@heyclaude/mcp 0.2.0 → 0.3.0

package/src/registry.js

@@ -7,7 +7,10 @@ import {
   platformFeedSlug,
   SITE_URL,
 } from "./platforms.js";
-import { DEFAULT_REMOTE_MCP_URL } from "./endpoint-url.js";
+import {
+  DEFAULT_REMOTE_MCP_URL,
+  normalizeEndpointUrl,
+} from "./endpoint-url.js";
 import { packageName, packageVersion } from "./package-metadata.js";
 import {
   formatZodError,
@@ -26,13 +29,18 @@ import {
   validateSubmissionDraftFromSpec,
 } from "./submissions.js";
 
-const repoRoot = path.resolve(
-  path.dirname(fileURLToPath(import.meta.url)),
-  "../../..",
-);
-const defaultDataDir = path.join(repoRoot, "apps", "web", "public", "data");
 const safePathPartPattern = /^[a-z0-9-]+$/;
 const jsonMimeType = "application/json";
+const DISCOVERY_RESOURCE_LIMIT = 25;
+const DISCOVERY_FETCH_TIMEOUT_MS = 5000;
+
+function entryCanonicalUrl(entry) {
+  return (
+    entry.canonicalUrl ||
+    entry.url ||
+    `${SITE_URL}/entry/${entry.category}/${entry.slug}`
+  );
+}
 
 export const MCP_PUBLIC_POLICY = {
   apiKeyRequired: false,
@@ -60,6 +68,7 @@ const platformAliases = new Map([
 
 export const READ_ONLY_TOOL_NAMES = [
   "search_registry",
+  "plan_workflow_toolbox",
   "server_info",
   "list_category_entries",
   "get_recent_updates",
@@ -81,6 +90,9 @@ export const READ_ONLY_TOOL_NAMES = [
   "prepare_submission_draft",
   "get_submission_examples",
   "review_submission_draft",
+  "get_submission_policy",
+  "explain_entry_trust",
+  "review_entry_safety",
 ];
 
 export const TOOL_DEFINITIONS = [
@@ -97,6 +109,19 @@ export const TOOL_DEFINITIONS = [
       openWorldHint: false,
     },
   },
+  {
+    name: "plan_workflow_toolbox",
+    description:
+      "Plan a read-only Claude or Codex workflow toolbox from ranked HeyClaude registry entries with trust, install, and follow-up guidance.",
+    inputSchema: jsonSchemaForTool("plan_workflow_toolbox"),
+    outputSchema: jsonSchemaForToolOutput("plan_workflow_toolbox"),
+    annotations: {
+      readOnlyHint: true,
+      destructiveHint: false,
+      idempotentHint: true,
+      openWorldHint: false,
+    },
+  },
   {
     name: "server_info",
     description:
@@ -178,25 +203,25 @@ export const TOOL_DEFINITIONS = [
   {
     name: "get_submission_schema",
     description:
-      "Fetch read-only HeyClaude submission schemas and GitHub issue template fields by category.",
+      "Fetch read-only HeyClaude submission schemas for PR-first intake by category.",
     inputSchema: jsonSchemaForTool("get_submission_schema"),
   },
   {
     name: "validate_submission_draft",
     description:
-      "Validate a HeyClaude content submission draft locally without creating GitHub issues or publishing content.",
+      "Validate a HeyClaude content submission draft locally without creating GitHub issues, pull requests, or publishing content.",
     inputSchema: jsonSchemaForTool("validate_submission_draft"),
   },
   {
     name: "search_duplicate_entries",
     description:
-      "Search generated registry artifacts for likely duplicate entries before a user opens a submission issue.",
+      "Search generated registry artifacts for likely duplicate entries before a user opens a submission PR.",
     inputSchema: jsonSchemaForTool("search_duplicate_entries"),
   },
   {
     name: "build_submission_urls",
     description:
-      "Build prefilled HeyClaude submit and GitHub issue URLs for a validated submission draft without making write calls.",
+      "Build prefilled HeyClaude submit and review URLs for a validated PR-first submission draft without making write calls.",
     inputSchema: jsonSchemaForTool("build_submission_urls"),
   },
   {
@@ -208,7 +233,7 @@ export const TOOL_DEFINITIONS = [
   {
     name: "prepare_submission_draft",
     description:
-      "Build a read-only maintainer-reviewed HeyClaude submission draft with canonical issue text and URLs.",
+      "Build a read-only maintainer-reviewed HeyClaude submission draft with canonical PR text and URLs.",
     inputSchema: jsonSchemaForTool("prepare_submission_draft"),
   },
   {
@@ -223,6 +248,24 @@ export const TOOL_DEFINITIONS = [
       "Review a HeyClaude submission draft locally for schema errors, duplicate risk, and maintainer checklist items without writing to GitHub.",
     inputSchema: jsonSchemaForTool("review_submission_draft"),
   },
+  {
+    name: "get_submission_policy",
+    description:
+      "Fetch HeyClaude's read-only submission, artifact, import, and maintainer-review policy for contributors and agents.",
+    inputSchema: jsonSchemaForTool("get_submission_policy"),
+  },
+  {
+    name: "explain_entry_trust",
+    description:
+      "Explain deterministic trust, source, package, safety, privacy, and review metadata signals for one HeyClaude entry. This is a metadata review only and does not provide malware scanning, automatic safety guarantees, or installation approval.",
+    inputSchema: jsonSchemaForTool("explain_entry_trust"),
+  },
+  {
+    name: "review_entry_safety",
+    description:
+      "Review 1-5 HeyClaude entries for source, package, safety, and privacy metadata fit before install or recommendation. This is a metadata review only and does not provide malware scanning, automatic safety guarantees, or installation approval.",
+    inputSchema: jsonSchemaForTool("review_entry_safety"),
+  },
 ];
 
 for (const tool of TOOL_DEFINITIONS) {
@@ -236,7 +279,24 @@ for (const tool of TOOL_DEFINITIONS) {
 }
 
 function dataDirFromOptions(options = {}) {
-  return options.dataDir || process.env.HEYCLAUDE_DATA_DIR || defaultDataDir;
+  const envDataDir =
+    typeof process !== "undefined" ? process.env?.HEYCLAUDE_DATA_DIR : "";
+  if (options.dataDir || envDataDir) {
+    return options.dataDir || envDataDir;
+  }
+
+  const moduleUrl = import.meta.url;
+  if (!moduleUrl) {
+    throw new Error(
+      "HEYCLAUDE_DATA_DIR or readTextArtifact is required outside the Node package runtime.",
+    );
+  }
+
+  const repoRoot = path.resolve(
+    path.dirname(fileURLToPath(moduleUrl)),
+    "../../..",
+  );
+  return path.join(repoRoot, "apps", "web", "public", "data");
 }
 
 function isSafePathPart(value) {
@@ -315,6 +375,8 @@ function entryMatchesQuery(entry, query) {
     entry.submittedBy,
     entry.brandName,
     entry.brandDomain,
+    ...notes(entry.safetyNotes),
+    ...notes(entry.privacyNotes),
     ...(entry.tags || []),
     ...(entry.keywords || []),
   ]
@@ -323,6 +385,122 @@ function entryMatchesQuery(entry, query) {
   return haystack.includes(query);
 }
 
