@rafter-security/cli 0.6.6 → 0.7.1

package/dist/commands/agent/list.js

@@ -0,0 +1,72 @@
+import { Command } from "commander";
+import { snapshotComponents } from "./components.js";
+import { fmt } from "../../utils/formatter.js";
+/**
+ * `rafter agent list` — machine-readable inventory of everything rafter has touched
+ * (or could touch) on this machine. One row per (platform, component).
+ *
+ * Exit codes: 0 on success.
+ */
+export function createListCommand() {
+    return new Command("list")
+        .description("List agent integration components and their state")
+        .option("--json", "Output machine-readable JSON")
+        .option("--installed", "Only show components that are currently installed")
+        .option("--detected", "Only show components whose platform is detected")
+        .action((opts) => {
+        let rows = snapshotComponents();
+        if (opts.installed)
+            rows = rows.filter((r) => r.installed);
+        if (opts.detected)
+            rows = rows.filter((r) => r.detected);
+        if (opts.json) {
+            const payload = {
+                components: rows.map((r) => ({
+                    id: r.id,
+                    platform: r.platform,
+                    kind: r.kind,
+                    description: r.description,
+                    path: r.path,
+                    state: r.state,
+                    installed: r.installed,
+                    detected: r.detected,
+                    configEnabled: r.configEnabled,
+                })),
+            };
+            console.log(JSON.stringify(payload, null, 2));
+            return;
+        }
+        const byPlatform = new Map();
+        for (const r of rows) {
+            const arr = byPlatform.get(r.platform) ?? [];
+            arr.push(r);
+            byPlatform.set(r.platform, arr);
+        }
+        console.log(fmt.header("Rafter agent components"));
+        console.log(fmt.divider());
+        for (const [platform, list] of byPlatform) {
+            const detected = list[0]?.detected ?? false;
+            const suffix = detected ? "" : " (not detected)";
+            console.log(`\n${platform}${suffix}`);
+            for (const r of list) {
+                const label = r.id.padEnd(28);
+                let marker;
+                switch (r.state) {
+                    case "installed":
+                        marker = "● installed";
+                        break;
+                    case "not-installed":
+                        marker = "○ not installed";
+                        break;
+                    case "not-detected":
+                    default:
+                        marker = "· platform not detected";
+                        break;
+                }
+                console.log(`  ${label} ${marker}`);
+            }
+        }
+        console.log();
+        console.log(fmt.info("Use `rafter agent enable <id>` or `rafter agent disable <id>` to toggle individual components."));
+    });
+}

package/dist/commands/agent/scan.js

@@ -47,6 +47,7 @@ export function createScanCommand() {
         .option("--engine <engine>", "Scan engine: gitleaks or patterns", "auto")
         .option("--baseline", "Filter findings present in the saved baseline")
         .option("--watch", "Watch for file changes and re-scan on change")
+        .option("--history", "Scan git history for secrets (requires gitleaks engine)")
         .action(async (scanPath, opts) => {
         // Validate flags before doing any work
         const validEngines = ["auto", "gitleaks", "patterns"];
@@ -103,7 +104,7 @@ export function createScanCommand() {
             if (!opts.quiet) {
                 console.error(`Scanning directory: ${resolvedPath} (${engine})`);
             }
-            results = await scanDirectory(resolvedPath, engine, scanCfg);
+            results = await scanDirectory(resolvedPath, engine, scanCfg, opts.history);
         }
         else {
             if (!opts.quiet) {
@@ -372,11 +373,11 @@ async function scanFile(filePath, engine, scanCfg) {
 /**
  * Scan a directory with selected engine
  */
-async function scanDirectory(dirPath, engine, scanCfg) {
+async function scanDirectory(dirPath, engine, scanCfg, history) {
     if (engine === "gitleaks") {
         try {
             const gitleaks = new GitleaksScanner();
-            return await gitleaks.scanDirectory(dirPath);
+            return await gitleaks.scanDirectory(dirPath, { useGit: history ?? false });
         }
         catch (e) {
             console.error(fmt.warning("Gitleaks scan failed, falling back to patterns"));

