@miraigent/free-ai-ops-mcp 0.1.1

package/CHANGELOG.md

@@ -0,0 +1,29 @@
+# Changelog
+
+## [0.1.1] - 2026-06-07
+
+### Added
+
+- Added FREE-004 Human Review Gate examples with JSON-RPC input, expected output,
+  and a sample decision log.
+- Added an example npm script for the human_review_gate workflow.
+
+### Changed
+
+- human_review_gate now returns a decision note and nextLogRow so users can copy
+  the result into the free Gumroad review-gate flow CSV.
+
+### Fixed
+
+- Kept the MCP initialize server version aligned with the npm package version
+  and added smoke test coverage for that release metadata.
+
+## [0.1.0] - 2026-06-06
+
+### Added
+
+- Added the first public alpha MCP server.
+- Added human_review_gate, faq_candidate_review, and ai_safe_crm_note.
+- Added prompt_risk_review for pre-AI prompt and task risk review.
+- Added smoke tests, secret scan, GitHub Actions, and issue templates.
+- Added LAUNCH_FLOW.md for free distribution, issue collection, and Miraigent / Agent Memories routing.

package/CONTRIBUTING.md

@@ -0,0 +1,20 @@
+# Contributing
+
+Public contributions should improve free MCP tools for reviewable AI operations.
+
+Before opening a pull request:
+
+- run npm run check
+- run npm test
+- avoid private customer data
+- avoid credentials, tokens, cookies, or private keys
+- avoid MIRAI Memory engine details
+- avoid working memory MCP behavior
+
+Good contributions include:
+
+- clearer output fields
+- safer review checklists
+- better examples
+- smoke-test coverage
+- issue template improvements

