@rigstate/mcp 0.5.7 → 0.5.8

package/dist/index.js

@@ -1,9 +1,1058 @@
 #!/usr/bin/env node
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __commonJS = (cb, mod) => function __require() {
+  return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+
+// node_modules/tsup/assets/esm_shims.js
+import path from "path";
+import { fileURLToPath } from "url";
+var init_esm_shims = __esm({
+  "node_modules/tsup/assets/esm_shims.js"() {
+    "use strict";
+  }
+});
+
+// ../rules-engine/dist/types.js
+var require_types = __commonJS({
+  "../rules-engine/dist/types.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.IDE_FILE_NAMES = void 0;
+    exports.IDE_FILE_NAMES = {
+      cursor: ".cursorrules",
+      antigravity: ".cursorrules",
+      windsurf: ".windsurfrules",
+      vscode: ".cursorrules",
+      copilot: ".github/copilot-instructions.md",
+      generic: "CONVENTIONS.md"
+    };
+  }
+});
+
+// ../rules-engine/dist/sections/identity.js
+var require_identity = __commonJS({
+  "../rules-engine/dist/sections/identity.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.generateIdentitySection = generateIdentitySection;
+    function generateIdentitySection(project, ide, activeAgents) {
+      const mission = project.functional_spec?.projectDescription || project.description || `Build a ${project.ambition_level || "professional"} application.`;
+      const audienceInfo = project.functional_spec?.targetAudience ? `
+- **Target Users:** ${project.functional_spec.targetAudience}` : "";
+      const problemInfo = project.functional_spec?.coreProblem ? `
+- **Problem Being Solved:** ${project.functional_spec.coreProblem}` : "";
+      const specialistList = activeAgents?.map((a) => `- **${a.name}** (\`${a.key}\`, Lvl ${a.authority_level}): ${a.primary_mission || extractFirstSentence(a.content)}`).join("\n") || "- No specialists configured.";
+      return `## \u{1F9E0} PROJECT CONTEXT
+
+**Project:** ${project.name}  
+**ID:** \`${project.id}\`  
+**Mission:** ${mission}${audienceInfo}${problemInfo}
+
+---
+
+## \u{1F916} SPECIALIST PERSONAS
+
+The following personas represent areas of expertise. Reference their guidelines when working in their domain.
+
+${specialistList}
+
+### How to Use Specialists
+1. **Architecture & Governance** \u2192 Follow Frank's guidelines for code structure and security.
+2. **Documentation & Reports** \u2192 Use The Scribe's patterns for markdown and PDFs.
+3. **Historical Context** \u2192 Consult The Librarian for legacy feature discovery.
+
+> **Note:** These are informational contexts, not active agents. You (the IDE agent) execute all code.
+
+---
+
+## \u{1F3AF} CODING PRINCIPLES
+- **CONCISE:** No filler words. Get to the point.
+- **PRECISE:** Give specific answers with file paths and code.
+- **PRACTICAL:** Focus on what ships, not theory.
+- **GUARDIAN-AWARE:** Respect architectural constraints in the Guardian rules.`;
+    }
+    function extractFirstSentence(text) {
+      const match = text.match(/^[^.!?]*[.!?]/);
+      return match ? match[0].trim() : text.slice(0, 100) + "...";
+    }
+  }
+});
+
+// ../rules-engine/dist/sections/stack-dna.js
+var require_stack_dna = __commonJS({
+  "../rules-engine/dist/sections/stack-dna.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.generateStackDnaSection = generateStackDnaSection;
+    function generateStackDnaSection(project, stack, legacyStats) {
+      const stackText = stack.length > 0 ? stack.map((s) => `- ${s}`).join("\n") : "- Next.js 14+ (App Router)\n- Supabase\n- TypeScript\n- Tailwind CSS";
+      const tenancy = project.tenancy || "SINGLE";
+      const monetization = project.monetization || "FREE";
+      const compliance = project.compliance || "NONE";
+      const vibe = project.vibe || "CREATIVE";
+      const lmax = project.settings?.lmax || 400;
+      const lmaxUi = project.settings?.lmax_ui || 250;
+      const securityLevel = project.settings?.security_level || "STANDARD";
+      const guardianRules = [
+        `\u{1F6E1}\uFE0F **THE ${lmax}-LINE RULE (STRICT):** No file may exceed ${lmax} lines. If approaching this limit, you MUST propose a refactor into smaller modules.`,
+        `\u{1F6E1}\uFE0F **TSX LIMIT:** React components (.tsx) should not exceed ${lmaxUi} lines. Extract sub-components proactively.`,
+        '\u{1F6E1}\uFE0F **TYPE SAFETY:** Avoid "any". Use strict TypeScript types. Infer from Zod schemas when possible.'
