@insforge/mcp 1.2.6 → 1.2.7

package/dist/{chunk-3S2HFIGS.js → chunk-Z3FXBI3Z.js}

@@ -1,29 +1,37 @@
 #!/usr/bin/env node
 
-// src/shared/tools.ts
-import { z as z23 } from "zod";
-import fetch2 from "node-fetch";
-import { promises as fs } from "fs";
-import { exec } from "child_process";
-import { promisify } from "util";
-import { tmpdir } from "os";
-import archiver from "archiver";
+// src/shared/tools/index.ts
+import fetch7 from "node-fetch";
 
 // src/shared/response-handler.ts
+function isErrorResponse(value) {
+  if (typeof value !== "object" || value === null) return false;
+  const v = value;
+  const hasMessage = typeof v.message === "string";
+  const hasError = typeof v.error === "string";
+  const hasStatusCode = typeof v.statusCode === "number";
+  const hasNextAction = !("nextAction" in v) || typeof v.nextAction === "string";
+  return (hasMessage || hasError || hasStatusCode) && hasNextAction;
+}
 async function handleApiResponse(response) {
   const responseData = await response.json();
   if (!response.ok) {
-    const errorData = responseData;
-    let fullMessage = errorData.message || errorData.error || "Unknown error";
-    if (errorData.nextAction) {
-      fullMessage += `. ${errorData.nextAction}`;
+    if (isErrorResponse(responseData)) {
+      let fullMessage = responseData.message ?? responseData.error ?? "Unknown error";
+      if (typeof responseData.nextAction === "string" && responseData.nextAction.length > 0) {
+        fullMessage += `. ${responseData.nextAction}`;
+      }
+      throw new Error(fullMessage);
     }
-    throw new Error(fullMessage);
+    throw new Error("Unknown error");
   }
   return responseData;
 }
+function hasMessageProperty(value) {
+  return typeof value === "object" && value !== null && "message" in value && typeof value.message === "string";
+}
 function formatSuccessMessage(operation, data) {
-  if (data && typeof data === "object" && "message" in data) {
+  if (hasMessageProperty(data)) {
     return `${data.message}
 ${JSON.stringify(data, null, 2)}`;
   }
@@ -64,6 +72,10 @@ var UsageTracker = class {
   }
 };
 
+// src/shared/tools/docs.ts
+import { z as z25 } from "zod";
+import fetch2 from "node-fetch";
+
 // node_modules/@insforge/shared-schemas/dist/database.schema.js
 import { z } from "zod";
 var ColumnType;
@@ -382,6 +394,12 @@ var storageBucketSchema = z5.object({
   public: z5.boolean(),
   createdAt: z5.string()
 });
+var storageConfigSchema = z5.object({
+  id: z5.string().uuid(),
+  maxFileSizeMb: z5.number().int().positive(),
+  createdAt: z5.string(),
+  updatedAt: z5.string()
+});
 
 // node_modules/@insforge/shared-schemas/dist/storage-api.schema.js
 import { z as z6 } from "zod";
@@ -428,6 +446,9 @@ var confirmUploadRequestSchema = z6.object({
   contentType: z6.string().optional(),
   etag: z6.string().optional()
 });
+var updateStorageConfigRequestSchema = z6.object({
+  maxFileSizeMb: z6.number().int().min(1, "Must be at least 1 MB").max(200, "Must be at most 200 MB")
+});
 
 // node_modules/@insforge/shared-schemas/dist/auth.schema.js
 import { z as z7 } from "zod";
@@ -485,6 +506,7 @@ var oAuthConfigSchema = z7.object({
   updatedAt: z7.string()
   // PostgreSQL timestamp
 });
+var allowedRedirectUrlsRegex = /^(?:(?:https?:\/\/)(?:(?:\*\.)?[^\s/:?#]+|\[[0-9A-Fa-f:.]+\])(?::\d+)?(?:\/[^\s]*)?|(?!(?:https?|javascript|data|file|vbscript):)[a-zA-Z][a-zA-Z0-9+.-]*:(?:\/\/[^\s/]+(?:\/[^\s]*)?|\/[^\s]*))$/i;
 var authConfigSchema = z7.object({
   id: z7.string().uuid(),
   requireEmailVerification: z7.boolean(),
@@ -495,7 +517,7 @@ var authConfigSchema = z7.object({
   requireSpecialChar: z7.boolean(),
   verifyEmailMethod: verificationMethodSchema,
   resetPasswordMethod: verificationMethodSchema,
-  signInRedirectTo: z7.union([z7.string().url(), z7.literal(""), z7.null()]).optional().transform((val) => val === "" ? null : val),
+  allowedRedirectUrls: z7.array(z7.string().regex(allowedRedirectUrlsRegex, { message: "Invalid URL or wildcard URL" })).optional().nullable(),
   createdAt: z7.string(),
   // PostgreSQL timestamp
   updatedAt: z7.string()
@@ -511,6 +533,16 @@ var tokenPayloadSchema = z7.object({
   exp: z7.number().optional()
   // Expiration
 });
+var customOAuthKeySchema = z7.string().min(1).max(64).regex(/^[a-z0-9_-]+$/, "Key must contain only lowercase letters, numbers, hyphens, and underscores");
+var customOAuthConfigSchema = z7.object({
+  id: z7.string().uuid(),
+  key: customOAuthKeySchema,
+  name: z7.string().min(1),
+  discoveryEndpoint: z7.string().url(),
+  clientId: z7.string().min(1),
+  createdAt: z7.string(),
+  updatedAt: z7.string()
+});
 
 // node_modules/@insforge/shared-schemas/dist/auth-api.schema.js
 import { z as z8 } from "zod";
@@ -521,12 +553,16 @@ var paginationSchema = z8.object({
 var createUserRequestSchema = z8.object({
   email: emailSchema,
   password: passwordSchema,
-  name: nameSchema.optional()
+  name: nameSchema.optional(),
+  redirectTo: z8.string().url().optional()
 });
 var createSessionRequestSchema = z8.object({
   email: emailSchema,
   password: passwordSchema
 });
+var refreshSessionRequestSchema = z8.object({
+  refreshToken: z8.string().min(1, "refreshToken is required")
+});
 var exchangeAdminSessionRequestSchema = z8.object({
   code: z8.string()
 });
@@ -540,20 +576,20 @@ var updateProfileRequestSchema = z8.object({
   profile: z8.record(z8.unknown())
 });
 var sendVerificationEmailRequestSchema = z8.object({
-  email: emailSchema
+  email: emailSchema,
+  redirectTo: z8.string().url().optional()
 });
 var verifyEmailRequestSchema = z8.object({
-  email: emailSchema.optional(),
-  otp: z8.string().min(1)
-}).refine((data) => data.email || data.otp, {
-  message: "Either email or otp must be provided"
+  email: emailSchema,
+  otp: z8.string().regex(/^\d{6}$/, "OTP code must be a 6-digit numeric code")
 });
 var sendResetPasswordEmailRequestSchema = z8.object({
-  email: emailSchema
+  email: emailSchema,
+  redirectTo: z8.string().url().optional()
 });
 var exchangeResetPasswordTokenRequestSchema = z8.object({
   email: emailSchema,
-  code: z8.string().min(1)
+  code: z8.string().regex(/^\d{6}$/, "Reset password code must be a 6-digit numeric code")
 });
 var resetPasswordRequestSchema = z8.object({
   newPassword: passwordSchema,
@@ -563,25 +599,31 @@ var createUserResponseSchema = z8.object({
   user: userSchema.optional(),
   accessToken: z8.string().nullable(),
   requireEmailVerification: z8.boolean().optional(),
-  redirectTo: z8.string().url().optional(),
-  csrfToken: z8.string().nullable().optional()
+  csrfToken: z8.string().nullable().optional(),
+  refreshToken: z8.string().optional()
+  // For mobile/desktop clients (no cookies)
 });
 var createSessionResponseSchema = z8.object({
   user: userSchema,
   accessToken: z8.string(),
-  redirectTo: z8.string().url().optional(),
-  csrfToken: z8.string().nullable().optional()
+  csrfToken: z8.string().nullable().optional(),
+  refreshToken: z8.string().optional()
+  // For mobile/desktop clients (no cookies)
 });
 var verifyEmailResponseSchema = z8.object({
   user: userSchema,
   accessToken: z8.string(),
-  redirectTo: z8.string().url().optional(),
-  csrfToken: z8.string().nullable().optional()
+  csrfToken: z8.string().nullable().optional(),
+  refreshToken: z8.string().optional()
+  // For mobile/desktop clients (no cookies)
 });
 var refreshSessionResponseSchema = z8.object({
   accessToken: z8.string(),
   user: userSchema,
-  csrfToken: z8.string()
+  csrfToken: z8.string().optional(),
+  // For web clients (cookie-based)
+  refreshToken: z8.string().optional()
+  // For mobile/desktop clients (no cookies)
 });
 var exchangeResetPasswordTokenResponseSchema = z8.object({
   token: z8.string(),
@@ -627,6 +669,18 @@ var updateOAuthConfigRequestSchema = oAuthConfigSchema.omit({
 }).extend({
   clientSecret: z8.string().optional()
 }).partial();
+var pkceRegex = /^[A-Za-z0-9._~-]+$/;
+var oAuthInitRequestSchema = z8.object({
+  // eslint-disable-next-line @typescript-eslint/naming-convention
+  redirect_uri: z8.string().url().optional(),
+  // eslint-disable-next-line @typescript-eslint/naming-convention
+  code_challenge: z8.string().min(43, "Code challenge must be at least 43 characters").max(128, "Code challenge must be at most 128 characters").regex(pkceRegex, "Code challenge must be base64url encoded")
+});
+var oAuthCodeExchangeRequestSchema = z8.object({
+  code: z8.string().min(1, "Exchange code is required"),
+  // eslint-disable-next-line @typescript-eslint/naming-convention
+  code_verifier: z8.string().min(43, "Code verifier must be at least 43 characters").max(128, "Code verifier must be at most 128 characters").regex(pkceRegex, "Code verifier must be base64url encoded")
+});
 var listOAuthConfigsResponseSchema = z8.object({
   data: z8.array(oAuthConfigSchema),
   count: z8.number()
@@ -638,11 +692,12 @@ var updateAuthConfigRequestSchema = authConfigSchema.omit({
 }).partial();
 var getPublicAuthConfigResponseSchema = z8.object({
   oAuthProviders: z8.array(oAuthProvidersSchema),
+  customOAuthProviders: z8.array(customOAuthKeySchema),
   ...authConfigSchema.omit({
     id: true,
     updatedAt: true,
     createdAt: true,
-    signInRedirectTo: true
+    allowedRedirectUrls: true
   }).shape
 });
 var authErrorResponseSchema = z8.object({
@@ -651,6 +706,16 @@ var authErrorResponseSchema = z8.object({
   statusCode: z8.number().int(),
   nextActions: z8.string().optional()
 });
+var createCustomOAuthConfigRequestSchema = customOAuthConfigSchema.omit({ id: true, createdAt: true, updatedAt: true }).extend({
+  clientSecret: z8.string().min(1, "Client secret is required")
+});
+var updateCustomOAuthConfigRequestSchema = customOAuthConfigSchema.omit({ id: true, key: true, createdAt: true, updatedAt: true }).extend({
+  clientSecret: z8.string().min(1).optional()
+}).partial();
+var listCustomOAuthConfigsResponseSchema = z8.object({
+  data: z8.array(customOAuthConfigSchema),
+  count: z8.number()
+});
 