package/LAUNCH_FLOW.md

@@ -0,0 +1,344 @@
+# Launch Flow
+
+This document defines the first public launch flow for Miraigent Free AI Ops MCP.
+
+The goal is to distribute useful free MCP tools, collect public GitHub issues,
+and guide interested users toward Miraigent and Agent Memories.
+
+## Launch Position
+
+Use this framing:
+
+Free MCP tools for teams that want to use AI in customer operations without
+losing human review.
+
+Do not frame this as full automation.
+
+The public promise is:
+
+- start with review gates
+- organize FAQ candidates
+- keep CRM notes safer
+- collect feedback in GitHub issues
+- connect deeper implementation needs to Miraigent
+- connect reusable operating lessons to Agent Memories
+
+## First Three MCPs
+
+### 1. Human Review Gate MCP
+
+Primary hook:
+
+Before an AI draft is sent to a customer, decide whether it can proceed, needs
+human review, or should stop.
+
+Why first:
+
+- Easy to understand.
+- Strong safety message.
+- Connects directly to AI governance and support operations.
+- Likely to generate issue feedback about missing risk flags and review fields.
+
+Route:
+
+GitHub free tool -> Issue feedback -> Miraigent free diagnosis for company
+workflow design -> Agent Memories for reusable review lessons.
+
+### 2. FAQ Candidate Review MCP
+
+Primary hook:
+
+Turn repeated inquiries into FAQ candidates before building a chatbot or AI
+reply system.
+
+Why second:
+
+- Strong fit for small business support.
+- Leads naturally to Miraigent's FAQ and inquiry-flow diagnosis.
+- Generates practical issues about status names, fields, and review flows.
+
+Route:
+
+GitHub free tool -> Qiita/Zenn example -> Miraigent resource hub -> free
+diagnosis -> Agent Memories for FAQ decision memory.
+
+### 3. AI-Safe CRM Notes MCP
+
+Primary hook:
+
+Separate customer facts, AI suggestions, human decisions, and next actions in
+CRM notes.
+
+Why third:
+
+- Easy to connect to sales and support.
+- Useful without private integrations.
+- Creates a bridge from free MCP to paid business workflow design.
+
+Route:
+
+GitHub free tool -> note article -> Miraigent free diagnosis -> Agent Memories
+for repeated customer-operation lessons.
+
+### 4. Prompt Risk Review MCP
+
+Primary hook:
+
+Before sending an operational prompt to AI, check whether the task includes
+customer-facing output or sensitive data.
+
+Why fourth:
+
+- It connects naturally to AI safety and public issue feedback.
+- It is useful before users connect the MCP to real workflows.
+- It supports the message that free MCP tools are review helpers, not full
+  automation.
+
+Route:
+
+GitHub free tool -> Issue feedback about missing risk flags -> Miraigent free
+diagnosis for data-handling and review-rule design.
+
+## Second Wave Candidates
+
+Publish after the first three tools have public examples and issue feedback.
+
+- Customer Data Masking Checklist MCP
+- Diagnosis Intake Log MCP
+- Decision Log MCP
+- Support Workflow Starter Map MCP
+
+## Funnel Design
+
+### Step 1: Free Distribution
+
+Channels:
+
+- GitHub repository
+- npm after authentication is ready
+- Qiita implementation article
+- Zenn technical article
+- note business-facing article
+- X thread with one clear use case
+
+CTA:
+
+- Try the free MCP.
+- Open an issue if output fields or review rules are missing.
+- Use only synthetic or public-safe examples in issues.
+
+### Step 2: Issue Collection
+
+Issue types to encourage:
+
+- Missing risk flag.
+- Confusing output.
+- Better checklist field.
+- New workflow candidate.
+- Public-safe real-world use case.
+
+Do not collect:
+
+- private customer records
+- credentials
+- company internal manuals
+- MIRAI Memory engine details
+- working memory MCP requests
+
+### Step 3: Miraigent Route
+
+When a user needs company-specific workflow design, route them to Miraigent.
+
+CTA language:
+
+If your team needs to adapt this to real support, CRM, or FAQ workflows, start
+with Miraigent's free diagnosis.
+
+Primary URL:
+
+https://miraigent.com/diagnosis
+
+Secondary URL:
+
+https://miraigent.com/resources
+
+### Step 4: Agent Memories Route
+
+When a user wants repeated review lessons, decisions, and operating notes to be
+reused, route them to Agent Memories.
+
+CTA language:
+
+If the same review decisions repeat, turn them into reusable operating memory
+with Agent Memories.
+
+Primary URL:
+
+https://agentmemories.jp/
+
+## Posting Plan
+
+### Post 1: GitHub Launch
+
+Goal:
+
+Announce the repository and ask for issues.
+
+Hook:
+
+We published free MCP alpha tools for human-reviewed AI operations.
+
+CTA:
+
+Try them, and open an issue if a review field is missing.
+
+### Post 2: Human Review Gate
+
+Goal:
+
+Explain the most understandable tool first.
+
+Hook:
+
+Do not start with auto-send. Start with a review gate.
+
+CTA:
+
+Use Human Review Gate MCP and tell us what risk flags are missing.
+
+### Post 3: FAQ Candidate Review
+
+Goal:
+
+Connect to inquiry and FAQ pain.
+
+Hook:
+
+Before building an AI chatbot, decide which questions should become FAQ.
+
+CTA:
+
+Use FAQ Candidate Review MCP and suggest missing statuses or fields.
+
+### Post 4: AI-Safe CRM Notes
+
+Goal:
+
+Connect sales/support operations to Miraigent.
+
+Hook:
+
+CRM notes should not mix facts, AI suggestions, and human decisions.
+
+CTA:
+
+Use AI-Safe CRM Notes MCP, then book a Miraigent free diagnosis for real
+workflow design.
+
+### Post 5: Prompt Risk Review
+
+Goal:
+
+Connect free MCP usage to AI safety before automation.
+
+Hook:
+
+Before sending a prompt into AI, check whether it touches customer-facing output
+or sensitive data.
+
+CTA:
+
+Use Prompt Risk Review MCP and open an issue if a risk flag is missing.
+
+### Post 6: Agent Memories Bridge
+
+Goal:
+
+Connect repeated decisions to Agent Memories.
+
+Hook:
+
+If the same AI review decision repeats, it should become reusable operating
+memory.
+
+CTA:
+
+Try the free MCP tools, then use Agent Memories for repeated operating lessons.
+
+## Suggested First Public Thread
+
+Post 1:
+
+Free MCP alpha tools are now public.
+
+They help teams review AI operations before customer-facing automation:
+
+- Human Review Gate
+- FAQ Candidate Review
+- AI-Safe CRM Notes
+- Prompt Risk Review
+
+GitHub:
+https://github.com/Miraigent/miraigent-free-ai-ops-mcp
+
+Post 2:
+
+The first goal is not full automation.
+
+The first goal is to decide:
+
+- what AI may draft
+- what humans must review
+- what should stop
+- what should be logged
+
+Post 3:
+
+If an output feels unclear, open an issue.
+
+Useful issues:
+
+- missing risk flag
+- missing CRM field
+- unclear FAQ status
+- better public-safe example
+
+Please do not include private customer data.
+
+Post 4:
+
+Prompt Risk Review MCP checks whether an operational prompt touches:
+
+- customer-facing output
+- personal data
+- contracts or payments
+- complaints or risk areas
+
+Post 5:
+
+For company-specific support, CRM, or FAQ workflow design, use Miraigent's free
+diagnosis:
+
+https://miraigent.com/diagnosis
+
+Post 6:
+
+For repeated review lessons and operating decisions, connect the workflow to
+Agent Memories:
+
+https://agentmemories.jp/
+
+## Success Signals
+
+Early signals:
+
+- GitHub stars
+- issue reports
+- npm downloads after publication
+- article views
+- resource hub clicks
+- free diagnosis clicks
+- Agent Memories clicks
+
+Do not over-optimize for stars only. Practical issues from real users are more
+valuable.

