@kodrunhq/opencode-autopilot 1.18.0 → 1.19.0

package/src/review/agents/index.ts

@@ -1,80 +1,53 @@
-import { authFlowVerifier } from "./auth-flow-verifier";
+import { architectureVerifier } from "./architecture-verifier";
+import { codeHygieneAuditor } from "./code-hygiene-auditor";
 import { codeQualityAuditor } from "./code-quality-auditor";
-import { concurrencyChecker } from "./concurrency-checker";
 import { contractVerifier } from "./contract-verifier";
+import { correctnessAuditor } from "./correctness-auditor";
 import { databaseAuditor } from "./database-auditor";
-import { deadCodeScanner } from "./dead-code-scanner";
-import { goIdiomsAuditor } from "./go-idioms-auditor";
+import { frontendAuditor } from "./frontend-auditor";
+import { languageIdiomsAuditor } from "./language-idioms-auditor";
 import { logicAuditor } from "./logic-auditor";
 import { productThinker } from "./product-thinker";
-import { pythonDjangoAuditor } from "./python-django-auditor";
-import { reactPatternsAuditor } from "./react-patterns-auditor";
 import { redTeam } from "./red-team";
-import { rustSafetyAuditor } from "./rust-safety-auditor";
-import { scopeIntentVerifier } from "./scope-intent-verifier";
 import { securityAuditor } from "./security-auditor";
-import { silentFailureHunter } from "./silent-failure-hunter";
-import { specChecker } from "./spec-checker";
-import { stateMgmtAuditor } from "./state-mgmt-auditor";
 import { testInterrogator } from "./test-interrogator";
-import { typeSoundness } from "./type-soundness";
-import { wiringInspector } from "./wiring-inspector";
 
 export {
-	authFlowVerifier,
+	architectureVerifier,
+	codeHygieneAuditor,
 	codeQualityAuditor,
-	concurrencyChecker,
 	contractVerifier,
+	correctnessAuditor,
 	databaseAuditor,
-	deadCodeScanner,
-	goIdiomsAuditor,
+	frontendAuditor,
+	languageIdiomsAuditor,
 	logicAuditor,
 	productThinker,
-	pythonDjangoAuditor,
-	reactPatternsAuditor,
 	redTeam,
-	rustSafetyAuditor,
-	scopeIntentVerifier,
 	securityAuditor,
-	silentFailureHunter,
-	specChecker,
-	stateMgmtAuditor,
 	testInterrogator,
-	typeSoundness,
-	wiringInspector,
 };
 
-/** The 6 universal specialist agents (Stage 1 & 2 reviews). */
 export const REVIEW_AGENTS = Object.freeze([
 	logicAuditor,
 	securityAuditor,
 	codeQualityAuditor,
 	testInterrogator,
-	silentFailureHunter,
+	codeHygieneAuditor,
 	contractVerifier,
 ] as const);
 
 /** Stage 3 agents: adversarial red team + product completeness. */
 export const STAGE3_AGENTS = Object.freeze([redTeam, productThinker] as const);
 
-/** The 13 specialized agents added for stack-aware review. */
 export const SPECIALIZED_AGENTS = Object.freeze([
-	wiringInspector,
-	deadCodeScanner,
-	specChecker,
+	architectureVerifier,
 	databaseAuditor,
-	authFlowVerifier,
-	typeSoundness,
-	stateMgmtAuditor,
-	concurrencyChecker,
-	scopeIntentVerifier,
-	reactPatternsAuditor,
-	goIdiomsAuditor,
-	pythonDjangoAuditor,
-	rustSafetyAuditor,
+	correctnessAuditor,
+	frontendAuditor,
+	languageIdiomsAuditor,
 ] as const);
 
