npm - @mgsoftwarebv/mg-dashboard-mcp - Versions diffs - 2.2.4 → 2.3.1 - Mend

@mgsoftwarebv/mg-dashboard-mcp 2.2.4 → 2.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -1,9 +1,11 @@
 #!/usr/bin/env node
 import { Server } from '@modelcontextprotocol/sdk/server/index.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
-import { ListToolsRequestSchema, CallToolRequestSchema } from '@modelcontextprotocol/sdk/types.js';
+import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
+import { ListToolsRequestSchema, CallToolRequestSchema, isInitializeRequest } from '@modelcontextprotocol/sdk/types.js';
+import { createServer } from 'http';
+import { randomUUID, createHash, randomBytes, createCipheriv, createDecipheriv } from 'crypto';
 import { createClient } from '@supabase/supabase-js';
-import { createHash, randomBytes, createCipheriv, createDecipheriv } from 'crypto';
 import { Client } from 'ssh2';
 // src/trigger-tools.ts
@@ -373,6 +375,835 @@ ${rawJson.substring(0, 500)}`
   }
 }
+// src/script-tools.ts
+var SCRIPTS = [
+  {
+    name: "commit-feedback",
+    filename: "commit-feedback.ps1",
+    description: "PowerShell script that provides colored terminal feedback for the Ctrl+Shift+K commit & push keybinding. Polls for a new commit and shows branch, message, and file stats when done.",
+    content: `param()
+$initial = git log --oneline -1 2>$null
+Write-Host "\`n==========================================" -ForegroundColor Cyan
+Write-Host "  Starting Commit & Push..." -ForegroundColor Cyan
+Write-Host "==========================================" -ForegroundColor Cyan
+Write-Host "  [1/5] Pulling latest..." -ForegroundColor DarkGray
+Write-Host "  [2/5] Staging changes..." -ForegroundColor DarkGray
+Write-Host "  [3/5] Generating AI commit message..." -ForegroundColor DarkGray
+Write-Host "  [4/5] Committing..." -ForegroundColor DarkGray
+Write-Host "  [5/5] Pushing to remote..." -ForegroundColor DarkGray
+Write-Host ""
+Write-Host "  Waiting for commit" -ForegroundColor DarkGray -NoNewline
+$timeout = 60
+$elapsed = 0
+while ($elapsed -lt $timeout) {
+    $current = git log --oneline -1 2>$null
+    if ($current -ne $initial) { break }
+    Start-Sleep -Seconds 1
+    $elapsed++
+    Write-Host "." -ForegroundColor DarkGray -NoNewline
+}
+Write-Host ""
+if ($current -eq $initial) {
+    Write-Host ""
+    Write-Host "  [!] No new commit detected (timed out after \${timeout}s)" -ForegroundColor Yellow
+    Write-Host ""
+    exit
+}
+Start-Sleep -Seconds 2
+$branch = git rev-parse --abbrev-ref HEAD 2>$null
+$commit = git log --format='%h %s' -1 2>$null
+Write-Host ""
+Write-Host "==========================================" -ForegroundColor Cyan
+Write-Host "  [OK] Commit & Push Complete" -ForegroundColor Green
+Write-Host "==========================================" -ForegroundColor Cyan
+Write-Host "  Branch: $branch" -ForegroundColor Yellow
+Write-Host "  Commit: $commit" -ForegroundColor White
+Write-Host ""
+git --no-pager diff HEAD~1 --stat --color=always 2>$null
+Write-Host ""
+Write-Host "==========================================" -ForegroundColor Cyan
+Write-Host ""
+`
+  },
+  {
+    name: "create-pr",
+    filename: "create-pr.cmd",
+    description: "Windows batch script that auto-detects the target branch based on your release pipeline (v*-changes branches), merges the target into your branch, pushes, and creates a PR via gh CLI. Bound to Ctrl+Shift+J.",
+    content: `@echo off
+setlocal enabledelayedexpansion
+title MG Dashboard - Create PR
+REM --- ANSI color setup ---
+for /F %%a in ('echo prompt $E ^| cmd') do set "ESC=%%a"
+set "GREEN=%ESC%[32m"
+set "RED=%ESC%[31m"
+set "YELLOW=%ESC%[33m"
+set "CYAN=%ESC%[36m"
+set "DIM=%ESC%[90m"
+set "BOLD=%ESC%[1m"
+set "RESET=%ESC%[0m"
+echo.
+echo %CYAN%%BOLD%==========================================%RESET%
+echo %CYAN%%BOLD%   MG Dashboard - Create Pull Request%RESET%
+echo %CYAN%%BOLD%==========================================%RESET%
+echo.
+REM --- Merge origin/main first ---
+echo %CYAN%[0/4]%RESET% Merging origin/main into current branch...
+git fetch --prune >nul 2>&1
+git merge origin/main --no-edit >nul 2>&1
+if errorlevel 1 (
+    git merge --abort >nul 2>&1
+    echo %RED%X  Merge conflict with origin/main. Resolve manually.%RESET%
+    echo.
+    exit /b 1
+)
+echo %GREEN%   OK%RESET%
+echo.
+REM --- Prerequisite: gh CLI ---
+where gh >nul 2>&1
+if errorlevel 1 (
+    echo %RED%X  GitHub CLI ^(gh^) is not installed.%RESET%
+    echo %DIM%   Install it from: https://cli.github.com/%RESET%
+    echo.
+    exit /b 1
+)
+REM --- Prerequisite: git repo ---
+git rev-parse --is-inside-work-tree >nul 2>&1
+if errorlevel 1 (
+    echo %RED%X  Not inside a git repository.%RESET%
+    echo.
+    exit /b 1
+)
+REM --- Detect repo from git remote ---
+set "REPO="
+for /f "tokens=*" %%u in ('git remote get-url origin 2^>nul') do set "REMOTE_URL=%%u"
+if defined REMOTE_URL (
+    echo !REMOTE_URL! | findstr /r "git@github.com:" >nul 2>&1
+    if not errorlevel 1 (
+        set "REPO=!REMOTE_URL:git@github.com:=!"
+        set "REPO=!REPO:.git=!"
+    )
+    echo !REMOTE_URL! | findstr /r "https://github.com/" >nul 2>&1
+    if not errorlevel 1 (
+        set "REPO=!REMOTE_URL:https://github.com/=!"
+        set "REPO=!REPO:.git=!"
+    )
+)
+if not defined REPO (
+    echo %RED%X  Could not detect GitHub repo from git remote.%RESET%
+    echo %DIM%   Make sure origin points to a GitHub repository.%RESET%
+    echo.
+    exit /b 1
+)
+REM --- Get current branch ---
+for /f "tokens=*" %%b in ('git rev-parse --abbrev-ref HEAD') do set "CURRENT_BRANCH=%%b"
+echo %DIM%   Repository: !REPO!%RESET%
+echo %DIM%   Branch:     %CURRENT_BRANCH%%RESET%
+echo.
+REM --- Guard: don't PR from main or a bare version branch ---
+if "%CURRENT_BRANCH%"=="main" (
+    echo %RED%X  You are on main. Switch to a feature or changes branch first.%RESET%
+    echo.
+    exit /b 1
+)
+echo %CURRENT_BRANCH% | findstr /r "^v[0-9]*\\.[0-9]*\\.[0-9]*$" >nul 2>&1
+if not errorlevel 1 (
+    echo %RED%X  You are on a version branch ^(%CURRENT_BRANCH%^). Switch to a feature or changes branch first.%RESET%
+    echo.
+    exit /b 1
+)
+REM --- Fetch latest remote refs ---
+echo %CYAN%[1/4]%RESET% Fetching remote branches...
+git fetch --prune >nul 2>&1
+REM --- Determine target branch ---
+set "TARGET="
+REM Check if current branch is a -changes branch (last 8 chars)
+if "!CURRENT_BRANCH:~-8!"=="-changes" (
+    set "TARGET=!CURRENT_BRANCH:~0,-8!"