+function searchTokens(query) {
+  return normalizeText(query)
+    .split(/[^a-z0-9+#.-]+/i)
+    .map((token) => token.trim())
+    .filter((token) => token.length >= 2)
+    .slice(0, 12);
+}
+
+function entrySearchText(entry) {
+  return [
+    entry.title,
+    entry.description,
+    entry.cardDescription,
+    entry.category,
+    entry.slug,
+    entry.author,
+    entry.submittedBy,
+    entry.brandName,
+    entry.brandDomain,
+    ...notes(entry.safetyNotes),
+    ...notes(entry.privacyNotes),
+    ...(entry.tags || []),
+    ...(entry.keywords || []),
+  ]
+    .map(normalizeText)
+    .join(" ")
+    .toLowerCase();
+}
+
+function scoreSearchEntry(entry, query) {
+  const normalizedQuery = normalizeText(query);
+  const tokens = searchTokens(normalizedQuery);
+  if (!tokens.length) return { score: 0, reasons: [] };
+
+  const title = normalizeText(entry.title);
+  const category = normalizeText(entry.category);
+  const tags = new Set((entry.tags || []).map(normalizeText));
+  const keywords = new Set((entry.keywords || []).map(normalizeText));
+  const haystack = entrySearchText(entry);
+  const reasons = new Set();
+  let score = 0;
+
+  if (title.includes(normalizedQuery)) {
+    score += 90;
+    reasons.add("title phrase");
+  }
+  if (category === normalizedQuery) {
+    score += 45;
+    reasons.add("category match");
+  }
+
+  for (const token of tokens) {
+    if (title.includes(token)) {
+      score += 35;
+      reasons.add("title term");
+    }
+    if (tags.has(token)) {
+      score += 24;
+      reasons.add("tag match");
+    }
+    if (keywords.has(token)) {
+      score += 18;
+      reasons.add("keyword match");
+    }
+    if (category.includes(token)) {
+      score += 12;
+      reasons.add("category term");
+    }
+    if (haystack.includes(token)) score += 4;
+  }
+
+  if (entrySourceStatus(entry) === "available") {
+    score += 8;
+    reasons.add("source-backed");
+  }
+  if (
+    entryPackageTrust(entry) === "first-party" ||
+    entry.packageVerified ||
+    entry.trustSignals?.packageVerified
+  ) {
+    score += 8;
+    reasons.add("trusted package");
+  }
+  if (notes(entry.safetyNotes).length) {
+    score += 4;
+    reasons.add("safety notes");
+  }
+  if (notes(entry.privacyNotes).length) {
+    score += 4;
+    reasons.add("privacy notes");
+  }
+  if (entry.claimStatus === "verified" || entry.reviewedBy) {
+    score += 4;
+    reasons.add("reviewed");
+  }
+
+  return { score, reasons: [...reasons].slice(0, 6) };
+}
+
+function rankSearchEntries(entries, query) {
+  return entries
+    .map((entry, index) => ({
+      entry,
+      index,
+      ...scoreSearchEntry(entry, query),
+    }))
+    .sort((left, right) => {
+      if (left.score !== right.score) return right.score - left.score;
+      const dateCompare = String(right.entry.dateAdded || "").localeCompare(
+        String(left.entry.dateAdded || ""),
+      );
+      if (dateCompare !== 0) return dateCompare;
+      return left.index - right.index;
+    });
+}
+
 function entryMatchesPlatform(entry, platform) {
   if (!platform) return true;
   return (entry.platforms || []).some((candidate) => candidate === platform);
@@ -335,7 +513,84 @@ function entryMatchesTag(entry, tag) {
   );
 }
 
-function toSearchResult(entry) {
+function booleanFilterMatches(value, filter = "all") {
+  if (!filter || filter === "all") return true;
+  return filter === "true" ? Boolean(value) : !value;
+}
+
+function entryPackageTrust(entry) {
+  return entry.downloadTrust || (entry.downloadUrl ? "external" : "none");
+}
+
+function entryClaimStatus(entry) {
+  return entry.claimStatus || "unclaimed";
+}
+
+function entrySourceStatus(entry) {
+  const sourceUrls = [
+    entry.documentationUrl,
+    entry.repoUrl,
+    entry.githubUrl,
+    entry.sourceUrl,
+  ].filter((value) => String(value || "").trim());
+  return (
+    entry.trustSignals?.sourceStatus ||
+    (sourceUrls.length ? "available" : "missing")
+  );
+}
+
+function entryMatchesTrustFilters(entry, args = {}) {
+  if (
+    !booleanFilterMatches(
+      notes(entry.safetyNotes).length > 0,
+      args.hasSafetyNotes,
+    )
+  ) {
+    return false;
+  }
+  if (
+    !booleanFilterMatches(
+      notes(entry.privacyNotes).length > 0,
+      args.hasPrivacyNotes,
+    )
+  ) {
+    return false;
+  }
+  if (
+    args.downloadTrust &&
+    args.downloadTrust !== "all" &&
+    entryPackageTrust(entry) !== args.downloadTrust
+  ) {
+    return false;
+  }
+  if (
+    args.claimStatus &&
+    args.claimStatus !== "all" &&
+    entryClaimStatus(entry) !== args.claimStatus
+  ) {
+    return false;
+  }
+  if (
+    args.sourceStatus &&
+    args.sourceStatus !== "all" &&
+    entrySourceStatus(entry) !== args.sourceStatus
+  ) {
+    return false;
+  }
+  return true;
+}
+
+function parsedTrustArgs(args = {}) {
+  return {
+    hasSafetyNotes: args.hasSafetyNotes || "all",
+    hasPrivacyNotes: args.hasPrivacyNotes || "all",
+    downloadTrust: args.downloadTrust || "all",
+    claimStatus: args.claimStatus || "all",
+    sourceStatus: args.sourceStatus || "all",
+  };
+}
+
+function toSearchResult(entry, ranking = null) {
   return {
     key: `${entry.category}:${entry.slug}`,
     category: entry.category,
@@ -348,11 +603,14 @@ function toSearchResult(entry) {
     brandDomain: entry.brandDomain || "",
     submittedBy: entry.submittedBy || "",
     claimStatus: entry.claimStatus || "",
-    url: entry.url || `${SITE_URL}/${entry.category}/${entry.slug}`,
-    canonicalUrl:
-      entry.canonicalUrl ||
-      entry.url ||
-      `${SITE_URL}/${entry.category}/${entry.slug}`,
+    downloadTrust: entry.downloadTrust || null,
+    safetyNotes: notes(entry.safetyNotes),
+    privacyNotes: notes(entry.privacyNotes),
+    url: entry.url || entryCanonicalUrl(entry),
+    canonicalUrl: entryCanonicalUrl(entry),
+    searchScore: ranking?.score ?? 0,
+    searchReasons: ranking?.reasons ?? [],
+    trust: entryTrustSummary(entry),
   };
 }
 
