@launchsecure/launch-kit 0.0.29 → 0.0.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (202) hide show
  1. package/dist/beacon/beacon.mjs +2825 -1243
  2. package/dist/beacon/beacon.mjs.map +1 -1
  3. package/dist/beacon/beacon.umd.js +710 -95
  4. package/dist/beacon/beacon.umd.js.map +1 -1
  5. package/dist/beacon/types/core.d.ts +14 -0
  6. package/dist/beacon/types/core.d.ts.map +1 -0
  7. package/dist/beacon/types/ctx.d.ts +14 -0
  8. package/dist/beacon/types/ctx.d.ts.map +1 -0
  9. package/dist/beacon/types/element.d.ts +16 -48
  10. package/dist/beacon/types/element.d.ts.map +1 -1
  11. package/dist/beacon/types/index.d.ts +5 -4
  12. package/dist/beacon/types/index.d.ts.map +1 -1
  13. package/dist/beacon/types/internal/annotation-cache.d.ts +10 -0
  14. package/dist/beacon/types/internal/annotation-cache.d.ts.map +1 -0
  15. package/dist/beacon/types/internal/element-capture.d.ts +19 -0
  16. package/dist/beacon/types/internal/element-capture.d.ts.map +1 -0
  17. package/dist/beacon/types/internal/event-buffer.d.ts +16 -0
  18. package/dist/beacon/types/internal/event-buffer.d.ts.map +1 -0
  19. package/dist/beacon/types/internal/framework-detect.d.ts +6 -0
  20. package/dist/beacon/types/internal/framework-detect.d.ts.map +1 -0
  21. package/dist/beacon/types/internal/markers.d.ts +17 -0
  22. package/dist/beacon/types/internal/markers.d.ts.map +1 -0
  23. package/dist/beacon/types/internal/monitor/capture-dom.d.ts +14 -0
  24. package/dist/beacon/types/internal/monitor/capture-dom.d.ts.map +1 -0
  25. package/dist/beacon/types/internal/monitor/capture-network.d.ts +12 -0
  26. package/dist/beacon/types/internal/monitor/capture-network.d.ts.map +1 -0
  27. package/dist/beacon/types/internal/monitor/overlay.d.ts +16 -0
  28. package/dist/beacon/types/internal/monitor/overlay.d.ts.map +1 -0
  29. package/dist/beacon/types/internal/monitor/session.d.ts +41 -0
  30. package/dist/beacon/types/internal/monitor/session.d.ts.map +1 -0
  31. package/dist/beacon/types/{monitor → internal/monitor}/transport.d.ts +3 -3
  32. package/dist/beacon/types/internal/monitor/transport.d.ts.map +1 -0
  33. package/dist/beacon/types/{monitor/types.d.ts → internal/monitor/wire.d.ts} +69 -27
  34. package/dist/beacon/types/internal/monitor/wire.d.ts.map +1 -0
  35. package/dist/beacon/types/{ui → internal}/pick-mode-overlay.d.ts +4 -5
  36. package/dist/beacon/types/internal/pick-mode-overlay.d.ts.map +1 -0
  37. package/dist/beacon/types/{capture → internal}/picker.d.ts +0 -1
  38. package/dist/beacon/types/internal/picker.d.ts.map +1 -0
  39. package/dist/beacon/types/{ui → internal}/pin-popover.d.ts +1 -1
  40. package/dist/beacon/types/internal/pin-popover.d.ts.map +1 -0
  41. package/dist/beacon/types/internal/screenshot.d.ts +26 -0
  42. package/dist/beacon/types/internal/screenshot.d.ts.map +1 -0
  43. package/dist/beacon/types/internal/selector.d.ts.map +1 -0
  44. package/dist/beacon/types/plugins/domEle.d.ts +14 -0
  45. package/dist/beacon/types/plugins/domEle.d.ts.map +1 -0
  46. package/dist/beacon/types/plugins/domSS.d.ts +8 -0
  47. package/dist/beacon/types/plugins/domSS.d.ts.map +1 -0
  48. package/dist/beacon/types/plugins/errors.d.ts +3 -0
  49. package/dist/beacon/types/plugins/errors.d.ts.map +1 -0
  50. package/dist/beacon/types/plugins/index.d.ts +8 -0
  51. package/dist/beacon/types/plugins/index.d.ts.map +1 -0
  52. package/dist/beacon/types/plugins/liveMonitor.d.ts +14 -0
  53. package/dist/beacon/types/plugins/liveMonitor.d.ts.map +1 -0
  54. package/dist/beacon/types/plugins/metadata.d.ts +3 -0
  55. package/dist/beacon/types/plugins/metadata.d.ts.map +1 -0
  56. package/dist/beacon/types/registry.d.ts +33 -0
  57. package/dist/beacon/types/registry.d.ts.map +1 -0
  58. package/dist/beacon/types/styles.d.ts +8 -0
  59. package/dist/beacon/types/styles.d.ts.map +1 -0
  60. package/dist/beacon/types/transport.d.ts +3 -0
  61. package/dist/beacon/types/transport.d.ts.map +1 -0
  62. package/dist/beacon/types/types.d.ts +152 -68
  63. package/dist/beacon/types/types.d.ts.map +1 -1
  64. package/dist/beacon/types/ui/dialog.d.ts +53 -0
  65. package/dist/beacon/types/ui/dialog.d.ts.map +1 -0
  66. package/dist/beacon/types/ui/form.d.ts +7 -0
  67. package/dist/beacon/types/ui/form.d.ts.map +1 -0
  68. package/dist/beacon/types/ui/overlay.d.ts +6 -0
  69. package/dist/beacon/types/ui/overlay.d.ts.map +1 -0
  70. package/dist/chart-client/assets/{index-CJ4mgRRF.css → index-CDIhdgWg.css} +1 -1
  71. package/dist/chart-client/index.html +2 -2
  72. package/dist/client/assets/{index-DI5qSR_w.css → index-CfW4n40I.css} +1 -1
  73. package/dist/client/index.html +2 -2
  74. package/dist/council-client/assets/{index-C_-vAM9L.css → index-CZim6x1u.css} +1 -1
  75. package/dist/council-client/index.html +2 -2
  76. package/dist/deck-client/assets/{_baseUniq-W2JQDmje.js → _baseUniq-DdHaBFYO.js} +1 -1
  77. package/dist/deck-client/assets/{arc-DIBWAId9.js → arc-D98e_18X.js} +1 -1
  78. package/dist/deck-client/assets/{architectureDiagram-Q4EWVU46-CAIRMvJK.js → architectureDiagram-Q4EWVU46-DNFZzh-4.js} +1 -1
  79. package/dist/deck-client/assets/{blockDiagram-DXYQGD6D-BeNaNiOi.js → blockDiagram-DXYQGD6D-DeQvGUdX.js} +1 -1
  80. package/dist/deck-client/assets/{c4Diagram-AHTNJAMY-B9Ozi62h.js → c4Diagram-AHTNJAMY-B6ekZf1n.js} +1 -1
  81. package/dist/deck-client/assets/channel-DmR7Tyyt.js +1 -0
  82. package/dist/deck-client/assets/{chunk-4BX2VUAB-D7AZ47dt.js → chunk-4BX2VUAB-9aDWymq2.js} +1 -1
  83. package/dist/deck-client/assets/{chunk-4TB4RGXK-DnVnNPcI.js → chunk-4TB4RGXK-DtKQqaI7.js} +1 -1
  84. package/dist/deck-client/assets/{chunk-55IACEB6-UKYs-YNd.js → chunk-55IACEB6-COy9hEae.js} +1 -1
  85. package/dist/deck-client/assets/{chunk-EDXVE4YY-D43b-SKn.js → chunk-EDXVE4YY-D_f861An.js} +1 -1
  86. package/dist/deck-client/assets/{chunk-FMBD7UC4-QzBAoyyW.js → chunk-FMBD7UC4-CmuA5UKn.js} +1 -1
  87. package/dist/deck-client/assets/{chunk-OYMX7WX6-Cjif4r6W.js → chunk-OYMX7WX6-vT8z8D-0.js} +1 -1
  88. package/dist/deck-client/assets/{chunk-QZHKN3VN-CqLDirEI.js → chunk-QZHKN3VN-CTlwwg-R.js} +1 -1
  89. package/dist/deck-client/assets/{chunk-YZCP3GAM-_FQvmMs4.js → chunk-YZCP3GAM-C44yr620.js} +1 -1
  90. package/dist/deck-client/assets/classDiagram-6PBFFD2Q-Bl4ozQWs.js +1 -0