 // node_modules/@insforge/shared-schemas/dist/metadata.schema.js
 import { z as z11 } from "zod";
@@ -680,6 +745,9 @@ var realtimeMessageSchema = z9.object({
   whDeliveredCount: z9.number().int().min(0),
   createdAt: z9.string().datetime()
 });
+var realtimeConfigSchema = z9.object({
+  retentionDays: z9.number().int().positive().nullable()
+});
 var subscribeChannelPayloadSchema = z9.object({
   channel: z9.string().min(1)
   // The resolved channel instance, e.g., "order:123"
@@ -765,7 +833,8 @@ var messageStatsResponseSchema = z10.object({
   topEvents: z10.array(z10.object({
     eventName: z10.string(),
     count: z10.number().int().min(0)
-  }))
+  })),
+  retentionDays: realtimeConfigSchema.shape.retentionDays
 });
 var rlsPolicySchema = z10.object({
   policyName: z10.string(),
@@ -845,6 +914,9 @@ var databasePasswordInfoSchema = z11.object({
 var apiKeyResponseSchema = z11.object({
   apiKey: z11.string()
 });
+var projectIdResponseSchema = z11.object({
+  projectId: z11.string().nullable()
+});
 
 // node_modules/@insforge/shared-schemas/dist/ai.schema.js
 import { z as z12 } from "zod";
@@ -919,13 +991,83 @@ var audioContentSchema = z13.object({
     format: z13.enum(["wav", "mp3", "aiff", "aac", "ogg", "flac", "m4a"])
   })
 });
-var contentSchema = z13.union([textContentSchema, imageContentSchema, audioContentSchema]);
+var fileContentSchema = z13.object({
+  type: z13.literal("file"),
+  file: z13.object({
+    // Filename with extension (e.g., "document.pdf")
+    filename: z13.string(),
+    // File data can be:
+    // - Public URL: "https://example.com/document.pdf"
+    // - Base64 data URL: "data:application/pdf;base64,..."
+    // eslint-disable-next-line @typescript-eslint/naming-convention
+    file_data: z13.string()
+  })
+});
+var contentSchema = z13.union([
+  textContentSchema,
+  imageContentSchema,
+  audioContentSchema,
+  fileContentSchema
+]);
+var toolFunctionSchema = z13.object({
+  name: z13.string(),
+  description: z13.string().optional(),
+  parameters: z13.record(z13.unknown()).optional()
+});
+var toolSchema = z13.object({
+  type: z13.literal("function"),
+  function: toolFunctionSchema
+});
+var toolChoiceSchema = z13.union([
+  z13.enum(["auto", "none", "required"]),
+  z13.object({
+    type: z13.literal("function"),
+    function: z13.object({ name: z13.string() })
+  })
+]);
+var toolCallSchema = z13.object({
+  id: z13.string(),
+  type: z13.literal("function"),
+  function: z13.object({
+    name: z13.string(),
+    arguments: z13.string()
+  })
+});
 var chatMessageSchema = z13.object({
-  role: z13.enum(["user", "assistant", "system"]),
+  role: z13.enum(["user", "assistant", "system", "tool"]),
   // New format: content can be string or array of content parts (OpenAI-compatible)
-  content: z13.union([z13.string(), z13.array(contentSchema)]),
+  content: z13.union([z13.string(), z13.array(contentSchema)]).nullable(),
   // Legacy format: separate images field (deprecated but supported for backward compatibility)
-  images: z13.array(z13.object({ url: z13.string() })).optional()
+  images: z13.array(z13.object({ url: z13.string() })).optional(),
+  // Tool calls made by the assistant
+  // eslint-disable-next-line @typescript-eslint/naming-convention
+  tool_calls: z13.array(toolCallSchema).optional(),
+  // Tool call ID for tool response messages
+  // eslint-disable-next-line @typescript-eslint/naming-convention
+  tool_call_id: z13.string().optional()
+});
+var webSearchPluginSchema = z13.object({
+  enabled: z13.boolean(),
+  // Engine selection:
+  // - "native": Always use provider's built-in web search (OpenAI, Anthropic, Perplexity, xAI)
+  // - "exa": Use Exa's search API
+  // - undefined: Auto-select (native if available, otherwise Exa)
+  engine: z13.enum(["native", "exa"]).optional(),
+  // Maximum number of search results (1-10, default: 5)
+  maxResults: z13.number().min(1).max(10).optional(),
+  // Custom prompt for attaching search results to the message
+  searchPrompt: z13.string().optional()
+});
+var fileParserPluginSchema = z13.object({
+  enabled: z13.boolean(),
+  pdf: z13.object({
+    // PDF processing engine:
+    // - "pdf-text": Best for well-structured PDFs with clear text content (Free)
+    // - "mistral-ocr": Best for scanned documents or PDFs with images ($2 per 1,000 pages)
+    // - "native": Only available for models that support file input natively (charged as input tokens)
+    // If not specified, defaults to native if available, otherwise mistral-ocr
+    engine: z13.enum(["pdf-text", "mistral-ocr", "native"]).optional()
+  }).optional()
 });
 var chatCompletionRequestSchema = z13.object({
   model: z13.string(),
@@ -933,10 +1075,52 @@ var chatCompletionRequestSchema = z13.object({
   temperature: z13.number().min(0).max(2).optional(),
   maxTokens: z13.number().positive().optional(),
   topP: z13.number().min(0).max(1).optional(),
-  stream: z13.boolean().optional()
+  stream: z13.boolean().optional(),
+  // Web Search: Incorporate relevant web search results into the response
+  // Results are returned in the annotations field
+  webSearch: webSearchPluginSchema.optional(),
+  // File Parser: Configure PDF processing for file content in messages
+  // When files are included in messages, this controls how PDFs are parsed
+  fileParser: fileParserPluginSchema.optional(),
+  // Thinking/Reasoning mode: Enable extended reasoning capabilities
+  // Appends ":thinking" to the model ID for chain-of-thought reasoning
+  thinking: z13.boolean().optional(),
+  // Tool calling: Define functions the AI can call
+  tools: z13.array(toolSchema).optional(),
+  // Tool choice: Control whether/which tool is called ('auto', 'none', 'required', or specific function)
+  toolChoice: toolChoiceSchema.optional(),
+  // Parallel tool calls: Allow the model to call multiple tools in parallel
+  parallelToolCalls: z13.boolean().optional()
+});
+var urlCitationAnnotationSchema = z13.object({
+  type: z13.literal("url_citation"),
+  urlCitation: z13.object({
+    url: z13.string(),
+    title: z13.string().optional(),
+    content: z13.string().optional(),
+    // Character indices in the response text where this citation applies
+    startIndex: z13.number().optional(),
+    endIndex: z13.number().optional()
+  })
+});
+var fileAnnotationSchema = z13.object({
+  type: z13.literal("file"),
+  file: z13.object({
+    filename: z13.string(),
+    // Parsed content from the PDF (used for caching)
+    parsedContent: z13.string().optional(),
+    // Additional metadata from the parser
+    metadata: z13.record(z13.unknown()).optional()
+  })
 });
+var annotationSchema = z13.union([urlCitationAnnotationSchema, fileAnnotationSchema]);
 var chatCompletionResponseSchema = z13.object({
   text: z13.string(),
+  // Tool calls from the assistant (present when the model invokes tools)
+  // eslint-disable-next-line @typescript-eslint/naming-convention
+  tool_calls: z13.array(toolCallSchema).optional(),
+  // Annotations from web search or file parsing (can be URL citations or file annotations)
+  annotations: z13.array(annotationSchema).optional(),
   metadata: z13.object({
     model: z13.string(),
     usage: z13.object({
@@ -946,6 +1130,30 @@ var chatCompletionResponseSchema = z13.object({
     }).optional()
   }).optional()
 });
+var embeddingsRequestSchema = z13.object({
+  model: z13.string(),
+  input: z13.union([z13.string(), z13.array(z13.string())]),
+  // eslint-disable-next-line @typescript-eslint/naming-convention
+  encoding_format: z13.enum(["float", "base64"]).optional(),
+  dimensions: z13.number().int().min(0).optional()
+});
+var embeddingObjectSchema = z13.object({
+  object: z13.literal("embedding"),
+  // Embedding can be number[] (float format) or string (base64 format)
+  embedding: z13.union([z13.array(z13.number()), z13.string()]),
+  index: z13.number()
+});
+var embeddingsResponseSchema = z13.object({
+  object: z13.literal("list"),
+  data: z13.array(embeddingObjectSchema),
+  metadata: z13.object({
+    model: z13.string(),
+    usage: z13.object({
+      promptTokens: z13.number().optional(),
+      totalTokens: z13.number().optional()
+    }).optional()
+  }).optional()
+});
 var imageGenerationRequestSchema = z13.object({
   model: z13.string(),
   prompt: z13.string(),
@@ -974,7 +1182,10 @@ var aiModelSchema = z13.object({
   outputModality: z13.array(modalitySchema).min(1),
   provider: z13.string(),
   modelId: z13.string(),
-  priceLevel: z13.number().min(0).max(3).optional()
+  inputPrice: z13.number().min(0).optional(),
+  // Price per million tokens in USD
+  outputPrice: z13.number().min(0).optional()
+  // Price per million tokens in USD
 });
 var createAIConfigurationRequestSchema = aiConfigurationSchema.omit({
   id: true
@@ -997,6 +1208,15 @@ var getAIUsageSummaryRequestSchema = z13.object({
   startDate: z13.string().datetime().optional(),
   endDate: z13.string().datetime().optional()
 });
+var keySourceSchema = z13.enum(["byok", "cloud", "env", "unconfigured"]);
+var gatewayConfigResponseSchema = z13.object({
+  keySource: keySourceSchema,
+  hasByokKey: z13.boolean(),
+  maskedKey: z13.string().optional()
+});
+var setGatewayBYOKKeyRequestSchema = z13.object({
+  apiKey: z13.string().min(1, "API key is required")
+});
 
 // node_modules/@insforge/shared-schemas/dist/logs.schema.js
 import { z as z14 } from "zod";
@@ -1027,6 +1247,16 @@ var logStatsSchema = z14.object({
   count: z14.number(),
   lastActivity: z14.string()
 });
+var buildLogEntrySchema = z14.object({
+  level: z14.string(),
+  message: z14.string()
+});
+var getBuildLogsResponseSchema = z14.object({
+  deploymentId: z14.string(),
+  status: z14.enum(["pending", "success", "failed"]),
+  logs: z14.array(buildLogEntrySchema),
+  createdAt: z14.string()
+});
 
 // node_modules/@insforge/shared-schemas/dist/logs-api.schema.js
 import { z as z15 } from "zod";
@@ -1102,7 +1332,19 @@ var listFunctionsResponseSchema = z17.object({
   functions: z17.array(functionSchema),
   runtime: z17.object({
     status: z17.enum(["running", "unavailable"])
-  })
+  }),
+  deploymentUrl: z17.string().nullable().optional()
+});
+var deploymentResultSchema = z17.object({
+  id: z17.string(),
+  status: z17.enum(["success", "failed"]),
+  url: z17.string().nullable(),
+  buildLogs: z17.array(z17.string()).optional()
+});
+var functionResponseSchema = z17.object({
+  success: z17.boolean(),
+  function: functionSchema,
+  deployment: deploymentResultSchema.nullable().optional()
 });
 
