@markdown-ai/cli 1.0.0-rc.2

package/dist/schemas/_defs/integrity.schema.json

@@ -0,0 +1,34 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/integrity.schema.json",
+  "title": "MDA integrity field",
+  "description": "Cryptographic content hash that anchors the artifact for tamper detection. See spec §08.",
+  "type": "object",
+  "required": ["algorithm", "digest"],
+  "properties": {
+    "algorithm": {
+      "type": "string",
+      "enum": ["sha256", "sha384", "sha512"]
+    },
+    "digest": {
+      "type": "string",
+      "description": "Self-describing digest in <algorithm>:<lowercase-hex> form. The prefix MUST match the algorithm field; the hex length MUST match the algorithm.",
+      "pattern": "^(sha256|sha384|sha512):[0-9a-f]+$"
+    }
+  },
+  "additionalProperties": false,
+  "allOf": [
+    {
+      "if": { "properties": { "algorithm": { "const": "sha256" } } },
+      "then": { "properties": { "digest": { "pattern": "^sha256:[0-9a-f]{64}$" } } }
+    },
+    {
+      "if": { "properties": { "algorithm": { "const": "sha384" } } },
+      "then": { "properties": { "digest": { "pattern": "^sha384:[0-9a-f]{96}$" } } }
+    },
+    {
+      "if": { "properties": { "algorithm": { "const": "sha512" } } },
+      "then": { "properties": { "digest": { "pattern": "^sha512:[0-9a-f]{128}$" } } }
+    }
+  ]
+}

package/dist/schemas/_defs/iso8601.schema.json

@@ -0,0 +1,8 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/iso8601.schema.json",
+  "title": "ISO 8601 date-time",
+  "type": "string",
+  "format": "date-time",
+  "description": "RFC 3339 / ISO 8601 timestamp with timezone, e.g. 2026-01-15T09:00:00Z."
+}

package/dist/schemas/_defs/mda-extended.schema.json

@@ -0,0 +1,43 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/mda-extended.schema.json",
+  "title": "MDA-extended frontmatter fields",
+  "description": "Reusable shape for MDA-extended fields. In .mda sources these MAY appear at the top level. In compiled outputs they MUST be nested under metadata.mda.* (with the same shape).",
+  "type": "object",
+  "properties": {
+    "doc-id": {
+      "type": "string",
+      "description": "Unique document identifier; UUID format recommended.",
+      "pattern": "^[a-zA-Z0-9_-]{8,}$"
+    },
+    "title": {
+      "type": "string",
+      "description": "Free-text human-readable title. Distinct from `name` (which is a machine ID)."
+    },
+    "version": {
+      "type": "string",
+      "description": "SemVer 2.0.0 string. MUST be quoted (no number coercion). MUST NOT include build metadata in v1.0.",
+      "pattern": "^\\d+\\.\\d+\\.\\d+(-[0-9A-Za-z.-]+)?$"
+    },
+    "requires": { "$ref": "requires.schema.json" },
+    "depends-on": {
+      "type": "array",
+      "items": { "$ref": "depends-on.schema.json" }
+    },
+    "author": { "type": "string" },
+    "tags": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "created-date": { "$ref": "iso8601.schema.json" },
+    "updated-date": { "$ref": "iso8601.schema.json" },
+    "relationships": {
+      "type": "array",
+      "items": {
+        "$ref": "../relationship-footnote.schema.json"
+      },
+      "description": "Mirror of footnote relationship payloads. REQUIRED in compiled output when the source had relationship footnotes."
+    }
+  },
+  "additionalProperties": false
+}

package/dist/schemas/_defs/mda-keys.schema.json

@@ -0,0 +1,34 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/mda-keys.schema.json",
+  "title": "MDA did:web public-keys document",
+  "description": "Schema for the JSON document hosted at https://<domain>/.well-known/mda-keys.json used by the did:web signature verification path. See spec §09-5.",
+  "type": "object",
+  "required": ["keys"],
+  "properties": {
+    "keys": {
+      "type": "array",
+      "minItems": 1,
+      "items": {
+        "type": "object",
+        "required": ["key-id", "algorithm", "public-key"],
+        "properties": {
+          "key-id": { "type": "string", "minLength": 1 },
+          "algorithm": {
+            "type": "string",
+            "enum": ["ed25519", "ecdsa-p256", "rsa-pss-sha256"]
+          },
+          "public-key": {
+            "type": "string",
+            "description": "PEM-encoded public key, or base64 raw bytes for ed25519.",
+            "minLength": 1
+          },
+          "not-before": { "type": "string", "format": "date-time" },
+          "not-after": { "type": "string", "format": "date-time" }
+        },
+        "additionalProperties": false
+      }
+    }
+  },
+  "additionalProperties": false
+}

