@martinloop/mcp 0.1.1 → 0.1.3

package/dist/tools/get-status.js

@@ -1,9 +1,16 @@
 import { evaluateCostGovernor } from "../vendor/core/index.js";
-export function getStatusTool(input) {
-    const loop = JSON.parse(input.loopJson);
+import { loadLoopRecordForStatus } from "./run-store.js";
+export async function getStatusTool(input) {
+    const resolved = await loadLoopRecordForStatus(input);
+    const loop = resolved.loop;
     const costState = evaluateCostGovernor({
         budget: loop.budget,
-        cost: loop.cost,
+        cost: {
+            actualUsd: loop.cost.actualUsd,
+            avoidedUsd: loop.cost.avoidedUsd ?? 0,
+            tokensIn: loop.cost.tokensIn,
+            tokensOut: loop.cost.tokensOut
+        },
         attemptsUsed: loop.attempts.length
     });
     return {
@@ -12,7 +19,7 @@ export function getStatusTool(input) {
         lifecycleState: loop.lifecycleState,
         attempts: loop.attempts.length,
         costUsd: loop.cost.actualUsd,
-        avoidedUsd: loop.cost.avoidedUsd,
+        avoidedUsd: loop.cost.avoidedUsd ?? 0,
         pressure: costState.pressure,
         shouldStop: costState.shouldStop,
         remainingBudgetUsd: costState.remainingBudgetUsd,

package/dist/tools/inspect-loop.d.ts

@@ -1,7 +1,9 @@
 import { type PortfolioSnapshot } from "../vendor/contracts/index.js";
 export interface InspectLoopInput {
-    /** Absolute or relative path to a JSON file containing a LoopRecord or LoopRecord[]. */
-    file: string;
+    /** Optional path to a JSON, JSONL, or run-store directory under the Martin runs root. */
+    file?: string;
+    /** Optional Martin runs directory. Defaults to MARTIN_RUNS_DIR or ~/.martin/runs. */
+    runsDir?: string;
 }
 export interface InspectLoopOutput {
     source: string;

package/dist/tools/inspect-loop.js

@@ -1,13 +1,10 @@
-import { readFile } from "node:fs/promises";
 import { buildPortfolioSnapshot } from "../vendor/contracts/index.js";
+import { loadLoopRecordsForInspect } from "./run-store.js";
 export async function inspectLoopTool(input) {
-    const raw = await readFile(input.file, "utf8");
-    const parsed = JSON.parse(raw);
-    const loops = Array.isArray(parsed)
-        ? parsed
-        : [parsed];
+    const inspection = await loadLoopRecordsForInspect(input);
+    const loops = inspection.loops;
     return {
-        source: input.file,
+        source: inspection.source,
         loopCount: loops.length,
         portfolio: buildPortfolioSnapshot(loops)
     };

package/dist/tools/run-loop.d.ts

@@ -7,6 +7,8 @@ export interface RunLoopInput {
     maxIterations?: number;
     maxTokens?: number;
     verificationPlan?: string[];
+    allowedPaths?: string[];
+    deniedPaths?: string[];
     workspaceId?: string;
     projectId?: string;
 }

package/dist/tools/run-loop.js

@@ -1,10 +1,13 @@
 import { createClaudeCliAdapter, createCodexCliAdapter, createStubDirectProviderAdapter } from "../vendor/adapters/index.js";
-import { runMartin } from "../vendor/core/index.js";
+import { createFileRunStore, resolveRunsRoot, runMartin } from "../vendor/core/index.js";
 import { DEFAULT_BUDGET } from "../vendor/contracts/index.js";
+import { normalizeSafePathPatterns, resolveSafeRepoRoot } from "../server-validation.js";
 export async function runLoopTool(input) {
-    const workingDirectory = input.workingDirectory ?? process.cwd();
+    const workingDirectory = resolveSafeRepoRoot(input.workingDirectory);
     const engine = input.engine ?? "claude";
     const model = input.model;
+    const allowedPaths = normalizeSafePathPatterns(input.allowedPaths, "allowedPaths");
+    const deniedPaths = normalizeSafePathPatterns(input.deniedPaths, "deniedPaths");
     const adapter = process.env.MARTIN_LIVE === "false"
         ? createStubDirectProviderAdapter({ label: "Stub adapter (MARTIN_LIVE=false)", providerId: "stub", model: "stub" })
         : engine === "codex"
@@ -27,10 +30,14 @@ export async function runLoopTool(input) {
     const result = await runMartin({
         workspaceId: input.workspaceId ?? "ws_mcp",
         projectId: input.projectId ?? "proj_mcp",
+        store: createFileRunStore({ runsRoot: resolveRunsRoot(process.env) }),
         task: {
             title: input.objective.slice(0, 100),
             objective: input.objective,
-            verificationPlan: input.verificationPlan ?? []
+            verificationPlan: input.verificationPlan ?? [],
+            repoRoot: workingDirectory,
+            ...(allowedPaths ? { allowedPaths } : {}),
+            ...(deniedPaths ? { deniedPaths } : {})
         },
         budget,
         adapter

