@jshookmcp/jshook 0.2.8 → 0.3.0

package/dist/definitions-CDOg_b-l.mjs

@@ -0,0 +1,138 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/analysis/definitions.ts
+const webcrackMappingsSchema = {
+	type: "array",
+	description: "Remapping rules for unpacked bundle module paths",
+	items: {
+		type: "object",
+		properties: {
+			path: {
+				type: "string",
+				description: "New module path when matched"
+			},
+			pattern: {
+				type: "string",
+				description: "Match text or regex"
+			},
+			matchType: {
+				type: "string",
+				enum: [
+					"includes",
+					"regex",
+					"exact"
+				],
+				description: "How to interpret pattern",
+				default: "includes"
+			},
+			target: {
+				type: "string",
+				enum: ["code", "path"],
+				description: "Match against source code or module path",
+				default: "code"
+			}
+		},
+		required: ["path", "pattern"]
+	}
+};
+/** Shared webcrack options added to a builder */
+function withWebcrackOpts(b) {
+	return b.boolean("unpack", "Unpack webpack/browserify bundles", { default: true }).boolean("unminify", "Reformat and unminify code", { default: true }).boolean("jsx", "Decompile React.createElement to JSX", { default: true }).boolean("mangle", "Rename obfuscated identifiers", { default: false }).string("outputDir", "Directory to save deobfuscated artifacts").boolean("forceOutput", "Remove outputDir before saving", { default: false }).boolean("includeModuleCode", "Include module source in bundle output", { default: false }).number("maxBundleModules", "Maximum bundle modules to return", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).prop("mappings", webcrackMappingsSchema);
+}
+const coreTools = [
+	tool("collect_code", (t) => t.desc("Collect JavaScript from a target website in summary, priority, incremental, o...").boolean("includeInline", "Include inline scripts", { default: true }).boolean("includeExternal", "Include external scripts", { default: true }).boolean("includeDynamic", "Include dynamically loaded scripts", { default: false }).enum("smartMode", [
+		"summary",
+		"priority",
+		"incremental",
+		"full"
+	], "Collection mode", { default: "full" }).boolean("compress", "Enable compression", { default: false }).number("maxTotalSize", "Maximum total size in bytes", {
+		default: 2097152,
+		minimum: 1024,
+		maximum: 10485760
+	}).number("maxFileSize", "Maximum single file size in KB", {
+		default: 500,
+		minimum: 1,
+		maximum: 102400
+	}).array("priorities", { type: "string" }, "Preferred URL patterns for priority mode").boolean("returnSummaryOnly", "Return summary only", { default: false }).string("url", "Target URL to collect scripts from").requiredOpenWorld("url")),
+	tool("search_in_scripts", (t) => t.desc("Search collected scripts by keyword or regex pattern").string("keyword", "Search keyword or regex pattern").boolean("isRegex", "Treat keyword as regex", { default: false }).boolean("caseSensitive", "Case-sensitive search", { default: false }).number("contextLines", "Context lines around each match", {
+		default: 3,
+		minimum: 0,
+		maximum: 50
+	}).number("maxMatches", "Maximum matches", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).boolean("returnSummary", "Return summary instead of full payload", { default: false }).number("maxContextSize", "Max response size before summary fallback", {
+		default: 5e4,
+		minimum: 1e3,
+		maximum: 1e6
+	}).required("keyword").query()),
+	tool("extract_function_tree", (t) => t.desc("Extract a function and its dependency tree from collected scripts").string("scriptId", "Script identifier").string("functionName", "Function name to extract").number("maxDepth", "Maximum dependency traversal depth", {
+		default: 3,
+		minimum: 1,
+		maximum: 20
+	}).number("maxSize", "Maximum output size in KB", {
+		default: 500,
+		minimum: 1,
+		maximum: 10240
+	}).boolean("includeComments", "Include comments in extracted source", { default: true }).required("scriptId", "functionName")),
+	tool("deobfuscate", (t) => withWebcrackOpts(t.desc("Run webcrack-powered JavaScript deobfuscation with bundle unpacking. Use engine=\"webcrack\" for aggressive VM/advanced options.").string("code", "Obfuscated JavaScript source").enum("engine", ["auto", "webcrack"], "Deobfuscation engine", { default: "auto" }).enum("llm", ["gpt-4", "claude"], "Preferred LLM for analysis", { default: "gpt-4" }).boolean("aggressive", "Aggressive deobfuscation strategy", { default: false }).boolean("detectOnly", "Detect only without transformation (webcrack engine)", { default: false }).boolean("aggressiveVM", "Aggressive VM deobfuscation (webcrack engine)", { default: false }).boolean("useASTOptimization", "Apply AST optimization after transformation (webcrack engine)", { default: true }).number("timeout", "Operation timeout in ms (webcrack engine)", {