-/** All 21 review agents combined (6 universal + 13 specialized + 2 sequenced). */
 export const ALL_REVIEW_AGENTS = Object.freeze([
 	...REVIEW_AGENTS,
 	...SPECIALIZED_AGENTS,

package/src/review/agents/language-idioms-auditor.ts

@@ -0,0 +1,39 @@
+import type { ReviewAgent } from "../types";
+
+export const languageIdiomsAuditor: Readonly<ReviewAgent> = Object.freeze({
+	name: "language-idioms-auditor",
+	description:
+		"Audits Go idioms, Python and Django or FastAPI patterns, and Rust safety conventions for language-specific bug classes.",
+	relevantStacks: ["go", "django", "fastapi", "rust"] as readonly string[],
+	severityFocus: ["CRITICAL", "HIGH"] as const,
+	prompt: `You are the Language Idioms Auditor. You verify that Go, Python web frameworks, and Rust code respect the language-specific safety and correctness rules that general reviewers often miss.
+
+## Instructions
+
+Check each category systematically for the stacks present in the diff:
+
+1. **Go Idioms** -- Flag defer-in-loop, goroutine leaks, nil-interface traps, error shadowing with :=, and context misuse or ignored cancellation.
+2. **Python/Django/FastAPI Patterns** -- Flag N+1 ORM access in templates or handlers, unsafe ModelForm field exposure, missing CSRF protection for cookie-based auth, mutable default arguments, and lazy-evaluation traps.
+3. **Rust Safety** -- Flag unsafe blocks without real safety justification, unwrap/expect in non-test code, questionable lifetime assumptions, Send/Sync misuse, and mem::forget or manual resource leaks.
+4. **Language-Specific Resource Lifecycles** -- Verify cleanup and ownership rules match the idioms of the language instead of relying on accidental runtime behavior.
+
+Explain the mechanism behind each issue: why this is a Go, Python-web, or Rust trap rather than a generic style preference.
+
+Do not comment on general code style -- only language- and framework-specific correctness and safety issues.
+
+## Diff
+{{DIFF}}
+
+## Prior Findings (for cross-verification)
+{{PRIOR_FINDINGS}}
+
+## Project Memory (false positive suppression)
+{{MEMORY}}
+
+## Output
+For each finding, output a JSON object:
+{"severity": "CRITICAL|HIGH|MEDIUM|LOW", "domain": "language-idioms", "title": "short title", "file": "path/to/file.ts", "line": 42, "agent": "language-idioms-auditor", "source": "phase1", "evidence": "what was found", "problem": "why it is an issue", "fix": "how to fix it"}
+
+If no findings: {"findings": []}
+Wrap all findings in: {"findings": [...]}`,
+});

package/src/review/agents/security-auditor.ts

@@ -3,10 +3,10 @@ import type { ReviewAgent } from "../types";
 export const securityAuditor: Readonly<ReviewAgent> = Object.freeze({
 	name: "security-auditor",
 	description:
-		"Audits OWASP vulnerabilities, hardcoded secrets, injection vectors, and cryptographic correctness.",
+		"Audits OWASP vulnerabilities, authentication and authorization flows, hardcoded secrets, injection vectors, and cryptographic correctness.",
 	relevantStacks: [] as readonly string[],
 	severityFocus: ["CRITICAL", "HIGH"] as const,
-	prompt: `You are the Security Auditor. You scan for security vulnerabilities and secure coding violations. Every finding must include a concrete exploit scenario.
+	prompt: `You are the Security Auditor. You scan for security vulnerabilities, broken auth flows, and secure coding violations. Every finding must include a concrete exploit scenario.
 
 ## Instructions
 
@@ -14,12 +14,16 @@ Check each category systematically against the changed code:
 
