@papyruslabsai/seshat-mcp 0.13.1 → 0.13.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +51 -29
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -13,20 +13,29 @@ import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js'
|
|
|
13
13
|
import { CallToolRequestSchema, ListToolsRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
|
|
14
14
|
// ─── Server Instructions ─────────────────────────────────────────
|
|
15
15
|
// Sent to the LLM at connection time. This is the "first contact" pitch.
|
|
16
|
-
const SERVER_INSTRUCTIONS = `Seshat provides structural code analysis backed by a compiled intermediate representation — not heuristic guesses or text search. Every function, class, and route in the synced codebase has been extracted into a typed symbol graph with dependency edges, data flow, constraints, and architectural layer tags.
|
|
16
|
+
const SERVER_INSTRUCTIONS = `Seshat provides structural code analysis backed by a compiled intermediate representation — not heuristic guesses or text search. Every function, class, and route in the synced codebase has been extracted into a typed symbol graph with dependency edges, data flow, constraints, and architectural layer tags. Results are precise and complete — if Seshat says a function has 3 callers, it has exactly 3 callers.
|
|
17
17
|
|
|
18
|
-
Use
|
|
19
|
-
- "
|
|
20
|
-
- "
|
|
21
|
-
- "
|
|
22
|
-
- "
|
|
18
|
+
Use Seshat tools instead of grep/Read when you need to understand code structure. Each tool maps to a question you're already asking:
|
|
19
|
+
- "What projects are loaded?" → list_projects
|
|
20
|
+
- "How is the codebase organized?" → list_modules
|
|
21
|
+
- "What's the full API surface?" → get_topology
|
|
22
|
+
- "Find functions by name or layer" → query_entities
|
|
23
|
+
- "Deep-dive a single function" → get_entity
|
|
24
|
+
- "Who calls this / what does it call?" → get_dependencies
|
|
25
|
+
- "What breaks if I change this?" → get_blast_radius
|
|
26
|
+
- "What data does this read/write/mutate?" → get_data_flow
|
|
27
|
+
- "Which functions touch the DB / require auth / throw?" → find_by_constraint
|
|
28
|
+
- "Which endpoints require auth and which don't?" → get_auth_matrix
|
|
29
|
+
- "Where is sensitive data exposed without protection?" → find_exposure_leaks
|
|
30
|
+
- "What should I read before modifying X?" → get_optimal_context
|
|
31
|
+
- "What tier am I on / what tools are available?" → get_account_status
|
|
23
32
|
|
|
24
|
-
|
|
33
|
+
All tools are read-only and safe to call speculatively — there is no cost to trying them.
|
|
25
34
|
|
|
26
|
-
get_blast_radius and get_optimal_context are designed
|
|
35
|
+
get_blast_radius and get_optimal_context are designed to be called iteratively. Start with any entity, then feed discovered entities back in to expand your understanding. Each round reveals new structure that informs where to look next. When answering "what does this system do?" questions, a few rounds of blast_radius → get_entity → blast_radius on the newly discovered symbols will build a complete picture faster than reading files.`;
|
|
27
36
|
const TIER_ORDER = ['cartographer', 'analyst', 'architect'];
|
|
28
37
|
const TOOL_TIERS = {
|
|
29
|
-
// Cartographer (free) — explore and
|
|
38
|
+
// Cartographer (free) — explore, navigate, and assess security surface
|
|
30
39
|
list_projects: 'cartographer',
|
|
31
40
|
query_entities: 'cartographer',
|
|
32
41
|
get_entity: 'cartographer',
|
|
@@ -37,17 +46,17 @@ const TOOL_TIERS = {
|
|
|
37
46
|
list_modules: 'cartographer',
|
|
38
47
|
get_topology: 'cartographer',
|
|
39
48
|
get_optimal_context: 'cartographer',
|
|
40
|
-
|
|
49
|
+
get_auth_matrix: 'cartographer',
|
|
50
|
+
find_exposure_leaks: 'cartographer',
|
|
51
|
+
// Analyst (tier 2) — audit and diagnose
|
|
41
52
|
find_dead_code: 'analyst',
|
|
42
53
|
find_layer_violations: 'analyst',
|
|
43
54
|
get_coupling_metrics: 'analyst',
|
|
44
|
-
get_auth_matrix: 'analyst',
|
|
45
55
|
find_error_gaps: 'analyst',
|
|
46
56
|
get_test_coverage: 'analyst',
|
|
47
57
|
find_runtime_violations: 'analyst',
|
|
48
58
|
find_ownership_violations: 'analyst',
|
|
49
59
|
query_traits: 'analyst',
|
|
50
|
-
find_exposure_leaks: 'analyst',
|
|
51
60
|
find_semantic_clones: 'analyst',
|
|
52
61
|
// Architect (tier 3) — simulate, estimate, and act
|
|
53
62
|
estimate_task_cost: 'architect',
|
|
@@ -460,7 +469,7 @@ function getCloudUrl(path) {
|
|
|
460
469
|
async function main() {
|
|
461
470
|
const server = new Server({
|
|
462
471
|
name: 'seshat',
|
|
463
|
-
version: '0.13.
