@mandujs/mcp 0.13.0 → 0.16.0

package/src/resources/skills/mandu-slot/rules/slot-basic-structure.md

@@ -1,38 +1,38 @@
----
-title: Always Use Mandu.filling() as Default Export
-impact: CRITICAL
-impactDescription: Required for slot to work
-tags: slot, structure, filling
----
-
-## Always Use Mandu.filling() as Default Export
-
-Every slot file must export a default `Mandu.filling()` chain. This is how Mandu
-recognizes and processes your business logic.
-
-**Incorrect (plain function export):**
-
-```typescript
-// spec/slots/users.slot.ts
-export default async function handler(req: Request) {
-  return Response.json({ users: [] });
-}
-```
-
-**Correct (Mandu.filling() chain):**
-
-```typescript
-// spec/slots/users.slot.ts
-import { Mandu } from "@mandujs/core";
-
-export default Mandu.filling()
-  .get((ctx) => {
-    return ctx.ok({ users: [] });
-  });
-```
-
-The `Mandu.filling()` provides:
-- Type-safe context API
-- Built-in error handling
-- Guard and lifecycle hooks
-- Consistent response format
+---
+title: Always Use Mandu.filling() as Default Export
+impact: CRITICAL
+impactDescription: Required for slot to work
+tags: slot, structure, filling
+---
+
+## Always Use Mandu.filling() as Default Export
+
+Every slot file must export a default `Mandu.filling()` chain. This is how Mandu
+recognizes and processes your business logic.
+
+**Incorrect (plain function export):**
+
+```typescript
+// spec/slots/users.slot.ts
+export default async function handler(req: Request) {
+  return Response.json({ users: [] });
+}
+```
+
+**Correct (Mandu.filling() chain):**
+
+```typescript
+// spec/slots/users.slot.ts
+import { Mandu } from "@mandujs/core";
+
+export default Mandu.filling()
+  .get((ctx) => {
+    return ctx.ok({ users: [] });
+  });
+```
+
+The `Mandu.filling()` provides:
+- Type-safe context API
+- Built-in error handling
+- Guard and lifecycle hooks
+- Consistent response format

package/src/resources/skills/mandu-slot/rules/slot-ctx-response.md

@@ -1,56 +1,56 @@
----
-title: Use Context Response Methods
-impact: HIGH
-impactDescription: Consistent API responses
-tags: slot, context, response
----
-
-## Use Context Response Methods
-
-Use `ctx.ok()`, `ctx.created()`, `ctx.error()` instead of manual Response objects.
-These methods ensure consistent response format across your API.
-
-**Incorrect (manual Response):**
-
-```typescript
-export default Mandu.filling()
-  .get((ctx) => {
-    return new Response(JSON.stringify({ data: [] }), {
-      headers: { "Content-Type": "application/json" }
-    });
-  })
-  .post(async (ctx) => {
-    return new Response(JSON.stringify({ error: "Bad request" }), {
-      status: 400
-    });
-  });
-```
-
-**Correct (context methods):**
-
-```typescript
-export default Mandu.filling()
-  .get((ctx) => {
-    return ctx.ok({ data: [] });
-  })
-  .post(async (ctx) => {
-    const body = await ctx.body();
-    if (!body.name) {
-      return ctx.error("name is required");
-    }
-    return ctx.created({ data: body });
-  });
-```
-
-## Response Methods
-
-| Method | Status | Use Case |
-|--------|--------|----------|
-| `ctx.ok(data)` | 200 | Success |
-| `ctx.created(data)` | 201 | Resource created |
-| `ctx.noContent()` | 204 | Success, no body |
-| `ctx.error(msg)` | 400 | Bad request |
-| `ctx.unauthorized(msg)` | 401 | Auth required |
-| `ctx.forbidden(msg)` | 403 | Permission denied |
-| `ctx.notFound(msg)` | 404 | Not found |
-| `ctx.fail(msg)` | 500 | Server error |
+---
+title: Use Context Response Methods
+impact: HIGH
+impactDescription: Consistent API responses
+tags: slot, context, response
+---
+
+## Use Context Response Methods
+
+Use `ctx.ok()`, `ctx.created()`, `ctx.error()` instead of manual Response objects.
+These methods ensure consistent response format across your API.
+
+**Incorrect (manual Response):**
+
+```typescript
+export default Mandu.filling()
+  .get((ctx) => {
+    return new Response(JSON.stringify({ data: [] }), {
+      headers: { "Content-Type": "application/json" }
+    });
+  })
+  .post(async (ctx) => {
+    return new Response(JSON.stringify({ error: "Bad request" }), {
+      status: 400
+    });
+  });
+```
+
+**Correct (context methods):**
+
+```typescript
+export default Mandu.filling()
+  .get((ctx) => {
+    return ctx.ok({ data: [] });
+  })
+  .post(async (ctx) => {
+    const body = await ctx.body();
+    if (!body.name) {
+      return ctx.error("name is required");
+    }
+    return ctx.created({ data: body });
+  });
+```
+
+## Response Methods
+
+| Method | Status | Use Case |
+|--------|--------|----------|
+| `ctx.ok(data)` | 200 | Success |
+| `ctx.created(data)` | 201 | Resource created |
+| `ctx.noContent()` | 204 | Success, no body |
+| `ctx.error(msg)` | 400 | Bad request |
+| `ctx.unauthorized(msg)` | 401 | Auth required |
+| `ctx.forbidden(msg)` | 403 | Permission denied |
+| `ctx.notFound(msg)` | 404 | Not found |
+| `ctx.fail(msg)` | 500 | Server error |

