@jshookmcp/jshook 0.2.8 → 0.2.9

package/dist/definitions-6M-eejaT.mjs

@@ -0,0 +1,53 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/platform/definitions.ts
+const platformTools = [
+	tool("miniapp_pkg_scan", (t) => t.desc("扫描本地小程序缓存目录，列出所有 小程序包文件。默认扫描常见 Windows 路径。").string("searchPath", "可选。指定扫描根目录；不提供时使用默认路径（MiniApp/Cache 与 MiniApp/Plugin）。")),
+	tool("miniapp_pkg_unpack", (t) => t.desc("解包 小程序包文件。优先调用外部 外部解包工具，失败时自动降级为纯 Node.js 解析。").string("inputPath", "必填。小程序包文件路径。").string("outputDir", "可选。输出目录；不提供时自动生成 artifacts 临时目录。").required("inputPath")),
+	tool("miniapp_pkg_analyze", (t) => t.desc("分析解包后的小程序结构，提取 pages/subPackages/components/jsFiles/totalSize/appId。").string("unpackedDir", "必填。已解包目录路径。").required("unpackedDir")),
+	tool("asar_extract", (t) => t.desc("提取 Electron app.asar（纯 Node.js 实现，不依赖 @electron/asar）。支持仅列文件模式。").string("inputPath", "必填。asar 文件路径。").string("outputDir", "可选。提取目录；不提供时自动生成 artifacts 临时目录。").boolean("listOnly", "可选。默认 false；true 时仅列出文件清单，不执行提取。", { default: false }).required("inputPath")),
+	tool("electron_inspect_app", (t) => t.desc("分析 Electron 应用结构（.exe 或 app 目录）：package.json、main、preload、dependencies、devToo...").string("appPath", "Path to Electron app (.exe or app directory)").required("appPath")),
+	tool("electron_scan_userdata", (t) => t.desc("扫描指定目录中的所有 JSON 文件，返回 raw 内容。适用于 Electron 应用的用户数据目录（Windows: %APPDATA%, macOS...").string("dirPath", "Directory path to scan for JSON files").number("maxFiles", "可选。最多读取的 JSON 文件数量。默认 20。", {
+		default: 20,
+		minimum: 1,
+		maximum: 1e4
+	}).number("maxFileSizeKB", "可选。单个文件大小上限（KB）。超限文件跳过。默认 1024。", {
+		default: 1024,
+		minimum: 1,
+		maximum: 102400
+	}).required("dirPath").query()),
+	tool("asar_search", (t) => t.desc("在 ASAR 归档内执行正则搜索。Agent 提供 pattern，工具返回匹配文件路径和行内容。").string("inputPath", "必填。ASAR 文件路径。").string("pattern", "必填。正则表达式字符串。").string("fileGlob", "可选。文件扩展名过滤。默认 *.js。", { default: "*.js" }).number("maxResults", "可选。最大返回匹配数。默认 100。", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).required("inputPath", "pattern").query()),
+	tool("electron_check_fuses", (t) => t.desc("检测 Electron 可执行文件中的 fuse 配置状态（ASAR 完整性校验、RunAsNode 等）。").string("exePath", "必填。Electron .exe 文件路径。").required("exePath").query()),
+	tool("electron_patch_fuses", (t) => t.desc("Patch Electron binary fuses to enable/disable debug capabilities.").string("exePath", "Electron .exe file path").enum("profile", ["debug", "custom"], "Patch profile. \"debug\" enables debug-related fuses. \"custom\" requires a fuses object.", { default: "debug" }).object("fuses", {}, "For profile=\"custom\". Map of fuse names to ENABLE/DISABLE. E.g. {\"RunAsNode\": \"ENABLE\"}.").boolean("createBackup", "Create a .exe.bak backup before patching.", { default: true }).required("exePath").destructive()),
+	tool("v8_bytecode_decompile", (t) => t.desc("Decompile V8 bytecode (.jsc / bytenode) files. Uses view8 Python package for ...").string("filePath", "Path to .jsc bytecode file").required("filePath").query()),
+	tool("electron_launch_debug", (t) => t.desc("Launch Electron app with dual CDP debugging: --inspect for main process (Node...").string("exePath", "Electron .exe file path").number("mainPort", "Main process inspect port.", {
+		default: 9229,
+		minimum: 1,
+		maximum: 65535
+	}).number("rendererPort", "Renderer remote debugging port.", {
+		default: 9222,
+		minimum: 1,
+		maximum: 65535
+	}).array("args", { type: "string" }, "Extra command-line arguments.").boolean("skipFuseCheck", "Skip fuse status check.", { default: false }).number("waitMs", "Milliseconds to wait for CDP ports.", {
+		default: 8e3,
+		minimum: 1e3,
+		maximum: 12e4
+	}).requiredOpenWorld("exePath")),
+	tool("electron_debug_status", (t) => t.desc("Check status of dual-CDP debug sessions launched by electron_launch_debug.").string("sessionId", "Optional. Check specific session. Omit to list all.").query()),
+	tool("electron_ipc_sniff", (t) => t.desc("Sniff Electron IPC messages by injecting hooks into ipcRenderer via CDP.").enum("action", [
+		"start",
+		"dump",
+		"stop",
+		"list",
+		"guide"
+	], "Action to perform.", { default: "guide" }).number("port", "Renderer CDP port (--remote-debugging-port).", {
+		default: 9222,
+		minimum: 1,
+		maximum: 65535
+	}).string("sessionId", "Session ID for dump/stop.").boolean("clear", "Clear captured messages after dump.", { default: true }).openWorld())
+];
+//#endregion
+export { platformTools as t };