 1. **Hardcoded Secrets** -- Scan for API keys, passwords, tokens, connection strings, or private keys in source code. Check .env files committed to version control. Flag any string that looks like a credential.
 2. **Injection Vulnerabilities** -- Trace every user input from entry point to use. Check for SQL injection (string concatenation in queries), command injection (unsanitized shell input), XSS (unescaped HTML output), and template injection.
-3. **Authentication & Authorization** -- Verify auth middleware/guards on every protected endpoint. Check that authorization is enforced server-side, not just in UI routing. Flag endpoints missing auth checks.
-4. **CSRF Protection** -- Verify anti-CSRF tokens on state-changing endpoints. Check SameSite cookie attributes. Flag forms that POST without CSRF protection.
-5. **Sensitive Data Exposure** -- Check that passwords, tokens, PII, and credentials are never logged, included in error messages, or returned in API responses.
-6. **Cryptographic Correctness** -- Flag MD5/SHA1 for password hashing, weak random number generation (Math.random for security), missing TLS configuration.
-7. **SSRF** -- Verify that user-supplied URLs are validated against an allowlist before server-side fetching.
-8. **Rate Limiting** -- Check that public and auth endpoints have rate limiting to prevent brute force and abuse.
+3. **Route Protection** -- For every route or endpoint that accesses user data, modifies state, or returns sensitive information, verify an auth guard (middleware, decorator, or check) is present. Flag any protected resource accessible without authentication.
+4. **Token Validation** -- For every token check (JWT verification, session lookup, API key validation), verify the validation is complete: signature check, expiry check, issuer check, and audience check where applicable. Flag partial validation.
+5. **Privilege Escalation** -- Trace every operation that uses a user ID or role. Verify the ID comes from the authenticated session, not from request parameters. Flag any path where a user could access or modify another user's data by changing an ID in the request.
+6. **Session Fixation & Token Expiry** -- Verify session IDs are regenerated after login and that access tokens have finite TTLs that are enforced. Flag reused sessions, missing expiry checks, or tokens with no expiration.
+7. **Password Storage** -- Verify passwords are hashed with bcrypt, scrypt, or argon2 before storage. Flag plaintext password storage, MD5/SHA1 hashing, or missing salt.
+8. **CSRF Protection** -- Verify anti-CSRF tokens on state-changing endpoints. Check SameSite cookie attributes. Flag forms that POST without CSRF protection.
+9. **Sensitive Data Exposure** -- Check that passwords, tokens, PII, and credentials are never logged, included in error messages, or returned in API responses.
+10. **Cryptographic Correctness** -- Flag MD5/SHA1 for password hashing, weak random number generation (Math.random for security), and missing TLS configuration.
+11. **SSRF** -- Verify that user-supplied URLs are validated against an allowlist before server-side fetching.
+12. **Rate Limiting** -- Check that public and auth endpoints have rate limiting to prevent brute force and abuse.
 
 For each finding, describe the exploit: "An attacker could [action] because [vulnerability], resulting in [impact]."
 

package/src/review/stack-gate.ts

@@ -7,12 +7,8 @@ import type { AgentDefinition } from "./types";
  * If listed, at least ONE of the required tags must be present in the project.
  */
 export const STACK_GATE_RULES: Readonly<Record<string, readonly string[]>> = Object.freeze({
-	"react-patterns-auditor": Object.freeze(["react", "nextjs"]),
-	"go-idioms-auditor": Object.freeze(["go"]),
-	"python-django-auditor": Object.freeze(["django", "fastapi"]),
-	"rust-safety-auditor": Object.freeze(["rust"]),
-	"state-mgmt-auditor": Object.freeze(["react", "vue", "svelte", "angular"]),
-	"type-soundness": Object.freeze(["typescript", "kotlin", "rust", "go"]),
+	"frontend-auditor": Object.freeze(["react", "nextjs", "vue", "svelte", "angular"]),
+	"language-idioms-auditor": Object.freeze(["go", "django", "fastapi", "rust"]),
 });
 