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Miraigent
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the Software), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,109 @@
+# Miraigent Free AI Ops MCP
+
+Free public MCP tools for practical AI operations.
+
+This repository starts with small alpha tools that help teams review AI usage
+before they automate customer-facing work.
+
+## Alpha Tools
+
+- human_review_gate: decide whether an AI draft should be sent, reviewed, or stopped.
+- faq_candidate_review: turn repeated inquiry patterns into FAQ candidates.
+- ai_safe_crm_note: structure CRM notes without mixing facts, AI suggestions, and human decisions.
+- prompt_risk_review: review an AI prompt or task before it is used in operations.
+
+These tools are public alpha candidates. Please use GitHub issues for bugs,
+unclear outputs, missing fields, and safe public use cases.
+
+## Start With One Review Gate
+
+The first practical use case is a review gate for AI-drafted customer replies.
+Before a team lets an AI draft leave a help desk, inbox, form workflow, or CRM,
+the tool separates three outcomes:
+
+- auto_ok: low-risk internal or routine copy can continue.
+- review_required: a human should review the draft before it is sent.
+- stop: sensitive, legal, payment, complaint, privacy, or public-facing risks
+  should be handled by a person before AI-assisted sending continues.
+
+### Quick MCP Example
+
+Example input:
+
+    {
+      "draftType": "customer support reply",
+      "audience": "customer",
+      "riskFlags": ["refund", "complaint", "personal data"],
+      "reviewOwner": "support lead",
+      "sendMode": "manual"
+    }
+
+Expected result:
+
+    {
+      "gateStatus": "stop",
+      "reviewOwner": "support lead",
+      "boundary": "This tool is a review helper. It does not send messages."
+    }
+
+Use this as a small public proof before building a larger AI support workflow.
+
+See examples/human-review-gate/ for copy-ready JSON-RPC examples and a sample
+decision log that match the free Gumroad kit.
+
+## Launch Flow
+
+See LAUNCH_FLOW.md for the first public posting plan, issue collection flow, and
+routes toward Miraigent and Agent Memories.
+
+## Run
+
+    npm run mcp
+
+Run checks:
+
+    npm run check
+    npm test
+
+Direct JSON-RPC smoke call:
+
+    printf '%s\n' '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"human_review_gate","arguments":{"draftType":"customer support reply","audience":"customer","riskFlags":["refund","complaint","personal data"],"reviewOwner":"support lead","sendMode":"manual"}}}' | npm run mcp
+
+Run the public FREE-004 example:
+
+    npm run example:human-review-gate
+
+## npm Plan
+
+Package name: @miraigent/free-ai-ops-mcp
+
+Expected command after npm publication:
+
+    npx @miraigent/free-ai-ops-mcp
+
+Publishing requires an authenticated npm account with access to the @miraigent
+scope.
+
+## Public Boundary
+
+This repository may publish:
+
+- free MCP tools for reviewable AI operations
+- examples without private customer data
+- tests and issue templates
+
+This repository must not publish:
+
+- credentials, tokens, cookies, or private keys
+- customer records
+- private company notes
+- MIRAI Memory engine details
+- working memory MCP behavior
+- full paid product files
+
+## Related Resources
+
+- Resource hub: https://miraigent.com/resources.html
+- Parent template repository: https://github.com/Miraigent/miraigent-ai-ops-templates
+- Free template library: https://miraigent.com/en/free-ai-operations-templates.html
+- Free Gumroad review kit: https://miraigent.gumroad.com/l/human-review-gate-ai-drafts

