@jshookmcp/jshook 0.2.7 → 0.2.9

package/dist/definitions-CXEI7QC72.mjs

@@ -0,0 +1,216 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/network/definitions.ts
+const networkAuthorizationSchema = {
+	allowedHosts: {
+		type: "array",
+		items: { type: "string" },
+		description: "Exact hostnames or IP literals allowed for this request."
+	},
+	allowedCidrs: {
+		type: "array",
+		items: { type: "string" },
+		description: "Explicit CIDR ranges allowed for this request."
+	},
+	allowPrivateNetwork: {
+		type: "boolean",
+		description: "Allow access to private or reserved network targets, but only when the resolved host matches allowedHosts or allowedCidrs."
+	},
+	allowInsecureHttp: {
+		type: "boolean",
+		description: "Allow plain HTTP access to explicitly authorized targets in allowedHosts or allowedCidrs."
+	},
+	expiresAt: {
+		type: "string",
+		description: "Optional ISO-8601 expiry time for this authorization."
+	},
+	reason: {
+		type: "string",
+		description: "Short audit note describing why this authorization is needed."
+	}
+};
+const advancedTools = [
+	tool("network_enable", (t) => t.desc("Enable network request monitoring. Must be called before page_navigate to capture requests.\n\nCorrect order:\n1. network_enable()\n2. page_navigate(\"https://example.com\")\n3. network_get_requests()\n\nOr use enableNetworkMonitoring parameter on page_navigate.").boolean("enableExceptions", "Also capture uncaught exceptions", { default: true })),
+	tool("network_disable", (t) => t.desc("Disable network request monitoring").destructive()),
+	tool("network_get_status", (t) => t.desc("Get network monitoring status (enabled, request count, response count)").query()),
+	tool("network_monitor", (t) => t.desc("Manage network request monitoring. Enable/disable monitoring or check status. Must enable before page_navigate to capture requests.").enum("action", [
+		"enable",
+		"disable",
+		"status"
+	], "Action to perform").boolean("enableExceptions", "Only for enable action: Also capture uncaught exceptions", { default: true }).required("action")),
+	tool("network_get_requests", (t) => t.desc("Get captured network requests. Large results (>25KB) automatically return a summary with detailId.\n\nPrerequisites:\n1. Call network_enable first\n2. Navigate to a page\n\nResponse fields:\n- requestId: unique request identifier\n- url: request URL\n- method: HTTP method (GET/POST)\n- headers: request headers\n- postData: POST body (if present)\n- timestamp: capture time\n- type: resource type (Document/Script/XHR)\n\nDefault behavior:\n- Static resources (Image/Font/Stylesheet/Media) are excluded when no filters are set\n- Results are sorted by type priority: XHR > Fetch > Document > Script > Other\n- Set any filter (url, method, etc.) to include all resource types\n\nBest practices:\n1. Use url filter to reduce result size\n2. Use offset+limit for pagination instead of multiple get_detailed_data calls\n3. Use get_detailed_data(detailId) for full data when summary is returned\n4. If 0 results returned, call console_inject_fetch_interceptor() then re-navigate to capture frontend-wrapped fetch/XHR calls").string("url", "Filter by URL substring (e.g., \"api\" matches all API URLs)").string("urlRegex", "Filter by URL regex pattern (e.g., \"/api/(v[12]|auth)/\"). Takes precedence over url substring.").string("method", "Filter by HTTP method (GET, POST, PUT, DELETE)").number("sinceTimestamp", "Only return requests after this epoch timestamp (milliseconds). Useful for incremental polling.").string("sinceRequestId", "Only return requests after this requestId (exclusive). Useful for incremental retrieval.").number("tail", "Return the last N requests (applied after all other filters). E.g., tail=5 returns the 5 most recent.").number("limit", "Maximum number of results per page (default: 100, max: 1000)", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e3
+	}).number("offset", "Skip first N results for pagination (default: 0). Use page.nextOffset from previous response.", {
+		default: 0,
+		minimum: 0
+	}).boolean("autoEnable", "Auto-enable network monitoring when currently disabled", { default: true }).boolean("enableExceptions", "When autoEnable=true, also enable uncaught exception monitoring", { default: true })),
+	tool("network_get_response_body", (t) => t.desc("Get response body for a specific request. Auto-truncates responses >100KB. Use returnSummary=true for large files.").string("requestId", "Request ID (from network_get_requests)").number("maxSize", "Maximum response size in bytes", {
+		default: 1e5,
+		minimum: 1024,
+		maximum: 2e7
+	}).boolean("returnSummary", "Return only size and preview instead of full body", { default: false }).number("retries", "Retry count when response body is not yet available", {
+		default: 3,
+		minimum: 0,
+		maximum: 10
+	}).number("retryIntervalMs", "Retry interval in milliseconds", {
+		default: 500,
+		minimum: 100,
+		maximum: 1e4
+	}).boolean("autoEnable", "Auto-enable network monitoring when currently disabled", { default: false }).boolean("enableExceptions", "When autoEnable=true, also enable uncaught exception monitoring", { default: true }).required("requestId")),
+	tool("network_get_stats", (t) => t.desc("Get network statistics (total requests, response count, error rate, timing)").query()),
+	tool("performance_get_metrics", (t) => t.desc("Get page performance metrics (Web Vitals: FCP, LCP, FID, CLS)").boolean("includeTimeline", "Include detailed timeline events", { default: false }).query()),
+	tool("performance_coverage", (t) => t.desc("Start or stop JavaScript and CSS code coverage recording").enum("action", ["start", "stop"], "Coverage action").required("action")),
+	tool("performance_take_heap_snapshot", (t) => t.desc("Take a V8 heap memory snapshot")),
+	tool("performance_trace", (t) => t.desc(`Chrome Performance Trace recording. Action 'start' begins capture; 'stop' ends and saves trace file.
+
+Captures timeline events (JS execution, layout, paint, rendering) loadable in Chrome DevTools Performance tab.`).enum("action", ["start", "stop"], "Trace action").array("categories", { type: "string" }, "Trace categories (action=start, default: devtools.timeline, v8.execute)").boolean("screenshots", "Capture screenshots during tracing (action=start, default: false)", { default: false }).string("artifactPath", "Custom output path (action=stop)").required("action")),
+	tool("profiler_cpu", (t) => t.desc(`CDP CPU profiling. Action 'start' begins recording; 'stop' ends and saves profile with top hot functions.`).enum("action", ["start", "stop"], "Profiler action").string("artifactPath", "Custom output path (action=stop)").required("action")),