+		default: 6e4,
+		minimum: 1e3,
+		maximum: 12e4
+	})).required("code")),
+	tool("understand_code", (t) => t.desc("Run semantic code analysis for structure, behavior, and risks").string("code", "Source code to analyze").prop("context", {
+		type: "object",
+		description: "Additional contextual data"
+	}).enum("focus", [
+		"structure",
+		"business",
+		"security",
+		"all"
+	], "Analysis focus", { default: "all" }).required("code")),
+	tool("detect_crypto", (t) => t.desc("Detect cryptographic algorithms and usage patterns in source code").string("code", "Source code for crypto analysis").required("code").query()),
+	tool("manage_hooks", (t) => t.desc("Create, inspect, and clear JavaScript runtime hooks").enum("action", [
+		"create",
+		"list",
+		"records",
+		"clear"
+	], "Hook management operation").string("target", "Hook target identifier").enum("type", [
+		"function",
+		"xhr",
+		"fetch",
+		"websocket",
+		"localstorage",
+		"cookie"
+	], "Hook target type").enum("hookAction", [
+		"log",
+		"block",
+		"modify"
+	], "Hook behavior", { default: "log" }).string("customCode", "Custom JavaScript hook payload").string("hookId", "Hook identifier").requiredOpenWorld("action")),
+	tool("detect_obfuscation", (t) => t.desc("Detect obfuscation techniques in JavaScript source").string("code", "Source code to inspect").boolean("generateReport", "Include human-readable report", { default: true }).required("code").query()),
+	tool("webcrack_unpack", (t) => withWebcrackOpts(t.desc("Run webcrack bundle unpacking and return extracted module graph").string("code", "Bundled or obfuscated JavaScript source")).required("code")),
+	tool("clear_collected_data", (t) => t.desc("Clear collected script data, caches, and in-memory indexes").destructive()),
+	tool("get_collection_stats", (t) => t.desc("Get collection, cache, and compression statistics").query()),
+	tool("webpack_enumerate", (t) => t.desc("Enumerate webpack modules in current page and search for keywords").string("searchKeyword", "Keyword to search across module exports").boolean("forceRequireAll", "Force-require every module", { default: false }).number("maxResults", "Maximum matching modules", {
+		default: 20,
+		minimum: 1,
+		maximum: 1e4
+	}).openWorld()),
+	tool("llm_suggest_names", (t) => t.desc("Use client LLM (via MCP sampling) to suggest meaningful names for obfuscated ...").array("identifiers", { type: "string" }, "Array of obfuscated identifier names to rename").required("code", "identifiers").readOnly()),
+	tool("js_deobfuscate_jsvmp", (t) => t.desc("Deobfuscate JSVMP/VM-protected JavaScript: extract VM bytecode and restore original logic.").string("code", "Obfuscated JavaScript source containing VM/JSVMP patterns").boolean("aggressive", "Use aggressive deobfuscation strategy", { default: false }).boolean("extractInstructions", "Extract and list VM instructions", { default: true }).number("timeout", "Deobfuscation timeout in ms", {
+		default: 3e4,
+		minimum: 5e3,
+		maximum: 12e4
+	}).boolean("detectOnly", "Only detect JSVMP without deobfuscating", { default: false }).required("code")),
+	tool("js_deobfuscate_pipeline", (t) => t.desc("Three-stage deobfuscation pipeline: preprocess → deobfuscate → humanize.").string("code", "Obfuscated JavaScript source").boolean("useWebcrack", "Apply webcrack after preprocessor stage", { default: true }).boolean("aggressive", "Enable aggressive transforms in deobfuscator stage", { default: false }).boolean("humanize", "Run humanizer stage (variable renaming)", { default: true }).boolean("returnStageDetails", "Include per-stage results in output", { default: false }).required("code")),
+	tool("js_analyze_vm", (t) => t.desc("Analyze JSVMP/VM interpreter structure: dispatch type, handler table, opcode map.").string("code", "JavaScript source containing VM interpreter").boolean("extractBytecode", "Attempt to extract VM bytecode", { default: true }).boolean("mapOpcodes", "Map opcodes to inferred operations", { default: true }).required("code")),
+	tool("js_solve_constraints", (t) => t.desc("Solve opaque predicates and constant expressions in obfuscated code.").string("code", "JavaScript source with opaque predicates or constant conditions").boolean("replaceInPlace", "Replace solved conditions with their constant values", { default: true }).number("maxIterations", "Maximum solving iterations", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).required("code"))
+];
+//#endregion
+export { coreTools as t };

