@respira/wordpress-mcp-server 6.19.7 → 6.19.9

package/dist/__tests__/default-site-routing-notice.test.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Tests for buildDefaultSiteRoutingNotice — the multi-site safety notice that
+ * surfaces on the response envelope when a WRITE tool runs against the default
+ * site because the caller omitted site_id on an account with more than one
+ * site connected.
+ *
+ * Background: Claude Desktop frequently omits site_id and doesn't reliably call
+ * respira_switch_site, so an edit meant for site B silently lands on the
+ * default (first) site. C.J. 2026-05-29 reported exactly this ("the token for
+ * the new site is resolving to the first one"). The notice makes the
+ * wrong-site write visible the moment it happens.
+ *
+ * The method is private; the test reaches it through `as any` since `private`
+ * is a compile-time-only constraint and these run against compiled JS.
+ */
+export {};
+//# sourceMappingURL=default-site-routing-notice.test.d.ts.map

package/dist/__tests__/default-site-routing-notice.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"default-site-routing-notice.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/default-site-routing-notice.test.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG"}

package/dist/__tests__/default-site-routing-notice.test.js

@@ -0,0 +1,142 @@
+/**
+ * Tests for buildDefaultSiteRoutingNotice — the multi-site safety notice that
+ * surfaces on the response envelope when a WRITE tool runs against the default
+ * site because the caller omitted site_id on an account with more than one
+ * site connected.
+ *
+ * Background: Claude Desktop frequently omits site_id and doesn't reliably call
+ * respira_switch_site, so an edit meant for site B silently lands on the
+ * default (first) site. C.J. 2026-05-29 reported exactly this ("the token for
+ * the new site is resolving to the first one"). The notice makes the
+ * wrong-site write visible the moment it happens.
+ *
+ * The method is private; the test reaches it through `as any` since `private`
+ * is a compile-time-only constraint and these run against compiled JS.
+ */
+import { test } from 'node:test';
+import assert from 'node:assert/strict';
+import { RespiraWordPressServer } from '../server.js';
+const SITE_A = {
+    id: 'thegoldenrhodes-com',
+    name: 'The Golden Rhodes',
+    url: 'https://thegoldenrhodes.com',
+    apiKey: 'respira_token_a',
+    default: true,
+};
+const SITE_B = {
+    id: 'shivamandir-org',
+    name: 'Shivamandir',
+    url: 'https://shivamandir.org',
+    apiKey: 'respira_token_b',
+};
+function notice(server, name, args) {
+    return server.buildDefaultSiteRoutingNotice(name, args);
+}
+test('multi-site + write tool + no site_id → notice naming the default site', () => {
+    const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+    const result = notice(server, 'respira_update_element', { element_id: 'abc', content: 'hi' });
+    assert.ok(result, 'expected a routing notice');
+    assert.match(result, /The Golden Rhodes/);
+    assert.match(result, /thegoldenrhodes\.com/);
+    assert.match(result, /default site/);
+    // It should point the caller at both escape hatches.
+    assert.match(result, /site_id/);
+    assert.match(result, /respira_switch_site/);
+});
+test('explicit site_id suppresses the notice (the call is already targeted)', () => {
+    const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+    const result = notice(server, 'respira_update_element', { site_id: 'shivamandir-org', element_id: 'abc' });
+    assert.equal(result, null);
+});
+test('read tools never get a notice, even on a multi-site account', () => {
+    const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+    assert.equal(notice(server, 'respira_list_pages', {}), null);
+    assert.equal(notice(server, 'respira_read_page', { page_id: 5 }), null);
+    assert.equal(notice(server, 'respira_get_site_context', {}), null);
+});
+test('single-site accounts never get a notice (no wrong-site risk)', () => {
+    const server = new RespiraWordPressServer([SITE_A]);
+    assert.equal(notice(server, 'respira_update_element', { element_id: 'abc' }), null);
+});
+test('write tool with no args at all on multi-site still warns', () => {
+    const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+    const result = notice(server, 'respira_delete_page', undefined);
+    assert.ok(result, 'expected a routing notice when args is undefined');
+    assert.match(result, /The Golden Rhodes/);
+});
+test('the deprecated wordpress_* alias is classified the same as respira_*', () => {
+    const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+    const result = notice(server, 'wordpress_update_page', { page_id: 1 });
+    assert.ok(result, 'wordpress_* write alias should also warn');
+});
+// ── RESPIRA_REQUIRE_SITE_ID hard guard (v6.19.8) ──────────────────────────
+// enforceSiteScopeForWrites throws when the flag is on, the account is
+// multi-site, the tool is a write, and no site_id was passed. It's the
+// prevention counterpart to the visibility notice above.