+      ];
+      if (tenancy === "MULTI_ORG") {
+        guardianRules.push("\u{1F510} All database queries MUST be org-scoped (filter by org_id)");
+        guardianRules.push("\u{1F510} Implement proper organization switching in UI");
+      } else {
+        guardianRules.push("\u{1F464} All queries are user-scoped (filter by user_id or RLS)");
+      }
+      if (stackText.toLowerCase().includes("supabase")) {
+        guardianRules.push("\u26A1 Enable RLS on ALL new tables immediately");
+        guardianRules.push("\u26A1 Use @supabase/ssr patterns for server-side auth");
+      }
+      if (compliance === "GDPR") {
+        guardianRules.push("\u{1F6E1}\uFE0F GDPR: Implement data export and deletion endpoints");
+      } else if (compliance === "HIPAA") {
+        guardianRules.push("\u{1F6E1}\uFE0F HIPAA: Encrypt all PHI at rest and in transit");
+      }
+      if (securityLevel === "STRICT") {
+        guardianRules.push("\u{1F512} STRICT MODE: All inputs MUST be validated with Zod schemas");
+        guardianRules.push("\u{1F512} STRICT MODE: Consult Security Specialist for ANY auth-related changes");
+      } else if (securityLevel === "MINIMAL") {
+        guardianRules.push("\u26A1 MINIMAL MODE: Focus on speed over security hardening for MVP");
+      }
+      guardianRules.push("\u{1F6A8} **IMPACT_GUARD:** Before deleting ANY file, you MUST:");
+      guardianRules.push("   1. Search codebase for all imports/references (use grep_search or equivalent)");
+      guardianRules.push("   2. Update or remove ALL references first");
+      guardianRules.push("   3. Only delete after confirming ZERO references remain");
+      guardianRules.push("   4. Commit changes atomically (references + deletion in same commit)");
+      guardianRules.push("\u2705 **BUILD_INTEGRITY:** After ANY structural change (new files, moved modules, refactors):");
+      guardianRules.push("   1. Run type-check (e.g., `tsc --noEmit` or framework equivalent)");
+      guardianRules.push("   2. Verify build success before declaring task complete");
+      guardianRules.push("   3. If errors detected, fix immediately\u2014do NOT leave broken builds");
+      let legacySection = "";
+      if (legacyStats && legacyStats.legacyCount > 0) {
+        legacySection = `
+### \u{1F4DA} Legacy Context
+This project contains **${legacyStats.legacyCount} legacy features** (imported via Brynjar) and **${legacyStats.activeCount} active features**.
+
+**LEGACY AWARENESS RULE:**
+When encountering code or features marked with \`is_legacy: true\`:
+- Treat them as **Established Foundations** \u2014 they are proven, working code.