 // node_modules/@insforge/shared-schemas/dist/cloud-events.schema.js
@@ -1142,6 +1384,9 @@ var showContactModalEventSchema = z18.object({
 var showConnectOverlayEventSchema = z18.object({
   type: z18.literal("SHOW_CONNECT_OVERLAY")
 });
+var showPlanModalEventSchema = z18.object({
+  type: z18.literal("SHOW_PLAN_MODAL")
+});
 var authorizationCodeEventSchema = z18.object({
   type: z18.literal("AUTHORIZATION_CODE"),
   code: z18.string()
@@ -1150,6 +1395,51 @@ var routeChangeEventSchema = z18.object({
   type: z18.literal("ROUTE_CHANGE"),
   path: z18.string()
 });
+var requestProjectInfoEventSchema = z18.object({
+  type: z18.literal("REQUEST_PROJECT_INFO")
+});
+var projectInfoEventSchema = z18.object({
+  type: z18.literal("PROJECT_INFO"),
+  name: z18.string(),
+  instanceType: z18.string(),
+  region: z18.string(),
+  latestVersion: z18.string().optional()
+});
+var requestInstanceInfoEventSchema = z18.object({
+  type: z18.literal("REQUEST_INSTANCE_INFO")
+});
+var instanceInfoEventSchema = z18.object({
+  type: z18.literal("INSTANCE_INFO"),
+  currentInstanceType: z18.string(),
+  planName: z18.string(),
+  computeCredits: z18.number(),
+  currentOrgComputeCost: z18.number(),
+  instanceTypes: z18.array(z18.object({
+    id: z18.string(),
+    name: z18.string(),
+    cpu: z18.string(),
+    ram: z18.string(),
+    pricePerHour: z18.number(),
+    pricePerMonth: z18.number()
+  })),
+  projects: z18.array(z18.object({
+    name: z18.string(),
+    instanceType: z18.string(),
+    monthlyCost: z18.number(),
+    isCurrent: z18.boolean(),
+    status: z18.string()
+  }))
+});
+var requestInstanceTypeChangeEventSchema = z18.object({
+  type: z18.literal("REQUEST_INSTANCE_TYPE_CHANGE"),
+  instanceType: z18.string()
+});
+var instanceTypeChangeResultEventSchema = z18.object({
+  type: z18.literal("INSTANCE_TYPE_CHANGE_RESULT"),
+  success: z18.boolean(),
+  instanceType: z18.string().optional(),
+  error: z18.string().optional()
+});
 var cloudEventSchema = z18.discriminatedUnion("type", [
   appRouteChangeEventSchema,
   authSuccessEventSchema,
@@ -1161,8 +1451,15 @@ var cloudEventSchema = z18.discriminatedUnion("type", [
   navigateToUsageSchema,
   showContactModalEventSchema,
   showConnectOverlayEventSchema,
+  showPlanModalEventSchema,
   authorizationCodeEventSchema,
-  routeChangeEventSchema
+  routeChangeEventSchema,
+  requestProjectInfoEventSchema,
+  projectInfoEventSchema,
+  requestInstanceInfoEventSchema,
+  instanceInfoEventSchema,
+  requestInstanceTypeChangeEventSchema,
+  instanceTypeChangeResultEventSchema
 ]);
 
 // node_modules/@insforge/shared-schemas/dist/docs.schema.js
@@ -1198,8 +1495,6 @@ var docTypeSchema = z19.enum([
   "storage-sdk",
   "functions-sdk",
   "ai-integration-sdk",
-  "auth-components-react",
-  "auth-components-nextjs",
   "real-time",
   "deployment"
 ]).describe(`
@@ -1209,8 +1504,6 @@ var docTypeSchema = z19.enum([
       "storage-sdk" (file storage),
       "functions-sdk" (edge functions),
       "auth-sdk" (direct SDK methods for custom auth flows),
-      "auth-components-react" (authentication components for React+Vite applications),
-      "auth-components-nextjs" (authentication components for Next.js applications),
       "ai-integration-sdk" (AI features),
       "real-time" (real-time pub/sub through WebSockets),
       "deployment" (deploy frontend applications via MCP tool)
@@ -1295,110 +1588,182 @@ var listDeploymentsResponseSchema = z22.object({
     total: z22.number()
   })
 });
-
-// src/shared/tools.ts
-import FormData from "form-data";
-var execAsync = promisify(exec);
-var TOOL_VERSION_REQUIREMENTS = {
-  // Schedule tools - require backend v1.1.1+
-  // 'upsert-schedule': { minVersion: '1.1.1' },
-  // 'delete-schedule': { minVersion: '1.1.1' },
-  // 'get-schedules': { minVersion: '1.1.1' },
-  // 'get-schedule-logs': { minVersion: '1.1.1' },
-  "create-deployment": { minVersion: "1.4.7" },
-  "fetch-sdk-docs": { minVersion: "1.5.1" }
-  // Example of a deprecated tool (uncomment when needed):
-  // 'legacy-tool': { minVersion: '1.0.0', maxVersion: '1.5.0' },
-};
-function compareVersions(v1, v2) {
-  const clean1 = v1.replace(/^v/, "").split("-")[0];
-  const clean2 = v2.replace(/^v/, "").split("-")[0];
-  const parts1 = clean1.split(".").map(Number);
-  const parts2 = clean2.split(".").map(Number);
-  for (let i = 0; i < Math.max(parts1.length, parts2.length); i++) {
-    const part1 = parts1[i] || 0;
-    const part2 = parts2[i] || 0;
-    if (part1 > part2) return 1;
-    if (part1 < part2) return -1;
-  }
-  return 0;
-}
-function shouldRegisterTool(toolName, backendVersion) {
-  const requirement = TOOL_VERSION_REQUIREMENTS[toolName];
-  if (!requirement) {
-    return true;
-  }
-  const { minVersion, maxVersion } = requirement;
-  if (minVersion && compareVersions(backendVersion, minVersion) < 0) {
-    return false;
-  }
-  if (maxVersion && compareVersions(backendVersion, maxVersion) > 0) {
-    return false;
-  }
-  return true;
-}
-async function fetchBackendVersion(apiBaseUrl) {
-  const response = await fetch2(`${apiBaseUrl}/api/health`, {
-    method: "GET",
-    headers: {
-      "Content-Type": "application/json"
+var deploymentEnvVarSchema = z22.object({
+  id: z22.string(),
+  // Vercel env var ID (needed for delete/get)
+  key: z22.string(),
+  type: z22.enum(["plain", "encrypted", "secret", "sensitive", "system"]),
+  updatedAt: z22.number().optional()
+  // Unix timestamp (milliseconds)
+});
+var deploymentEnvVarWithValueSchema = z22.object({
+  id: z22.string(),
+  key: z22.string(),
+  value: z22.string(),
+  type: z22.enum(["plain", "encrypted", "secret", "sensitive", "system"]),
+  updatedAt: z22.number().optional()
+});
+var listEnvVarsResponseSchema = z22.object({
+  envVars: z22.array(deploymentEnvVarSchema)
+});
+var getEnvVarResponseSchema = z22.object({
+  envVar: deploymentEnvVarWithValueSchema
+});
+var upsertEnvVarRequestSchema = z22.object({
+  key: z22.string().trim().min(1, "key is required"),
+  value: z22.string()
+});
+var upsertEnvVarsRequestSchema = z22.object({
+  envVars: z22.array(upsertEnvVarRequestSchema).min(1)
+}).superRefine(({ envVars }, ctx) => {
+  const firstSeenByKey = /* @__PURE__ */ new Map();
+  envVars.forEach((envVar, index) => {
+    const existingIndex = firstSeenByKey.get(envVar.key);
+    if (existingIndex !== void 0) {
+      ctx.addIssue({
+        code: z22.ZodIssueCode.custom,
+        message: "duplicate environment variable key",
+        path: ["envVars", index, "key"]
+      });
+      return;
     }
+    firstSeenByKey.set(envVar.key, index);
   });
-  if (!response.ok) {
-    throw new Error(`Health check failed with status ${response.status}`);
-  }
-  const health = await response.json();
-  return health.version;
-}
-async function registerInsforgeTools(server, config = {}) {
-  const GLOBAL_API_KEY = config.apiKey || process.env.API_KEY || "";
-  const API_BASE_URL = config.apiBaseUrl || process.env.API_BASE_URL || "http://localhost:7130";
-  const usageTracker = new UsageTracker(API_BASE_URL, GLOBAL_API_KEY);
-  const backendVersion = await fetchBackendVersion(API_BASE_URL);
-  console.error(`Backend version: ${backendVersion}`);
-  let toolCount = 0;
-  const registerTool = (toolName, ...args) => {
-    if (shouldRegisterTool(toolName, backendVersion)) {
-      server.tool(toolName, ...args);
-      toolCount++;
-      return true;
-    } else {
-      const req = TOOL_VERSION_REQUIREMENTS[toolName];
-      const reason = req?.minVersion && compareVersions(backendVersion, req.minVersion) < 0 ? `requires backend >= ${req.minVersion}` : `deprecated after backend ${req?.maxVersion}`;
-      console.error(`Skipping tool '${toolName}': ${reason} (current: ${backendVersion})`);
-      return false;
-    }
-  };
-  async function trackToolUsage(toolName, success = true) {
-    if (GLOBAL_API_KEY) {
-      await usageTracker.trackUsage(toolName, success);
-    }
-  }
-  function withUsageTracking(toolName, handler) {
-    return async (...args) => {
-      try {
-        const result = await handler(...args);
-        await trackToolUsage(toolName, true);
-        return result;
-      } catch (error) {
-        await trackToolUsage(toolName, false);
-        throw error;
-      }
-    };
-  }
-  const getApiKey = (_toolApiKey) => {
-    if (!GLOBAL_API_KEY) {
-      throw new Error("API key is required. Pass --api_key when starting the MCP server.");
-    }
-    return GLOBAL_API_KEY;
-  };
+});
+var upsertEnvVarResponseSchema = z22.object({
+  success: z22.literal(true),
+  message: z22.string()
+});
+var upsertEnvVarsResponseSchema = z22.object({
+  success: z22.literal(true),
+  message: z22.string(),
+  count: z22.number().int().positive()
+});
+var deleteEnvVarResponseSchema = z22.object({
+  success: z22.literal(true),
+  message: z22.string()
+});
+var updateSlugRequestSchema = z22.object({
+  slug: z22.string().trim().min(3, "slug must be at least 3 characters").max(63, "slug must be at most 63 characters").regex(/^[a-z0-9]([a-z0-9-]*[a-z0-9])?$/, "slug must be lowercase alphanumeric with hyphens, not starting or ending with hyphen").nullable()
+});
+var updateSlugResponseSchema = z22.object({
+  success: z22.boolean(),
+  slug: z22.string().nullable(),
+  domain: z22.string().nullable()
+});
+var deploymentMetadataResponseSchema = z22.object({
+  currentDeploymentId: z22.string().uuid().nullable(),
+  defaultDomainUrl: z22.string().nullable(),
+  customDomainUrl: z22.string().nullable()
+});
+var domainVerificationRecordSchema = z22.object({
+  type: z22.string(),
+  domain: z22.string(),
+  value: z22.string()
+});
+var customDomainSchema = z22.object({
+  domain: z22.string(),
+  apexDomain: z22.string(),
+  verified: z22.boolean(),
+  misconfigured: z22.boolean(),
+  verification: z22.array(domainVerificationRecordSchema),
+  cnameTarget: z22.string().nullable(),
+  aRecordValue: z22.string().nullable()
+});
+var addCustomDomainRequestSchema = z22.object({
+  domain: z22.string().trim().min(1, "Domain is required").regex(/^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z]{2,}$/i, "Invalid domain format (e.g. myapp.com or www.myapp.com)").refine((domain) => !domain.toLowerCase().endsWith(".insforge.site"), {
+    message: "Domains ending with .insforge.site are reserved by InsForge"
+  })
+});
+var listCustomDomainsResponseSchema = z22.object({
+  domains: z22.array(customDomainSchema)
+});
+
+// node_modules/@insforge/shared-schemas/dist/schedules.schema.js
+import { z as z23 } from "zod";
+var scheduleSchema = z23.object({
+  id: z23.string().uuid(),
+  name: z23.string(),
+  cronSchedule: z23.string(),
+  functionUrl: z23.string().url(),
+  httpMethod: z23.enum(["GET", "POST", "PUT", "PATCH", "DELETE"]),
+  // Optional HTTP headers to include when invoking the scheduled function
+  headers: z23.record(z23.string()).nullable(),
+  // Body payload for the scheduled invocation. Can be a JSON object or a raw string.
+  body: z23.union([z23.string(), z23.record(z23.unknown())]).nullable(),
+  // cron_job_id is a BIGINT in postgres, which node-pg returns as a string.
+  cronJobId: z23.string().nullable(),
+  lastExecutedAt: z23.string().datetime().nullable(),
+  // Whether the cron job is currently active (has a scheduled cron job)
+  isActive: z23.boolean().default(true),
+  // Next scheduled run time in ISO format (nullable if cron expression invalid)
+  nextRun: z23.string().datetime().nullable(),
+  createdAt: z23.string().datetime(),
+  updatedAt: z23.string().datetime()
+});
+var scheduleLogSchema = z23.object({
+  id: z23.string().uuid(),
+  scheduleId: z23.string().uuid(),
+  executedAt: z23.string().datetime(),
+  statusCode: z23.number().int(),
+  success: z23.boolean(),
+  durationMs: z23.number().int(),
+  message: z23.string().nullable()
+});
+
+// node_modules/@insforge/shared-schemas/dist/schedules-api.schema.js
+import { z as z24 } from "zod";
+var cronScheduleSchema = z24.string().refine((value) => {
+  const parts = value.split(" ");
+  return parts.length === 5 || parts.length === 6;
+}, { message: 'Invalid cron schedule format. Use 5 or 6 parts (e.g., "* * * * *").' });
+var createScheduleRequestSchema = z24.object({
+  name: z24.string().min(3, "Schedule name must be at least 3 characters long"),
+  cronSchedule: cronScheduleSchema,
+  functionUrl: z24.string().url("The function URL must be a valid URL."),
+  httpMethod: z24.enum(["GET", "POST", "PUT", "PATCH", "DELETE"]),
+  headers: z24.record(z24.string()).optional().describe("Header values can reference secrets using ${{secrets.KEY_NAME}} syntax."),
+  body: z24.record(z24.unknown()).optional().describe("The JSON body to send with the request.")
+});
+var updateScheduleRequestSchema = z24.object({
+  name: z24.string().min(3, "Schedule name must be at least 3 characters long").optional(),
+  cronSchedule: cronScheduleSchema.optional(),
+  functionUrl: z24.string().url("The function URL must be a valid URL.").optional(),
+  httpMethod: z24.enum(["GET", "POST", "PUT", "PATCH", "DELETE"]).optional(),
+  headers: z24.record(z24.string()).optional().describe("Header values can reference secrets using ${{secrets.KEY_NAME}} syntax."),
+  body: z24.record(z24.unknown()).optional().describe("The JSON body to send with the request."),
+  isActive: z24.boolean().optional().describe("Enable or disable the schedule.")
+});
+var listSchedulesResponseSchema = z24.array(scheduleSchema);
+var executionLogResponseSchema = scheduleLogSchema;
+var listExecutionLogsResponseSchema = z24.object({
+  logs: z24.array(executionLogResponseSchema),
+  totalCount: z24.number().int().nonnegative(),
+  limit: z24.number().int().positive(),
+  offset: z24.number().int().nonnegative()
+});
+var createScheduleResponseSchema = z24.object({
+  id: z24.string().uuid(),
+  cronJobId: z24.string(),
+  message: z24.string()
+});
+var updateScheduleResponseSchema = z24.object({
+  id: z24.string().uuid(),
+  cronJobId: z24.string().optional(),
+  message: z24.string()
+});
+var deleteScheduleResponseSchema = z24.object({
+  message: z24.string()
+});
+
+// src/shared/tools/docs.ts
+function registerDocsTools(ctx) {
+  const { API_BASE_URL, registerTool, withUsageTracking, getApiKey, addBackgroundContext } = ctx;
   const fetchDocumentation = async (docType) => {
     try {
       const response = await fetch2(`${API_BASE_URL}/api/docs/${docType}`, {
         method: "GET",
-        headers: {
-          "Content-Type": "application/json"
-        }
+        headers: { "Content-Type": "application/json" }
       });
       if (response.status === 404) {
         throw new Error("Documentation not found. This feature may not be supported in your project version. Please contact the Insforge team for assistance.");
@@ -1414,16 +1779,14 @@ async function registerInsforgeTools(server, config = {}) {
       throw new Error("Invalid response format from documentation endpoint");
     } catch (error) {
       const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
-      throw new Error(`Unable to retrieve ${docType} documentation: ${errMsg}`);
+      throw new Error(`Unable to retrieve ${docType} documentation: ${errMsg}`, { cause: error });
     }
   };
   const fetchSDKDocumentation = async (feature, language) => {
     try {
       const response = await fetch2(`${API_BASE_URL}/api/docs/${feature}/${language}`, {
         method: "GET",
-        headers: {
-          "Content-Type": "application/json"
-        }
+        headers: { "Content-Type": "application/json" }
       });
       if (response.status === 404) {
         throw new Error("Documentation not found. This feature may not be supported in your project version. Please contact the Insforge team for assistance.");
@@ -1439,50 +1802,18 @@ async function registerInsforgeTools(server, config = {}) {
       throw new Error("Invalid response format from documentation endpoint");
     } catch (error) {
       const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
-      throw new Error(`Unable to retrieve ${feature}-${language} documentation: ${errMsg}`);
-    }
-  };
-  const fetchInsforgeInstructionsContext = async () => {
-    try {
-      return await fetchDocumentation("instructions");
-    } catch (error) {
-      console.error("Failed to fetch insforge-instructions.md:", error);
-      return null;
-    }
-  };
-  const addBackgroundContext = async (response) => {
-    const isLegacyVersion = compareVersions(backendVersion, "1.1.7") < 0;
-    if (isLegacyVersion) {
-      const context = await fetchInsforgeInstructionsContext();
-      if (context && response.content && Array.isArray(response.content)) {
-        response.content.push({
-          type: "text",
-          text: `
-
----
-\u{1F527} INSFORGE DEVELOPMENT RULES (Auto-loaded):
-${context}`
-        });
-      }
+      throw new Error(`Unable to retrieve ${feature}-${language} documentation: ${errMsg}`, { cause: error });
     }
-    return response;
   };
   registerTool(
     "fetch-docs",
     'Fetch Insforge documentation. Use "instructions" for essential backend setup (MANDATORY FIRST), or select specific SDK docs for database, auth, storage, functions, or AI integration.',
-    {
-      docType: docTypeSchema
-    },
+    { docType: docTypeSchema },
     withUsageTracking("fetch-docs", async ({ docType }) => {
       try {
         const content = await fetchDocumentation(docType);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: content
-            }
-          ]
+          content: [{ type: "text", text: content }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
@@ -1495,7 +1826,8 @@ ${context}`
           };
         }
         return {
-          content: [{ type: "text", text: `Error fetching ${docType} documentation: ${errMsg}` }]
+          content: [{ type: "text", text: `Error fetching ${docType} documentation: ${errMsg}` }],
+          isError: true
         };
       }
     })
@@ -1506,20 +1838,12 @@ ${context}`
 