+    echo %GREEN%   Detected -changes branch. Target: %BOLD%!TARGET!%RESET%
+    goto :do_merge
+)
+REM Look for v*-changes branches on remote (highest version first)
+set "TARGET="
+for /f "tokens=*" %%r in ('git branch -r --sort=-version:refname --list "origin/v*-changes" 2^>nul') do (
+    if not defined TARGET (
+        set "RAW=%%r"
+        set "BRANCH=!RAW:  origin/=!"
+        set "BRANCH=!BRANCH:origin/=!"
+        set "TARGET=!BRANCH!"
+    )
+)
+if defined TARGET (
+    echo %GREEN%   Release pipeline detected. Target: %BOLD%!TARGET!%RESET%
+) else (
+    REM No -changes branch; try highest version branch
+    set "TARGET="
+    for /f "tokens=*" %%r in ('git branch -r --sort=-version:refname --list "origin/v*" 2^>nul') do (
+        if not defined TARGET (
+            set "RAW=%%r"
+            set "BRANCH=!RAW:  origin/=!"
+            set "BRANCH=!BRANCH:origin/=!"
+            set "TAIL=!BRANCH:~-8!"
+            if not "!TAIL!"=="-changes" set "TARGET=!BRANCH!"
+        )
+    )
+    if defined TARGET (
+        echo %GREEN%   Version branch detected. Target: %BOLD%!TARGET!%RESET%
+    ) else (
+        set "TARGET=main"
+        echo %YELLOW%   No release pipeline or version branch found. Target: %BOLD%main%RESET%
+    )
+)
+:do_merge
+echo.
+REM --- Merge target into current branch ---
+echo %CYAN%[2/4]%RESET% Merging %BOLD%!TARGET!%RESET% into %BOLD%%CURRENT_BRANCH%%RESET%...
+git merge origin/!TARGET! --no-edit
+if errorlevel 1 (
+    echo.
+    echo %RED%X  Merge conflict detected.%RESET%
+    git merge --abort >nul 2>&1
+    echo %DIM%   Resolve conflicts manually, then retry.%RESET%
+    echo.
+    exit /b 1
+)
+echo %GREEN%   OK%RESET%
+echo.
+REM --- Push current branch to origin ---
+echo %CYAN%[3/4]%RESET% Pushing %CURRENT_BRANCH% to origin...
+git push -u origin HEAD
+if errorlevel 1 (
+    echo.
+    echo %RED%X  Failed to push branch to origin.%RESET%
+    echo.
+    exit /b 1
+)
+echo %GREEN%   OK%RESET%
+echo.
+REM --- Guard: don't PR into the same branch ---
+if "!TARGET!"=="!CURRENT_BRANCH!" (
+    echo %RED%X  Target branch is the same as current branch ^(!TARGET!^). Cannot create PR.%RESET%
+    echo.
+    exit /b 1
+)
+echo %CYAN%[4/4]%RESET% Creating PR: %BOLD%%CURRENT_BRANCH%%RESET% %DIM%->%RESET% %BOLD%%TARGET%%RESET%
+echo.
+REM --- Create the PR ---
+gh pr create --repo "!REPO!" --base "%TARGET%" --fill
+if errorlevel 1 (
+    echo.
+    echo %RED%X  Failed to create pull request.%RESET%
+    echo %DIM%   Check the error above. A PR may already exist for this branch.%RESET%
+    echo.
+    exit /b 1
+)
+echo.
+echo %GREEN%%BOLD%   PR created successfully!%RESET%
+echo.
+`
+  },
+  {
+    name: "commit-and-pr",
+    filename: "commit-and-pr.ps1",
+    description: "PowerShell script that combines commit & push with PR creation. Checks for pending changes first: if changes exist, waits for the commit (triggered by Cursor keybinding), shows a summary, then runs create-pr.cmd. If no changes, skips straight to PR. Requires create-pr.cmd in the same directory. Bound to Ctrl+Shift+M.",
+    content: `param()
+$hasChanges = (git status --porcelain 2>$null)
+if ($hasChanges) {
+    $initial = git log --oneline -1 2>$null
+    Write-Host "\`n==========================================" -ForegroundColor Cyan
+    Write-Host "  Starting Commit, Push & PR..." -ForegroundColor Cyan
+    Write-Host "==========================================" -ForegroundColor Cyan
+    Write-Host "  [1/5] Pulling latest..." -ForegroundColor DarkGray
+    Write-Host "  [2/5] Staging changes..." -ForegroundColor DarkGray
+    Write-Host "  [3/5] Generating AI commit message..." -ForegroundColor DarkGray
+    Write-Host "  [4/5] Committing..." -ForegroundColor DarkGray
+    Write-Host "  [5/5] Pushing to remote..." -ForegroundColor DarkGray
+    Write-Host ""
+    Write-Host "  Waiting for commit" -ForegroundColor DarkGray -NoNewline
+    $timeout = 60
+    $elapsed = 0
+    while ($elapsed -lt $timeout) {
+        $current = git log --oneline -1 2>$null
+        if ($current -ne $initial) { break }
+        Start-Sleep -Seconds 1
+        $elapsed++
+        Write-Host "." -ForegroundColor DarkGray -NoNewline
+    }
+    Write-Host ""
+    if ($current -eq $initial) {
+        Write-Host ""
+        Write-Host "  [!] No new commit detected (timed out after \${timeout}s)" -ForegroundColor Yellow
+        Write-Host "  Skipping PR creation." -ForegroundColor Yellow
+        Write-Host ""
+        exit
+    }
+    Start-Sleep -Seconds 2
+    $branch = git rev-parse --abbrev-ref HEAD 2>$null
+    $commit = git log --format='%h %s' -1 2>$null
+    Write-Host ""
+    Write-Host "==========================================" -ForegroundColor Cyan
+    Write-Host "  [OK] Commit & Push Complete" -ForegroundColor Green
+    Write-Host "==========================================" -ForegroundColor Cyan
+    Write-Host "  Branch: $branch" -ForegroundColor Yellow
+    Write-Host "  Commit: $commit" -ForegroundColor White
+    Write-Host ""
+    git --no-pager diff HEAD~1 --stat --color=always 2>$null
+    Write-Host ""
+    Write-Host "==========================================" -ForegroundColor Cyan
+    Write-Host ""
+} else {
+    Write-Host "\`n==========================================" -ForegroundColor Cyan
+    Write-Host "  No changes to commit" -ForegroundColor DarkGray
+    Write-Host "  Proceeding to PR creation..." -ForegroundColor Cyan
+    Write-Host "==========================================" -ForegroundColor Cyan
+    Write-Host ""
+}
+& .\\create-pr.cmd
+`
+  }
+];
+var SCRIPT_TOOLS = [
+  {
+    name: "scripts-list",
+    description: "List available MG Dashboard workflow scripts that can be downloaded into your project. Returns script names, filenames, and descriptions.",
+    inputSchema: { type: "object", properties: {}, required: [] }
+  },
+  {
+    name: "script-get",
+    description: "Get the content of an MG Dashboard workflow script by name. Save the returned content to the filename indicated in the response. Place scripts in the repository root.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: {
+          type: "string",
+          description: `Script name. Available: ${SCRIPTS.map((s) => s.name).join(", ")}`
+        }
+      },
+      required: ["name"]
+    }
+  }
+];
+var SCRIPT_TOOL_NAMES = new Set(SCRIPT_TOOLS.map((t) => t.name));
+function handleScriptTool(toolName, args2) {
+  switch (toolName) {
+    case "scripts-list": {
+      const list = SCRIPTS.map((s) => ({
+        name: s.name,
+        filename: s.filename,
+        description: s.description
+      }));
+      return {
+        content: [
+          {
+            type: "text",
+            text: JSON.stringify(list, null, 2)
+          }
+        ]
+      };
+    }
+    case "script-get": {
+      const scriptName = String(args2.name);
+      const script = SCRIPTS.find((s) => s.name === scriptName);
+      if (!script) {
+        const available = SCRIPTS.map((s) => s.name).join(", ");
+        return {
+          content: [
+            {
+              type: "text",
+              text: `Unknown script: "${scriptName}". Available scripts: ${available}`
+            }
+          ]
+        };
+      }
+      return {
+        content: [
+          {
+            type: "text",
+            text: [
+              `Filename: ${script.filename}`,
+              `Description: ${script.description}`,
+              `Place this file in the repository root.`,
+              "",
+              "--- CONTENT START ---",
+              script.content,
+              "--- CONTENT END ---"
+            ].join("\n")
+          }
+        ]
+      };
+    }
+    default:
+      return { content: [{ type: "text", text: `Unknown script tool: ${toolName}` }] };