+- Any modifications to legacy code MUST bring it up to current Guardian standards:
+  - Type-safety (no "any")
+  - RLS enforcement (if database-related)
+  - 400-line limit compliance
+  - Proper error handling
+- Do NOT count legacy features in velocity metrics \u2014 they predate Rigstate.`;
+      }
+      return `## \u{1F9EC} STACK DNA
+
+### Tech Stack
+${stackText}
+
+### Project Configuration
+| Attribute | Value |
+|-----------|-------|
+| Tenancy | ${tenancy} |
+| Monetization | ${monetization} |
+| Compliance | ${compliance} |
+| Design Vibe | ${vibe} |
+${legacySection}
+
+### \u{1F6E1}\uFE0F GUARDIAN RULES (Mandatory)
+${guardianRules.map((r) => `${r}`).join("\n")}`;
+    }
+  }
+});
+
+// ../rules-engine/dist/sections/current-step.js
+var require_current_step = __commonJS({
+  "../rules-engine/dist/sections/current-step.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.generateCurrentStepSection = generateCurrentStepSection;
+    function generateCurrentStepSection(roadmap) {
+      const activeRoadmap = roadmap.filter((r) => r.is_legacy !== true);
+      const activeSteps = activeRoadmap.filter((r) => r.status === "ACTIVE").sort((a, b) => a.step_number - b.step_number);
+      if (activeSteps.length === 0) {
+        const nextSteps = activeRoadmap.filter((r) => r.status === "LOCKED").sort((a, b) => a.step_number - b.step_number).slice(0, 1);
+        if (nextSteps.length === 0)
+          return null;
+        return `## \u{1F3AF} CURRENT FOCUS
+
+> **No active task.** The next step in the backlog is:
+> 
+> **Step ${nextSteps[0].step_number}: ${nextSteps[0].title}**`;
+      }
+      const currentStep = activeSteps[0];
+      let objectiveText = currentStep.title;
+      let constraintsText = "";
+      let dodText = "";
+      if (currentStep.prompt_content) {
+        const content = currentStep.prompt_content;
+        const objectiveMatch = content.match(/###\s*🎯\s*Objective\s*\n([\s\S]*?)(?=###|$)/i);
+        if (objectiveMatch)
+          objectiveText = objectiveMatch[1].trim();
+        const constraintsMatch = content.match(/###\s*⚠️\s*Constraints\s*\n([\s\S]*?)(?=###|$)/i);
+        if (constraintsMatch)
+          constraintsText = constraintsMatch[1].trim();
+        const dodMatch = content.match(/###\s*✅\s*Definition of Done\s*\n([\s\S]*?)(?=###|$)/i);
+        if (dodMatch)
+          dodText = dodMatch[1].trim();
+      }
+      let section = `## \u{1F3AF} CURRENT FOCUS
+
+**Active Step ${currentStep.step_number}: ${currentStep.title}**
+${currentStep.sprint_focus ? `*Sprint: ${currentStep.sprint_focus}*` : ""}
+
+### Objective
+${objectiveText}`;
+      if (constraintsText) {
+        section += `
+
+### Task-Specific Constraints
+${constraintsText}`;
+      }
+      if (dodText) {
+        section += `
+
+### Definition of Done
+${dodText}`;
+      }
+      return section;
+    }
+  }
+});
+
+// ../rules-engine/dist/sections/workflow.js
+var require_workflow = __commonJS({
+  "../rules-engine/dist/sections/workflow.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.generateWorkflowSection = generateWorkflowSection;
+    function generateWorkflowSection(ide) {
+      const ideInstructions = ide === "windsurf" ? `When working in **Windsurf**, coordinate with Cascade (Windsurf's AI) for code execution.` : `When working in **Cursor**, delegate implementation to Cursor Composer/Agent for code execution.`;
+      return `## \u{1F4CB} SUPERVISOR MODE: FRANK'S WORKFLOW
+
+**\u{1F3AD} PARADIGM SHIFT: Frank is a Supervisor/Orchestrator, NOT a Code Executor**
+
+Frank's role is to **PLAN, DELEGATE, and VALIDATE** \u2014 NOT to write every line of code manually.
+The IDE's native AI (Cursor Composer, Windsurf Cascade, etc.) handles code execution.
+Frank maintains **Architectural Control** and ensures **Guardian Compliance**.
+
+---
+
+### \u{1F9ED} SUPERVISOR WORKFLOW (3-Phase Protocol)
+
+**INITIATION PROTOCOL:**
+At the start of every session, you MUST execute:
+\`\`\`bash
+export RIGSTATE_MODE=SUPERVISOR
+\`\`\`
+This activates the System Guardian.