 Supported features: ${sdkFeatureSchema.options.join(", ")}
 Supported languages: ${sdkLanguageSchema.options.join(", ")}`,
-    {
-      sdkFeature: sdkFeatureSchema,
-      sdkLanguage: sdkLanguageSchema
-    },
+    { sdkFeature: sdkFeatureSchema, sdkLanguage: sdkLanguageSchema },
     withUsageTracking("fetch-sdk-docs", async ({ sdkFeature, sdkLanguage }) => {
       try {
         const content = await fetchSDKDocumentation(sdkFeature, sdkLanguage);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: content
-            }
-          ]
+          content: [{ type: "text", text: content }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
@@ -1532,7 +1856,8 @@ Supported languages: ${sdkLanguageSchema.options.join(", ")}`,
           };
         }
         return {
-          content: [{ type: "text", text: `Error fetching ${sdkFeature}-${sdkLanguage} documentation: ${errMsg}` }]
+          content: [{ type: "text", text: `Error fetching ${sdkFeature}-${sdkLanguage} documentation: ${errMsg}` }],
+          isError: true
         };
       }
     })
@@ -1541,7 +1866,7 @@ Supported languages: ${sdkLanguageSchema.options.join(", ")}`,
     "get-anon-key",
     "Generate an anonymous JWT token that never expires. Requires admin API key. Use this for client-side applications that need public access.",
     {
-      apiKey: z23.string().optional().describe("API key for authentication (optional if provided via --api_key)")
+      apiKey: z25.string().optional().describe("API key for authentication (optional if provided via --api_key)")
     },
     withUsageTracking("get-anon-key", async ({ apiKey }) => {
       try {
@@ -1555,61 +1880,74 @@ Supported languages: ${sdkLanguageSchema.options.join(", ")}`,
         });
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage("Anonymous token generated", result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage("Anonymous token generated", result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error generating anonymous token: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error generating anonymous token: ${errMsg}` }],
           isError: true
         };
       }
     })
   );
+}
+
+// src/shared/tools/database.ts
+import { z as z26 } from "zod";
+import fetch3 from "node-fetch";
+import { promises as fs } from "fs";
+import { execFile } from "child_process";
+import { promisify } from "util";
+import { tmpdir } from "os";
+import { join, basename } from "path";
+import FormData from "form-data";
+
+// src/shared/tools/utils.ts
+var shellEsc = (s) => `'${s.replace(/'/g, "'\\''")}'`;
+
+// src/shared/tools/database.ts
+var execFileAsync = promisify(execFile);
+function isAnonTokenResponse(obj) {
+  return typeof obj === "object" && obj !== null && "accessToken" in obj && typeof obj.accessToken === "string" && obj.accessToken.length > 0;
+}
+function isBulkUpsertApiResult(obj) {
+  if (typeof obj !== "object" || obj === null || !("success" in obj) || !("rowsAffected" in obj) || !("totalRecords" in obj) || !("table" in obj)) {
+    return false;
+  }
+  const value = obj;
+  if (typeof value.success !== "boolean" || typeof value.rowsAffected !== "number" || typeof value.totalRecords !== "number" || typeof value.table !== "string" || value.table.length === 0) {
+    return false;
+  }
+  if (value.message !== void 0 && typeof value.message !== "string") {
+    return false;
+  }
+  return true;
+}
+function registerDatabaseTools(ctx) {
+  const { API_BASE_URL, isRemote, registerTool, withUsageTracking, getApiKey, addBackgroundContext } = ctx;
   registerTool(
     "get-table-schema",
     "Returns the detailed schema(including RLS, indexes, constraints, etc.) of a specific table",
     {
-      apiKey: z23.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
-      tableName: z23.string().describe("Name of the table")
+      apiKey: z26.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+      tableName: z26.string().describe("Name of the table")
     },
     withUsageTracking("get-table-schema", async ({ apiKey, tableName }) => {
       try {
         const actualApiKey = getApiKey(apiKey);
-        const response = await fetch2(`${API_BASE_URL}/api/metadata/${tableName}`, {
+        const response = await fetch3(`${API_BASE_URL}/api/metadata/${encodeURIComponent(tableName)}`, {
           method: "GET",
-          headers: {
-            "x-api-key": actualApiKey
-          }
+          headers: { "x-api-key": actualApiKey }
         });
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage("Schema retrieved", result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage("Schema retrieved", result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error getting table schema: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error getting table schema: ${errMsg}` }],
           isError: true
         };
       }
@@ -1619,37 +1957,25 @@ Supported languages: ${sdkLanguageSchema.options.join(", ")}`,
     "get-backend-metadata",
     "Index all backend metadata",
     {
-      apiKey: z23.string().optional().describe("API key for authentication (optional if provided via --api_key)")
+      apiKey: z26.string().optional().describe("API key for authentication (optional if provided via --api_key)")
     },
     withUsageTracking("get-backend-metadata", async ({ apiKey }) => {
       try {
         const actualApiKey = getApiKey(apiKey);
-        const response = await fetch2(`${API_BASE_URL}/api/metadata?mcp=true`, {
+        const response = await fetch3(`${API_BASE_URL}/api/metadata?mcp=true`, {
           method: "GET",
-          headers: {
-            "x-api-key": actualApiKey
-          }
+          headers: { "x-api-key": actualApiKey }
         });
         const metadata = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: `Backend metadata:
+          content: [{ type: "text", text: `Backend metadata:
 
