tools for server metadata, paginated category
+  browsing, recent updates, and related entries.
+- Add copyable asset, entry comparison, registry stats, and client setup tools
+  for richer MCP client workflows.
+- Add read-only MCP resources and workflow prompts for discovery, submission
+  drafting, pre-issue review, and safe install guidance.
+- Add submission helper tools for examples, canonical issue drafts, duplicate
+  review, and maintainer checklist guidance.
+- Document the public no-key access model and the dedicated MCP rate-limit
+  policy.
+
 ## 0.1.2 - Repository Rename
 
 - Update package metadata, README links, and release provenance for the

package/README.md

@@ -11,7 +11,7 @@
   <a href="https://github.com/JSONbored/awesome-claude">GitHub</a> •
   <a href="https://www.npmjs.com/package/@heyclaude/mcp">npm</a> •
   <a href="https://heyclau.de/api/mcp">MCP endpoint</a> •
-  <a href="https://github.com/JSONbored/awesome-claude/releases/tag/mcp-v0.1.2">v0.1.2 release</a>
+  <a href="https://github.com/JSONbored/awesome-claude/releases/tag/mcp-v0.3.0">v0.3.0 release</a>
 </p>
 
 Read-only Model Context Protocol server for the HeyClaude registry.
@@ -19,14 +19,35 @@ Read-only Model Context Protocol server for the HeyClaude registry.
 It exposes the same public registry surface used by the website and Raycast:
 search, entry details, platform compatibility, install guidance, generated
 adapters, feed discovery, and safe submission-draft helpers. It does not create
-GitHub issues, open pull requests, write local files, publish content, or manage
-accounts.
+GitHub issues, open pull requests, write local files, publish content, host
+packages, or manage accounts.
+
+No API key is required for the public endpoint. Abuse controls are handled with
+strict request validation, a 64 KiB body limit, and a dedicated Cloudflare
+`API_MCP_RATE_LIMIT` binding capped at 60 requests/minute/IP in production.
 
 ## Tools
 
 - `search_registry` - search public registry entries by query, category, and
   platform.
+- `server_info` - fetch package version, registry generation, tool list, public
+  access policy, and rate-limit metadata.
+- `list_category_entries` - browse entries with bounded pagination and optional
+  category, platform, tag, and query filters.
+- `get_recent_updates` - list recently added or upstream-updated entries from
+  generated registry metadata, optionally filtered with `since`.
+- `get_related_entries` - find related entries based on category, tags,
+  platforms, keywords, and source metadata.
 - `get_entry_detail` - fetch an entry detail payload by category and slug.
+- `get_copyable_asset` - fetch the category-aware copy/install asset for an
+  entry, such as full prompt text, config snippets, commands, scripts, or
+  collection items.
+- `compare_entries` - compare 2-5 entries by fit, category, platform support,
+  install complexity, and source metadata.
+- `get_registry_stats` - fetch aggregate counts, freshness metadata, and real
+  source-signal coverage without implying popularity when stats are absent.
+- `get_client_setup` - fetch tested setup snippets for Codex, Claude Desktop,
+  Cursor, Windsurf, and raw Streamable HTTP clients.
 - `get_compatibility` - fetch skill platform compatibility metadata.
 - `get_install_guidance` - fetch install commands, config, package, and platform
   guidance.
@@ -34,15 +55,45 @@ accounts.
   rule adapters for skill packages.
 - `list_distribution_feeds` - discover public JSON, RSS, Atom, and platform
   feeds.
-- `get_submission_schema` - fetch category submission fields and issue template
-  metadata.
+- `get_submission_schema` - fetch category submission fields for PR-first
+  intake.
 - `validate_submission_draft` - validate a content submission draft locally.
 - `search_duplicate_entries` - check generated registry artifacts for likely
   duplicates before opening a submission.
-- `build_submission_urls` - build prefilled HeyClaude submit and GitHub issue
-  URLs for human review.
+- `build_submission_urls` - build prefilled HeyClaude submit and review URLs for human
+  review.
 - `get_category_submission_guidance` - fetch category-specific contribution
   guidance and required fields.
+- `prepare_submission_draft` - normalize and validate fields, then return a
+  canonical PR draft plus prefilled submit URL.
+- `get_submission_examples` - fetch category-specific example fields and
+  templates for more complete submissions.
+- `review_submission_draft` - review schema errors, duplicate risk, and
+  maintainer checklist items before a submission PR is opened.
+- `get_submission_policy` - fetch the read-only submission, artifact, import,
+  and maintainer-review policy.
+- `explain_entry_trust` - explain source, package, safety, privacy, and review
+  metadata signals for one entry. This is a metadata review only and does not
+  provide malware scanning, automatic safety guarantees, or installation approval.
+- `review_entry_safety` - compare 1-5 entries for source, package, safety, and
+  privacy metadata fit before install or recommendation. This is a metadata review
+  only and does not provide malware scanning, automatic safety guarantees, or
+  installation approval.
+
+## Resources and Prompts
+
+The server also exposes read-only MCP resources:
+
+- `heyclaude://feeds/directory`
+- `heyclaude://category/{category}`
+- `heyclaude://entry/{category}/{slug}`
+
+Workflow prompts are available for common client flows:
+
+- `find_best_asset`
+- `prepare_submission`
+- `review_submission_before_pr`
+- `install_asset_safely`
 