+function enforce(server, name, args) {
+    server.enforceSiteScopeForWrites(name, args);
+}
+function withFlag(value, fn) {
+    const prev = process.env.RESPIRA_REQUIRE_SITE_ID;
+    if (value === undefined)
+        delete process.env.RESPIRA_REQUIRE_SITE_ID;
+    else
+        process.env.RESPIRA_REQUIRE_SITE_ID = value;
+    try {
+        fn();
+    }
+    finally {
+        if (prev === undefined)
+            delete process.env.RESPIRA_REQUIRE_SITE_ID;
+        else
+            process.env.RESPIRA_REQUIRE_SITE_ID = prev;
+    }
+}
+test('guard off by default: multi-site write without site_id does not throw', () => {
+    withFlag(undefined, () => {
+        const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+        assert.doesNotThrow(() => enforce(server, 'respira_inject_builder_content', { page_id: 9, builder: 'elementor', content: {} }));
+    });
+});
+test('guard on: multi-site write without site_id throws respira_site_id_required', () => {
+    withFlag('1', () => {
+        const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+        let thrown = null;
+        try {
+            enforce(server, 'respira_inject_builder_content', { page_id: 9, builder: 'elementor', content: {} });
+        }
+        catch (e) {
+            thrown = e;
+        }
+        assert.ok(thrown, 'expected the guard to throw');
+        assert.equal(thrown.name, 'respira_site_id_required');
+        assert.match(thrown.message, /thegoldenrhodes-com/);
+        assert.match(thrown.message, /shivamandir-org/);
+    });
+});
+test('guard on: explicit site_id is allowed through', () => {
+    withFlag('1', () => {
+        const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+        assert.doesNotThrow(() => enforce(server, 'respira_inject_builder_content', { site_id: 'shivamandir-org', page_id: 9, builder: 'elementor', content: {} }));
+    });
+});
+test('guard on: read tools are never blocked', () => {
+    withFlag('true', () => {
+        const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+        assert.doesNotThrow(() => enforce(server, 'respira_read_page', { page_id: 5 }));
+        assert.doesNotThrow(() => enforce(server, 'respira_list_pages', {}));
+    });
+});
+test('guard on: single-site account is never blocked', () => {
+    withFlag('1', () => {
+        const server = new RespiraWordPressServer([SITE_A]);
+        assert.doesNotThrow(() => enforce(server, 'respira_inject_builder_content', { page_id: 9, builder: 'elementor', content: {} }));
+    });
+});
+test('guard on: site-agnostic tools (switch_site) are never blocked', () => {
+    withFlag('1', () => {
+        const server = new RespiraWordPressServer([SITE_A, SITE_B]);
+        assert.doesNotThrow(() => enforce(server, 'respira_switch_site', { site_id: 'shivamandir-org' }));
+    });
+});
+//# sourceMappingURL=default-site-routing-notice.test.js.map

package/dist/__tests__/default-site-routing-notice.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"default-site-routing-notice.test.js","sourceRoot":"","sources":["../../src/__tests__/default-site-routing-notice.test.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAGtD,MAAM,MAAM,GAAwB;IAClC,EAAE,EAAE,qBAAqB;IACzB,IAAI,EAAE,mBAAmB;IACzB,GAAG,EAAE,6BAA6B;IAClC,MAAM,EAAE,iBAAiB;IACzB,OAAO,EAAE,IAAI;CACd,CAAC;AAEF,MAAM,MAAM,GAAwB;IAClC,EAAE,EAAE,iBAAiB;IACrB,IAAI,EAAE,aAAa;IACnB,GAAG,EAAE,yBAAyB;IAC9B,MAAM,EAAE,iBAAiB;CAC1B,CAAC;AAEF,SAAS,MAAM,CAAC,MAA8B,EAAE,IAAY,EAAE,IAAU;IACtE,OAAQ,MAAc,CAAC,6BAA6B,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;AACnE,CAAC;AAED,IAAI,CAAC,uEAAuE,EAAE,GAAG,EAAE;IACjF,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,wBAAwB,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IAE9F,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,2BAA2B,CAAC,CAAC;IAC/C,MAAM,CAAC,KAAK,CAAC,MAAO,EAAE,mBAAmB,CAAC,CAAC;IAC3C,MAAM,CAAC,KAAK,CAAC,MAAO,EAAE,sBAAsB,CAAC,CAAC;IAC9C,MAAM,CAAC,KAAK,CAAC,MAAO,EAAE,cAAc,CAAC,CAAC;IACtC,qDAAqD;IACrD,MAAM,CAAC,KAAK,CAAC,MAAO,EAAE,SAAS,CAAC,CAAC;IACjC,MAAM,CAAC,KAAK,CAAC,MAAO,EAAE,qBAAqB,CAAC,CAAC;AAC/C,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,uEAAuE,EAAE,GAAG,EAAE;IACjF,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,wBAAwB,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IAC3G,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAC7B,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,6DAA6D,EAAE,GAAG,EAAE;IACvE,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,oBAAoB,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;IAC7D,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,mBAAmB,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;IACxE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,0BAA0B,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;AACrE,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,8DAA8D,EAAE,GAAG,EAAE;IACxE,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;IACpD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,wBAAwB,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;AACtF,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,0DAA0D,EAAE,GAAG,EAAE;IACpE,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,qBAAqB,EAAE,SAAS,CAAC,CAAC;IAChE,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,kDAAkD,CAAC,CAAC;IACtE,MAAM,CAAC,KAAK,CAAC,MAAO,EAAE,mBAAmB,CAAC,CAAC;AAC7C,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,sEAAsE,EAAE,GAAG,EAAE;IAChF,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,uBAAuB,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;IACvE,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,0CAA0C,CAAC,CAAC;AAChE,CAAC,CAAC,CAAC;AAEH,6EAA6E;AAC7E,uEAAuE;AACvE,uEAAuE;AACvE,yDAAyD;AAEzD,SAAS,OAAO,CAAC,MAA8B,EAAE,IAAY,EAAE,IAAU;IACtE,MAAc,CAAC,yBAAyB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,QAAQ,CAAC,KAAyB,EAAE,EAAc;IACzD,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IACjD,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;;QAC/D,OAAO,CAAC,GAAG,CAAC,uBAAuB,GAAG,KAAK,CAAC;IACjD,IAAI,CAAC;QACH,EAAE,EAAE,CAAC;IACP,CAAC;YAAS,CAAC;QACT,IAAI,IAAI,KAAK,SAAS;YAAE,OAAO,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;;YAC9D,OAAO,CAAC,GAAG,CAAC,uBAAuB,GAAG,IAAI,CAAC;IAClD,CAAC;AACH,CAAC;AAED,IAAI,CAAC,uEAAuE,EAAE,GAAG,EAAE;IACjF,QAAQ,CAAC,SAAS,EAAE,GAAG,EAAE;QACvB,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;QAC5D,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,gCAAgC,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAClI,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,4EAA4E,EAAE,GAAG,EAAE;IACtF,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;QACjB,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;QAC5D,IAAI,MAAM,GAAQ,IAAI,CAAC;QACvB,IAAI,CAAC;YACH,OAAO,CAAC,MAAM,EAAE,gCAAgC,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;QACvG,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,CAAC,CAAC;QACb,CAAC;QACD,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,6BAA6B,CAAC,CAAC;QACjD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,0BAA0B,CAAC,CAAC;QACtD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC;QACpD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,+CAA+C,EAAE,GAAG,EAAE;IACzD,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;QACjB,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;QAC5D,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,gCAAgC,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC9J,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,wCAAwC,EAAE,GAAG,EAAE;IAClD,QAAQ,CAAC,MAAM,EAAE,GAAG,EAAE;QACpB,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;QAC5D,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,mBAAmB,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAChF,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,oBAAoB,EAAE,EAAE,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,gDAAgD,EAAE,GAAG,EAAE;IAC1D,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;QACjB,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,gCAAgC,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAClI,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAI,CAAC,+DAA+D,EAAE,GAAG,EAAE;IACzE,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;QACjB,MAAM,MAAM,GAAG,IAAI,sBAAsB,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;QAC5D,MAAM,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,qBAAqB,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC,CAAC,CAAC;IACpG,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/server.d.ts

@@ -89,6 +89,35 @@ export declare class RespiraWordPressServer {
      * a structured error so the AI can explain the failure plainly.