package/dist/definitions-CVPD9hzZ.mjs

@@ -0,0 +1,54 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/platform/definitions.ts
+const platformTools = [
+	tool("platform_capabilities", (t) => t.desc("Report platform tool backend availability.").query()),
+	tool("miniapp_pkg_scan", (t) => t.desc("Scan local directories for miniapp package files.").string("searchPath", "可选。指定扫描根目录；不提供时使用默认路径（MiniApp/Cache 与 MiniApp/Plugin）。")),
+	tool("miniapp_pkg_unpack", (t) => t.desc("Unpack a miniapp package.").string("inputPath", "必填。小程序包文件路径。").string("outputDir", "可选。输出目录；不提供时自动生成 artifacts 临时目录。").required("inputPath")),
+	tool("miniapp_pkg_analyze", (t) => t.desc("Analyze an unpacked miniapp package.").string("unpackedDir", "必填。已解包目录路径。").required("unpackedDir")),
+	tool("asar_extract", (t) => t.desc("Extract files from an Electron ASAR archive.").string("inputPath", "必填。asar 文件路径。").string("outputDir", "可选。提取目录；不提供时自动生成 artifacts 临时目录。").boolean("listOnly", "可选。默认 false；true 时仅列出文件清单，不执行提取。", { default: false }).required("inputPath")),
+	tool("electron_inspect_app", (t) => t.desc("Inspect an Electron app structure.").string("appPath", "Path to Electron app (.exe or app directory)").required("appPath")),
+	tool("electron_scan_userdata", (t) => t.desc("Scan a directory for Electron JSON userdata files.").string("dirPath", "Directory path to scan for JSON files").number("maxFiles", "可选。最多读取的 JSON 文件数量。默认 20。", {
+		default: 20,
+		minimum: 1,
+		maximum: 1e4
+	}).number("maxFileSizeKB", "可选。单个文件大小上限（KB）。超限文件跳过。默认 1024。", {
+		default: 1024,
+		minimum: 1,
+		maximum: 102400
+	}).required("dirPath").query()),
+	tool("asar_search", (t) => t.desc("Search text inside an ASAR archive.").string("inputPath", "必填。ASAR 文件路径。").string("pattern", "必填。正则表达式字符串。").string("fileGlob", "可选。文件扩展名过滤。默认 *.js。", { default: "*.js" }).number("maxResults", "可选。最大返回匹配数。默认 100。", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).required("inputPath", "pattern").query()),
+	tool("electron_check_fuses", (t) => t.desc("Read Electron fuse states.").string("exePath", "必填。Electron .exe 文件路径。").required("exePath").query()),
+	tool("electron_patch_fuses", (t) => t.desc("Patch Electron fuse states.").string("exePath", "Electron .exe file path").enum("profile", ["debug", "custom"], "Patch profile. \"debug\" enables debug-related fuses. \"custom\" requires a fuses object.", { default: "debug" }).object("fuses", {}, "For profile=\"custom\". Map of fuse names to ENABLE/DISABLE. E.g. {\"RunAsNode\": \"ENABLE\"}.").boolean("createBackup", "Create a .exe.bak backup before patching.", { default: true }).required("exePath").destructive()),
+	tool("v8_bytecode_decompile", (t) => t.desc("Decompile or extract strings from V8 bytecode files.").string("filePath", "Path to .jsc bytecode file").required("filePath").query()),
+	tool("electron_launch_debug", (t) => t.desc("Launch Electron with main and renderer CDP ports.").string("exePath", "Electron .exe file path").number("mainPort", "Main process inspect port.", {
+		default: 9229,
+		minimum: 1,
+		maximum: 65535
+	}).number("rendererPort", "Renderer remote debugging port.", {
+		default: 9222,
+		minimum: 1,
+		maximum: 65535
+	}).array("args", { type: "string" }, "Extra command-line arguments.").boolean("skipFuseCheck", "Skip fuse status check.", { default: false }).number("waitMs", "Milliseconds to wait for CDP ports.", {
+		default: 8e3,
+		minimum: 1e3,
+		maximum: 12e4
+	}).requiredOpenWorld("exePath")),
+	tool("electron_debug_status", (t) => t.desc("Check status of dual-CDP debug sessions launched by electron_launch_debug.").string("sessionId", "Optional. Check specific session. Omit to list all.").query()),
+	tool("electron_ipc_sniff", (t) => t.desc("Monitor Electron IPC via renderer-side hooks.").enum("action", [
+		"start",
+		"dump",
+		"stop",
+		"list",
+		"guide"
+	], "Action to perform.", { default: "guide" }).number("port", "Renderer CDP port (--remote-debugging-port).", {
+		default: 9222,
+		minimum: 1,
+		maximum: 65535
+	}).string("sessionId", "Session ID for dump/stop.").boolean("clear", "Clear captured messages after dump.", { default: true }).openWorld())
+];
+//#endregion
+export { platformTools as t };