package/dist/schemas/_defs/metadata-namespaces.schema.json

@@ -0,0 +1,48 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/metadata-namespaces.schema.json",
+  "title": "metadata vendor namespaces",
+  "description": "Reserved keys under top-level `metadata`. The full registry lives in REGISTRY.md (governed by spec §04).",
+  "type": "object",
+  "properties": {
+    "mda": { "$ref": "mda-extended.schema.json" },
+    "claude-code": {
+      "type": "object",
+      "description": "Anthropic Claude Code namespace.",
+      "additionalProperties": true
+    },
+    "codex": {
+      "type": "object",
+      "description": "OpenAI Codex namespace.",
+      "additionalProperties": true
+    },
+    "hermes": {
+      "type": "object",
+      "description": "Nous Research Hermes Agent namespace.",
+      "additionalProperties": true
+    },
+    "opencode": {
+      "type": "object",
+      "description": "OpenCode namespace.",
+      "additionalProperties": true
+    },
+    "openclaw": {
+      "type": "object",
+      "description": "OpenClaw namespace.",
+      "additionalProperties": true
+    },
+    "skills-sh": {
+      "type": "object",
+      "description": "skills.sh / Skills Directory registry namespace.",
+      "additionalProperties": true
+    }
+  },
+  "patternProperties": {
+    "^[a-z0-9]+(-[a-z0-9]+)*$": {
+      "type": "object",
+      "description": "Any other vendor namespace; key MUST be a kebab-case identifier and SHOULD be registered in REGISTRY.md.",
+      "additionalProperties": true
+    }
+  },
+  "additionalProperties": false
+}

package/dist/schemas/_defs/name.schema.json

@@ -0,0 +1,10 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/name.schema.json",
+  "title": "MDA name identifier",
+  "description": "Kebab-case machine identifier shared by `name`, vendor namespace keys, and similar. Used by reference from other schemas.",
+  "type": "string",
+  "minLength": 1,
+  "maxLength": 64,
+  "pattern": "^[a-z0-9]+(-[a-z0-9]+)*$"
+}

package/dist/schemas/_defs/requires.schema.json

@@ -0,0 +1,13 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/requires.schema.json",
+  "title": "MDA requires (capabilities)",
+  "description": "Open key-value capability declarations. Standard keys are documented in spec §10 and listed in REGISTRY.md. Unknown keys are permitted and SHOULD be ignored by consumers that do not recognize them.",
+  "type": "object",
+  "propertyNames": {
+    "pattern": "^[a-z0-9]+(-[a-z0-9]+)*$",
+    "minLength": 1,
+    "maxLength": 64
+  },
+  "additionalProperties": true
+}