@@ -363,6 +621,8 @@ function toEntrySummary(entry) {
     repoUpdatedAt: entry.repoUpdatedAt || null,
     verificationStatus: entry.verificationStatus || "",
     installable: Boolean(entry.installable),
+    safetyNotes: notes(entry.safetyNotes),
+    privacyNotes: notes(entry.privacyNotes),
     supportLevels: entry.supportLevels || [],
   };
 }
@@ -410,6 +670,12 @@ function unique(values = []) {
   );
 }
 
+function notes(values) {
+  return Array.isArray(values)
+    ? values.map((value) => String(value || "").trim()).filter(Boolean)
+    : [];
+}
+
 function normalizeDateFloor(value) {
   const text = String(value || "").trim();
   if (!text) return "";
@@ -441,6 +707,87 @@ function sourceSummary(entry) {
   };
 }
 
+function entryTrustRecommendations(entry) {
+  const recommendations = [];
+  const safetyNotes = notes(entry.safetyNotes);
+  const privacyNotes = notes(entry.privacyNotes);
+  const packageTrust = entryPackageTrust(entry);
+  const source = sourceSummary(entry);
+
+  if (!source.repoUrl && !source.documentationUrl) {
+    recommendations.push(
+      "Verify a canonical source before relying on this entry.",
+    );
+  }
+  if (packageTrust === "external") {
+    recommendations.push(
+      "Review the upstream package source and checksum before installing.",
+    );
+  }
+  if (entry.downloadUrl && packageTrust !== "first-party") {
+    recommendations.push(
+      "Treat the download as external unless maintainers have rebuilt and verified it.",
+    );
+  }
+  if (!safetyNotes.length) {
+    recommendations.push(
+      "No structured safety notes are present; inspect commands and permissions manually.",
+    );
+  }
+  if (!privacyNotes.length) {
+    recommendations.push(
+      "No structured privacy notes are present; review file, credential, telemetry, and network behavior manually.",
+    );
+  }
+  return unique(recommendations).slice(0, 6);
+}
+
+function entryTrustSummary(entry) {
+  const safetyNotes = notes(entry.safetyNotes);
+  const privacyNotes = notes(entry.privacyNotes);
+  const source = sourceSummary(entry);
+  const packageTrust = entryPackageTrust(entry);
+  const claimStatus = entryClaimStatus(entry);
+  return {
+    source: {
+      status: entrySourceStatus(entry),
+      repoUrl: source.repoUrl,
+      documentationUrl: source.documentationUrl,
+      sourceHosts: source.sourceHosts,
+      githubStars: source.githubStars,
+      githubForks: source.githubForks,
+      repoUpdatedAt: source.repoUpdatedAt,
+    },
+    package: {
+      downloadUrl: source.downloadUrl,
+      downloadTrust: packageTrust,
+      packageVerified: Boolean(
+        entry.packageVerified || entry.trustSignals?.packageVerified,
+      ),
+      checksum:
+        entry.checksum ||
+        entry.packageChecksum ||
+        entry.downloadSha256 ||
+        entry.skillPackage?.sha256 ||
+        "",
+    },
+    disclosures: {
+      safetyNotes,
+      privacyNotes,
+      hasSafetyNotes: safetyNotes.length > 0,
+      hasPrivacyNotes: privacyNotes.length > 0,
+    },
+    review: {
+      claimStatus,
+      reviewedBy: entry.reviewedBy || "",
+      reviewedAt: entry.reviewedAt || "",
+      submittedBy: entry.submittedBy || "",
+      sourceSubmissionUrl: entry.sourceSubmissionUrl || "",
+    },
+    recommendations: entryTrustRecommendations(entry),
+  };
+}
+
 function contentAsset(type, label, content, format = "markdown") {
   const text =
     content && typeof content === "object"
@@ -552,16 +899,19 @@ export async function searchRegistry(args = {}, options = {}) {
   const category = normalizeText(args.category);
   const platform = normalizePlatform(args.platform);
   const limit = normalizeLimit(args.limit);
+  const trustFilters = parsedTrustArgs(args);
   const searchIndex = unwrapEntries(
     await readJsonArtifact("search-index.json", options),
   );
 
-  const entries = searchIndex
+  const matched = searchIndex
     .filter((entry) => !category || entry.category === category)
     .filter((entry) => entryMatchesPlatform(entry, platform))
     .filter((entry) => entryMatchesQuery(entry, query))
+    .filter((entry) => entryMatchesTrustFilters(entry, trustFilters));
+  const entries = rankSearchEntries(matched, query)
     .slice(0, limit)
-    .map(toSearchResult);
+    .map((item) => toSearchResult(item.entry, item));
 
   return {
     ok: true,
@@ -569,10 +919,205 @@ export async function searchRegistry(args = {}, options = {}) {
     query: args.query || "",
     category: category || "",
     platform: platform || "",
+    filters: trustFilters,
     entries,
   };
 }
 