package/SECURITY.md

@@ -0,0 +1,9 @@
+# Security
+
+Do not report secrets, credentials, private customer data, or private company
+notes in public issues.
+
+For public issues, use small synthetic examples only.
+
+This repository does not include MIRAI Memory engine behavior or working memory
+MCPs.

package/examples/human-review-gate/README.md

@@ -0,0 +1,34 @@
+# Human Review Gate Example
+
+This example shows how FREE-004 connects to the public human_review_gate MCP
+tool.
+
+Use it when an AI-drafted reply is ready but you still need a human review
+decision before anything reaches a customer.
+
+## Run
+
+From the repository root:
+
+    npm run example:human-review-gate
+
+The example sends sample-request.jsonl to the MCP server and prints the
+human_review_gate result.
+
+## What To Copy Into Your Log
+
+Copy result.nextLogRow into review-gate-flow.csv or your own support log.
+
+The sample uses synthetic data only. Do not use private customer data in public
+issues, examples, or screenshots.
+
+## Expected Decision
+
+The sample includes refund, complaint, and personal data risk flags, so the tool
+should return:
+
+- gateStatus: stop
+- reviewOwner: support lead
+- boundary: this tool reviews and logs; it does not send messages
+
+This is an operations helper, not legal or compliance advice.

package/examples/human-review-gate/run-example.mjs

@@ -0,0 +1,28 @@
+import { spawn } from 'node:child_process';
+import fs from 'node:fs';
+
+const child = spawn(process.execPath, ['mcp/free-ai-ops-server.mjs'], {
+  stdio: ['pipe', 'pipe', 'inherit']
+});
+
+const request = fs.readFileSync('examples/human-review-gate/sample-request.jsonl', 'utf8');
+let stdout = '';
+
+child.stdout.on('data', (chunk) => {
+  stdout += chunk;
+});
+
+child.stdin.write(request.trim() + '\n');
+child.stdin.end();
+
+await new Promise((resolve, reject) => {
+  child.on('error', reject);
+  child.on('close', (code) => {
+    if (code !== 0) reject(new Error('server exited with ' + code));
+    else resolve();
+  });
+});
+
+const response = JSON.parse(stdout.trim());
+const payload = JSON.parse(response.result.content[0].text);
+console.log(JSON.stringify(payload, null, 2));

package/examples/human-review-gate/sample-decision-log.csv

@@ -0,0 +1,2 @@
+draft_type,audience,risk_flags,review_owner,gate_status,decision_note
+customer support reply,customer,refund; complaint; personal data,support lead,stop,Stop before sending. Assign a human owner and confirm the source policy or data-handling rule.

