@openparachute/agent 0.1.1 → 0.2.0

package/src/log.ts

@@ -1,117 +0,0 @@
-import fs from 'node:fs';
-import path from 'node:path';
-
-const LEVELS = { debug: 20, info: 30, warn: 40, error: 50, fatal: 60 } as const;
-type Level = keyof typeof LEVELS;
-
-const COLORS: Record<Level, string> = {
-  debug: '\x1b[34m',
-  info: '\x1b[32m',
-  warn: '\x1b[33m',
-  error: '\x1b[31m',
-  fatal: '\x1b[41m\x1b[37m',
-};
-const KEY_COLOR = '\x1b[35m';
-const MSG_COLOR = '\x1b[36m';
-const RESET = '\x1b[39m';
-const FULL_RESET = '\x1b[0m';
-
-const threshold = LEVELS[(process.env.LOG_LEVEL as Level) || 'info'] ?? LEVELS.info;
-
-function formatErr(err: unknown): string {
-  if (err instanceof Error) {
-    return `{ type: "${err.constructor.name}", message: "${err.message}", stack: ${err.stack} }`;
-  }
-  return JSON.stringify(err);
-}
-
-function formatData(data: Record<string, unknown>): string {
-  const parts: string[] = [];
-  for (const [k, v] of Object.entries(data)) {
-    parts.push(`${KEY_COLOR}${k}${RESET}=${k === 'err' ? formatErr(v) : JSON.stringify(v)}`);
-  }
-  return parts.length ? ' ' + parts.join(' ') : '';
-}
-
-function ts(): string {
-  const d = new Date();
-  const hh = String(d.getHours()).padStart(2, '0');
-  const mm = String(d.getMinutes()).padStart(2, '0');
-  const ss = String(d.getSeconds()).padStart(2, '0');
-  const ms = String(d.getMilliseconds()).padStart(3, '0');
-  return `${hh}:${mm}:${ss}.${ms}`;
-}
-
-function emit(level: Level, msg: string, data?: Record<string, unknown>): void {
-  if (LEVELS[level] < threshold) return;
-  const tag = `${COLORS[level]}${level.toUpperCase()}${level === 'fatal' ? FULL_RESET : RESET}`;
-  const stream = LEVELS[level] >= LEVELS.warn ? process.stderr : process.stdout;
-  stream.write(`[${ts()}] ${tag} ${MSG_COLOR}${msg}${RESET}${data ? formatData(data) : ''}\n`);
-}
-
-export const log = {
-  debug: (msg: string, data?: Record<string, unknown>) => emit('debug', msg, data),
-  info: (msg: string, data?: Record<string, unknown>) => emit('info', msg, data),
-  warn: (msg: string, data?: Record<string, unknown>) => emit('warn', msg, data),
-  error: (msg: string, data?: Record<string, unknown>) => emit('error', msg, data),
-  fatal: (msg: string, data?: Record<string, unknown>) => emit('fatal', msg, data),
-};
-
-process.on('uncaughtException', (err) => {
-  log.fatal('Uncaught exception', { err });
-  process.exit(1);
-});
-
-process.on('unhandledRejection', (reason) => {
-  log.error('Unhandled rejection', { err: reason });
-});
-
-/**
- * One-shot rename of `<root>/logs/paraclaw{,.error}.log` to the
- * `parachute-agent` names. Called early at host startup so any tooling
- * tailing the new path picks up historical entries without an operator
- * rm/mv step.
- *
- * Caveat operators must know: the running daemon's stdout/stderr
- * descriptors are whatever the supervisor (launchd plist / systemd
- * unit) opened — until the operator re-runs `parachute install
- * parachute-agent` to regenerate the unit, the supervisor still routes
- * stdout to `paraclaw.log`. On the next supervisor-driven respawn, a
- * fresh `paraclaw.log` is recreated and new entries land there. The
- * migration is purely about preserving the historical file under the
- * new name; the live cutover happens at unit regeneration.
- *
- * Idempotent: only renames when `paraclaw*.log` exists and the new path
- * is absent. Best-effort: rename failures (permission / race) log and
- * continue. Drop in 0.2.0 along with the rest of the paraclaw-era
- * compat sweep.
- */
-export function migrateLegacyLogFilenames(projectRoot: string): void {
-  const logsDir = path.join(projectRoot, 'logs');
-  const pairs: Array<[legacy: string, current: string]> = [
-    ['paraclaw.log', 'parachute-agent.log'],
-    ['paraclaw.error.log', 'parachute-agent.error.log'],
-  ];
-  for (const [legacyName, currentName] of pairs) {
-    const legacy = path.join(logsDir, legacyName);
-    const current = path.join(logsDir, currentName);
-    let legacyExists: boolean;
-    try {
-      legacyExists = fs.statSync(legacy).isFile();
-    } catch {
-      continue;
-    }
-    if (!legacyExists) continue;
-    if (fs.existsSync(current)) continue;
-    try {
-      fs.renameSync(legacy, current);
-      log.info('Log file migrated from legacy name', {
-        from: legacy,
-        to: current,
-        note: 'supervisor unit regeneration writes new entries here only after `parachute install parachute-agent`',
-      });
-    } catch (err) {
-      log.warn('Could not migrate legacy log filename', { from: legacy, to: current, err });
-    }
-  }
-}