 ## Local Stdio
 
@@ -123,8 +174,17 @@ checks the HTTP guards used by the remote route.
 - Submission helpers generate URLs and validation reports only.
 - No GitHub OAuth, tokens, issue creation, PR creation, or repo writes.
 - No local project-file writes or config mutations.
-- Remote endpoint uses route-level rate limits and Cloudflare rate-limit bindings
-  when available.
+- Remote endpoint requires JSON POST bodies, rejects payloads above 64 KiB, and
+  uses the dedicated `API_MCP_RATE_LIMIT` Cloudflare binding at
+  60 requests/minute/IP in production.
+- Submission tools prepare review drafts only; the MCP server does not perform
+  GitHub writes or publish submitted content.
+- Source-backed, content-only PRs may be merged automatically after content
+  validation, Superagent, and private maintainer-agent review pass. Platform,
+  workflow, package, and generated-artifact changes are never auto-merged by
+  this path.
+- Community ZIP/MCPB artifacts are review/quarantine material only. Public
+  HeyClaude-hosted downloads are maintainer-built package artifacts.
 
 ## npm Release Prep
 
@@ -139,10 +199,10 @@ Do not publish until the web branch has shipped, the production endpoint has
 been verified, and the package smoke test passes. The release checklist is:
 
 ```bash
-pnpm validate:mcp-endpoint -- --url https://heyclau.de/api/mcp
+MCP_ENDPOINT_REQUIRE_SAFETY_METADATA=1 pnpm validate:mcp-endpoint -- --url https://heyclau.de/api/mcp --strict-tools
 pnpm --filter @heyclaude/mcp test
 pnpm --filter @heyclaude/mcp pack --dry-run
-MCP_PACKAGE_REMOTE_SMOKE_URL=https://heyclau.de/api/mcp pnpm validate:mcp-package
+MCP_PACKAGE_REQUIRE_SAFETY_METADATA=1 MCP_PACKAGE_REMOTE_SMOKE_URL=https://heyclau.de/api/mcp pnpm validate:mcp-package
 ```
 
 Publishing should happen through the manual `Publish MCP Package` GitHub

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@heyclaude/mcp",
-  "version": "0.1.2",
+  "version": "0.3.0",
   "type": "module",
   "description": "Read-only MCP server for the HeyClaude registry.",
   "license": "MIT",

package/scripts/validate-endpoint.mjs

@@ -6,12 +6,34 @@ import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/
 import { normalizeEndpointUrl } from "../src/endpoint-url.js";
 import { READ_ONLY_TOOL_NAMES } from "../src/registry.js";
 