package/dist/definitions-Cea8Lgl7.mjs

@@ -0,0 +1,94 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/workflow/definitions.ts
+const workflowNetworkPolicySchema = {
+	type: "object",
+	additionalProperties: false,
+	properties: {
+		allowPrivateNetwork: {
+			type: "boolean",
+			description: "Allow access to private/reserved targets only when the request also matches allowedHosts or allowedCidrs."
+		},
+		allowInsecureHttp: {
+			type: "boolean",
+			description: "Allow non-loopback HTTP targets only when the request also matches allowedHosts or allowedCidrs."
+		},
+		allowedHosts: {
+			type: "array",
+			items: { type: "string" },
+			description: "Exact hostname or host:port allowlist for the primary target (for example [\"labs.example.com\", \"localhost:8080\"])."
+		},
+		allowedCidrs: {
+			type: "array",
+			items: { type: "string" },
+			description: "CIDR allowlist applied after DNS resolution (for example [\"10.10.0.0/16\", \"192.168.1.10/32\"])."
+		},
+		allowedRedirectHosts: {
+			type: "array",
+			items: { type: "string" },
+			description: "Optional hostname or host:port allowlist for redirect hops. When omitted, redirects inherit allowedHosts/allowedCidrs."
+		}
+	},
+	description: "Request-level network authorization policy. Use this instead of process-wide bypasses when you need to reach a real lab target, private address, or plain HTTP service."
+};
+const workflowToolDefinitions = [
+	tool("js_bundle_search", (t) => t.desc("Fetch a remote JavaScript bundle and search it with multiple named regex patterns in a single call.\n\nFeatures over bundle_search script:\n- Server-side fetch (no browser CORS constraints)\n- Bundle caching (5-min TTL, keyed by URL) — avoids re-downloading 1MB+ files\n- SVG/base64 false-positive filtering (`stripNoise: true` by default)\n- Per-pattern independent context window (`contextBefore`/`contextAfter`)\n- Up to `maxMatches` hits per pattern\n\nExample:\n  js_bundle_search({\n    url: \"https://assets.example.com/main.js\",\n    patterns: [\n      { name: \"tier_values\",   regex: \"subscription.plus|user_tier\" },\n      { name: \"payment_apis\",  regex: \"/api/v1/payment/[a-z_]+\" },\n      { name: \"setSubscription\", regex: \"setSubscriptionPlus\\\\([^)]{0,80}\\\\)\" }\n    ]\n  })").string("url", "Remote URL of the JavaScript bundle to analyze").array("patterns", {
+		type: "object",
+		properties: {
+			name: {
+				type: "string",
+				description: "Human-readable label for this pattern"
+			},
+			regex: {
+				type: "string",
+				description: "JavaScript regex string"
+			},
+			contextBefore: {
+				type: "number",
+				description: "Characters of context before match (default: 80)"
+			},
+			contextAfter: {
+				type: "number",
+				description: "Characters of context after match (default: 80)"
+			}
+		},
+		required: ["name", "regex"]
+	}, "Named regex patterns to search for").boolean("cacheBundle", "Cache the bundle for 5 minutes to avoid re-downloads", { default: true }).boolean("stripNoise", "Skip matches inside SVG path data or base64 blobs", { default: true }).number("maxMatches", "Maximum matches to return per pattern", {
+		default: 10,
+		minimum: 1,
+		maximum: 1e3
+	}).prop("networkPolicy", workflowNetworkPolicySchema).requiredOpenWorld("url", "patterns")),
+	tool("page_script_register", (t) => t.desc("Register a named reusable JavaScript snippet in the Script Library.\n\nCore ships built-in snippets such as `auth_extract`, `bundle_search`, `react_fill_form`, and `dom_find_upgrade_buttons`.\n\nRegistered scripts are executed with `page_script_run`. Scripts may reference `__params__` (set at call time via page_script_run params).").string("name", "Unique script name (e.g. \"my_extractor\")").string("code", "JavaScript expression/IIFE to register. Use `typeof __params__ !== \"undefined\" ? __params__ : {}` to safely access runtime parameters.").string("description", "Optional human-readable description of the script").required("name", "code")),
+	tool("page_script_run", (t) => t.desc("Execute a named script from the Script Library in the current page context.\n\nOptionally inject runtime parameters accessible as `__params__` inside the script.\n\nExample:\n  page_script_run({ name: \"bundle_search\", params: { url: \"https://cdn.main.js\", patterns: [\"tier\", \"subscription\"] } })\n  page_script_run({ name: \"auth_extract\" })").string("name", "Script name to run (built-in or registered)").prop("params", {
+		type: "object",
+		additionalProperties: true,
+		description: "Optional parameters injected as __params__ (must be JSON-serializable)"
+	}).requiredOpenWorld("name")),
+	tool("api_probe_batch", (t) => t.desc("Probe multiple API endpoints in a single browser-context fetch burst.\n\nAuto-injects Bearer token from localStorage[token] / localStorage[active_token]. Returns status codes, content types, and response snippets for matching statuses. Skips HTML responses (login-redirect false-positives).\n\nReplaces 5–30 individual page_evaluate fetch calls with one tool call.\n\n**ALWAYS start with OpenAPI/Swagger discovery paths first** — a single 200 response gives you the full API schema:\n  \"/docs\", \"/openapi.json\", \"/api/docs\", \"/swagger.json\", \"/api/v1/openapi.json\", \"/api/openapi.json\"\n\nExample:\n  api_probe_batch({ baseUrl: \"https://chat.qwen.ai\", paths: [\"/docs\", \"/openapi.json\", \"/api/v1/users/me\", \"/api/v1/chats/\", \"/api/admin/users\"] })").string("baseUrl", "Base URL prefix (e.g. \"https://chat.qwen.ai\") — trailing slash will be stripped").array("paths", { type: "string" }, "Paths to probe (e.g. [\"/api/v1/users\", \"/api/v1/chats\"])").enum("method", [
+		"GET",
+		"POST",
+		"PUT",
+		"DELETE",
+		"PATCH",
+		"HEAD",
+		"OPTIONS"
+	], "HTTP method for all probes", { default: "GET" }).object("headers", { additionalProperties: { type: "string" } }, "Additional HTTP headers to include in all requests").string("bodyTemplate", "JSON body string to send for POST/PUT/PATCH requests (optional)").array("includeBodyStatuses", { type: "number" }, "Status codes for which to include response body snippet (default: [200, 201, 204])").number("maxBodySnippetLength", "Max characters per response body snippet", {
+		default: 500,
+		minimum: 0,
+		maximum: 1e4
+	}).boolean("autoInjectAuth", "Auto-inject Bearer token from localStorage (token / active_token / access_token).", { default: true }).prop("networkPolicy", workflowNetworkPolicySchema).requiredOpenWorld("baseUrl", "paths")),
+	tool("list_extension_workflows", (t) => t.desc("List runtime-loaded extension workflows discovered from plugins/ or workflows/ directories, including metadata needed before execution.").query()),
+	tool("run_extension_workflow", (t) => t.desc("Execute a runtime-loaded extension workflow contract by workflowId. Supports config overrides, per-node input overrides, and an optional timeout override.").string("workflowId", "Registered extension workflow id to execute").string("profile", "Optional profile label exposed to the workflow execution context").prop("config", {
+		type: "object",
+		additionalProperties: true,
+		description: "Optional config overrides read through ctx.getConfig(path, fallback)"
+	}).prop("nodeInputOverrides", {
+		type: "object",
+		additionalProperties: {
+			type: "object",
+			additionalProperties: true
+		},
+		description: "Optional shallow input overrides keyed by workflow node id"
+	}).number("timeoutMs", "Optional override for total workflow timeout in milliseconds").requiredOpenWorld("workflowId"))
+];
+//#endregion
+export { workflowToolDefinitions as t };