package/src/mcp/http.ts

@@ -1,72 +0,0 @@
-/**
- * HTTP MCP transport. Mounted at `/mcp` in `src/web/server.ts`.
- *
- * Auth: hub-issued JWT via `authenticate()` — same seam every other
- * `/api/*` route uses. The strongest agent scope on the token's grant
- * becomes the server's `effectiveScope`, which gates `tools/list` +
- * `tools/call`. We require at minimum `agent:read` to even open the
- * MCP session — without it there's nothing to advertise.
- *
- * Stateless mode: a fresh server + transport pair per HTTP request,
- * with `sessionIdGenerator: undefined`. Each invocation closes its
- * server in `finally` so we don't leak Protocol instances. The cost
- * is one Server allocation per call; the win is no shared session
- * map to evict from.
- */
-import http from 'node:http';
-
-import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
-
-import { authenticate, type AgentScope } from '../web/auth.js';
-import { log } from '../log.js';
-import { buildMcpServer } from './server.js';
-
-function pickEffectiveScope(grantedScopes: string[]): AgentScope {
-  // Pre-0.1.0 compat: legacy `claw:*` grants are accepted alongside the new
-  // `agent:*` vocabulary. Both map to the same effective scope. Drop the
-  // legacy half in 0.2.0.
-  if (
-    grantedScopes.includes('agent:admin') ||
-    grantedScopes.includes('claw:admin') ||
-    grantedScopes.includes('vault:admin')
-  ) {
-    return 'agent:admin';
-  }
-  if (grantedScopes.includes('agent:write') || grantedScopes.includes('claw:write')) return 'agent:write';
-  return 'agent:read';
-}
-
-export async function handleMcpHttp(
-  req: http.IncomingMessage,
-  res: http.ServerResponse,
-  parsedBody?: unknown,
-): Promise<void> {
-  const auth = await authenticate(req.headers.authorization, 'agent:read');
-  if (!auth.ok) {
-    res.writeHead(auth.status, { 'content-type': 'application/json' });
-    res.end(JSON.stringify({ error: auth.error }));
-    return;
-  }
-
-  const effectiveScope = pickEffectiveScope(auth.claims.scopes);
-  const { server } = buildMcpServer({
-    effectiveScope,
-    callerSubject: auth.claims.sub,
-  });
-
-  const transport = new StreamableHTTPServerTransport({ sessionIdGenerator: undefined });
-  try {
-    await server.connect(transport);
-    await transport.handleRequest(req, res, parsedBody);
-  } catch (err) {
-    log.error('mcp http handler failed', { error: err instanceof Error ? err.message : String(err) });
-    if (!res.headersSent) {
-      res.writeHead(500, { 'content-type': 'application/json' });
-      res.end(JSON.stringify({ error: 'internal mcp error' }));
-    }
-  } finally {
-    await server.close().catch(() => {
-      // best-effort; the request is already done
-    });
-  }
-}