package/dist/definitions-B18eyf0B.mjs

@@ -0,0 +1,18 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/antidebug/definitions.ts
+const antidebugTools = [tool("antidebug_bypass", (t) => t.desc("Bypass one or more anti-debug protection types. Specify types to apply; omit or use [\"all\"] to apply all bypasses. Types: all, debugger_statement, timing, stack_trace, console_detect.").array("types", {
+	type: "string",
+	enum: [
+		"all",
+		"debugger_statement",
+		"timing",
+		"stack_trace",
+		"console_detect"
+	]
+}, "Bypass types to apply (default: [\"all\"])").boolean("persistent", "Inject persistently for future documents", { default: true }).enum("mode", ["remove", "noop"], "Debugger statement mode (for debugger_statement type)", { default: "remove" }).number("maxDrift", "Max timing drift per call in ms (for timing type)", {
+	default: 50,
+	minimum: 0,
+	maximum: 1e4
+}).array("filterPatterns", { type: "string" }, "Additional stack frame patterns to filter (for stack_trace type)")), tool("antidebug_detect_protections", (t) => t.desc("Detect anti-debug protections in current page with bypass recommendations"))];
+//#endregion
+export { antidebugTools as t };

package/dist/definitions-B3QdlrHv.mjs

@@ -0,0 +1,34 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/shared-state-board/definitions.ts
+const sharedStateBoardTools = [
+	tool("state_board", (t) => t.desc(`Unified shared state board for cross-agent key-value coordination.
+
+Actions:
+- set: Store a value (requires key, value)
+- get: Retrieve a value (requires key)
+- delete: Remove a value (requires key)
+- list: List all entries (optional namespace filter)
+- history: Get change log for a key (requires key)
+- clear: Remove entries (optional namespace/keyPattern filter)`).enum("action", [
+		"set",
+		"get",
+		"delete",
+		"list",
+		"history",
+		"clear"
+	], "Operation to perform").string("key", "Key name (required for set/get/delete/history)").prop("value", {
+		type: "object",
+		description: "Value to store — any JSON-serializable type (action=set)"
+	}).string("namespace", "Namespace for key isolation (default: \"default\")").number("ttlSeconds", "TTL in seconds — value expires after this duration (action=set)").boolean("includeValues", "Include current values in list response (action=list)", { default: false }).number("limit", "Maximum history entries to return (action=history)", { default: 50 }).string("keyPattern", "Key pattern filter with * wildcard (action=clear)").required("action")),
+	tool("state_board_watch", (t) => t.desc("Watch a key or pattern for changes. This is a POLL-based watch — call state_board_watch with action=poll and the returned watchId to check for changes. No server-side push; the caller must poll periodically.").enum("action", [
+		"start",
+		"poll",
+		"stop"
+	], "Watch operation: start watching, poll for changes, or stop watching").string("key", "The key or pattern to watch (action=start)").string("namespace", "Optional namespace (default: \"default\")").number("pollIntervalMs", "Polling interval in ms (action=start, default: 1000)").string("watchId", "Watch ID to stop (action=stop)").required("action")),
+	tool("state_board_io", (t) => t.desc("Export or import state board entries.").enum("action", ["export", "import"], "IO operation").string("namespace", "Optional namespace filter for export / target namespace for import (default: all/\"default\")").string("keyPattern", "Optional key pattern filter for export (supports * wildcard)").prop("data", {
+		type: "object",
+		description: "Object with keys and values to import (action=import)"
+	}).boolean("overwrite", "Overwrite existing keys on import (default: false)").required("action"))
+];
+//#endregion
+export { sharedStateBoardTools as t };

