@hostingguru/mcp-server 1.0.0

package/main.cjs

@@ -0,0 +1,1449 @@
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+
+// apps/mcp-server/src/main.ts
+var import_mcp = require("@modelcontextprotocol/sdk/server/mcp.js");
+var import_stdio = require("@modelcontextprotocol/sdk/server/stdio.js");
+
+// apps/mcp-server/src/config.ts
+var path = __toESM(require("path"));
+var os = __toESM(require("os"));
+var CONFIG = {
+  version: "1.0.0",
+  defaultApiUrl: "https://backend.hostingguru.io/hostingguru",
+  configDir: path.join(os.homedir(), ".hostingguru"),
+  credentialsFile: path.join(os.homedir(), ".hostingguru", "credentials.json")
+};
+
+// apps/mcp-server/src/state/credentials.ts
+var fs = __toESM(require("fs"));
+
+// apps/mcp-server/src/state/session.ts
+var Session = class {
+  constructor() {
+    this.token = null;
+    this.workspaceId = null;
+    this.apiUrl = CONFIG.defaultApiUrl;
+  }
+  setAuth(token) {
+    this.token = token;
+  }
+  setWorkspace(workspaceId) {
+    this.workspaceId = workspaceId;
+  }
+  clear() {
+    this.token = null;
+    this.workspaceId = null;
+  }
+  isAuthenticated() {
+    return this.token !== null;
+  }
+};
+var session = new Session();
+
+// apps/mcp-server/src/state/crypto.ts
+var crypto = __toESM(require("crypto"));
+var os2 = __toESM(require("os"));
+var ALGORITHM = "aes-256-gcm";
+var IV_LENGTH = 16;
+var TAG_LENGTH = 16;
+function deriveKey() {
+  const material = [
+    os2.hostname(),
+    os2.userInfo().username,
+    os2.homedir(),
+    "hostingguru-mcp-v1"
+  ].join(":");
+  return crypto.createHash("sha256").update(material).digest();
+}
+function encrypt(plaintext) {
+  const key = deriveKey();
+  const iv = crypto.randomBytes(IV_LENGTH);
+  const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  return Buffer.concat([iv, tag, encrypted]).toString("base64");
+}
+function decrypt(encoded) {
+  const key = deriveKey();
+  const data = Buffer.from(encoded, "base64");
+  const iv = data.subarray(0, IV_LENGTH);
+  const tag = data.subarray(IV_LENGTH, IV_LENGTH + TAG_LENGTH);
+  const ciphertext = data.subarray(IV_LENGTH + TAG_LENGTH);
+  const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
+  decipher.setAuthTag(tag);
+  return decipher.update(ciphertext) + decipher.final("utf8");
+}
+
+// apps/mcp-server/src/state/credentials.ts
+function loadCredentials() {
+  try {
+    if (!fs.existsSync(CONFIG.credentialsFile))
+      return;
+    const raw = fs.readFileSync(CONFIG.credentialsFile, "utf-8");
+    const stored = JSON.parse(raw);
+    let payload;
+    if (stored.v === 2 && stored.encrypted) {
+      payload = JSON.parse(decrypt(stored.encrypted));
+    } else if (stored.token) {
+      payload = stored;
+    } else {
+      return;
+    }
+    if (payload.token) {
+      session.setAuth(payload.token);
+    }
+    if (payload.selectedWorkspaceId) {
+      session.setWorkspace(payload.selectedWorkspaceId);
+    }
+  } catch {
+  }
+}
+function saveCredentials() {
+  try {
+    if (!fs.existsSync(CONFIG.configDir)) {
+      fs.mkdirSync(CONFIG.configDir, { recursive: true });
+    }
+    const payload = {
+      token: session.token,
+      selectedWorkspaceId: session.workspaceId || void 0
+    };
+    const stored = {
+      encrypted: encrypt(JSON.stringify(payload)),
+      v: 2
+    };
+    fs.writeFileSync(CONFIG.credentialsFile, JSON.stringify(stored, null, 2), { mode: 384 });
+  } catch {
+  }
+}
+function clearCredentials() {
+  try {
+    if (fs.existsSync(CONFIG.credentialsFile)) {
+      fs.unlinkSync(CONFIG.credentialsFile);
+    }
+  } catch {
+  }
+  session.clear();
+}
+
+// apps/mcp-server/src/tools/auth.ts
+var import_zod = require("zod");
+
+// apps/mcp-server/src/api/client.ts
+var import_axios = __toESM(require("axios"));
+var _client = null;
+function getClient() {
+  if (_client && _client.defaults.baseURL === session.apiUrl) {
+    return _client;
+  }
+  _client = import_axios.default.create({
+    baseURL: session.apiUrl,
+    timeout: 3e4,
+    headers: { "Content-Type": "application/json" }
+  });
+  _client.interceptors.request.use((config) => {
+    if (session.token) {
+      config.headers.Cookie = `token=${session.token}`;
+    }
+    if (session.workspaceId) {
+      config.headers["X-Workspace-Id"] = session.workspaceId;
+    }
+    return config;
+  });
+  _client.interceptors.response.use(
+    (response) => response,
+    (error) => {
+      if (error.response?.status === 401) {
+        clearCredentials();
+      }
+      return Promise.reject(error);
+    }
+  );
+  return _client;
+}
+function resetClient() {
+  _client = null;
+}
+
+// apps/mcp-server/src/api/workspaces.ts
+async function listWorkspaces() {
+  const res = await getClient().get("/workspaces");
+  return res.data;
+}
+async function createWorkspace(name, slug) {
+  const res = await getClient().post("/workspaces", { name, slug });
+  return res.data;
+}
+
+// apps/mcp-server/src/api/auth.ts
+var import_axios2 = __toESM(require("axios"));
+async function emailAuth(apiUrl, email, password) {
+  const res = await import_axios2.default.post(
+    `${apiUrl}/auth/email`,