package/dist/schemas/_defs/signature.schema.json

@@ -0,0 +1,72 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/signature.schema.json",
+  "title": "MDA signature entry",
+  "description": "One entry in the top-level signatures[] array. Binds a publisher identity to integrity.digest via DSSE PAE. See spec §09.",
+  "type": "object",
+  "required": ["signer", "key-id", "payload-digest", "algorithm", "signature"],
+  "properties": {
+    "signer": {
+      "type": "string",
+      "description": "<method>:<identity>. method MUST be one of sigstore-oidc, did-web.",
+      "pattern": "^(sigstore-oidc|did-web):.+$"
+    },
+    "key-id": {
+      "type": "string",
+      "description": "Method-specific handle: Fulcio cert SHA-256 (sigstore) or key fingerprint (did:web).",
+      "minLength": 1
+    },
+    "payload-digest": {
+      "type": "string",
+      "description": "MUST equal integrity.digest byte-for-byte. Self-describing <algorithm>:<lowercase-hex> form; hex length MUST match the algorithm.",
+      "pattern": "^(sha256:[0-9a-f]{64}|sha384:[0-9a-f]{96}|sha512:[0-9a-f]{128})$"
+    },
+    "algorithm": {
+      "type": "string",
+      "enum": ["ed25519", "ecdsa-p256", "rsa-pss-sha256"]
+    },
+    "signature": {
+      "type": "string",
+      "description": "Base64 (RFC 4648 §4) of the raw signature bytes over the DSSE PAE envelope.",
+      "minLength": 1
+    },
+    "rekor-log-id": {
+      "type": "string",
+      "description": "Rekor transparency log identifier; required when signer starts with sigstore-oidc:."
+    },
+    "rekor-log-index": {
+      "type": "integer",
+      "minimum": 0,
+      "description": "Rekor entry index; required when signer starts with sigstore-oidc:."
+    },
+    "payload-type": {
+      "type": "string",
+      "description": "DSSE payload-type declaring the semantic type of the canonicalized payload bytes. Default (when absent): application/vnd.mda.integrity+json. Vendor-defined types follow RFC 6838 vendor tree: application/vnd.<vendor>.<doc-type>+json (the +jcs+ structured-suffix form is non-IANA and not used). The JCS canonicalization contract for each payload-type is defined in spec prose, not in the media-type identifier itself. See §09-3.1 and REGISTRY.md.",
+      "pattern": "^application/vnd\\.[a-z0-9][a-z0-9.\\-]*\\+json$"
+    }
+  },
+  "additionalProperties": false,
+  "allOf": [
+    {
+      "if": {
+        "properties": { "signer": { "pattern": "^sigstore-oidc:" } }
+      },
+      "then": {
+        "required": ["rekor-log-id", "rekor-log-index"]
+      }
+    },
+    {
+      "if": {
+        "properties": { "signer": { "pattern": "^did-web:" } }
+      },
+      "then": {
+        "not": {
+          "anyOf": [
+            { "required": ["rekor-log-id"] },
+            { "required": ["rekor-log-index"] }
+          ]
+        }
+      }
+    }
+  ]
+}

package/dist/schemas/_defs/version-range.schema.json

@@ -0,0 +1,8 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/_defs/version-range.schema.json",
+  "title": "MDA version-range",
+  "description": "Restricted SemVer range admitted by MDA v1.0. Either an exact SemVer 2.0.0 string or a caret range. See spec §03-3.2.",
+  "type": "string",
+  "pattern": "^\\^?\\d+\\.\\d+\\.\\d+(-[0-9A-Za-z.-]+)?$"
+}

package/dist/schemas/frontmatter-agents-md.schema.json

@@ -0,0 +1,24 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/frontmatter-agents-md.schema.json",
+  "title": "AGENTS.md output frontmatter (strict, optional)",
+  "description": "Strict schema for the optional YAML frontmatter of an AGENTS.md file. Frontmatter is OPTIONAL in AGENTS.md (per AAIF upstream); when present, MDA-extended fields MUST appear under metadata.mda.* and per-vendor fields under metadata.<vendor>.*. allowed-tools is NOT permitted at the top level.",
+  "type": "object",
+  "properties": {
+    "name": { "$ref": "_defs/name.schema.json" },
+    "description": { "$ref": "_defs/description.schema.json" },
+    "license": { "type": "string" },
+    "compatibility": { "type": "string", "maxLength": 500 },
+    "metadata": { "$ref": "_defs/metadata-namespaces.schema.json" },
+    "integrity": { "$ref": "_defs/integrity.schema.json" },
+    "signatures": {
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "_defs/signature.schema.json" }
+    }
+  },
+  "dependentRequired": {
+    "signatures": ["integrity"]
+  },
+  "unevaluatedProperties": false
+}

package/dist/schemas/frontmatter-mcp-server-md.schema.json

@@ -0,0 +1,25 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/frontmatter-mcp-server-md.schema.json",
+  "title": "MCP-SERVER.md output frontmatter (strict)",
+  "description": "Strict schema for the YAML frontmatter of a compiled MCP-SERVER.md file. Two-file artifact: requires a sibling mcp-server.json. MDA-extended fields MUST appear under metadata.mda.*; per-vendor fields under metadata.<vendor>.*. allowed-tools is NOT permitted at the top level.",
+  "type": "object",
+  "required": ["name", "description"],
+  "properties": {
+    "name": { "$ref": "_defs/name.schema.json" },
+    "description": { "$ref": "_defs/description.schema.json" },
+    "license": { "type": "string" },
+    "compatibility": { "type": "string", "maxLength": 500 },
+    "metadata": { "$ref": "_defs/metadata-namespaces.schema.json" },
+    "integrity": { "$ref": "_defs/integrity.schema.json" },
+    "signatures": {
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "_defs/signature.schema.json" }
+    }
+  },
+  "dependentRequired": {
+    "signatures": ["integrity"]
+  },
+  "unevaluatedProperties": false
+}