package/dist/definitions-DAgIyjxM.mjs

@@ -0,0 +1,10 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/sourcemap/definitions.ts
+const sourcemapTools = [
+	tool("sourcemap_discover", (t) => t.desc("Discover source maps on the current page.").boolean("includeInline", "Include inline data: source maps.", { default: true })),
+	tool("sourcemap_fetch_and_parse", (t) => t.desc("Parse a source map.").string("sourceMapUrl", "Source map URL.").string("scriptUrl", "Script URL for relative map resolution.").required("sourceMapUrl")),
+	tool("sourcemap_reconstruct_tree", (t) => t.desc("Reconstruct source files from a source map.").string("sourceMapUrl", "Source map URL.").string("outputDir", "Output directory under the project root.").required("sourceMapUrl")),
+	tool("sourcemap_parse_v4", (t) => t.desc("Parse source map with ECMA-426 v4 scope/debug-id support; falls back to v3.").string("sourceMapUrl", "Source map URL to parse.").boolean("extractScopes", "Extract and decode scope information from v4 x_scopes field", { default: true }).boolean("extractDebugIds", "Extract debug-id mappings for source correlation", { default: true }).boolean("compareV3", "Compare v4 fields against v3 baseline and report differences", { default: false }).required("sourceMapUrl"))
+];
+//#endregion
+export { sourcemapTools as t };

package/dist/definitions-DJA27nsL.mjs

@@ -0,0 +1,66 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/process/definitions.ts
+/**
+* Process Manager Tool Definitions
+* MCP tools for cross-platform process management and debugging
+*/
+const processToolDefinitions = [
+	tool("process_windows", (t) => t.desc("Get all window handles for a process.").number("pid", "Process ID to get windows for").required("pid")),
+	tool("process_check_debug_port", (t) => t.desc("Check if a process has a debug port enabled for CDP attachment.").number("pid", "Process ID to check").required("pid")),
+	tool("process_launch_debug", (t) => t.desc("Launch an executable with remote debugging port enabled.").string("executablePath", "Full path to the executable to launch").number("debugPort", "Debug port to use", {
+		default: 9222,
+		minimum: 1,
+		maximum: 65535
+	}).array("args", { type: "string" }, "Additional command line arguments").required("executablePath")),
+	tool("memory_read", (t) => t.desc("Read memory from a process at a specific address. Requires elevated privileges.").number("pid", "Target process ID").string("address", "Memory address to read (hex string like \"0x12345678\")").number("size", "Number of bytes to read").required("pid", "address", "size")),
+	tool("memory_write", (t) => t.desc("Write data to process memory at a specific address. Requires elevated privileges.").number("pid", "Target process ID").string("address", "Memory address to write to (hex string like \"0x12345678\")").string("data", "Data to write (hex string or base64)").enum("encoding", ["hex", "base64"], "Encoding of the data parameter", { default: "hex" }).required("pid", "address", "data")),
+	tool("memory_scan", (t) => t.desc("Scan process memory for a pattern or value. Requires elevated privileges.").number("pid", "Target process ID").string("pattern", "Pattern to search for (hex bytes like \"48 8B 05\" or value)").enum("patternType", [
+		"hex",
+		"int32",
+		"int64",
+		"float",
+		"double",
+		"string"
+	], "Type of pattern to search", { default: "hex" }).boolean("suspendTarget", "Suspend the target process during scan for a consistent memory snapshot (default: false)", { default: false }).required("pid", "pattern")),
+	tool("memory_check_protection", (t) => t.desc("Check memory protection flags at a specific address.").number("pid", "Target process ID").string("address", "Memory address to check (hex string like \"0x12345678\")").required("pid", "address")),
+	tool("memory_scan_filtered", (t) => t.desc("Scan memory within a filtered set of addresses (secondary scan).").number("pid", "Target process ID").string("pattern", "Pattern to search for").array("addresses", { type: "string" }, "List of addresses to scan within (from previous scan)").enum("patternType", [
+		"hex",
+		"int32",
+		"int64",
+		"float",
+		"double",
+		"string"
+	], "Type of pattern to search", { default: "hex" }).required("pid", "pattern", "addresses")),
+	tool("memory_batch_write", (t) => t.desc("Write multiple memory patches at once.").number("pid", "Target process ID").array("patches", {
+		type: "object",
+		properties: {
+			address: {
+				type: "string",
+				description: "Memory address (hex)"
+			},
+			data: {
+				type: "string",
+				description: "Data to write"
+			},
+			encoding: {
+				type: "string",
+				enum: ["hex", "base64"],
+				default: "hex"
+			}
+		},
+		required: ["address", "data"]
+	}, "Array of patches to apply").required("pid", "patches")),
+	tool("memory_dump_region", (t) => t.desc("Dump a memory region to a file for analysis.").number("pid", "Target process ID").string("address", "Start address (hex)").number("size", "Number of bytes to dump").string("outputPath", "Output file path").required("pid", "address", "size", "outputPath")),
+	tool("memory_list_regions", (t) => t.desc("List all memory regions in a process with protection flags.").number("pid", "Target process ID").required("pid")),
+	tool("memory_audit_export", (t) => t.desc("Export the in-memory audit trail for memory operations as JSON.")),
+	tool("inject_dll", (t) => t.desc("Inject a DLL into a target process using CreateRemoteThread + LoadLibraryA (W...").number("pid", "Target process ID").string("dllPath", "Full path to the DLL file to inject").required("pid", "dllPath")),
+	tool("inject_shellcode", (t) => t.desc("Inject and execute shellcode in a target process.").number("pid", "Target process ID").string("shellcode", "Shellcode bytes (hex string or base64)").enum("encoding", ["hex", "base64"], "Encoding of shellcode", { default: "hex" }).required("pid", "shellcode")),
+	tool("check_debug_port", (t) => t.desc("Check if a process is being debugged using NtQueryInformationProcess (ProcessDebugPort).").number("pid", "Target process ID").required("pid")),
+	tool("enumerate_modules", (t) => t.desc("List all loaded modules (DLLs) in a process with their base addresses.").number("pid", "Target process ID").required("pid")),
+	tool("electron_attach", (t) => t.desc("Attach to an Electron CDP port and optionally evaluate in a matching page.").number("port", "CDP port to connect to", {
+		minimum: 1,
+		maximum: 65535
+	}).string("pageUrl", "Optional URL substring used to pick the target page").string("evaluate", "Optional JavaScript expression to evaluate in the selected page").string("wsEndpoint", "Optional browser WebSocket endpoint override"))
+];
+//#endregion
+export { processToolDefinitions as t };

