npm - @rigour-labs/mcp - Versions diffs - 5.1.1 → 5.2.0 - Mend

@rigour-labs/mcp 5.1.1 → 5.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.js +15 -2
package/dist/tools/definitions.js +6 -6
package/dist/tools/memory-handlers.js +13 -0
package/package.json +2 -2

package/dist/index.js CHANGED Viewed

@@ -29,8 +29,21 @@ import { handleMcpGetSettings, handleMcpSetSettings } from './tools/mcp-settings
 // ─── Server Setup ─────────────────────────────────────────────────
 const server = new Server({ name: "rigour-mcp", version: "3.0.1" }, { capabilities: { tools: {}, prompts: {} } });
 // ─── Tool Listing ─────────────────────────────────────────────────
+// Only expose essential tools by default to improve agent tool selection.
+// Research shows agents degrade at 30+ tools (wrong picks, hallucinated args).
+// Power-user tools are still callable — they just aren't advertised in the tool list.
+const ESSENTIAL_TOOLS = new Set([
+    'rigour_check', // Run quality gates (BEFORE declaring done)
+    'rigour_check_pattern', // Check if code exists (BEFORE creating new code)
+    'rigour_recall', // Load project memory (START of every task)
+    'rigour_remember', // Store conventions/decisions
+    'rigour_explain', // Explain gate failures
+    'rigour_review', // Review diffs
+    'rigour_security_audit', // CVE check
+    'rigour_forget', // Remove stored memory
+]);
 server.setRequestHandler(ListToolsRequestSchema, async () => ({
-    tools: TOOL_DEFINITIONS,
+    tools: TOOL_DEFINITIONS.filter(t => ESSENTIAL_TOOLS.has(t.name)),
 }));
 // ─── Tool Dispatch ────────────────────────────────────────────────
 server.setRequestHandler(CallToolRequestSchema, async (request) => {
@@ -81,7 +94,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
                 break;
             // Memory
             case "rigour_remember":
-                result = await handleRemember(cwd, args.key, args.value);
+                result = await handleRemember(cwd, args.key, args.value || args.content);
                 break;
             case "rigour_recall":
                 result = await handleRecall(cwd, args.key);

package/dist/tools/definitions.js CHANGED Viewed

@@ -27,7 +27,7 @@ export const TOOL_DEFINITIONS = [
     // ─── Core Quality Gates ───────────────────────────────
     {
         name: "rigour_check",
-        description: "Run quality gate checks on the project. Deep modes: off (fast deterministic gates only), quick (deep enabled with lite local model unless cloud provider is configured), full (deep enabled, optional pro flag for full deep model).",
+        description: "Run quality gate checks on the project. MUST be called before declaring any coding task complete. Checks code complexity, file size, required docs, security patterns, and more. Returns PASS or FAIL with details.",
         inputSchema: {
             type: "object",
             properties: {
@@ -172,13 +172,13 @@ export const TOOL_DEFINITIONS = [
     // ─── Memory Persistence ───────────────────────────────
     {
         name: "rigour_remember",
-        description: "Store a persistent instruction or context that the AI should remember across sessions. Use this to persist user preferences, project conventions, or critical instructions.",
+        description: "Store a persistent instruction or context that the AI should remember across sessions. Use this to persist user preferences, project conventions, or critical instructions. IMPORTANT: You must provide both 'key' (a short snake_case identifier) and 'value' (the full text to remember).",
         inputSchema: {
             type: "object",
             properties: {
                 ...cwdParam(),
-                key: { type: "string", description: "A unique key for this memory (e.g., 'user_preferences', 'coding_style')." },
-                value: { type: "string", description: "The instruction or context to remember." },
+                key: { type: "string", description: "A short snake_case identifier for this memory, e.g. 'api_response_format', 'naming_convention', 'testing_strategy'. This is used to retrieve the memory later." },
+                value: { type: "string", description: "The full instruction or convention text to persist. This is the content that will be recalled in future sessions." },
             },
             required: ["cwd", "key", "value"],
         },
@@ -192,7 +192,7 @@ export const TOOL_DEFINITIONS = [
     },
     {
         name: "rigour_recall",
-        description: "Retrieve stored instructions or context. Call this at the start of each session to restore memory. Returns all stored memories if no key specified.",
+        description: "Load project memory and stored conventions. CALL THIS at the start of every coding task to restore team decisions, naming conventions, and architectural preferences stored from previous sessions.",
         inputSchema: {
             type: "object",
             properties: {
@@ -231,7 +231,7 @@ export const TOOL_DEFINITIONS = [
     // ─── Pattern Intelligence ─────────────────────────────
     {
         name: "rigour_check_pattern",
-        description: "Checks if a proposed code pattern (function, component, etc.) already exists, is stale, or has security vulnerabilities (CVEs). CALL THIS BEFORE CREATING NEW CODE.",
+        description: "CALL THIS BEFORE creating any new function, component, hook, or class. Checks if it already exists in the codebase (prevents duplication), and checks for known security vulnerabilities. Pass the name and type of what you plan to create.",
         inputSchema: {
             type: "object",
             properties: {

package/dist/tools/memory-handlers.js CHANGED Viewed

@@ -50,6 +50,19 @@ function extractStrings(obj, out) {
     }
 }
 export async function handleRemember(cwd, key, value) {
+    // Fallback: if key is missing but value exists, auto-generate a key
+    if (!key && value) {
+        key = value.slice(0, 40).toLowerCase().replace(/[^a-z0-9]+/g, '_').replace(/^_|_$/g, '') || 'convention';
+    }
+    // If value is missing but key exists, something is wrong
+    if (!value) {
+        return {
+            content: [{
+                    type: "text",
+                    text: `ERROR: Missing 'value' parameter. Call rigour_remember with both 'key' (short identifier) and 'value' (the instruction text to persist).`,
+                }],
+        };
+    }
     // ── DLP Gate: deep-scan key + value (including JSON interiors) ──
     const textToScan = deepScanValue(key, value);
     const dlpResult = scanInputForCredentials(textToScan);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@rigour-labs/mcp",
-  "version": "5.1.1",
+  "version": "5.2.0",
   "description": "MCP server for AI code governance — OWASP LLM Top 10 (10/10), real-time hooks, 25+ security patterns, hallucinated import detection, multi-agent governance. Works with Claude, Cursor, Cline, Windsurf, Gemini. Industry presets for HIPAA, SOC2, FedRAMP.",
   "license": "MIT",
   "homepage": "https://rigour.run",
@@ -48,7 +48,7 @@
     "execa": "^8.0.1",
     "fs-extra": "^11.2.0",
     "yaml": "^2.8.2",
-    "@rigour-labs/core": "5.1.1"
+    "@rigour-labs/core": "5.2.0"
   },
   "devDependencies": {
     "@types/node": "^25.0.3",