package/dist/schemas/frontmatter-skill-md.schema.json

@@ -0,0 +1,26 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/frontmatter-skill-md.schema.json",
+  "title": "SKILL.md output frontmatter (strict)",
+  "description": "Strict schema for the YAML frontmatter of a compiled SKILL.md file. Conforms to agentskills.io v1. MDA-extended fields MUST appear under metadata.mda.*; per-vendor fields MUST appear under metadata.<vendor>.*. unevaluatedProperties:false enforces the no-stray-fields rule.",
+  "type": "object",
+  "required": ["name", "description"],
+  "properties": {
+    "name": { "$ref": "_defs/name.schema.json" },
+    "description": { "$ref": "_defs/description.schema.json" },
+    "license": { "type": "string" },
+    "compatibility": { "type": "string", "maxLength": 500 },
+    "allowed-tools": { "type": "string" },
+    "metadata": { "$ref": "_defs/metadata-namespaces.schema.json" },
+    "integrity": { "$ref": "_defs/integrity.schema.json" },
+    "signatures": {
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "_defs/signature.schema.json" }
+    }
+  },
+  "dependentRequired": {
+    "signatures": ["integrity"]
+  },
+  "unevaluatedProperties": false
+}

package/dist/schemas/frontmatter-source.schema.json

@@ -0,0 +1,37 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/frontmatter-source.schema.json",
+  "title": "MDA source frontmatter",
+  "description": "Permissive schema for .mda source files. MDA-extended fields MAY appear at the top level. Open-standard fields are also accepted at the top level. Use frontmatter-skill-md / frontmatter-agents-md / frontmatter-mcp-server-md for compiled outputs.",
+  "type": "object",
+  "properties": {
+    "name": { "$ref": "_defs/name.schema.json" },
+    "description": { "$ref": "_defs/description.schema.json" },
+    "license": { "type": "string" },
+    "compatibility": { "type": "string", "maxLength": 500 },
+    "allowed-tools": { "type": "string" },
+    "metadata": { "$ref": "_defs/metadata-namespaces.schema.json" },
+
+    "integrity": { "$ref": "_defs/integrity.schema.json" },
+    "signatures": {
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "_defs/signature.schema.json" }
+    },
+
+    "doc-id": { "$ref": "_defs/mda-extended.schema.json#/properties/doc-id" },
+    "title": { "$ref": "_defs/mda-extended.schema.json#/properties/title" },
+    "version": { "$ref": "_defs/mda-extended.schema.json#/properties/version" },
+    "requires": { "$ref": "_defs/requires.schema.json" },
+    "depends-on": { "$ref": "_defs/mda-extended.schema.json#/properties/depends-on" },
+    "author": { "$ref": "_defs/mda-extended.schema.json#/properties/author" },
+    "tags": { "$ref": "_defs/mda-extended.schema.json#/properties/tags" },
+    "created-date": { "$ref": "_defs/iso8601.schema.json" },
+    "updated-date": { "$ref": "_defs/iso8601.schema.json" },
+    "relationships": { "$ref": "_defs/mda-extended.schema.json#/properties/relationships" }
+  },
+  "dependentRequired": {
+    "signatures": ["integrity"]
+  },
+  "additionalProperties": false
+}