+    { email, password },
+    {
+      timeout: 3e4,
+      headers: { "Content-Type": "application/json" },
+      validateStatus: () => true
+    }
+  );
+  if (res.status >= 400) {
+    const err = new Error(res.data?.message || "Authentication failed");
+    err.code = res.data?.error;
+    err.status = res.status;
+    throw err;
+  }
+  const token = extractTokenCookie(res.headers["set-cookie"]);
+  if (!token) {
+    throw new Error("Backend did not return an auth cookie. Check API_URL.");
+  }
+  return { data: res.data, token };
+}
+async function logout() {
+  try {
+    await getClient().post("/users/logout");
+  } catch {
+  }
+}
+function extractTokenCookie(setCookie) {
+  if (!setCookie)
+    return null;
+  const cookies = Array.isArray(setCookie) ? setCookie : [setCookie];
+  for (const raw of cookies) {
+    const first = raw.split(";")[0].trim();
+    const eq = first.indexOf("=");
+    if (eq < 0)
+      continue;
+    if (first.slice(0, eq) === "token") {
+      return decodeURIComponent(first.slice(eq + 1));
+    }
+  }
+  return null;
+}
+
+// apps/mcp-server/src/auth/browser-auth.ts
+var http = __toESM(require("http"));
+var crypto2 = __toESM(require("crypto"));
+
+// apps/mcp-server/src/auth/login-page.ts
+var DASHBOARD_URL = "https://dashboard.hostingguru.io";
+var DISCORD_URL = "https://discord.gg/bPkuBrKMaG";
+var TELEGRAM_URL = "https://t.me/hgsupportadmin";
+var WHATSAPP_URL = "https://chat.whatsapp.com/C9ulBmvm2FYJ68hoaVo5rp?mode=gi_t";
+function getLoginPageHtml(callbackPort, nonce) {
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Sign in to HostingGuru</title>
+  <style>
+    :root {
+      --bg: #0a0a0a;
+      --fg: rgba(255,255,255,0.9);
+      --muted: rgba(255,255,255,0.55);
+      --dim: rgba(255,255,255,0.35);
+      --border: rgba(255,255,255,0.08);
+      --border-strong: rgba(255,255,255,0.12);
+      --surface: rgba(255,255,255,0.025);
+      --aurora-cyan: #7dd3fc;
+      --aurora-violet: #c4b5fd;
+      --aurora-pink: #f9a8d4;
+      --aurora-pink-deep: #f472b6;
+      --success: #34d399;
+    }
+    * { margin: 0; padding: 0; box-sizing: border-box; }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Inter', 'Segoe UI', sans-serif;
+      background: #050505;
+      color: var(--fg);
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      min-height: 100vh;
+      padding: 2rem 1rem;
+    }
+    .container { width: 100%; max-width: 420px; }
+    .logo { display: flex; justify-content: center; margin-bottom: 1.5rem; }
+    .logo img { height: 2rem; }
+    .hero { text-align: center; margin-bottom: 1.5rem; }
+    .hero h1 {
+      font-size: 26px;
+      font-weight: 500;
+      line-height: 1.15;
+      letter-spacing: -0.02em;
+      color: #fff;
+    }
+    .hero h1 .aurora {
+      background: linear-gradient(90deg, var(--aurora-cyan), var(--aurora-violet), var(--aurora-pink));
+      -webkit-background-clip: text;
+      background-clip: text;
+      color: transparent;
+    }
+    .hero p { font-size: 14px; color: var(--muted); margin-top: 0.5rem; line-height: 1.55; }
+    .card {
+      border: 1px solid var(--border);
+      background: var(--surface);
+      border-radius: 0.75rem;
+      padding: 1.5rem;
+    }
+    .oauth-note {
+      font-size: 12.5px;
+      color: var(--dim);
+      text-align: center;
+      padding: 0.75rem;
+      border: 1px dashed var(--border);
+      border-radius: 0.5rem;
+      margin-bottom: 0.875rem;
+      line-height: 1.55;
+    }
+    .oauth-note a { color: var(--aurora-cyan); text-decoration: none; }
+    .oauth-note a:hover { color: var(--aurora-violet); }
+    .field { margin-bottom: 0.875rem; }
+    .field-header {
+      display: flex; align-items: center; justify-content: space-between;
+      margin-bottom: 0.375rem;
+    }
+    label { font-size: 12.5px; color: rgba(255,255,255,0.6); }
+    .forgot-link {
+      font-size: 12px;
+      color: var(--dim);
+      text-decoration: none;
+      transition: color 0.15s;
+    }
+    .forgot-link:hover { color: var(--aurora-cyan); }
+    input {
+      display: block;
+      height: 2.75rem;
+      width: 100%;
+      border-radius: 0.5rem;
+      border: 1px solid var(--border-strong);
+      background: rgba(255,255,255,0.04);
+      padding: 0.5rem 0.75rem;
+      font-size: 14px;
+      color: var(--fg);
+      outline: none;
+      transition: border-color 0.15s, box-shadow 0.15s;
+    }
+    input::placeholder { color: rgba(255,255,255,0.25); }
+    input:focus {
+      border-color: rgba(255,255,255,0.2);
+      box-shadow: 0 0 0 1px rgba(255,255,255,0.2);
+    }
+    .hint {
+      font-size: 11.5px;
+      color: var(--dim);
+      margin-top: 0.375rem;
+      line-height: 1.5;
+    }
+    button.submit {
+      display: inline-flex;
+      align-items: center;
+      justify-content: center;
+      gap: 0.4rem;
+      width: 100%;
+      height: 2.75rem;
+      border: none;
+      border-radius: 0.5rem;
+      background: #fff;
+      color: #0a0a0a;
+      font-size: 14.5px;
+      font-weight: 500;
+      cursor: pointer;
+      transition: background 0.15s, opacity 0.15s;
+    }