-${JSON.stringify(metadata, null, 2)}`
-            }
-          ]
+${JSON.stringify(metadata, null, 2)}` }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error retrieving backend metadata: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error retrieving backend metadata: ${errMsg}` }],
           isError: true
         };
       }
@@ -1659,17 +1985,14 @@ ${JSON.stringify(metadata, null, 2)}`
     "run-raw-sql",
     "Execute raw SQL query with optional parameters. Admin access required. Use with caution as it can modify data directly.",
     {
-      apiKey: z23.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+      apiKey: z26.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
       ...rawSQLRequestSchema.shape
     },
     withUsageTracking("run-raw-sql", async ({ apiKey, query, params }) => {
       try {
         const actualApiKey = getApiKey(apiKey);
-        const requestBody = {
-          query,
-          params: params || []
-        };
-        const response = await fetch2(`${API_BASE_URL}/api/database/advance/rawsql`, {
+        const requestBody = { query, params: params || [] };
+        const response = await fetch3(`${API_BASE_URL}/api/database/advance/rawsql`, {
           method: "POST",
           headers: {
             "x-api-key": actualApiKey,
@@ -1679,75 +2002,103 @@ ${JSON.stringify(metadata, null, 2)}`
         });
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage("SQL query executed", result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage("SQL query executed", result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error executing SQL query: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error executing SQL query: ${errMsg}` }],
           isError: true
         };
       }
     })
   );
-  registerTool(
-    "download-template",
-    "CRITICAL: MANDATORY FIRST STEP for all new InsForge projects. Download pre-configured starter template to a temporary directory. After download, you MUST copy files to current directory using the provided command.",
-    {
-      frame: z23.enum(["react", "nextjs"]).describe("Framework to use for the template (support React and Next.js)"),
-      projectName: z23.string().optional().describe('Name for the project directory (optional, defaults to "insforge-react")')
-    },
-    withUsageTracking("download-template", async ({ frame, projectName }) => {
-      try {
-        const response = await fetch2(`${API_BASE_URL}/api/auth/tokens/anon`, {
-          method: "POST",
-          headers: {
-            "x-api-key": getApiKey(),
-            "Content-Type": "application/json"
-          }
-        });
-        const result = await handleApiResponse(response);
-        const anonKey = result.accessToken;
-        if (!anonKey) {
-          throw new Error("Failed to retrieve anon key from backend");
-        }
-        const tempDir = tmpdir();
-        const targetDir = projectName || `insforge-${frame}`;
-        const templatePath = `${tempDir}/${targetDir}`;
-        console.error(`[download-template] Target path: ${templatePath}`);
+  if (isRemote) {
+    registerTool(
+      "download-template",
+      "CRITICAL: MANDATORY FIRST STEP for all new InsForge projects. Fetches configuration and returns a command for you to run locally to scaffold a starter template.",
+      {
+        frame: z26.enum(["react", "nextjs"]).describe("Framework to use for the template (support React and Next.js)"),
+        projectName: z26.string().optional().describe('Name for the project directory (optional, defaults to "insforge-{frame}")')
+      },
+      withUsageTracking("download-template", async ({ frame, projectName }) => {
         try {
-          const stats = await fs.stat(templatePath);
-          if (stats.isDirectory()) {
-            console.error(`[download-template] Removing existing template at ${templatePath}`);
-            await fs.rm(templatePath, { recursive: true, force: true });
-          }
-        } catch {
-        }
-        const command = `npx create-insforge-app ${targetDir} --frame ${frame} --base-url ${API_BASE_URL} --anon-key ${anonKey} --skip-install`;
-        const { stdout, stderr } = await execAsync(command, {
-          maxBuffer: 10 * 1024 * 1024,
-          // 10MB buffer
-          cwd: tempDir
-        });
-        const output = stdout || stderr || "";
-        if (output.toLowerCase().includes("error") && !output.includes("successfully")) {
-          throw new Error(`Failed to download template: ${output}`);
+          const response = await fetch3(`${API_BASE_URL}/api/auth/tokens/anon`, {
+            method: "POST",
+            headers: {
+              "x-api-key": getApiKey(),
+              "Content-Type": "application/json"
+            }
+          });
+          const anonResult = await handleApiResponse(response);
+          if (!isAnonTokenResponse(anonResult)) {
+            throw new Error("Failed to retrieve anon key from backend");
+          }
+          const anonKey = anonResult.accessToken;
+          const rawDir = projectName || `insforge-${frame}`;
+          if (!rawDir || rawDir === "." || rawDir === ".." || /[/\\]/.test(rawDir) || !/^[\w.-]+$/.test(rawDir)) {
+            throw new Error("projectName must be a single directory name using only letters, numbers, hyphens, underscores, and dots");
+          }
+          const targetDir = rawDir;
+          const instructions = `Template configuration ready. Please run the following command in your project's parent directory:
+
+\`\`\`bash
+npx create-insforge-app ${shellEsc(targetDir)} --frame ${frame} --base-url ${shellEsc(API_BASE_URL)} --anon-key ${shellEsc(anonKey)}
+\`\`\`
+
+After the command completes, \`cd ${shellEsc(targetDir)}\` and start developing.`;
+          return {
+            content: [{ type: "text", text: instructions }]
+          };
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error preparing template: ${errMsg}` }],
+            isError: true
+          };
         }
-        return await addBackgroundContext({
-          content: [
-            {
+      })
+    );
+  } else {
+    registerTool(
+      "download-template",
+      "CRITICAL: MANDATORY FIRST STEP for all new InsForge projects. Download pre-configured starter template to a temporary directory. After download, you MUST copy files to current directory using the provided command.",
+      {
+        frame: z26.enum(["react", "nextjs"]).describe("Framework to use for the template (support React and Next.js)"),
+        projectName: z26.string().optional().describe('Name for the project directory (optional, defaults to "insforge-{frame}")')
+      },
+      withUsageTracking("download-template", async ({ frame, projectName }) => {
+        try {
+          const response = await fetch3(`${API_BASE_URL}/api/auth/tokens/anon`, {
+            method: "POST",
+            headers: {
+              "x-api-key": getApiKey(),
+              "Content-Type": "application/json"
+            }
+          });
+          const anonResult = await handleApiResponse(response);
+          if (!isAnonTokenResponse(anonResult)) {
+            throw new Error("Failed to retrieve anon key from backend");
+          }
+          const anonKey = anonResult.accessToken;
+          const rawDir = projectName || `insforge-${frame}`;
+          if (!rawDir || rawDir === "." || rawDir === ".." || /[/\\]/.test(rawDir) || !/^[\w.-]+$/.test(rawDir)) {
+            throw new Error("projectName must be a single directory name using only letters, numbers, hyphens, underscores, and dots");
+          }
+          const targetDir = rawDir;
+          const workspaceBase = await fs.mkdtemp(join(tmpdir(), "insforge-template-"));
+          const templatePath = join(workspaceBase, targetDir);
+          console.error(`[download-template] Target path: ${templatePath}`);
+          await execFileAsync(
+            "npx",
+            ["create-insforge-app", targetDir, "--frame", frame, "--base-url", API_BASE_URL, "--anon-key", anonKey, "--skip-install"],
+            { maxBuffer: 10 * 1024 * 1024, cwd: workspaceBase }
+          );
+          const frameName = frame === "nextjs" ? "Next.js" : "React";
+          return await addBackgroundContext({
+            content: [{
               type: "text",
-              text: `\u2705 React template downloaded successfully
+              text: `\u2705 ${frameName} template downloaded successfully
 