+	tool("profiler_heap_sampling", (t) => t.desc(`V8 heap allocation sampling. Action 'start' begins tracking; 'stop' ends and returns top allocators.`).enum("action", ["start", "stop"], "Sampling action").number("samplingInterval", "Sampling interval bytes (action=start, default: 32768)", {
+		default: 32768,
+		minimum: 256,
+		maximum: 1048576
+	}).string("artifactPath", "Custom output path (action=stop)").number("topN", "Number of top allocators (action=stop, default: 20)", {
+		default: 20,
+		minimum: 1,
+		maximum: 100
+	}).required("action")),
+	tool("console_get_exceptions", (t) => t.desc("Get captured uncaught exceptions from the page").string("url", "Filter by URL substring").number("limit", "Maximum number of exceptions to return", {
+		default: 50,
+		minimum: 1,
+		maximum: 1e3
+	}).readOnly()),
+	tool("console_inject", (t) => t.desc(`Inject an in-page monitor/interceptor. Types:
+- script: Track dynamically created script elements
+- xhr: Capture AJAX request/response data
+- fetch: Capture fetch() calls (useful when CDP misses wrapped fetch)
+- function: Proxy-based tracer for a named global function (requires functionName)`).enum("type", [
+		"script",
+		"xhr",
+		"fetch",
+		"function"
+	], "Injection type").string("functionName", "Global function path to trace (type=function, e.g. \"window.someFunction\")").boolean("persistent", "Survive page navigations via evaluateOnNewDocument (default: false)", { default: false }).required("type").openWorld()),
+	tool("console_buffers", (t) => t.desc("Manage injected interceptor state.").enum("action", ["clear", "reset"], "Buffer action: clear buffers or reset interceptors").required("action")),
+	tool("http_request_build", (t) => t.desc("Build a raw HTTP/1.x request payload with CRLF line endings. Useful for preparing deterministic request text for http_plain_request or other raw socket tools.").string("method", "HTTP method token, e.g. GET, POST, HEAD").string("target", "Request target, such as /path, *, or an absolute-form URL").string("host", "Optional Host header value to inject when addHostHeader is enabled").object("headers", { additionalProperties: { type: "string" } }, "Optional HTTP headers to include in the request").string("body", "Optional UTF-8 request body").enum("httpVersion", ["1.0", "1.1"], "HTTP protocol version to emit. Default: 1.1", { default: "1.1" }).boolean("addHostHeader", "Auto-add the Host header when host is provided", { default: true }).boolean("addContentLength", "Auto-add Content-Length when a body is present and Transfer-Encoding is absent", { default: true }).boolean("addConnectionClose", "Auto-add Connection: close when absent", { default: true }).requiredOpenWorld("method", "target")),
+	tool("http_plain_request", (t) => t.desc("Send a raw HTTP request over plain TCP using deterministic server-side logic with DNS pinning, response parsing, and bounded capture. Non-loopback HTTP targets require explicit request-scoped authorization.").string("host", "Target hostname or IP literal").number("port", "TCP port to connect to. Default: 80", {
+		default: 80,
+		minimum: 1,
+		maximum: 65535
+	}).string("requestText", "Raw HTTP request text to send as UTF-8 bytes").object("authorization", networkAuthorizationSchema, "Request-scoped authorization policy for private-network or insecure-HTTP targets. Use exact hosts/CIDRs instead of process-wide bypasses.").number("timeoutMs", "Socket timeout in milliseconds", {
+		default: 3e4,
+		minimum: 1e3,
+		maximum: 12e4
+	}).number("maxResponseBytes", "Maximum number of raw response bytes to capture before truncating the exchange", {
+		default: 512e3,
+		minimum: 1024,
+		maximum: 10485760
+	}).requiredOpenWorld("host", "requestText")),
+	tool("http2_probe", (t) => t.desc("Probe an HTTP/2 endpoint using Node http2 with deterministic DNS pinning and bounded response capture. Reports the negotiated protocol, ALPN result, response headers, status, and a response body snippet. Non-loopback plaintext h2c targets require explicit request-scoped authorization.").string("url", "Absolute http:// or https:// URL to probe").string("method", "HTTP method token to send. Default: GET").object("headers", { additionalProperties: { type: "string" } }, "Optional request headers to include. Header names are normalized to lowercase for HTTP/2.").string("body", "Optional UTF-8 request body to send with the probe").array("alpnProtocols", { type: "string" }, "Optional ALPN preference list for TLS probes. Default: [\"h2\", \"http/1.1\"].").object("authorization", networkAuthorizationSchema, "Request-scoped authorization policy for private-network or insecure-HTTP targets. Use exact hosts/CIDRs instead of process-wide bypasses.").number("timeoutMs", "Probe timeout in milliseconds", {
+		default: 3e4,
+		minimum: 1e3,
+		maximum: 12e4
+	}).number("maxBodyBytes", "Maximum number of response body bytes to capture for the snippet before truncating", {
+		default: 32768,
+		minimum: 1024,
+		maximum: 1048576
+	}).requiredOpenWorld("url")),
+	tool("http2_frame_build", (t) => t.desc("Build a raw HTTP/2 binary frame of any supported type (DATA, SETTINGS, PING, WINDOW_UPDATE, RST_STREAM, GOAWAY, or RAW). Returns the 9-byte frame header and full frame as hex strings, ready to send over a tcp_write or tls_write channel for protocol-level fuzzing and injection.").string("frameType", "HTTP/2 frame type: DATA, SETTINGS, PING, WINDOW_UPDATE, RST_STREAM, GOAWAY, or RAW").number("streamId", "Stream identifier (0 for connection-level frames). Default: 0", {
+		default: 0,
+		minimum: 0,
+		maximum: 2147483647
+	}).number("flags", "Raw flags byte (0-255). Overrides type-specific defaults when set.", {
+		minimum: 0,
+		maximum: 255
+	}).number("frameTypeCode", "Explicit frame type code for RAW frames (0-255). Required when frameType is RAW.", {
+		minimum: 0,
+		maximum: 255
+	}).string("payloadHex", "Frame payload as a hex string. Mutually exclusive with payloadText.").string("payloadText", "Frame payload as a text string. Mutually exclusive with payloadHex.").string("payloadEncoding", "Encoding for payloadText: utf8 or ascii. Default: utf8").array("settings", {
+		type: "object",
+		properties: {
+			id: { type: "number" },
+			value: { type: "number" }
+		},
+		required: ["id", "value"]
+	}, "Array of {id, value} entries for SETTINGS frames").boolean("ack", "Set the ACK flag on SETTINGS or PING frames").string("pingOpaqueDataHex", "Exactly 8 bytes of opaque data for PING frames (hex string)").number("windowSizeIncrement", "Window size increment for WINDOW_UPDATE frames (1 to 2^31-1)").number("errorCode", "Error code for RST_STREAM or GOAWAY frames (0 to 2^32-1)").number("lastStreamId", "Last stream ID for GOAWAY frames (0 to 2^31-1)").string("debugDataText", "Optional debug data for GOAWAY frames").string("debugDataEncoding", "Encoding for debugDataText: utf8 or ascii. Default: utf8").requiredOpenWorld("frameType")),