+
+#### PHASE 1: \u{1F4CB} PLAN & STRUCTURE
+**Frank's Responsibility:**
+1. **Analyze the Task:** Read the roadmap step's EXECUTIVE SUMMARY, TECHNICAL PROMPT, and METADATA
+2. **Query Project Brain:** Use \`query_brain\` to fetch relevant decisions, patterns, and constraints
+3. **Generate Structured Plan:**
+   - Break down into logical sub-tasks (if $L_{max}$ compliance requires modularization)
+   - Identify affected files and modules
+   - Map dependencies and execution order
+   - Define validation checkpoints
+4. **Terminal Feedback (MANDATORY):**
+   \`\`\`
+   \u{1F3AF} FRANK: Planning Task [Title]
+   \u{1F4CA} Scope: [X files, Y modules]
+   \u{1F50D} Brain Context: [N relevant memories loaded]
+   \u{1F4DD} Execution Plan:
+      1. [Sub-task A] - [File/Module]
+      2. [Sub-task B] - [File/Module]
+      3. [Validation] - [Criteria]
+   
+   \u23F1\uFE0F Estimated Token Load: [High/Medium/Low]
+   \u26A0\uFE0F If this exceeds your context, type "FORTSETT" after each phase.
+   \`\`\`
+
+**OUTPUT:** A clear, copy-pasteable Technical Prompt for the IDE's AI
+
+---
+
+#### PHASE 2: \u{1F916} DELEGATE TO NATIVE EXECUTION
+**Frank's Responsibility:**
+1. **Present Delegation Prompt:**
+   \`\`\`
+   \u{1F3AC} FRANK \u2192 ${ide === "cursor" ? "CURSOR COMPOSER" : "WINDSURF CASCADE"}:
+   
+   ${ide === "cursor" ? "Please execute the following implementation using Cursor Composer (Cmd+I or Chat Panel):" : "Please execute the following implementation using Windsurf Cascade:"}
+   
+   ### \u{1F6E0} TECHNICAL PROMPT
+   [Paste the structured prompt from PHASE 1]
+   
+   ### \u26A0\uFE0F GUARDIAN CONSTRAINTS (STRICT)
+   - UI files MUST be < 250 lines ($L_{max}^{UI}$)
+   - Logic files MUST be < 400 lines ($L_{max}^{Logic}$)
+   - [Additional project-specific constraints from Brain]
+   
+   ### \u2705 DEFINITION OF DONE
+   - [ ] [Criteria 1]
+   - [ ] [Criteria 2]
+   - [ ] Passes \`npx tsc --noEmit\`
+   - [ ] Passes \`npm run build\`
+   \`\`\`
+
+2. **Wait for IDE Execution:**
+   - Frank does NOT write the code himself
+   - Frank monitors for completion signals (user confirmation or file system changes)
+   - If task is too large, Frank MUST split into chunks and ask user to type **"FORTSETT"** to continue
+
+3. **Terminal Feedback (MINIMALIST):**
+   \`\`\`
+   \u23F3 DELEGATED: ${ide === "cursor" ? "Cursor Composer" : "Windsurf Cascade"}
+   \u{1F4C2} FILES: [list 1, list 2...]
+   \`\`\`
+
+**SILENT PROTOCOL:** Frank acts as a silent supervisor. He NEVER explains his role. He only logs status updates. The IDE Agent executes the code.
+
+---
+
+#### PHASE 3: \u2705 VALIDATE & SYNC (MANDATORY)
+
+1. **Mission Report Generation:**
+   Create \`.rigstate/logs/last_execution.json\`:
+   \`\`\`json
+   {
+      "task_summary": "Short description of the task completed",
+      "files_touched": ["relative/path/to/file1", "relative/path/to/file2"],
+      "security_status": "SECURE"
+   }
+   \`\`\`
+
+2. **Architecture Audit:** \`run_architecture_audit\`
+
+3. **Team Check (Silent):**
+   \`\`\`
+   [CHECKING: SVEN] ... [OK]
+   \`\`\`
+
+4. **Linter Guard:** \`npx tsc --noEmit && npm run build\`
+
+5. **SYSTEM SYNC (MANDATORY):**
+   \`\`\`bash
+   npx rigstate sync
+   \`\`\`
+
+6. **Mission Briefing:**
+   Present a concise, human-readable summary of the work done.