 \u{1F4C1} Template Location: ${templatePath}
 
@@ -1759,43 +2110,38 @@ You MUST copy ALL files (INCLUDING HIDDEN FILES like .env, .gitignore, etc.) fro
 Copy all files from: ${templatePath}
 To: Your current project directory
 `
-            }
-          ]
-        });
-      } catch (error) {
-        const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
-        return {
-          content: [
-            {
-              type: "text",
-              text: `Error downloading template: ${errMsg}`
-            }
-          ],
-          isError: true
-        };
-      }
-    })
-  );
+            }]
+          });
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error downloading template: ${errMsg}` }],
+            isError: true
+          };
+        }
+      })
+    );
+  }
   registerTool(
     "bulk-upsert",
     "Bulk insert or update data from CSV or JSON file. Supports upsert operations with a unique key.",
     {
-      apiKey: z23.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+      apiKey: z26.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
       ...bulkUpsertRequestSchema.shape,
-      filePath: z23.string().describe("Path to CSV or JSON file containing data to import")
+      filePath: z26.string().describe("Path to CSV or JSON file containing data to import")
     },
     withUsageTracking("bulk-upsert", async ({ apiKey, table, filePath, upsertKey }) => {
       try {
         const actualApiKey = getApiKey(apiKey);
         const fileBuffer = await fs.readFile(filePath);
-        const fileName = filePath.split("/").pop() || "data.csv";
+        const fileName = basename(filePath) || "data.csv";
         const formData = new FormData();
         formData.append("file", fileBuffer, fileName);
         formData.append("table", table);
         if (upsertKey) {
           formData.append("upsertKey", upsertKey);
         }
-        const response = await fetch2(`${API_BASE_URL}/api/database/advance/bulk-upsert`, {
+        const response = await fetch3(`${API_BASE_URL}/api/database/advance/bulk-upsert`, {
           method: "POST",
           headers: {
             "x-api-key": actualApiKey,
@@ -1803,47 +2149,50 @@ To: Your current project directory
           },
           body: formData
         });
-        const result = await handleApiResponse(response);
-        const message = result.success ? `Successfully processed ${result.rowsAffected} of ${result.totalRecords} records into table "${result.table}"` : result.message || "Bulk upsert operation completed";
+        const rawResult = await handleApiResponse(response);
+        if (!isBulkUpsertApiResult(rawResult)) {
+          throw new Error("Unexpected response format from bulk-upsert endpoint");
+        }
+        const message = rawResult.success ? `Successfully processed ${rawResult.rowsAffected} of ${rawResult.totalRecords} records into table "${rawResult.table}"` : rawResult.message || "Bulk upsert operation completed";
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage("Bulk upsert completed", {
-                message,
-                table: result.table,
-                rowsAffected: result.rowsAffected,
-                totalRecords: result.totalRecords,
-                errors: result.errors
-              })
-            }
-          ]
+          content: [{
+            type: "text",
+            text: formatSuccessMessage("Bulk upsert completed", {
+              message,
+              table: rawResult.table,
+              rowsAffected: rawResult.rowsAffected,
+              totalRecords: rawResult.totalRecords,
+              errors: rawResult.errors
+            })
+          }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error performing bulk upsert: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error performing bulk upsert: ${errMsg}` }],
           isError: true
         };
       }
     })
   );
+}
+
+// src/shared/tools/storage.ts
+import { z as z27 } from "zod";
+import fetch4 from "node-fetch";
+function registerStorageTools(ctx) {
+  const { API_BASE_URL, registerTool, withUsageTracking, getApiKey, addBackgroundContext } = ctx;
   registerTool(
     "create-bucket",
     "Create new storage bucket",
     {
-      apiKey: z23.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+      apiKey: z27.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
       ...createBucketRequestSchema.shape
     },
     withUsageTracking("create-bucket", async ({ apiKey, bucketName, isPublic }) => {
       try {
         const actualApiKey = getApiKey(apiKey);
-        const response = await fetch2(`${API_BASE_URL}/api/storage/buckets`, {
+        const response = await fetch4(`${API_BASE_URL}/api/storage/buckets`, {
           method: "POST",
           headers: {
             "x-api-key": actualApiKey,
@@ -1853,22 +2202,12 @@ To: Your current project directory
         });
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage("Bucket created", result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage("Bucket created", result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error creating bucket: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error creating bucket: ${errMsg}` }],
           isError: true
         };
       }
@@ -1877,33 +2216,23 @@ To: Your current project directory
   registerTool(
     "list-buckets",
     "Lists all storage buckets",
-    {},
-    withUsageTracking("list-buckets", async () => {
+    {
+      apiKey: z27.string().optional().describe("API key for authentication (optional if provided via --api_key)")
+    },
+    withUsageTracking("list-buckets", async ({ apiKey }) => {
       try {
-        const response = await fetch2(`${API_BASE_URL}/api/storage/buckets`, {
+        const response = await fetch4(`${API_BASE_URL}/api/storage/buckets`, {
           method: "GET",
-          headers: {
-            "x-api-key": getApiKey()
-          }
+          headers: { "x-api-key": getApiKey(apiKey) }
         });
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage("Buckets retrieved", result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage("Buckets retrieved", result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error listing buckets: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error listing buckets: ${errMsg}` }],
           isError: true
         };
       }
@@ -1913,432 +2242,736 @@ To: Your current project directory
     "delete-bucket",
     "Deletes a storage bucket",
     {
-      apiKey: z23.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
-      bucketName: z23.string().describe("Name of the bucket to delete")
+      apiKey: z27.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+      // Reuse the same bucket name validation as create-bucket
+      bucketName: createBucketRequestSchema.shape.bucketName
     },
     withUsageTracking("delete-bucket", async ({ apiKey, bucketName }) => {
       try {
         const actualApiKey = getApiKey(apiKey);
-        const response = await fetch2(`${API_BASE_URL}/api/storage/buckets/${bucketName}`, {
+        const response = await fetch4(`${API_BASE_URL}/api/storage/buckets/${encodeURIComponent(bucketName)}`, {
           method: "DELETE",
-          headers: {
-            "x-api-key": actualApiKey
-          }
+          headers: { "x-api-key": actualApiKey }
         });
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage("Bucket deleted", result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage("Bucket deleted", result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error deleting bucket: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error deleting bucket: ${errMsg}` }],
           isError: true
         };
       }
     })
   );
-  registerTool(
-    "create-function",
-    "Create a new edge function that runs in Deno runtime. The code must be written to a file first for version control",
-    {
-      ...uploadFunctionRequestSchema.omit({ code: true }).shape,
-      codeFile: z23.string().describe(
-        "Path to JavaScript file containing the function code. Must export: module.exports = async function(request) { return new Response(...) }"
-      )
-    },
-    withUsageTracking("create-function", async (args) => {
-      try {
-        let code;
+}
+
+// src/shared/tools/functions.ts
+import { z as z28 } from "zod";
+import fetch5 from "node-fetch";
+import { promises as fs2 } from "fs";
+function registerFunctionTools(ctx) {
+  const { API_BASE_URL, isRemote, registerTool, withUsageTracking, getApiKey, addBackgroundContext } = ctx;
+  if (isRemote) {
+    registerTool(
+      "create-function",
+      "Create a new edge function that runs in Deno runtime",
+      {
+        apiKey: z28.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+        ...uploadFunctionRequestSchema.omit({ code: true }).shape,
+        code: z28.string().describe(
+          "The function code as a string. Must export: module.exports = async function(request) { return new Response(...) }"
+        )
+      },
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      withUsageTracking("create-function", async (args) => {
         try {
-          code = await fs.readFile(args.codeFile, "utf-8");
-        } catch (fileError) {
-          throw new Error(
-            `Failed to read code file '${args.codeFile}': ${fileError instanceof Error ? fileError.message : "Unknown error"}`
-          );
+          const response = await fetch5(`${API_BASE_URL}/api/functions`, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              "x-api-key": getApiKey(args.apiKey)
+            },
+            body: JSON.stringify({
+              slug: args.slug,
+              name: args.name,
+              code: args.code,
+              description: args.description,
+              status: args.status
+            })
+          });
+          const result = await handleApiResponse(response);
+          return await addBackgroundContext({
+            content: [{ type: "text", text: formatSuccessMessage(`Edge function '${args.slug}' created successfully`, result) }]
+          });
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error creating function: ${errMsg}` }],
+            isError: true
+          };
         }
-        const response = await fetch2(`${API_BASE_URL}/api/functions`, {
-          method: "POST",
-          headers: {
-            "Content-Type": "application/json",
-            "x-api-key": getApiKey()
-          },
-          body: JSON.stringify({
-            slug: args.slug,
-            name: args.name,
-            code,
-            description: args.description,
-            status: args.status
-          })
-        });
-        const result = await handleApiResponse(response);
-        return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage(
-                `Edge function '${args.slug}' created successfully from ${args.codeFile}`,
-                result
-              )
-            }
-          ]
-        });
-      } catch (error) {
-        const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
-        return {
-          content: [
-            {
-              type: "text",
-              text: `Error creating function: ${errMsg}`
-            }
-          ],
-          isError: true
-        };
-      }
-    })
-  );
+      })
+    );
+  } else {
+    registerTool(
+      "create-function",
+      "Create a new edge function that runs in Deno runtime. The code must be written to a file first for version control",
+      {
+        apiKey: z28.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+        ...uploadFunctionRequestSchema.omit({ code: true }).shape,
+        codeFile: z28.string().describe(
+          "Path to JavaScript file containing the function code. Must export: module.exports = async function(request) { return new Response(...) }"
+        )
+      },
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      withUsageTracking("create-function", async (args) => {
+        try {
+          let code;
+          try {
+            code = await fs2.readFile(args.codeFile, "utf-8");
+          } catch (fileError) {
+            throw new Error(
+              `Failed to read code file '${args.codeFile}': ${fileError instanceof Error ? fileError.message : "Unknown error"}`,
+              { cause: fileError }
+            );
+          }
+          const response = await fetch5(`${API_BASE_URL}/api/functions`, {
+            method: "POST",
+            headers: {
+              "Content-Type": "application/json",
+              "x-api-key": getApiKey(args.apiKey)
+            },
+            body: JSON.stringify({
+              slug: args.slug,
+              name: args.name,
+              code,
+              description: args.description,
+              status: args.status
+            })
+          });
+          const result = await handleApiResponse(response);
+          return await addBackgroundContext({
+            content: [{ type: "text", text: formatSuccessMessage(`Edge function '${args.slug}' created successfully from ${args.codeFile}`, result) }]
+          });
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error creating function: ${errMsg}` }],
+            isError: true
+          };
+        }
+      })
+    );
+  }
   registerTool(
     "get-function",
     "Get details of a specific edge function including its code",
     {
-      slug: z23.string().describe("The slug identifier of the function")
+      apiKey: z28.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+      slug: functionSchema.shape.slug.describe("The slug identifier of the function")
     },
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     withUsageTracking("get-function", async (args) => {
       try {
-        const response = await fetch2(`${API_BASE_URL}/api/functions/${args.slug}`, {
+        const response = await fetch5(`${API_BASE_URL}/api/functions/${encodeURIComponent(args.slug)}`, {
           method: "GET",
-          headers: {
-            "x-api-key": getApiKey()
-          }
+          headers: { "x-api-key": getApiKey(args.apiKey) }
         });
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage(`Edge function '${args.slug}' details`, result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage(`Edge function '${args.slug}' details`, result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error getting function: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error getting function: ${errMsg}` }],
           isError: true
         };
       }
     })
   );
-  registerTool(
-    "update-function",
-    "Update an existing edge function code or metadata",
-    {
-      slug: z23.string().describe("The slug identifier of the function to update"),
-      ...updateFunctionRequestSchema.omit({ code: true }).shape,
-      codeFile: z23.string().optional().describe(
-        "Path to JavaScript file containing the new function code. Must export: module.exports = async function(request) { return new Response(...) }"
-      )
-    },
-    withUsageTracking("update-function", async (args) => {
-      try {
-        const updateData = {};
-        if (args.name) {
-          updateData.name = args.name;
+  if (isRemote) {
+    registerTool(
+      "update-function",
+      "Update an existing edge function code or metadata",
+      {
+        apiKey: z28.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+        slug: functionSchema.shape.slug.describe("The slug identifier of the function to update"),
+        ...updateFunctionRequestSchema.omit({ code: true }).shape,
+        code: z28.string().optional().describe(
+          "The new function code as a string. Must export: module.exports = async function(request) { return new Response(...) }"