package/src/resources/skills/mandu-slot/rules/slot-guard-auth.md

@@ -1,59 +1,59 @@
----
-title: Use .guard() for Authentication
-impact: MEDIUM
-impactDescription: Clean auth separation
-tags: slot, guard, authentication
----
-
-## Use .guard() for Authentication
-
-Use `.guard()` to check authentication before handlers run. Return a response
-to block the request, or return void/undefined to continue.
-
-**Incorrect (auth check in every handler):**
-
-```typescript
-export default Mandu.filling()
-  .get((ctx) => {
-    const user = ctx.get("user");
-    if (!user) {
-      return ctx.unauthorized("Login required");
-    }
-    return ctx.ok({ data: [] });
-  })
-  .post(async (ctx) => {
-    const user = ctx.get("user");
-    if (!user) {
-      return ctx.unauthorized("Login required");
-    }
-    // ... create logic
-  });
-```
-
-**Correct (single guard):**
-
-```typescript
-export default Mandu.filling()
-  .guard((ctx) => {
-    const user = ctx.get("user");
-    if (!user) {
-      return ctx.unauthorized("Login required");
-    }
-    // void return = continue to handlers
-  })
-  .get((ctx) => {
-    const user = ctx.get("user");
-    return ctx.ok({ data: [], user });
-  })
-  .post(async (ctx) => {
-    const body = await ctx.body();
-    return ctx.created({ data: body });
-  });
-```
-
-## Guard Rules
-
-1. Return response → Request blocked
-2. Return void → Continue to handler
-3. Guard runs before ALL HTTP method handlers
-4. Use `.onRequest()` to set user before guard runs
+---
+title: Use .guard() for Authentication
+impact: MEDIUM
+impactDescription: Clean auth separation
+tags: slot, guard, authentication
+---
+
+## Use .guard() for Authentication
+
+Use `.guard()` to check authentication before handlers run. Return a response
+to block the request, or return void/undefined to continue.
+
+**Incorrect (auth check in every handler):**
+
+```typescript
+export default Mandu.filling()
+  .get((ctx) => {
+    const user = ctx.get("user");
+    if (!user) {
+      return ctx.unauthorized("Login required");
+    }
+    return ctx.ok({ data: [] });
+  })
+  .post(async (ctx) => {
+    const user = ctx.get("user");
+    if (!user) {
+      return ctx.unauthorized("Login required");
+    }
+    // ... create logic
+  });
+```
+
+**Correct (single guard):**
+
+```typescript
+export default Mandu.filling()
+  .guard((ctx) => {
+    const user = ctx.get("user");
+    if (!user) {
+      return ctx.unauthorized("Login required");
+    }
+    // void return = continue to handlers
+  })
+  .get((ctx) => {
+    const user = ctx.get("user");
+    return ctx.ok({ data: [], user });
+  })
+  .post(async (ctx) => {
+    const body = await ctx.body();
+    return ctx.created({ data: body });
+  });
+```
+
+## Guard Rules
+
+1. Return response → Request blocked
+2. Return void → Continue to handler
+3. Guard runs before ALL HTTP method handlers
+4. Use `.onRequest()` to set user before guard runs