+  }
+}
+// src/agent-tools.ts
+var VALID_FINDING_TYPES = /* @__PURE__ */ new Set([
+  "missing_docs",
+  "inaccurate",
+  "incomplete",
+  "outdated",
+  "improvement",
+  "n_plus_1_query",
+  "bundle_size",
+  "unnecessary_rerender",
+  "slow_endpoint",
+  "memory_leak",
+  "missing_memoization",
+  "large_dependency"
+]);
+var VALID_SEVERITIES = /* @__PURE__ */ new Set(["info", "warning", "critical"]);
+var VALID_SCOPES = /* @__PURE__ */ new Set([
+  "architecture",
+  "module",
+  "component",
+  "api",
+  "package"
+]);
+var VALID_REVIEW_STATUSES = /* @__PURE__ */ new Set([
+  "pending",
+  "approved",
+  "rejected",
+  "outdated"
+]);
+var AGENT_TOOLS = [
+  {
+    name: "agent-report-coverage",
+    description: "Report documentation coverage data for a repository. Upserts records into doc_coverage. Call once per logical unit (package, module, theme, plugin directory). Provide all entries in a single call for efficiency.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        repo_slug: {
+          type: "string",
+          description: 'Repository slug (e.g. "mg-dashboard", "bna-wordpress")'
+        },
+        refront_project_id: {
+          type: "string",
+          description: "Refront project UUID linked to this repository"
+        },
+        entries: {
+          type: "array",
+          description: "Array of coverage entries, one per logical unit",
+          items: {
+            type: "object",
+            properties: {
+              path: { type: "string", description: 'Logical unit path (e.g. "packages/ui", "wp-content/themes/bna")' },
+              total_functions: { type: "number", description: "Total public functions/methods" },
+              documented_functions: { type: "number", description: "Functions with doc comments" },
+              total_types: { type: "number", description: "Total classes/interfaces/types" },
+              documented_types: { type: "number", description: "Types with doc comments" },
+              total_endpoints: { type: "number", description: "Total API/REST/hook endpoints" },
+              documented_endpoints: { type: "number", description: "Endpoints with documentation" }
+            },
+            required: ["path", "total_functions", "documented_functions"]
+          }
+        }
+      },
+      required: ["repo_slug", "refront_project_id", "entries"]
+    }
+  },
+  {
+    name: "agent-report-finding",
+    description: "Report documentation or performance findings for a repository. Inserts records into doc_suggestion. Auto-creates a parent documentation record if one does not exist yet. Batch multiple findings in one call.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        repo_slug: {
+          type: "string",
+          description: "Repository slug"
+        },
+        refront_project_id: {
+          type: "string",
+          description: "Refront project UUID linked to this repository"
+        },
+        category: {
+          type: "string",
+          enum: ["scan_findings", "perf_audit"],
+          description: 'Finding category: "scan_findings" for doc issues, "perf_audit" for performance issues'
+        },
+        findings: {
+          type: "array",
+          description: "Array of findings to report",
+          items: {
+            type: "object",
+            properties: {
+              type: {
+                type: "string",
+                enum: [...VALID_FINDING_TYPES],
+                description: "Finding type"
+              },
+              severity: {
+                type: "string",
+                enum: ["info", "warning", "critical"],
+                description: "Severity level"
+              },
+              description: {
+                type: "string",
+                description: "Clear description of the issue (max 2000 chars)"
+              },
+              file_path: {
+                type: "string",
+                description: "Relative file path where the issue was found"
+              },
+              suggested_fix: {
+                type: "string",
+                description: "Suggested fix with code example (max 5000 chars)"
+              }
+            },
+            required: ["type", "severity", "description"]
+          }
+        }
+      },
+      required: ["repo_slug", "refront_project_id", "category", "findings"]
+    }
+  },
+  {
+    name: "agent-save-documentation",
+    description: "Save or update a documentation record for a repository. Upserts by repo_slug + scope + path combination.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        repo_slug: { type: "string", description: "Repository slug" },
+        refront_project_id: { type: "string", description: "Refront project UUID" },
+        scope: {
+          type: "string",
+          enum: [...VALID_SCOPES],
+          description: "Documentation scope"
+        },
+        path: {
+          type: "string",
+          description: 'Path within the repo (e.g. "packages/ui", "__perf_audit__")'
+        },
+        title: { type: "string", description: "Document title" },
+        content: { type: "string", description: "Documentation content (markdown)" },
+        review_status: {
+          type: "string",
+          enum: [...VALID_REVIEW_STATUSES],
+          description: 'Review status (default: "pending")'
+        }
+      },
+      required: ["repo_slug", "refront_project_id", "scope", "path", "title", "content"]
+    }
+  },
+  {
+    name: "agent-list-findings",
+    description: "List existing findings (doc_suggestion records) for a repository. Use this to check what has already been reported before submitting new findings.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        repo_slug: { type: "string", description: "Repository slug" },
+        type: {
+          type: "string",
+          enum: [...VALID_FINDING_TYPES],
+          description: "Filter by finding type"
+        },
+        severity: {
+          type: "string",
+          enum: ["info", "warning", "critical"],
+          description: "Filter by severity"
+        },
+        status: {
+          type: "string",
+          enum: ["open", "accepted", "rejected", "fixed"],
+          description: "Filter by status (default: all)"
+        },
+        limit: {
+          type: "number",
+          description: "Max results to return (default: 50, max: 200)"
+        }
+      },
+      required: ["repo_slug"]
+    }
+  },
+  {
+    name: "agent-get-documentation",
+    description: "Retrieve existing documentation records for a repository. Use this to read current docs before generating or reviewing.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        repo_slug: { type: "string", description: "Repository slug" },
+        scope: {
+          type: "string",
+          enum: [...VALID_SCOPES],
+          description: "Filter by scope"
+        },
+        path: { type: "string", description: "Filter by exact path" },
+        limit: {
+          type: "number",
+          description: "Max results to return (default: 20, max: 100)"
+        }
+      },
+      required: ["repo_slug"]
+    }
+  }
+];
+var AGENT_TOOL_NAMES = new Set(AGENT_TOOLS.map((t) => t.name));
+var AGENT_TOOL_MODULE_MAP = {
+  "agent-report-coverage": "agent_reporting",
+  "agent-report-finding": "agent_reporting",
+  "agent-save-documentation": "agent_reporting",
+  "agent-list-findings": "agent_reporting",
+  "agent-get-documentation": "agent_reporting"
+};
+function clamp(val, min, max) {
+  return Math.max(min, Math.min(max, val));
+}
+function sanitizeString(val, maxLen) {
+  return String(val ?? "").slice(0, maxLen);
+}
+async function getOrCreateParentDoc(supabase2, repoSlug, refrontProjectId, category) {
