@kylewadegrove/cutline-mcp-cli-staging 0.2.0 → 0.4.0

package/README.md

@@ -35,6 +35,16 @@ cutline-mcp setup
 
 Then ask your AI agent: **"use cutline"**
 
+For test-heavy flows, use the explicit bootstrap + route:
+
+```bash
+npx -y @vibekiln/cutline-mcp-cli@latest setup
+```
+
+Then ask:
+- `Write tests for this PR`
+- `use cutline to generate and run constraint-grounded tests for this scope increase`
+
 Cutline interprets intent and tier:
 - Natural variants also work: `use cutline to ...`, `using cutline, ...`, `with cutline ...`
 - Free/default: runs `code_audit` (generic codebase scan)
@@ -185,6 +195,8 @@ The `init` command creates rules that make your AI coding agent follow the Red-G
 3. **Verify** — Run a code audit to check coverage
 4. **Complete** — Mark the phase done to update readiness scores
 
+When the agent detects testing intent (write/generate/validate tests), it should route through Cutline first and, if not configured, prompt the install bootstrap command above before continuing.
+
 ### Compliance Frameworks
 
 Cutline auto-detects your stack and loads the appropriate compliance constraints:

package/dist/commands/init.js

@@ -129,6 +129,12 @@ If the user invokes Cutline naturally (for example: **"use cutline"**, **"use cu
 - Free/default intent: run \`code_audit(project_root)\` (aka "security vibe check")
 - Premium product-linked intent: run \`engineering_audit(product_id, project_root)\`
 - Feature implementation intent: run \`rgr_plan(...)\` then \`constraints_auto(...)\`
+
+## Testing Intent Auto-Route
+
+If asked to write, generate, validate, or improve tests, route to Cutline first:
+- If Cutline MCP is missing, provide install bootstrap: \`npx -y @vibekiln/cutline-mcp-cli@latest setup\`
+- Then run: \`use cutline to generate and run constraint-grounded tests for this scope increase\`
 `;
 }
 function cursorConstraintsRule(config, tier) {
@@ -219,6 +225,12 @@ If the user invokes Cutline naturally (for example: **"use cutline"**, **"use cu
 - Free/default intent: \`code_audit(project_root)\` (aka "security vibe check")
 - Premium product-linked intent: \`engineering_audit(product_id, project_root)\`
 - Feature implementation intent: \`rgr_plan(...)\` then \`constraints_auto(...)\`
+
+## Testing Intent Auto-Route
+
+If asked to write, generate, validate, or improve tests, route to Cutline first:
+- If Cutline MCP is missing, provide install bootstrap: \`npx -y @vibekiln/cutline-mcp-cli@latest setup\`
+- Then run: \`use cutline to generate and run constraint-grounded tests for this scope increase\`
 `;
 }
 function ensureGitignore(projectRoot, patterns) {