 /**

package/src/routing/categories.ts

@@ -0,0 +1,111 @@
+import type { Category } from "../types/routing";
+import type { CategoryDefinition } from "./types";
+
+function freezeCategoryDefinition(definition: CategoryDefinition): CategoryDefinition {
+	return Object.freeze({
+		...definition,
+		skills: Object.freeze([...definition.skills]),
+		keywords: Object.freeze([...definition.keywords]),
+		filePatterns: Object.freeze([...definition.filePatterns]),
+	});
+}
+
+const ALL_CATEGORIES: readonly CategoryDefinition[] = Object.freeze([
+	freezeCategoryDefinition({
+		category: "quick",
+		description: "Small, low-risk tasks with minimal complexity.",
+		modelGroup: "utilities",
+		skills: [],
+		maxIterations: 1,
+		timeoutSeconds: 60,
+		keywords: ["fix typo", "rename", "simple", "trivial", "single file"],
+		filePatterns: [],
+	}),
+	freezeCategoryDefinition({
+		category: "visual-engineering",
+		description: "UI, UX, styling, and frontend presentation work.",
+		modelGroup: "builders",
+		skills: ["frontend-design", "frontend-ui-ux"],
+		maxIterations: 5,
+		timeoutSeconds: 300,
+		keywords: [
+			"ui",
+			"ux",
+			"css",
+			"styling",
+			"animation",
+			"layout",
+			"design",
+			"dark mode",
+			"responsive",
+		],
+		filePatterns: [".css", ".scss", ".tsx", ".jsx", ".vue", ".svelte"],
+	}),
+	freezeCategoryDefinition({
+		category: "ultrabrain",
+		description: "Logic-heavy, performance-sensitive, or algorithmic work.",
+		modelGroup: "architects",
+		skills: [],
+		maxIterations: 10,
+		timeoutSeconds: 600,
+		keywords: ["algorithm", "architecture", "complex", "optimize", "performance", "logic-heavy"],
+		filePatterns: [],
+	}),
+	freezeCategoryDefinition({
+		category: "artistry",
+		description: "Creative, novel, or unconventional solutioning.",
+		modelGroup: "architects",
+		skills: [],
+		maxIterations: 8,
+		timeoutSeconds: 600,
+		keywords: ["creative", "unconventional", "novel", "innovative"],
+		filePatterns: [],
+	}),
+	freezeCategoryDefinition({
+		category: "writing",
+		description: "Documentation, changelogs, and technical writing tasks.",
+		modelGroup: "communicators",
+		skills: ["coding-standards"],
+		maxIterations: 3,
+		timeoutSeconds: 180,
+		keywords: ["documentation", "readme", "changelog", "write docs", "technical writing"],
+		filePatterns: [],
+	}),
+	freezeCategoryDefinition({
+		category: "unspecified-low",
+		description: "General work with unclear category and moderate complexity.",
+		modelGroup: "utilities",
+		skills: [],
+		maxIterations: 3,
+		timeoutSeconds: 120,
+		keywords: [],
+		filePatterns: [],
+	}),
+	freezeCategoryDefinition({
+		category: "unspecified-high",
+		description: "General work with unclear category but high likely complexity.",
+		modelGroup: "builders",
+		skills: [],
+		maxIterations: 8,
+		timeoutSeconds: 300,
+		keywords: [],
+		filePatterns: [],
+	}),
+] satisfies readonly CategoryDefinition[]);
+
+export const CATEGORY_DEFINITIONS: ReadonlyMap<Category, CategoryDefinition> = Object.freeze(
+	new Map(ALL_CATEGORIES.map((definition) => [definition.category, definition] as const)),
+);
+
+export function getCategoryDefinition(category: Category): CategoryDefinition {
+	const definition = CATEGORY_DEFINITIONS.get(category);
+	if (!definition) {
+		throw new Error(`Unknown routing category: ${category}`);
+	}
+
+	return definition;
+}
+
+export function getAllCategories(): readonly CategoryDefinition[] {
+	return ALL_CATEGORIES;
+}