package/dist/tools/run-store.d.ts

@@ -0,0 +1,20 @@
+import { type LoopRunRecord } from "../vendor/core/index.js";
+export interface InspectLoopSource {
+    source: string;
+    loops: LoopRunRecord[];
+}
+export interface StatusLoopSource {
+    source: string;
+    loop: LoopRunRecord;
+}
+export declare function loadLoopRecordsForInspect(input: {
+    file?: string;
+    runsDir?: string;
+}): Promise<InspectLoopSource>;
+export declare function loadLoopRecordForStatus(input: {
+    loopJson?: string;
+    file?: string;
+    loopId?: string;
+    runsDir?: string;
+    latest?: boolean;
+}): Promise<StatusLoopSource>;

package/dist/tools/run-store.js

@@ -0,0 +1,109 @@
+import { stat } from "node:fs/promises";
+import path from "node:path";
+import { readAllLoopRecords, readLatestLoopRecord, readLatestLoopRecordFromFile, readLoopRecordsFromFile, resolveRunsRoot } from "../vendor/core/index.js";
+import { resolveSafeLoopRecordPath, resolveSafeRunsPath, resolveSafeRunsRootPath } from "../server-validation.js";
+export async function loadLoopRecordsForInspect(input) {
+    const runsRoot = resolveSafeRunsRootPath(input.runsDir, resolveRunsRoot(process.env));
+    if (!input.file) {
+        return {
+            source: runsRoot,
+            loops: await readAllLoopRecords(runsRoot)
+        };
+    }
+    const targetPath = resolveSafeRunsPath(input.file, runsRoot);
+    const targetStats = await stat(targetPath);
+    if (targetStats.isDirectory()) {
+        const canonicalLoopRecordPath = path.join(targetPath, "loop-record.json");
+        try {
+            const canonicalLoopRecordStats = await stat(canonicalLoopRecordPath);
+            if (canonicalLoopRecordStats.isFile()) {
+                return {
+                    source: canonicalLoopRecordPath,
+                    loops: await readLoopRecordsFromFile(canonicalLoopRecordPath)
+                };
+            }
+        }
+        catch {
+            // fall through to treating the directory as a full runs root
+        }
+        return {
+            source: targetPath,
+            loops: await readAllLoopRecords(targetPath)
+        };
+    }
+    return {
+        source: targetPath,
+        loops: await readLoopRecordsFromFile(targetPath)
+    };
+}
+export async function loadLoopRecordForStatus(input) {
+    if (input.loopJson) {
+        return {
+            source: "inline:loopJson",
+            loop: JSON.parse(input.loopJson)
+        };
+    }
+    const runsRoot = resolveSafeRunsRootPath(input.runsDir, resolveRunsRoot(process.env));
+    if (input.file) {
+        const targetPath = resolveSafeRunsPath(input.file, runsRoot);
+        const targetStats = await stat(targetPath);
+        if (targetStats.isDirectory()) {
+            const canonicalLoopRecordPath = path.join(targetPath, "loop-record.json");
+            try {
+                const canonicalLoopRecordStats = await stat(canonicalLoopRecordPath);
+                if (canonicalLoopRecordStats.isFile()) {
+                    const loop = await readLatestLoopRecordFromFile(canonicalLoopRecordPath);
+                    if (!loop) {
+                        throw new Error("No loop records found.");
+                    }
+                    return {
+                        source: canonicalLoopRecordPath,
+                        loop
+                    };
+                }
+            }
+            catch {
+                // fall through to treating the directory as a full runs root
+            }
+            const loop = await readLatestLoopRecord(targetPath);
+            if (!loop) {
+                throw new Error("No loop records found.");
+            }
+            return {
+                source: targetPath,
+                loop
+            };
+        }
+        const loop = await readLatestLoopRecordFromFile(targetPath);
+        if (!loop) {
+            throw new Error("No loop records found.");
+        }
+        return {
+            source: targetPath,
+            loop
+        };
+    }
+    if (input.loopId) {
+        const targetPath = resolveSafeLoopRecordPath(input.loopId, runsRoot);
+        const loop = await readLatestLoopRecordFromFile(targetPath);
+        if (!loop) {
+            throw new Error("No loop records found.");
+        }
+        return {
+            source: targetPath,
+            loop
+        };
+    }
+    if (input.latest) {
+        const loop = await readLatestLoopRecord(runsRoot);
+        if (!loop) {
+            throw new Error("No loop records found.");
+        }
+        return {
+            source: runsRoot,
+            loop
+        };
+    }
+    throw new Error("Provide exactly one of loopJson, file, loopId, or latest.");
+}
+//# sourceMappingURL=run-store.js.map