  91. package/dist/deck-client/assets/classDiagram-v2-HSJHXN6E-Bl4ozQWs.js +1 -0
  92. package/dist/deck-client/assets/clone-BAy58j24.js +1 -0
  93. package/dist/deck-client/assets/{cose-bilkent-S5V4N54A-rfrocesE.js → cose-bilkent-S5V4N54A-DBB2J2nL.js} +1 -1
  94. package/dist/deck-client/assets/{dagre-KV5264BT-Bv_7DJat.js → dagre-KV5264BT-DxDTYbKl.js} +1 -1
  95. package/dist/deck-client/assets/{diagram-5BDNPKRD-4F1414G5.js → diagram-5BDNPKRD-DByWrWd1.js} +1 -1
  96. package/dist/deck-client/assets/{diagram-G4DWMVQ6-C4-Pszqm.js → diagram-G4DWMVQ6-B8B6ddMq.js} +1 -1
  97. package/dist/deck-client/assets/{diagram-MMDJMWI5-B647TIx9.js → diagram-MMDJMWI5-BMUZ2PWK.js} +1 -1
  98. package/dist/deck-client/assets/{diagram-TYMM5635-BFAqpezd.js → diagram-TYMM5635-Bk9e8BB-.js} +1 -1
  99. package/dist/deck-client/assets/{erDiagram-SMLLAGMA-BfBfrJOC.js → erDiagram-SMLLAGMA-DcOSwSol.js} +1 -1
  100. package/dist/deck-client/assets/{flowDiagram-DWJPFMVM-DX9YAYes.js → flowDiagram-DWJPFMVM-DI-4BR0F.js} +1 -1
  101. package/dist/deck-client/assets/{ganttDiagram-T4ZO3ILL-DCuiy7wF.js → ganttDiagram-T4ZO3ILL-BeZuXBoU.js} +1 -1
  102. package/dist/deck-client/assets/{gitGraphDiagram-UUTBAWPF-CGp1IXUh.js → gitGraphDiagram-UUTBAWPF-Bcki__f-.js} +1 -1
  103. package/dist/deck-client/assets/{graph-B7g8aoxv.js → graph-CifKx6G1.js} +1 -1
  104. package/dist/deck-client/assets/index-6sdqbm2o.js +2 -0
  105. package/dist/deck-client/assets/{index-DsIZ3LqL.css → index-BlTlhxFW.css} +1 -1
  106. package/dist/deck-client/assets/index-CB-qlwRT.js +1195 -0
  107. package/dist/deck-client/assets/{infoDiagram-42DDH7IO-L3fahMkF.js → infoDiagram-42DDH7IO-CReN1nFN.js} +1 -1
  108. package/dist/deck-client/assets/{ishikawaDiagram-UXIWVN3A-aS_EjWBZ.js → ishikawaDiagram-UXIWVN3A-CDF_VLN_.js} +1 -1
  109. package/dist/deck-client/assets/{journeyDiagram-VCZTEJTY-djTSQZF9.js → journeyDiagram-VCZTEJTY-DwgGrNVB.js} +1 -1
  110. package/dist/deck-client/assets/{kanban-definition-6JOO6SKY-CcTHo4CM.js → kanban-definition-6JOO6SKY-DB_zohh5.js} +1 -1
  111. package/dist/deck-client/assets/{layout-mEJiadb7.js → layout-DFfX1O3z.js} +1 -1
  112. package/dist/deck-client/assets/{linear-XgTKqyRu.js → linear-CtKb4EXj.js} +1 -1
  113. package/dist/deck-client/assets/{min-Ct9jZdpd.js → min-DCRRwUZv.js} +1 -1
  114. package/dist/deck-client/assets/{mindmap-definition-QFDTVHPH-BaFxCGNU.js → mindmap-definition-QFDTVHPH-D0QBOiFe.js} +1 -1
  115. package/dist/deck-client/assets/{pieDiagram-DEJITSTG-CIbYYjtw.js → pieDiagram-DEJITSTG-CD-EV5WB.js} +1 -1
  116. package/dist/deck-client/assets/{quadrantDiagram-34T5L4WZ-D9EtCOvh.js → quadrantDiagram-34T5L4WZ-B-JXZ8xI.js} +1 -1
  117. package/dist/deck-client/assets/{requirementDiagram-MS252O5E-xeni9eVG.js → requirementDiagram-MS252O5E-D2_OK5Dp.js} +1 -1
  118. package/dist/deck-client/assets/{sankeyDiagram-XADWPNL6-LYeknz9h.js → sankeyDiagram-XADWPNL6-BbBJqVSC.js} +1 -1
  119. package/dist/deck-client/assets/{sequenceDiagram-FGHM5R23-RDbsKFZf.js → sequenceDiagram-FGHM5R23-Db8A-Rkk.js} +1 -1
  120. package/dist/deck-client/assets/{stateDiagram-FHFEXIEX-BH1Zjglk.js → stateDiagram-FHFEXIEX-DGJnanjS.js} +1 -1
  121. package/dist/deck-client/assets/stateDiagram-v2-QKLJ7IA2-CR7riiab.js +1 -0
  122. package/dist/deck-client/assets/{timeline-definition-GMOUNBTQ-IFXxKptt.js → timeline-definition-GMOUNBTQ-BRkr6T4w.js} +1 -1
  123. package/dist/deck-client/assets/{vennDiagram-DHZGUBPP-D-sLkQs9.js → vennDiagram-DHZGUBPP-d0rsTqFo.js} +1 -1
  124. package/dist/deck-client/assets/{wardley-RL74JXVD-C010F8l4.js → wardley-RL74JXVD-2t7cMqdS.js} +1 -1
  125. package/dist/deck-client/assets/{wardleyDiagram-NUSXRM2D-BTjjuDU3.js → wardleyDiagram-NUSXRM2D-DzboAsHh.js} +1 -1
  126. package/dist/deck-client/assets/{xychartDiagram-5P7HB3ND-AYbv92n-.js → xychartDiagram-5P7HB3ND-CgTP9u2V.js} +1 -1
  127. package/dist/deck-client/index.html +2 -2
  128. package/dist/server/beacon-monitor-entry.js +548 -6
  129. package/dist/server/chart-serve.js +917 -248
  130. package/dist/server/cli.js +2033 -385
  131. package/dist/server/deck-mcp-entry.js +141 -21
  132. package/dist/server/deck-serve.js +141 -21
  133. package/dist/server/graph-mcp-entry.js +1991 -333
  134. package/dist/server/init-entry.js +24 -13
  135. package/dist/server/orbit-entry.js +135 -7
  136. package/dist/server/parse-worker-entry.js +918 -247
  137. package/package.json +4 -2
  138. package/scaffolds/ls-marketplace/plugins/kit/skills/analyse/SKILL.md +180 -0
  139. package/scaffolds/ls-marketplace/plugins/kit/skills/beacon-array/SKILL.md +107 -0
  140. package/scaffolds/ls-marketplace/plugins/kit/skills/beacon-clear/SKILL.md +94 -0
  141. package/scaffolds/ls-marketplace/plugins/kit/skills/beacon-pulse/SKILL.md +82 -0
  142. package/scaffolds/ls-marketplace/plugins/kit/skills/beacon-scan/SKILL.md +66 -0
  143. package/scaffolds/ls-marketplace/plugins/kit/skills/blast-radius/SKILL.md +117 -0
  144. package/scaffolds/ls-marketplace/plugins/kit/skills/brief/SKILL.md +112 -0
  145. package/scaffolds/ls-marketplace/plugins/kit/skills/course/SKILL.md +84 -0
  146. package/scaffolds/ls-marketplace/plugins/kit/skills/debug/SKILL.md +85 -0
  147. package/scaffolds/ls-marketplace/plugins/kit/skills/deploy-check/SKILL.md +160 -0
  148. package/scaffolds/ls-marketplace/plugins/kit/skills/diagram/SKILL.md +152 -0
  149. package/scaffolds/ls-marketplace/plugins/kit/skills/orbit/SKILL.md +87 -0
  150. package/scaffolds/ls-marketplace/plugins/kit/skills/prototype/SKILL.md +110 -0
  151. package/scaffolds/ls-marketplace/plugins/kit/skills/recovery/SKILL.md +95 -0
  152. package/scaffolds/ls-marketplace/plugins/kit/{commands/show-mcp-status.md → skills/show-mcp-status/SKILL.md} +4 -4
  153. package/scaffolds/ls-marketplace/plugins/kit/skills/wireframe/SKILL.md +90 -0
  154. package/scaffolds/statusline/statusline-mcp.sh +21 -9
  155. package/dist/beacon/types/capture/element.d.ts +0 -3
  156. package/dist/beacon/types/capture/element.d.ts.map +0 -1
  157. package/dist/beacon/types/capture/events.d.ts +0 -20
  158. package/dist/beacon/types/capture/events.d.ts.map +0 -1
  159. package/dist/beacon/types/capture/framework.d.ts +0 -3
  160. package/dist/beacon/types/capture/framework.d.ts.map +0 -1
  161. package/dist/beacon/types/capture/metadata.d.ts +0 -3