package/dist/definitions-B4rAvHNZ.mjs

@@ -0,0 +1,63 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/process/definitions.ts
+/**
+* Process Manager Tool Definitions
+* MCP tools for cross-platform process management and debugging
+*/
+const processToolDefinitions = [
+	tool("process_windows", (t) => t.desc("Get all window handles for a process.").number("pid", "Process ID to get windows for").required("pid")),
+	tool("process_check_debug_port", (t) => t.desc("Check if a process has a debug port enabled for CDP attachment.").number("pid", "Process ID to check").required("pid")),
+	tool("process_launch_debug", (t) => t.desc("Launch an executable with remote debugging port enabled.").string("executablePath", "Full path to the executable to launch").number("debugPort", "Debug port to use", {
+		default: 9222,
+		minimum: 1,
+		maximum: 65535
+	}).array("args", { type: "string" }, "Additional command line arguments").required("executablePath")),
+	tool("memory_read", (t) => t.desc("Read memory from a process at a specific address. Requires elevated privileges.").string("address", "Memory address to read (hex string like \"0x12345678\")").number("size", "Number of bytes to read").required("pid", "address", "size")),
+	tool("memory_write", (t) => t.desc("Write data to process memory at a specific address. Requires elevated privileges.").string("address", "Memory address to write to (hex string like \"0x12345678\")").string("data", "Data to write (hex string or base64)").enum("encoding", ["hex", "base64"], "Encoding of the data parameter", { default: "hex" }).required("pid", "address", "data")),
+	tool("memory_scan", (t) => t.desc("Scan process memory for a pattern or value. Requires elevated privileges.").string("pattern", "Pattern to search for (hex bytes like \"48 8B 05\" or value)").enum("patternType", [
+		"hex",
+		"int32",
+		"int64",
+		"float",
+		"double",
+		"string"
+	], "Type of pattern to search", { default: "hex" }).boolean("suspendTarget", "Suspend the target process during scan for a consistent memory snapshot (default: false)", { default: false }).required("pid", "pattern")),
+	tool("memory_check_protection", (t) => t.desc("Check memory protection flags at a specific address.").string("address", "Memory address to check (hex string like \"0x12345678\")").required("pid", "address")),
+	tool("memory_scan_filtered", (t) => t.desc("Scan memory within a filtered set of addresses (secondary scan).").string("pattern", "Pattern to search for").array("addresses", { type: "string" }, "List of addresses to scan within (from previous scan)").enum("patternType", [
+		"hex",
+		"int32",
+		"int64",
+		"float",
+		"double",
+		"string"
+	], "Type of pattern to search", { default: "hex" }).required("pid", "pattern", "addresses")),
+	tool("memory_batch_write", (t) => t.desc("Write multiple memory patches at once.").number("pid", "Target process ID").array("patches", {
+		type: "object",
+		properties: {
+			address: {
+				type: "string",
+				description: "Memory address (hex)"
+			},
+			data: {
+				type: "string",
+				description: "Data to write"
+			},
+			encoding: {
+				type: "string",
+				enum: ["hex", "base64"],
+				default: "hex"
+			}
+		},
+		required: ["address", "data"]
+	}, "Array of patches to apply").required("pid", "patches")),
+	tool("memory_dump_region", (t) => t.desc("Dump a memory region to a file for analysis.").number("pid", "Target process ID").string("address", "Start address (hex)").number("size", "Number of bytes to dump").string("outputPath", "Output file path").required("pid", "address", "size", "outputPath")),
+	tool("memory_list_regions", (t) => t.desc("List all memory regions in a process with protection flags.").number("pid", "Target process ID").required("pid")),
+	tool("memory_audit_export", (t) => t.desc("Export the in-memory audit trail for memory operations as JSON.")),
+	tool("inject_dll", (t) => t.desc("Inject a DLL into a target process using CreateRemoteThread + LoadLibraryA (W...").string("dllPath", "Full path to the DLL file to inject").required("pid", "dllPath")),
+	tool("inject_shellcode", (t) => t.desc("Inject and execute shellcode in a target process.").string("shellcode", "Shellcode bytes (hex string or base64)").enum("encoding", ["hex", "base64"], "Encoding of shellcode", { default: "hex" }).required("pid", "shellcode")),
+	tool("check_debug_port", (t) => t.desc("Check if a process is being debugged using NtQueryInformationProcess (ProcessDebugPort).").number("pid", "Target process ID").required("pid")),
+	tool("enumerate_modules", (t) => t.desc("List all loaded modules (DLLs) in a process with their base addresses.").number("pid", "Target process ID").required("pid")),
+	tool("electron_attach", (t) => t.desc("Connect to a running Electron app (VS Code, Cursor, etc.) via CDP and inspect...").string("pageUrl", "Filter pages by URL substring (e.g. \"extension-host\" to target VS Code extension host)"))
+];
+//#endregion
+export { processToolDefinitions as t };