      */
     private redeemInstallToken;
+    /**
+     * When a WRITE tool runs against the default site because the caller
+     * omitted site_id and the account has more than one site connected,
+     * surface a one-line routing notice on the response. This is the
+     * wrong-site window: Claude Desktop frequently omits site_id and doesn't
+     * reliably call respira_switch_site, so an edit meant for site B silently
+     * lands on the default (first) site. Naming the acted-on site in the
+     * envelope makes that visible the moment the write happens, instead of
+     * after the user notices the wrong page changed. C.J. 2026-05-29 reported
+     * exactly this ("the token for the new site is resolving to the first one").
+     *
+     * Read tools and explicit-site_id calls get no notice — only the silent
+     * default-routing case on a multi-site account is worth flagging.
+     */
+    private buildDefaultSiteRoutingNotice;
+    /**
+     * Opt-in strict scoping for write tools. When RESPIRA_REQUIRE_SITE_ID is
+     * truthy and the account has more than one site connected, a WRITE tool
+     * called without an explicit site_id throws instead of silently using the
+     * default site. Read tools, single-site accounts, site-agnostic tools, and
+     * calls that already carry site_id are never blocked.
+     *
+     * The thrown error carries name `respira_site_id_required` so the
+     * admin/mcp-quality dashboard groups it distinctly, and the message lists
+     * the connected sites so the agent can immediately retry with the right id.
+     *
+     * @since 6.19.8
+     */
+    private enforceSiteScopeForWrites;
     private withSiteContext;
     private setupHandlers;
     private attachUpdateNotice;

package/dist/server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAoBH,OAAO,KAAK,EAAE,mBAAmB,EAAe,MAAM,kBAAkB,CAAC;AAiLzE,qBAAa,sBAAsB;IACjC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,WAAW,CAAgC;IACnD,OAAO,CAAC,KAAK,CAA2C;IACxD,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,cAAc,CAAwB;IAC9C,OAAO,CAAC,YAAY,CAA4B;IAChD,8EAA8E;IAC9E,OAAO,CAAC,YAAY,CAA4B;IAChD,8EAA8E;IAC9E,OAAO,CAAC,mBAAmB,CAAS;IAEpC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAsB;IAEhE;;;OAGG;IACH,OAAO,CAAC,iBAAiB;IAWzB;;;OAGG;IACH,OAAO,CAAC,iBAAiB;gBA4Bb,WAAW,EAAE,mBAAmB,EAAE,EAAE,YAAY,CAAC,EAAE,MAAM,EAAE;IAmUvE,OAAO,CAAC,cAAc;IAItB;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IAkB5B;;;;;;;;;;;OAWG;IACH,OAAO,CAAC,aAAa;IA4BrB,gEAAgE;IAChE,OAAO,CAAC,aAAa;IAUrB;;;;;;OAMG;YACW,UAAU;IA2CxB;;;;;;;;;;;;;;OAcG;YACW,WAAW;IAyIzB;;;;;;;;;OASG;YACW,kBAAkB;IA6FhC,OAAO,CAAC,eAAe;IAmBvB,OAAO,CAAC,aAAa;YAuOP,kBAAkB;YA6BlB,yBAAyB;IASvC;;;OAGG;IACH,OAAO,CAAC,oBAAoB;YAyBd,QAAQ;IA28EtB;;;;;;OAMG;IACH,yEAAyE;IACzE,OAAO,CAAC,mBAAmB,CAAoD;IAC/E,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAU;YAEpC,oBAAoB;YAqDpB,2BAA2B;IAazC;;;;OAIG;YACW,cAAc;IAY5B,OAAO,CAAC,mBAAmB;IAwT3B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,qBAAqB,CAe3C;IAEF;;;;OAIG;IACH,OAAO,CAAC,0BAA0B;YAmCpB,cAAc;IAqG5B;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,eAAe;YAuCT,gBAAgB;IA+wB9B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAoUzB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IA6UxB,GAAG;CAyCV"}