package/src/routing/classifier.ts

@@ -0,0 +1,152 @@
+import type { Category } from "../types/routing";
+import { getAllCategories } from "./categories";
+
+export interface ClassificationResult {
+	readonly category: Category;
+	readonly confidence: number;
+	readonly reasoning: string;
+}
+
+interface ScoredCategory {
+	readonly category: Category;
+	readonly score: number;
+	readonly matches: readonly string[];
+}
+
+const COMPLEXITY_SIGNALS: readonly string[] = Object.freeze([
+	"implement",
+	"authentication",
+	"jwt",
+	"refresh token",
+	"oauth",
+	"integration",
+	"workflow",
+	"subsystem",
+	"pipeline",
+	"multi-step",
+	"end-to-end",
+]);
+
+function clampConfidence(value: number): number {
+	return Math.max(0, Math.min(1, value));
+}
+
+function scoreFilePatternMatches(changedFiles: readonly string[]): ScoredCategory | null {
+	const lowerFiles = changedFiles.map((file) => file.toLowerCase());
+	let bestMatch: ScoredCategory | null = null;
+
+	for (const definition of getAllCategories()) {
+		if (definition.filePatterns.length === 0) {
+			continue;
+		}
+
+		const matches = definition.filePatterns.filter((pattern) =>
+			lowerFiles.some((file) => file.endsWith(pattern.toLowerCase())),
+		);
+
+		if (matches.length === 0) {
+			continue;
+		}
+
+		if (bestMatch === null || matches.length > bestMatch.score) {
+			bestMatch = {
+				category: definition.category,
+				score: matches.length,
+				matches: Object.freeze([...matches]),
+			};
+		}
+	}
+
+	return bestMatch;
+}
+
+function scoreKeywordMatches(description: string): ScoredCategory | null {
+	let bestMatch: ScoredCategory | null = null;
+
+	for (const definition of getAllCategories()) {
+		if (definition.keywords.length === 0) {
+			continue;
+		}
+
+		const matches = definition.keywords.filter((keyword) =>
+			description.includes(keyword.toLowerCase()),
+		);
+		if (matches.length === 0) {
+			continue;
+		}
+
+		if (bestMatch === null || matches.length > bestMatch.score) {
+			bestMatch = {
+				category: definition.category,
+				score: matches.length,
+				matches: Object.freeze([...matches]),
+			};
+		}
+	}
+
+	return bestMatch;
+}
+
+function classifyByHeuristic(description: string): ClassificationResult | null {
+	if (description.length < 20) {
+		return Object.freeze({
+			category: "quick",
+			confidence: 0.45,
+			reasoning: "Short task description suggests a quick utility task.",
+		});
+	}
+
+	const matchedSignals = COMPLEXITY_SIGNALS.filter((signal) => description.includes(signal));
+	if (description.length > 200 || matchedSignals.length > 0) {
+		const confidence = clampConfidence(
+			0.58 + matchedSignals.length * 0.07 + (description.length > 200 ? 0.12 : 0),
+		);
+		const details =
+			matchedSignals.length > 0
+				? `complexity signals: ${matchedSignals.join(", ")}`
+				: "long task description suggests high complexity";
+		return Object.freeze({
+			category: "unspecified-high",
+			confidence,
+			reasoning: `Heuristic classified task as unspecified-high based on ${details}.`,
+		});
+	}
+
+	return null;
+}
+
+export function classifyTask(
+	description: string,
+	changedFiles: readonly string[] = [],
+): ClassificationResult {
+	const normalizedDescription = description.trim().toLowerCase();
+
+	const filePatternMatch = scoreFilePatternMatches(changedFiles);
+	if (filePatternMatch !== null) {
+		return Object.freeze({
+			category: filePatternMatch.category,
+			confidence: clampConfidence(0.72 + filePatternMatch.score * 0.1),
+			reasoning: `Matched file patterns for ${filePatternMatch.category}: ${filePatternMatch.matches.join(", ")}.`,
+		});
+	}
+
+	const keywordMatch = scoreKeywordMatches(normalizedDescription);
+	if (keywordMatch !== null) {
+		return Object.freeze({
+			category: keywordMatch.category,
+			confidence: clampConfidence(0.55 + keywordMatch.score * 0.15),
+			reasoning: `Matched keywords for ${keywordMatch.category}: ${keywordMatch.matches.join(", ")}.`,
+		});
+	}
+
+	const heuristicMatch = classifyByHeuristic(normalizedDescription);
+	if (heuristicMatch !== null) {
+		return heuristicMatch;
+	}
+
+	return Object.freeze({
+		category: "unspecified-low",
+		confidence: 0.3,
+		reasoning: "No strong routing signals found; defaulted to unspecified-low.",
+	});
+}