package/dist/definitions-BB_4jnmy.mjs

@@ -0,0 +1,37 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/streaming/definitions.ts
+const streamingTools = [
+	tool("ws_monitor", (t) => t.desc("Enable or disable WebSocket frame capture via CDP Network events.").enum("action", ["enable", "disable"], "Monitor action").string("urlFilter", "Regex filter for WebSocket URL (action=enable)").number("maxFrames", "Maximum frames in memory (action=enable, default: 1000)", {
+		default: 1e3,
+		minimum: 1,
+		maximum: 1e5
+	}).required("action").destructive()),
+	tool("ws_get_frames", (t) => t.desc("Get captured WebSocket frames with pagination and payload filter").enum("direction", [
+		"sent",
+		"received",
+		"all"
+	], "Frame direction filter", { default: "all" }).number("limit", "Maximum frames to return", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).number("offset", "Pagination offset", {
+		default: 0,
+		minimum: 0
+	}).string("payloadFilter", "Regex filter on frame payload").readOnly()),
+	tool("ws_get_connections", (t) => t.desc("Get tracked WebSocket connections and frame counts").readOnly()),
+	tool("sse_monitor_enable", (t) => t.desc("Enable SSE monitoring by injecting EventSource interceptor").string("urlFilter", "Regex filter for EventSource URL").number("maxEvents", "Maximum SSE events in memory", {
+		default: 2e3,
+		minimum: 1,
+		maximum: 1e5
+	}).boolean("persistent", "Survive page navigations via evaluateOnNewDocument")),
+	tool("sse_get_events", (t) => t.desc("Get captured SSE events with filters and pagination").string("sourceUrl", "Filter by EventSource URL").string("eventType", "Filter by SSE event type").number("limit", "Maximum events", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).number("offset", "Pagination offset", {
+		default: 0,
+		minimum: 0
+	}).readOnly())
+];
+//#endregion
+export { streamingTools as t };