package/dist/vendor/adapters/claude-cli.d.ts

@@ -15,15 +15,18 @@ import type { MartinAdapter } from "../core/index.js";
 import { type SpawnLike } from "./cli-bridge.js";
 /**
  * Given a prompt string, returns the full argv array to pass to spawn().
- * Example for Claude:  (p) => ["--print", p, "--dangerously-skip-permissions"]
- * Example for Codex:   (p) => ["--full-auto", p]
+ * Example for Claude:  () => ["--output-format", "json", "--print"]
+ * Example for Codex:   () => ["exec", "--sandbox", "workspace-write", "-"]
  */
 export type CliArgsBuilder = (prompt: string) => string[];
+export type CliStdinBuilder = (prompt: string) => string | undefined;
 export interface AgentCliAdapterOptions {
     /** The executable to spawn (e.g. "claude", "codex"). */
     command: string;
     /** Converts a prompt string into the argv array passed to spawn(). */
     argsBuilder: CliArgsBuilder;
+    /** Optional stdin payload for CLIs that accept prompt input via stdin or `-`. */
+    stdinBuilder?: CliStdinBuilder;
     /** Adapter ID suffix. Defaults to command. */
     adapterIdSuffix?: string;
     /** Working directory for all subprocesses. Defaults to process.cwd(). */
@@ -63,8 +66,16 @@ export interface CodexCliAdapterOptions {
     label?: string;
     /** Override the model passed via --model flag. */
     model?: string;
-    /** Run in full-auto mode (--full-auto). Defaults to true. */
+    /**
+     * Deprecated no-op retained for compatibility.
+     *
+     * Codex CLI's supported non-interactive entrypoint is `codex exec`.
+     * MartinLoop now uses explicit sandboxing instead of the legacy
+     * `--full-auto` compatibility path, which can exit before verifier execution.
+     */
     fullAuto?: boolean;
+    /** Codex sandbox mode for model-generated commands. Defaults to workspace-write. */
+    sandbox?: "read-only" | "workspace-write" | "danger-full-access";
     /** Extra args appended after core args (before prompt). */
     extraArgs?: string[];
     spawnImpl?: SpawnLike;
@@ -81,7 +92,11 @@ export declare function createAgentCliAdapter(options: AgentCliAdapterOptions):
  */
 export declare function createClaudeCliAdapter(options?: ClaudeCliAdapterOptions): MartinAdapter;
 /**
- * Spawns `codex [--full-auto] [--model <model>] "<prompt>" [extraArgs]`.
+ * Spawns `codex exec --cd <workspace> --sandbox <mode> [--model <model>] [extraArgs] -`.
+ *
+ * The prompt is delivered via stdin so Windows shell quoting cannot truncate or
+ * reinterpret long MartinLoop prompts that contain paths, deny rules, or budget
+ * context.
  *
  * Requires the Codex CLI to be installed and authenticated:
  *   npm install -g @openai/codex