package/src/routing/engine.ts

@@ -0,0 +1,89 @@
+import {
+	type Category,
+	CategoryConfigSchema,
+	type RoutingConfig,
+	type RoutingDecision,
+} from "../types/routing";
+import { getCategoryDefinition } from "./categories";
+import { classifyTask } from "./classifier";
+
+function buildDefaultCategoryConfig(category: Category) {
+	const definition = getCategoryDefinition(category);
+	return CategoryConfigSchema.parse({
+		enabled: true,
+		modelGroup: definition.modelGroup,
+		timeoutSeconds: definition.timeoutSeconds,
+		skills: [...definition.skills],
+		metadata: {
+			maxIterations: definition.maxIterations,
+		},
+	});
+}
+
+function buildAppliedConfig(category: Category, override?: RoutingConfig["categories"][string]) {
+	const baseConfig = buildDefaultCategoryConfig(category);
+	return CategoryConfigSchema.parse({
+		...baseConfig,
+		...override,
+		skills: override?.skills ?? baseConfig.skills,
+		metadata: {
+			...baseConfig.metadata,
+			...(override?.metadata ?? {}),
+		},
+	});
+}
+
+function resolveCategory(
+	classifiedCategory: Category,
+	config?: RoutingConfig,
+): { readonly category: Category; readonly fallbackReason: string | null } {
+	const override = config?.categories[classifiedCategory];
+	if (override?.enabled === false && classifiedCategory !== "unspecified-low") {
+		return Object.freeze({
+			category: "unspecified-low",
+			fallbackReason: `Category '${classifiedCategory}' is disabled by config; fell back to unspecified-low.`,
+		});
+	}
+
+	return Object.freeze({
+		category: classifiedCategory,
+		fallbackReason: null,
+	});
+}
+
+export function makeRoutingDecision(
+	description: string,
+	config?: RoutingConfig,
+	changedFiles: readonly string[] = [],
+): RoutingDecision {
+	if (config?.enabled === false) {
+		const fallbackCategory: Category = "unspecified-low";
+		const appliedConfig = buildAppliedConfig(
+			fallbackCategory,
+			config?.categories[fallbackCategory],
+		);
+		return Object.freeze({
+			category: fallbackCategory,
+			confidence: 0,
+			agentId: appliedConfig.agentId,
+			reasoning: "Routing is disabled globally.",
+			appliedConfig,
+		});
+	}
+
+	const classification = classifyTask(description, changedFiles);
+	const resolved = resolveCategory(classification.category, config);
+	const appliedConfig = buildAppliedConfig(
+		resolved.category,
+		config?.categories[resolved.category],
+	);
+	const reasoning = [classification.reasoning, resolved.fallbackReason].filter(Boolean).join(" ");
+
+	return Object.freeze({
+		category: resolved.category,
+		confidence: classification.confidence,
+		agentId: appliedConfig.agentId,
+		reasoning,
+		appliedConfig,
+	});
+}

package/src/routing/index.ts

@@ -0,0 +1,4 @@
+export { CATEGORY_DEFINITIONS, getAllCategories, getCategoryDefinition } from "./categories";
+export { classifyTask } from "./classifier";
+export { makeRoutingDecision } from "./engine";
+export type { CategoryDefinition } from "./types";

package/src/routing/types.ts

@@ -0,0 +1,14 @@
+import type { Category, CategoryConfig, RoutingDecision } from "../types/routing";
+
+export interface CategoryDefinition {
+	readonly category: Category;
+	readonly description: string;
+	readonly modelGroup: string;
+	readonly skills: readonly string[];
+	readonly maxIterations: number;
+	readonly timeoutSeconds: number;
+	readonly keywords: readonly string[];
+	readonly filePatterns: readonly string[];
+}
+
+export type { Category, CategoryConfig, RoutingDecision };

package/src/skills/adaptive-injector.ts

@@ -9,6 +9,8 @@
 
 import { access, readdir } from "node:fs/promises";
 import { join } from "node:path";
+import { getLogger } from "../logging/domains";
+import { getGlobalMcpManager } from "../mcp";
 import { sanitizeTemplateContent } from "../review/sanitize";
 import { isEnoentError } from "../utils/fs-helpers";
 import { resolveDependencyOrder } from "./dependency-resolver";
@@ -18,6 +20,26 @@ const DEFAULT_TOKEN_BUDGET = 8000;
 /** Rough estimate: 1 token ~ 4 chars */
 const CHARS_PER_TOKEN = 4;
 