package/dist/schemas/mda-trust-policy.schema.json

@@ -0,0 +1,113 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/mda-trust-policy.schema.json",
+  "title": "MDA trust policy",
+  "description": "Trust policy for the MDA trusted-runtime verification profile.",
+  "type": "object",
+  "required": ["version", "trustedSigners"],
+  "properties": {
+    "version": {
+      "type": "integer",
+      "const": 1
+    },
+    "minSignatures": {
+      "type": "integer",
+      "minimum": 1
+    },
+    "trustedSigners": {
+      "type": "array",
+      "minItems": 1,
+      "uniqueItems": true,
+      "items": {
+        "oneOf": [
+          {
+            "type": "object",
+            "required": ["type", "issuer", "subject"],
+            "properties": {
+              "type": { "const": "sigstore-oidc" },
+              "issuer": {
+                "type": "string",
+                "format": "uri",
+                "minLength": 1
+              },
+              "subject": {
+                "type": "string",
+                "minLength": 1
+              }
+            },
+            "additionalProperties": false
+          },
+          {
+            "type": "object",
+            "required": ["type", "domain"],
+            "properties": {
+              "type": { "const": "did-web" },
+              "domain": {
+                "type": "string",
+                "pattern": "^[A-Za-z0-9](?:[A-Za-z0-9.-]{0,251}[A-Za-z0-9])?$"
+              }
+            },
+            "additionalProperties": false
+          }
+        ]
+      }
+    },
+    "rekor": {
+      "type": "object",
+      "required": ["url"],
+      "properties": {
+        "url": {
+          "type": "string",
+          "format": "uri"
+        }
+      },
+      "additionalProperties": false
+    }
+  },
+  "allOf": [
+    {
+      "if": {
+        "properties": {
+          "trustedSigners": {
+            "contains": {
+              "type": "object",
+              "properties": {
+                "type": { "const": "sigstore-oidc" }
+              },
+              "required": ["type"]
+            }
+          }
+        },
+        "required": ["trustedSigners"]
+      },
+      "then": {
+        "required": ["rekor"],
+        "properties": {
+          "rekor": { "required": ["url"] }
+        }
+      }
+    },
+    {
+      "if": {
+        "properties": {
+          "trustedSigners": {
+            "not": {
+              "contains": {
+                "type": "object",
+                "properties": {
+                  "type": { "const": "sigstore-oidc" }
+                },
+                "required": ["type"]
+              }
+            }
+          }
+        },
+        "required": ["trustedSigners"]
+      },
+      "then": {
+        "not": { "required": ["rekor"] }
+      }
+    }
+  ],
+  "additionalProperties": false
+}

package/dist/schemas/relationship-footnote.schema.json

@@ -0,0 +1,45 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mda.sno.dev/spec/v1.0/schemas/relationship-footnote.schema.json",
+  "title": "MDA relationship payload",
+  "description": "Schema for the JSON payload of an MDA relationship footnote (`[^id]: { ... }`) and for entries in the `metadata.mda.relationships` mirror in compiled outputs.",
+  "type": "object",
+  "required": ["rel-type", "doc-id"],
+  "properties": {
+    "rel-type": {
+      "type": "string",
+      "enum": ["parent", "child", "related", "cites", "supports", "contradicts", "extends"],
+      "description": "The kind of relationship to the target document."
+    },
+    "doc-id": {
+      "type": "string",
+      "description": "Target document's `doc-id`. UUID format recommended.",
+      "minLength": 1
+    },
+    "rel-desc": {
+      "type": "string",
+      "description": "Human-readable description of the relationship."
+    },
+    "rel-strength": {
+      "type": "number",
+      "minimum": 0,
+      "maximum": 1,
+      "description": "Optional confidence/relevance score [0,1]."
+    },
+    "bi-directional": {
+      "type": "boolean",
+      "default": false,
+      "description": "Whether the relationship implies a link back from the target."
+    },
+    "context": {
+      "type": "object",
+      "description": "Optional details about where/how this link applies.",
+      "properties": {
+        "section": { "type": "string" },
+        "relevance": { "type": "string" }
+      },
+      "additionalProperties": true
+    }
+  },
+  "additionalProperties": false
+}

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@markdown-ai/cli",
+  "version": "1.0.0-rc.2",
+  "description": "Reference CLI for Markdown AI / MDA artifacts.",
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/sno-ai/mda.git",
+    "directory": "apps/cli"
+  },
+  "homepage": "https://github.com/sno-ai/mda/tree/main/apps/cli",
+  "bugs": {
+    "url": "https://github.com/sno-ai/mda/issues"
+  },
+  "type": "module",
+  "bin": {
+    "mda": "dist/cli.js"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "HOW-TO-USE.md"
+  ],
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org"
+  },
+  "keywords": [
+    "mda",
+    "markdown-ai",
+    "agent",
+    "cli",
+    "conformance"
+  ],
+  "engines": {
+    "node": ">=20"
+  },
+  "scripts": {
+    "build": "node scripts/build.mjs",
+    "test": "node dist/cli.js --help >/dev/null && node dist/cli.js conformance --suite ../../conformance --level V --json >/dev/null && node test/e2e.mjs"
+  }
+}