package/src/mcp/server.ts

@@ -1,92 +0,0 @@
-/**
- * Build a paraclaw MCP server. Same registry serves both transports
- * (stdio + HTTP). Scope-filtering: tools are advertised in `tools/list`
- * only when the caller's effective scope satisfies the tool's required
- * scope (per `hasScope`); `tools/call` re-validates scope + disabled
- * status before invocation.
- *
- * Why one tool list per server (not per registry): the disabled-tool
- * filter is the same code on every server build, so building the list
- * once at construct time is fine. The factory is per-request only on
- * HTTP, where the JWT changes per request.
- */
-import { Server } from '@modelcontextprotocol/sdk/server/index.js';
-import { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';
-
-import { hasScope, type AgentScope } from '../web/auth.js';
-import type { ToolDef } from './types.js';
-import { buildAllTools } from './tools/index.js';
-
-export const MCP_SERVER_NAME = 'parachute-agent';
-export const MCP_SERVER_VERSION = '0.1.0';
-
-export interface ServerHooks {
-  /** Strongest agent scope the caller has. Used to filter advertise + gate calls. */
-  effectiveScope: AgentScope;
-  /** JWT `sub` for HTTP, `mcp:stdio` for stdio. Threaded into approval-decide attribution. */
-  callerSubject: string;
-}
-
-export function buildMcpServer(hooks: ServerHooks): { server: Server; tools: ToolDef[] } {
-  const tools = buildAllTools(() => hooks.callerSubject);
-
-  const server = new Server({ name: MCP_SERVER_NAME, version: MCP_SERVER_VERSION }, { capabilities: { tools: {} } });
-
-  server.setRequestHandler(ListToolsRequestSchema, async () => {
-    return {
-      tools: tools
-        .filter((t) => !t.disabled && hasScope([hooks.effectiveScope], t.scope))
-        .map((t) => ({
-          name: t.name,
-          description: t.description,
-          inputSchema: t.inputSchema,
-        })),
-    };
-  });
-
-  server.setRequestHandler(CallToolRequestSchema, async (req) => {
-    const name = req.params.name;
-    const tool = tools.find((t) => t.name === name);
-    if (!tool) {
-      return {
-        isError: true,
-        content: [{ type: 'text', text: `unknown tool: ${name}` }],
-      };
-    }
-    if (tool.disabled) {
-      return {
-        isError: true,
-        content: [{ type: 'text', text: `tool disabled: ${tool.disabled.reason}` }],
-      };
-    }
-    if (!hasScope([hooks.effectiveScope], tool.scope)) {
-      return {
-        isError: true,
-        content: [
-          {
-            type: 'text',
-            text: `insufficient scope: tool '${name}' requires '${tool.scope}', caller has '${hooks.effectiveScope}'`,
-          },
-        ],
-      };
-    }
-    try {
-      const args = (req.params.arguments ?? {}) as Record<string, unknown>;
-      const result = await tool.handler(args, {
-        effectiveScope: hooks.effectiveScope,
-        callerSubject: hooks.callerSubject,
-      });
-      return {
-        content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
-      };
-    } catch (err) {
-      const message = err instanceof Error ? err.message : String(err);
-      return {
-        isError: true,
-        content: [{ type: 'text', text: message }],
-      };
-    }
-  });
-
-  return { server, tools };
-}

package/src/mcp/stdio.ts

@@ -1,51 +0,0 @@
-#!/usr/bin/env bun
-/**
- * stdio MCP transport entrypoint. Wired with `claude mcp add parachute-agent
- * bun /path/to/parachute-agent/src/mcp/stdio.ts`.
- *
- * Stdio is a same-machine ambient-trust surface — the operator already has
- * filesystem access, so we default to `agent:admin`. No JWT, no per-call
- * auth.
- *
- * Stdout discipline: parachute-agent's `log.ts` writes info-level messages to
- * `process.stdout`, which would corrupt the JSON-RPC stream the SDK
- * speaks over stdout. We promote LOG_LEVEL to 'warn' BEFORE any module
- * that uses `log` is loaded — dynamic imports below — so the logger
- * never writes a line that isn't a JSON-RPC frame.
- */
-if (!process.env.LOG_LEVEL || ['debug', 'info'].includes(process.env.LOG_LEVEL)) {
-  process.env.LOG_LEVEL = 'warn';
-}
-
-const { StdioServerTransport } = await import('@modelcontextprotocol/sdk/server/stdio.js');
-const { initDb } = await import('../db/connection.js');
-const { runMigrations } = await import('../db/migrations/index.js');
-const { CENTRAL_DB_PATH } = await import('../config.js');
-const { buildMcpServer } = await import('./server.js');
-
-const STDIO_USER_ID = 'mcp:stdio';
-
-async function main(): Promise<void> {
-  // Open the central DB read-write so admin tools (create-agent-group,
-  // put-secret, decide-approval) can mutate. The host process owns the
-  // sole writer in production, but stdio is operator-driven and run
-  // out-of-band — concurrent writers are tolerable for the human-paced
-  // stdio path. Pragmas (WAL, busy_timeout) are set in `connection.ts`.
-  const db = initDb(CENTRAL_DB_PATH);
-  runMigrations(db);
-
-  const { server } = buildMcpServer({
-    effectiveScope: 'agent:admin',
-    callerSubject: STDIO_USER_ID,
-  });
-
-  const transport = new StdioServerTransport();
-  await server.connect(transport);
-}
-
-main().catch((err) => {
-  process.stderr.write(
-    `parachute-agent mcp stdio fatal: ${err instanceof Error ? (err.stack ?? err.message) : String(err)}\n`,
-  );
-  process.exit(1);
-});