+function selectDiverseRankedEntries(ranked, limit) {
+  const selected = [];
+  const byCategory = new Map();
+
+  for (const item of ranked) {
+    const category = item.entry.category || "";
+    const current = byCategory.get(category) || 0;
+    if (current >= 2) continue;
+    selected.push(item);
+    byCategory.set(category, current + 1);
+    if (selected.length >= limit) return selected;
+  }
+
+  for (const item of ranked) {
+    if (selected.includes(item)) continue;
+    selected.push(item);
+    if (selected.length >= limit) return selected;
+  }
+
+  return selected;
+}
+
+function toolboxFitReasons(entry, ranking) {
+  const reasons = [...(ranking.reasons || []).slice(0, 4)];
+  if (entry.category) {
+    reasons.push(`${entry.category} workflow surface`);
+  }
+  if (entrySourceStatus(entry) === "available") {
+    reasons.push("source-backed metadata");
+  }
+  if (
+    entryPackageTrust(entry) === "first-party" ||
+    entry.packageVerified ||
+    entry.trustSignals?.packageVerified
+  ) {
+    reasons.push("first-party or verified package signal");
+  }
+  if (notes(entry.safetyNotes).length && notes(entry.privacyNotes).length) {
+    reasons.push("safety and privacy notes present");
+  } else if (notes(entry.safetyNotes).length) {
+    reasons.push("safety notes present");
+  } else if (notes(entry.privacyNotes).length) {
+    reasons.push("privacy notes present");
+  }
+  if (entry.installCommand || entry.downloadUrl || entry.configSnippet) {
+    reasons.push("actionable setup surface");
+  }
+  if ((entry.platforms || []).length) {
+    reasons.push(
+      `platform compatibility: ${(entry.platforms || []).slice(0, 3).join(", ")}`,
+    );
+  }
+  if ((entry.supportLevels || []).length) {
+    reasons.push("support levels documented");
+  }
+  if (entry.claimStatus === "verified" || entry.reviewedBy) {
+    reasons.push("review/provenance metadata");
+  }
+  return unique(reasons).slice(0, 8);
+}
+
+function toolboxCaveats(entry) {
+  const caveats = [];
+  const packageTrust = entryPackageTrust(entry);
+  const safetyNotes = notes(entry.safetyNotes);
+  const privacyNotes = notes(entry.privacyNotes);
+  if (entrySourceStatus(entry) !== "available") {
+    caveats.push("Source metadata is missing or incomplete.");
+  }
+  if (packageTrust === "external") {
+    caveats.push("Package/download is external; verify upstream before use.");
+  }
+  if (entry.downloadUrl && !entryTrustSummary(entry).package.checksum) {
+    caveats.push("Download checksum metadata is not present.");
+  }
+  if (!safetyNotes.length) {
+    caveats.push("No structured safety notes are present.");
+  }
+  if (!privacyNotes.length) {
+    caveats.push("No structured privacy notes are present.");
+  }
+  if (
+    ["mcp", "hooks", "commands", "skills", "statuslines"].includes(
+      entry.category,
+    )
+  ) {
+    caveats.push(
+      "Risk-bearing workflow surface; inspect commands, permissions, and data access before use.",
+    );
+  }
+  return unique(caveats).slice(0, 5);
+}
+
+function toolboxNextActions(entry) {
+  return [
+    `Inspect get_entry_detail with category=${entry.category} and slug=${entry.slug}.`,
+    `Run explain_entry_trust with category=${entry.category} and slug=${entry.slug}; this is still metadata review only.`,
+    "Use compare_entries with nearby candidates before recommending a final stack.",
+    `Use get_copyable_asset with category=${entry.category} and slug=${entry.slug} only after trust review.`,
+  ];
+}
+
+function toolboxCategoryMix(entries) {
+  const counts = new Map();
+  for (const entry of entries) {
+    const category = entry.category || "unknown";
+    counts.set(category, (counts.get(category) || 0) + 1);
+  }
+  return [...counts]
+    .map(([category, count]) => ({ category, count }))
+    .sort((left, right) => left.category.localeCompare(right.category));
+}
+
+function toolboxTrustSummary(entries) {
+  return {
+    sourceBacked: entries.filter(
+      (entry) => entry.trust?.source?.status === "available",
+    ).length,
+    firstPartyOrVerifiedPackages: entries.filter(
+      (entry) =>
+        entry.trust?.package?.downloadTrust === "first-party" ||
+        entry.trust?.package?.packageVerified,
+    ).length,
+    entriesWithSafetyNotes: entries.filter(
+      (entry) => entry.trust?.disclosures?.hasSafetyNotes,
+    ).length,
+    entriesWithPrivacyNotes: entries.filter(
+      (entry) => entry.trust?.disclosures?.hasPrivacyNotes,
+    ).length,
+    externalPackages: entries.filter(
+      (entry) => entry.trust?.package?.downloadTrust === "external",
+    ).length,
+    missingSource: entries.filter(
+      (entry) => entry.trust?.source?.status !== "available",
+    ).length,
+  };
+}
+
+export async function planWorkflowToolbox(args = {}, options = {}) {
+  const goal = String(args.goal || "").trim();
+  if (goal.length < 2) {
+    return invalid("Planner goal must be at least 2 characters.");
+  }
+  const query = normalizeText(goal);
+  const category = normalizeText(args.category);
+  const platform = normalizePlatform(args.platform);
+  const limit = Math.min(10, normalizeLimit(args.limit, 6));
+  const searchIndex = unwrapEntries(
+    await readJsonArtifact("search-index.json", options),
+  );
+  const scoped = searchIndex
+    .filter((entry) => !category || entry.category === category)
+    .filter((entry) => entryMatchesPlatform(entry, platform));
+  let matched = scoped.filter((entry) => entryMatchesQuery(entry, query));
+  const queryTokens = searchTokens(query);
+  if (!matched.length && queryTokens.length) {
+    matched = scoped.filter((entry) =>
+      queryTokens.some((token) => entrySearchText(entry).includes(token)),
+    );
+  }
+  const ranked = rankSearchEntries(matched, query);
+  const selected = selectDiverseRankedEntries(ranked, limit).map((item) => ({
+    ...toEntrySummary(item.entry),
+    searchScore: item.score,
+    searchReasons: item.reasons,
+    toolboxReasons: toolboxFitReasons(item.entry, item),
+    caveats: toolboxCaveats(item.entry),
+    nextActions: toolboxNextActions(item.entry),
+  }));
+
+  return {
+    ok: true,
+    goal,
+    category: category || "",
+    platform: platform || "",
+    count: selected.length,
+    entries: selected,
+    categoryMix: toolboxCategoryMix(selected),
+    trustSummary: toolboxTrustSummary(selected),
+    recommendedNextTools: [
+      "get_entry_detail",
+      "explain_entry_trust",
+      "compare_entries",
+      "get_copyable_asset",
+    ],
+    plannerNotes: [
+      "This planner is metadata review only; it is not install approval or malware scanning, and it does not execute or install entries.",
+      "Recommendations are bounded and category-diverse where matching entries allow it.",
+      "Prefer source-backed entries with safety/privacy notes for risk-bearing MCP, hooks, skills, commands, and statuslines.",
+      "Use get_entry_detail, explain_entry_trust, compare_entries, and get_copyable_asset before relying on any entry.",
+    ],
+  };
+}
+
 export async function getServerInfo(args = {}, options = {}) {
   const manifest = await readJsonArtifact("registry-manifest.json", options);
   return {
@@ -729,6 +1274,39 @@ export async function getRelatedEntries(args = {}, options = {}) {
     return notFound(`No HeyClaude entry found for ${category}/${slug}.`);
   }
 