+const baselineToolNames = [
+  "search_registry",
+  "get_entry_detail",
+  "get_compatibility",
+  "get_install_guidance",
+  "get_platform_adapter",
+  "list_distribution_feeds",
+  "get_submission_schema",
+  "validate_submission_draft",
+  "search_duplicate_entries",
+  "build_submission_urls",
+  "get_category_submission_guidance",
+];
+
 function parseArgs(argv) {
   const args = new Map();
   for (let index = 0; index < argv.length; index += 1) {
     const value = argv[index];
     if (value === "--") continue;
     if (!value.startsWith("--")) continue;
+    if (value === "--strict-tools") {
+      args.set("strict-tools", "1");
+      continue;
+    }
+    if (value === "--require-safety-metadata") {
+      args.set("require-safety-metadata", "1");
+      continue;
+    }
     args.set(value.slice(2), argv[index + 1] ?? "");
     index += 1;
   }
@@ -28,6 +50,40 @@ function assert(condition, message) {
   if (!condition) throw new Error(message);
 }
 
+function assertSubmitUrl(value) {
+  let url;
+  try {
+    url = new URL(String(value || ""));
+  } catch {
+    throw new Error(
+      "build_submission_urls did not return an absolute submit URL.",
+    );
+  }
+  assert(
+    url.protocol === "https:",
+    "build_submission_urls submit URL must use HTTPS.",
+  );
+  assert(
+    url.origin === "https://heyclau.de",
+    "build_submission_urls submit URL used the wrong origin.",
+  );
+  assert(
+    url.pathname === "/submit",
+    "build_submission_urls did not return the submit URL.",
+  );
+}
+
+function assertSafetyMetadataShape(payload, label) {
+  assert(
+    Array.isArray(payload?.safetyNotes),
+    `${label} did not expose safetyNotes as an array.`,
+  );
+  assert(
+    Array.isArray(payload?.privacyNotes),
+    `${label} did not expose privacyNotes as an array.`,
+  );
+}
+
 async function validateHttpGuards(endpointUrl) {
   const options = await fetch(endpointUrl, { method: "OPTIONS" });
   assert(options.status === 204, `OPTIONS returned ${options.status}`);
@@ -75,7 +131,24 @@ async function validateHttpGuards(endpointUrl) {
   );
 }
 
-async function validateMcpTools(endpointUrl) {
+function validateToolList(toolNames, strictTools) {
+  if (strictTools) {
+    assert(
+      JSON.stringify(toolNames) === JSON.stringify(READ_ONLY_TOOL_NAMES),
+      `Unexpected tool list: ${toolNames.join(", ")}`,
+    );
+    return;
+  }
+
+  for (const toolName of baselineToolNames) {
+    assert(
+      toolNames.includes(toolName),
+      `Deployed MCP endpoint is missing baseline tool: ${toolName}`,
+    );
+  }
+}
+
+async function validateMcpTools(endpointUrl, options = {}) {
   const client = new Client({
     name: "heyclaude-endpoint-validator",
     version: "0.1.0",
@@ -87,10 +160,49 @@ async function validateMcpTools(endpointUrl) {
 
     const tools = await client.listTools();
     const toolNames = tools.tools.map((tool) => tool.name);
-    assert(
-      JSON.stringify(toolNames) === JSON.stringify(READ_ONLY_TOOL_NAMES),
-      `Unexpected tool list: ${toolNames.join(", ")}`,
-    );
+    validateToolList(toolNames, options.strictTools);
+    const hasVersionTwoSurface = toolNames.includes("get_registry_stats");
+    if (hasVersionTwoSurface) {
+      assert(
+        tools.tools.every((tool) => tool.annotations?.readOnlyHint === true),
+        "All HeyClaude MCP tools must advertise read-only annotations.",
+      );
+      assert(
+        tools.tools.every((tool) => tool.outputSchema?.type === "object"),
+        "All HeyClaude MCP tools must expose object output schemas.",
+      );
+
+      const resources = await client.listResources();
+      assert(
+        resources.resources.some(
+          (resource) => resource.uri === "heyclaude://feeds/directory",
+        ),
+        "MCP resources did not expose the directory feed resource.",
+      );
+      const directoryResource = await client.readResource({
+        uri: "heyclaude://feeds/directory",
+      });
+      assert(
+        directoryResource.contents?.[0]?.mimeType === "application/json",
+        "Directory resource did not return JSON content.",
+      );
+
+      const prompts = await client.listPrompts();
+      assert(
+        prompts.prompts.some((prompt) => prompt.name === "find_best_asset"),
+        "MCP prompts did not expose find_best_asset.",
+      );
+      const installPrompt = await client.getPrompt({
+        name: "install_asset_safely",
+        arguments: { category: "mcp", slug: "example", platform: "Codex" },
+      });
+      assert(
+        installPrompt.messages?.[0]?.content?.text?.includes(
+          "get_install_guidance",
+        ),
+        "install_asset_safely prompt did not mention install guidance.",
+      );
+    }
 