package/dist/commands/agent/verify.js

@@ -193,7 +193,7 @@ export function createVerifyCommand() {
             console.log(fmt.success(`${passed.length}/${results.length} core checks passed${warnNote}`));
         }
         else {
-            console.log(fmt.error(`${hardFailed.length} check${hardFailed.length > 1 ? "s" : ""} failed`));
+            console.log(fmt.error(`${passed.length}/${results.length} checks passed — ${hardFailed.length} failed`));
         }
         console.log();
         if (hardFailed.length > 0) {

package/dist/commands/backend/run.js

@@ -9,6 +9,7 @@ import { handleScanStatus } from "./scan-status.js";
  */
 export async function runRemoteScan(opts) {
     const key = resolveKey(opts.apiKey);
+    const ghToken = opts.githubToken || process.env.RAFTER_GITHUB_TOKEN;
     let repo, branch;
     try {
         ({ repo, branch } = detectRepo({ repo: opts.repo, branch: opts.branch, quiet: opts.quiet }));
@@ -22,10 +23,17 @@ export async function runRemoteScan(opts) {
         }
         process.exit(EXIT_GENERAL_ERROR);
     }
+    const body = {
+        repository_name: repo,
+        branch_name: branch,
+        scan_mode: opts.mode ?? "fast",
+    };
+    if (ghToken)
+        body.github_token = ghToken;
     if (!opts.quiet) {
         const spinner = ora("Submitting scan").start();
         try {
-            const { data } = await axios.post(`${API}/static/scan`, { repository_name: repo, branch_name: branch, scan_mode: opts.mode ?? "fast" }, { headers: { "x-api-key": key } });
+            const { data } = await axios.post(`${API}/static/scan`, body, { headers: { "x-api-key": key } });
             spinner.succeed(`Scan ID: ${data.scan_id}`);
             if (opts.skipInteractive)
                 return;
@@ -56,7 +64,7 @@ export async function runRemoteScan(opts) {
     }
     else {
         try {
-            const { data } = await axios.post(`${API}/static/scan`, { repository_name: repo, branch_name: branch, scan_mode: opts.mode ?? "fast" }, { headers: { "x-api-key": key } });
+            const { data } = await axios.post(`${API}/static/scan`, body, { headers: { "x-api-key": key } });
             if (opts.skipInteractive)
                 return;
             const exitCode = await handleScanStatus(data.scan_id, { "x-api-key": key }, opts.format ?? "md", opts.quiet);
@@ -90,12 +98,13 @@ function addRunOptions(cmd) {
         .option("-k, --api-key <key>", "API key or RAFTER_API_KEY env var")
         .option("-f, --format <format>", "json | md", "md")
         .option("-m, --mode <mode>", "scan mode: fast | plus", "fast")
+        .option("--github-token <token>", "GitHub PAT for private repos (or RAFTER_GITHUB_TOKEN env var)")
         .option("--skip-interactive", "do not wait for scan to complete")
         .option("--quiet", "suppress status messages");
 }
 export function createRunCommand() {
     return addRunOptions(new Command("run")
-        .description("Trigger a remote backend security scan")).action(async (opts) => {
+        .description("Trigger a remote security scan")).action(async (opts) => {
         await runRemoteScan(opts);
     });
 }

package/dist/commands/backend/scan-status.js

@@ -1,6 +1,7 @@
 import axios from "axios";
 import ora from "ora";
 import { API, writePayload, EXIT_GENERAL_ERROR, EXIT_SCAN_NOT_FOUND } from "../../utils/api.js";
+import { fmt as output } from "../../utils/formatter.js";
 export async function handleScanStatus(scan_id, headers, fmt, quiet) {
     // First poll
     let poll;
@@ -9,10 +10,10 @@ export async function handleScanStatus(scan_id, headers, fmt, quiet) {
     }
     catch (e) {
         if (e.response?.status === 404) {
-            console.error(`Scan '${scan_id}' not found`);
+            console.error(output.error(`Scan '${scan_id}' not found`));
             return EXIT_SCAN_NOT_FOUND;
         }
-        console.error(`Error: ${e.response?.data || e.message}`);
+        console.error(output.error(`${e.response?.data || e.message}`));
         return EXIT_GENERAL_ERROR;
     }
     let status = poll.data.status;