+  const path = category === "perf_audit" ? "__perf_audit__" : "__scan_findings__";
+  const title = category === "perf_audit" ? `Performance Audit: ${repoSlug}` : `Scan Findings: ${repoSlug}`;
+  const { data: existing } = await supabase2.from("project_documentation").select("id").eq("repo_slug", repoSlug).eq("path", path).maybeSingle();
+  if (existing) return existing.id;
+  const { data: inserted, error } = await supabase2.from("project_documentation").insert({
+    refront_project_id: refrontProjectId,
+    repo_slug: repoSlug,
+    scope: "architecture",
+    path,
+    title,
+    content: `Auto-generated parent record for ${category.replace("_", " ")} suggestions.`,
+    generated_by: `${category}-agent-v1`,
+    review_status: "pending"
+  }).select("id").single();
+  if (error || !inserted) {
+    throw new Error(`Failed to create parent doc record: ${error?.message}`);
+  }
+  return inserted.id;
+}
+async function handleAgentTool(name, args2, deps) {
+  const { supabase: supabase2 } = deps;
+  switch (name) {
+    // -----------------------------------------------------------------
+    case "agent-report-coverage": {
+      const repoSlug = sanitizeString(args2.repo_slug, 200);
+      const refrontProjectId = sanitizeString(args2.refront_project_id, 100);
+      const entries = Array.isArray(args2.entries) ? args2.entries : [];
+      if (!repoSlug) throw new Error("repo_slug is required");
+      if (!refrontProjectId) throw new Error("refront_project_id is required");
+      if (entries.length === 0) throw new Error("entries array must not be empty");
+      const wsId = deps.workspaceId;
+      const scanCommit = wsId ? `agent-scan-${wsId.slice(0, 8)}` : `agent-scan-${Date.now().toString(36)}`;
+      let upserted = 0;
+      let errors = 0;
+      for (const entry of entries) {
+        const { error } = await supabase2.from("doc_coverage").upsert(
+          {
+            refront_project_id: refrontProjectId,
+            repo_slug: repoSlug,
+            path: sanitizeString(entry.path, 500),
+            total_functions: clamp(Number(entry.total_functions) || 0, 0, 99999),
+            documented_functions: clamp(Number(entry.documented_functions) || 0, 0, 99999),
+            total_types: clamp(Number(entry.total_types) || 0, 0, 99999),
+            documented_types: clamp(Number(entry.documented_types) || 0, 0, 99999),
+            total_endpoints: clamp(Number(entry.total_endpoints) || 0, 0, 99999),
+            documented_endpoints: clamp(Number(entry.documented_endpoints) || 0, 0, 99999),
+            scan_commit: scanCommit,
+            scanned_at: (/* @__PURE__ */ new Date()).toISOString()
+          },
+          { onConflict: "repo_slug,path" }
+        );
+        if (error) errors++;
+        else upserted++;
+      }
+      return {
+        content: [{
+          type: "text",
+          text: `Coverage reported: ${upserted} entries upserted${errors > 0 ? `, ${errors} errors` : ""}`
+        }]
+      };
+    }
+    // -----------------------------------------------------------------
+    case "agent-report-finding": {
+      const repoSlug = sanitizeString(args2.repo_slug, 200);
+      const refrontProjectId = sanitizeString(args2.refront_project_id, 100);
+      const category = args2.category;
+      const findings = Array.isArray(args2.findings) ? args2.findings : [];
+      if (!repoSlug) throw new Error("repo_slug is required");
+      if (!refrontProjectId) throw new Error("refront_project_id is required");
+      if (!category || !["scan_findings", "perf_audit"].includes(category)) {
+        throw new Error('category must be "scan_findings" or "perf_audit"');
+      }
+      if (findings.length === 0) throw new Error("findings array must not be empty");
+      const parentDocId = await getOrCreateParentDoc(supabase2, repoSlug, refrontProjectId, category);
+      let inserted = 0;
+      let errors = 0;
+      for (const f of findings) {
+        const findingType = VALID_FINDING_TYPES.has(f.type) ? f.type : "improvement";
+        const severity = VALID_SEVERITIES.has(f.severity) ? f.severity : "info";
+        const description = sanitizeString(f.description, 2e3);
+        if (!description) continue;
+        const { error } = await supabase2.from("doc_suggestion").insert({
+          documentation_id: parentDocId,
+          type: findingType,
+          severity,
+          description,
+          file_path: f.file_path ? sanitizeString(f.file_path, 500) : null,
+          suggested_fix: f.suggested_fix ? sanitizeString(f.suggested_fix, 5e3) : null,
+          status: "open"
+        });
+        if (error) errors++;
+        else inserted++;
+      }
+      return {
+        content: [{
+          type: "text",
+          text: `Findings reported: ${inserted} inserted under ${category}${errors > 0 ? `, ${errors} errors` : ""}`
+        }]
+      };
+    }
+    // -----------------------------------------------------------------
+    case "agent-save-documentation": {
+      const repoSlug = sanitizeString(args2.repo_slug, 200);
+      const refrontProjectId = sanitizeString(args2.refront_project_id, 100);
+      const scope = VALID_SCOPES.has(args2.scope) ? args2.scope : "module";
+      const path = sanitizeString(args2.path, 500);
+      const title = sanitizeString(args2.title, 500);
+      const content = sanitizeString(args2.content, 1e5);
+      const reviewStatus = VALID_REVIEW_STATUSES.has(args2.review_status) ? args2.review_status : "pending";
+      if (!repoSlug) throw new Error("repo_slug is required");
+      if (!refrontProjectId) throw new Error("refront_project_id is required");
+      if (!path) throw new Error("path is required");
+      if (!title) throw new Error("title is required");
+      if (!content) throw new Error("content is required");
+      const { data: existing } = await supabase2.from("project_documentation").select("id").eq("repo_slug", repoSlug).eq("scope", scope).eq("path", path).maybeSingle();
+      if (existing) {
+        const { error: error2 } = await supabase2.from("project_documentation").update({
+          title,
+          content,
+          review_status: reviewStatus,
+          updated_at: (/* @__PURE__ */ new Date()).toISOString()
+        }).eq("id", existing.id);
+        if (error2) throw new Error(`Failed to update documentation: ${error2.message}`);
+        return { content: [{ type: "text", text: `Documentation updated: ${title} (${scope}/${path})` }] };
+      }
+      const generatedBy = deps.workspaceId ? `agent-${deps.workspaceId.slice(0, 8)}` : "agent-mcp";
+      const { error } = await supabase2.from("project_documentation").insert({
+        refront_project_id: refrontProjectId,
+        repo_slug: repoSlug,
+        scope,
+        path,
+        title,
+        content,
+        generated_by: generatedBy,
+        review_status: reviewStatus
+      });
+      if (error) throw new Error(`Failed to save documentation: ${error.message}`);
+      return { content: [{ type: "text", text: `Documentation saved: ${title} (${scope}/${path})` }] };
+    }
+    // -----------------------------------------------------------------
+    case "agent-list-findings": {
+      const repoSlug = sanitizeString(args2.repo_slug, 200);
+      if (!repoSlug) throw new Error("repo_slug is required");
+      const limit = clamp(Number(args2.limit) || 50, 1, 200);
+      let docQuery = supabase2.from("project_documentation").select("id").eq("repo_slug", repoSlug);
+      const docIds = await docQuery;
+      if (!docIds.data || docIds.data.length === 0) {
+        return { content: [{ type: "text", text: `No documentation records found for repo "${repoSlug}"` }] };
+      }