+  const graph = await readJsonArtifact("relation-graph.json", options).catch(
+    () => null,
+  );
+  const graphRow = Array.isArray(graph?.entries)
+    ? graph.entries.find((entry) => entry.key === `${category}:${slug}`)
+    : null;
+  if (graphRow?.related?.length) {
+    const searchByKey = new Map(
+      searchIndex.map((entry) => [`${entry.category}:${entry.slug}`, entry]),
+    );
+    const entries = graphRow.related
+      .map((relation) => {
+        const entry = searchByKey.get(relation.key);
+        if (!entry) return null;
+        return {
+          ...toEntrySummary(entry),
+          relation: relation.relation,
+          relatedScore: relation.score,
+          relatedReasons: relation.reasons || [],
+        };
+      })
+      .filter(Boolean)
+      .slice(0, limit);
+
+    return {
+      ok: true,
+      key: `${target.category}:${target.slug}`,
+      relationGraph: true,
+      count: entries.length,
+      entries,
+    };
+  }
+
   const entries = searchIndex
     .map((entry) => {
       const related = scoreRelatedEntry(target, entry);
@@ -772,8 +1350,13 @@ export async function getEntryDetail(args = {}, options = {}) {
   return {
     ok: true,
     key: `${entry.category}:${entry.slug}`,
-    canonicalUrl: `${SITE_URL}/${entry.category}/${entry.slug}`,
-    entry,
+    canonicalUrl: entryCanonicalUrl(entry),
+    entry: {
+      ...entry,
+      safetyNotes: notes(entry.safetyNotes),
+      privacyNotes: notes(entry.privacyNotes),
+    },
+    trust: entryTrustSummary(entry),
   };
 }
 
@@ -827,7 +1410,7 @@ export async function getCopyableAsset(args = {}, options = {}) {
     category: entry.category,
     slug: entry.slug,
     title: entry.title,
-    canonicalUrl: `${SITE_URL}/${entry.category}/${entry.slug}`,
+    canonicalUrl: entryCanonicalUrl(entry),
     platform: platform || "",
     primaryAsset: primary,
     assets,
@@ -835,8 +1418,11 @@ export async function getCopyableAsset(args = {}, options = {}) {
     configSnippet: entry.configSnippet || "",
     usageSnippet: entry.usageSnippet || "",
     downloadUrl: entry.downloadUrl || "",
+    safetyNotes: notes(entry.safetyNotes),
+    privacyNotes: notes(entry.privacyNotes),
     platformCompatibility: compatibility,
     source: sourceSummary(entry),
+    trust: entryTrustSummary(entry),
   };
 }
 
@@ -864,7 +1450,7 @@ export async function compareEntries(args = {}, options = {}) {
       slug: entry.slug,
       title: entry.title,
       description: entry.description,
-      canonicalUrl: `${SITE_URL}/${entry.category}/${entry.slug}`,
+      canonicalUrl: entryCanonicalUrl(entry),
       tags: entry.tags || [],
       platforms: entry.platforms || [],
       selectedCompatibility,
@@ -876,22 +1462,29 @@ export async function compareEntries(args = {}, options = {}) {
         entry.scriptBody ? "script" : "",
       ].filter(Boolean),
       source: sourceSummary(entry),
+      trust: entryTrustSummary(entry),
     };
   });
+  const sharedTags = compared.length
+    ? compared
+        .slice(1)
+        .reduce(
+          (tags, entry) => intersection(tags, entry.tags || []),
+          compared[0].tags || [],
+        )
+    : [];
 
   return {
     ok: true,
     platform: platform || "",
     count: compared.length,
-    sharedTags: intersection(
-      compared[0]?.tags || [],
-      compared.slice(1).flatMap((entry) => entry.tags || []),
-    ),
+    sharedTags,
     entries: compared,
     comparisonNotes: [
       "Prefer exact category fit before source popularity.",
       "Treat GitHub stars/forks as source signals only when present; absence is not a negative ranking.",
       "Install complexity is derived from available install/config/download/prerequisite metadata.",
+      "Safety/privacy notes are disclosure metadata, not a malware verdict.",
     ],
   };
 }
@@ -957,7 +1550,18 @@ export async function getRegistryStats(args = {}, options = {}) {
 }
 
 export async function getClientSetup(args = {}) {
-  const endpointUrl = args.endpointUrl || DEFAULT_REMOTE_MCP_URL;
+  let endpointUrl;
+  try {
+    const rawEndpointUrl = Object.prototype.hasOwnProperty.call(
+      args,
+      "endpointUrl",
+    )
+      ? args.endpointUrl
+      : DEFAULT_REMOTE_MCP_URL;
+    endpointUrl = normalizeEndpointUrl(rawEndpointUrl).toString();
+  } catch (error) {
+    return invalid(error?.message || "Invalid endpoint URL.");
+  }
   const snippets = {
     codex: {
       label: "Codex stdio bridge",
@@ -1019,7 +1623,7 @@ export async function getClientSetup(args = {}) {
     snippets: client ? { [client]: snippets[client] } : snippets,
     notes: [
       "The public endpoint is read-only and does not need an API key.",
-      "Submission tools prepare maintainer-reviewed drafts; they do not open GitHub issues.",
+      "Submission tools prepare maintainer-reviewed PR-first drafts; they do not open GitHub issues.",
       "Use --url only when testing a custom preview or deployment.",
     ],
   };
@@ -1044,6 +1648,330 @@ export const RESOURCE_TEMPLATES = [
   },
 ];
 