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAoBH,OAAO,KAAK,EAAE,mBAAmB,EAAe,MAAM,kBAAkB,CAAC;AAiLzE,qBAAa,sBAAsB;IACjC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,WAAW,CAAgC;IACnD,OAAO,CAAC,KAAK,CAA2C;IACxD,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,cAAc,CAAwB;IAC9C,OAAO,CAAC,YAAY,CAA4B;IAChD,8EAA8E;IAC9E,OAAO,CAAC,YAAY,CAA4B;IAChD,8EAA8E;IAC9E,OAAO,CAAC,mBAAmB,CAAS;IAEpC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAsB;IAEhE;;;OAGG;IACH,OAAO,CAAC,iBAAiB;IAWzB;;;OAGG;IACH,OAAO,CAAC,iBAAiB;gBA4Bb,WAAW,EAAE,mBAAmB,EAAE,EAAE,YAAY,CAAC,EAAE,MAAM,EAAE;IAmUvE,OAAO,CAAC,cAAc;IAItB;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IAkB5B;;;;;;;;;;;OAWG;IACH,OAAO,CAAC,aAAa;IA4BrB,gEAAgE;IAChE,OAAO,CAAC,aAAa;IAUrB;;;;;;OAMG;YACW,UAAU;IA2CxB;;;;;;;;;;;;;;OAcG;YACW,WAAW;IAyIzB;;;;;;;;;OASG;YACW,kBAAkB;IA6FhC;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,6BAA6B;IA0BrC;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,yBAAyB;IA+BjC,OAAO,CAAC,eAAe;IAmBvB,OAAO,CAAC,aAAa;YA2OP,kBAAkB;YA6BlB,yBAAyB;IASvC;;;OAGG;IACH,OAAO,CAAC,oBAAoB;YAyBd,QAAQ;IA28EtB;;;;;;OAMG;IACH,yEAAyE;IACzE,OAAO,CAAC,mBAAmB,CAAoD;IAC/E,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAU;YAEpC,oBAAoB;YAqDpB,2BAA2B;IAazC;;;;OAIG;YACW,cAAc;IAY5B,OAAO,CAAC,mBAAmB;IAwT3B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,qBAAqB,CAe3C;IAEF;;;;OAIG;IACH,OAAO,CAAC,0BAA0B;YAmCpB,cAAc;IAqG5B;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,eAAe;YAuCT,gBAAgB;IA2xB9B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAoUzB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IA6UxB,GAAG;CAyCV"}

package/dist/server.js

@@ -16,7 +16,7 @@ import { RespiraVersionChecker } from './version-checker.js';
 import { getBricksTools, dispatchBricksTool } from './bricks-tools.js';
 import { getElementorTools, dispatchElementorTool } from './elementor-tools.js';
 import { getAcfTools, ACF_TOOL_NAMES } from './acf-tools.js';
-import { getUsageEmitter } from './usage-emitter.js';
+import { getUsageEmitter, deriveToolKind } from './usage-emitter.js';
 /**
  * Read the server version from package.json at module load time so the
  * MCP handshake, the `instructions` block, and the version-checker all
@@ -928,6 +928,83 @@ Allowlist: css, scss, less, json. PHP / JS theme writes are intentionally out of
             message: `Connected ${sites.length} site${sites.length === 1 ? '' : 's'} via the Respira Cowork token. The config was written to ~/.respira/config.json. Restart this Cowork chat (or open a new one) so the MCP server picks up the new sites.`,
         };
     }
+    /**
+     * When a WRITE tool runs against the default site because the caller
+     * omitted site_id and the account has more than one site connected,
+     * surface a one-line routing notice on the response. This is the
+     * wrong-site window: Claude Desktop frequently omits site_id and doesn't
+     * reliably call respira_switch_site, so an edit meant for site B silently
+     * lands on the default (first) site. Naming the acted-on site in the
+     * envelope makes that visible the moment the write happens, instead of
+     * after the user notices the wrong page changed. C.J. 2026-05-29 reported
+     * exactly this ("the token for the new site is resolving to the first one").
+     *
+     * Read tools and explicit-site_id calls get no notice — only the silent
+     * default-routing case on a multi-site account is worth flagging.