package/src/resources/skills/mandu-slot/rules/slot-http-methods.md

@@ -1,64 +1,64 @@
----
-title: Use Appropriate HTTP Methods
-impact: HIGH
-impactDescription: RESTful API design
-tags: slot, http, methods, rest
----
-
-## Use Appropriate HTTP Methods
-
-Chain HTTP methods on Mandu.filling() for RESTful API design.
-
-**Incorrect (single handler for all):**
-
-```typescript
-export default Mandu.filling()
-  .get(async (ctx) => {
-    const method = ctx.req.method;
-    if (method === "GET") {
-      return ctx.ok({ data: [] });
-    } else if (method === "POST") {
-      const body = await ctx.body();
-      return ctx.created({ data: body });
-    }
-  });
-```
-
-**Correct (separate methods):**
-
-```typescript
-export default Mandu.filling()
-  .get((ctx) => {
-    // GET /api/users - List users
-    return ctx.ok({ data: [] });
-  })
-  .post(async (ctx) => {
-    // POST /api/users - Create user
-    const body = await ctx.body<{ name: string }>();
-    return ctx.created({ data: { id: 1, ...body } });
-  })
-  .put(async (ctx) => {
-    // PUT /api/users/:id - Replace user
-    const body = await ctx.body();
-    return ctx.ok({ data: body });
-  })
-  .patch(async (ctx) => {
-    // PATCH /api/users/:id - Update user
-    const body = await ctx.body();
-    return ctx.ok({ data: body });
-  })
-  .delete((ctx) => {
-    // DELETE /api/users/:id - Delete user
-    return ctx.noContent();
-  });
-```
-
-## HTTP Method Semantics
-
-| Method | Idempotent | Use Case |
-|--------|------------|----------|
-| GET | Yes | Read resource |
-| POST | No | Create resource |
-| PUT | Yes | Replace resource |
-| PATCH | No | Partial update |
-| DELETE | Yes | Remove resource |
+---
+title: Use Appropriate HTTP Methods
+impact: HIGH
+impactDescription: RESTful API design
+tags: slot, http, methods, rest
+---
+
+## Use Appropriate HTTP Methods
+
+Chain HTTP methods on Mandu.filling() for RESTful API design.
+
+**Incorrect (single handler for all):**
+
+```typescript
+export default Mandu.filling()
+  .get(async (ctx) => {
+    const method = ctx.req.method;
+    if (method === "GET") {
+      return ctx.ok({ data: [] });
+    } else if (method === "POST") {
+      const body = await ctx.body();
+      return ctx.created({ data: body });
+    }
+  });
+```
+
+**Correct (separate methods):**
+
+```typescript
+export default Mandu.filling()
+  .get((ctx) => {
+    // GET /api/users - List users
+    return ctx.ok({ data: [] });
+  })
+  .post(async (ctx) => {
+    // POST /api/users - Create user
+    const body = await ctx.body<{ name: string }>();
+    return ctx.created({ data: { id: 1, ...body } });
+  })
+  .put(async (ctx) => {
+    // PUT /api/users/:id - Replace user
+    const body = await ctx.body();
+    return ctx.ok({ data: body });
+  })
+  .patch(async (ctx) => {
+    // PATCH /api/users/:id - Update user
+    const body = await ctx.body();
+    return ctx.ok({ data: body });
+  })
+  .delete((ctx) => {
+    // DELETE /api/users/:id - Delete user
+    return ctx.noContent();
+  });
+```
+
+## HTTP Method Semantics
+
+| Method | Idempotent | Use Case |
+|--------|------------|----------|
+| GET | Yes | Read resource |
+| POST | No | Create resource |
+| PUT | Yes | Replace resource |
+| PATCH | No | Partial update |
+| DELETE | Yes | Remove resource |