+/**
+ * Static MCP resource descriptors for the bounded discovery surfaces
+ * exposed alongside the directory and category feeds. Appended to
+ * {@link listRegistryResources} output and routed by
+ * {@link readRegistryResource}.
+ *
+ * @type {Array<{ uri: string, name: string, title: string, description: string, mimeType: string }>}
+ */
+const DISCOVERY_RESOURCES = [
+  {
+    uri: "heyclaude://registry/recent",
+    name: "HeyClaude recent registry updates",
+    title: "HeyClaude recent registry updates",
+    description:
+      "Bounded list of recently added or upstream-updated HeyClaude entries from the generated search index.",
+    mimeType: jsonMimeType,
+  },
+  {
+    uri: "heyclaude://registry/trending",
+    name: "HeyClaude trending registry entries",
+    title: "HeyClaude trending registry entries",
+    description:
+      "Bounded list of trending HeyClaude entries from the public /api/registry/trending endpoint; degrades gracefully when dynamic state is unavailable.",
+    mimeType: jsonMimeType,
+  },
+  {
+    uri: "heyclaude://jobs/active",
+    name: "HeyClaude active jobs",
+    title: "HeyClaude active jobs",
+    description:
+      "Bounded list of active public job listings from the public /api/jobs endpoint; degrades gracefully when dynamic state is unavailable.",
+    mimeType: jsonMimeType,
+  },
+];
+
+/**
+ * Resolve the public HeyClaude API base URL. Prefers an explicit override
+ * on `options.publicApiBaseUrl`, then the `HEYCLAUDE_PUBLIC_API_URL`
+ * environment variable, then falls back to the canonical site URL.
+ *
+ * @param {{ publicApiBaseUrl?: string }} [options]
+ * @returns {string} Base URL used to build `/api/...` requests.
+ */
+function publicApiBaseUrl(options = {}) {
+  return (
+    options.publicApiBaseUrl || process.env.HEYCLAUDE_PUBLIC_API_URL || SITE_URL
+  );
+}
+
+/**
+ * Remove trailing slashes without using a potentially expensive regex on
+ * caller-controlled API base URL overrides.
+ *
+ * @param {string} value
+ * @returns {string}
+ */
+function stripTrailingSlashes(value) {
+  let end = value.length;
+  while (end > 0 && value.charCodeAt(end - 1) === 47) {
+    end -= 1;
+  }
+  return value.slice(0, end);
+}
+
+/**
+ * Fetch JSON from a public HeyClaude API path. Tests inject a deterministic
+ * fetcher via `options.fetchPublicApi`; production uses `fetch()` with a
+ * bounded {@link DISCOVERY_FETCH_TIMEOUT_MS} timeout, `redirect: "error"`,
+ * and a JSON `accept` header. Throws on non-2xx responses so callers can
+ * convert failures into the "unavailable" graceful-degradation envelope.
+ *
+ * @param {string} apiPath API path beginning with `/api/...`.
+ * @param {{
+ *   publicApiBaseUrl?: string,
+ *   fetchPublicApi?: (apiPath: string) => Promise<unknown>,
+ * }} [options]
+ * @returns {Promise<unknown>} Parsed JSON body from the upstream response.
+ */
+async function fetchPublicApiJson(apiPath, options = {}) {
+  if (typeof options.fetchPublicApi === "function") {
+    return options.fetchPublicApi(apiPath);
+  }
+  const baseUrl = stripTrailingSlashes(publicApiBaseUrl(options));
+  const url = `${baseUrl}${apiPath.startsWith("/") ? "" : "/"}${apiPath}`;
+  const controller = new AbortController();
+  const timeout = setTimeout(
+    () => controller.abort(),
+    DISCOVERY_FETCH_TIMEOUT_MS,
+  );
+  try {
+    const response = await fetch(url, {
+      method: "GET",
+      headers: { accept: jsonMimeType },
+      redirect: "error",
+      signal: controller.signal,
+    });
+    if (!response.ok) {
+      throw new Error(`Public API ${apiPath} returned ${response.status}.`);
+    }
+    return await response.json();
+  } finally {
+    clearTimeout(timeout);
+  }
+}
+
+/**
+ * Build the standard "unavailable" error envelope used when a dynamic
+ * resource cannot be loaded. Distinct from `notFound` / `invalid` so MCP
+ * clients can tell apart "endpoint failed" from "no such resource" and
+ * keep the surface read-only.
+ *
+ * @param {string} message Human-readable explanation.
+ * @param {string} [details] Optional underlying error message.
+ * @returns {{ ok: false, error: { code: "unavailable", message: string, details?: string } }}
+ */
+function unavailable(message, details) {
+  return {
+    ok: false,
+    error: {
+      code: "unavailable",
+      message,
+      ...(details ? { details } : {}),
+    },
+  };
+}
+
+/**
+ * Build the `heyclaude://registry/recent` resource payload. Reads the
+ * generated `search-index.json` artifact, sorts entries by `repoUpdatedAt`
+ * (falling back to `updatedAt` / `dateAdded`) descending, and bounds
+ * output to {@link DISCOVERY_RESOURCE_LIMIT} entries. Each entry carries
+ * the standard `toEntrySummary` shape plus `updatedAt` and `updateKind`.
+ *
+ * @param {import("./registry.d.ts").RegistryArtifactLoaders} [options]
+ * @returns {Promise<import("./registry.d.ts").RegistryToolResult>}
+ */
+export async function listRegistryRecent(options = {}) {
+  const searchIndex = unwrapEntries(
+    await readJsonArtifact("search-index.json", options),
+  );
+  const entries = searchIndex
+    .slice()
+    .sort((left, right) => {
+      const dateCompare = entryUpdatedAt(right).localeCompare(
+        entryUpdatedAt(left),
+      );
+      if (dateCompare !== 0) return dateCompare;
+      return String(left.title || "").localeCompare(String(right.title || ""));
+    })
+    .slice(0, DISCOVERY_RESOURCE_LIMIT)
+    .map((entry) => ({
+      ...toEntrySummary(entry),
+      updatedAt: entryUpdatedAt(entry),
+      updateKind: entry.repoUpdatedAt ? "upstream_update" : "added",
+    }));
+
+  return {
+    ok: true,
+    kind: "registry-recent",
+    schemaVersion: 1,
+    limit: DISCOVERY_RESOURCE_LIMIT,
+    count: entries.length,
+    entries,
+  };
+}
+
+/**
+ * Normalize a raw `/api/registry/trending` entry into the small, stable
+ * shape published by the MCP `registry/trending` resource. Defends against
+ * upstream field churn (missing arrays, non-numeric scores, dropped
+ * `trustSignals`) so MCP clients see a predictable schema.
+ *
+ * @param {Record<string, unknown> & { category: string, slug: string }} entry
+ * @returns {Record<string, unknown>} Normalized trending entry.
+ */
+function toTrendingEntry(entry) {
+  return {
+    key: `${entry.category}:${entry.slug}`,
+    category: entry.category,
+    slug: entry.slug,
+    title: entry.title || "",
+    description: entry.description || "",
+    canonicalUrl: entryCanonicalUrl(entry),
+    platforms: Array.isArray(entry.platforms) ? entry.platforms : [],
+    tags: Array.isArray(entry.tags) ? entry.tags : [],
+    dateAdded: entry.dateAdded || "",
+    score: typeof entry.score === "number" ? entry.score : 0,
+    reasons: Array.isArray(entry.reasons) ? entry.reasons : [],
+    trustSignals: entry.trustSignals || { sourceStatus: "missing" },
+  };
+}
+
+/**
+ * Build the `heyclaude://registry/trending` resource payload. Reuses the
+ * public `/api/registry/trending` endpoint (no DB access from the MCP