  162. package/dist/beacon/types/capture/metadata.d.ts.map +0 -1
  163. package/dist/beacon/types/capture/overlay.d.ts +0 -7
  164. package/dist/beacon/types/capture/overlay.d.ts.map +0 -1
  165. package/dist/beacon/types/capture/picker.d.ts.map +0 -1
  166. package/dist/beacon/types/capture/screenshot.d.ts +0 -7
  167. package/dist/beacon/types/capture/screenshot.d.ts.map +0 -1
  168. package/dist/beacon/types/capture/selector.d.ts.map +0 -1
  169. package/dist/beacon/types/monitor/dom.d.ts +0 -13
  170. package/dist/beacon/types/monitor/dom.d.ts.map +0 -1
  171. package/dist/beacon/types/monitor/index.d.ts +0 -19
  172. package/dist/beacon/types/monitor/index.d.ts.map +0 -1
  173. package/dist/beacon/types/monitor/network.d.ts +0 -12
  174. package/dist/beacon/types/monitor/network.d.ts.map +0 -1
  175. package/dist/beacon/types/monitor/transport.d.ts.map +0 -1
  176. package/dist/beacon/types/monitor/types.d.ts.map +0 -1
  177. package/dist/beacon/types/transport/submit.d.ts +0 -3
  178. package/dist/beacon/types/transport/submit.d.ts.map +0 -1
  179. package/dist/beacon/types/ui/button.d.ts +0 -2
  180. package/dist/beacon/types/ui/button.d.ts.map +0 -1
  181. package/dist/beacon/types/ui/drawer.d.ts +0 -33
  182. package/dist/beacon/types/ui/drawer.d.ts.map +0 -1
  183. package/dist/beacon/types/ui/icons.d.ts +0 -9
  184. package/dist/beacon/types/ui/icons.d.ts.map +0 -1
  185. package/dist/beacon/types/ui/monitor-panel.d.ts +0 -19
  186. package/dist/beacon/types/ui/monitor-panel.d.ts.map +0 -1
  187. package/dist/beacon/types/ui/pick-mode-overlay.d.ts.map +0 -1
  188. package/dist/beacon/types/ui/pin-popover.d.ts.map +0 -1
  189. package/dist/deck-client/assets/channel-CRdozqbp.js +0 -1
  190. package/dist/deck-client/assets/classDiagram-6PBFFD2Q-lIZMp57W.js +0 -1
  191. package/dist/deck-client/assets/classDiagram-v2-HSJHXN6E-lIZMp57W.js +0 -1
  192. package/dist/deck-client/assets/clone-BtWeSTyJ.js +0 -1
  193. package/dist/deck-client/assets/index-Dg1r-WSN.js +0 -476
  194. package/dist/deck-client/assets/stateDiagram-v2-QKLJ7IA2-BrV78NDR.js +0 -1
  195. package/scaffolds/ls-marketplace/plugins/kit/commands/beacon-array.md +0 -92
  196. package/scaffolds/ls-marketplace/plugins/kit/commands/beacon-clear.md +0 -68
  197. package/scaffolds/ls-marketplace/plugins/kit/commands/beacon-pulse.md +0 -80
  198. package/scaffolds/ls-marketplace/plugins/kit/commands/beacon-scan.md +0 -62
  199. /package/dist/beacon/types/{capture → internal}/selector.d.ts +0 -0
  200. /package/dist/chart-client/assets/{index-Ccy-DpI-.js → index-B__ARB8k.js} +0 -0
  201. /package/dist/client/assets/{index-Dp0_okva.js → index-h8kMzVtG.js} +0 -0
  202. /package/dist/council-client/assets/{index-Dt4zWKSj.js → index-CWaDcsFR.js} +0 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@launchsecure/launch-kit",
3
- "version": "0.0.29",
3
+ "version": "0.0.31",
4
4
  "description": "LaunchSecure toolkit — launch-pod (pipeline), launch-chart (project graph MCP), launch-deck (visual playground MCP), launch-kit-beacon (feedback Web Component), launch-recall (file-watcher backup).",
5
5
  "license": "MIT",
6
6
  "author": "LaunchSecure - AutomateWithUs",
@@ -66,8 +66,9 @@
66
66
  "build:council-client": "vite build --config vite.council.config.ts",
67
67
  "build:client": "vite build",
68
68
  "build:chart-client": "vite build --config vite.chart.config.ts",
69
- "build:server": "esbuild src/server/cli.ts src/server/fb-wizard.ts src/server/graph-mcp-entry.ts src/server/chart-serve.ts src/server/deck-mcp-entry.ts src/server/deck-serve.ts src/server/council-entry.ts src/server/council-serve.ts src/server/recall-entry.ts src/server/init-entry.ts src/server/orbit-entry.ts src/server/course-entry.ts src/server/beacon-monitor-entry.ts src/server/parse-worker-entry.ts --bundle --platform=node --target=node18 --outdir=dist/server --external:node-pty --external:ws --external:typescript --external:web-tree-sitter --external:tree-sitter-typescript --external:cloudflared --external:pg --external:pg-native && rm -rf dist/server/public && cp -r ../claude-code-web/src/public dist/server/public && rm -rf dist/server/graph/queries && mkdir -p dist/server/graph && cp -r src/server/graph/queries dist/server/graph/queries",
69
+ "build:server": "esbuild src/server/cli.ts src/server/fb-wizard.ts src/server/graph-mcp-entry.ts src/server/chart-serve.ts src/server/deck-mcp-entry.ts src/server/deck-serve.ts src/server/council-entry.ts src/server/council-serve.ts src/server/recall-entry.ts src/server/init-entry.ts src/server/orbit-entry.ts src/server/course-entry.ts src/server/beacon-monitor-entry.ts src/server/parse-worker-entry.ts --bundle --platform=node --target=node18 --outdir=dist/server --external:node-pty --external:ws --external:typescript --external:web-tree-sitter --external:tree-sitter-typescript --external:cloudflared --external:pg --external:pg-native --external:pgsql-parser --external:libpg-query && rm -rf dist/server/public && cp -r ../claude-code-web/src/public dist/server/public && rm -rf dist/server/graph/queries && mkdir -p dist/server/graph && cp -r src/server/graph/queries dist/server/graph/queries",
70
70
  "dev:client": "vite",
71
+ "dev:deck-serve": "cd ../.. && tsx watch packages/cli/src/server/deck-mcp-entry.ts serve",
71
72
  "dev:chart": "pnpm build:server && pnpm build:chart-client && node dist/server/graph-mcp-entry.js serve",
72
73
  "dev:server": "pnpm build:server && node dist/server/cli.js",
73
74
  "dev": "pnpm build:server && concurrently -k -n client,server -c cyan,magenta \"vite\" \"node dist/server/cli.js\"",
@@ -84,6 +85,7 @@
84
85
  "html-to-image": "^1.11.13",
85
86
  "node-pty": "^1.2.0-beta.12",
86
87
  "pg": "^8.13.0",
88
+ "pgsql-parser": "^17.9.15",
87
89
  "tree-sitter": "^0.21.1",
88
90
  "tree-sitter-typescript": "^0.23.2",
89
91
  "typescript": "^5.5.0",
@@ -0,0 +1,180 @@
1
+ ---
2
+ description: Source-code analysis using launch-chart as the default tool. Routes structural / internal-state / content queries to the chart MCP first; falls back to grep/Read only when the chart cannot answer (non-TS files, missing layer, parser gap). Files a one-line LS feedback comment whenever the fallback is the chart's fault, so gaps get fixed.