+const mcpLogger = getLogger("mcp", "skill-activation");
+
+function activateMcpForSkills(skills: ReadonlyMap<string, LoadedSkill>, mcpEnabled: boolean): void {
+	if (!mcpEnabled) return;
+
+	const manager = getGlobalMcpManager();
+	if (!manager) return;
+
+	for (const [name, skill] of skills) {
+		if (skill.frontmatter.mcp) {
+			manager.startServer(name, skill.frontmatter.mcp).catch((error: unknown) => {
+				mcpLogger.warn("Failed to start MCP server for skill", {
+					skill: name,
+					error: error instanceof Error ? error.message : String(error),
+				});
+			});
+		}
+	}
+}
+
 /**
  * Maps pipeline phases to the skill names relevant for that phase.
  * Skills not in the list for the current phase are excluded from injection,
@@ -34,6 +56,9 @@ export const PHASE_SKILL_MAP: Readonly<Record<string, readonly string[]>> = Obje
 	EXPLORE: [],
 });
 
+const MCP_SUPPORT_NOTE =
+	"Embedded MCP support is available for skills that declare an MCP server when plugin config.mcp.enabled is true.";
+
 export type SkillMode = "summary" | "full";
 
 /**
@@ -147,7 +172,8 @@ export function buildSkillSummary(skill: LoadedSkill): string {
 	const { name, description } = skill.frontmatter;
 	const safeName = sanitizeTemplateContent(name);
 	const safeDesc = sanitizeTemplateContent((description ?? "").slice(0, 200));
-	return `[Skill: ${safeName}]\n${safeDesc}`;
+	const mcpNote = skill.frontmatter.mcp ? `\n${MCP_SUPPORT_NOTE}` : "";
+	return `[Skill: ${safeName}]\n${safeDesc}${mcpNote}`;
 }
 
 /**
@@ -173,9 +199,12 @@ export function buildMultiSkillContext(
 	skills: ReadonlyMap<string, LoadedSkill>,
 	tokenBudget: number = DEFAULT_TOKEN_BUDGET,
 	mode: SkillMode = "summary",
+	mcpEnabled = true,
 ): string {
 	if (skills.size === 0) return "";
 
+	activateMcpForSkills(skills, mcpEnabled);
+
 	// Resolve dependency order
 	const depMap = new Map(
 		[...skills.entries()].map(([name, skill]) => [name, { requires: skill.frontmatter.requires }]),
@@ -232,11 +261,13 @@ export function buildAdaptiveSkillContext(
 		readonly phase?: string;
 		readonly budget?: number;
 		readonly mode?: SkillMode;
+		readonly mcpEnabled?: boolean;
 	},
 ): string {
 	const phase = options?.phase;
 	const budget = options?.budget ?? DEFAULT_TOKEN_BUDGET;
 	const mode = options?.mode ?? "summary";
+	const mcpEnabled = options?.mcpEnabled ?? true;
 
 	if (phase !== undefined) {
 		const allowedNames = PHASE_SKILL_MAP[phase] ?? [];
@@ -250,9 +281,9 @@ export function buildAdaptiveSkillContext(
 			}
 		}
 
-		return buildMultiSkillContext(filtered, budget, mode);
+		return buildMultiSkillContext(filtered, budget, mode, mcpEnabled);
 	}
 
 	// No phase -- include all provided skills (caller already stack-filtered)
-	return buildMultiSkillContext(skills, budget, mode);
+	return buildMultiSkillContext(skills, budget, mode, mcpEnabled);
 }