+ * package). Returns an `unavailable` envelope when the upstream fetch
+ * fails so MCP clients degrade gracefully. Output is bounded to
+ * {@link DISCOVERY_RESOURCE_LIMIT} entries and forwards `signalsAvailable`
+ * when present so consumers can tell which scoring signals applied.
+ *
+ * @param {import("./registry.d.ts").RegistryArtifactLoaders & {
+ *   publicApiBaseUrl?: string,
+ *   fetchPublicApi?: (apiPath: string) => Promise<unknown>,
+ * }} [options]
+ * @returns {Promise<import("./registry.d.ts").RegistryToolResult>}
+ */
+export async function listRegistryTrending(options = {}) {
+  let payload;
+  try {
+    payload = await fetchPublicApiJson(
+      `/api/registry/trending?limit=${DISCOVERY_RESOURCE_LIMIT}`,
+      options,
+    );
+  } catch (error) {
+    return unavailable(
+      "Trending registry state is currently unavailable.",
+      String(error?.message || error || ""),
+    );
+  }
+
+  if (!payload || !Array.isArray(payload.entries)) {
+    return unavailable(
+      "Trending registry state is currently unavailable.",
+      "Upstream payload is missing the expected entries array.",
+    );
+  }
+  const entries = payload.entries
+    .slice(0, DISCOVERY_RESOURCE_LIMIT)
+    .map(toTrendingEntry);
+
+  return {
+    ok: true,
+    kind: "registry-trending",
+    schemaVersion: payload?.schemaVersion ?? 1,
+    category: payload?.category || "all",
+    platform: payload?.platform || "all",
+    limit: DISCOVERY_RESOURCE_LIMIT,
+    count: entries.length,
+    signalsAvailable:
+      payload?.signalsAvailable && typeof payload.signalsAvailable === "object"
+        ? payload.signalsAvailable
+        : null,
+    source: "public-api",
+    entries,
+  };
+}
+
+/**
+ * Normalize a raw `/api/jobs` entry into the small, stable shape published
+ * by the MCP `jobs/active` resource. Defends against upstream field churn
+ * and never exposes private/admin-only fields (we only project the public
+ * subset already returned by `buildPublicJobsIndex`).
+ *
+ * @param {Record<string, unknown>} job
+ * @returns {Record<string, unknown>} Normalized public job entry.
+ */
+function toJobEntry(job) {
+  return {
+    id: job.id || job.slug || "",
+    title: job.title || "",
+    company: job.company || "",
+    location: job.location || "",
+    type: job.type || "",
+    isRemote: Boolean(job.isRemote),
+    tier: job.tier || "",
+    applyUrl: job.applyUrl || job.url || "",
+    sourceLabel: job.sourceLabel || "",
+    postedAt: job.postedAt || job.publishedAt || "",
+    labels: Array.isArray(job.labels) ? job.labels : [],
+  };
+}
+
+/**
+ * Build the `heyclaude://jobs/active` resource payload. Reuses the public
+ * `/api/jobs` endpoint (no DB access from the MCP package) and returns an
+ * `unavailable` envelope when the upstream fetch fails. Output is bounded
+ * to {@link DISCOVERY_RESOURCE_LIMIT} entries and forwards `totalAvailable`
+ * when the upstream reports it.
+ *
+ * @param {import("./registry.d.ts").RegistryArtifactLoaders & {
+ *   publicApiBaseUrl?: string,
+ *   fetchPublicApi?: (apiPath: string) => Promise<unknown>,
+ * }} [options]
+ * @returns {Promise<import("./registry.d.ts").RegistryToolResult>}
+ */
+export async function listJobsActive(options = {}) {
+  let payload;
+  try {
+    payload = await fetchPublicApiJson(
+      `/api/jobs?limit=${DISCOVERY_RESOURCE_LIMIT}`,
+      options,
+    );
+  } catch (error) {
+    return unavailable(
+      "Active jobs state is currently unavailable.",
+      String(error?.message || error || ""),
+    );
+  }
+
+  if (!payload || !Array.isArray(payload.entries)) {
+    return unavailable(
+      "Active jobs state is currently unavailable.",
+      "Upstream payload is missing the expected entries array.",
+    );
+  }
+  const entries = payload.entries
+    .slice(0, DISCOVERY_RESOURCE_LIMIT)
+    .map(toJobEntry);
+
+  return {
+    ok: true,
+    kind: "jobs-active",
+    schemaVersion: payload?.schemaVersion ?? 1,
+    limit: DISCOVERY_RESOURCE_LIMIT,
+    count: entries.length,
+    totalAvailable:
+      typeof payload?.totalAvailable === "number"
+        ? payload.totalAvailable
+        : null,
+    source: "public-api",
+    entries,
+  };
+}
+
 export const PROMPT_DEFINITIONS = [
   {
     name: "find_best_asset",
@@ -1071,7 +1999,7 @@ export const PROMPT_DEFINITIONS = [
     name: "prepare_submission",
     title: "Prepare a HeyClaude submission",
     description:
-      "Guide a user through drafting a maintainer-reviewed HeyClaude submission without opening an issue automatically.",
+      "Guide a user through drafting a maintainer-reviewed HeyClaude submission without opening a PR automatically.",
     arguments: [
       { name: "category", description: "Submission category.", required: true },
       { name: "name", description: "Submission name or title." },
@@ -1082,8 +2010,8 @@ export const PROMPT_DEFINITIONS = [
     ],
   },
   {
-    name: "review_submission_before_issue",
-    title: "Review submission before opening issue",
+    name: "review_submission_before_pr",
+    title: "Review submission before opening PR",
     description:
       "Check a draft for schema gaps, duplicate risk, source review, and maintainer checklist items.",
     arguments: [
@@ -1126,6 +2054,7 @@ export async function listRegistryResources(args = {}, options = {}) {
         description: `Generated public ${category} category summary entries.`,
         mimeType: jsonMimeType,
       })),
+      ...DISCOVERY_RESOURCES,
     ],
   };
 }
@@ -1187,6 +2116,24 @@ export async function readRegistryResource(args = {}, options = {}) {
     const [category, slug] = parts.map(normalizeText);
     const detail = await getEntryDetail({ category, slug }, options);
     payload = detail;
+  } else if (
+    parsed.hostname === "registry" &&
+    parts.length === 1 &&
+    parts[0] === "recent"
+  ) {
+    payload = await listRegistryRecent(options);
+  } else if (
+    parsed.hostname === "registry" &&
+    parts.length === 1 &&
+    parts[0] === "trending"
+  ) {
+    payload = await listRegistryTrending(options);
+  } else if (
+    parsed.hostname === "jobs" &&
+    parts.length === 1 &&
+    parts[0] === "active"
+  ) {
+    payload = await listJobsActive(options);
   } else {
     return resourcePayload(
       notFound(`Unsupported HeyClaude resource URI: ${uri}`),
@@ -1239,8 +2186,8 @@ export function getRegistryPrompt(args = {}) {
 Use the read-only HeyClaude MCP tools. Start with search_registry or list_category_entries${category ? ` in category ${category}` : ""}${platform ? ` for platform ${platform}` : ""}. Compare credible candidates with compare_entries, inspect details with get_entry_detail, and cite exact category/slug pairs. Do not invent popularity metrics when source stats are absent.`,
     prepare_submission: `Prepare a HeyClaude submission draft${category ? ` for category ${category}` : ""}${promptArgument(values, "name") ? ` named ${promptArgument(values, "name")}` : ""}${sourceUrl ? ` from ${sourceUrl}` : ""}.
 