3
+ when_to_use: |
4
+ Auto-fire whenever the user wants to understand, explore, audit, or trace source code or codebase structure — INSTEAD of defaulting to grep / glob / Read. Trigger phrases: "analyse" / "analyze" / "analysis", "explain how X works", "how does X work", "where is X", "what depends on / calls / renders / imports X", "trace / walk through Y", "explore the codebase", "understand this module", "audit X", "show me all / list every X" (pages, endpoints, tables, hooks, components), "what state does X track", "what conditions exist in X", "which endpoints check Y", "what tables relate to X", "what permissions does role X grant", "is migration X destructive", "what seed roles / tags / providers exist", "find FIXME / TODO". Also auto-fire on open-ended structural questions ("how is auth set up", "where does the work-item flow happen") even without explicit "analyse" wording. Do NOT auto-fire for: bug investigation framed as symptom ("X is broken", "why doesn't Y work" — use /kit:debug), refactor blast assessment ("what breaks if I change Z" — use /kit:blast-radius), or render-as-diagram requests (use /kit:diagram).
5
+ allowed-tools:
6
+ - mcp__launch-chart__read_graph
7
+ - mcp__launch-chart__inspect_node
8
+ - mcp__launch-chart__grep_nodes
9
+ - mcp__launch-chart__detect_project_stack
10
+ - mcp__launch-chart__blast_points
11
+ - mcp__launch-chart__effects_index
12
+ - mcp__launch-chart__list_notes
13
+ - mcp__launch-chart__who_uses
14
+ - mcp__launch-chart__trace_path
15
+ - mcp__launch-chart__migration_audit
16
+ - mcp__launch-chart__drift_report
17
+ - mcp__launch-chart__auth_coverage_report
18
+ - mcp__launch-secure__kit_feedback_submit
19
+ ---
20
+
21
+ # /kit:analyse
22
+
23
+ Source-code analysis using launch-chart as the default tool. The chart indexes ~1,200 typed nodes across 4 layers (ui / api / db / static) with cross-layer edges and AST-level deep fields — almost everything grep/glob/Read would surface is queryable here, faster and cheaper in tokens.
24
+
25
+ ## Discipline (non-negotiable)
26
+
27
+ 1. **Chart-first.** Default to launch-chart MCP for any code-structure or behavior query. Do NOT reach for grep / glob / Read first.
28
+ 2. **On illegitimate chart gap, file ONE LS feedback report** via `mcp__launch-secure__kit_feedback_submit` (the kit-self feedback channel — NOT `communication_write`, which would land in the user's own project Comm Hub instead of the launch-kit project). One report per invocation, not per query.
29
+ 3. **Fall back to grep / Read** only per the rules below.
30
+ 4. **Surface the fallback verbatim** in your final output — silent fallbacks hide gaps and let the chart rot.
31
+
32
+ ## Routing table — chart tool per question shape
33
+
34
+ Specialized tools (use these first when the question matches):
35
+
36
+ | Question shape | Chart tool | Notes |
37
+ |---|---|---|
38
+ | "Where is X referenced from other layers / who uses permission P / who calls endpoint E / who references table T" | `who_uses(target: X)` | scans all layers' cross_refs (calls_api, references_static, reads_via, mutates_via, reads, mutates, references_api). Paginated. |
39
+ | "Trace path between A and B / how does page X end up reading table T" | `trace_path(from: A, to: B)` | BFS via cross_refs including via[] middleware chains. Bounded by max_hops/max_paths. Paginated. |
40
+ | "Are migrations safe / which destructive migrations lack guards" | `migration_audit` | codifies CLAUDE.md's three-layer discipline. Lists destructives missing orphan_check / sidecar_backup / pre_flight_notice. Paginated. |
41
+ | "Show drift / SQL vs ORM mismatches / unresolved routes / FK drift" | `drift_report(layer?, kind?, confidence?)` | aggregates contradictions + flagged_edges across layers. Generalizes db-only include_findings. Paginated. |
42
+ | "Audit auth coverage / which endpoints are public / how many use withAuth" | `auth_coverage_report(module?, strategy?)` | aggregates api endpoints by auth[] wrapper. Surfaces unauthenticated. Grouped by module. |
43
+ | "What endpoints call /api/X / what URLs does UI fetch / who calls this endpoint" | `effects_index(kind: "fetch_calls", key?)` | UI→API call inventory from cross_refs[calls_api] + raw effects.fetches. |
44
+ | "Invert endpoint effects / which endpoints call db.user.findUnique" | `effects_index(kind: "api_effects", key?)` | inverts api endpoint effects.{calls,fetches,persists,…}. Use `key` for full caller list across categories. |
45
+
46
+ General routes (use these when no specialized tool fits):
47
+
48
+ | Question shape | Chart tool | Notes |
49
+ |---|---|---|
50
+ | "Where is X defined / what is it" | `read_graph(search: X)` | substring match on id, name, route, JSX text, ui_labels, notes |
51
+ | "What pages / hooks / endpoints / tables / migrations exist" | `read_graph(layer: <L>, type: <T>)` | layer + type filters |
52
+ | "What's in module Y" | `read_graph(module: Y)` | module tags from `.launchchart.json` |
53
+ | "Filter by multiple conditions (e.g. destructive AND missing orphan check)" | `read_graph(tag_predicates: [{field,op,value},...])` | ops: eq/ne/gt/lt/gte/lte/exists/not_exists/in. Matches top-level node attrs OR tag keys. |
54
+ | "Per-node incoming + outgoing cross-layer refs" | `read_graph(node_id: X, include_cross_refs: true, cross_ref_type?)` OR `inspect_node(node_id: X, fields: ["crossRefs"])` | when you want crossRefs inline alongside other data |
55
+ | "Surface flagged_edges by confidence (DYNAMIC routes, FK drift)" | `read_graph(layer: <L>, edge_confidence: ["medium","high"])` | layer-independent flagged_edges filter |
56
+ | "What does X render / what renders X" | `read_graph(node_id: X, hops: 1, include_edges: true)` | renders / imports edges |
57
+ | "Which UI calls API endpoint E" | `read_graph(node_id: E, layer: "api", include_edges: true)` OR `who_uses(target: E)` | cross-layer `calls_api` edges |
58
+ | "What endpoints touch table T" | `read_graph(layer: "api", search: T)` then check `db_models[]` | endpoints already index `db_models` and `db_operations` |
59
+ | "What auth does endpoint E use" | `read_graph(layer: "api", search: E)` then check `auth[]` | auth wrappers extracted per endpoint |
60
+ | "Is endpoint E mutating" | `read_graph(layer: "api", search: E)` then check `mutates` flag | already extracted |
61
+ | "What state does Z hold" | `inspect_node(node_id: Z, fields: ["stateVars"])` | start narrow, always |
62
+ | "What conditions exist in Z" | `inspect_node(node_id: Z, fields: ["conditions"])` | if / else / ternary tests with their test expressions |
63
+ | "Which nodes match pattern P inside conditions/vars/elements" | `inspect_node(layer: <L>, filter: P, fields: ["conditions"])` | regex over deep fields, raises node limit to 50 |
64
+ | "DOM ids / storage keys / window events / fetch urls / timers / singleton risks" | `effects_index(kind: <kind>, key?)` | precomputed cross-cutting inverted indexes |
65
+ | "DOM-id / storage-key collisions" | `effects_index(kind: "collisions")` | impossible without graph |
66
+ | "What tables relate to X" | `read_graph(layer: "db", node_id: X, include_edges: true)` | belongs_to / has_many edges |
67
+ | "Single migration M's safety status" | `read_graph(layer: "db", type: "migration", search: M)` | migration nodes carry `is_destructive`, `has_orphan_check`, `has_sidecar_backup`, `has_pre_flight_notice`, `contains_backfill`, `contains_drop_column` (use `migration_audit` for cross-migration audits) |
68
+ | "What seed roles / permissions / tags / providers / plans exist" | `read_graph(layer: "static", type: "seed_role")` etc. | static layer covers `prisma/seed.ts` |
69
+ | "What permissions does role R grant" | `read_graph(layer: "static", node_id: "seed:role:R", include_edges: true)` | `grants` edges |
70
+ | "Find pattern P in module M's files only" | `grep_nodes(layer: <L>, module: M, pattern: P)` | grep scoped via graph — much narrower than raw grep |
71
+ | "What breaks if I delete / change X" | `blast_points(node_id: X, direction: "reverse")` | reverse-dep walk across all layers in one call |
72
+ | "Find FIXME / TODO / tagged notes" | `read_graph(search: "FIXME")` or `list_notes` | tagged comments indexed |
73
+ | "What's the current stack / which parsers run / which layers are available" | `detect_project_stack` | run before concluding a layer is missing |
74
+
75
+ ## inspect_node strategy — start narrow, widen if needed
76
+
77
+ 1. **Decide first**: structure or variables? Structure (renders/imports/depends) → `read_graph`. Variables/state/conditions → `inspect_node`.