+      let query = supabase2.from("doc_suggestion").select("id, type, severity, description, file_path, status, created_at").in("documentation_id", docIds.data.map((d) => d.id)).order("created_at", { ascending: false }).limit(limit);
+      if (args2.type && VALID_FINDING_TYPES.has(args2.type)) {
+        query = query.eq("type", args2.type);
+      }
+      if (args2.severity && VALID_SEVERITIES.has(args2.severity)) {
+        query = query.eq("severity", args2.severity);
+      }
+      if (args2.status) {
+        query = query.eq("status", args2.status);
+      }
+      const { data: findings, error } = await query;
+      if (error) throw new Error(`Failed to query findings: ${error.message}`);
+      if (!findings || findings.length === 0) {
+        return { content: [{ type: "text", text: `No findings found for repo "${repoSlug}"` }] };
+      }
+      const summary = findings.map(
+        (f) => `[${f.severity}] ${f.type}: ${String(f.description).slice(0, 120)}${f.file_path ? ` (${f.file_path})` : ""} \u2014 ${f.status}`
+      ).join("\n");
+      return {
+        content: [{
+          type: "text",
+          text: `${findings.length} findings for "${repoSlug}":
+${summary}`
+        }]
+      };
+    }
+    // -----------------------------------------------------------------
+    case "agent-get-documentation": {
+      const repoSlug = sanitizeString(args2.repo_slug, 200);
+      if (!repoSlug) throw new Error("repo_slug is required");
+      const limit = clamp(Number(args2.limit) || 20, 1, 100);
+      let query = supabase2.from("project_documentation").select("id, repo_slug, scope, path, title, content, review_status, generated_by, created_at, updated_at").eq("repo_slug", repoSlug).order("updated_at", { ascending: false }).limit(limit);
+      if (args2.scope && VALID_SCOPES.has(args2.scope)) {
+        query = query.eq("scope", args2.scope);
+      }
+      if (args2.path) {
+        query = query.eq("path", sanitizeString(args2.path, 500));
+      }
+      const { data: docs, error } = await query;
+      if (error) throw new Error(`Failed to query documentation: ${error.message}`);
+      if (!docs || docs.length === 0) {
+        return { content: [{ type: "text", text: `No documentation found for repo "${repoSlug}"` }] };
+      }
+      const output = docs.map((d) => {
+        const contentPreview = String(d.content || "").slice(0, 500);
+        return [
+          `## ${d.title} (${d.scope}/${d.path})`,
+          `Status: ${d.review_status} | By: ${d.generated_by || "unknown"}`,
+          `Updated: ${d.updated_at || d.created_at}`,
+          "",
+          contentPreview + (String(d.content || "").length > 500 ? "\n...(truncated)" : ""),
+          ""
+        ].join("\n");
+      }).join("\n---\n\n");
+      return {
+        content: [{ type: "text", text: `${docs.length} docs for "${repoSlug}":
+${output}` }]
+      };
+    }
+    // -----------------------------------------------------------------
+    default:
+      return { content: [{ type: "text", text: `Unknown agent tool: ${name}` }] };
+  }
+}
 // src/index.ts
 var args = process.argv.slice(2);
 function getArg(name) {
@@ -383,6 +1214,9 @@ var supabaseUrl = getArg("supabase-url") || process.env.SUPABASE_URL;
 var supabaseKey = getArg("supabase-key") || process.env.SUPABASE_SERVICE_ROLE_KEY;
 var encryptionKey = getArg("encryption-key") || process.env.ENCRYPTION_KEY;
 var mijnhostApiKey = getArg("mijnhost-api-key") || process.env.MIJNHOST_API_KEY;
+var agentWorkspaceId = getArg("workspace-id") || process.env.AGENT_WORKSPACE_ID || null;
+var httpMode = args.includes("--http");
+var httpPort = Number(getArg("port")) || 3100;
 if (!apiKey) {
   console.error("API key is required. Use --api-key=dk_xxx or set MG_DASHBOARD_API_KEY");
   process.exit(1);
@@ -439,16 +1273,14 @@ setInterval(() => {
 }, 5 * 60 * 1e3).unref();
 var MODULE_KEYS = [
   "users",
-  "emails",
-  "logs",
   "ssh_servers",
   "supabase",
   "wiki",
   "ci_cd",
   "source_control",
   "domains",
-  "google_search_console",
-  "settings"
+  "settings",
+  "agent_reporting"
 ];
 var FULL_PERMISSIONS = {
   modules: Object.fromEntries(MODULE_KEYS.map((k) => [k, true])),
@@ -487,28 +1319,18 @@ function intersectServerAccess(keyServerIds, permissionServerIds) {
 }
 var TOOL_MODULE_MAP = {
   "list-servers": "ssh_servers",
-  "server-status": "ssh_servers",
   "ssh-execute": "ssh_servers",
-  "server-reboot": "ssh_servers",
-  "server-restart-service": "ssh_servers",
   "sftp-list": "ssh_servers",
   "sftp-read": "ssh_servers",
   "sftp-write": "ssh_servers",
   "sftp-delete": "ssh_servers",
   "docker-list": "ssh_servers",
-  "docker-action": "ssh_servers",
   "docker-logs": "ssh_servers",
   "db-discover": "ssh_servers",
   "db-tables": "ssh_servers",
   "db-describe": "ssh_servers",
   "db-query": "ssh_servers",
   "cache-purge": "ssh_servers",
-  "log-list": "ssh_servers",
-  "log-read": "ssh_servers",
-  "cron-list": "ssh_servers",
-  "cron-add": "ssh_servers",
-  "cron-remove": "ssh_servers",
-  "cron-toggle": "ssh_servers",
   "env-list": "ci_cd",
   "env-get": "ci_cd",
   "env-store": "ci_cd",
@@ -518,7 +1340,8 @@ var TOOL_MODULE_MAP = {
   "dns-create": "domains",
   "dns-update": "domains",
   "dns-delete": "domains",
-  ...TRIGGER_TOOL_MODULE_MAP
+  ...TRIGGER_TOOL_MODULE_MAP,
+  ...AGENT_TOOL_MODULE_MAP
 };
 var authContext = null;
 async function validateApiKey(key) {
@@ -660,6 +1483,11 @@ function stageToVercelTargets(stageType, customEnvId) {
   if (customEnvId) return { customEnvironmentIds: [customEnvId] };
   return { target: ["preview"] };
 }
+function getVercelEnvSyncTargetings(stageType, customEnvId) {
+  const primary = stageToVercelTargets(stageType, customEnvId);
+  if (stageType !== "dev") return [primary];
+  return [primary, { target: ["development"] }];
+}
 async function syncEnvVarsToVercel(token, projectId, envVars) {
   if (envVars.length === 0) return { created: 0, error: null };
   const res = await fetch(
@@ -735,18 +1563,24 @@ async function attemptVercelSync(appName, environment, knownStageId) {
         syncResults.push(`${app.label}: empty config`);
         continue;
       }
-      const targeting = stageToVercelTargets(stageType, app.vercelCustomEnvId);
-      const envVars = keys.map((key) => ({
-        key,
-        value: pairs[key],
-        type: "encrypted",
-        ...targeting
-      }));
-      const { created, error } = await syncEnvVarsToVercel(token, app.vercelProjectId, envVars);
-      if (error) {
-        syncResults.push(`${app.label}: FAILED - ${error}`);
+      const targetings = getVercelEnvSyncTargetings(stageType, app.vercelCustomEnvId);
+      let createdTotal = 0;
+      let lastErr = null;
+      for (const targeting of targetings) {
+        const envVars = keys.map((key) => ({
+          key,
+          value: pairs[key],
+          type: "plain",
+          ...targeting
+        }));
+        const { created, error } = await syncEnvVarsToVercel(token, app.vercelProjectId, envVars);
+        if (error) lastErr = error;
+        else createdTotal += created;
+      }
+      if (lastErr) {
+        syncResults.push(`${app.label}: FAILED - ${lastErr}`);
       } else {
-        syncResults.push(`${app.label}: ${created} vars synced`);
+        syncResults.push(`${app.label}: ${createdTotal} var upsert(s) synced`);
       }
     }
     return `Vercel sync: ${syncResults.join("; ")}`;
@@ -1215,16 +2049,6 @@ function assertSafeCommand(command) {
     }
   }
 }
-var ALLOWED_LOG_PREFIXES = ["/var/log/", "/usr/local/lsws/logs/", "/var/www/"];
-function assertAllowedLogPath(filePath) {
-  const safe = sanitizePath(filePath);
-  if (!safe.endsWith(".log")) {
-    throw new Error("Only .log files can be read with log-read");
-  }
-  if (!ALLOWED_LOG_PREFIXES.some((prefix) => safe.startsWith(prefix))) {