package/dist/definitions-BMfYXoNC.mjs

@@ -0,0 +1,43 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/hooks/definitions.ts
+const aiHookTools = [tool("ai_hook", (t) => t.desc("Manage AI hooks. Actions: inject (inject code into page), get_data (retrieve captured hook data), list (all active hooks), clear (remove hook data by id or all), toggle (enable/disable a hook), export (export data as JSON/CSV).").enum("action", [
+	"inject",
+	"get_data",
+	"list",
+	"clear",
+	"toggle",
+	"export"
+], "Operation to perform").string("hookId", "Hook identifier (required for inject/get_data/toggle; optional for clear/export)").string("code", "Hook code to inject (required for action=inject)").enum("method", ["evaluateOnNewDocument", "evaluate"], "Injection method (for action=inject)", { default: "evaluate" }).boolean("enabled", "Enable or disable hook (required for action=toggle)").enum("format", ["json", "csv"], "Export format (for action=export)", { default: "json" }).required("action"))];
+const hookPresetTools = [tool("hook_preset", (t) => t.desc("Install a pre-built JavaScript hook from 20+ built-in presets (eval, atob/btoa, Proxy, Reflect, Object.defineProperty, etc.), or provide customTemplate/customTemplates to install your own reusable hook bodies. Use listPresets=true to see all available preset descriptions.").string("preset", "Single preset name to install. Accepts built-in preset ids or ids provided by customTemplate/customTemplates.").array("presets", { type: "string" }, "List of preset names to install simultaneously. Accepts built-in ids and custom template ids.").prop("customTemplate", {
+	type: "object",
+	properties: {
+		id: {
+			type: "string",
+			description: "Stable preset id, for example deobfuscation-sinks"
+		},
+		description: {
+			type: "string",
+			description: "Human-readable description for listPresets output."
+		},
+		body: {
+			type: "string",
+			description: "Hook body snippet inserted into the preset wrapper."
+		}
+	},
+	required: ["id", "body"],
+	description: "Inline custom template. body should contain the hook body inserted into the standard buildHookCode wrapper. Use {{STACK_CODE}} and {{LOG_FN}} placeholders when needed."
+}).prop("customTemplates", {
+	type: "array",
+	items: {
+		type: "object",
+		properties: {
+			id: { type: "string" },
+			description: { type: "string" },
+			body: { type: "string" }
+		},
+		required: ["id", "body"]
+	},
+	description: "List of inline custom templates to register for this invocation."
+}).boolean("captureStack", "Include call stack in captured data (has performance impact)", { default: false }).boolean("logToConsole", "Log hook events to browser console", { default: true }).enum("method", ["evaluate", "evaluateOnNewDocument"], "Injection method: evaluate=current page, evaluateOnNewDocument=before page scripts", { default: "evaluate" }).boolean("listPresets", "Set to true to list all available presets with descriptions instead of installing.", { default: false }))];
+//#endregion
+export { hookPresetTools as n, aiHookTools as t };

package/dist/definitions-Beid2EB3.mjs

@@ -0,0 +1,27 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/graphql/definitions.ts
+const graphqlTools = [
+	tool("call_graph_analyze", (t) => t.desc("Analyze runtime function call graph from in-page traces").number("maxDepth", "Maximum stack-derived edge depth", { default: 5 }).string("filterPattern", "Regex filter for function names").query()),
+	tool("script_replace_persist", (t) => t.desc("Persistently replace matching script responses via request interception").string("url", "Script URL match pattern").string("replacement", "Replacement JavaScript source").enum("matchType", [
+		"exact",
+		"contains",
+		"regex"
+	], "URL matching strategy", { default: "contains" }).requiredOpenWorld("url", "replacement")),
+	tool("graphql_introspect", (t) => t.desc("Run GraphQL introspection query against a target endpoint").string("endpoint", "GraphQL endpoint URL").prop("headers", {
+		type: "object",
+		description: "Custom request headers",
+		additionalProperties: { type: "string" }
+	}).boolean("useBrowser", "Use the active browser session for fetch so cookies and CSRF/app-injected headers are preserved. Set false to force a Node-side fetch.", { default: true }).requiredOpenWorld("endpoint")),
+	tool("graphql_extract_queries", (t) => t.desc("Extract GraphQL queries/mutations from captured network traces").number("limit", "Maximum extracted operations", { default: 50 }).query()),
+	tool("graphql_replay", (t) => t.desc("Replay a GraphQL operation with optional variables via in-page fetch").string("endpoint", "GraphQL endpoint URL").string("query", "GraphQL query/mutation string").prop("variables", {
+		type: "object",
+		description: "GraphQL variables",
+		additionalProperties: true
+	}).string("operationName", "GraphQL operationName").prop("headers", {
+		type: "object",
+		description: "Custom request headers",
+		additionalProperties: { type: "string" }
+	}).boolean("useBrowser", "Use the active browser session for fetch so cookies and CSRF/app-injected headers are preserved. Set false to force a Node-side fetch.", { default: true }).requiredOpenWorld("endpoint", "query"))
+];
+//#endregion
+export { graphqlTools as t };