package/dist/commands/setup.js

@@ -403,6 +403,16 @@ export async function setupCommand(options) {
                     flow: 'onboarding',
                 },
             });
+            await trackAgentEvent({
+                idToken,
+                installId,
+                eventName: 'agent_cutline_install_completed',
+                staging: options.staging,
+                eventProperties: {
+                    command: 'setup',
+                    route: 'testing_rgr',
+                },
+            });
         }
     }
     // ── 5. Claude Code one-liners ────────────────────────────────────────────
@@ -424,9 +434,11 @@ export async function setupCommand(options) {
         const items = [
             { cmd: 'use cutline', desc: 'Magic phrase (also works with "use cutline to...", "using cutline...", "with cutline...") — Cutline infers intent and routes to the right flow' },
             { cmd: 'Run a deep dive on my product idea', desc: 'Pre-mortem analysis — risks, assumptions, experiments' },
+            { cmd: 'Write tests for this PR', desc: 'Testing intent shortcut — Cutline should route to graph-grounded test generation + RGR verification loop' },
             { cmd: 'Plan this feature with constraints from my product', desc: 'RGR plan — constraint-aware implementation roadmap' },
             { cmd: 'Run a security vibe check on this codebase', desc: 'Free security vibe check (`code_audit`) — security, reliability, and scalability (generic, not product-linked)' },
             { cmd: 'Run an engineering vibe check for my product', desc: 'Premium deep vibe check (`engineering_audit`) — product-linked analysis + RGR remediation plan' },
+            { cmd: 'use cutline to generate and run tests for this scope increase', desc: 'Preferred prompt for pervasive red/green loop execution' },
             { cmd: 'Check constraints for src/api/upload.ts', desc: 'Get NFR boundaries for a specific file' },
             { cmd: 'Generate .cutline.md for my product', desc: 'Write the constraint routing engine' },
             { cmd: 'What does my persona think about X?', desc: 'AI persona feedback on features' },
@@ -441,6 +453,8 @@ export async function setupCommand(options) {
         const items = [
             { cmd: 'use cutline', desc: 'Magic phrase (also works with "use cutline to...", "using cutline...", "with cutline...") — Cutline routes to the highest-value free flow for your intent' },
             { cmd: 'Run a security vibe check on this codebase', desc: 'Free security vibe check (`code_audit`) — security, reliability, and scalability scan (3/month free)' },
+            { cmd: 'Write tests for this PR', desc: 'Testing intent shortcut — prompts install/setup guidance if Cutline MCP is missing' },
+            { cmd: 'use cutline to generate tests for this scope increase', desc: 'Runs free-tier test-oriented routing and verification guidance where available' },
             { cmd: 'Explore a product idea', desc: 'Free 6-act discovery flow to identify pain points and opportunities' },
             { cmd: 'Continue my exploration session', desc: 'Resume and refine an existing free exploration conversation' },
         ];
@@ -454,6 +468,7 @@ export async function setupCommand(options) {
     }
     console.log();
     console.log(chalk.dim(`  cutline-mcp v${version} · docs: https://thecutline.ai/docs/setup`));
+    console.log(chalk.dim('  Testing bootstrap:'), chalk.cyan('npx -y @vibekiln/cutline-mcp-cli@latest setup'));
     console.log(chalk.dim('  Optional repo policy contract:'), chalk.cyan('cutline-mcp policy-init'));
     console.log();
 }

package/dist/servers/cutline-server.js

@@ -6596,6 +6596,11 @@ async function handleCodeAudit(args, deps) {
         },
         sensitiveDataCount: scanResult.sensitive_data.fields.length,
         rgrPlan,
+        rgrAutoTrigger: {
+          enabled: true,
+          onScopeIncrease: true,
+          executionMode: "local_vitest"
+        },
         securityGaps: graphAnalysis.securityGaps
       }
     };
@@ -7573,6 +7578,46 @@ function evaluateRepoPolicy(requirements, observed) {
   };
 }
 