package/dist/vendor/adapters/claude-cli.js

@@ -129,15 +129,12 @@ export function createAgentCliAdapter(options) {
                 }
             }
             const args = options.argsBuilder(prompt);
-            // stdinPrompt: if argsBuilder signals stdin delivery by returning args ending with "--stdin-prompt",
-            // remove that sentinel and pass the prompt via stdin instead (avoids Windows shell-escaping issues).
-            const useStdin = args.at(-1) === "--stdin-prompt";
-            const spawnArgs = useStdin ? args.slice(0, -1) : args;
-            const agentResult = await runSubprocess(options.command, spawnArgs, {
+            const stdinData = options.stdinBuilder?.(prompt);
+            const agentResult = await runSubprocess(options.command, args, {
                 cwd: workingDirectory,
                 timeoutMs,
                 spawnImpl: options.spawnImpl,
-                ...(useStdin ? { stdinData: prompt } : {})
+                ...(stdinData === undefined ? {} : { stdinData })
             });
             if (agentResult.timedOut) {
                 return {
@@ -157,18 +154,19 @@ export function createAgentCliAdapter(options) {
                 };
             }
             if (agentResult.exitCode !== 0 && agentResult.stdout.trim().length === 0) {
+                const failureMessage = formatPreVerifierSubprocessFailure(options.command, agentResult.stderr, agentResult.exitCode);
                 return {
                     status: "failed",
-                    summary: `${options.command} subprocess exited with an error.`,
+                    summary: `${options.command} subprocess exited before verifier execution.`,
                     usage: normalizeUsage({
                         actualUsd: 0,
                         tokensIn: 0,
                         tokensOut: 0,
                         provenance: "unavailable"
                     }),
-                    verification: { passed: false, summary: "Subprocess error." },
+                    verification: { passed: false, summary: `Verifier not run: ${failureMessage}` },
                     failure: {
-                        message: `${agentResult.stderr.trim() || `Exit code ${String(agentResult.exitCode)}`}. environment_mismatch`
+                        message: failureMessage
                     }
                 };
             }
@@ -355,40 +353,52 @@ export function createClaudeCliAdapter(options = {}) {
             "--print",
             "--dangerously-skip-permissions",
             ...modelArgs,
-            ...extraArgs,
-            "--stdin-prompt" // sentinel: tells execute() to deliver prompt via stdin
-        ]
+            ...extraArgs
+        ],
+        stdinBuilder: (prompt) => prompt
     });
 }
 // ---------------------------------------------------------------------------
 // Pre-configured: OpenAI Codex CLI
 // ---------------------------------------------------------------------------
 /**
- * Spawns `codex [--full-auto] [--model <model>] "<prompt>" [extraArgs]`.
+ * Spawns `codex exec --cd <workspace> --sandbox <mode> [--model <model>] [extraArgs] -`.
+ *
+ * The prompt is delivered via stdin so Windows shell quoting cannot truncate or
+ * reinterpret long MartinLoop prompts that contain paths, deny rules, or budget
+ * context.
  *
  * Requires the Codex CLI to be installed and authenticated:
  *   npm install -g @openai/codex
  */
 export function createCodexCliAdapter(options = {}) {
-    const fullAuto = options.fullAuto !== false;
     const modelArgs = options.model ? ["--model", options.model] : [];
     const extraArgs = options.extraArgs ?? [];
+    const sandbox = options.sandbox ?? "workspace-write";
+    const workingDirectory = options.workingDirectory ?? process.cwd();
     return createAgentCliAdapter({
         command: "codex",
         adapterIdSuffix: "codex",
         model: options.model ?? "codex",
         label: options.label ?? "Codex CLI adapter",
-        workingDirectory: options.workingDirectory,
+        workingDirectory,
         timeoutMs: options.timeoutMs,
         verifyTimeoutMs: options.verifyTimeoutMs,
         supportsJsonOutput: false,
         spawnImpl: options.spawnImpl,