package/src/mcp/tools/activity.ts

@@ -1,88 +0,0 @@
-/**
- * Activity-log MCP tool. Mirrors `/api/groups/:folder/activity` and
- * `/api/sessions/:id/activity` — read-only feed of tool invocations from
- * the central `agent_activity` table. Same auth scope (`agent:read`) and
- * the same default/max limits the HTTP route enforces.
- *
- * One of `agentGroupId` or `sessionId` is required; if both are given the
- * session filter wins (it's a strict subset of the group). Targets are
- * canonical ids — not folders — because the MCP surface is id-keyed
- * elsewhere (sessions, secrets, approvals).
- */
-import { listActivityByAgentGroup, listActivityBySession } from '../../db/agent-activity.js';
-import { getAgentGroup } from '../../db/agent-groups.js';
-import { getSession } from '../../db/sessions.js';
-import type { ToolDef } from '../types.js';
-
-const DEFAULT_LIMIT = 100;
-const MAX_LIMIT = 500;
-
-interface ActivityView {
-  id: string;
-  agentGroupId: string;
-  sessionId: string;
-  kind: string;
-  target: string | null;
-  summary: string | null;
-  createdAt: string;
-}
-
-function toView(r: {
-  id: string;
-  agent_group_id: string;
-  session_id: string;
-  kind: string;
-  target: string | null;
-  summary: string | null;
-  created_at: string;
-}): ActivityView {
-  return {
-    id: r.id,
-    agentGroupId: r.agent_group_id,
-    sessionId: r.session_id,
-    kind: r.kind,
-    target: r.target,
-    summary: r.summary,
-    createdAt: r.created_at,
-  };
-}
-
-function clampLimit(raw: unknown): number {
-  if (typeof raw !== 'number' || !Number.isFinite(raw) || raw <= 0) return DEFAULT_LIMIT;
-  return Math.min(Math.floor(raw), MAX_LIMIT);
-}
-
-export const activityTools: ToolDef[] = [
-  {
-    name: 'get-activity',
-    description:
-      'List recent agent tool invocations from agent_activity. Requires either agentGroupId or sessionId; if both, sessionId wins. Optional `since` (ISO 8601) returns only newer rows. Default limit 100, hard-capped at 500.',
-    scope: 'agent:read',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        agentGroupId: { type: 'string', description: 'Agent group id (canonical, not folder).' },
-        sessionId: { type: 'string', description: 'Session id. Wins over agentGroupId if both given.' },
-        since: { type: 'string', description: 'Only return rows with created_at > this ISO 8601 timestamp.' },
-        limit: { type: 'number', description: 'Max rows. Defaults to 100, capped at 500.' },
-      },
-      additionalProperties: false,
-    },
-    handler: async (args) => {
-      const sessionId = typeof args.sessionId === 'string' && args.sessionId.length ? args.sessionId : null;
-      const agentGroupId = typeof args.agentGroupId === 'string' && args.agentGroupId.length ? args.agentGroupId : null;
-      if (!sessionId && !agentGroupId) {
-        throw new Error('one of agentGroupId or sessionId is required');
-      }
-      const since = typeof args.since === 'string' && args.since.length ? args.since : undefined;
-      const limit = clampLimit(args.limit);
-
-      if (sessionId) {
-        if (!getSession(sessionId)) throw new Error(`session not found: ${sessionId}`);
-        return { activity: listActivityBySession(sessionId, { since, limit }).map(toView) };
-      }
-      if (!getAgentGroup(agentGroupId!)) throw new Error(`agent group not found: ${agentGroupId}`);
-      return { activity: listActivityByAgentGroup(agentGroupId!, { since, limit }).map(toView) };
-    },
-  },
-];