package/dist/definitions-DKPFU3LW.mjs

@@ -0,0 +1,25 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/maintenance/definitions.ts
+const tokenBudgetTools = [
+	tool("get_token_budget_stats", (t) => t.desc("Get token budget usage stats, warnings, and optimization suggestions").query()),
+	tool("manual_token_cleanup", (t) => t.desc("Clear stale entries and reset counters to free 10-30% of token budget")),
+	tool("reset_token_budget", (t) => t.desc("Hard-reset all token budget counters. Destructive — prefer manual_token_cleanup").destructive())
+];
+const extensionTools = [
+	tool("list_extensions", (t) => t.desc("List all loaded plugins, workflows, and extension tools").query()),
+	tool("reload_extensions", (t) => t.desc("Reload plugins and workflows from configured directories").openWorld()),
+	tool("browse_extension_registry", (t) => t.desc("Browse the remote jshookmcp extension registry").enum("kind", [
+		"plugin",
+		"workflow",
+		"all"
+	], "Filter by extension kind", { default: "all" }).query()),
+	tool("install_extension", (t) => t.desc("Install an extension from the remote registry via git").string("slug", "Extension slug from the registry").string("targetDir", "Target directory override").requiredOpenWorld("slug"))
+];
+const cacheTools = [
+	tool("get_cache_stats", (t) => t.desc("Get cache statistics: entries, sizes, hit rates, and cleanup recommendations").query()),
+	tool("smart_cache_cleanup", (t) => t.desc("Evict LRU and stale entries while preserving hot data").number("targetSize", "Target size in bytes")),
+	tool("clear_all_caches", (t) => t.desc("Clear all internal caches. Destructive — prefer smart_cache_cleanup").destructive())
+];
+const artifactTools = [tool("cleanup_artifacts", (t) => t.desc("Clean generated artifacts using age and size retention rules").number("retentionDays", "Override retention window in days").number("maxTotalBytes", "Override maximum retained bytes").boolean("dryRun", "Preview removals without deleting").destructive()), tool("doctor_environment", (t) => t.desc("Run environment doctor for dependencies, bridge endpoints, and platform limitations").boolean("includeBridgeHealth", "Probe native-bridge / Burp endpoints").readOnly())];
+//#endregion
+export { tokenBudgetTools as i, cacheTools as n, extensionTools as r, artifactTools as t };