78
+ 2. **Always pass `fields` and/or `filter`** to keep the response small and inline. Examples:
79
+ - State only → `inspect_node(node_id: X, fields: ["stateVars"])`
80
+ - Pattern across many nodes → `inspect_node(layer: "ui", filter: "isAdmin", fields: ["conditions"])`
81
+ 3. **Only broaden if narrow returns nothing.** Remove `filter`, add more `fields`, or omit `fields` entirely as a last resort.
82
+ 4. **Never** call `inspect_node` with no `fields` and no `filter` on a large page or component — returns 50-80KB dumps that get persisted to disk and force a second read step.
83
+
84
+ ## parser_warning awareness
85
+
86
+ Several chart tools (`who_uses`, `trace_path`, `drift_report`, `read_graph` with `include_cross_refs` or `edge_confidence`, `inspect_node` with `crossRefs`, `effects_index` with `fetch_calls`) attach a `parser_warning` field when the underlying source data (cross_refs / flagged_edges / contradictions) is completely empty for the scanned layer(s). This is the chart **telling you the parser may not have run** — not "there's no match."
87
+
88
+ When you see `parser_warning` in a tool response:
89
+ 1. **Don't silently report "no results."** Empty-with-warning is a different signal than empty-without-warning.
90
+ 2. **Run `detect_project_stack`** to verify which parsers are detected. If the parser referenced in the warning IS detected, the data should be present — that's a chart-gap worth filing per the protocol below.
91
+ 3. **If the parser isn't detected for this stack** (e.g. cross-layer parsers don't apply because the project isn't TS/Next), surface that to the user — the chart doesn't claim coverage here.
92
+ 4. **Never strip `parser_warning` from your output.** Include it (or a short paraphrase) in the user-facing summary so they can act.
93
+
94
+ ## Chart breakage triage — BEFORE filing any feedback comment
95
+
96
+ When a chart query returns empty / errors / fires `parser_warning`, walk this triage. Two upstream causes are common and require NO feedback comment — they're user-action gaps, not chart bugs. File a comment ONLY after both are ruled out.
97
+
98
+ ### Step 1 — does the graph file even exist?
99
+
100
+ If a chart tool returns an error like `"No <layer> graph found at .launchsecure/graphs/<layer>.json"` or `"Run generate_graph first"`, the user hasn't built the graph yet. **Do NOT file a comment.** Tell the user verbatim and stop:
101
+ - `"No chart graph found in this project. Run mcp__launch-chart__generate_graph (or `npx launch-chart generate`) once, then retry the query."`
102
+
103
+ ### Step 2 — is the graph stale?
104
+
105
+ Every chart response carries `_meta.state`. If it's anything other than `"fresh"` (e.g. `"stale"`, `"escalated"`), the graph hasn't been regenerated since recent file edits — your query may be looking at an outdated snapshot. **Do NOT file a comment for stale-graph results.** Surface to the user:
106
+ - `"Chart graph is <state> (last full regen: <_meta.lastFullRegenAt>, <N> patches since). Recent edits may not be visible. Run generate_graph to refresh, then retry."`
107
+ - Then either stop OR proceed with the stale results, flagging the staleness in your final output.
108
+
109
+ ### Step 3 — parser produced empty/wrong output (the only chart-gap case)
110
+
111
+ Only AFTER ruling out steps 1 + 2: if `detect_project_stack` shows the relevant parser is detected, the graph file exists, AND `_meta.state` is fresh — and the query still returns empty / missing expected fields / missing cross-layer edges — that's a real chart gap. File the LS feedback comment per the template below, with parser-specific fields populated (parser name, layer, graph_meta).
112
+
113
+ ## When the fallback is legitimate (NO feedback comment)
114
+
115
+ These are expected gaps — the chart doesn't claim coverage here:
116
+
117
+ - **Non-TS source files** — SQL (`prisma/migrations/**/*.sql` and other), JS/CJS/MJS files, JSON, markdown (docs/), env files, CSS / Tailwind config, YAML / TOML
118
+ - **CSS classes, Tailwind utilities, inline styles** — chart doesn't model class names or computed styles
119
+ - **CLI bin / Node script files** — the typescript-project parser is Next.js-shaped and may skip standalone server entrypoints (e.g. `packages/cli/src/server/init-entry.ts` is known to be unindexed)
120
+ - **Untagged comment content** — only notes-tagged comments are indexed; arbitrary inline comments are not
121
+ - **Verifying a file's literal contents for review or editing** — Read is correct for "show me lines 40-80 of foo.ts"
122
+
123
+ In these cases, jump to grep / Read directly. Tell the user explicitly which non-coverage rule applied — e.g. `"Symptom is in an SQL migration file; chart doesn't model raw SQL — using Read directly."`
124
+
125
+ ## When the fallback is illegitimate (FEEDBACK COMMENT REQUIRED)
126
+
127
+ The chart should have answered but didn't. File ONE comment before falling back:
128
+
129
+ - `read_graph(search: "X")` returns 0 candidates AND a quick `grep` confirms "X" exists in indexed TS source
130
+ - A layer listed by `detect_project_stack` returns 0 nodes for any well-formed query (parser misconfig)
131
+ - `inspect_node` returns no `columns` / `elements` / `stateVars` for a known table or component (extractor gap)
132
+ - A cross-layer edge that should exist (e.g. UI page that fetches `/api/foo` should have a `calls_api` edge) is missing
133
+
134
+ ### Feedback report template
135
+
136
+ Call `mcp__launch-secure__kit_feedback_submit` — routes to the launch-kit project regardless of which repo the user is in:
137
+
138
+ ```
139
+ title: "launch-chart gap: <one-line, e.g. 'fetch-resolver produced 0 calls_api refs on ui layer'>"
140
+ source: "kit:analyse"
141
+ body: |
142
+ Skill: /kit:analyse
143
+ Query: <one-line what the user asked>
144
+ Tool: <chart_tool>(<args>)
145
+ Returned: <summary — e.g. "0 nodes" or "missing 'columns' field">
146
+ Cross-check: grep "<term>" matched <N> files (sample: <path1>, <path2>)
147
+ Project stack: <one-line from detect_project_stack>
148
+ Triage:
149
+ graph_exists: yes
150
+ graph_state: <_meta.state> # fresh — ruled out staleness
151
+ parser_detected: <parser_id> # from detect_project_stack
152
+ Parser: <parser_id> # e.g. fetch-resolver, typescript-project
153
+ Layer: <layer_id> # ui / api / db / static
154
+ Graph meta:
155
+ state: <_meta.state>
156
+ last_full_regen_at: <_meta.lastFullRegenAt>
157
+ ```
158
+
159
+ One report per invocation. After filing, surface to the user: `"(Filed chart-gap report to launch-kit project. Falling back to grep / Read for this query.)"` and continue.
160
+
161
+ ## Output shape
162
+
163
+ For every analysis, return:
164
+
165
+ 1. **One-paragraph answer** to the user's question — direct, no preamble.
166
+ 2. **Citations as chart node ids** — each claim links to a node (file path like `app/api/orgs/.../route.ts`, table name like `WorkItem`, route like `/admin/analytics`). The user must be able to verify by clicking through.
167
+ 3. **The chart query path you used** — one or two lines naming the tools + arguments. Lets the user re-run or extend the investigation.
168
+
169
+ If a fallback happened, prefix the output with one of:
170
+ - `(Filed gap report id: <id>. Falling back to grep — chart should have answered.)`
171
+ - `(Symptom is in <non-TS asset class>; chart doesn't model it — using grep / Read directly.)`
172
+
173
+ ## Constraints
174
+
175
+ - **Chart-first. No exceptions.** Default to MCP queries. grep / glob / Read only per the fallback rules above.
176
+ - **One feedback report per invocation.** Do not spam — bundle multiple chart issues into one report if they fire in the same run.
177
+ - **Cloud LS by default.** Use `mcp__launch-secure__kit_feedback_submit` (cloud). The local variant only if the user explicitly said "local".
178
+ - **No implementation.** This skill explains and traces; it does not edit. If the user wants the fix, hand the diagnosis back and let them invoke an editor flow.
179
+ - **Cite by node id.** Every claim links to a chart node so the user can verify.
180
+ - **Surface the fallback verbatim.** Silent fallbacks hide gaps and let the chart rot.
@@ -0,0 +1,107 @@
1
+ ---
2
+ description: Show the array of launch-beacon monitor sessions via the launch-beacon MCP — which is most recent, how many events each has, last event time, suspected liveness. Use to confirm a session is being recorded, find an old session to inspect, or audit disk usage. Read-only.