+	tool("network_rtt_measure", (t) => t.desc("Measure round-trip time (RTT) to a target URL using TCP, TLS, or HTTP probes. Returns per-sample latencies and aggregate statistics (min/max/mean/median/p95).").string("url", "Target URL to measure RTT to").string("probeType", "Probe type: tcp, tls, or http. Default: tcp", { default: "tcp" }).number("iterations", "Number of probe iterations (1-50). Default: 5", {
+		default: 5,
+		minimum: 1,
+		maximum: 50
+	}).number("timeoutMs", "Per-probe timeout in milliseconds (100-30000). Default: 5000", {
+		default: 5e3,
+		minimum: 100,
+		maximum: 3e4
+	}).object("authorization", { additionalProperties: { type: "string" } }, "Authorization policy for network access").requiredOpenWorld("url")),
+	tool("network_extract_auth", (t) => t.desc("Scan all captured network requests and extract authentication credentials (tokens, cookies, API keys, signatures).\n\nReturns masked values (first 6 + last 4 chars) sorted by confidence.\nSources scanned: request headers, cookies, URL query params, JSON request body.\n\nUSE THIS after capturing traffic to automatically identify:\n- Bearer tokens / JWT tokens\n- Session cookies\n- Custom auth headers (X-Token, X-Signature, X-Api-Key)\n- Signing parameters in request body or query string").number("minConfidence", "Minimum confidence threshold 0-1", {
+		default: .4,
+		minimum: 0,
+		maximum: 1
+	})),
+	tool("network_export_har", (t) => t.desc("Export all captured network traffic as a standard HAR 1.2 file.\n\nHAR (HTTP Archive) files can be opened in:\n- Chrome DevTools (Network tab → Import)\n- Fiddler, Charles Proxy, Wireshark\n- Online HAR viewers\n\nUSE THIS to:\n- Save a complete traffic snapshot for offline analysis\n- Share captured API calls with other tools\n- Reproduce a full session outside the browser").string("outputPath", "File path to write the HAR file. If omitted, returns HAR as JSON.").boolean("includeBodies", "Include response bodies in the HAR (may be slow for large captures). Default: false", { default: false }).openWorld()),
+	tool("network_replay_request", (t) => t.desc("Replay a previously captured network request with optional modifications.\n\nUSE THIS to:\n- Re-send an API call with modified headers (e.g., different auth token)\n- Test how a server responds to altered request bodies\n- Verify that a captured signature is still valid\n- Reproduce a specific API call without navigating again\n\nSecurity: dryRun=true (default) previews what will be sent without actually sending.\nSet dryRun=false to execute the actual request.").string("requestId", "Request ID from network_get_requests to replay").object("headerPatch", { additionalProperties: { type: "string" } }, "Headers to add or override (key-value pairs)").string("bodyPatch", "Replace the entire request body with this string").string("methodOverride", "Override the HTTP method (e.g., change POST to GET)").string("urlOverride", "Override the request URL").object("authorization", networkAuthorizationSchema, "Request-scoped authorization policy for private-network or insecure-HTTP replay. Use exact hosts/CIDRs instead of process-wide bypasses.").string("authorizationCapability", "Base64url-encoded JSON capability for request-scoped authorization. Payload fields mirror authorization and must include requestId.").number("timeoutMs", "Request timeout in milliseconds", {
+		default: 3e4,
+		minimum: 1e3,
+		maximum: 12e4
+	}).boolean("dryRun", "If true (default), only preview the request without sending. Set false to execute.", { default: true }).requiredOpenWorld("requestId")),
+	tool("network_traceroute", (t) => t.desc("ICMP traceroute with per-hop RTT and error classification. Windows: no admin required. Linux/macOS: requires root or CAP_NET_RAW.").string("target", "Target IP address to trace route to").number("maxHops", "Maximum number of hops (1-64). Default: 30", {
+		default: 30,
+		minimum: 1,
+		maximum: 64
+	}).number("timeout", "Per-hop timeout in milliseconds (100-30000). Default: 5000", {
+		default: 5e3,
+		minimum: 100,
+		maximum: 3e4
+	}).number("packetSize", "ICMP echo request payload size in bytes (8-65500). Default: 32", {
+		default: 32,
+		minimum: 8,
+		maximum: 65500
+	}).required("target").query()),
+	tool("network_icmp_probe", (t) => t.desc("ICMP echo probe with TTL control and error classification. Windows: no admin required. Linux/macOS: requires root or CAP_NET_RAW.").string("target", "Target IP address to probe").number("ttl", "Time-to-live value (1-255). Default: 128", {
+		default: 128,
+		minimum: 1,
+		maximum: 255
+	}).number("packetSize", "ICMP echo request payload size in bytes (8-65500). Default: 32", {
+		default: 32,
+		minimum: 8,
+		maximum: 65500
+	}).number("timeout", "Timeout in milliseconds (100-30000). Default: 5000", {
+		default: 5e3,
+		minimum: 100,
+		maximum: 3e4
+	}).required("target").query()),
+	tool("network_intercept", (t) => t.desc(`Manage response interception rules using CDP Fetch domain. Actions: add (create rule), list (show active rules), disable (remove rules).
+
+When adding rules, matched requests receive a custom response instead of the real server response.
+URL patterns support glob (* for segment, ** for any) and regex.
+When all rules are removed, the CDP Fetch domain is automatically disabled.`).enum("action", [
+		"add",
+		"list",
+		"disable"
+	], "Intercept operation").string("urlPattern", "URL pattern to match (action=add). Supports glob (* = segment, ** = any) or regex.").enum("urlPatternType", ["glob", "regex"], "How to interpret urlPattern", { default: "glob" }).enum("stage", ["Request", "Response"], "Intercept stage. Response (default) intercepts after server responds.", { default: "Response" }).number("responseCode", "HTTP status code to return", {
+		default: 200,
+		minimum: 100,
+		maximum: 599
+	}).object("responseHeaders", { additionalProperties: { type: "string" } }, "Custom response headers as key-value pairs.").string("responseBody", "Custom response body string.").array("rules", {
+		type: "object",
+		properties: {
+			urlPattern: { type: "string" },
+			urlPatternType: {
+				type: "string",
+				enum: ["glob", "regex"]
+			},
+			stage: {
+				type: "string",
+				enum: ["Request", "Response"]
+			},
+			responseCode: { type: "number" },
+			responseHeaders: {
+				type: "object",
+				additionalProperties: { type: "string" }
+			},
+			responseBody: { type: "string" }
+		},
+		required: ["urlPattern"]
+	}, "Batch mode: array of rule objects (action=add)").string("ruleId", "ID of the rule to remove (action=disable)").boolean("all", "Set to true to remove all rules and disable interception (action=disable)", { default: false }).required("action"))
+];
+//#endregion
+export { advancedTools as t };