+    button.submit:hover { background: rgba(255,255,255,0.92); }
+    button.submit:disabled { opacity: 0.5; cursor: not-allowed; }
+    .arrow { display: inline-block; width: 14px; height: 14px; }
+    .error {
+      border: 1px solid rgba(249,168,212,0.24);
+      background: rgba(249,168,212,0.08);
+      color: var(--aurora-pink);
+      border-radius: 0.5rem;
+      padding: 0.75rem;
+      font-size: 13px;
+      margin-bottom: 0.875rem;
+      line-height: 1.45;
+      display: none;
+    }
+    .error a { color: var(--aurora-pink-deep); text-decoration: underline; text-underline-offset: 2px; }
+    .terms {
+      font-size: 12px;
+      color: rgba(255,255,255,0.45);
+      text-align: center;
+      margin-top: 0.75rem;
+      line-height: 1.55;
+    }
+    .terms a { color: rgba(255,255,255,0.7); text-decoration: underline; text-underline-offset: 2px; }
+    .terms a:hover { color: #fff; }
+    .trust {
+      display: flex; flex-wrap: wrap; justify-content: center;
+      gap: 0.5rem 1rem;
+      font-size: 12px; color: var(--dim);
+      margin-top: 1.25rem;
+    }
+    .trust span { display: inline-flex; align-items: center; gap: 0.4rem; }
+    .dot {
+      width: 6px; height: 6px; border-radius: 999px;
+      background: var(--success); box-shadow: 0 0 0 2px rgba(52,211,153,0.2);
+    }
+    .footer {
+      text-align: center;
+      font-size: 12.5px;
+      color: rgba(255,255,255,0.45);
+      margin-top: 1.25rem;
+      padding: 0.875rem 1rem;
+      border: 1px dashed var(--border);
+      border-radius: 0.5rem;
+      line-height: 1.55;
+    }
+    .footer a {
+      color: var(--aurora-cyan);
+      font-weight: 500;
+      text-decoration: none;
+      transition: color 0.15s;
+    }
+    .footer a:hover { color: var(--aurora-violet); }
+    .success-wrap { text-align: center; padding: 2rem 1rem; }
+    .success-wrap h2 {
+      font-size: 18px; font-weight: 500; color: #fff;
+      margin-bottom: 0.5rem;
+    }
+    .success-wrap p { font-size: 14px; color: var(--muted); line-height: 1.55; }
+    .success-icon {
+      width: 48px; height: 48px;
+      border-radius: 999px;
+      background: rgba(52,211,153,0.12);
+      color: var(--success);
+      display: inline-flex; align-items: center; justify-content: center;
+      margin-bottom: 1rem;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div id="login-view">
+      <div class="logo">
+        <svg width="160" height="32" viewBox="0 0 160 32" fill="none" xmlns="http://www.w3.org/2000/svg" aria-label="HostingGuru">
+          <text x="0" y="22" font-family="-apple-system, 'Inter', sans-serif" font-size="19" font-weight="600" fill="white">HostingGuru</text>
+        </svg>
+      </div>
+
+      <div class="hero">
+        <h1>Ship your first app<br>in <span class="aurora">two minutes</span>.</h1>
+        <p>Sign in or create your account \xB7 Free forever, no card.</p>
+      </div>
+
+      <form class="card" onsubmit="event.preventDefault(); handleLogin();">
+        <div class="oauth-note">
+          Using Google or GitHub?
+          Sign in at <a href="${DASHBOARD_URL}/auth" target="_blank" rel="noopener">dashboard.hostingguru.io</a>,
+          copy a session token, and run <code>auth_token</code> in your AI tool.
+        </div>
+
+        <div id="error" class="error"></div>
+
+        <div class="field">
+          <div class="field-header">
+            <label for="email">Email</label>
+          </div>
+          <input id="email" type="email" placeholder="you@yourstartup.com" autocomplete="email" autofocus required />
+        </div>
+
+        <div class="field">
+          <div class="field-header">
+            <label for="password">Password</label>
+            <a class="forgot-link" href="${DASHBOARD_URL}/forgot-password" target="_blank" rel="noopener">Forgot password?</a>
+          </div>
+          <input id="password" type="password" placeholder="At least 8 characters" autocomplete="current-password" minlength="8" required />
+          <p class="hint">If your email is new, we'll create your account. Otherwise we'll sign you in.</p>
+        </div>
+
+        <button id="submit" type="submit" class="submit">
+          <span id="submit-label">Continue</span>
+          <svg class="arrow" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><line x1="5" y1="12" x2="19" y2="12"></line><polyline points="12 5 19 12 12 19"></polyline></svg>
+        </button>
+
+        <p class="terms">
+          By continuing, you agree to our
+          <a href="https://hostingguru.io/terms" target="_blank" rel="noopener">Terms</a>
+          and
+          <a href="https://hostingguru.io/privacy" target="_blank" rel="noopener">Privacy Policy</a>.
+        </p>
+      </form>
+
+      <div class="trust">
+        <span><span class="dot"></span>Free forever</span>
+        <span><span class="dot"></span>No card required</span>
+        <span><span class="dot"></span>EU &amp; US regions</span>
+      </div>
+
+      <p class="footer">
+        Your credentials are sent to the HostingGuru API over HTTPS \u2014 they never pass through your AI tool.<br>
+        Need a hand?