package/src/mcp/tools/agent-groups.ts

@@ -1,183 +0,0 @@
-/**
- * MCP tools for the agent-group surface — list / get / create. Mirrors what
- * the web UI exposes at `/api/groups/*`, but calls the internal helpers
- * directly rather than HTTP-round-tripping.
- *
- * Vault attach is exposed as a separate `attach-vault` tool because the
- * input shape is meaningfully different (token + scope + label, not a
- * simple group field). It refuses unknown groups with a structured error
- * rather than silently no-op'ing — the test suite leans on that contract.
- */
-import {
-  attachVaultToGroup,
-  detachVaultFromGroup,
-  readVaultAttachment,
-  DEFAULT_VAULT_MCP_NAME,
-} from '../../parachute/vault-mcp.js';
-import type { VaultScope } from '../../parachute/types.js';
-import { getAgentGroup, getAgentGroupByFolder, getAllAgentGroups } from '../../db/agent-groups.js';
-import { createParachuteAgentGroup, isFolderTaken, validateFolderSlug } from '../../parachute/create-agent.js';
-import { getGroupStatus } from '../../parachute/group-status.js';
-import type { ToolDef } from '../types.js';
-
-function viewForGroup(folder: string): Record<string, unknown> | null {
-  const row = getAgentGroupByFolder(folder);
-  if (!row) return null;
-  return {
-    id: row.id,
-    name: row.name,
-    folder: row.folder,
-    agentProvider: row.agent_provider,
-    createdAt: row.created_at,
-    vault: readVaultAttachment(row.folder),
-    status: getGroupStatus(row.folder),
-  };
-}
-
-const VALID_VAULT_SCOPES: VaultScope[] = ['vault:read', 'vault:write', 'vault:admin'];
-
-export const agentGroupTools: ToolDef[] = [
-  {
-    name: 'list-agent-groups',
-    description:
-      'List every agent group (workspace) in the install. Returns id, folder, name, agent provider, vault attachment, and live status (alive sessions, container state).',
-    scope: 'agent:read',
-    inputSchema: { type: 'object', properties: {}, additionalProperties: false },
-    handler: async () => {
-      return {
-        groups: getAllAgentGroups().map((row) => ({
-          id: row.id,
-          name: row.name,
-          folder: row.folder,
-          agentProvider: row.agent_provider,
-          createdAt: row.created_at,
-          vault: readVaultAttachment(row.folder),
-          status: getGroupStatus(row.folder),
-        })),
-      };
-    },
-  },
-  {
-    name: 'get-agent-group',
-    description:
-      'Look up a single agent group by folder slug. Same view shape as list-agent-groups. Returns null when the folder is unknown.',
-    scope: 'agent:read',
-    inputSchema: {
-      type: 'object',
-      properties: { folder: { type: 'string', description: 'Folder slug, e.g. "my-agent".' } },
-      required: ['folder'],
-      additionalProperties: false,
-    },
-    handler: async (args) => {
-      const folder = String(args.folder ?? '').trim();
-      if (!folder) throw new Error('folder is required');
-      const view = viewForGroup(folder);
-      if (!view) throw new Error(`agent group not found: ${folder}`);
-      return view;
-    },
-  },
-  {
-    name: 'create-agent-group',
-    description:
-      'Create a new agent group. Validates the folder slug, refuses duplicates, writes the DB row, and scaffolds the per-group filesystem (CLAUDE.md, container.json, …).',
-    scope: 'agent:admin',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        name: { type: 'string', description: 'Display name.' },
-        folder: { type: 'string', description: 'URL-safe slug (kebab-case).' },
-        instructions: { type: 'string', description: 'Optional CLAUDE.md content for the group.' },
-      },
-      required: ['name', 'folder'],
-      additionalProperties: false,
-    },
-    handler: async (args) => {
-      const name = String(args.name ?? '').trim();
-      const folder = String(args.folder ?? '').trim();
-      if (!name) throw new Error('name is required');
-      const folderCheck = validateFolderSlug(folder);