+// ../mcp/dist/mcp/src/shared/repo-policy-response.js
+function resolveTelemetryAttribution(input) {
+  if (input.providedInstallId) {
+    return "provided";
+  }
+  if (input.resolvedInstallId) {
+    return "auto_resolved";
+  }
+  return "missing";
+}
+function buildInvalidPolicyResponse(input) {
+  return {
+    status: "invalid_policy",
+    certification_id: `policy_${(input.now || /* @__PURE__ */ new Date()).getTime()}`,
+    blocking_reasons: [`Policy manifest not found at ${input.manifestPath}`],
+    required_actions: [
+      "Create policy manifest: cutline-mcp policy-init",
+      "Commit cutline.json and re-run validate_repo_policy"
+    ],
+    telemetry_attribution: input.telemetryAttribution,
+    generated_at: (input.now || /* @__PURE__ */ new Date()).toISOString()
+  };
+}
+function buildPolicyVerdictResponse(input) {
+  return {
+    status: input.verdict.status,
+    certification_id: `policy_${(input.now || /* @__PURE__ */ new Date()).getTime()}`,
+    manifest_path: input.manifestPath,
+    policy_name: input.policyName || "cutline-policy",
+    schema_version: input.schemaVersion || "unknown",
+    verification_requirements: input.verdict.verification_requirements,
+    observed_evidence: input.observedEvidence,
+    telemetry_attribution: input.telemetryAttribution,
+    checks: input.verdict.checks,
+    blocking_reasons: input.verdict.blocking_reasons,
+    required_actions: input.verdict.required_actions,
+    generated_at: (input.now || /* @__PURE__ */ new Date()).toISOString()
+  };
+}
+
 // ../mcp/dist/mcp/src/cutline-server.js
 function mcpAudit(entry) {
   console.error(JSON.stringify({
@@ -7609,6 +7654,43 @@ async function emitPolicyGateEvent(input) {
   } catch {
   }
 }
+async function emitAgentEvent(input) {
+  if (!input.authToken || !input.installId)
+    return;
+  const siteUrl = (process.env.NEXT_PUBLIC_SITE_URL || "https://thecutline.ai").replace(/\/$/, "");
+  try {
+    await fetch(`${siteUrl}/api/agent/event`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${input.authToken}`
+      },
+      body: JSON.stringify({
+        install_id: input.installId,
+        event_name: input.eventName,
+        event_properties: input.eventProperties || {}
+      })
+    });
+  } catch {
+  }
+}
+function isTestingIntentPrompt(prompt) {
+  return /\b(test|tests|testing|vitest|jest|coverage|unit test|integration test|e2e|spec file|assertion)\b/i.test(prompt);
+}
+function buildTestingIntentHintResponse(prompt) {
+  return {
+    detected: true,
+    intent: "testing",
+    route: "cutline_testing_rgr",
+    prompts: [
+      "use cutline to generate tests for this scope increase",
+      "use cutline to run the RGR loop for this change",
+      "use cutline to evaluate merge gates for this test run"
+    ],
+    bootstrap_if_missing: "npx -y @vibekiln/cutline-mcp-cli@latest setup",
+    source_prompt_excerpt: prompt.slice(0, 180)
+  };
+}
 var DEFAULT_MODEL = process.env.MODEL_ID || "gemini-2.5-pro";
 var GOVERNANCE_ENFORCEMENT = (process.env.CUTLINE_GOVERNANCE_ENFORCEMENT || "advisory").toLowerCase() === "enforced";
 function buildGovernanceEnvelope(input) {
@@ -8116,7 +8198,9 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
           type: "object",
           properties: {
             prompt: { type: "string" },
-            wikiMarkdown: { type: "string" }
+            wikiMarkdown: { type: "string" },
+            auth_token: { type: "string", description: "Optional auth token for telemetry attribution" },
+            install_id: { type: "string", description: "Optional install ID for telemetry attribution" }
           },
           required: ["prompt"]
         }
@@ -8145,7 +8229,9 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
         inputSchema: {
           type: "object",
           properties: {
-            prompt: { type: "string" }
+            prompt: { type: "string" },
+            auth_token: { type: "string", description: "Optional auth token for telemetry attribution" },
+            install_id: { type: "string", description: "Optional install ID for telemetry attribution" }
           },
           required: ["prompt"]
         }
@@ -8581,17 +8667,17 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
       },
       {
         name: "get_assurance_manifest",
-        description: "\u{1F513} AUTHENTICATED-FREE - Fetch the live Cutline assurance manifest used for machine-verifiable trust checks.",