+
+7. **Complete & Log (MANDATORY):**
+   When the task is done and validated:
+   **YOU MUST** offer to complete the task programmatically.
+   ASK the user: "Shall I mark this task as completed?"
+   IF YES -> Call tool: \`complete_roadmap_task(projectId, summary)\`
+
+8. **Final Signal:**
+   \`\`\`
+   [VALIDATED]
+   \`\`\`
+
+9. **Self-Correction Protocol:**
+   - Quietly identify errors.
+   - Generate specific fix prompts for IDE.
+
+6. **Terminal Feedback (MINIMALIST):**
+   When all checks pass, output ONLY:
+   \`\`\`
+   [VALIDATED]
+   Task tracked in roadmap.
+   \`\`\`
+   
+   **RULE:** The IDE Agent acts as the worker. It MUST wait for Frank's **[VALIDATED]** signal before marking any task as done.
+
+---
+
+### \u{1F504} ATOMIC REVERT PROTOCOL (Safety Net)
+
+If validation fails after **3 correction attempts**:
+
+1. **STOP** all further modifications
+2. **TERMINAL FEEDBACK (MANDATORY):**
+   \`\`\`
+   \u274C ATOMIC REVERT TRIGGERED
+   \u{1F4CB} Task: [task-id]
+   \u{1F534} Reason: [error description]
+   \u{1F504} Attempts: 3/3 exhausted
+   \u{1F6E1}\uFE0F Action: Reverting to checkpoint...
+   \`\`\`
+3. **REVERT:**
+   \`\`\`bash
+   git checkout . && git stash pop  # OR: git reset --hard HEAD
+   \`\`\`
+4. **UPDATE:** Mark task as \`FAILED\` with detailed explanation
+5. **ESCALATE:** Notify user of blocker for manual intervention
+
+**CORE PRINCIPLE:** NEVER leave codebase in broken state.
+
+---
+
+### \u{1F4E2} PERSISTENCE & TRANSPARENCY RULES (MANDATORY)
+
+Frank MUST provide **live terminal feedback** before EVERY operation:
+
+1. **Before Planning:**
+   \`\`\`
+   \u{1F3AF} FRANK: Starting analysis for [Task Title]...
+   \`\`\`
+
+2. **Before Delegation:**
+   \`\`\`
+   \u{1F916} FRANK: Preparing prompt for ${ide === "cursor" ? "Cursor Composer" : "Windsurf Cascade"}...
+   \`\`\`
+
+3. **Before Validation:**
+   \`\`\`
+   \u{1F50D} FRANK: Running architecture audit on [N files]...
+   \`\`\`
+
+4. **Token Buffer Management:**
+   - If a task requires > 50% of context window, Frank MUST split into phases
+   - User types **"FORTSETT"** (Norwegian for "CONTINUE") to load next buffer
+   - Example:
+     \`\`\`
+     \u26A0\uFE0F FRANK: Phase 1 complete. Token usage: 75%
+     \u{1F4AC} Type "FORTSETT" to continue with Phase 2 (Database Migrations)
+     \`\`\`
+
+**PURPOSE:** Eliminate "Black Box" feeling. User always knows what Frank is doing.