package/dist/commands/brief.js

@@ -9,6 +9,16 @@ function loadSkill(name) {
     // Strip YAML frontmatter
     return raw.replace(/^---[\s\S]*?---\n*/, "").trim();
 }
+function loadSkillDoc(skill, doc) {
+    return readFileSync(join(RESOURCES_DIR, skill, "docs", `${doc}.md`), "utf-8").trim();
+}
+const RAFTER_SUBDOCS = [
+    { slug: "cli-reference", desc: "Full rafter CLI tree by category" },
+    { slug: "guardrails", desc: "PreToolUse hooks, risk tiers, overrides" },
+    { slug: "backend", desc: "Remote fast vs plus, setup, cost/latency" },
+    { slug: "shift-left", desc: "Pointers to secure-design & code-review skills" },
+    { slug: "finding-triage", desc: "How to read a finding and decide next steps" },
+];
 function extractSections(content, headings) {
     const lines = content.split("\n");
     const sections = [];
@@ -54,7 +64,7 @@ function buildTopics() {
             render: () => loadSkill("rafter-agent-security"),
         },
         scanning: {
-            description: "Remote SAST/SCA code analysis via backend API",
+            description: "Remote SAST/SCA code analysis via Rafter API",
             render: () => loadSkill("rafter"),
         },
         commands: {
@@ -78,7 +88,7 @@ function buildTopics() {
                 return [
                     "# Rafter Command Reference",
                     "",
-                    "## Backend (Remote Code Analysis)",
+                    "## Remote Code Analysis",
                     "",
                     backCmds,
                     "",
@@ -165,6 +175,13 @@ function buildTopics() {
                 "the tools developers use every day.",
             ].join("\n"),
         },
+        ...Object.fromEntries(RAFTER_SUBDOCS.map(({ slug, desc }) => [
+            slug,
+            {
+                description: desc,
+                render: () => loadSkillDoc("rafter", slug),
+            },
+        ])),
         all: {
             description: "Everything — full security + scanning + setup briefing",
             render: () => {
@@ -503,6 +520,9 @@ function renderTopicList(topics) {
     lines.push("  rafter brief commands          # full command reference");
     lines.push("  rafter brief setup/claude-code # Claude Code setup guide");
     lines.push("  rafter brief setup/generic     # setup for any agent");
+    lines.push("  rafter brief cli-reference     # full CLI tree");
+    lines.push("  rafter brief guardrails        # hooks + risk tiers");
+    lines.push("  rafter brief finding-triage    # interpret findings");
     lines.push("  rafter brief all               # everything");
     return lines.join("\n");
 }