package/dist/definitions-C_4r7Fo-2.mjs

@@ -0,0 +1,14 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/proxy/definitions.ts
+const PROXY_TOOLS = [
+	tool("proxy_start", (t) => t.desc("Start the Mockttp local HTTP/HTTPS proxy server. Generates a local CA if one does not exist for TLS interception.").number("port", "Port to listen on. Defaults to 8080.", { default: 8080 }).boolean("useHttps", "Whether to enable full HTTPS decryption. Defaults to true.", { default: true })),
+	tool("proxy_stop", (t) => t.desc("Stop the running Mockttp proxy server.").destructive()),
+	tool("proxy_status", (t) => t.desc("Get the current status of the proxy server and the generated CA path.").query()),
+	tool("proxy_export_ca", (t) => t.desc("Export the path or raw string of the local CA root certificate so the user can install and trust it on their target test devices.").query()),
+	tool("proxy_add_rule", (t) => t.desc("Add a new interception, forwarding, or mocking rule to the proxy.").string("action", "Action to perform when matched (forward, mock_response, block)").string("method", "HTTP method to match (e.g. GET, POST)", { default: "GET" }).string("urlPattern", "URL pattern to match (can be string or regex format like /api/.*)").number("mockStatus", "Status code to return if action is mock_response", { default: 200 }).string("mockBody", "Body to return if action is mock_response").required("action")),
+	tool("proxy_get_requests", (t) => t.desc("Retrieve the captured HTTP/HTTPS requests from the proxy buffer. You can filter by URL.").string("urlFilter", "Optional partial URL match filter.").query()),
+	tool("proxy_clear_logs", (t) => t.desc("Clear the captured HTTP/HTTPS requests buffer.").resettable()),
+	tool("proxy_setup_adb_device", (t) => t.desc("Configure an Android device via ADB to route traffic through this proxy and inject the CA certificate.").string("deviceSerial", "ADB device serial (optional if only one device is connected)."))
+];
+//#endregion
+export { PROXY_TOOLS as t };

package/dist/definitions-CkFDALoa.mjs

@@ -0,0 +1,26 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/coordination/definitions.ts
+const coordinationTools = [
+	tool("create_task_handoff", (t) => t.desc("Create a sub-task handoff for specialist agent delegation.").array("constraints", { type: "string" }, "Constraints for the specialist").string("targetDomain", "Suggested domain for the specialist").required("description")),
+	tool("complete_task_handoff", (t) => t.desc("Complete a task handoff with results. Transitions status to completed.").string("taskId", "Task ID from create_task_handoff").string("summary", "Concise summary of what was accomplished").array("keyFindings", { type: "string" }, "Key discoveries or results").array("artifacts", { type: "string" }, "Paths to generated artifact files").required("taskId", "summary")),
+	tool("get_task_context", (t) => t.desc("Read task handoff context.").query()),
+	tool("append_session_insight", (t) => t.desc("Append a discovery to the session-level knowledge accumulator shared across handoffs").enum("category", [
+		"auth",
+		"crypto",
+		"api",
+		"anti_debug",
+		"architecture",
+		"vulnerability",
+		"other"
+	], "Insight category").string("content", "The insight content").prop("confidence", {
+		type: "number",
+		description: "Confidence level 0.0-1.0",
+		minimum: 0,
+		maximum: 1
+	}).required("category", "content")),
+	tool("save_page_snapshot", (t) => t.desc("Save current page state (URL, cookies, storage) for checkpoint/restore workflows").string("label", "Human-readable label for this snapshot").readOnly()),
+	tool("restore_page_snapshot", (t) => t.desc("Restore a saved page snapshot — navigates to URL and reinjects cookies and storage").string("snapshotId", "Snapshot ID from save_page_snapshot").required("snapshotId").idempotent()),
+	tool("list_page_snapshots", (t) => t.desc("List all saved page snapshots in the current session").query())
+];
+//#endregion
+export { coordinationTools as t };