+        description: `\u{1F513} AUTHENTICATED-FREE - Fetch signed assurance proof for "prove it's safe", "production-ready", and audit verification prompts.`,
         inputSchema: {
           type: "object",
           properties: {
-            url: { type: "string", description: "Optional assurance URL override (default: NEXT_PUBLIC_SITE_URL/.well-known/cutline-assurance.json)" }
+            url: { type: "string", description: "Optional assurance URL override (default: NEXT_PUBLIC_SITE_URL/.well-known/cutline-assurance.json). Use target app domain when verifying deployed builds." }
           }
         }
       },
       {
         name: "validate_repo_policy",
-        description: '\u{1F513} AUTHENTICATED-FREE - Validate repository cutline.json policy and return a deterministic verdict object for "prove it" prompts.',
+        description: "\u{1F513} AUTHENTICATED-FREE - Run deterministic policy validation for secure/deploy-ready/audit prompts and return a machine-readable verdict object.",
         inputSchema: {
           type: "object",
           properties: {
@@ -8922,9 +9008,32 @@ Why AI: ${idea.whyAI}`
         };
       }
       if (name2 === "trial_generate") {
-        const { prompt } = args;
+        const trialArgs = args;
+        const { prompt } = trialArgs;
         const text = await cfGenerateTrialRun(prompt);
-        return { content: [{ type: "text", text: JSON.stringify({ text }) }] };
+        const isTestingIntent = isTestingIntentPrompt(prompt);
+        const env = process.env.CUTLINE_ENV === "staging" ? "staging" : "production";
+        const resolvedInstallId = trialArgs.install_id || getStoredInstallId({ environment: env });
+        if (isTestingIntent) {
+          await emitAgentEvent({
+            authToken: trialArgs.auth_token,
+            installId: resolvedInstallId || void 0,
+            eventName: "agent_test_intent_detected",
+            eventProperties: {
+              tool_name: "trial_generate",
+              route: "cutline_testing_rgr"
+            }
+          });
+        }
+        return {
+          content: [{
+            type: "text",
+            text: JSON.stringify({
+              text,
+              ...isTestingIntent ? { cutline_testing_route: buildTestingIntentHintResponse(prompt) } : {}
+            })
+          }]
+        };
       }
       if (name2 === "get_assurance_manifest") {
         const { url } = args;
@@ -8958,7 +9067,10 @@ Why AI: ${idea.whyAI}`
         await resolveAuthContextFree(policyArgs.auth_token);
         const env = process.env.CUTLINE_ENV === "staging" ? "staging" : "production";
         const resolvedInstallId = policyArgs.install_id || getStoredInstallId({ environment: env });
-        const telemetryAttribution = policyArgs.install_id ? "provided" : resolvedInstallId ? "auto_resolved" : "missing";
+        const telemetryAttribution = resolveTelemetryAttribution({
+          providedInstallId: policyArgs.install_id,
+          resolvedInstallId: resolvedInstallId || void 0
+        });
         const { existsSync, readFileSync } = await import("node:fs");
         const { resolve, join: join4 } = await import("node:path");
         const manifestPath = resolve(policyArgs.manifest_path || join4(policyArgs.project_root, "cutline.json"));
@@ -8975,17 +9087,10 @@ Why AI: ${idea.whyAI}`
           return {
             content: [{
               type: "text",
-              text: JSON.stringify({
-                status: "invalid_policy",
-                certification_id: `policy_${Date.now()}`,
-                blocking_reasons: [`Policy manifest not found at ${manifestPath}`],
-                required_actions: [
-                  "Create policy manifest: cutline-mcp policy-init",
-                  "Commit cutline.json and re-run validate_repo_policy"
-                ],
-                telemetry_attribution: telemetryAttribution,
-                generated_at: (/* @__PURE__ */ new Date()).toISOString()
-              }, null, 2)
+              text: JSON.stringify(buildInvalidPolicyResponse({
+                manifestPath,
+                telemetryAttribution
+              }), null, 2)
             }]
           };
         }
@@ -9012,20 +9117,14 @@ Why AI: ${idea.whyAI}`
         return {
           content: [{
             type: "text",
-            text: JSON.stringify({
-              status: verdict.status,