+     */
+    buildDefaultSiteRoutingNotice(name, args) {
+        if (this.sites.size <= 1 || !this.currentSite) {
+            return null;
+        }
+        const hasExplicitSiteId = args && typeof args === 'object' && typeof args.site_id === 'string' && args.site_id.length > 0;
+        if (hasExplicitSiteId) {
+            return null;
+        }
+        if (deriveToolKind(this.normalizeToolName(name).canonical) !== 'write') {
+            return null;
+        }
+        const site = this.currentSite;
+        let host = site.getSiteId();
+        try {
+            host = new URL(site.getSiteUrl()).host;
+        }
+        catch {
+            // fall back to the site id
+        }
+        return (`Wrote to ${site.getSiteName()} (${host}) — your default site, because no site_id was given. ` +
+            `${this.sites.size} sites are connected. To target a different site, pass site_id on the tool call ` +
+            `or call respira_switch_site first.`);
+    }
+    /**
+     * Opt-in strict scoping for write tools. When RESPIRA_REQUIRE_SITE_ID is
+     * truthy and the account has more than one site connected, a WRITE tool
+     * called without an explicit site_id throws instead of silently using the
+     * default site. Read tools, single-site accounts, site-agnostic tools, and
+     * calls that already carry site_id are never blocked.
+     *
+     * The thrown error carries name `respira_site_id_required` so the
+     * admin/mcp-quality dashboard groups it distinctly, and the message lists
+     * the connected sites so the agent can immediately retry with the right id.
+     *
+     * @since 6.19.8
+     */
+    enforceSiteScopeForWrites(name, args) {
+        const flag = (process.env.RESPIRA_REQUIRE_SITE_ID || '').trim().toLowerCase();
+        const enabled = flag === '1' || flag === 'true' || flag === 'yes' || flag === 'on';
+        if (!enabled) {
+            return;
+        }
+        if (this.sites.size <= 1) {
+            return;
+        }
+        const canonical = this.normalizeToolName(name).canonical;
+        if (SITE_AGNOSTIC_TOOLS.has(canonical)) {
+            return;
+        }
+        if (deriveToolKind(canonical) !== 'write') {
+            return;
+        }
+        const hasExplicitSiteId = args && typeof args === 'object' && typeof args.site_id === 'string' && args.site_id.length > 0;
+        if (hasExplicitSiteId) {
+            return;
+        }
+        const available = Array.from(this.sites.keys()).join(', ') || '(none configured)';
+        const err = new Error(`RESPIRA_REQUIRE_SITE_ID is enabled and this is a multi-site configuration, so write tools must name their target. ` +
+            `Pass site_id on this ${canonical} call. Available site_id values: ${available}. ` +
+            `(This guard prevents an omitted site_id from silently writing to the default site.)`);
+        err.name = 'respira_site_id_required';
+        throw err;
+    }
     withSiteContext(result, args) {
         const site = this.getActiveSiteSummary(args);
         if (!site) {
@@ -1018,6 +1095,10 @@ Allowlist: css, scss, less, json. PHP / JS theme writes are intentionally out of
                     };
                 }
                 const resultWithSite = this.withSiteContext(result, args);
+                const routingNotice = this.buildDefaultSiteRoutingNotice(name, args);
+                if (routingNotice && resultWithSite && typeof resultWithSite === 'object' && !Array.isArray(resultWithSite)) {
+                    resultWithSite.routing_notice = routingNotice;
+                }
                 const resultWithNotice = await this.attachUpdateNotice(resultWithSite);
                 const resultWithVersionWarning = this.attachVersionWarning(resultWithNotice);
                 return {
@@ -4318,6 +4399,17 @@ Allowlist: css, scss, less, json. PHP / JS theme writes are intentionally out of
         return envelope;
     }
     async dispatchToolCall(name, args) {
+        // v6.19.8: opt-in strict site scoping. When RESPIRA_REQUIRE_SITE_ID is set
+        // and the account has >1 site connected, a WRITE tool called WITHOUT an
+        // explicit site_id is refused instead of silently routing to the default
+        // (first) site. This is the prevention counterpart to the
+        // buildDefaultSiteRoutingNotice visibility notice: a notice tells you the
+        // write hit the wrong site AFTER it landed; this stops it landing at all.
+        // T.S. (studioscaler) needs hard per-session isolation in a multi-tenant
+        // Cowork setup where switch_site mutates global state across sessions.
+        // Default off, so single-site and switch_site-based multi-site users are
+        // unaffected.
+        this.enforceSiteScopeForWrites(name, args);
         // v6.12.0: per-call site resolution. Agnostic tools work without a
         // resolved client; everything else requires either args.site_id or a
         // global currentSite. resolveClient throws cleanly if neither is set.