package/dist/definitions-Cke7zEb8.mjs

@@ -0,0 +1,94 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/workflow/definitions.ts
+const workflowNetworkPolicySchema = {
+	type: "object",
+	additionalProperties: false,
+	properties: {
+		allowPrivateNetwork: {
+			type: "boolean",
+			description: "Allow access to private/reserved targets only when the request also matches allowedHosts or allowedCidrs."
+		},
+		allowInsecureHttp: {
+			type: "boolean",
+			description: "Allow non-loopback HTTP targets only when the request also matches allowedHosts or allowedCidrs."
+		},
+		allowedHosts: {
+			type: "array",
+			items: { type: "string" },
+			description: "Exact hostname or host:port allowlist for the primary target (for example [\"labs.example.com\", \"localhost:8080\"])."
+		},
+		allowedCidrs: {
+			type: "array",
+			items: { type: "string" },
+			description: "CIDR allowlist applied after DNS resolution (for example [\"10.10.0.0/16\", \"192.168.1.10/32\"])."
+		},
+		allowedRedirectHosts: {
+			type: "array",
+			items: { type: "string" },
+			description: "Optional hostname or host:port allowlist for redirect hops. When omitted, redirects inherit allowedHosts/allowedCidrs."
+		}
+	},
+	description: "Request-level network authorization policy. Use this instead of process-wide bypasses when you need to reach a real lab target, private address, or plain HTTP service."
+};
+const workflowToolDefinitions = [
+	tool("js_bundle_search", (t) => t.desc("Fetch a remote JavaScript bundle and search it with multiple named regex patterns in a single call.\n\nFeatures over bundle_search script:\n- Server-side fetch (no browser CORS constraints)\n- Bundle caching (5-min TTL, keyed by URL) — avoids re-downloading 1MB+ files\n- SVG/base64 false-positive filtering (`stripNoise: true` by default)\n- Per-pattern independent context window (`contextBefore`/`contextAfter`)\n- Up to `maxMatches` hits per pattern\n\nExample:\n  js_bundle_search({\n    url: \"https://assets.example.com/main.js\",\n    patterns: [\n      { name: \"tier_values\",   regex: \"subscription.plus|user_tier\" },\n      { name: \"payment_apis\",  regex: \"/api/v1/payment/[a-z_]+\" },\n      { name: \"setSubscription\", regex: \"setSubscriptionPlus\\\\([^)]{0,80}\\\\)\" }\n    ]\n  })").string("url", "Remote URL of the JavaScript bundle to analyze").array("patterns", {
+		type: "object",
+		properties: {
+			name: {
+				type: "string",
+				description: "Human-readable label for this pattern"
+			},
+			regex: {
+				type: "string",
+				description: "JavaScript regex string"
+			},
+			contextBefore: {
+				type: "number",
+				description: "Characters of context before match (default: 80)"
+			},
+			contextAfter: {
+				type: "number",
+				description: "Characters of context after match (default: 80)"
+			}
+		},
+		required: ["name", "regex"]
+	}, "Named regex patterns to search for").boolean("cacheBundle", "Cache the bundle for 5 minutes to avoid re-downloads", { default: true }).boolean("stripNoise", "Skip matches inside SVG path data or base64 blobs", { default: true }).number("maxMatches", "Maximum matches to return per pattern", {
+		default: 10,
+		minimum: 1,
+		maximum: 1e3
+	}).prop("networkPolicy", workflowNetworkPolicySchema).requiredOpenWorld("url", "patterns")),
+	tool("page_script_register", (t) => t.desc("Register a named reusable JavaScript snippet in the Script Library.\n\nCore ships built-in snippets such as `auth_extract`, `bundle_search`, `react_fill_form`, and `dom_find_upgrade_buttons`.\n\nRegistered scripts are executed with `page_script_run`. Scripts may reference `__params__` (set at call time via page_script_run params).").string("name", "Unique script name (e.g. \"my_extractor\")").string("code", "JavaScript expression/IIFE to register. Use `typeof __params__ !== \"undefined\" ? __params__ : {}` to safely access runtime parameters.").string("description", "Optional human-readable description of the script").required("name", "code")),
+	tool("page_script_run", (t) => t.desc("Execute a named script from the Script Library in the current page context.\n\nOptionally inject runtime parameters accessible as `__params__` inside the script.\n\nExample:\n  page_script_run({ name: \"bundle_search\", params: { url: \"https://cdn.main.js\", patterns: [\"tier\", \"subscription\"] } })\n  page_script_run({ name: \"auth_extract\" })").string("name", "Script name to run (built-in or registered)").prop("params", {
+		type: "object",
+		additionalProperties: true,
+		description: "Optional parameters injected as __params__ (must be JSON-serializable)"
+	}).requiredOpenWorld("name")),
+	tool("api_probe_batch", (t) => t.desc("Probe multiple API endpoints in a single browser-context fetch burst.\n\nAuto-injects Bearer token from localStorage[token] / localStorage[active_token]. Returns status codes, content types, and response snippets for matching statuses. Skips HTML responses (login-redirect false-positives).\n\nReplaces 5–30 individual page_evaluate fetch calls with one tool call.\n\n**ALWAYS start with OpenAPI/Swagger discovery paths first** — a single 200 response gives you the full API schema:\n  \"/docs\", \"/openapi.json\", \"/api/docs\", \"/swagger.json\", \"/api/v1/openapi.json\", \"/api/openapi.json\"\n\nExample:\n  api_probe_batch({ baseUrl: \"https://chat.qwen.ai\", paths: [\"/docs\", \"/openapi.json\", \"/api/v1/users/me\", \"/api/v1/chats/\", \"/api/admin/users\"] })").string("baseUrl", "Base URL prefix (e.g. \"https://chat.qwen.ai\") — trailing slash will be stripped").array("paths", { type: "string" }, "Paths to probe (e.g. [\"/api/v1/users\", \"/api/v1/chats\"])").enum("method", [
+		"GET",
+		"POST",
+		"PUT",
+		"DELETE",
+		"PATCH",
+		"HEAD",
+		"OPTIONS"
+	], "HTTP method for all probes", { default: "GET" }).object("headers", { additionalProperties: { type: "string" } }, "Additional HTTP headers to include in all requests").string("bodyTemplate", "JSON body string to send for POST/PUT/PATCH requests (optional)").array("includeBodyStatuses", { type: "number" }, "Status codes for which to include response body snippet (default: [200, 201, 204])").number("maxBodySnippetLength", "Max characters per response body snippet", {
+		default: 500,
+		minimum: 0,
+		maximum: 1e4
+	}).boolean("autoInjectAuth", "Auto-inject Bearer token from localStorage (token / active_token / access_token).", { default: true }).prop("networkPolicy", workflowNetworkPolicySchema).requiredOpenWorld("baseUrl", "paths")),
+	tool("list_extension_workflows", (t) => t.desc("List runtime-loaded extension workflows discovered from plugins/ or workflows/ directories, including metadata needed before execution.").query()),
+	tool("run_extension_workflow", (t) => t.desc("Execute a runtime-loaded extension workflow contract by workflowId. Supports config overrides, per-node input overrides, and an optional timeout override.").string("workflowId", "Registered extension workflow id to execute").string("profile", "Optional profile label exposed to the workflow execution context").prop("config", {
+		type: "object",
+		additionalProperties: true,
+		description: "Optional config overrides read through ctx.getConfig(path, fallback)"
+	}).prop("nodeInputOverrides", {
+		type: "object",
+		additionalProperties: {
+			type: "object",
+			additionalProperties: true
+		},
+		description: "Optional shallow input overrides keyed by workflow node id"
+	}).number("timeoutMs", "Optional override for total workflow timeout in milliseconds").requiredOpenWorld("workflowId"))
+];
+//#endregion
+export { workflowToolDefinitions as t };