+        <a href="${DISCORD_URL}" target="_blank" rel="noopener">Discord</a> \xB7
+        <a href="${TELEGRAM_URL}" target="_blank" rel="noopener">Telegram</a> \xB7
+        <a href="${WHATSAPP_URL}" target="_blank" rel="noopener">WhatsApp</a>
+      </p>
+    </div>
+
+    <div id="success-view" class="card success-wrap" style="display:none">
+      <div class="success-icon" aria-hidden="true">
+        <svg width="22" height="22" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.4" stroke-linecap="round" stroke-linejoin="round"><polyline points="20 6 9 17 4 12"></polyline></svg>
+      </div>
+      <h2 id="success-title">You're signed in</h2>
+      <p id="success-message">You can close this tab and return to your AI tool.</p>
+    </div>
+  </div>
+
+  <script>
+    const CALLBACK = 'http://localhost:${callbackPort}/submit';
+    const NONCE = '${nonce}';
+
+    async function handleLogin() {
+      const email = document.getElementById('email').value.trim();
+      const password = document.getElementById('password').value;
+      const errorEl = document.getElementById('error');
+      const submitBtn = document.getElementById('submit');
+      const submitLabel = document.getElementById('submit-label');
+      errorEl.style.display = 'none';
+
+      if (!email || !password) {
+        showError('Email and password are required.');
+        return;
+      }
+
+      submitBtn.disabled = true;
+      submitLabel.textContent = 'Signing in\u2026';
+
+      try {
+        const res = await fetch(CALLBACK, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ email, password, nonce: NONCE }),
+        });
+        const data = await res.json();
+
+        if (!res.ok) {
+          showError(data.message || 'Sign-in failed.', data.error);
+          submitBtn.disabled = false;
+          submitLabel.textContent = 'Continue';
+          return;
+        }
+
+        document.getElementById('login-view').style.display = 'none';
+        document.getElementById('success-view').style.display = 'block';
+        if (data.new) {
+          document.getElementById('success-title').textContent = 'Account created';
+          document.getElementById('success-message').textContent =
+            'Check your inbox to verify your email, then return to your AI tool.';
+        }
+      } catch (err) {
+        showError('Could not reach the local sign-in helper. Is the AI tool still running?');
+        submitBtn.disabled = false;
+        submitLabel.textContent = 'Continue';
+      }
+    }
+
+    function showError(message, code) {
+      const errorEl = document.getElementById('error');
+      if (code === 'INVALID_CREDENTIALS') {
+        errorEl.innerHTML = message + ' <a href="${DASHBOARD_URL}/forgot-password" target="_blank" rel="noopener">Reset it</a> or try again.';
+      } else {
+        errorEl.textContent = message;
+      }
+      errorEl.style.display = 'block';
+    }
+  </script>
+</body>
+</html>`;
+}
+
+// apps/mcp-server/src/auth/browser-auth.ts
+function createBrowserAuthSession(apiUrl) {
+  return new Promise((resolveSession, rejectSession) => {
+    let resolveToken;
+    let rejectToken;
+    const tokenPromise = new Promise((res, rej) => {
+      resolveToken = res;
+      rejectToken = rej;
+    });
+    let port = 0;
+    const nonce = crypto2.randomBytes(32).toString("base64url");
+    const server = http.createServer((req, res) => {
+      if (req.method === "GET" && req.url === "/login") {
+        const html = getLoginPageHtml(port, nonce);
+        res.writeHead(200, { "Content-Type": "text/html" });
+        res.end(html);
+        return;
+      }
+      if (req.method === "POST" && req.url === "/submit") {
+        let body = "";
+        req.on("data", (chunk) => {
+          body += chunk;
+        });
+        req.on("end", async () => {
+          try {
+            const parsed = JSON.parse(body);
+            const submittedNonce = typeof parsed.nonce === "string" ? parsed.nonce : "";
+            if (!safeEqual(submittedNonce, nonce)) {
+              res.writeHead(403, { "Content-Type": "application/json" });
+              res.end(JSON.stringify({ error: "INVALID_NONCE", message: "Open the login URL printed by the AI tool \u2014 that page is the only one allowed to submit credentials." }));
+              return;
+            }
+            const { email, password } = parsed;
+            if (!email || !password) {
+              res.writeHead(400, { "Content-Type": "application/json" });
+              res.end(JSON.stringify({ error: "MISSING_FIELDS", message: "Email and password are required." }));
+              return;
+            }
+            const result = await emailAuth(apiUrl, email, password);
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ ok: true, new: result.data.new, email: result.data.user.email }));
+            clearTimeout(timeout);
+            resolveToken({
+              token: result.token,
+              email: result.data.user.email,
+              isNewUser: result.data.new
+            });
+          } catch (err) {
+            const code = err?.code;
+            const status = err?.status || 500;
+            const message = code === "INVALID_CREDENTIALS" ? "That password doesn't match the account for this email." : code === "PASSWORD_TOO_SHORT" ? "Password must be at least 8 characters long." : code === "DISPOSABLE_EMAIL" ? "Please use a permanent email address. Disposable email providers are not allowed." : err?.message || "Something went wrong. Please try again.";
+            res.writeHead(status >= 400 && status < 500 ? status : 400, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: code || "AUTH_FAILED", message }));
+          }
+        });
+        return;
+      }
+      res.writeHead(404);
+      res.end("Not found");
+    });
+    const timeout = setTimeout(() => {
+      server.close();
+      rejectToken(new Error("Login timed out after 5 minutes."));
+    }, 5 * 60 * 1e3);
+    server.listen(0, "127.0.0.1", () => {
+      const addr = server.address();
+      if (typeof addr === "object" && addr) {