package/examples/human-review-gate/sample-request.jsonl

@@ -0,0 +1 @@
+{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"human_review_gate","arguments":{"draftType":"customer support reply","audience":"customer","riskFlags":["refund","complaint","personal data"],"reviewOwner":"support lead","sendMode":"manual"}}}

package/mcp/free-ai-ops-server.mjs

@@ -0,0 +1,216 @@
+#!/usr/bin/env node
+
+const serverInfo = { name: 'miraigent-free-ai-ops-mcp', version: '0.1.1' };
+
+const tools = [
+  {
+    name: 'human_review_gate',
+    description: 'Decide whether an AI draft should be sent, reviewed, or stopped.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        draftType: { type: 'string' },
+        audience: { type: 'string' },
+        riskFlags: { type: 'array', items: { type: 'string' } },
+        reviewOwner: { type: 'string' },
+        sendMode: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'faq_candidate_review',
+    description: 'Review whether an inquiry pattern should become a public FAQ, internal FAQ, human-review rule, or rejection.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        inquiryPattern: { type: 'string' },
+        frequency: { type: 'string' },
+        responseCost: { type: 'string' },
+        riskLevel: { type: 'string' },
+        currentAnswer: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'ai_safe_crm_note',
+    description: 'Structure a CRM note by separating customer facts, AI suggestions, human decisions, and next actions.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        rawNoteSummary: { type: 'string' },
+        channel: { type: 'string' },
+        containsPersonalData: { type: 'boolean' },
+        nextAction: { type: 'string' },
+        owner: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'prompt_risk_review',
+    description: 'Review an AI prompt or task before it is used in operations.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        operation: { type: 'string' },
+        promptSummary: { type: 'string' },
+        dataTypes: { type: 'array', items: { type: 'string' } },
+        customerFacing: { type: 'boolean' },
+        riskLevel: { type: 'string' }
+      }
+    }
+  }
+];
+
+function textContent(value) {
+  return [{ type: 'text', text: JSON.stringify(value, null, 2) }];
+}
+
+function normalizeRisk(value) {
+  return String(value || 'medium').toLowerCase();
+}
+
+function callTool(name, args = {}) {
+  if (name === 'human_review_gate') {
+    const flags = Array.isArray(args.riskFlags) ? args.riskFlags.map(String) : [];
+    const riskText = flags.join(' ').toLowerCase();
+    const highRisk = riskText.match(/legal|medical|payment|refund|contract|personal|privacy|complaint|public/);
+    const sendMode = String(args.sendMode || '').toLowerCase();
+    const gateStatus = highRisk ? 'stop' : sendMode.includes('auto') || flags.length ? 'review_required' : 'auto_ok';
+    const decisionNote =
+      gateStatus === 'stop'
+        ? 'Stop before sending. Assign a human owner and confirm the source policy or data-handling rule.'
+        : gateStatus === 'review_required'
+          ? 'Human review is required before this draft can be sent.'
+          : 'Light review is enough if the source facts and tone are current.';
+    return {
+      tool: name,
+      gateStatus,
+      reviewOwner: args.reviewOwner || 'human reviewer',
+      decisionNote,
+      checklist: [
+        'Confirm the draft does not include private customer data.',
+        'Confirm the source FAQ or policy is current.',
+        'Confirm the audience and send mode are appropriate.',
+        'Log the final human decision before sending.'
+      ],
+      logFields: ['draft_type', 'audience', 'risk_flags', 'review_owner', 'gate_status', 'decision_note'],
+      nextLogRow: {
+        draft_type: args.draftType || 'unspecified draft',
+        audience: args.audience || 'unspecified audience',
+        risk_flags: flags.join('; ') || 'none',
+        review_owner: args.reviewOwner || 'human reviewer',
+        gate_status: gateStatus,
+        decision_note: decisionNote
+      },
+      boundary: 'This tool is a review helper. It does not send messages.'
+    };
+  }
+
+  if (name === 'faq_candidate_review') {
+    const risk = normalizeRisk(args.riskLevel);
+    const status = risk === 'high' ? 'human_review_rule' : risk === 'medium' ? 'internal_faq' : 'public_faq_candidate';