-    throw new Error(`Path not allowed. Must be under: ${ALLOWED_LOG_PREFIXES.join(", ")}`);
-  }
-}
 async function discoverSiteDatabases(conn, proxy) {
   const script = `
 check_dir() {
@@ -1390,17 +2214,6 @@ var TOOLS = [
     description: "List all SSH servers you have access to. Returns id, name, hostname, and tags for each server.",
     inputSchema: { type: "object", properties: {}, required: [] }
   },
-  {
-    name: "server-status",
-    description: "Get server status including uptime, disk usage, memory, and load average.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" }
-      },
-      required: ["serverId"]
-    }
-  },
   {
     name: "ssh-execute",
     description: "Execute a shell command on a remote server via SSH. Some dangerous commands are blocked for safety.",
@@ -1414,29 +2227,6 @@ var TOOLS = [
       required: ["serverId", "command"]
     }
   },
-  {
-    name: "server-reboot",
-    description: "Reboot a remote server. This will cause downtime. The server will be unavailable until it restarts.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server to reboot" }
-      },
-      required: ["serverId"]
-    }
-  },
-  {
-    name: "server-restart-service",
-    description: "Restart a systemd service on a remote server using systemctl restart.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" },
-        serviceName: { type: "string", description: "Name of the systemd service (e.g. nginx, docker, lsws)" }
-      },
-      required: ["serverId", "serviceName"]
-    }
-  },
   {
     name: "sftp-list",
     description: "List files and directories at a given path on a remote server via SFTP.",
@@ -1497,19 +2287,6 @@ var TOOLS = [
       required: ["serverId"]
     }
   },
-  {
-    name: "docker-action",
-    description: "Perform an action on a Docker container: start, stop, restart, or remove.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" },
-        containerName: { type: "string", description: "Container name or ID" },
-        action: { type: "string", enum: ["start", "stop", "restart", "remove"], description: "Action to perform" }
-      },
-      required: ["serverId", "containerName", "action"]
-    }
-  },
   {
     name: "docker-logs",
     description: "Get recent logs from a Docker container.",
@@ -1621,86 +2398,6 @@ var TOOLS = [
       required: ["serverId"]
     }
   },
-  {
-    name: "log-list",
-    description: "Discover available log files on a server. Scans LiteSpeed logs, PHP error logs, syslog, and per-site application logs (WordPress debug.log, PrestaShop var/logs, Laravel storage/logs). Returns paths with file sizes and last modified dates.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" }
-      },
-      required: ["serverId"]
-    }
-  },
-  {
-    name: "log-read",
-    description: "Read the last N lines from a specific log file on a server. Use log-list first to discover available files. Optionally filter lines with a grep pattern.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" },
-        path: { type: "string", description: "Absolute path to the log file (must end in .log)" },
-        lines: { type: "number", description: "Number of lines to read (default: 100, max: 500)" },
-        filter: { type: "string", description: "Optional grep pattern to filter lines before tailing" }
-      },
-      required: ["serverId", "path"]
-    }
-  },
-  // ----- Cron Jobs -----
-  {
-    name: "cron-list",
-    description: "List all cron jobs on a server. Shows root crontab, system cron directories (/etc/cron.d/), and www-data crontab. Each entry shows the schedule, command, user, and source. Disabled (commented) entries are marked.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" },
-        user: { type: "string", description: "Specific user crontab to list (default: lists root + www-data + /etc/cron.d/)" }
-      },
-      required: ["serverId"]
-    }
-  },
-  {
-    name: "cron-add",
-    description: 'Add a new cron job to a user crontab. Provide a standard cron schedule expression and command. Examples: "0 2 * * * /usr/bin/backup.sh" (daily at 2am), "*/5 * * * * curl http://example.com/cron.php" (every 5 min).',
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" },
-        schedule: { type: "string", description: 'Cron schedule expression (e.g. "0 2 * * *" or "@daily")' },
-        command: { type: "string", description: "Command to execute" },
-        user: { type: "string", description: "User whose crontab to edit (default: root)" },
-        comment: { type: "string", description: "Optional comment to add above the cron entry (for identification)" }
-      },
-      required: ["serverId", "schedule", "command"]
-    }
-  },
-  {
-    name: "cron-remove",
-    description: "Remove a cron job from a user crontab by matching the command string (exact or partial match). Use cron-list first to see existing jobs.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" },
-        commandMatch: { type: "string", description: "Full or partial command string to match for removal" },
-        user: { type: "string", description: "User whose crontab to edit (default: root)" }
-      },
-      required: ["serverId", "commandMatch"]
-    }
-  },
-  {
-    name: "cron-toggle",
-    description: "Enable or disable a cron job by commenting/uncommenting it. Matches by command string. Use cron-list to find the job first.",
-    inputSchema: {
-      type: "object",
-      properties: {
-        serverId: { type: "string", description: "UUID of the SSH server" },
-        commandMatch: { type: "string", description: "Full or partial command string to match" },
-        enable: { type: "boolean", description: "true to enable (uncomment), false to disable (comment out)" },
-        user: { type: "string", description: "User whose crontab to edit (default: root)" }
-      },
-      required: ["serverId", "commandMatch", "enable"]
-    }
-  },
   // ----- Domains (mijn.host) -----
   {
     name: "domain-list",
@@ -1775,13 +2472,14 @@ var TOOLS = [
     }
   },
   // ----- Trigger.dev -----
-  ...TRIGGER_TOOLS
+  ...TRIGGER_TOOLS,
+  // ----- Scripts -----
+  ...SCRIPT_TOOLS,
+  // ----- Agent Reporting -----
+  ...AGENT_TOOLS
 ];
-var server = new Server(
-  { name: "mg-dashboard-mcp", version: "2.2.0" },
-  { capabilities: { tools: {} } }
-);
-server.setRequestHandler(ListToolsRequestSchema, async () => {
+var MCP_VERSION = "2.3.1";
+async function handleListTools() {
   if (!authContext) return { tools: TOOLS };
   const accessible = TOOLS.filter((tool) => {
     const requiredModule = TOOL_MODULE_MAP[tool.name];
@@ -1789,8 +2487,8 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
     return authContext.permissions.modules[requiredModule] === true;
   });
   return { tools: accessible };
-});
-server.setRequestHandler(CallToolRequestSchema, async (request) => {
+}
+async function handleCallTool(request) {
   if (!authContext) {
     return { content: [{ type: "text", text: "Error: not authenticated" }] };
   }
@@ -1821,15 +2519,6 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
         });
         return { content: [{ type: "text", text: lines.length ? lines.join("\n") : "No servers found" }] };
       }
-      case "server-status": {
-        const { conn, proxy } = await getServerConnection(String(a.serverId));
-        const cmd = 'echo "=== UPTIME ===" && uptime && echo "=== DISK ===" && df -h --total && echo "=== MEMORY ===" && free -h && echo "=== LOAD ===" && cat /proc/loadavg';
-        const result = await sshExec(conn, cmd, proxy);
-        const output = result.exitCode === 0 ? result.stdout : `Exit ${result.exitCode}
-${result.stdout}
-${result.stderr}`;
-        return { content: [{ type: "text", text: output }] };