+        port = addr.port;
+      }
+      resolveSession({
+        url: `http://localhost:${port}/login`,
+        port,
+        waitForToken: () => tokenPromise,
+        close: () => {
+          clearTimeout(timeout);
+          server.close();
+        }
+      });
+    });
+    server.on("error", (err) => {
+      rejectSession(err);
+    });
+  });
+}
+function safeEqual(a, b) {
+  const ab = Buffer.from(a);
+  const bb = Buffer.from(b);
+  if (ab.length !== bb.length)
+    return false;
+  return crypto2.timingSafeEqual(ab, bb);
+}
+
+// apps/mcp-server/src/utils/error-formatter.ts
+var import_axios3 = require("axios");
+function formatError(error) {
+  if (error instanceof import_axios3.AxiosError) {
+    const status = error.response?.status;
+    const data = error.response?.data;
+    const message = data?.message || data?.error || error.message;
+    switch (status) {
+      case 401:
+        return "Session expired. Please run auth_login again.";
+      case 403:
+        if (typeof message === "string" && message.toLowerCase().includes("limit")) {
+          return message;
+        }
+        return `Permission denied. ${message || "Check your role and workspace access."}`;
+      case 404:
+        return "Not found. Check the ID and try again.";
+      case 409:
+        return `Conflict: ${message}`;
+      case 422:
+        if (data?.errors && Array.isArray(data.errors)) {
+          return `Validation failed: ${data.errors.map((e) => e.message || e).join(", ")}`;
+        }
+        return `Validation failed: ${message}`;
+      default:
+        if (status && status >= 500) {
+          return "Server error. Try again in a moment.";
+        }
+        if (error.code === "ECONNREFUSED" || error.code === "ENOTFOUND") {
+          return `Cannot reach the API. Check your connection and API URL.`;
+        }
+        return message || "An unexpected error occurred.";
+    }
+  }
+  if (error instanceof Error) {
+    return error.message;
+  }
+  return "An unexpected error occurred.";
+}
+function toolResponse(text) {
+  return { content: [{ type: "text", text }] };
+}
+function toolJson(data, prefix) {
+  const text = prefix ? `${prefix}
+
+${JSON.stringify(data, null, 2)}` : JSON.stringify(data, null, 2);
+  return { content: [{ type: "text", text }] };
+}
+
+// apps/mcp-server/src/tools/auth.ts
+var DASHBOARD_URL2 = "https://dashboard.hostingguru.io";
+var activeAuthSession = null;
+async function autoSelectWorkspace() {
+  try {
+    const workspaces = await listWorkspaces();
+    if (Array.isArray(workspaces) && workspaces.length === 1) {
+      session.setWorkspace(workspaces[0].id);
+    }
+  } catch {
+  }
+}
+function registerAuthTools(server) {
+  server.tool(
+    "auth_login",
+    "Sign in to HostingGuru. Opens a browser window for secure login \u2014 credentials never pass through the AI tool. New emails create a fresh account automatically (matches dashboard.hostingguru.io).",
+    {},
+    async () => {
+      try {
+        if (activeAuthSession) {
+          activeAuthSession.close();
+          activeAuthSession = null;
+        }
+        const authSession = await createBrowserAuthSession(session.apiUrl);
+        activeAuthSession = authSession;
+        authSession.waitForToken().then(async ({ token }) => {
+          session.setAuth(token);
+          resetClient();
+          await autoSelectWorkspace();
+          saveCredentials();
+          activeAuthSession = null;
+        }).catch(() => {
+          activeAuthSession = null;
+        });
+        return toolResponse(
+          `Open this URL in your browser to sign in:
+
+${authSession.url}
+
+Already on the dashboard? Run auth_status to confirm once you have signed in here.
+Using Google or GitHub OAuth? Use auth_token with a session token copied from the dashboard.`
+        );
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "auth_token",
+    `Authenticate with an existing session token. Use this if you signed in to ${DASHBOARD_URL2} via Google or GitHub \u2014 copy the value of the \`token\` cookie from your browser's devtools and paste it here.`,
+    { token: import_zod.z.string().min(1) },
+    async ({ token }) => {
+      try {
+        session.setAuth(token);
+        resetClient();
+        await autoSelectWorkspace();
+        saveCredentials();
+        const wsInfo = session.workspaceId ? `Workspace auto-selected: ${session.workspaceId}` : "No workspace selected yet. Use list_workspaces and select_workspace.";
+        return toolResponse(`Authenticated successfully.
+${wsInfo}`);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "auth_status",
+    "Check current authentication state and selected workspace.",
+    {},
+    async () => {
+      if (!session.isAuthenticated()) {
+        return toolResponse("Not authenticated. Use auth_login to sign in via browser.");
+      }
+      return toolJson({
+        authenticated: true,
+        apiUrl: session.apiUrl,
+        workspaceId: session.workspaceId || "none \u2014 use select_workspace"
+      }, "Current session:");
+    }
+  );
+  server.tool(
+    "auth_logout",
+    "Sign out: clears the local session and invalidates the cookie on the backend.",
+    {},
+    async () => {
+      try {
+        if (session.isAuthenticated()) {
+          await logout();
+        }
+        clearCredentials();
+        resetClient();
+        return toolResponse("Signed out. Use auth_login to sign in again.");
+      } catch (error) {
+        clearCredentials();
+        resetClient();
+        return toolResponse(`Signed out locally. (${formatError(error)})`);
+      }
+    }
+  );
+  server.tool(
+    "auth_signup",
+    "Create a new HostingGuru account. The unified login flow signs you up automatically when the email is new \u2014 use auth_login instead. This tool just points you at the dashboard for OAuth signup.",
+    {},
+    async () => {
+      return toolResponse(
+        `New email + password? Use auth_login \u2014 accounts are created on the fly when the email is unknown.