+        )
+      },
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      withUsageTracking("update-function", async (args) => {
+        try {
+          const updateData = {};
+          if (args.name) updateData.name = args.name;
+          if (args.code) updateData.code = args.code;
+          if (args.description !== void 0) updateData.description = args.description;
+          if (args.status) updateData.status = args.status;
+          const response = await fetch5(`${API_BASE_URL}/api/functions/${encodeURIComponent(args.slug)}`, {
+            method: "PUT",
+            headers: {
+              "Content-Type": "application/json",
+              "x-api-key": getApiKey(args.apiKey)
+            },
+            body: JSON.stringify(updateData)
+          });
+          const result = await handleApiResponse(response);
+          return await addBackgroundContext({
+            content: [{ type: "text", text: formatSuccessMessage(`Edge function '${args.slug}' updated successfully`, result) }]
+          });
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error updating function: ${errMsg}` }],
+            isError: true
+          };
         }
-        if (args.codeFile) {
-          try {
-            updateData.code = await fs.readFile(args.codeFile, "utf-8");
-          } catch (fileError) {
-            throw new Error(
-              `Failed to read code file '${args.codeFile}': ${fileError instanceof Error ? fileError.message : "Unknown error"}`
-            );
+      })
+    );
+  } else {
+    registerTool(
+      "update-function",
+      "Update an existing edge function code or metadata",
+      {
+        apiKey: z28.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+        slug: functionSchema.shape.slug.describe("The slug identifier of the function to update"),
+        ...updateFunctionRequestSchema.omit({ code: true }).shape,
+        codeFile: z28.string().optional().describe(
+          "Path to JavaScript file containing the new function code. Must export: module.exports = async function(request) { return new Response(...) }"
+        )
+      },
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      withUsageTracking("update-function", async (args) => {
+        try {
+          const updateData = {};
+          if (args.name) updateData.name = args.name;
+          if (args.codeFile) {
+            try {
+              updateData.code = await fs2.readFile(args.codeFile, "utf-8");
+            } catch (fileError) {
+              throw new Error(
+                `Failed to read code file '${args.codeFile}': ${fileError instanceof Error ? fileError.message : "Unknown error"}`,
+                { cause: fileError }
+              );
+            }
           }
+          if (args.description !== void 0) updateData.description = args.description;
+          if (args.status) updateData.status = args.status;
+          const response = await fetch5(`${API_BASE_URL}/api/functions/${encodeURIComponent(args.slug)}`, {
+            method: "PUT",
+            headers: {
+              "Content-Type": "application/json",
+              "x-api-key": getApiKey(args.apiKey)
+            },
+            body: JSON.stringify(updateData)
+          });
+          const result = await handleApiResponse(response);
+          const fileInfo = args.codeFile ? ` from ${args.codeFile}` : "";
+          return await addBackgroundContext({
+            content: [{ type: "text", text: formatSuccessMessage(`Edge function '${args.slug}' updated successfully${fileInfo}`, result) }]
+          });
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error updating function: ${errMsg}` }],
+            isError: true
+          };
         }
-        if (args.description !== void 0) {
-          updateData.description = args.description;
-        }
-        if (args.status) {
-          updateData.status = args.status;
-        }
-        const response = await fetch2(`${API_BASE_URL}/api/functions/${args.slug}`, {
-          method: "PUT",
-          headers: {
-            "Content-Type": "application/json",
-            "x-api-key": getApiKey()
-          },
-          body: JSON.stringify(updateData)
-        });
-        const result = await handleApiResponse(response);
-        const fileInfo = args.codeFile ? ` from ${args.codeFile}` : "";
-        return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage(
-                `Edge function '${args.slug}' updated successfully${fileInfo}`,
-                result
-              )
-            }
-          ]
-        });
-      } catch (error) {
-        const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
-        return {
-          content: [
-            {
-              type: "text",
-              text: `Error updating function: ${errMsg}`
-            }
-          ],
-          isError: true
-        };
-      }
-    })
-  );
+      })
+    );
+  }
   registerTool(
     "delete-function",
     "Delete an edge function permanently",
     {
-      slug: z23.string().describe("The slug identifier of the function to delete")
+      apiKey: z28.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+      slug: functionSchema.shape.slug.describe("The slug identifier of the function to delete")
     },
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     withUsageTracking("delete-function", async (args) => {
       try {
-        const response = await fetch2(`${API_BASE_URL}/api/functions/${args.slug}`, {
+        const response = await fetch5(`${API_BASE_URL}/api/functions/${encodeURIComponent(args.slug)}`, {
           method: "DELETE",
-          headers: {
-            "x-api-key": getApiKey()
-          }
+          headers: { "x-api-key": getApiKey(args.apiKey) }
         });
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage(`Edge function '${args.slug}' deleted successfully`, result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage(`Edge function '${args.slug}' deleted successfully`, result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error deleting function: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error deleting function: ${errMsg}` }],
           isError: true
         };
       }
     })
   );
+}
+
+// src/shared/tools/deployment.ts
+import { z as z29 } from "zod";
+import fetch6 from "node-fetch";
+import { promises as fs3, createWriteStream, createReadStream } from "fs";
+import { tmpdir as tmpdir2 } from "os";
+import { join as join2 } from "path";
+import archiver from "archiver";
+import FormData2 from "form-data";
+function isCreateDeploymentResponse(obj) {
+  if (typeof obj !== "object" || obj === null) {
+    return false;
+  }
+  const value = obj;
+  const idOk = "id" in value && (typeof value.id === "string" || typeof value.id === "number");
+  const urlOk = "uploadUrl" in value && typeof value.uploadUrl === "string" && value.uploadUrl.length > 0;
+  const fieldsOk = "uploadFields" in value && typeof value.uploadFields === "object" && value.uploadFields !== null;
+  return idOk && urlOk && fieldsOk;
+}
+function registerDeploymentTools(ctx) {
+  const { API_BASE_URL, isRemote, registerTool, withUsageTracking, getApiKey, addBackgroundContext } = ctx;
   registerTool(
     "get-container-logs",
     "Get latest logs from a specific container/service. Use this to help debug problems with your app.",
     {
-      apiKey: z23.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
-      source: z23.enum(["insforge.logs", "postgREST.logs", "postgres.logs", "function.logs"]).describe("Log source to retrieve"),
-      limit: z23.number().optional().default(20).describe("Number of logs to return (default: 20)")
+      apiKey: z29.string().optional().describe("API key for authentication (optional if provided via --api_key)"),
+      source: z29.enum(["insforge.logs", "postgREST.logs", "postgres.logs", "function.logs"]).describe("Log source to retrieve"),
+      limit: z29.number().optional().default(20).describe("Number of logs to return (default: 20)")
     },
     withUsageTracking("get-container-logs", async ({ apiKey, source, limit }) => {
       try {
         const actualApiKey = getApiKey(apiKey);
         const queryParams = new URLSearchParams();
         if (limit) queryParams.append("limit", limit.toString());
-        let response = await fetch2(`${API_BASE_URL}/api/logs/${source}?${queryParams}`, {
+        let response = await fetch6(`${API_BASE_URL}/api/logs/${source}?${queryParams}`, {
           method: "GET",
-          headers: {
-            "x-api-key": actualApiKey
-          }
+          headers: { "x-api-key": actualApiKey }
         });
         if (response.status === 404) {
-          response = await fetch2(`${API_BASE_URL}/api/logs/analytics/${source}?${queryParams}`, {
+          response = await fetch6(`${API_BASE_URL}/api/logs/analytics/${source}?${queryParams}`, {
             method: "GET",
-            headers: {
-              "x-api-key": actualApiKey
-            }
+            headers: { "x-api-key": actualApiKey }
           });
         }
         const result = await handleApiResponse(response);
         return await addBackgroundContext({
-          content: [
-            {
-              type: "text",
-              text: formatSuccessMessage(`Latest logs from ${source}`, result)
-            }
-          ]
+          content: [{ type: "text", text: formatSuccessMessage(`Latest logs from ${source}`, result) }]
         });
       } catch (error) {
         const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
         return {
-          content: [
-            {
-              type: "text",
-              text: `Error retrieving container logs: ${errMsg}`
-            }
-          ],
+          content: [{ type: "text", text: `Error retrieving container logs: ${errMsg}` }],
           isError: true
         };
       }
     })
   );
-  registerTool(
-    "create-deployment",
-    "Deploy source code from a directory. This tool zips files, uploads to cloud storage, and triggers deployment with optional environment variables and project settings.",
-    {
-      sourceDirectory: z23.string().describe('Absolute path to the source directory containing files to deploy (e.g., /Users/name/project or C:\\Users\\name\\project). Do not use relative paths like "."'),
-      ...startDeploymentRequestSchema.shape
-    },
-    withUsageTracking("create-deployment", async ({ sourceDirectory, projectSettings, envVars, meta }) => {
-      try {
-        const isAbsolutePath = sourceDirectory.startsWith("/") || /^[a-zA-Z]:[/\\]/.test(sourceDirectory);
-        if (!isAbsolutePath) {
-          return {
-            content: [
-              {
+  if (isRemote) {
+    registerTool(
+      "create-deployment",
+      "Prepare a deployment by creating a presigned upload URL. Returns shell commands for the agent to execute locally: zip the source directory and upload to cloud storage. After uploading, call the start-deployment tool to trigger the build.",
+      {
+        sourceDirectory: z29.string().describe('Absolute path to the source directory containing files to deploy (e.g., /Users/name/project). Do not use relative paths like "."')
+      },
+      withUsageTracking("create-deployment", async ({ sourceDirectory }) => {
+        try {
+          const isAbsolutePath = sourceDirectory.startsWith("/") || /^[a-zA-Z]:[/\\]/.test(sourceDirectory);
+          if (!isAbsolutePath) {
+            return {
+              content: [{
                 type: "text",
                 text: `Error: sourceDirectory must be an absolute path, not a relative path like "${sourceDirectory}". Please provide the full path to the source directory (e.g., /Users/name/project on macOS/Linux or C:\\Users\\name\\project on Windows).`
-              }
-            ],
+              }],
+              isError: true
+            };
+          }
+          const createResponse = await fetch6(`${API_BASE_URL}/api/deployments`, {
+            method: "POST",
+            headers: {
+              "x-api-key": getApiKey(),
+              "Content-Type": "application/json"
+            }
+          });
+          const createResult = await handleApiResponse(createResponse);
+          if (!isCreateDeploymentResponse(createResult)) {
+            throw new Error("Unexpected response format from deployments endpoint");
+          }
+          const { id: deploymentId, uploadUrl, uploadFields } = createResult;
+          const esc = shellEsc;
+          const curlFields = Object.entries(uploadFields).map(([key, value]) => `-F ${esc(`${key}=${value}`)}`).join(" \\\n  ");
+          const escapedDir = esc(sourceDirectory);
+          const tmpZip = `/tmp/insforge-deploy-${deploymentId}.zip`;
+          const instructions = `Deployment prepared successfully. Deployment ID: ${deploymentId}
+
+Please execute the following commands locally, then call the \`start-deployment\` tool:
+
+## Step 1: Zip the source directory
+\`\`\`bash
+cd ${escapedDir} && zip -r ${tmpZip} .   -x "node_modules/*" ".git/*" ".next/*" ".env" ".env.local" "dist/*" "build/*" ".DS_Store" "*.log"
+\`\`\`
+
+## Step 2: Upload the zip file
+\`\`\`bash
+curl -X POST ${esc(uploadUrl)}   ${curlFields}   -F 'file=@${tmpZip};type=application/zip'
+\`\`\`
+
+## Step 3: Clean up
+\`\`\`bash
+rm /tmp/insforge-deploy-${deploymentId}.zip
+\`\`\`
+
+## Step 4: Trigger the build
+Call the \`start-deployment\` tool with deploymentId: "${deploymentId}"
+
+Run each step in order. If any step fails, do not proceed to the next step.`;
+          return {
+            content: [{ type: "text", text: instructions }]
+          };
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error preparing deployment: ${errMsg}` }],
             isError: true
           };
         }
+      })
+    );
+    registerTool(
+      "start-deployment",
+      "Trigger a deployment build after uploading source code. Use this after executing the upload commands from create-deployment.",
+      {
+        deploymentId: z29.string().describe("The deployment ID returned by create-deployment"),
+        ...startDeploymentRequestSchema.shape
+      },
+      withUsageTracking("start-deployment", async ({ deploymentId, projectSettings, envVars, meta }) => {
         try {
-          const stats = await fs.stat(sourceDirectory);
-          if (!stats.isDirectory()) {
+          const startBody = {};
+          if (projectSettings) startBody.projectSettings = projectSettings;
+          if (envVars) startBody.envVars = envVars;
+          if (meta) startBody.meta = meta;
+          const startResponse = await fetch6(`${API_BASE_URL}/api/deployments/${encodeURIComponent(deploymentId)}/start`, {
+            method: "POST",
+            headers: {
+              "x-api-key": getApiKey(),
+              "Content-Type": "application/json"
+            },
+            body: JSON.stringify(startBody)
+          });
+          const startResult = await handleApiResponse(startResponse);
+          return await addBackgroundContext({
+            content: [{
+              type: "text",
+              text: formatSuccessMessage("Deployment started", startResult) + "\n\nNote: You can check deployment status by querying the system.deployments table."
+            }]
+          });
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error starting deployment: ${errMsg}` }],
+            isError: true
+          };
+        }
+      })
+    );
+  } else {
+    registerTool(
+      "create-deployment",
+      "Deploy source code from a directory. This tool zips files, uploads to cloud storage, and triggers deployment with optional environment variables and project settings.",