3
+ ---
4
+
5
+ # /kit:beacon-array
6
+
7
+ Liveness + inventory across every `launch-beacon monitor` session this repo has recorded — one row per beacon in the array.
8
+
9
+ Parse `$ARGUMENTS` as space-separated tokens, in any order:
10
+ - `full` — expanded report. Empty → terse one-line-per-session summary.
11
+ - `--worktree=<slug>` — orbit worktree slug. Forwarded to MCP as the `worktree` arg.
12
+ - `--project_root=<path>` — explicit project root (absolute, or relative to cwd). Forwarded as `project_root`. Takes precedence over `--worktree`.
13
+
14
+ Examples:
15
+ - `/kit:beacon-array` → terse one-line-per-session summary
16
+ - `/kit:beacon-array full` → expanded report
17
+ - `/kit:beacon-array --worktree=beacon_rewrite` → enumerate sessions captured in that worktree
18
+ - `/kit:beacon-array full --worktree=beacon_rewrite` → expanded report for that worktree
19
+
20
+ ## Enumerate sessions
21
+
22
+ Call `mcp__local-launch-beacon__beacon_sessions`, forwarding `worktree` / `project_root` if supplied. Returns an array of per-session summaries: token, event count, kind breakdown, first/last seq, last event timestamp.
23
+
24
+ If the response is `{sessions: []}` OR `{error: ...}`, **alert the user with the exact MCP error string**, then walk the fallback below — do NOT silently `ls`.
25
+
26
+ **Fallback when the MCP returns nothing:**
27
+ 1. If the user did NOT pass `--worktree` / `--project_root` and `launch-orbit` has worktrees registered for this repo, suggest re-running with `--worktree=<slug>` before falling back to the filesystem.
28
+ 2. Look for `.launchsecure/beacon-*.ndjson` in cwd, then in up to 2 parent dirs. Use the `Read` tool — never `ls`, `find`, or globbing as the primary path.
29
+ 3. If files are found at an alternative path, tell the user the path mismatch explicitly: `"MCP scans <root>/.launchsecure/ but sessions live at <found-path>. Reading directly."`
30
+ 4. If nothing is found anywhere, stop with: `"No beacon sessions found in .launchsecure/. Start one with: npx launch-beacon monitor"`.
31
+
32
+ ## Per-session facts
33
+
34
+ For each session the MCP returns:
35
+ - **token** — session id
36
+ - **events** — total event count
37
+ - **last_ts** — last event timestamp (epoch ms)
38
+ - **last_kind** — kind of the last event (read from the kind breakdown's most-recent entry, or call `beacon_event(seq: last_seq)` for certainty)
39
+ - **kinds** — kind breakdown map (`{click: 142, fetch: 71, …}`)
40
+ - **first_seq / last_seq** — bounds
41
+
42
+ Compute **age** from `last_ts` (current epoch minus `last_ts`):
43
+ - < 5s → "just now"
44
+ - < 60s → "Ns ago"
45
+ - < 1h → "Nm ago"
46
+ - < 24h → "Nh ago"
47
+ - else → "Nd ago"
48
+
49
+ ## Liveness heuristic
50
+
51
+ - **active** — `last_ts` is within the last 5 seconds (matches the receiver's batch-flush interval)
52
+ - **idle** — between 5 seconds and 30 minutes
53
+ - **stale** — older than 30 minutes (the receiver enforces a 30-min cap)
54
+
55
+ ## Default output (no arguments)
56
+
57
+ ```
58
+ .launchsecure/
59
+ ● 8f3c2a91 247 events click (just now) ACTIVE
60
+ a1b2c3d4 89 events error (12m ago) idle
61
+ 2557799f 1,247 events route (2h ago) stale
62
+
63
+ 3 sessions, 1 active.
64
+ ```
65
+
66
+ Rules:
67
+ - Glyph: `●` (filled) for active, blank for idle/stale.
68
+ - Columns: token (8 chars) — events (right-aligned, thousands-separated) — last event "kind (age)" — status word.
69
+ - Sort newest-first by `last_ts`.
70
+ - Summary line: total count + how many active.
71
+ - Plain text, monospace alignment.
72
+
73
+ ## Full output (`/kit:beacon-array full`)
74
+
75
+ Same per-session block as default, then expand each:
76
+
77
+ ```
78
+ ● 8f3c2a91 — ACTIVE
79
+ events: 247
80
+ last event: 2026-05-26T12:20:51Z (just now)
81
+ last kind: click
82
+ kinds: click 142, fetch 71, route 12, error 3, dialog 9, probe 10
83
+ seq range: 1–247
84
+ started: 2026-05-26T12:12:33Z (8m ago)
85
+
86
+ a1b2c3d4 — idle
87
+ ...
88
+ ```
89
+
90
+ For the `started` timestamp, call `mcp__local-launch-beacon__beacon_event` with `seq: <first_seq>, session: <token>` (and forward the same `worktree` / `project_root` args you used on `beacon_sessions`) and read its `ts`. Only do this for the full view — skip in the default view to keep it sub-second.
91
+
92
+ `kinds:` formatted as `kind1 N1, kind2 N2, …` sorted by count desc, comma-separated.
93
+
94
+ End with the same summary line as default.
95
+
96
+ ## File size
97
+
98
+ The `beacon_sessions` summary does NOT include byte size. Both default and full views omit it — size isn't load-bearing for diagnosis. If the user explicitly asks ("how big is this file?"), fall back to `Read`-then-count or `wc -c` for that single file and tell them so: `"MCP doesn't expose byte size — falling back to wc -c."`.
99
+
100
+ ## Constraints
101
+
102
+ - **MCP-first.** Use `beacon_sessions` and `beacon_event` — never `ls`, `wc`, `stat`, `tail`, `sed` as the primary path.
103
+ - **Alert on fallback.** If the MCP can't answer, say so verbatim before reading the files directly.
104
+ - **Read-only.** No deletion, no rotation, no auto-cleanup.
105
+ - **Fast.** Default view should be sub-second even with many sessions.
106
+ - **Plain text.** No markdown tables, no fenced blocks in the actual output.
107
+ - **Don't suggest cleanup.** That's `/kit:beacon-clear`'s job. Stale sessions are informational, not an error.
@@ -0,0 +1,94 @@
1
+ ---
2
+ description: Soft-delete launch-beacon monitor session NDJSON files. Default clears only the latest session (so you can start a clean repro); pass `all` to clear every `.launchsecure/beacon-*.ndjson`. Always shows what will be cleared and asks for confirmation. Recoverable from `.launchsecure/.trash/<ts>/`.
3
+ ---
4
+
5
+ # /kit:beacon-clear
6
+
7
+ Clean slate before a fresh repro. The receiver appends to the same NDJSON file across reconnects of the same session, so an existing file accumulates noise from earlier attempts — clearing first makes the new stream easier to reason about.
8
+
9
+ Parse `$ARGUMENTS` as space-separated tokens, in any order:
10
+ - empty → clear the most recent session file only
11
+ - `all` → clear every `.launchsecure/beacon-*.ndjson` in the target dir
12
+ - a specific token or filename → clear that one file (must match a real path)
13
+ - `--worktree=<slug>` — orbit worktree slug. Forwarded to MCP as the `worktree` arg; the soft-delete acts on the worktree's `.launchsecure/`.
14
+ - `--project_root=<path>` — explicit project root (absolute, or relative to cwd). Forwarded as `project_root`. Takes precedence over `--worktree`.
15
+
16
+ Examples:
17
+ - `/kit:beacon-clear` → clear the most recent session in cwd's `.launchsecure/`
18
+ - `/kit:beacon-clear all` → clear every session in cwd's `.launchsecure/`
19
+ - `/kit:beacon-clear all --worktree=beacon_rewrite` → clear every session in that worktree's `.launchsecure/`
20
+
21
+ ## Enumerate candidates
22
+
23
+ Call `mcp__local-launch-beacon__beacon_sessions`, forwarding `worktree` / `project_root` if supplied. Use `token`, `last_ts`, `events`, and `path` (absolute) from the response. **The filesystem operations below MUST use `path` from this response — never reconstruct paths from `.launchsecure/beacon-<token>.ndjson` relative to cwd**, because with `--worktree` / `--project_root` the real directory is elsewhere.
24
+
25
+ If the response is `{sessions: []}` OR `{error: ...}`, **alert the user with the exact MCP error string**, then walk the fallback below — do NOT silently `ls`.