package/dist/definitions-ClJLzsJQ.mjs

@@ -0,0 +1,25 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/maintenance/definitions.ts
+const tokenBudgetTools = [
+	tool("get_token_budget_stats", (t) => t.desc("Get token budget usage stats, warnings, and optimization suggestions").query()),
+	tool("manual_token_cleanup", (t) => t.desc("Clear stale entries and reset counters to free 10-30% of token budget")),
+	tool("reset_token_budget", (t) => t.desc("Hard-reset all token budget counters. Destructive — prefer manual_token_cleanup").destructive())
+];
+const extensionTools = [
+	tool("list_extensions", (t) => t.desc("List all loaded plugins, workflows, and extension tools").query()),
+	tool("reload_extensions", (t) => t.desc("Reload plugins and workflows from configured directories").openWorld()),
+	tool("browse_extension_registry", (t) => t.desc("Browse the remote jshookmcp extension registry").enum("kind", [
+		"plugin",
+		"workflow",
+		"all"
+	], "Filter by extension kind", { default: "all" }).query()),
+	tool("install_extension", (t) => t.desc("Install an extension from the remote registry via git").string("slug", "Extension slug from the registry").string("targetDir", "Target directory override").requiredOpenWorld("slug"))
+];
+const cacheTools = [
+	tool("get_cache_stats", (t) => t.desc("Get cache statistics: entries, sizes, hit rates, and cleanup recommendations").query()),
+	tool("smart_cache_cleanup", (t) => t.desc("Evict LRU and stale entries while preserving hot data").number("targetSize", "Target size in bytes")),
+	tool("clear_all_caches", (t) => t.desc("Clear all internal caches. Destructive — prefer smart_cache_cleanup").destructive())
+];
+const artifactTools = [tool("cleanup_artifacts", (t) => t.desc("Clean generated artifacts using age and size retention rules").number("retentionDays", "Override retention window in days").number("maxTotalBytes", "Override maximum retained bytes").boolean("dryRun", "Preview removals without deleting").destructive()), tool("doctor_environment", (t) => t.desc("Run environment doctor for dependencies, bridge endpoints, and platform limitations").boolean("includeBridgeHealth", "Probe native-bridge / Burp endpoints").readOnly())];
+//#endregion
+export { tokenBudgetTools as i, cacheTools as n, extensionTools as r, artifactTools as t };

package/dist/definitions-Cq-zroAU.mjs

@@ -0,0 +1,28 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/transform/definitions.ts
+const transformsEnum = [
+	"constant_fold",
+	"string_decrypt",
+	"dead_code_remove",
+	"control_flow_flatten",
+	"rename_vars"
+];
+const transformTools = [
+	tool("ast_transform_preview", (t) => t.desc("Preview lightweight AST-like transforms (string/regex based) and return before/after diff.").string("code", "Source code to transform.").array("transforms", {
+		type: "string",
+		enum: transformsEnum
+	}, "Ordered transform list.").boolean("preview", "Whether to generate line diff output.", { default: true }).required("code", "transforms")),
+	tool("ast_transform_chain", (t) => t.desc("Create and store an in-memory transform chain.").string("name", "Chain name.").array("transforms", {
+		type: "string",
+		enum: transformsEnum
+	}, "Ordered transform list.").string("description", "Optional chain description.").required("name", "transforms")),
+	tool("ast_transform_apply", (t) => t.desc("Apply transforms to input code or a live page scriptId.").string("scriptId", "Target script ID from page debugger context.").string("code", "Direct source code input.").string("chainName", "Use a saved transform chain by name.").array("transforms", {
+		type: "string",
+		enum: transformsEnum
+	}, "Direct transform list (used when chainName is not provided).")),
+	tool("crypto_extract_standalone", (t) => t.desc("Extract crypto/sign/encrypt function from current page and generate standalone runnable code.").string("targetFunction", "Target function name/path, e.g. \"window.sign\".").boolean("includePolyfills", "Include minimal runtime polyfills.", { default: true }).required("targetFunction")),
+	tool("crypto_test_harness", (t) => t.desc("Run extracted crypto code in worker_threads + vm sandbox and return deterministic test results.").string("code", "Standalone function code.").string("functionName", "Exported function name to execute.").array("testInputs", { type: "string" }, "Input list for test execution.").required("code", "functionName", "testInputs")),
+	tool("crypto_compare", (t) => t.desc("Compare two crypto implementations against identical test vectors.").string("code1", "Implementation A code.").string("code2", "Implementation B code.").string("functionName", "Function name shared by both implementations.").array("testInputs", { type: "string" }, "Input list for comparison.").required("code1", "code2", "functionName", "testInputs"))
+];
+//#endregion
+export { transformTools as t };