-      if (!folderCheck.ok) throw new Error(`invalid folder: ${folderCheck.reason}`);
-      if (isFolderTaken(folder)) throw new Error(`folder already exists: ${folder}`);
-      const instructions = typeof args.instructions === 'string' ? args.instructions : undefined;
-      const result = createParachuteAgentGroup({ name, folder, instructions });
-      return {
-        group: {
-          id: result.group.id,
-          name: result.group.name,
-          folder: result.group.folder,
-          agentProvider: result.group.agent_provider,
-          createdAt: result.group.created_at,
-        },
-      };
-    },
-  },
-  {
-    name: 'attach-vault',
-    description:
-      "Attach a Parachute Vault to an agent group as an MCP server. Writes the entry into the group's container.json and records the attachment in parachute.json. The vault token must already be minted.",
-    scope: 'agent:admin',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        folder: { type: 'string', description: 'Agent group folder slug.' },
-        vaultBaseUrl: { type: 'string', description: 'Vault base URL, no trailing slash, no /mcp suffix.' },
-        vaultToken: { type: 'string', description: 'pvt_… token to bake into the MCP entry.' },
-        scope: {
-          type: 'string',
-          enum: VALID_VAULT_SCOPES,
-          description: 'Scope this token was minted at.',
-        },
-        tokenLabel: { type: 'string', description: 'Token label (matches vault registration).' },
-        mcpName: { type: 'string', description: 'Optional MCP entry name. Defaults to "parachute-vault".' },
-        instructions: { type: 'string', description: 'Optional in-context instructions for the agent.' },
-      },
-      required: ['folder', 'vaultBaseUrl', 'vaultToken', 'scope', 'tokenLabel'],
-      additionalProperties: false,
-    },
-    handler: async (args) => {
-      const folder = String(args.folder ?? '').trim();
-      if (!folder) throw new Error('folder is required');
-      if (!getAgentGroupByFolder(folder)) throw new Error(`agent group not found: ${folder}`);
-      const scope = String(args.scope ?? '');
-      if (!VALID_VAULT_SCOPES.includes(scope as VaultScope)) {
-        throw new Error(`invalid scope: ${scope}`);
-      }
-      attachVaultToGroup({
-        folder,
-        vaultBaseUrl: String(args.vaultBaseUrl ?? '').replace(/\/+$/, ''),
-        vaultToken: String(args.vaultToken ?? ''),
-        scope: scope as VaultScope,
-        tokenLabel: String(args.tokenLabel ?? ''),
-        mcpName: typeof args.mcpName === 'string' ? args.mcpName : undefined,
-        instructions: typeof args.instructions === 'string' ? args.instructions : undefined,
-      });
-      const mcpName = typeof args.mcpName === 'string' ? args.mcpName : DEFAULT_VAULT_MCP_NAME;
-      return { vault: readVaultAttachment(folder, mcpName) };
-    },
-  },
-  {
-    name: 'detach-vault',
-    description:
-      "Detach a previously attached vault from an agent group. Removes the MCP entry from container.json and the attach record from parachute.json. Does NOT revoke the vault token — that's a separate action against the vault.",
-    scope: 'agent:admin',
-    inputSchema: {
-      type: 'object',
-      properties: {
-        folder: { type: 'string', description: 'Agent group folder slug.' },
-        mcpName: { type: 'string', description: 'Optional MCP entry name. Defaults to "parachute-vault".' },
-      },
-      required: ['folder'],
-      additionalProperties: false,
-    },
-    handler: async (args) => {
-      const folder = String(args.folder ?? '').trim();
-      if (!folder) throw new Error('folder is required');
-      if (!getAgentGroup(folder) && !getAgentGroupByFolder(folder)) {
-        throw new Error(`agent group not found: ${folder}`);
-      }
-      const mcpName = typeof args.mcpName === 'string' ? args.mcpName : DEFAULT_VAULT_MCP_NAME;
-      detachVaultFromGroup(folder, mcpName);
-      return { detached: true, folder, mcpName };
-    },
-  },
-];