26
+
27
+ **Fallback when the MCP returns nothing:**
28
+ 1. If the user did NOT pass `--worktree` / `--project_root` and `launch-orbit` has worktrees registered for this repo, suggest re-running with `--worktree=<slug>` before falling back to the filesystem.
29
+ 2. Look for `.launchsecure/beacon-*.ndjson` in cwd, then in up to 2 parent dirs. Use the `Read` tool — never `ls`, `find`, or globbing as the primary path.
30
+ 3. If files are found at an alternative path, tell the user the path mismatch and ASK before proceeding — the user may not want to clear files at an unexpected location.
31
+ 4. If nothing is found anywhere, stop with: `"No beacon sessions found in .launchsecure/. Nothing to clear."`.
32
+
33
+ ## Decide target set
34
+
35
+ - empty → most-recent session (highest `last_ts`)
36
+ - `all` → every session the MCP returned
37
+ - otherwise → resolve `$ARGUMENTS` to a single token: try the literal arg first as a session id, then strip a `.ndjson` suffix, then try matching against the filename portion of a path containing `beacon-<token>.ndjson`. Refuse with a clear message if none match.
38
+
39
+ ## Refusal rules
40
+
41
+ Refuse with a clear message if:
42
+ - the target set is empty
43
+ - any target resolves outside `.launchsecure/` (defence against `..` injection from `$ARGUMENTS` — even if the user passes an absolute path)
44
+ - the active session is being written *right now* (`last_ts` within the last 5 seconds) — print a one-line warning and ask the user to stop the monitor first:
45
+ ```
46
+ ⚠ .launchsecure/beacon-8f3c2a91.ndjson was last written 2s ago — looks active.
47
+ Stop the receiver (Ctrl+C in the launch-beacon monitor terminal) and re-run /kit:beacon-clear.
48
+ ```
49
+ The user can still force by passing the token explicitly — but never silently nuke an actively-written file.
50
+
51
+ ## Confirmation
52
+
53
+ Print what's about to be moved and ask before doing it.
54
+
55
+ ```
56
+ About to soft-delete 1 file:
57
+ .launchsecure/beacon-a1b2c3d4.ndjson 89 events, 12m ago
58
+
59
+ Recoverable from .launchsecure/.trash/<UTC-timestamp>/ until manually purged.
60
+
61
+ Confirm? (y/N)
62
+ ```
63
+
64
+ For `all`, list every file with event count + age. Don't truncate.
65
+
66
+ Wait for explicit `y`/`yes`. Anything else → abort with `Cancelled. No files were moved.`
67
+
68
+ ## Soft-delete (move, don't rm)
69
+
70
+ Create `<sessionDir>/.trash/<UTC-ISO-timestamp>/` and `mv` each target into it, where `<sessionDir>` is `dirname(path)` from the `beacon_sessions` response — NOT a hard-coded `.launchsecure/`. This matters when `--worktree` or `--project_root` was passed, because the dir is then the worktree's `.launchsecure/`, not cwd's. **Never `rm`.** This is the mitigation for the recall coverage gap — recall doesn't snapshot `.launchsecure/*` today (tracked in LS work item #144). Soft-delete preserves the option to recover within the same machine.
71
+
72
+ ```bash
73
+ SESSION_DIR=$(dirname "<path-from-beacon_sessions>") # e.g. /repo/.claude/worktrees/foo/.launchsecure
74
+ TRASH="$SESSION_DIR/.trash/$(date -u +%Y%m%dT%H%M%SZ)"
75
+ mkdir -p "$TRASH"
76
+ mv "$SESSION_DIR/beacon-<token>.ndjson" "$TRASH/"
77
+ ```
78
+
79
+ After the move, print:
80
+
81
+ ```
82
+ ✓ moved 1 file to .launchsecure/.trash/20260526T142233Z/ (89 events archived).
83
+ Recover with: mv .launchsecure/.trash/20260526T142233Z/beacon-a1b2c3d4.ndjson .launchsecure/
84
+ ```
85
+
86
+ For `all`, print the count and the trash dir once; don't list every recovery command.
87
+
88
+ ## Constraints
89
+
90
+ - **MCP-first for enumeration.** Use `beacon_sessions` — never `ls` as the primary path.
91
+ - **Destructive — always confirm.** Even if `$ARGUMENTS` is `all`, ask first.
92
+ - **Scope-locked to the session dir.** The session dir is `dirname(path)` from `beacon_sessions` (typically `.launchsecure/`, but `<worktree>/.launchsecure/` when `--worktree`/`--project_root` is passed). Reject any target outside the dir the MCP told you about, even if the user passes an absolute path. We never touch files we didn't write.
93
+ - **Soft-delete only.** Never `rm` — always `mv` into `.launchsecure/.trash/<ts>/`. The trash dir is not auto-pruned; cleaning it up is a deliberate user action.
94
+ - **Don't stop the monitor server.** This command only moves files. The receiver keeps running and will reopen the same file on its next write — which is fine, the file just starts empty again.
@@ -0,0 +1,82 @@
1
+ ---
2
+ description: Show the most recent failure from the active launch-beacon monitor session, plus the N events that preceded it (default 10). Answers "what was happening when it broke" without scrolling through the full stream. Read-only.
3
+ ---
4
+
5
+ # /kit:beacon-pulse
6
+
7
+ The "what happened just before this failure" command — a single pulse, freezing the moment the beacon caught a failure. When a bug fires, the actual story is usually the chain of events leading up to it: the click that triggered a state change, the failed fetch that left auth in a bad state, the route change that mounted the wrong component.
8
+
9
+ A "failure" here is anything `mcp__local-launch-beacon__beacon_failures` returns — window errors, unhandled rejections, fetch/xhr with status ≥ 400 or thrown, and clicks where overlay interception blocked the intended target. Broader than just `kind=error`; matches what users mean when they say "something broke."
10
+
11
+ Parse `$ARGUMENTS` as space-separated tokens, in any order:
12
+ - An optional **integer** — the count of preceding events to include. Default 10. Cap at 50 (the `beacon_correlate.before` tool limit).
13
+ - `--worktree=<slug>` — orbit worktree slug. Forwarded to every MCP call as the `worktree` arg.
14
+ - `--project_root=<path>` — explicit project root (absolute, or relative to cwd). Forwarded as `project_root`. Takes precedence over `--worktree`.
15
+
16
+ Examples:
17
+ - `/kit:beacon-pulse` → 10 events before the latest failure
18
+ - `/kit:beacon-pulse 25` → 25 events before
19
+ - `/kit:beacon-pulse --worktree=beacon_rewrite` → query a worktree's session
20
+
21
+ ## Locate the most recent failure
22
+
23
+ Call `mcp__local-launch-beacon__beacon_failures` with `limit: 1` (and `worktree` / `project_root` if the user supplied them). The tool implicitly targets the most recent session.
24
+
25
+ If the response is `{error: "no session found"}` OR an empty failures array, **alert the user with the exact MCP error string**, then walk the fallback below — do NOT silently grep. The MCP can come up empty for two non-bug reasons: (a) no session has been started, (b) the session NDJSON lives outside the MCP's watch root (e.g. inside an orbit worktree the user didn't name).
26
+
27
+ **Fallback when the MCP returns nothing:**
28
+ 1. If the user did NOT pass `--worktree` / `--project_root` and `launch-orbit` has worktrees registered for this repo, suggest re-running with `--worktree=<slug>` before falling back to the filesystem.
29
+ 2. Look for `.launchsecure/beacon-*.ndjson` in cwd, then in up to 2 parent dirs. Use the `Read` tool to inspect the most-recently-modified matching file — do NOT use `grep`, `find`, or `ls` as the primary path.
30
+ 3. If files are found at an alternative path, tell the user the path mismatch explicitly: `"MCP scans <root>/.launchsecure/ but the session lives at <found-path>. Reading directly."`
31
+ 4. If nothing is found anywhere, stop with: `"No beacon sessions found. Start one with: npx launch-beacon monitor"`.
32
+
33
+ Capture the failure's `seq`, `kind`, `ts`, and message.
34
+
35
+ ## Pull the context window
36
+
37
+ Call `mcp__local-launch-beacon__beacon_correlate` with `seq: <failure.seq>`, `before: N`, `after: 0`, plus the same `worktree` / `project_root` args you used on `beacon_failures`. The tool returns event summaries directly — no JSON parsing required.