package/dist/commands/ci/init.js

@@ -1,13 +1,14 @@
 import { Command } from "commander";
 import fs from "fs";
 import path from "path";
-import { fmt } from "../../utils/formatter.js";
+import { fmt, isAgentMode } from "../../utils/formatter.js";
 export function createCiInitCommand() {
     return new Command("init")
         .description("Generate CI/CD pipeline config for secret scanning")
         .option("--platform <platform>", "CI platform: github, gitlab, circleci (default: auto-detect)")
         .option("--output <path>", "Output file path (default: platform-specific)")
-        .option("--with-backend", "Include backend security audit job (requires RAFTER_API_KEY)")
+        .option("--with-remote", "Include remote security audit job (requires RAFTER_API_KEY)")
+        .option("--with-backend", "Deprecated: use --with-remote")
         .action((opts) => {
         const platform = opts.platform || detectPlatform();
         if (!platform) {
@@ -21,7 +22,8 @@ export function createCiInitCommand() {
             console.error(`Valid options: ${validPlatforms.join(", ")}`);
             process.exit(1);
         }
-        const { content, defaultPath } = generateTemplate(platform, !!opts.withBackend);
+        const includeRemote = !!(opts.includeRemote || opts.withBackend);
+        const { content, defaultPath } = generateTemplate(platform, includeRemote);
         const outputPath = opts.output || defaultPath;
         const outputDir = path.dirname(outputPath);
         if (!fs.existsSync(outputDir)) {
@@ -29,28 +31,30 @@ export function createCiInitCommand() {
         }
         fs.writeFileSync(outputPath, content, "utf-8");
         console.log(fmt.success(`Generated ${platform} CI config at ${outputPath}`));
-        console.log();
-        console.log("Next steps:");
-        console.log(`  1. Review the generated file: ${outputPath}`);
-        if (opts.withBackend) {
-            if (platform === "github") {
-                console.log("  2. Add RAFTER_API_KEY to repo Settings > Secrets > Actions");
-            }
-            else if (platform === "gitlab") {
-                console.log("  2. Add RAFTER_API_KEY to Settings > CI/CD > Variables");
+        if (!isAgentMode()) {
+            console.log();
+            console.log("Next steps:");
+            console.log(`  1. Review the generated file: ${outputPath}`);
+            if (includeRemote) {
+                if (platform === "github") {
+                    console.log("  2. Add RAFTER_API_KEY to repo Settings > Secrets > Actions");
+                }
+                else if (platform === "gitlab") {
+                    console.log("  2. Add RAFTER_API_KEY to Settings > CI/CD > Variables");
+                }
+                else {
+                    console.log("  2. Add RAFTER_API_KEY to project environment variables");
+                }
             }
-            else {
-                console.log("  2. Add RAFTER_API_KEY to project environment variables");
+            console.log(`  ${includeRemote ? "3" : "2"}. Commit and push to trigger the pipeline`);
+            if (platform === "github") {
+                console.log();
+                console.log("Alternatives:");
+                console.log("  - GitHub Action: uses: Raftersecurity/rafter-cli@v1");
+                console.log("  - Pre-commit:  https://github.com/Raftersecurity/rafter-cli#pre-commit-framework");
             }
-        }
-        console.log(`  ${opts.withBackend ? "3" : "2"}. Commit and push to trigger the pipeline`);
-        if (platform === "github") {
             console.log();
-            console.log("Alternatives:");
-            console.log("  - GitHub Action: uses: Raftersecurity/rafter-cli@v1");
-            console.log("  - Pre-commit:  https://github.com/Raftersecurity/rafter-cli#pre-commit-framework");
         }
-        console.log();
     });
 }
 function detectPlatform() {

package/dist/commands/completion.js

@@ -68,7 +68,7 @@ _rafter_completions() {
       if [[ "\${COMP_WORDS[1]}" == "agent" ]]; then
         COMPREPLY=( $(compgen -W "--risk-level --with-openclaw --with-claude-code --with-codex --with-gemini --with-aider --with-cursor --with-windsurf --with-continue --with-gitleaks --all --help" -- "\${cur}") )
       elif [[ "\${COMP_WORDS[1]}" == "ci" ]]; then
-        COMPREPLY=( $(compgen -W "--platform --output --with-backend --help" -- "\${cur}") )
+        COMPREPLY=( $(compgen -W "--platform --output --with-remote --with-backend --help" -- "\${cur}") )
       fi
       return 0
       ;;
@@ -81,7 +81,7 @@ const ZSH_COMPLETION = `#compdef rafter
 _rafter() {
   local -a commands
   commands=(
-    'run:Submit a security scan to the Rafter backend'
+    'run:Submit a remote security scan'
     'scan:Alias for run'
     'get:Retrieve scan results'
     'usage:Check API usage quota'
@@ -369,7 +369,8 @@ complete -c rafter -n '__fish_seen_subcommand_from agent; and __fish_seen_subcom
 complete -c rafter -n '__fish_seen_subcommand_from ci' -a init -d 'Initialize CI pipeline'
 complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l platform -d 'CI platform' -ra 'github gitlab circleci'
 complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l output -d 'Output path' -r
-complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l with-backend -d 'Include backend audit'
+complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l with-remote -d 'Include remote audit'
+complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l with-backend -d 'Deprecated: use --with-remote'
 
 # hook subcommands
 complete -c rafter -n '__fish_seen_subcommand_from hook' -a pretool -d 'PreToolUse hook handler'

package/dist/commands/docs/index.js

@@ -0,0 +1,18 @@
+import { Command } from "commander";
+import { createDocsListCommand } from "./list.js";
+import { createDocsShowCommand } from "./show.js";
+export function createDocsCommand() {
+    const docs = new Command("docs")
+        .description("Repo-specific security docs declared in .rafter.yml")
+        .addHelpText("after", [
+        "",
+        "Examples:",
+        "  $ rafter docs list",
+        "  $ rafter docs list --tag owasp",
+        "  $ rafter docs show secure-coding",
+        "  $ rafter docs show secure-coding --refresh",
+    ].join("\n"));
+    docs.addCommand(createDocsListCommand());
+    docs.addCommand(createDocsShowCommand());
+    return docs;
+}