+      {
+        sourceDirectory: z29.string().describe('Absolute path to the source directory containing files to deploy (e.g., /Users/name/project or C:\\Users\\name\\project). Do not use relative paths like "."'),
+        ...startDeploymentRequestSchema.shape
+      },
+      withUsageTracking("create-deployment", async ({ sourceDirectory, projectSettings, envVars, meta }) => {
+        try {
+          const isAbsolutePath = sourceDirectory.startsWith("/") || /^[a-zA-Z]:[/\\]/.test(sourceDirectory);
+          if (!isAbsolutePath) {
             return {
-              content: [
-                {
-                  type: "text",
-                  text: `Error: "${sourceDirectory}" is not a directory. Please provide a path to a directory containing the source code.`
-                }
-              ],
+              content: [{
+                type: "text",
+                text: `Error: sourceDirectory must be an absolute path, not a relative path like "${sourceDirectory}". Please provide the full path to the source directory (e.g., /Users/name/project on macOS/Linux or C:\\Users\\name\\project on Windows).`
+              }],
               isError: true
             };
           }
-        } catch (statError) {
-          return {
-            content: [
-              {
+          try {
+            const stats = await fs3.stat(sourceDirectory);
+            if (!stats.isDirectory()) {
+              return {
+                content: [{
+                  type: "text",
+                  text: `Error: "${sourceDirectory}" is not a directory. Please provide a path to a directory containing the source code.`
+                }],
+                isError: true
+              };
+            }
+          } catch {
+            return {
+              content: [{
                 type: "text",
                 text: `Error: Directory "${sourceDirectory}" does not exist or is not accessible. Please verify the path is correct.`
-              }
-            ],
-            isError: true
-          };
-        }
-        const resolvedSourceDir = sourceDirectory;
-        const createResponse = await fetch2(`${API_BASE_URL}/api/deployments`, {
-          method: "POST",
-          headers: {
-            "x-api-key": getApiKey(),
-            "Content-Type": "application/json"
+              }],
+              isError: true
+            };
           }
-        });
-        const createResult = await handleApiResponse(createResponse);
-        const { id: deploymentId, uploadUrl, uploadFields } = createResult;
-        const zipBuffer = await new Promise((resolve, reject) => {
-          const archive = archiver("zip", { zlib: { level: 9 } });
-          const chunks = [];
-          archive.on("data", (chunk) => chunks.push(chunk));
-          archive.on("end", () => resolve(Buffer.concat(chunks)));
-          archive.on("error", (err) => reject(err));
-          const excludePatterns = [
-            "node_modules",
-            ".git",
-            ".next",
-            ".env",
-            ".env.local",
-            "dist",
-            "build",
-            ".DS_Store"
-          ];
-          archive.directory(resolvedSourceDir, false, (entry) => {
-            const normalizedName = entry.name.replace(/\\/g, "/");
-            for (const pattern of excludePatterns) {
-              if (normalizedName.startsWith(pattern + "/") || normalizedName === pattern || normalizedName.endsWith("/" + pattern) || normalizedName.includes("/" + pattern + "/")) {
-                return false;
-              }
+          const resolvedSourceDir = sourceDirectory;
+          const createResponse = await fetch6(`${API_BASE_URL}/api/deployments`, {
+            method: "POST",
+            headers: {
+              "x-api-key": getApiKey(),
+              "Content-Type": "application/json"
             }
-            if (normalizedName.endsWith(".log")) {
-              return false;
+          });
+          const createResult = await handleApiResponse(createResponse);
+          if (!isCreateDeploymentResponse(createResult)) {
+            throw new Error("Unexpected response format from deployments endpoint");
+          }
+          const { id: deploymentId, uploadUrl, uploadFields } = createResult;
+          const tmpZipPath = join2(tmpdir2(), `insforge-deploy-${deploymentId}.zip`);
+          try {
+            await new Promise((resolve, reject) => {
+              const archive = archiver("zip", { zlib: { level: 9 } });
+              const output = createWriteStream(tmpZipPath);
+              output.on("close", resolve);
+              output.on("error", reject);
+              archive.on("error", reject);
+              const excludePatterns = ["node_modules", ".git", ".next", ".env", ".env.local", "dist", "build", ".DS_Store"];
+              archive.directory(resolvedSourceDir, false, (entry) => {
+                const normalizedName = entry.name.replace(/\\/g, "/");
+                for (const pattern of excludePatterns) {
+                  if (normalizedName.startsWith(pattern + "/") || normalizedName === pattern || normalizedName.endsWith("/" + pattern) || normalizedName.includes("/" + pattern + "/")) {
+                    return false;
+                  }
+                }
+                if (normalizedName.endsWith(".log")) return false;
+                return entry;
+              });
+              archive.pipe(output);
+              archive.finalize();
+            });
+            const { size: zipSize } = await fs3.stat(tmpZipPath);
+            const uploadFormData = new FormData2();
+            for (const [key, value] of Object.entries(uploadFields)) {
+              uploadFormData.append(key, value);
+            }
+            uploadFormData.append("file", createReadStream(tmpZipPath), {
+              filename: "deployment.zip",
+              contentType: "application/zip",
+              knownLength: zipSize
+            });
+            const uploadResponse = await fetch6(uploadUrl, {
+              method: "POST",
+              body: uploadFormData,
+              headers: uploadFormData.getHeaders()
+            });
+            if (!uploadResponse.ok) {
+              const uploadError = await uploadResponse.text();
+              throw new Error(`Failed to upload zip file: ${uploadError}`);
             }
-            return entry;
+          } finally {
+            await fs3.rm(tmpZipPath, { force: true }).catch(() => void 0);
+          }
+          const startBody = {};
+          if (projectSettings) startBody.projectSettings = projectSettings;
+          if (envVars) startBody.envVars = envVars;
+          if (meta) startBody.meta = meta;
+          const startResponse = await fetch6(`${API_BASE_URL}/api/deployments/${encodeURIComponent(deploymentId)}/start`, {
+            method: "POST",
+            headers: {
+              "x-api-key": getApiKey(),
+              "Content-Type": "application/json"
+            },
+            body: JSON.stringify(startBody)
           });
-          archive.finalize();
-        });
-        const uploadFormData = new FormData();
-        for (const [key, value] of Object.entries(uploadFields)) {
-          uploadFormData.append(key, value);
-        }
-        uploadFormData.append("file", zipBuffer, {
-          filename: "deployment.zip",
-          contentType: "application/zip"
-        });
-        const uploadResponse = await fetch2(uploadUrl, {
-          method: "POST",
-          body: uploadFormData,
-          headers: uploadFormData.getHeaders()
-        });
-        if (!uploadResponse.ok) {
-          const uploadError = await uploadResponse.text();
-          throw new Error(`Failed to upload zip file: ${uploadError}`);
-        }
-        const startBody = {};
-        if (projectSettings) startBody.projectSettings = projectSettings;
-        if (envVars) startBody.envVars = envVars;
-        if (meta) startBody.meta = meta;
-        const startResponse = await fetch2(`${API_BASE_URL}/api/deployments/${deploymentId}/start`, {
-          method: "POST",
-          headers: {
-            "x-api-key": getApiKey(),
-            "Content-Type": "application/json"
-          },
-          body: JSON.stringify(startBody)
-        });
-        const startResult = await handleApiResponse(startResponse);
-        return await addBackgroundContext({
-          content: [
-            {
+          const startResult = await handleApiResponse(startResponse);
+          return await addBackgroundContext({
+            content: [{
               type: "text",
               text: formatSuccessMessage("Deployment started", startResult) + "\n\nNote: You can check deployment status by querying the system.deployments table."
-            }
-          ]
-        });
+            }]
+          });
+        } catch (error) {
+          const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
+          return {
+            content: [{ type: "text", text: `Error creating deployment: ${errMsg}` }],
+            isError: true
+          };
+        }
+      })
+    );
+  }
+}
+
+// src/shared/tools/index.ts
+var TOOL_VERSION_REQUIREMENTS = {
+  // Schedule tools - require backend v1.1.1+
+  // 'upsert-schedule': { minVersion: '1.1.1' },
+  // 'delete-schedule': { minVersion: '1.1.1' },
+  // 'get-schedules': { minVersion: '1.1.1' },
+  // 'get-schedule-logs': { minVersion: '1.1.1' },
+  "create-deployment": { minVersion: "1.4.7" },
+  "fetch-sdk-docs": { minVersion: "1.5.1" }
+  // Example of a deprecated tool (uncomment when needed):
+  // 'legacy-tool': { minVersion: '1.0.0', maxVersion: '1.5.0' },
+};
+var LOCAL_ONLY_TOOLS = /* @__PURE__ */ new Set([
+  "bulk-upsert"
+  // Requires reading local data file (filePath is required)
+]);
+function compareVersions(v1, v2) {
+  const clean1 = v1.replace(/^v/, "").split("-")[0];
+  const clean2 = v2.replace(/^v/, "").split("-")[0];
+  const parts1 = clean1.split(".").map(Number);
+  const parts2 = clean2.split(".").map(Number);
+  for (let i = 0; i < Math.max(parts1.length, parts2.length); i++) {
+    const part1 = parts1[i] || 0;
+    const part2 = parts2[i] || 0;
+    if (part1 > part2) return 1;
+    if (part1 < part2) return -1;
+  }
+  return 0;
+}
+function shouldRegisterTool(toolName, backendVersion) {
+  const requirement = TOOL_VERSION_REQUIREMENTS[toolName];
+  if (!requirement) return true;
+  const { minVersion, maxVersion } = requirement;
+  if (minVersion && compareVersions(backendVersion, minVersion) < 0) return false;
+  if (maxVersion && compareVersions(backendVersion, maxVersion) > 0) return false;
+  return true;
+}
+async function fetchBackendVersion(apiBaseUrl) {
+  const controller = new AbortController();
+  const timeoutId = setTimeout(() => controller.abort(), 1e4);
+  try {
+    const response = await fetch7(`${apiBaseUrl}/api/health`, {
+      method: "GET",
+      headers: { "Content-Type": "application/json" },
+      signal: controller.signal
+    });
+    if (!response.ok) {
+      throw new Error(`Health check failed with status ${response.status}`);
+    }
+    const health = await response.json();
+    if (!health.version || typeof health.version !== "string") {
+      throw new Error("Health check returned invalid version field");
+    }
+    return health.version;
+  } catch (error) {
+    if (error instanceof Error && error.name === "AbortError") {
+      throw new Error(`Health check timed out after 10s \u2014 is the backend running at ${apiBaseUrl}?`, { cause: error });
+    }
+    throw error;
+  } finally {
+    clearTimeout(timeoutId);
+  }
+}
+async function registerInsforgeTools(server, config = {}) {
+  const GLOBAL_API_KEY = config.apiKey || process.env.API_KEY || "";
+  const API_BASE_URL = config.apiBaseUrl || process.env.API_BASE_URL || "http://localhost:7130";
+  const isRemote = config.mode === "remote";
+  const usageTracker = new UsageTracker(API_BASE_URL, GLOBAL_API_KEY);
+  let backendVersion;
+  try {
+    backendVersion = await fetchBackendVersion(API_BASE_URL);
+    console.error(`Backend version: ${backendVersion}`);
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : String(error);
+    console.error(`Failed to fetch backend version: ${msg}`);
+    throw new Error(`Cannot initialize tools: backend at ${API_BASE_URL} is unreachable. ${msg}`, { cause: error });
+  }
+  let toolCount = 0;
+  const registerTool = (toolName, ...args) => {
+    if (isRemote && LOCAL_ONLY_TOOLS.has(toolName)) {
+      console.error(`Skipping tool '${toolName}': requires local filesystem (remote mode)`);
+      return false;
+    }
+    if (shouldRegisterTool(toolName, backendVersion)) {
+      server.tool(toolName, ...args);
+      toolCount++;
+      return true;
+    } else {
+      const req = TOOL_VERSION_REQUIREMENTS[toolName];
+      const reason = req?.minVersion && compareVersions(backendVersion, req.minVersion) < 0 ? `requires backend >= ${req.minVersion}` : `deprecated after backend ${req?.maxVersion}`;
+      console.error(`Skipping tool '${toolName}': ${reason} (current: ${backendVersion})`);
+      return false;
+    }
+  };
+  async function trackToolUsage(toolName, success = true) {
+    if (GLOBAL_API_KEY) {
+      await usageTracker.trackUsage(toolName, success).catch((err) => {
+        console.error(`Failed to track usage for '${toolName}':`, err);
+      });
+    }
+  }
+  function withUsageTracking(toolName, handler) {
+    return async (...args) => {
+      try {
+        const result = await handler(...args);
+        const isStructuredError = result !== null && typeof result === "object" && "isError" in result && result["isError"] === true;
+        void trackToolUsage(toolName, !isStructuredError);
+        return result;
       } catch (error) {
-        const errMsg = error instanceof Error ? error.message : "Unknown error occurred";
-        return {
-          content: [
-            {
+        void trackToolUsage(toolName, false);
+        throw error;
+      }
+    };
+  }
+  const getApiKey = (toolApiKey) => {
+    const apiKey = toolApiKey?.trim() || GLOBAL_API_KEY;
+    if (!apiKey) {
+      throw new Error("API key is required. Pass --api_key when starting the MCP server.");
+    }
+    return apiKey;
+  };
+  const addBackgroundContext = async (response) => {
+    const isLegacyVersion = compareVersions(backendVersion, "1.1.7") < 0;
+    if (isLegacyVersion) {
+      try {
+        const docResponse = await fetch7(`${API_BASE_URL}/api/docs/instructions`, {
+          method: "GET",
+          headers: { "Content-Type": "application/json" }
+        });
+        if (docResponse.ok) {
+          const result = await handleApiResponse(docResponse);
+          if (result && typeof result === "object" && "content" in result) {
+            response.content.push({
               type: "text",
-              text: `Error creating deployment: ${errMsg}`
-            }
-          ],
-          isError: true
-        };
+              text: `
+
+---
+\u{1F527} INSFORGE DEVELOPMENT RULES (Auto-loaded):
+${result.content}`
+            });
+          }
+        }
+      } catch (error) {
+        console.error("Failed to fetch insforge-instructions.md:", error);
       }
-    })
-  );
+    }
+    return response;
+  };
+  const ctx = {
+    API_BASE_URL,
+    isRemote,
+    registerTool,
+    withUsageTracking,
+    getApiKey,
+    addBackgroundContext
+  };
+  registerDocsTools(ctx);
+  registerDatabaseTools(ctx);
+  registerStorageTools(ctx);
+  registerFunctionTools(ctx);
+  registerDeploymentTools(ctx);
   return {
     apiKey: GLOBAL_API_KEY,
     apiBaseUrl: API_BASE_URL,
-    toolCount,
-    backendVersion
+    backendVersion,
+    toolCount
   };
 }