package/dist/definitions-C1UvM5Iy.mjs

@@ -0,0 +1,126 @@
+import { t as tool } from "./tool-builder-DCbIC5Eo.mjs";
+//#region src/server/domains/analysis/definitions.ts
+const webcrackMappingsSchema = {
+	type: "array",
+	description: "Remapping rules for unpacked bundle module paths",
+	items: {
+		type: "object",
+		properties: {
+			path: {
+				type: "string",
+				description: "New module path when matched"
+			},
+			pattern: {
+				type: "string",
+				description: "Match text or regex"
+			},
+			matchType: {
+				type: "string",
+				enum: [
+					"includes",
+					"regex",
+					"exact"
+				],
+				description: "How to interpret pattern",
+				default: "includes"
+			},
+			target: {
+				type: "string",
+				enum: ["code", "path"],
+				description: "Match against source code or module path",
+				default: "code"
+			}
+		},
+		required: ["path", "pattern"]
+	}
+};
+/** Shared webcrack options added to a builder */
+function withWebcrackOpts(b) {
+	return b.boolean("unpack", "Unpack webpack/browserify bundles", { default: true }).boolean("unminify", "Reformat and unminify code", { default: true }).boolean("jsx", "Decompile React.createElement to JSX", { default: true }).boolean("mangle", "Rename obfuscated identifiers", { default: false }).string("outputDir", "Directory to save deobfuscated artifacts").boolean("forceOutput", "Remove outputDir before saving", { default: false }).boolean("includeModuleCode", "Include module source in bundle output", { default: false }).number("maxBundleModules", "Maximum bundle modules to return", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).prop("mappings", webcrackMappingsSchema);
+}
+const coreTools = [
+	tool("collect_code", (t) => t.desc("Collect JavaScript from a target website in summary, priority, incremental, o...").boolean("includeInline", "Include inline scripts", { default: true }).boolean("includeExternal", "Include external scripts", { default: true }).boolean("includeDynamic", "Include dynamically loaded scripts", { default: false }).enum("smartMode", [
+		"summary",
+		"priority",
+		"incremental",
+		"full"
+	], "Collection mode", { default: "full" }).boolean("compress", "Enable compression", { default: false }).number("maxTotalSize", "Maximum total size in bytes", {
+		default: 2097152,
+		minimum: 1024,
+		maximum: 10485760
+	}).number("maxFileSize", "Maximum single file size in KB", {
+		default: 500,
+		minimum: 1,
+		maximum: 102400
+	}).array("priorities", { type: "string" }, "Preferred URL patterns for priority mode").boolean("returnSummaryOnly", "Return summary only", { default: false }).string("url", "Target URL to collect scripts from").requiredOpenWorld("url")),
+	tool("search_in_scripts", (t) => t.desc("Search collected scripts by keyword or regex pattern").string("keyword", "Search keyword or regex pattern").boolean("isRegex", "Treat keyword as regex", { default: false }).boolean("caseSensitive", "Case-sensitive search", { default: false }).number("contextLines", "Context lines around each match", {
+		default: 3,
+		minimum: 0,
+		maximum: 50
+	}).number("maxMatches", "Maximum matches", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).boolean("returnSummary", "Return summary instead of full payload", { default: false }).number("maxContextSize", "Max response size before summary fallback", {
+		default: 5e4,
+		minimum: 1e3,
+		maximum: 1e6
+	}).required("keyword").query()),
+	tool("extract_function_tree", (t) => t.desc("Extract a function and its dependency tree from collected scripts").string("scriptId", "Script identifier").string("functionName", "Function name to extract").number("maxDepth", "Maximum dependency traversal depth", {