+    return {
+      tool: name,
+      recommendedStatus: status,
+      faqOutline: {
+        questionPattern: args.inquiryPattern || 'Describe the repeated question pattern.',
+        answerScope: args.currentAnswer ? 'Review and simplify the current answer.' : 'Draft a short answer outline before publication.',
+        owner: 'FAQ reviewer'
+      },
+      reviewSignals: {
+        frequency: args.frequency || 'unknown',
+        responseCost: args.responseCost || 'unknown',
+        riskLevel: risk
+      },
+      boundary: 'Separate public FAQ, internal FAQ, and human-review rules before automation.'
+    };
+  }
+
+  if (name === 'ai_safe_crm_note') {
+    return {
+      tool: name,
+      crmNote: {
+        channel: args.channel || 'unknown',
+        customerFacts: args.rawNoteSummary || 'Add factual summary only.',
+        aiSuggestion: 'Keep AI suggestions separate from confirmed facts.',
+        humanDecision: 'Add the final human decision here.',
+        nextAction: args.nextAction || 'Define next action.',
+        owner: args.owner || 'owner required'
+      },
+      maskingChecklist: args.containsPersonalData
+        ? ['Mask names if not needed.', 'Remove contact details before AI use.', 'Avoid copying raw private text into external tools.']
+        : ['Confirm no personal data is included.', 'Keep synthetic examples in public issues.'],
+      logFields: ['channel', 'customer_facts', 'ai_suggestion', 'human_decision', 'next_action', 'owner'],
+      boundary: 'This tool structures notes. It is not an anonymizer and does not store data.'
+    };
+  }
+
+  if (name === 'prompt_risk_review') {
+    const dataTypes = Array.isArray(args.dataTypes) ? args.dataTypes.map(String) : [];
+    const risk = normalizeRisk(args.riskLevel);
+    const dataText = dataTypes.join(' ').toLowerCase();
+    const sensitiveData = dataText.match(/name|email|phone|address|payment|medical|legal|contract|personal|customer/);
+    const shouldStop = risk === 'high' || (args.customerFacing && sensitiveData);
+    return {
+      tool: name,
+      operation: args.operation || 'unspecified operation',
+      recommendation: shouldStop ? 'stop_before_ai_use' : args.customerFacing ? 'human_review_required' : 'review_checklist_required',
+      riskFlags: [
+        ...(args.customerFacing ? ['customer_facing'] : []),
+        ...(sensitiveData ? ['sensitive_data_possible'] : []),
+        ...(risk === 'high' ? ['high_risk'] : [])
+      ],
+      checklist: [
+        'Rewrite the prompt as a short task summary before sending it to AI.',
+        'Remove private customer data unless a reviewed policy allows it.',
+        'Confirm whether the output can affect a customer, payment, contract, or complaint.',
+        'Keep a human review note for the final decision.'
+      ],
+      saferNextStep: shouldStop
+        ? 'Stop and define a human-reviewed data handling rule before using this prompt.'
+        : 'Run the prompt only after documenting data handling and human review expectations.',
+      boundary: 'This tool is a prompt risk helper. It is not legal advice and does not call an AI API.'
+    };
+  }
+
+  throw new Error('Unknown tool: ' + name);
+}
+
+function handle(request) {
+  if (request.method === 'initialize') {
+    return {
+      protocolVersion: '2024-11-05',
+      capabilities: { tools: {} },
+      serverInfo
+    };
+  }
+
+  if (request.method === 'tools/list') {
+    return { tools };
+  }
+
+  if (request.method === 'tools/call') {
+    const params = request.params || {};
+    return { content: textContent(callTool(params.name, params.arguments || {})) };
+  }
+
+  throw new Error('Unsupported method: ' + request.method);
+}
+
+let buffer = '';
+process.stdin.setEncoding('utf8');
+process.stdin.on('data', (chunk) => {
+  buffer += chunk;
+  const lines = buffer.split('\n');
+  buffer = lines.pop() || '';
+  for (const line of lines) {
+    if (!line.trim()) continue;
+    const request = JSON.parse(line);
+    try {
+      const result = handle(request);
+      process.stdout.write(JSON.stringify({ jsonrpc: '2.0', id: request.id, result }) + '\n');
+    } catch (error) {
+      process.stdout.write(JSON.stringify({ jsonrpc: '2.0', id: request.id, error: { code: -32000, message: error.message } }) + '\n');
+    }
+  }
+});