+
+Prefer Google or GitHub? Sign up at ${DASHBOARD_URL2}/auth, then copy your session cookie and pass it to auth_token.`
+      );
+    }
+  );
+}
+
+// apps/mcp-server/src/tools/workspaces.ts
+var import_zod2 = require("zod");
+function registerWorkspaceTools(server) {
+  server.tool(
+    "list_workspaces",
+    "List all workspaces you belong to.",
+    {},
+    async () => {
+      try {
+        const data = await listWorkspaces();
+        if (Array.isArray(data) && data.length === 0) {
+          return toolResponse("No workspaces found. Create one with create_workspace.");
+        }
+        return toolJson(data, "Your workspaces:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "create_workspace",
+    "Create a new workspace and auto-select it.",
+    { name: import_zod2.z.string().min(1), slug: import_zod2.z.string().optional() },
+    async ({ name, slug }) => {
+      try {
+        const data = await createWorkspace(name, slug);
+        session.setWorkspace(data.id);
+        saveCredentials();
+        return toolJson(data, `Workspace created and selected.`);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "select_workspace",
+    "Select an active workspace by ID. All subsequent operations use this workspace.",
+    { workspaceId: import_zod2.z.string().uuid() },
+    async ({ workspaceId }) => {
+      try {
+        session.setWorkspace(workspaceId);
+        saveCredentials();
+        return toolResponse(`Workspace selected: ${workspaceId}`);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+}
+
+// apps/mcp-server/src/tools/github.ts
+var import_zod3 = require("zod");
+
+// apps/mcp-server/src/api/github.ts
+async function connectGithub(installationId) {
+  const res = await getClient().post("/github", { installationId });
+  return res.data;
+}
+async function listRepositories() {
+  const res = await getClient().get("/github/repositories");
+  return res.data;
+}
+async function listBranches(repositoryId) {
+  const res = await getClient().get(`/github/repositories/${repositoryId}/branches`);
+  return res.data;
+}
+
+// apps/mcp-server/src/tools/github.ts
+function registerGitHubTools(server) {
+  server.tool(
+    "connect_github",
+    "Connect a GitHub account. If no installationId, returns the GitHub App install URL to open in browser.",
+    { installationId: import_zod3.z.string().optional() },
+    async ({ installationId }) => {
+      try {
+        if (!installationId) {
+          return toolResponse(
+            "To connect GitHub, install the Hostingguru GitHub App:\n\nhttps://github.com/apps/hostingguru/installations/new\n\nAfter installing, the browser will redirect with an installation_id. Run connect_github again with that installationId."
+          );
+        }
+        const data = await connectGithub(installationId);
+        return toolJson(data, "GitHub connected successfully.");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "list_repositories",
+    "List GitHub repositories available for deployment.",
+    {},
+    async () => {
+      try {
+        const data = await listRepositories();
+        if (Array.isArray(data) && data.length === 0) {
+          return toolResponse("No repositories found. Connect GitHub first with connect_github.");
+        }
+        return toolJson(data, "Available repositories:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "list_branches",
+    "List branches for a GitHub repository.",
+    { repositoryId: import_zod3.z.string() },
+    async ({ repositoryId }) => {
+      try {
+        const data = await listBranches(repositoryId);
+        return toolJson(data, "Branches:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+}
+
+// apps/mcp-server/src/tools/deployments.ts
+var import_zod4 = require("zod");
+
+// apps/mcp-server/src/api/deployments.ts
+async function createDeployment(params) {
+  const res = await getClient().post("/deployments", params);
+  return res.data;
+}
+async function listDeployments(projectId) {
+  const params = projectId ? { projectId } : {};
+  const res = await getClient().get("/deployments", { params });
+  return res.data;
+}
+async function getDeployment(id) {
+  const res = await getClient().get(`/deployments/${id}`);
+  return res.data;
+}
+async function getLogs(id) {
+  const res = await getClient().get(`/deployments/${id}/logs`);
+  return res.data;
+}
+async function redeploy(id) {
+  const res = await getClient().post(`/deployments/${id}/redeploy`);
+  return res.data;
+}
+async function stopDeployment(id) {
+  const res = await getClient().post(`/deployments/${id}/stop`);
+  return res.data;
+}
+async function startDeployment(id) {
+  const res = await getClient().post(`/deployments/${id}/start`);
+  return res.data;
+}
+async function setEnvVars(id, variables, isSecret) {
+  const payload = Object.entries(variables).map(([key, value]) => ({
+    key,
+    value,
+    isSecret: isSecret ?? false
+  }));
+  const res = await getClient().post(`/deployments/${id}/env/bulk`, { variables: payload });
+  return res.data;
+}
+async function listEnvVars(id) {
+  const res = await getClient().get(`/deployments/${id}/env`);
+  return res.data;
+}
+async function listBuilds(id) {
+  const res = await getClient().get(`/deployments/${id}/builds`);
+  return res.data;
+}
+async function getBuildLogs(id, buildId) {
+  const res = await getClient().get(`/deployments/${id}/builds/${buildId}/logs`);
+  return res.data;
+}
+async function rollbackDeployment(id, commitSha) {
+  const res = await getClient().post(`/deployments/${id}/rollback`, { commitSha });
+  return res.data;
+}
+async function deleteEnvVar(id, key) {
+  const res = await getClient().delete(`/deployments/${id}/env/${key}`);
+  return res.data;
+}
+
+// apps/mcp-server/src/utils/framework-detector.ts
+function detectFramework(repoName, language) {
+  const name = repoName.toLowerCase();
+  if (name.includes("next")) {
+    return { framework: "nextjs", type: "api", buildCommand: "npm run build", startCommand: "npm start" };
+  }
+  if (name.includes("react") || name.includes("vite")) {
+    return { framework: "react", type: "static_site", buildCommand: "npm run build" };
+  }
+  if (name.includes("vue") || name.includes("nuxt")) {
+    return { framework: "node", type: "api", buildCommand: "npm run build", startCommand: "npm start" };
+  }
+  const lang = (language || "").toLowerCase();
+  if (lang === "python" && name.includes("django")) {
+    return { framework: "django", type: "api", buildCommand: "pip install -r requirements.txt", startCommand: "python manage.py runserver 0.0.0.0:8000" };
+  }
+  if (lang === "python" && name.includes("flask")) {
+    return { framework: "python", type: "api", buildCommand: "pip install -r requirements.txt", startCommand: "python app.py" };