+		default: 3,
+		minimum: 1,
+		maximum: 20
+	}).number("maxSize", "Maximum output size in KB", {
+		default: 500,
+		minimum: 1,
+		maximum: 10240
+	}).boolean("includeComments", "Include comments in extracted source", { default: true }).required("scriptId", "functionName")),
+	tool("deobfuscate", (t) => withWebcrackOpts(t.desc("Run webcrack-powered JavaScript deobfuscation with bundle unpacking. Use engine=\"webcrack\" for aggressive VM/advanced options.").string("code", "Obfuscated JavaScript source").enum("engine", ["auto", "webcrack"], "Deobfuscation engine", { default: "auto" }).enum("llm", ["gpt-4", "claude"], "Preferred LLM for analysis", { default: "gpt-4" }).boolean("aggressive", "Aggressive deobfuscation strategy", { default: false }).boolean("detectOnly", "Detect only without transformation (webcrack engine)", { default: false }).boolean("aggressiveVM", "Aggressive VM deobfuscation (webcrack engine)", { default: false }).boolean("useASTOptimization", "Apply AST optimization after transformation (webcrack engine)", { default: true }).number("timeout", "Operation timeout in ms (webcrack engine)", {
+		default: 6e4,
+		minimum: 1e3,
+		maximum: 12e4
+	})).required("code")),
+	tool("understand_code", (t) => t.desc("Run semantic code analysis for structure, behavior, and risks").string("code", "Source code to analyze").prop("context", {
+		type: "object",
+		description: "Additional contextual data"
+	}).enum("focus", [
+		"structure",
+		"business",
+		"security",
+		"all"
+	], "Analysis focus", { default: "all" }).required("code")),
+	tool("detect_crypto", (t) => t.desc("Detect cryptographic algorithms and usage patterns in source code").string("code", "Source code for crypto analysis").required("code").query()),
+	tool("manage_hooks", (t) => t.desc("Create, inspect, and clear JavaScript runtime hooks").enum("action", [
+		"create",
+		"list",
+		"records",
+		"clear"
+	], "Hook management operation").string("target", "Hook target identifier").enum("type", [
+		"function",
+		"xhr",
+		"fetch",
+		"websocket",
+		"localstorage",
+		"cookie"
+	], "Hook target type").enum("hookAction", [
+		"log",
+		"block",
+		"modify"
+	], "Hook behavior", { default: "log" }).string("customCode", "Custom JavaScript hook payload").string("hookId", "Hook identifier").requiredOpenWorld("action")),
+	tool("detect_obfuscation", (t) => t.desc("Detect obfuscation techniques in JavaScript source").string("code", "Source code to inspect").boolean("generateReport", "Include human-readable report", { default: true }).required("code").query()),
+	tool("webcrack_unpack", (t) => withWebcrackOpts(t.desc("Run webcrack bundle unpacking and return extracted module graph").string("code", "Bundled or obfuscated JavaScript source")).required("code")),
+	tool("clear_collected_data", (t) => t.desc("Clear collected script data, caches, and in-memory indexes").destructive()),
+	tool("get_collection_stats", (t) => t.desc("Get collection, cache, and compression statistics").query()),
+	tool("webpack_enumerate", (t) => t.desc("Enumerate webpack modules in current page and search for keywords").string("searchKeyword", "Keyword to search across module exports").boolean("forceRequireAll", "Force-require every module", { default: false }).number("maxResults", "Maximum matching modules", {
+		default: 20,
+		minimum: 1,
+		maximum: 1e4
+	}).openWorld()),
+	tool("llm_suggest_names", (t) => t.desc("Use client LLM (via MCP sampling) to suggest meaningful names for obfuscated ...").array("identifiers", { type: "string" }, "Array of obfuscated identifier names to rename").required("code", "identifiers").readOnly())
+];
+//#endregion
+export { coreTools as t };