package/dist/commands/docs/list.js

@@ -0,0 +1,37 @@
+import { Command } from "commander";
+import { listDocs } from "../../core/docs-loader.js";
+export function createDocsListCommand() {
+    return new Command("list")
+        .description("List security docs declared in .rafter.yml")
+        .option("--tag <tag>", "Filter to docs matching this tag")
+        .option("--json", "Output as JSON")
+        .action((opts) => {
+        const entries = listDocs().filter(d => !opts.tag || (Array.isArray(d.tags) && d.tags.includes(opts.tag)));
+        if (entries.length === 0) {
+            if (opts.json) {
+                process.stdout.write("[]\n");
+            }
+            else {
+                process.stderr.write("No docs configured in .rafter.yml\n");
+            }
+            process.exit(3);
+        }
+        if (opts.json) {
+            process.stdout.write(JSON.stringify(entries.map(e => ({
+                id: e.id,
+                source: e.source,
+                source_kind: e.sourceKind,
+                description: e.description || "",
+                tags: e.tags || [],
+                cache_status: e.cacheStatus,
+            })), null, 2) + "\n");
+            return;
+        }
+        for (const e of entries) {
+            const tags = (e.tags && e.tags.length) ? ` [${e.tags.join(", ")}]` : "";
+            const cache = e.sourceKind === "url" ? ` (${e.cacheStatus})` : "";
+            const desc = e.description ? ` — ${e.description}` : "";
+            process.stdout.write(`${e.id}  ${e.source}${cache}${tags}${desc}\n`);
+        }
+    });
+}

package/dist/commands/docs/show.js

@@ -0,0 +1,64 @@
+import { Command } from "commander";
+import { resolveDocSelector, fetchDoc } from "../../core/docs-loader.js";
+export function createDocsShowCommand() {
+    return new Command("show")
+        .description("Print the content of a doc by id or tag")
+        .argument("<id-or-tag>", "Doc id or tag selector")
+        .option("--refresh", "Force re-fetch for URL-backed docs (bypass cache)")
+        .option("--json", "Output as JSON (array of { id, source, content })")
+        .action(async (selector, opts) => {
+        const entries = resolveDocSelector(selector);
+        if (entries.length === 0) {
+            const { loadPolicy } = await import("../../core/policy-loader.js");
+            const policy = loadPolicy();
+            if (!policy || !policy.docs || policy.docs.length === 0) {
+                process.stderr.write("No docs configured in .rafter.yml\n");
+                process.exit(3);
+            }
+            process.stderr.write(`No doc matched id or tag: ${selector}\n`);
+            process.exit(2);
+        }
+        const results = [];
+        let anyError = false;
+        for (const entry of entries) {
+            try {
+                const fetched = await fetchDoc(entry, { refresh: opts.refresh });
+                results.push({
+                    id: entry.id,
+                    source: fetched.source,
+                    source_kind: fetched.sourceKind,
+                    stale: fetched.stale,
+                    content: fetched.content,
+                });
+                if (fetched.stale) {
+                    process.stderr.write(`Warning: ${entry.id} served from stale cache (fetch failed)\n`);
+                }
+            }
+            catch (err) {
+                anyError = true;
+                process.stderr.write(`Error: failed to fetch ${entry.id}: ${err.message || err}\n`);
+            }
+        }
+        if (results.length === 0) {
+            process.exit(1);
+        }
+        if (opts.json) {
+            process.stdout.write(JSON.stringify(results, null, 2) + "\n");
+        }
+        else if (results.length === 1) {
+            process.stdout.write(results[0].content);
+            if (!results[0].content.endsWith("\n"))
+                process.stdout.write("\n");
+        }
+        else {
+            for (const r of results) {
+                process.stdout.write(`\n===== ${r.id} (${r.source}) =====\n`);
+                process.stdout.write(r.content);
+                if (!r.content.endsWith("\n"))
+                    process.stdout.write("\n");
+            }
+        }
+        if (anyError)
+            process.exit(1);
+    });
+}