+  }
+  if (lang === "python") {
+    return { framework: "python", type: "api", buildCommand: "pip install -r requirements.txt", startCommand: "python main.py" };
+  }
+  if (lang === "go") {
+    return { framework: "go", type: "api", buildCommand: "go build -o app", startCommand: "./app" };
+  }
+  if (lang === "javascript" || lang === "typescript") {
+    return { framework: "node", type: "api", buildCommand: "npm install", startCommand: "npm start" };
+  }
+  return { framework: "static", type: "static_site" };
+}
+
+// apps/mcp-server/src/tools/deployments.ts
+var VALID_FRAMEWORKS = ["node", "nextjs", "react", "python", "django", "go", "static"];
+var VALID_TYPES = ["api", "static_site", "worker", "script"];
+function registerDeploymentTools(server) {
+  server.tool(
+    "deploy",
+    "Deploy a repository. Fuzzy-matches repo name, auto-detects framework, applies smart defaults. The flagship deployment tool.",
+    {
+      repository: import_zod4.z.string().describe("Repository name or partial match"),
+      branch: import_zod4.z.string().optional().describe("Branch to deploy (default: main/master)"),
+      name: import_zod4.z.string().optional().describe("Deployment name"),
+      type: import_zod4.z.enum(VALID_TYPES).optional().describe("Deployment type"),
+      framework: import_zod4.z.enum(VALID_FRAMEWORKS).optional().describe("Framework"),
+      buildCommand: import_zod4.z.string().optional(),
+      startCommand: import_zod4.z.string().optional(),
+      rootDirectory: import_zod4.z.string().optional(),
+      publishDirectory: import_zod4.z.string().optional(),
+      autoDeploy: import_zod4.z.boolean().optional().describe("Auto-deploy on push (default: true)"),
+      envVars: import_zod4.z.record(import_zod4.z.string(), import_zod4.z.string()).optional().describe("Environment variables to set")
+    },
+    async (params) => {
+      try {
+        const repos = await listRepositories();
+        if (!Array.isArray(repos) || repos.length === 0) {
+          return toolResponse("No repositories found. Connect GitHub first with connect_github.");
+        }
+        const query = params.repository.toLowerCase();
+        let matched = repos.find((r) => r.fullName?.toLowerCase() === query || r.name?.toLowerCase() === query);
+        if (!matched) {
+          matched = repos.find(
+            (r) => r.fullName?.toLowerCase().includes(query) || r.name?.toLowerCase().includes(query)
+          );
+        }
+        if (!matched) {
+          const repoNames = repos.map((r) => r.fullName || r.name).join("\n  ");
+          return toolResponse(`Repository "${params.repository}" not found. Available:
+  ${repoNames}`);
+        }
+        const defaults = detectFramework(matched.name || "", matched.language);
+        const deployParams = {
+          repositoryId: matched.id,
+          repositoryFullName: matched.fullName || matched.name,
+          branch: params.branch || matched.defaultBranch || "main",
+          name: params.name || matched.name,
+          type: params.type || defaults.type,
+          framework: params.framework || defaults.framework,
+          buildCommand: params.buildCommand || defaults.buildCommand,
+          startCommand: params.startCommand || defaults.startCommand,
+          rootDirectory: params.rootDirectory,
+          publishDirectory: params.publishDirectory,
+          autoDeploy: params.autoDeploy ?? true
+        };
+        const deployment = await createDeployment(deployParams);
+        if (params.envVars && Object.keys(params.envVars).length > 0) {
+          try {
+            await setEnvVars(deployment.id, params.envVars);
+          } catch {
+          }
+        }
+        return toolJson(
+          deployment,
+          `Deployment created! Status: ${deployment.status || "pending"}
+Framework: ${deployParams.framework} | Type: ${deployParams.type}
+Use get_deployment with id "${deployment.id}" to check progress.`
+        );
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "list_deployments",
+    "List all deployments, optionally filtered by project.",
+    { projectId: import_zod4.z.string().optional() },
+    async ({ projectId }) => {
+      try {
+        const data = await listDeployments(projectId);
+        if (Array.isArray(data) && data.length === 0) {
+          return toolResponse("No deployments found. Use deploy to create one.");
+        }
+        return toolJson(data, "Deployments:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "get_deployment",
+    "Get deployment details including status and live URL.",
+    { deploymentId: import_zod4.z.string() },
+    async ({ deploymentId }) => {
+      try {
+        const data = await getDeployment(deploymentId);
+        return toolJson(data);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "get_logs",
+    "Get application logs for a deployment.",
+    { deploymentId: import_zod4.z.string() },
+    async ({ deploymentId }) => {
+      try {
+        const data = await getLogs(deploymentId);
+        if (typeof data === "string") {
+          return toolResponse(data || "No logs available yet.");
+        }
+        return toolJson(data);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "list_builds",
+    "List builds for a deployment.",
+    { deploymentId: import_zod4.z.string() },
+    async ({ deploymentId }) => {
+      try {
+        const data = await listBuilds(deploymentId);
+        if (Array.isArray(data) && data.length === 0) {
+          return toolResponse("No builds found yet.");
+        }
+        return toolJson(data, "Builds:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "get_build_logs",
+    "Get build/deploy logs for a specific build.",
+    { deploymentId: import_zod4.z.string(), buildId: import_zod4.z.string() },
+    async ({ deploymentId, buildId }) => {
+      try {
+        const data = await getBuildLogs(deploymentId, buildId);
+        if (typeof data === "string") {
+          return toolResponse(data || "No build logs available yet.");
+        }
+        return toolJson(data);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "redeploy",
+    "Trigger a redeployment.",
+    { deploymentId: import_zod4.z.string() },
+    async ({ deploymentId }) => {
+      try {
+        const data = await redeploy(deploymentId);
+        return toolResponse(`Redeployment triggered. Use get_deployment to track progress.`);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "rollback_deployment",
+    "Rollback a deployment to a previous successful build commit. Use list_builds to find available commits.",
+    {
+      deploymentId: import_zod4.z.string(),
+      commitSha: import_zod4.z.string().describe("The commit SHA to rollback to (from list_builds)")