-      }
       // ----- SSH -----
       case "ssh-execute": {
         const command = String(a.command);
@@ -1844,21 +2533,6 @@ ${result.stdout}`);
 ${result.stderr}`);
         return { content: [{ type: "text", text: output.join("\n") }] };
       }
-      case "server-reboot": {
-        const { conn, proxy } = await getServerConnection(String(a.serverId));
-        const result = await sshExec(conn, "sudo reboot", proxy);
-        return { content: [{ type: "text", text: result.exitCode === 0 ? "Reboot command sent. Server will be unavailable shortly." : `Reboot failed: ${result.stderr}` }] };
-      }
-      case "server-restart-service": {
-        const service = String(a.serviceName).replace(/[^a-zA-Z0-9._@-]/g, "");
-        const { conn, proxy } = await getServerConnection(String(a.serverId));
-        const result = await sshExec(conn, `sudo systemctl restart ${service}`, proxy);
-        if (result.exitCode === 0) {
-          const status = await sshExec(conn, `sudo systemctl is-active ${service}`, proxy);
-          return { content: [{ type: "text", text: `Service "${service}" restarted. Status: ${status.stdout.trim()}` }] };
-        }
-        return { content: [{ type: "text", text: `Failed to restart "${service}": ${result.stderr}` }] };
-      }
       // ----- SFTP (no proxy support yet — direct connection only) -----
       case "sftp-list": {
         const { conn } = await getServerConnection(String(a.serverId));
@@ -1886,17 +2560,6 @@ ${result.stderr}`);
         const result = await sshExec(conn, 'docker ps -a --format "table {{.Names}}	{{.Image}}	{{.Status}}	{{.Ports}}"', proxy);
         return { content: [{ type: "text", text: result.exitCode === 0 ? result.stdout : `Error: ${result.stderr}` }] };
       }
-      case "docker-action": {
-        const container = String(a.containerName).replace(/[^a-zA-Z0-9._-]/g, "");
-        const action = String(a.action);
-        if (!["start", "stop", "restart", "remove"].includes(action)) {
-          throw new Error(`Invalid action: ${action}. Use start, stop, restart, or remove.`);
-        }
-        const { conn, proxy } = await getServerConnection(String(a.serverId));
-        const dockerCmd = action === "remove" ? `docker rm -f ${container}` : `docker ${action} ${container}`;
-        const result = await sshExec(conn, dockerCmd, proxy);
-        return { content: [{ type: "text", text: result.exitCode === 0 ? `Container "${container}" ${action}ed successfully` : `Error: ${result.stderr}` }] };
-      }
       case "docker-logs": {
         const container = String(a.containerName).replace(/[^a-zA-Z0-9._-]/g, "");
         const lines = Number(a.lines) || 100;
@@ -2120,157 +2783,6 @@ echo -e "$R"
         const output = (result.stdout || "").trim();
         return { content: [{ type: "text", text: output || "Cache purge completed (no output)" }] };
       }
-      // ----- Log Reading -----
-      case "log-list": {
-        const { conn, proxy } = await getServerConnection(String(a.serverId));
-        const script = `
-{
-  [ -d /usr/local/lsws/logs ] && find /usr/local/lsws/logs -maxdepth 2 -name "*.log" -type f 2>/dev/null
-  for f in /var/log/syslog /var/log/messages /var/log/auth.log /var/log/kern.log; do [ -f "$f" ] && echo "$f"; done
-  find /var/log -maxdepth 2 \\( -name "php*.log" -o -name "lsphp*.log" \\) -type f 2>/dev/null
-  [ -d /var/log/mg-monitoring ] && find /var/log/mg-monitoring -maxdepth 1 -name "*.log" -type f 2>/dev/null
-  for dir in /var/www/*/; do
-    [ -d "$dir" ] || continue
-    for root in "$dir" "\${dir}html" "\${dir}public_html" "\${dir}public" "\${dir}httpdocs"; do
-      [ -d "$root" ] || continue
-      [ -f "$root/wp-content/debug.log" ] && echo "$root/wp-content/debug.log"
-      [ -d "$root/var/logs" ] && find "$root/var/logs" -maxdepth 1 -name "*.log" -type f 2>/dev/null
-      [ -d "$root/log" ] && find "$root/log" -maxdepth 1 -name "*.log" -type f 2>/dev/null
-      [ -d "$root/storage/logs" ] && find "$root/storage/logs" -maxdepth 1 -name "*.log" -type f 2>/dev/null
-    done
-  done
-} | sort -u | while IFS= read -r f; do
-  SZ=$(stat -c%s "$f" 2>/dev/null || echo 0)
-  MOD=$(stat -c%y "$f" 2>/dev/null | cut -d. -f1)
-  if [ "$SZ" -ge 1048576 ] 2>/dev/null; then HR="$(( SZ / 1048576 ))MB"
-  elif [ "$SZ" -ge 1024 ] 2>/dev/null; then HR="$(( SZ / 1024 ))KB"
-  else HR="\${SZ}B"; fi
-  echo "$f  $HR  $MOD"
-done
-`.trim();
-        const result = await sshExec(conn, script, proxy);
-        return { content: [{ type: "text", text: result.stdout || "No log files found" }] };
-      }
-      case "log-read": {
-        const logPath = sanitizePath(String(a.path));
-        assertAllowedLogPath(logPath);
-        const lineCount = Math.min(Math.max(Number(a.lines) || 100, 1), 500);
-        const filter = a.filter ? String(a.filter).replace(/'/g, "'\\''") : "";
-        const { conn, proxy } = await getServerConnection(String(a.serverId));
-        const cmd = filter ? `grep '${filter}' '${logPath}' 2>/dev/null | tail -n ${lineCount}` : `tail -n ${lineCount} '${logPath}' 2>/dev/null`;
-        const result = await sshExec(conn, cmd, proxy);
-        if (result.exitCode !== 0 && !result.stdout) {
-          throw new Error(result.stderr || `Failed to read log: ${logPath}`);
-        }
-        return { content: [{ type: "text", text: result.stdout || "(empty log file)" }] };
-      }
-      // ----- Cron Jobs -----
-      case "cron-list": {
-        const { conn, proxy } = await getServerConnection(a.serverId);
-        const user = a.user ? String(a.user) : null;
-        const parts = [];
-        if (user) {
-          const result = await sshExec(conn, `crontab -l -u ${user} 2>/dev/null || echo '(no crontab for ${user})'`, proxy);
-          parts.push(`## Crontab for ${user}
-${result.stdout}`);
-        } else {
-          const rootCron = await sshExec(conn, `crontab -l 2>/dev/null || echo '(no crontab for root)'`, proxy);
-          parts.push(`## Root crontab
-${rootCron.stdout}`);
-          const wwwCron = await sshExec(conn, `crontab -l -u www-data 2>/dev/null || echo '(no crontab for www-data)'`, proxy);
-          parts.push(`## www-data crontab
-${wwwCron.stdout}`);
-          const cronD = await sshExec(conn, `for f in /etc/cron.d/*; do [ -f "$f" ] && echo "--- $f ---" && cat "$f" && echo; done 2>/dev/null || echo '(no files in /etc/cron.d/)'`, proxy);
-          parts.push(`## /etc/cron.d/
-${cronD.stdout}`);
-          const summary = await sshExec(conn, [
-            `echo "## Scheduled directories"`,
-            `echo "cron.hourly:  $(ls /etc/cron.hourly/ 2>/dev/null | wc -l) scripts"`,
-            `echo "cron.daily:   $(ls /etc/cron.daily/ 2>/dev/null | wc -l) scripts"`,
-            `echo "cron.weekly:  $(ls /etc/cron.weekly/ 2>/dev/null | wc -l) scripts"`,
-            `echo "cron.monthly: $(ls /etc/cron.monthly/ 2>/dev/null | wc -l) scripts"`
-          ].join(" && "), proxy);
-          parts.push(summary.stdout);
-        }
-        return { content: [{ type: "text", text: parts.join("\n\n") }] };
-      }
-      case "cron-add": {
-        if (!a.schedule || !a.command) {
-          throw new Error("Both schedule and command are required");
-        }
-        const { conn, proxy } = await getServerConnection(a.serverId);
-        const user = a.user ? String(a.user) : "root";
-        const schedule = String(a.schedule).trim();
-        const command = String(a.command).trim();
-        const commentText = a.comment ? String(a.comment).trim() : "";
-        const entry = commentText ? `# ${commentText}
-${schedule} ${command}` : `${schedule} ${command}`;
-        const result = await sshExec(conn, `(crontab -l -u ${user} 2>/dev/null; echo '${entry.replace(/'/g, "'\\''")}') | crontab -u ${user} -`, proxy);