package/dist/commands/mcp/server.js

@@ -7,6 +7,7 @@ import { GitleaksScanner } from "../../scanners/gitleaks.js";
 import { CommandInterceptor } from "../../core/command-interceptor.js";
 import { AuditLogger } from "../../core/audit-logger.js";
 import { ConfigManager } from "../../core/config-manager.js";
+import { listDocs, resolveDocSelector, fetchDoc } from "../../core/docs-loader.js";
 import { createRequire } from "module";
 const _require = createRequire(import.meta.url);
 const { version: CLI_VERSION } = _require("../../../package.json");
@@ -87,6 +88,28 @@ export function createServer() {
                     },
                 },
             },
+            {
+                name: "list_docs",
+                description: "List repo-specific security docs declared in .rafter.yml. Call this early in any security-relevant task to discover project-specific rules, threat models, or compliance policies the user expects agents to follow.",
+                inputSchema: {
+                    type: "object",
+                    properties: {
+                        tag: { type: "string", description: "Filter to docs whose tags include this value" },
+                    },
+                },
+            },
+            {
+                name: "get_doc",
+                description: "Return the content of a repo-specific security doc by id or tag. Use after list_docs to read a specific document.",
+                inputSchema: {
+                    type: "object",
+                    properties: {
+                        id_or_tag: { type: "string", description: "Doc id or tag selector" },
+                        refresh: { type: "boolean", description: "Force re-fetch for URL-backed docs (bypass cache)" },
+                    },
+                    required: ["id_or_tag"],
+                },
+            },
         ],
     }));
     server.setRequestHandler(CallToolRequestSchema, async (request) => {
@@ -149,6 +172,44 @@ export function createServer() {
                 const value = key ? manager.get(key) : manager.load();
                 return textResult(value);
             }
+            case "list_docs": {
+                const tag = args?.tag;
+                const entries = listDocs().filter(d => !tag || (Array.isArray(d.tags) && d.tags.includes(tag)));
+                return textResult(entries.map(e => ({
+                    id: e.id,
+                    source: e.source,
+                    source_kind: e.sourceKind,
+                    description: e.description || "",
+                    tags: e.tags || [],
+                    cache_status: e.cacheStatus,
+                })));
+            }
+            case "get_doc": {
+                const selector = args?.id_or_tag;
+                if (!selector)
+                    return errorResult("id_or_tag is required");
+                const matches = resolveDocSelector(selector);
+                if (matches.length === 0)
+                    return errorResult(`No doc matched id or tag: ${selector}`);
+                const refresh = Boolean(args?.refresh);
+                const results = [];
+                for (const entry of matches) {
+                    try {
+                        const fetched = await fetchDoc(entry, { refresh });
+                        results.push({
+                            id: entry.id,
+                            source: fetched.source,
+                            source_kind: fetched.sourceKind,
+                            stale: fetched.stale,
+                            content: fetched.content,
+                        });
+                    }
+                    catch (err) {
+                        return errorResult(`Failed to fetch ${entry.id}: ${err.message || err}`);
+                    }
+                }
+                return textResult(results);
+            }
             default:
                 return errorResult(`Unknown tool: ${name}`);
         }
@@ -168,6 +229,12 @@ export function createServer() {
                 description: "Active security policy (merged .rafter.yml + config)",
                 mimeType: "application/json",
             },
+            {
+                uri: "rafter://docs",
+                name: "Rafter Docs",
+                description: "Repo-specific security docs declared in .rafter.yml (metadata only, no content)",
+                mimeType: "application/json",
+            },
         ],
     }));
     server.setRequestHandler(ReadResourceRequestSchema, async (request) => {
@@ -190,6 +257,23 @@ export function createServer() {
                             text: JSON.stringify(manager.loadWithPolicy(), null, 2),
                         }],
                 };
+            case "rafter://docs": {
+                const entries = listDocs().map(e => ({
+                    id: e.id,
+                    source: e.source,
+                    source_kind: e.sourceKind,
+                    description: e.description || "",
+                    tags: e.tags || [],
+                    cache_status: e.cacheStatus,
+                }));
+                return {
+                    contents: [{
+                            uri: "rafter://docs",
+                            mimeType: "application/json",
+                            text: JSON.stringify(entries, null, 2),
+                        }],
+                };
+            }
             default:
                 throw new Error(`Unknown resource: ${uri}`);
         }