package/package.json

@@ -0,0 +1,44 @@
+{
+  "name": "@miraigent/free-ai-ops-mcp",
+  "version": "0.1.1",
+  "description": "Free MCP tools for human-reviewed AI operations.",
+  "homepage": "https://github.com/Miraigent/miraigent-free-ai-ops-mcp",
+  "type": "module",
+  "private": false,
+  "license": "MIT",
+  "files": [
+    "README.md",
+    "LAUNCH_FLOW.md",
+    "LICENSE",
+    "CHANGELOG.md",
+    "SECURITY.md",
+    "CONTRIBUTING.md",
+    "examples/",
+    "mcp/",
+    "scripts/"
+  ],
+  "bin": {
+    "miraigent-free-ai-ops-mcp": "mcp/free-ai-ops-server.mjs"
+  },
+  "scripts": {
+    "check": "node --check mcp/free-ai-ops-server.mjs && node --check scripts/smoke-test.mjs && node --check scripts/secret-scan.mjs && node scripts/secret-scan.mjs",
+    "test": "node scripts/smoke-test.mjs",
+    "example:human-review-gate": "node examples/human-review-gate/run-example.mjs",
+    "mcp": "node mcp/free-ai-ops-server.mjs"
+  },
+  "keywords": [
+    "mcp",
+    "ai-operations",
+    "human-review",
+    "ai-safety",
+    "crm",
+    "faq"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Miraigent/miraigent-free-ai-ops-mcp.git"
+  },
+  "bugs": {
+    "url": "https://github.com/Miraigent/miraigent-free-ai-ops-mcp/issues"
+  }
+}

package/scripts/secret-scan.mjs

@@ -0,0 +1,38 @@
+import fs from 'node:fs';
+import path from 'node:path';
+
+const root = process.cwd();
+const ignoredDirs = new Set(['.git', 'node_modules']);
+const patterns = [
+  /sk-[A-Za-z0-9_-]{20,}/,
+  /ghp_[A-Za-z0-9_]{20,}/,
+  /github_pat_[A-Za-z0-9_]{20,}/,
+  /xox[baprs]-[A-Za-z0-9-]{20,}/,
+  /-----BEGIN (RSA |OPENSSH |EC |DSA )?PRIVATE KEY-----/
+];
+
+function walk(dir) {
+  const entries = fs.readdirSync(dir, { withFileTypes: true });
+  return entries.flatMap((entry) => {
+    if (ignoredDirs.has(entry.name)) return [];
+    const full = path.join(dir, entry.name);
+    if (entry.isDirectory()) return walk(full);
+    return [full];
+  });
+}
+
+let failed = false;
+for (const file of walk(root)) {
+  const rel = path.relative(root, file);
+  const ext = path.extname(file).toLowerCase();
+  if (!['.md', '.json', '.js', '.mjs', '.yml', '.yaml', '.txt', ''].includes(ext)) continue;
+  const body = fs.readFileSync(file, 'utf8');
+  for (const pattern of patterns) {
+    if (pattern.test(body)) {
+      console.error(rel + ': possible secret matched ' + pattern);
+      failed = true;
+    }
+  }
+}
+
+if (failed) process.exit(1);