-        if (result.exitCode !== 0) {
-          throw new Error(result.stderr || "Failed to add cron job");
-        }
-        return { content: [{ type: "text", text: `Cron job added for ${user}:
-${schedule} ${command}` }] };
-      }
-      case "cron-remove": {
-        if (!a.commandMatch) {
-          throw new Error("commandMatch is required \u2013 pass a (partial) command string to identify the cron entry");
-        }
-        const { conn, proxy } = await getServerConnection(a.serverId);
-        const user = a.user ? String(a.user) : "root";
-        const match = String(a.commandMatch).trim();
-        const current = await sshExec(conn, `crontab -l -u ${user} 2>/dev/null`, proxy);
-        const lines = current.stdout.split("\n");
-        const before = lines.length;
-        const filtered = lines.filter((line) => {
-          const trimmed = line.replace(/^#\s*/, "");
-          return !trimmed.includes(match);
-        });
-        const removed = before - filtered.length;
-        if (removed === 0) {
-          return { content: [{ type: "text", text: `No cron entries found matching "${match}"` }] };
-        }
-        const escapedCrontab = filtered.join("\n").replace(/'/g, "'\\''");
-        const result = await sshExec(conn, `echo '${escapedCrontab}' | crontab -u ${user} -`, proxy);
-        if (result.exitCode !== 0) {
-          throw new Error(result.stderr || "Failed to update crontab");
-        }
-        return { content: [{ type: "text", text: `Removed ${removed} cron entry/entries matching "${match}" from ${user} crontab` }] };
-      }
-      case "cron-toggle": {
-        if (!a.commandMatch) {
-          throw new Error("commandMatch is required \u2013 pass a (partial) command string to identify the cron entry");
-        }
-        const { conn, proxy } = await getServerConnection(a.serverId);
-        const user = a.user ? String(a.user) : "root";
-        const match = String(a.commandMatch).trim();
-        const enable = Boolean(a.enable);
-        const current = await sshExec(conn, `crontab -l -u ${user} 2>/dev/null`, proxy);
-        const lines = current.stdout.split("\n");
-        let toggled = 0;
-        const updated = lines.map((line) => {
-          if (enable && line.startsWith("#") && line.replace(/^#\s*/, "").includes(match)) {
-            toggled++;
-            return line.replace(/^#\s*/, "");
-          }
-          if (!enable && !line.startsWith("#") && line.includes(match)) {
-            toggled++;
-            return `# ${line}`;
-          }
-          return line;
-        });
-        if (toggled === 0) {
-          const state = enable ? "disabled" : "enabled";
-          return { content: [{ type: "text", text: `No ${state} cron entries found matching "${match}"` }] };
-        }
-        const escapedCrontab = updated.join("\n").replace(/'/g, "'\\''");
-        const result = await sshExec(conn, `echo '${escapedCrontab}' | crontab -u ${user} -`, proxy);
-        if (result.exitCode !== 0) {
-          throw new Error(result.stderr || "Failed to update crontab");
-        }
-        const action = enable ? "Enabled" : "Disabled";
-        return { content: [{ type: "text", text: `${action} ${toggled} cron entry/entries matching "${match}" in ${user} crontab` }] };
-      }
       // ----- Domains (mijn.host) -----
       case "domain-list": {
         const res = await mijnhostFetch("/domains");
@@ -2412,13 +2924,29 @@ ${lines.join("\n")}` }] };
         if (TRIGGER_TOOL_NAMES.has(name)) {
           return handleTriggerTool(name, a, { sshExec, getServerConnection });
         }
+        if (SCRIPT_TOOL_NAMES.has(name)) {
+          return handleScriptTool(name, a);
+        }
+        if (AGENT_TOOL_NAMES.has(name)) {
+          return handleAgentTool(name, a, { supabase, workspaceId: agentWorkspaceId });
+        }
         return { content: [{ type: "text", text: `Unknown tool: ${name}` }] };
     }
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
     return { content: [{ type: "text", text: `Error: ${message}` }] };
   }
-});
+}
+function createMcpServer() {
+  const s = new Server(
+    { name: "mg-dashboard-mcp", version: MCP_VERSION },
+    { capabilities: { tools: {} } }
+  );
+  s.setRequestHandler(ListToolsRequestSchema, handleListTools);
+  s.setRequestHandler(CallToolRequestSchema, handleCallTool);
+  return s;
+}
+var server = createMcpServer();
 async function main() {
   console.error("Starting MG Dashboard MCP Server...");
   authContext = await validateApiKey(apiKey);
@@ -2426,10 +2954,71 @@ async function main() {
     console.error("API key validation failed");
     process.exit(1);
   }
-  console.error("API key validated. Starting stdio transport...");
-  const transport = new StdioServerTransport();
-  await server.connect(transport);
-  console.error("MCP Server ready. Tools available: " + TOOLS.map((t) => t.name).join(", "));
+  const toolNames = TOOLS.map((t) => t.name).join(", ");
+  if (httpMode) {
+    console.error(`API key validated. Starting Streamable HTTP transport on port ${httpPort}...`);
+    const transports = /* @__PURE__ */ new Map();
+    const httpServer = createServer(async (req, res) => {
+      const url = new URL(req.url ?? "/", `http://localhost:${httpPort}`);
+      if (url.pathname !== "/mcp") {
+        res.writeHead(404, { "Content-Type": "text/plain" });
+        res.end("Not found");
+        return;
+      }
+      if (req.method === "OPTIONS") {
+        res.writeHead(204, {
+          "Access-Control-Allow-Origin": "*",
+          "Access-Control-Allow-Methods": "GET, POST, DELETE, OPTIONS",
+          "Access-Control-Allow-Headers": "Content-Type, mcp-session-id",
+          "Access-Control-Expose-Headers": "mcp-session-id"
+        });
+        res.end();
+        return;
+      }
+      res.setHeader("Access-Control-Allow-Origin", "*");
+      res.setHeader("Access-Control-Expose-Headers", "mcp-session-id");
+      const sessionId = req.headers["mcp-session-id"];
+      let body;
+      if (req.method === "POST") {
+        const chunks = [];
+        for await (const chunk of req) chunks.push(chunk);
+        try {
+          body = JSON.parse(Buffer.concat(chunks).toString());
+        } catch {
+          res.writeHead(400, { "Content-Type": "text/plain" });
+          res.end("Invalid JSON");
+          return;
+        }
+      }
+      if (sessionId && transports.has(sessionId)) {
+        await transports.get(sessionId).handleRequest(req, res, body);
+        return;
+      }
+      if (req.method === "POST" && body && (Array.isArray(body) ? body.some(isInitializeRequest) : isInitializeRequest(body))) {
+        const transport = new StreamableHTTPServerTransport({
+          sessionIdGenerator: () => randomUUID()
+        });
+        transport.onclose = () => {
+          if (transport.sessionId) transports.delete(transport.sessionId);
+        };
+        const sessionServer = createMcpServer();
+        await sessionServer.connect(transport);
+        if (transport.sessionId) transports.set(transport.sessionId, transport);
+        await transport.handleRequest(req, res, body);
+        return;
+      }
+      res.writeHead(400, { "Content-Type": "text/plain" });
+      res.end("Bad request \u2014 missing or invalid session");
+    });
+    httpServer.listen(httpPort, () => {
+      console.error(`MCP HTTP server ready on port ${httpPort}. Tools: ${toolNames}`);
+    });
+  } else {
+    console.error("API key validated. Starting stdio transport...");
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    console.error(`MCP Server ready. Tools: ${toolNames}`);
+  }
 }
 main().catch((err) => {
   console.error("Fatal error:", err);