-        argsBuilder: (prompt) => [
-            ...(fullAuto ? ["--full-auto"] : []),
+        argsBuilder: () => [
+            "exec",
+            "--cd",
+            workingDirectory,
+            "--sandbox",
+            sandbox,
+            "--color",
+            "never",
             ...modelArgs,
-            prompt,
-            ...extraArgs
-        ]
+            ...extraArgs,
+            "-"
+        ],
+        stdinBuilder: (prompt) => prompt
     });
 }
 // ---------------------------------------------------------------------------
@@ -402,14 +412,23 @@ export function createCodexCliAdapter(options = {}) {
 // ---------------------------------------------------------------------------
 function buildPrompt(request) {
     const lines = [];
+    const mutationMode = request.context.mutationMode ?? "edit";
     lines.push("You are running in autonomous agentic mode.");
-    lines.push("MAKE ALL REQUIRED FILE EDITS NOW. Do not ask for confirmation. Do not ask clarifying questions.");
-    lines.push("Do not explain what you found without also making the changes. Edit the files and complete the task.");
+    if (mutationMode === "verify_only") {
+        lines.push("DO NOT EDIT FILES. Run the verifier only and report whether it passes.");
+        lines.push("Do not ask for confirmation. Do not ask clarifying questions.");
+    }
+    else {
+        lines.push("MAKE ALL REQUIRED FILE EDITS NOW. Do not ask for confirmation. Do not ask clarifying questions.");
+        lines.push("Do not explain what you found without also making the changes. Edit the files and complete the task.");
+    }
     lines.push("");
     lines.push("If PROGRESS.md exists in your working directory, read it first for context from prior attempts.");
     lines.push("If it does not exist, proceed with the objective below.");
     lines.push("");
-    lines.push("Complete the following coding task. Make all necessary file changes.");
+    lines.push(mutationMode === "verify_only"
+        ? "Complete the following verification-only task without making file changes."
+        : "Complete the following coding task. Make all necessary file changes.");
     lines.push("When you are done, the verification commands listed below must pass.");
     lines.push("");
     lines.push("OBJECTIVE:");
@@ -447,7 +466,9 @@ function buildPrompt(request) {
     lines.push(`  Attempt ${String(attemptNumber)}`);
     lines.push(`  Remaining budget: $${String(request.context.remainingBudgetUsd)} USD`);
     lines.push(`  Remaining iterations: ${String(request.context.remainingIterations)}`);
-    lines.push("  Do not expand scope beyond what is needed to pass verification.");
+    lines.push(mutationMode === "verify_only"
+        ? "  Do not modify files; only run verification."
+        : "  Do not expand scope beyond what is needed to pass verification.");
     lines.push("");
     if (request.previousAttempts.length > 0) {
         lines.push("PRIOR FAILED ATTEMPTS (learn from these — do not repeat the same mistakes):");
@@ -494,6 +515,16 @@ function truncate(text, maxLength) {
     }
     return `...${text.slice(-(maxLength - 3))}`;
 }
+function formatPreVerifierSubprocessFailure(command, stderr, exitCode) {
+    const detail = stderr.trim() || `Exit code ${String(exitCode)}`;
+    const lowerDetail = detail.toLowerCase();
+    const codexLaunchBlocked = command === "codex" &&
+        /\b(full-auto|sandbox|approval|permission|trusted|safety|unexpected argument)\b/u.test(lowerDetail);
+    if (codexLaunchBlocked) {
+        return `Codex CLI failed before patch completion, likely due to its launch/sandbox configuration. MartinLoop invokes Codex through "codex exec --sandbox workspace-write"; verify Codex CLI auth and configuration if this persists. ${detail}. environment_mismatch`;
+    }
+    return `${detail}. environment_mismatch`;
+}
 const INJECTION_PATTERNS = [
     /\[INST\]/gi,
     /<\/?system>/gi,

package/dist/vendor/adapters/cli-bridge.d.ts

@@ -26,3 +26,4 @@ export declare function readGitExecutionArtifacts(repoRoot: string, timeoutMs: n
     changedFiles?: string[];
     diffStats?: ReturnType<typeof diffStatsFromNumstat>;
 }>;
+export declare function splitCommand(command: string): string[];