38
+
39
+ If a context event's summary is missing detail you need for analysis (truncated stack, missing response body, selector chain), call `mcp__local-launch-beacon__beacon_event` with that event's specific `seq` for the full JSON — and forward the same root args. Only do this when the summary is insufficient — not unconditional.
40
+
41
+ ## Output
42
+
43
+ Render a **timeline** with the failure visually separated at the bottom:
44
+
45
+ ```
46
+ session: <token>
47
+ window: N events before failure at seq <seq>
48
+
49
+ 12:34:51 click button.submit-btn
50
+ 12:34:51 fetch POST 401 /api/sessions (120ms) FAILED
51
+ 12:34:51 fetch GET 401 /api/me (45ms) FAILED
52
+ 12:34:52 route /login → /dashboard (pushState)
53
+ ...
54
+
55
+ ╴╴╴╴ FAILURE ╴╴╴╴
56
+ 12:34:53 error Cannot read properties of undefined (reading 'orgSlug')
57
+ at apps/Console.tsx:42:18
58
+ stack: Console.render
59
+ React.renderWithHooks
60
+ React.beginWork
61
+ ```
62
+
63
+ Format rules:
64
+ - One line per event, same SUMMARY format as `/kit:beacon-scan`.
65
+ - The failure block at the end gets the message + (truncated) stack frames if present. For fetch/xhr failures, include method + status + url + response body summary.
66
+ - Separator above the failure is the visual cue.
67
+
68
+ After the timeline, write **one short paragraph** of analysis: what does the chain *look* like? Common patterns:
69
+ - 401s → error referencing user/org → "auth expired or org context missing"
70
+ - click → no observable effect → click again → error → "first click handler crashed silently; second click landed on something else"
71
+ - route change → error → "component on the new route blew up during initial render"
72
+ - repeated 400s on the same endpoint → "request shape mismatch — check the server's Zod schema against the client payload"
73
+
74
+ Don't dive into a fix — name the suspected proximate cause, suggest one concrete next step (which file to read, which probe to add, which `/kit:beacon-scan <kind>` to drill into).
75
+
76
+ ## Constraints
77
+
78
+ - **MCP-first.** Use `beacon_failures`, `beacon_correlate`, `beacon_event` — never `grep`, `find`, `ls`, `sed`, `cut`, or `tail` as the primary path.
79
+ - **Alert on fallback.** If the MCP can't answer, say so verbatim before reading the file directly.
80
+ - **Read-only.**
81
+ - **Most recent failure only.** For an earlier one, clear the session (`/kit:beacon-clear`) and reproduce, or use `/kit:beacon-scan error` / `/kit:beacon-scan fetch` to browse.
82
+ - **Plain text.** Same monospace conventions as `/kit:beacon-scan`.
@@ -0,0 +1,66 @@
1
+ ---
2
+ description: Scan recent events from the active launch-beacon monitor session via the launch-beacon MCP. Defaults to last 50 events across all kinds; pass a kind (`error`, `click`, `fetch`, `route`, `dialog`, `probe`, etc.) to filter, and/or a numeric limit. Read-only.
3
+ ---
4
+
5
+ # /kit:beacon-scan
6
+
7
+ Recent runtime events captured by a `launch-beacon monitor` session. Use this as the first step when investigating something that just happened in the browser — clicks, failed network calls, errors, route changes, probe() calls, dialog mount/unmount.
8
+
9
+ Parse `$ARGUMENTS` as space-separated tokens, in any order:
10
+ - A **kind filter**: one of `error`, `unhandledrejection`, `fetch`, `xhr`, `click`, `mousedown`, `route`, `dialog`, `submit`, `probe`. Anything else that doesn't parse as an integer or a known `--flag` is treated as an explicit session token.
11
+ - A **limit**: integer. Default 50. Hard cap 500 (the `beacon_recent.limit` tool ceiling).
12
+ - An explicit **session token** (8-char hex like `8f3c2a91`) — passed straight through as the `session` MCP arg.
13
+ - `--worktree=<slug>` — orbit worktree slug (from `launch-orbit create`). Forwarded to the MCP as the `worktree` arg so a Claude session pinned to the main repo can read sessions captured inside a worktree.
14
+ - `--project_root=<path>` — explicit project root (absolute, or relative to cwd). Forwarded to the MCP as `project_root`. Takes precedence over `--worktree`.
15
+
16
+ Examples:
17
+ - `/kit:beacon-scan` → last 50 events of any kind from the latest session
18
+ - `/kit:beacon-scan error` → last 50 errors only
19
+ - `/kit:beacon-scan click 20` → last 20 click events
20
+ - `/kit:beacon-scan 100` → last 100 events of any kind
21
+ - `/kit:beacon-scan fetch 50 8f3c2a91` → last 50 fetches from a specific session
22
+ - `/kit:beacon-scan fetch --worktree=beacon_rewrite` → last 50 fetches captured in that worktree
23
+
24
+ ## Scan
25
+
26
+ Call `mcp__local-launch-beacon__beacon_recent` with `kind: <kind?>`, `limit: <limit>`, `session: <session?>`, plus `worktree: <slug?>` and `project_root: <path?>` if the user supplied them. The tool defaults to the most-recent session and returns one compact summary line per event.
27
+
28
+ If the response is `{error: "no session found"}` OR an empty events array, **alert the user with the exact MCP error string**, then walk the fallback below — do NOT silently grep.
29
+
30
+ **Fallback when the MCP returns nothing:**
31
+ 1. If the user did NOT pass `--worktree` / `--project_root` and the cwd is the main repo of a project that has worktrees registered with `launch-orbit`, suggest re-running with `--worktree=<slug>` before falling back to the filesystem — that's usually the actual fix and avoids a wrong-directory scan.
32
+ 2. Look for `.launchsecure/beacon-*.ndjson` in cwd, then in up to 2 parent dirs. Use the `Read` tool to inspect the most-recently-modified matching file — do NOT use `grep`, `find`, or `ls` as the primary path.
33
+ 3. If files are found at an alternative path, tell the user the path mismatch explicitly: `"MCP scans <root>/.launchsecure/ but the session lives at <found-path>. Reading directly."`
34
+ 4. If nothing is found anywhere, stop with: `"No beacon sessions found. Start one with: npx launch-beacon monitor"`.
35
+
36
+ ## Output
37
+
38
+ Group events by **time** (most recent last — chronological matches user intuition for "what happened"). For each event, render one line:
39
+
40
+ ```
41
+ HH:MM:SS KIND SUMMARY
42
+ ```
43
+
44
+ Where SUMMARY is a one-liner pulled from the event body:
45
+ - **error / unhandledrejection** → `message` (truncate ≤ 80 chars)
46
+ - **fetch / xhr** → `METHOD status url (durationMs)` — flag `FAILED` if `failed:true`
47
+ - **click / mousedown** → `target.selector` and, when `hitMatchesTarget === false`, also append `(occluded by <hitTarget.selector>)` — that's exactly the diagnostic the user is here for
48
+ - **route** → `from → to (via)`
49
+ - **dialog** → `<action> <selector>` (e.g. `mount dialog#xyz` or `unmount section[role=dialog]`)
50
+ - **submit** → `<form selector> (preventDefault?)`
51
+ - **probe** → `<label>: <truncated JSON>`
52
+
53
+ If a summary line is missing detail you need (truncated response body, full selector chain, stack frames), call `mcp__local-launch-beacon__beacon_event` with that event's `seq` for the full JSON — and forward the same `worktree` / `project_root` args you used on `beacon_recent`. Only on demand — not unconditional.
54
+
55
+ After the timeline, if anything looks suspicious (clusters of failed network calls, a click followed by no observable effect, a `hitMatchesTarget:false` event, an unhandled rejection), call it out in **one short paragraph** at the end. Don't analyze every event — only surface the standouts.
56
+
57
+ If the buffer is empty after filtering, say so: `No events match that filter in <session>.`
58
+
59
+ ## Constraints
60
+
61
+ - **MCP-first.** Use `beacon_recent` / `beacon_event` — never `grep`, `find`, `ls`, `tail`, `head` as the primary path.
62
+ - **Alert on fallback.** If the MCP can't answer, say so verbatim before reading the file directly.
63
+ - **Read-only.** Never delete, modify, or write to the NDJSON file. Wiping is `/kit:beacon-clear`.
64
+ - **Always use the latest session by default.** Pass an explicit token as the third arg only when the user wants a specific older session.
65
+ - **Plain text output.** Monospace alignment beats markdown tables here.
66
+ - **Don't speculate on root cause.** Surface anomalies; let the user direct the next query (often: `/kit:beacon-pulse` for context around the latest failure).