package/dist/definitions-DPRpZQ96.mjs

@@ -0,0 +1,47 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/encoding/definitions.ts
+const encodingTools = [
+	tool("binary_detect_format", (t) => t.desc("Detect binary payload format and encoding signals.").enum("source", [
+		"base64",
+		"hex",
+		"file",
+		"raw"
+	], "How to interpret input payload").string("data", "Input payload for base64/hex/raw sources").string("filePath", "File path when source=file").string("requestId", "Captured requestId when a response body is available").required("source").query()),
+	tool("binary_decode", (t) => t.desc("Decode binary payloads into hex, utf8, or json output").string("data", "Input encoded payload").enum("encoding", [
+		"base64",
+		"hex",
+		"url",
+		"protobuf",
+		"msgpack"
+	], "Declared input encoding").enum("outputFormat", [
+		"hex",
+		"utf8",
+		"json"
+	], "Target output format", { default: "hex" }).required("data", "encoding").query()),
+	tool("binary_encode", (t) => t.desc("Encode utf8/hex/json input into base64/hex/url output").string("data", "Input payload").enum("inputFormat", [
+		"utf8",
+		"hex",
+		"json"
+	], "How to parse input").enum("outputEncoding", [
+		"base64",
+		"hex",
+		"url"
+	], "Desired output encoding").required("data", "inputFormat", "outputEncoding").query()),
+	tool("binary_entropy_analysis", (t) => t.desc("Compute entropy and byte frequency for a payload.").enum("source", [
+		"base64",
+		"hex",
+		"raw",
+		"file"
+	], "How to interpret input payload").string("data", "Input payload for base64/hex/raw sources").string("filePath", "File path when source=file").number("blockSize", "Block size for per-block entropy", {
+		default: 256,
+		minimum: 16,
+		maximum: 8192
+	}).required("source").query()),
+	tool("protobuf_decode_raw", (t) => t.desc("Decode base64 protobuf bytes without schema using wire-type aware recursive parser").string("data", "Base64-encoded protobuf payload").number("maxDepth", "Maximum recursive decode depth", {
+		default: 5,
+		minimum: 1,
+		maximum: 20
+	}).required("data").query())
+];
+//#endregion
+export { encodingTools as t };

package/dist/definitions-DUE5gmdn.mjs

@@ -0,0 +1,18 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/antidebug/definitions.ts
+const antidebugTools = [tool("antidebug_bypass", (t) => t.desc("Bypass one or more anti-debug protection types. Specify types to apply; omit or use [\"all\"] to apply all bypasses. Types: all, debugger_statement, timing, stack_trace, console_detect.").array("types", {
+	type: "string",
+	enum: [
+		"all",
+		"debugger_statement",
+		"timing",
+		"stack_trace",
+		"console_detect"
+	]
+}, "Bypass types to apply (default: [\"all\"])").boolean("persistent", "Inject persistently for future documents", { default: true }).enum("mode", ["remove", "noop"], "Debugger statement mode (for debugger_statement type)", { default: "remove" }).number("maxDrift", "Max timing drift per call in ms (for timing type)", {
+	default: 50,
+	minimum: 0,
+	maximum: 1e4
+}).array("filterPatterns", { type: "string" }, "Additional stack frame patterns to filter (for stack_trace type)")), tool("antidebug_detect_protections", (t) => t.desc("Detect anti-debug protections in current page with bypass recommendations"))];
+//#endregion
+export { antidebugTools as t };

package/dist/definitions-DYVjOtxa.mjs

@@ -0,0 +1,26 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/shared-state-board/definitions.ts
+const sharedStateBoardTools = [
+	tool("state_board", (t) => t.desc("Manage shared state board entries.").enum("action", [
+		"set",
+		"get",
+		"delete",
+		"list",
+		"history",
+		"clear"
+	], "Operation to perform").string("key", "Key name (required for set/get/delete/history)").prop("value", {
+		type: "object",
+		description: "Value to store"
+	}).string("namespace", "Namespace for key isolation").number("ttlSeconds", "TTL in seconds").boolean("includeValues", "Include current values in list results", { default: false }).number("limit", "Maximum history entries to return", { default: 50 }).string("keyPattern", "Key pattern filter").required("action")),
+	tool("state_board_watch", (t) => t.desc("Start, poll, or stop shared state board watches.").enum("action", [
+		"start",
+		"poll",
+		"stop"
+	], "Watch operation: start watching, poll for changes, or stop watching").string("key", "Key or pattern to watch").string("namespace", "Namespace").number("pollIntervalMs", "Polling interval in milliseconds").string("watchId", "Watch ID").required("action")),
+	tool("state_board_io", (t) => t.desc("Export or import state board entries.").enum("action", ["export", "import"], "IO operation").string("namespace", "Namespace filter or target namespace").string("keyPattern", "Key pattern filter").prop("data", {
+		type: "object",
+		description: "Entries to import"
+	}).boolean("overwrite", "Overwrite existing keys on import").required("action"))
+];
+//#endregion
+export { sharedStateBoardTools as t };