-Use get_submission_schema, get_submission_examples, prepare_submission_draft, review_submission_draft, and search_duplicate_entries. Return missing fields and the canonical issue draft URL/body. Do not create a GitHub issue or publish content.`,
-    review_submission_before_issue: `Review this HeyClaude submission draft before an issue is opened:
+Use get_submission_schema, get_submission_examples, prepare_submission_draft, review_submission_draft, and search_duplicate_entries. Return missing fields and the canonical PR-first submit URL/body. Do not create GitHub issues or publish content.`,
+    review_submission_before_pr: `Review this HeyClaude submission draft before a PR is opened:
 
 ${draft || "(draft not provided)"}
 
@@ -1304,7 +2251,7 @@ export async function getInstallGuidance(args = {}, options = {}) {
   return {
     ok: true,
     key: `${entry.category}:${entry.slug}`,
-    canonicalUrl: `${SITE_URL}/${entry.category}/${entry.slug}`,
+    canonicalUrl: entryCanonicalUrl(entry),
     title: entry.title,
     installCommand: entry.installCommand || entry.commandSyntax || "",
     configSnippet: entry.configSnippet || "",
@@ -1312,6 +2259,9 @@ export async function getInstallGuidance(args = {}, options = {}) {
     downloadUrl: entry.downloadUrl || "",
     documentationUrl: entry.documentationUrl || "",
     repoUrl: entry.repoUrl || "",
+    safetyNotes: notes(entry.safetyNotes),
+    privacyNotes: notes(entry.privacyNotes),
+    trust: entryTrustSummary(entry),
     platform: platform || "",
     selectedCompatibility,
     platformCompatibility: compatibility,
@@ -1428,6 +2378,112 @@ export async function reviewSubmissionDraft(args = {}, options = {}) {
   return reviewSubmissionDraftFromSpec(spec, args, unwrapEntries(searchIndex));
 }
 
+export async function getSubmissionPolicy() {
+  return {
+    ok: true,
+    publicPolicy: MCP_PUBLIC_POLICY,
+    reviewModel: {
+      prFirst: true,
+      maintainerReviewRequired: true,
+      autoMerge: "content_only_private_gate",
+      autoMergeRequires: [
+        "single content file only",
+        "validate-content",
+        "Superagent Security Scan",
+        "private maintainer-agent review",
+      ],
+      mutatingAutomationOwner: "private submission gate",
+    },
+    artifactPolicy: {
+      communityHostedArchivesAllowed: false,
+      communityZipHostingAllowed: false,
+      communityMcpbHostingAllowed: false,
+      maintainerBuiltDownloadsOnly: true,
+      firstPartyDownloadsRequireVerification: true,
+    },
+    submissionGuidance: [
+      "Use source-backed or copyable-content submissions for community content.",
+      "Do not request public HeyClaude /downloads hosting for community ZIP/MCPB artifacts.",
+      "Add safety_notes when a submission runs code, writes externally, uses permissions, or starts background workers.",
+      "Add privacy_notes when a submission reads local files, logs, credentials, telemetry, or third-party user data.",
+      "Commercial, affiliate, sponsored, or paid product listings go through maintainer review and disclosure, not the free content queue.",
+    ],
+  };
+}
+
+export async function explainEntryTrust(args = {}, options = {}) {
+  const category = normalizeText(args.category);
+  const slug = normalizeText(args.slug);
+  if (!category || !slug) {
+    return invalid("category and slug are required.");
+  }
+
+  const entry = await readEntry(category, slug, options);
+  if (!entry) {
+    return notFound(`No HeyClaude entry found for ${category}/${slug}.`);
+  }
+
+  return {
+    ok: true,
+    key: `${entry.category}:${entry.slug}`,
+    title: entry.title,
+    canonicalUrl: entryCanonicalUrl(entry),
+    trust: entryTrustSummary(entry),
+  };
+}
+
+export async function reviewEntrySafety(args = {}, options = {}) {
+  const platform = normalizePlatform(args.platform);
+  const entries = [];
+  for (const target of args.entries || []) {
+    const category = normalizeText(target.category);
+    const slug = normalizeText(target.slug);
+    const entry = await readEntry(category, slug, options);
+    if (!entry) {
+      return notFound(`No HeyClaude entry found for ${category}/${slug}.`);
+    }
+    const compatibility = buildSkillPlatformCompatibility(entry);
+    entries.push({
+      key: `${entry.category}:${entry.slug}`,
+      category: entry.category,
+      slug: entry.slug,
+      title: entry.title,
+      canonicalUrl: entryCanonicalUrl(entry),
+      selectedCompatibility: platform
+        ? compatibility.find((item) => item.platform === platform) || null
+        : null,
+      trust: entryTrustSummary(entry),
+    });
+  }
+
+  const entriesWithNotes = entries.filter(
+    (entry) =>
+      entry.trust.disclosures.hasSafetyNotes ||
+      entry.trust.disclosures.hasPrivacyNotes,
+  );
+
+  return {
+    ok: true,
+    platform: platform || "",
+    count: entries.length,
+    entries,
+    summary: {
+      entriesWithSafetyOrPrivacyNotes: entriesWithNotes.length,
+      firstPartyPackages: entries.filter(
+        (entry) => entry.trust.package.downloadTrust === "first-party",
+      ).length,
+      sourceBacked: entries.filter(
+        (entry) => entry.trust.source.status === "available",
+      ).length,
+    },
+    reviewNotes: [
+      "This is a metadata review, not a malware scan or install verdict.",
+      "Prefer source-backed entries and first-party maintainer-built downloads when installing packages.",
+      "Inspect commands, requested permissions, and external writes before running any copied content.",
+    ],
+  };
+}
+
 export async function callRegistryTool(name, args = {}, options = {}) {
   if (!READ_ONLY_TOOL_NAMES.includes(name)) {
     return invalid(`Unknown read-only HeyClaude MCP tool: ${name}`);
@@ -1452,6 +2508,9 @@ export async function callRegistryTool(name, args = {}, options = {}) {
     case "search_registry":
       result = await searchRegistry(parsedArgs, options);
       break;
+    case "plan_workflow_toolbox":
+      result = await planWorkflowToolbox(parsedArgs, options);
+      break;
     case "server_info":
       result = await getServerInfo(parsedArgs, options);
       break;
@@ -1515,6 +2574,15 @@ export async function callRegistryTool(name, args = {}, options = {}) {
     case "review_submission_draft":
       result = await reviewSubmissionDraft(parsedArgs, options);
       break;
+    case "get_submission_policy":
+      result = await getSubmissionPolicy(parsedArgs, options);
+      break;
+    case "explain_entry_trust":
+      result = await explainEntryTrust(parsedArgs, options);
+      break;
+    case "review_entry_safety":
+      result = await reviewEntrySafety(parsedArgs, options);
+      break;
   }
 
   return withPublicPolicy(result);