package/dist/definitions-Cy3Sl6gV.mjs

@@ -0,0 +1,34 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/wasm/definitions.ts
+const wasmTools = [
+	tool("wasm_dump", (t) => t.desc("Dump a WebAssembly module from the current browser page.\n\nExtracts the WASM binary via the webassembly-full hook preset, saves it to disk, and returns module metadata (hash, size, imports, exports).\n\nPrerequisites: A page with WASM must be loaded. The webassembly-full hook preset will be auto-injected if not already active.").number("moduleIndex", "Index of the WASM module to dump if multiple were loaded", { default: 0 }).string("outputPath", "Custom output file path. If omitted, auto-generates in artifacts/wasm/")),
+	tool("wasm_disassemble", (t) => t.desc("Disassemble a .wasm file to WebAssembly Text Format (WAT) using wasm2wat.\n\nRequires: wabt toolchain installed (wasm2wat in PATH).\n\nUSE THIS to read WASM bytecode as human-readable text. The output shows all functions, imports, exports, and instructions.").string("inputPath", "Path to the .wasm file to disassemble").string("outputPath", "Output .wat file path. If omitted, auto-generates in artifacts/wasm/").boolean("foldExprs", "Fold expressions for more compact output", { default: true }).required("inputPath")),
+	tool("wasm_decompile", (t) => t.desc("Decompile a .wasm file to C-like pseudo-code using wasm-decompile.\n\nRequires: wabt toolchain installed (wasm-decompile in PATH).\n\nProduces more readable output than WAT, resembling C/JavaScript syntax. Useful for understanding VMP handler logic.").string("inputPath", "Path to the .wasm file to decompile").string("outputPath", "Output file path. If omitted, auto-generates in artifacts/wasm/").required("inputPath")),
+	tool("wasm_inspect_sections", (t) => t.desc("Inspect sections and metadata of a .wasm file using wasm-objdump.\n\nRequires: wabt toolchain installed (wasm-objdump in PATH).\n\nReturns section headers, import/export tables, function signatures, and memory layout.").string("inputPath", "Path to the .wasm file to inspect").enum("sections", [
+		"headers",
+		"details",
+		"disassemble",
+		"all"
+	], "What to dump: headers (section overview), details (full metadata), disassemble (bytecode), all", { default: "details" }).required("inputPath")),
+	tool("wasm_offline_run", (t) => t.desc("Execute a specific exported function from a .wasm file offline using wasmtime or wasmer.\n\nRequires: wasmtime or wasmer installed in PATH.\n\nUSE THIS to run sign/encrypt functions extracted from WASM VMP without a browser. Provide the function name and arguments.\n\nSecurity: Runs in a sandboxed WASM runtime with no filesystem or network access.").string("inputPath", "Path to the .wasm file").string("functionName", "Name of the exported function to invoke (e.g., \"_sign\", \"encrypt\")").array("args", { type: "string" }, "Arguments to pass to the function (will be parsed as integers/floats)").enum("runtime", [
+		"wasmtime",
+		"wasmer",
+		"auto"
+	], "WASM runtime to use. \"auto\" tries wasmtime first, then wasmer", { default: "auto" }).number("timeoutMs", "Execution timeout in ms", { default: 1e4 }).required("inputPath", "functionName")),
+	tool("wasm_optimize", (t) => t.desc("Optimize a .wasm file using binaryen wasm-opt.\n\nRequires: binaryen toolchain installed (wasm-opt in PATH).\n\nApplies optimization passes (dead code elimination, constant folding, etc.) to reduce size and improve performance. Optimized output can be re-injected into the browser.").string("inputPath", "Path to the .wasm file to optimize").string("outputPath", "Output optimized .wasm file path. If omitted, auto-generates in artifacts/wasm/").enum("level", [
+		"O1",
+		"O2",
+		"O3",
+		"O4",
+		"Os",
+		"Oz"
+	], "Optimization level", { default: "O2" }).required("inputPath")),
+	tool("wasm_vmp_trace", (t) => t.desc("Trace WASM VMP (Virtual Machine Protection) opcode execution.\n\nCombines the webassembly-full hook preset with enhanced import call tracing to reconstruct VMP handler tables and execution flows.\n\nUSE THIS when a page uses WASM-based VMP to protect sign/encrypt functions. Returns:\n- Import call sequence (opcode trace)\n- Identified handler patterns\n- Input→output data flow").number("maxEvents", "Maximum import call events to capture", { default: 5e3 }).string("filterModule", "Only trace calls to this import module name (e.g., \"env\", \"wasi_snapshot_preview1\")")),
+	tool("wasm_memory_inspect", (t) => t.desc("Inspect WebAssembly.Memory contents from the browser.\n\nReads the linear memory buffer of the active WASM module, displaying it as hex dump, ASCII, or searching for patterns.\n\nUSE THIS to:\n- Examine WASM memory layout (stack, heap, data segments)\n- Find strings, keys, or encoded data in WASM memory\n- Track how input data is transformed through WASM functions").number("offset", "Starting byte offset to read from", { default: 0 }).number("length", "Number of bytes to read", { default: 256 }).enum("format", [
+		"hex",
+		"ascii",
+		"both"
+	], "Output format", { default: "both" }).string("searchPattern", "Search for this hex pattern or ASCII string in the memory range"))
+];
+//#endregion
+export { wasmTools as t };

package/dist/definitions-D3VsGcvz.mjs

@@ -0,0 +1,47 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/encoding/definitions.ts
+const encodingTools = [
+	tool("binary_detect_format", (t) => t.desc("Detect binary payload format/encoding via magic bytes, encoding heuristics, a...").enum("source", [
+		"base64",
+		"hex",
+		"file",
+		"raw"
+	], "How to interpret input payload").string("filePath", "File path when source=file").string("requestId", "Captured network requestId to resolve response body").required("source").query()),
+	tool("binary_decode", (t) => t.desc("Decode binary payloads into hex, utf8, or json output").string("data", "Input encoded payload").enum("encoding", [
+		"base64",
+		"hex",
+		"url",
+		"protobuf",
+		"msgpack"
+	], "Declared input encoding").enum("outputFormat", [
+		"hex",
+		"utf8",
+		"json"
+	], "Target output format", { default: "hex" }).required("data", "encoding")),
+	tool("binary_encode", (t) => t.desc("Encode utf8/hex/json input into base64/hex/url output").string("data", "Input payload").enum("inputFormat", [
+		"utf8",
+		"hex",
+		"json"
+	], "How to parse input").enum("outputEncoding", [
+		"base64",
+		"hex",
+		"url"
+	], "Desired output encoding").required("data", "inputFormat", "outputEncoding")),
+	tool("binary_entropy_analysis", (t) => t.desc("Compute Shannon entropy + byte frequency to assess plaintext/encoded/compress...").enum("source", [
+		"base64",
+		"hex",
+		"raw",
+		"file"
+	], "How to interpret input payload").string("filePath", "File path when source=file").number("blockSize", "Block size for per-block entropy", {
+		default: 256,
+		minimum: 16,
+		maximum: 8192
+	}).required("source").query()),
+	tool("protobuf_decode_raw", (t) => t.desc("Decode base64 protobuf bytes without schema using wire-type aware recursive parser").string("data", "Base64-encoded protobuf payload").number("maxDepth", "Maximum recursive decode depth", {
+		default: 5,
+		minimum: 1,
+		maximum: 20
+	}).required("data").query())
+];
+//#endregion
+export { encodingTools as t };