package/dist/definitions-DcYLVLCo.mjs

@@ -0,0 +1,37 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/streaming/definitions.ts
+const streamingTools = [
+	tool("ws_monitor", (t) => t.desc("Enable or disable WebSocket frame capture via CDP Network events.").enum("action", ["enable", "disable"], "Monitor action").string("urlFilter", "Regex filter for WebSocket URL (action=enable)").number("maxFrames", "Maximum frames in memory (action=enable, default: 1000)", {
+		default: 1e3,
+		minimum: 1,
+		maximum: 1e5
+	}).required("action").destructive()),
+	tool("ws_get_frames", (t) => t.desc("Get captured WebSocket frames with pagination and payload filter").enum("direction", [
+		"sent",
+		"received",
+		"all"
+	], "Frame direction filter", { default: "all" }).number("limit", "Maximum frames to return", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).number("offset", "Pagination offset", {
+		default: 0,
+		minimum: 0
+	}).string("payloadFilter", "Regex filter on frame payload").readOnly()),
+	tool("ws_get_connections", (t) => t.desc("Get tracked WebSocket connections and frame counts").readOnly()),
+	tool("sse_monitor_enable", (t) => t.desc("Enable SSE monitoring by injecting EventSource interceptor").string("urlFilter", "Regex filter for EventSource URL").number("maxEvents", "Maximum SSE events in memory", {
+		default: 2e3,
+		minimum: 1,
+		maximum: 1e5
+	}).boolean("persistent", "Survive page navigations via evaluateOnNewDocument")),
+	tool("sse_get_events", (t) => t.desc("Get captured SSE events with filters and pagination").string("sourceUrl", "Filter by EventSource URL").string("eventType", "Filter by SSE event type").number("limit", "Maximum events", {
+		default: 100,
+		minimum: 1,
+		maximum: 1e4
+	}).number("offset", "Pagination offset", {
+		default: 0,
+		minimum: 0
+	}).readOnly())
+];
+//#endregion
+export { streamingTools as t };

package/dist/definitions-Pp5LI2H4.mjs

@@ -0,0 +1,27 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/graphql/definitions.ts
+const graphqlTools = [
+	tool("call_graph_analyze", (t) => t.desc("Analyze runtime function call graph from in-page traces").number("maxDepth", "Maximum stack-derived edge depth", { default: 5 }).string("filterPattern", "Regex filter for function names").query()),
+	tool("script_replace_persist", (t) => t.desc("Persistently replace matching script responses via request interception").string("url", "Script URL match pattern").string("replacement", "Replacement JavaScript source").enum("matchType", [
+		"exact",
+		"contains",
+		"regex"
+	], "URL matching strategy", { default: "contains" }).requiredOpenWorld("url", "replacement")),
+	tool("graphql_introspect", (t) => t.desc("Run GraphQL introspection query against a target endpoint").string("endpoint", "GraphQL endpoint URL").prop("headers", {
+		type: "object",
+		description: "Custom request headers",
+		additionalProperties: { type: "string" }
+	}).boolean("useBrowser", "Use the active browser session for fetch so cookies and CSRF/app-injected headers are preserved. Set false to force a Node-side fetch.", { default: true }).requiredOpenWorld("endpoint")),
+	tool("graphql_extract_queries", (t) => t.desc("Extract GraphQL queries/mutations from captured network traces").number("limit", "Maximum extracted operations", { default: 50 }).query()),
+	tool("graphql_replay", (t) => t.desc("Replay a GraphQL operation with optional variables via in-page fetch").string("endpoint", "GraphQL endpoint URL").string("query", "GraphQL query/mutation string").prop("variables", {
+		type: "object",
+		description: "GraphQL variables",
+		additionalProperties: true
+	}).string("operationName", "GraphQL operationName").prop("headers", {
+		type: "object",
+		description: "Custom request headers",
+		additionalProperties: { type: "string" }
+	}).boolean("useBrowser", "Use the active browser session for fetch so cookies and CSRF/app-injected headers are preserved. Set false to force a Node-side fetch.", { default: true }).requiredOpenWorld("endpoint", "query"))
+];
+//#endregion
+export { graphqlTools as t };

package/dist/definitions-j9KdHVNR.mjs

@@ -0,0 +1,14 @@
+import { t as tool } from "./tool-builder-BHJp32mV.mjs";
+//#region src/server/domains/proxy/definitions.ts
+const PROXY_TOOLS = [
+	tool("proxy_start", (t) => t.desc("Start the local HTTP/HTTPS proxy.").number("port", "Listen port.", { default: 8080 }).boolean("useHttps", "Enable HTTPS interception.", { default: true })),
+	tool("proxy_stop", (t) => t.desc("Stop the proxy.").destructive()),
+	tool("proxy_status", (t) => t.desc("Read proxy status and CA path.").query()),
+	tool("proxy_export_ca", (t) => t.desc("Read the proxy CA certificate.").query()),
+	tool("proxy_add_rule", (t) => t.desc("Add a proxy rule.").string("action", "Rule action: forward, mock_response, or block.").string("method", "HTTP method to match.", { default: "GET" }).string("urlPattern", "URL matcher string or regex literal.").number("mockStatus", "Response status for mock_response.", { default: 200 }).string("mockBody", "Response body for mock_response.").required("action")),
+	tool("proxy_get_requests", (t) => t.desc("Read captured proxy requests.").string("urlFilter", "Optional URL filter.").query()),
+	tool("proxy_clear_logs", (t) => t.desc("Clear captured proxy logs.").resettable()),
+	tool("proxy_setup_adb_device", (t) => t.desc("Configure an Android device to use the proxy.").string("deviceSerial", "ADB device serial."))
+];
+//#endregion
+export { PROXY_TOOLS as t };