-              certification_id: `policy_${Date.now()}`,
-              manifest_path: manifestPath,
-              policy_name: manifest?.policy_name || "cutline-policy",
-              schema_version: manifest?.schema_version || "unknown",
-              verification_requirements: verdict.verification_requirements,
-              observed_evidence: policyArgs.observed || {},
-              telemetry_attribution: telemetryAttribution,
-              checks: verdict.checks,
-              blocking_reasons: verdict.blocking_reasons,
-              required_actions: verdict.required_actions,
-              generated_at: (/* @__PURE__ */ new Date()).toISOString()
-            }, null, 2)
+            text: JSON.stringify(buildPolicyVerdictResponse({
+              verdict,
+              manifestPath,
+              policyName: manifest?.policy_name,
+              schemaVersion: manifest?.schema_version,
+              observedEvidence: policyArgs.observed || {},
+              telemetryAttribution
+            }), null, 2)
           }]
         };
       }
@@ -9328,9 +9427,32 @@ Competitive threats: ${competitors}` : ""
           return { content: [{ type: "text", text: JSON.stringify(result) }] };
         }
         case "agent_chat": {
-          const { prompt, wikiMarkdown } = args;
+          const chatArgs = args;
+          const { prompt, wikiMarkdown } = chatArgs;
           const text = await cfGenerateChatSuggestion(prompt, wikiMarkdown);
-          return { content: [{ type: "text", text: JSON.stringify({ text }) }] };
+          const isTestingIntent = isTestingIntentPrompt(prompt);
+          const env = process.env.CUTLINE_ENV === "staging" ? "staging" : "production";
+          const resolvedInstallId = chatArgs.install_id || getStoredInstallId({ environment: env });
+          if (isTestingIntent) {
+            await emitAgentEvent({
+              authToken: chatArgs.auth_token,
+              installId: resolvedInstallId || void 0,
+              eventName: "agent_test_intent_detected",
+              eventProperties: {
+                tool_name: "agent_chat",
+                route: "cutline_testing_rgr"
+              }
+            });
+          }
+          return {
+            content: [{
+              type: "text",
+              text: JSON.stringify({
+                text,
+                ...isTestingIntent ? { cutline_testing_route: buildTestingIntentHintResponse(prompt) } : {}
+              })
+            }]
+          };
         }
         // Integrations
         case "integrations_create_issues": {
@@ -10899,6 +11021,11 @@ ${JSON.stringify(metrics, null, 2)}` }
                 ...plan,
                 entity: rgrMatched[0].name,
                 complexity,
+                auto_execution: {
+                  scope_increase_triggers_rgr: true,
+                  mode: "pervasive",
+                  expected_runner: "local_vitest"
+                },
                 governance
               }, null, 2)
             }]
@@ -11425,7 +11552,7 @@ Meta: ${JSON.stringify({
                 mode: "product",
                 codeContext: payload.codeContext || null
               });
-              runInput.productId = newJobId;
+              runInput.productId = String(auditArgs.product_id || newJobId);
               await updatePremortem(newJobId, { payload: runInput });
               return { jobId: newJobId };
             }

package/dist/utils/agent-funnel.d.ts

@@ -1,4 +1,4 @@
-type AgentEventName = 'install_completed' | 'first_tool_call_success' | 'tool_call_failed' | 'heartbeat' | 'policy_gate_passed' | 'policy_gate_blocked' | 'upgrade_clicked' | 'upgrade_completed';
+type AgentEventName = 'install_completed' | 'first_tool_call_success' | 'tool_call_failed' | 'heartbeat' | 'policy_gate_passed' | 'policy_gate_blocked' | 'upgrade_clicked' | 'upgrade_completed' | 'agent_test_intent_detected' | 'agent_cutline_install_prompted' | 'agent_cutline_install_completed' | 'agent_first_rgr_test_call_success';
 export declare function registerAgentInstall(input: {
     idToken: string;
     staging?: boolean;

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@kylewadegrove/cutline-mcp-cli-staging",
-    "version": "0.2.0",
+    "version": "0.4.0",
     "description": "CLI and MCP servers for Cutline — authenticate, then run constraint-aware MCP servers in Cursor or any MCP client.",
     "type": "module",
     "main": "dist/index.js",