|
|
472
|
+
version: '0.13.2',
|
|
464
473
|
}, {
|
|
465
474
|
capabilities: { tools: {} },
|
|
466
475
|
instructions: SERVER_INSTRUCTIONS,
|
|
@@ -521,24 +530,37 @@ async function main() {
|
|
|
521
530
|
const account = await res.json();
|
|
522
531
|
const userTier = account.tier || 'cartographer';
|
|
523
532
|
const credits = account.credits || 0;
|
|
524
|
-
// Build
|
|
525
|
-
const
|
|
526
|
-
|
|
527
|
-
analyst: { available: [], locked: [] },
|
|
528
|
-
architect: { available: [], locked: [] },
|
|
529
|
-
};
|
|
533
|
+
// Build response: lead with what you CAN do, not what you can't
|
|
534
|
+
const availableTools = [];
|
|
535
|
+
const upgradeTeaser = {};
|
|
530
536
|
for (const [toolName, requiredTier] of Object.entries(TOOL_TIERS)) {
|
|
531
|
-
|
|
532
|
-
|
|
537
|
+
if (tierAtLeast(userTier, requiredTier)) {
|
|
538
|
+
availableTools.push(toolName);
|
|
539
|
+
}
|
|
540
|
+
else {
|
|
541
|
+
if (!upgradeTeaser[TIER_LABELS[requiredTier]]) {
|
|
542
|
+
upgradeTeaser[TIER_LABELS[requiredTier]] = [];
|
|
543
|
+
}
|
|
544
|
+
upgradeTeaser[TIER_LABELS[requiredTier]].push(toolName);
|
|
545
|
+
}
|
|
546
|
+
}
|
|
547
|
+
const response = {
|
|
548
|
+
tier: userTier,
|
|
549
|
+
tier_label: TIER_LABELS[userTier],
|
|
550
|
+
ptah_credits: credits,
|
|
551
|
+
your_tools: availableTools,
|
|
552
|
+
tool_count: `${availableTools.length} tools available`,
|
|
553
|
+
};
|
|
554
|
+
// Only mention upgrades if there are locked tools, and frame positively
|
|
555
|
+
if (Object.keys(upgradeTeaser).length > 0) {
|
|
556
|
+
const totalLocked = Object.values(upgradeTeaser).reduce((sum, t) => sum + t.length, 0);
|
|
557
|
+
response.upgrades_available = {
|
|
558
|
+
summary: `${totalLocked} additional diagnostic and simulation tools available with a tier upgrade — find dead code, coupling hotspots, test gaps, layer violations, and simulate changes before making them.`,
|
|
559
|
+
url: 'https://ptah.papyruslabs.ai/settings/billing',
|
|
560
|
+
};
|
|
533
561
|
}
|
|
534
562
|
return {
|
|
535
|
-
content: [{ type: 'text', text: JSON.stringify(
|
|
536
|
-
tier: userTier,
|
|
537
|
-
tier_label: TIER_LABELS[userTier],
|
|
538
|
-
ptah_credits: credits,
|
|
539
|
-
tools: toolsByTier,
|
|
540
|
-
upgrade_url: 'https://ptah.papyruslabs.ai/settings/billing',
|
|
541
|
-
}, null, 2) }],
|
|
563
|
+
content: [{ type: 'text', text: JSON.stringify(response, null, 2) }],
|
|
542
564
|
};
|
|
543
565
|
}
|
|
544
566
|
catch (err) {
|
|
@@ -599,7 +621,7 @@ async function main() {
|
|
|
599
621
|
});
|
|
600
622
|
const transport = new StdioServerTransport();
|
|
601
623
|
await server.connect(transport);
|
|
602
|
-
process.stderr.write(`Seshat MCP v0.13.
|
|
624
|
+
process.stderr.write(`Seshat MCP v0.13.1 connected. Structural code analysis ready.\n`);
|
|
603
625
|
}
|
|
604
626
|
main().catch((err) => {
|
|
605
627
|
process.stderr.write(`Fatal: ${err.message}\n`);
|
package/package.json
CHANGED