     const search = parseToolResult(
       await client.callTool({
@@ -103,6 +215,58 @@ async function validateMcpTools(endpointUrl) {
       Array.isArray(search.entries) && search.entries.length > 0,
       "search_registry did not return entries.",
     );
+    if (options.requireSafetyMetadata) {
+      assertSafetyMetadataShape(
+        search.entries[0],
+        "search_registry first entry",
+      );
+    }
+
+    if (toolNames.includes("server_info")) {
+      const info = parseToolResult(
+        await client.callTool({
+          name: "server_info",
+          arguments: {},
+        }),
+      );
+      assert(info.ok === true, "server_info did not return ok.");
+      assert(
+        info.endpoint?.auth === "none",
+        "server_info did not expose the public no-key access model.",
+      );
+      assert(
+        info.endpoint?.rateLimit?.binding === "API_MCP_RATE_LIMIT",
+        "server_info did not expose the MCP rate-limit binding.",
+      );
+    }
+
+    if (toolNames.includes("list_category_entries")) {
+      const listed = parseToolResult(
+        await client.callTool({
+          name: "list_category_entries",
+          arguments: { category: "mcp", limit: 2 },
+        }),
+      );
+      assert(listed.ok === true, "list_category_entries did not return ok.");
+      assert(
+        Array.isArray(listed.entries) && listed.entries.length > 0,
+        "list_category_entries did not return entries.",
+      );
+    }
+
+    if (toolNames.includes("get_registry_stats")) {
+      const stats = parseToolResult(
+        await client.callTool({
+          name: "get_registry_stats",
+          arguments: {},
+        }),
+      );
+      assert(stats.ok === true, "get_registry_stats did not return ok.");
+      assert(
+        stats.policy?.readOnly === true,
+        "get_registry_stats did not expose the no-write policy.",
+      );
+    }
 
     const first = search.entries[0];
     const detail = parseToolResult(
@@ -116,6 +280,23 @@ async function validateMcpTools(endpointUrl) {
       detail.key === `${first.category}:${first.slug}`,
       "get_entry_detail returned the wrong entry.",
     );
+    if (options.requireSafetyMetadata) {
+      assertSafetyMetadataShape(detail.entry, "get_entry_detail entry");
+    }
+
+    if (toolNames.includes("get_copyable_asset")) {
+      const asset = parseToolResult(
+        await client.callTool({
+          name: "get_copyable_asset",
+          arguments: { category: first.category, slug: first.slug },
+        }),
+      );
+      assert(asset.ok === true, "get_copyable_asset did not return ok.");
+      assert(
+        asset.primaryAsset || asset.assets?.length,
+        "get_copyable_asset did not return any copyable asset.",
+      );
+    }
 
     const feeds = parseToolResult(
       await client.callTool({
@@ -137,9 +318,20 @@ async function validateMcpTools(endpointUrl) {
     );
     assert(schema.ok === true, "get_submission_schema did not return ok.");
     assert(
-      schema.issueTemplate?.template === "submit-mcp.yml",
-      "get_submission_schema did not return the MCP issue template.",
+      schema.prIntake?.mode === "github_app_user_fork_pr",
+      "get_submission_schema did not return PR-first intake metadata.",
     );
+    if (options.requireSafetyMetadata) {
+      const fieldIds = schema.schema?.fields?.map((field) => field.id) || [];
+      assert(
+        fieldIds.includes("safety_notes"),
+        "get_submission_schema did not expose safety_notes.",
+      );
+      assert(
+        fieldIds.includes("privacy_notes"),
+        "get_submission_schema did not expose privacy_notes.",
+      );
+    }
 