+    },
+    async ({ deploymentId, commitSha }) => {
+      try {
+        const data = await rollbackDeployment(deploymentId, commitSha);
+        return toolResponse(`Rollback to ${commitSha.slice(0, 7)} triggered. Use get_deployment to track progress.`);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "stop_deployment",
+    "Stop a running deployment.",
+    { deploymentId: import_zod4.z.string() },
+    async ({ deploymentId }) => {
+      try {
+        await stopDeployment(deploymentId);
+        return toolResponse("Deployment stopped.");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "start_deployment",
+    "Start a stopped deployment.",
+    { deploymentId: import_zod4.z.string() },
+    async ({ deploymentId }) => {
+      try {
+        await startDeployment(deploymentId);
+        return toolResponse("Deployment started. Use get_deployment to track progress.");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+}
+
+// apps/mcp-server/src/tools/env.ts
+var import_zod5 = require("zod");
+function registerEnvTools(server) {
+  server.tool(
+    "set_env_vars",
+    "Set environment variables on a deployment. Replaces all existing vars.",
+    {
+      deploymentId: import_zod5.z.string(),
+      variables: import_zod5.z.record(import_zod5.z.string(), import_zod5.z.string()).describe("Key-value pairs of environment variables"),
+      isSecret: import_zod5.z.boolean().optional().describe("Mark variables as secret (default: false)")
+    },
+    async ({ deploymentId, variables, isSecret }) => {
+      try {
+        await setEnvVars(deploymentId, variables, isSecret);
+        const count = Object.keys(variables).length;
+        return toolResponse(`${count} environment variable${count !== 1 ? "s" : ""} set.`);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "list_env_vars",
+    "List environment variables for a deployment (values may be masked).",
+    { deploymentId: import_zod5.z.string() },
+    async ({ deploymentId }) => {
+      try {
+        const data = await listEnvVars(deploymentId);
+        if (Array.isArray(data) && data.length === 0) {
+          return toolResponse("No environment variables set.");
+        }
+        return toolJson(data, "Environment variables:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "delete_env_var",
+    "Delete an environment variable by key.",
+    { deploymentId: import_zod5.z.string(), key: import_zod5.z.string() },
+    async ({ deploymentId, key }) => {
+      try {
+        await deleteEnvVar(deploymentId, key);
+        return toolResponse(`Environment variable "${key}" deleted.`);
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+}
+
+// apps/mcp-server/src/api/billing.ts
+async function getSubscription() {
+  const res = await getClient().get("/billing/subscription");
+  return res.data;
+}
+async function getUsage() {
+  const res = await getClient().get("/billing/usage");
+  return res.data;
+}
+
+// apps/mcp-server/src/tools/billing.ts
+function registerBillingTools(server) {
+  server.tool(
+    "get_subscription",
+    "Get current subscription plan, status, and usage limits.",
+    {},
+    async () => {
+      try {
+        const [subscription, usage] = await Promise.all([
+          getSubscription(),
+          getUsage()
+        ]);
+        return toolJson({ subscription, usage }, "Billing overview:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+}
+
+// apps/mcp-server/src/tools/domains.ts
+var import_zod6 = require("zod");
+
+// apps/mcp-server/src/api/domains.ts
+async function attachDomain(deploymentId, domain) {
+  const res = await getClient().post(`/deployments/${deploymentId}/domains`, { domain });
+  return res.data;
+}
+async function verifyDomain(deploymentId, domainId) {
+  const res = await getClient().post(`/deployments/${deploymentId}/domains/${domainId}/verify`);
+  return res.data;
+}
+
+// apps/mcp-server/src/tools/domains.ts
+function registerDomainTools(server) {
+  server.tool(
+    "attach_domain",
+    "Attach a custom domain to a deployment. Returns DNS instructions.",
+    { deploymentId: import_zod6.z.string(), domain: import_zod6.z.string() },
+    async ({ deploymentId, domain }) => {
+      try {
+        const data = await attachDomain(deploymentId, domain);
+        return toolJson(
+          data,
+          `Domain "${domain}" attached.
+
+Next step: Add a CNAME record pointing to the provided target, then run verify_domain.`
+        );
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "verify_domain",
+    "Verify DNS configuration for an attached domain.",
+    { deploymentId: import_zod6.z.string(), domainId: import_zod6.z.string() },
+    async ({ deploymentId, domainId }) => {
+      try {
+        const data = await verifyDomain(deploymentId, domainId);
+        return toolJson(data, "Domain verification result:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+}
+
+// apps/mcp-server/src/tools/projects.ts
+var import_zod7 = require("zod");
+
+// apps/mcp-server/src/api/projects.ts
+async function createProject(name) {
+  const res = await getClient().post("/projects", { name });
+  return res.data;
+}
+async function listProjects() {
+  const res = await getClient().get("/projects");
+  return res.data;
+}
+
+// apps/mcp-server/src/tools/projects.ts
+function registerProjectTools(server) {
+  server.tool(
+    "create_project",
+    "Create a project to group deployments.",
+    { name: import_zod7.z.string().min(1) },
+    async ({ name }) => {
+      try {
+        const data = await createProject(name);
+        return toolJson(data, "Project created.");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+  server.tool(
+    "list_projects",
+    "List all projects in the workspace.",
+    {},
+    async () => {
+      try {
+        const data = await listProjects();
+        if (Array.isArray(data) && data.length === 0) {
+          return toolResponse("No projects found. Use create_project to create one.");
+        }
+        return toolJson(data, "Projects:");
+      } catch (error) {
+        return toolResponse(formatError(error));
+      }
+    }
+  );
+}
+
+// apps/mcp-server/src/main.ts
+async function main() {
+  loadCredentials();
+  const server = new import_mcp.McpServer({
+    name: "hostingguru",
+    version: CONFIG.version
+  });
+  registerAuthTools(server);
+  registerWorkspaceTools(server);
+  registerGitHubTools(server);
+  registerDeploymentTools(server);
+  registerEnvTools(server);
+  registerBillingTools(server);
+  registerDomainTools(server);
+  registerProjectTools(server);
+  const transport = new import_stdio.StdioServerTransport();
+  await server.connect(transport);
+}
+main().catch((error) => {
+  console.error("Fatal error:", error);
+  process.exit(1);
+});