package/scripts/smoke-test.mjs

@@ -0,0 +1,102 @@
+import { spawn } from 'node:child_process';
+import assert from 'node:assert';
+import { readFile } from 'node:fs/promises';
+
+const packageJson = JSON.parse(await readFile(new URL('../package.json', import.meta.url), 'utf8'));
+
+const child = spawn(process.execPath, ['mcp/free-ai-ops-server.mjs'], {
+  stdio: ['pipe', 'pipe', 'inherit']
+});
+
+const requests = [
+  { jsonrpc: '2.0', id: 1, method: 'initialize', params: {} },
+  { jsonrpc: '2.0', id: 2, method: 'tools/list', params: {} },
+  {
+    jsonrpc: '2.0',
+    id: 3,
+    method: 'tools/call',
+    params: {
+      name: 'human_review_gate',
+      arguments: {
+        draftType: 'support reply',
+        audience: 'customer',
+        riskFlags: ['privacy'],
+        reviewOwner: 'support lead',
+        sendMode: 'manual'
+      }
+    }
+  },
+  {
+    jsonrpc: '2.0',
+    id: 4,
+    method: 'tools/call',
+    params: {
+      name: 'faq_candidate_review',
+      arguments: {
+        inquiryPattern: 'pricing plan difference',
+        frequency: 'high',
+        responseCost: 'medium',
+        riskLevel: 'low'
+      }
+    }
+  },
+  {
+    jsonrpc: '2.0',
+    id: 5,
+    method: 'tools/call',
+    params: {
+      name: 'ai_safe_crm_note',
+      arguments: {
+        rawNoteSummary: 'Customer asked about setup timing.',
+        channel: 'form',
+        containsPersonalData: false,
+        nextAction: 'send setup checklist',
+        owner: 'sales'
+      }
+    }
+  },
+  {
+    jsonrpc: '2.0',
+    id: 6,
+    method: 'tools/call',
+    params: {
+      name: 'prompt_risk_review',
+      arguments: {
+        operation: 'support automation',
+        promptSummary: 'Draft a customer reply from inquiry details.',
+        dataTypes: ['customer email', 'inquiry body'],
+        customerFacing: true,
+        riskLevel: 'medium'
+      }
+    }
+  }
+];
+
+let stdout = '';
+child.stdout.on('data', (chunk) => {
+  stdout += chunk;
+});
+
+for (const request of requests) {
+  child.stdin.write(JSON.stringify(request) + '\n');
+}
+child.stdin.end();
+
+await new Promise((resolve, reject) => {
+  child.on('error', reject);
+  child.on('close', (code) => {
+    if (code !== 0) reject(new Error('server exited with ' + code));
+    else resolve();
+  });
+});
+
+const responses = stdout.trim().split('\n').map((line) => JSON.parse(line));
+assert.equal(responses.length, requests.length);
+assert.equal(responses[0].result.serverInfo.name, 'miraigent-free-ai-ops-mcp');
+assert.equal(responses[0].result.serverInfo.version, packageJson.version);
+assert.equal(responses[1].result.tools.length, 4);
+assert.match(responses[2].result.content[0].text, /review_required|stop/);
+assert.match(responses[2].result.content[0].text, /nextLogRow/);
+assert.match(responses[3].result.content[0].text, /public_faq_candidate/);
+assert.match(responses[4].result.content[0].text, /crmNote/);
+assert.match(responses[5].result.content[0].text, /stop_before_ai_use|human_review_required/);