     const urls = parseToolResult(
       await client.callTool({
@@ -158,10 +350,36 @@ async function validateMcpTools(endpointUrl) {
       }),
     );
     assert(urls.ok === true, "build_submission_urls did not return ok.");
-    assert(
-      String(urls.githubIssueUrl || "").includes("template=submit-mcp.yml"),
-      "build_submission_urls did not return an MCP issue URL.",
-    );
+    assertSubmitUrl(urls.submitUrl);
+
+    if (toolNames.includes("prepare_submission_draft")) {
+      const prepared = parseToolResult(
+        await client.callTool({
+          name: "prepare_submission_draft",
+          arguments: {
+            fields: {
+              category: "mcp",
+              name: "Endpoint Validation MCP",
+              docs_url: "https://example.com/docs",
+              description:
+                "Endpoint validation draft for the HeyClaude MCP submission helpers.",
+              install_command: "npx -y endpoint-validation-mcp",
+              usage_snippet: "Use this draft to validate MCP route behavior.",
+            },
+          },
+        }),
+      );
+      assert(
+        prepared.prDraft?.body,
+        "prepare_submission_draft did not return a canonical PR draft body.",
+      );
+      assert(
+        String(prepared.submissionPolicy || "").includes(
+          "may be merged automatically",
+        ),
+        "prepare_submission_draft did not expose the maintainer-reviewed policy.",
+      );
+    }
 
     const invalid = parseToolResult(
       await client.callTool({
@@ -182,6 +400,12 @@ async function validateMcpTools(endpointUrl) {
 const args = parseArgs(process.argv.slice(2));
 const endpointUrlRaw = args.get("url") || process.env.MCP_ENDPOINT_URL;
 const endpointUrl = endpointUrlRaw ? normalizeEndpointUrl(endpointUrlRaw) : "";
+const strictTools =
+  args.get("strict-tools") === "1" ||
+  process.env.MCP_ENDPOINT_STRICT_TOOLS === "1";
+const requireSafetyMetadata =
+  args.get("require-safety-metadata") === "1" ||
+  process.env.MCP_ENDPOINT_REQUIRE_SAFETY_METADATA === "1";
 
 if (!endpointUrl) {
   console.error(
@@ -192,7 +416,7 @@ if (!endpointUrl) {
 
 try {
   await validateHttpGuards(endpointUrl);
-  await validateMcpTools(endpointUrl);
+  await validateMcpTools(endpointUrl, { strictTools, requireSafetyMetadata });
   console.log(`Validated HeyClaude MCP endpoint at ${endpointUrl.toString()}`);
 } catch (error) {
   console.error(error instanceof Error ? error.message : String(error));

package/src/package-metadata.js

@@ -1,7 +1,4 @@
-import { createRequire } from "node:module";
-
-const require = createRequire(import.meta.url);
-const packageJson = require("../package.json");
-
-export const packageName = String(packageJson.name || "@heyclaude/mcp");
-export const packageVersion = String(packageJson.version || "0.0.0");
+// Keep this Worker-safe: Cloudflare's bundle loader rejects runtime
+// package.json specifiers inside the SSR/MCP route bundle.
+export const packageName = "@heyclaude/mcp";
+export const packageVersion = "0.3.0";

package/src/registry.d.ts

@@ -14,18 +14,90 @@ export const TOOL_DEFINITIONS: Array<{
   name: string;
   description: string;
   inputSchema: Record<string, unknown>;
+  outputSchema: Record<string, unknown>;
+  annotations: Record<string, unknown>;
 }>;
 