package/dist/definitions-DVGfrn7y.mjs

@@ -0,0 +1,96 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/debugger/definitions.tools.core.ts
+const DEBUGGER_CORE_TOOLS = [
+	tool("debugger_lifecycle", (t) => t.desc("Manage the debugger lifecycle (enable or disable)").enum("action", ["enable", "disable"], "Action to perform").required("action").idempotent()),
+	tool("debugger_pause", (t) => t.desc("Pause execution at the next statement")),
+	tool("debugger_resume", (t) => t.desc("Resume execution (continue)")),
+	tool("debugger_step", (t) => t.desc("Step execution: into (enter next call), over (skip next call), out (exit current function).").enum("direction", [
+		"into",
+		"over",
+		"out"
+	], "Step direction").required("direction")),
+	tool("breakpoint", (t) => t.desc(`Manage breakpoints: code (line/script), XHR (URL pattern), event listener, event category, and exception breakpoints.
+
+Actions:
+- set: Create a breakpoint. Type determines required params.
+- remove: Remove a breakpoint by ID.
+- list: List active breakpoints of the given type.
+
+Types & params:
+- code: lineNumber (required), scriptId?, columnNumber?, condition?
+- xhr: urlPattern (required for set)
+- event: eventName (required for set), targetName?
+- event_category: category (required for set)
+- exception: state (required for set)`).enum("action", [
+		"set",
+		"remove",
+		"list"
+	], "Breakpoint operation").enum("type", [
+		"code",
+		"xhr",
+		"event",
+		"event_category",
+		"exception"
+	], "Breakpoint type (default: code)", { default: "code" }).string("scriptId", "Script ID (type=code)").number("lineNumber", "Line number 0-based (type=code, action=set)").number("columnNumber", "Column number 0-based (type=code)").string("condition", "Conditional expression (type=code)").string("urlPattern", "URL pattern with wildcards (type=xhr, action=set)").string("eventName", "Event name e.g. \"click\" (type=event, action=set)").string("targetName", "Target name e.g. \"WebSocket\" (type=event)").enum("category", [
+		"mouse",
+		"keyboard",
+		"timer",
+		"websocket"
+	], "Event category (type=event_category)").enum("state", [
+		"none",
+		"uncaught",
+		"all"
+	], "Exception pause state (type=exception)").string("breakpointId", "Breakpoint ID (action=remove)").required("action").idempotent()),
+	tool("get_call_stack", (t) => t.desc("Get the current call stack (only available when paused at a breakpoint)").query()),
+	tool("debugger_evaluate", (t) => t.desc("Evaluate a JavaScript expression. context=\"frame\" evaluates in the current call frame (requires paused state); context=\"global\" evaluates in the global context (no pause required).").enum("context", ["frame", "global"], "Evaluation context", { default: "frame" }).string("expression", "JavaScript expression to evaluate").string("callFrameId", "Call frame ID (for context=frame; from get_call_stack, defaults to current frame)").requiredOpenWorld("expression")),
+	tool("debugger_wait_for_paused", (t) => t.desc("Wait for the debugger to pause (useful after setting breakpoints and triggering code)").number("timeout", "Timeout in milliseconds (default: 30000)", {
+		default: 3e4,
+		minimum: 1e3,
+		maximum: 12e4
+	}).query()),
+	tool("debugger_get_paused_state", (t) => t.desc("Get the current paused state (check if debugger is paused and why)").query()),
+	tool("get_object_properties", (t) => t.desc("Get all properties of an object (when paused, use objectId from variables)").string("objectId", "Object ID (from get_scope_variables)").required("objectId").query()),
+	tool("get_scope_variables_enhanced", (t) => t.desc(`Enhanced scope variable inspection with deep object traversal.`).string("callFrameId", "Call frame ID (from get_call_stack, defaults to current frame)").boolean("includeObjectProperties", "Expand object properties recursively (default: false)", { default: false }).number("maxDepth", "Maximum traversal depth for nested objects (default: 1)", {
+		default: 1,
+		minimum: 1,
+		maximum: 10
+	}).boolean("skipErrors", "Skip properties that throw errors during access (default: true)", { default: true }).query()),
+	tool("debugger_session", (t) => t.desc("Manage debugger sessions. Actions: save (persist current session to file), load (restore session from file/JSON), export (export session as JSON string), list (list saved sessions in ./debugger-sessions/).").enum("action", [
+		"save",
+		"load",
+		"export",
+		"list"
+	], "Session operation").string("filePath", "File path for save/load actions").string("sessionData", "Session JSON string for load action (alternative to filePath)").object("metadata", {}, "Optional metadata for save/export actions").required("action"))
+];
+//#endregion
+//#region src/server/domains/debugger/definitions.tools.advanced.ts
+const DEBUGGER_ADVANCED_TOOLS = [
+	tool("watch", (t) => t.desc(`Manage watch expressions for monitoring variable values during debugging.
+
+Actions:
+- add: Add a watch expression (requires expression)
+- remove: Remove by watchId
+- list: List all watches
+- evaluate_all: Evaluate all enabled watches (optional callFrameId)
+- clear_all: Clear all watches`).enum("action", [
+		"add",
+		"remove",
+		"list",
+		"evaluate_all",
+		"clear_all"
+	], "Watch operation").string("expression", "JavaScript expression to watch (action=add)").string("name", "Friendly name for the watch (action=add)").string("watchId", "Watch expression ID (action=remove)").string("callFrameId", "Call frame ID (action=evaluate_all)").required("action")),
+	tool("blackbox_add", (t) => t.desc(`Blackbox scripts (skip during debugging)
+
+Usage:
+- Skip third-party library c...`).string("urlPattern", "URL pattern to blackbox (supports wildcards *)").required("urlPattern").idempotent()),
+	tool("blackbox_add_common", (t) => t.desc(`Blackbox all common libraries (one-click)
+
+Includes:
+- jquery, react, vue, an...`).idempotent()),
+	tool("blackbox_list", (t) => t.desc("List all blackboxed patterns").query())
+];
+//#endregion
+//#region src/server/domains/debugger/definitions.tools.ts
+const debuggerTools = [...DEBUGGER_CORE_TOOLS, ...DEBUGGER_ADVANCED_TOOLS];
+//#endregion
+export { debuggerTools as t };