+export const MCP_PUBLIC_POLICY: Record<string, unknown>;
+export const RESOURCE_TEMPLATES: Array<Record<string, unknown>>;
+export const PROMPT_DEFINITIONS: Array<Record<string, unknown>>;
+
 export function searchRegistry(
   args?: Record<string, unknown>,
   options?: RegistryArtifactLoaders,
 ): Promise<RegistryToolResult>;
 
+export function planWorkflowToolbox(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function getServerInfo(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function listCategoryEntries(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function getRecentUpdates(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function getRelatedEntries(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
 export function getEntryDetail(
   args?: Record<string, unknown>,
   options?: RegistryArtifactLoaders,
 ): Promise<RegistryToolResult>;
 
+export function getCopyableAsset(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function compareEntries(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function getRegistryStats(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function getClientSetup(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function listRegistryResources(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<Record<string, unknown>>;
+
+export function listRegistryResourceTemplates(): Record<string, unknown>;
+
+export function readRegistryResource(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders & {
+    publicApiBaseUrl?: string;
+    fetchPublicApi?: (apiPath: string) => Promise<unknown>;
+  },
+): Promise<Record<string, unknown>>;
+
+export function listRegistryPrompts(): Record<string, unknown>;
+
+export function getRegistryPrompt(
+  args?: Record<string, unknown>,
+): Record<string, unknown>;
+
 export function getCompatibility(
   args?: Record<string, unknown>,
   options?: RegistryArtifactLoaders,
@@ -71,6 +143,57 @@ export function getCategorySubmissionGuidance(
   options?: RegistryArtifactLoaders,
 ): Promise<RegistryToolResult>;
 
+export function prepareSubmissionDraft(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function getSubmissionExamples(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function reviewSubmissionDraft(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function getSubmissionPolicy(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function explainEntryTrust(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function reviewEntrySafety(
+  args?: Record<string, unknown>,
+  options?: RegistryArtifactLoaders,
+): Promise<RegistryToolResult>;
+
+export function listRegistryRecent(
+  options?: RegistryArtifactLoaders & {
+    publicApiBaseUrl?: string;
+    fetchPublicApi?: (apiPath: string) => Promise<unknown>;
+  },
+): Promise<RegistryToolResult>;
+
+export function listRegistryTrending(
+  options?: RegistryArtifactLoaders & {
+    publicApiBaseUrl?: string;
+    fetchPublicApi?: (apiPath: string) => Promise<unknown>;
+  },
+): Promise<RegistryToolResult>;
+
+export function listJobsActive(
+  options?: RegistryArtifactLoaders & {
+    publicApiBaseUrl?: string;
+    fetchPublicApi?: (apiPath: string) => Promise<unknown>;
+  },
+): Promise<RegistryToolResult>;
+
 export function callRegistryTool(
   name: string,
   args?: Record<string, unknown>,
@@ -79,7 +202,16 @@ export function callRegistryTool(
 
 export {
   SearchRegistryInputSchema,
+  PlanWorkflowToolboxInputSchema,
+  ServerInfoInputSchema,
+  ListCategoryEntriesInputSchema,
+  RecentUpdatesInputSchema,
+  RelatedEntriesInputSchema,
   EntryDetailInputSchema,
+  CopyableAssetInputSchema,
+  CompareEntriesInputSchema,
+  RegistryStatsInputSchema,
+  ClientSetupInputSchema,
   CompatibilityInputSchema,
   InstallGuidanceInputSchema,
   PlatformAdapterInputSchema,
@@ -90,8 +222,15 @@ export {
   SearchDuplicateEntriesInputSchema,
   BuildSubmissionUrlsInputSchema,
   CategorySubmissionGuidanceInputSchema,
+  PrepareSubmissionDraftInputSchema,
+  GetSubmissionExamplesInputSchema,
+  ReviewSubmissionDraftInputSchema,
+  SubmissionPolicyInputSchema,
+  ExplainEntryTrustInputSchema,
+  ReviewEntrySafetyInputSchema,
   TOOL_INPUT_SCHEMAS,
   jsonSchemaForTool,
+  jsonSchemaForToolOutput,
   parseToolArguments,
   formatZodError,
 } from "./schemas.js";