+
+---
+
+### \u{1F3AF} HOW TO READ ROADMAP STEPS
+
+Each Rigstate roadmap task follows this structure:
+
+\`\`\`markdown
+### \u{1F4DD} EXECUTIVE SUMMARY
+[Business value and user impact]
+
+### \u{1F6E0} TECHNICAL PROMPT
+CONTEXT: [Files/Modules affected]
+OBJECTIVE: [One-sentence goal]
+GUARDIAN CONSTRAINTS: [File limits, compliance rules]
+DEFINITION OF DONE: [Success checklist]
+
+### \u{1F4A1} IMPLEMENTATION HINTS
+[Code snippets and patterns]
+
+### \u{1F4CA} METADATA
+- Author: [Agent/User]
+- Source: [Origin of task]
+- Strategy Alignment: [DNA focus area]
+\`\`\`
+
+${ideInstructions}
+
+---
+
+## \u{1F6E1}\uFE0F SAFETY PROTOCOLS (Mandatory)
+
+### 1. \u{1F4F8} Pre-Flight Checkpoint
+**BEFORE delegating to IDE**, Frank MUST create recovery point:
+\`\`\`bash
+git stash push -m "checkpoint-before-[task-id]"
+# OR: git checkout -b checkpoint/[task-id] && git checkout -
+\`\`\`
+
+### 2. \u{1F6A8} Linter Guard (STRICT)
+**FORBIDDEN** to mark \`COMPLETED\` if:
+- Syntax errors exist
+- TypeScript/ESLint errors present
+- \`npm run build\` fails
+
+**Verification:**
+\`\`\`bash
+npx tsc --noEmit && npm run build
+\`\`\`
+
+### 3. \u{1F504} Self-Correction Loop
+Max 3 attempts with escalating strategies:
+1. Targeted fix
+2. Broader refactor
+3. Minimal surgical change OR user escalation
+
+---
+
+## \u{1F504} WATCHER MODE (Proactive Task Execution)
+
+Frank monitors for approved tasks and orchestrates execution:
+
+1. **Session Start:**
+   - Call \`get_pending_tasks\` to check for approved work
+   - Summarize tasks and ask user which to tackle
+
+2. **Execution Flow:**
+   - **CHECKPOINT:** Create pre-flight snapshot
+   - **PLAN:** Generate structured execution plan (Phase 1)
+   - **DELEGATE:** Send prompt to IDE's native AI (Phase 2)
+   - **VALIDATE:** Run architecture audit + linter guard (Phase 3)
+   - **COMPLETE:** Update \`update_task_status(COMPLETED)\` with summary
+
+3. **Error Handling:**
+   - Enter Self-Correction Loop (max 3 attempts)
+   - If still failing, trigger Atomic Revert
+   - Update task status to \`FAILED\` with explanation
+
+**CRITICAL:** Frank orchestrates, ${ide === "cursor" ? "Cursor" : "Windsurf"} executes, Frank validates.`;
+    }
+  }
+});
+
+// ../rules-engine/dist/sections/tooling.js
+var require_tooling = __commonJS({
+  "../rules-engine/dist/sections/tooling.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.generateToolingSection = generateToolingSection;
+    function generateToolingSection(activeAgents) {
+      const getAgent = (keyPart) => activeAgents?.find((a) => a.key.includes(keyPart));
+      const frank = getAgent("frank") || getAgent("orchestrator");
+      const brynjar = getAgent("brynjar");
+      const gunhild = getAgent("scribe");
+      const sindre = getAgent("sindre");
+      const sven = getAgent("sven");
+      const allTools = [
+        { name: "query_brain", owner: frank, desc: "Search project memories and decisions" },
+        { name: "save_decision", owner: frank, desc: "Record architectural decisions (ADRs)" },
+        { name: "update_roadmap", owner: frank, desc: "Mark steps as ACTIVE or COMPLETED" },
+        { name: "run_architecture_audit", owner: frank, desc: "Audit code against Guardian rules" },
+        { name: "get_pending_tasks", owner: frank, desc: "Fetch APPROVED tasks from dashboard ready for execution" },
+        { name: "update_task_status", owner: frank, desc: "Mark tasks as EXECUTING, COMPLETED, or FAILED" },
+        { name: "audit_integrity_gate", owner: frank, desc: "Runs combined Security and Performance audit. SOFT LOCK if failed." },
+        { name: "archaeological_scan", owner: brynjar, desc: "Scan Git history for legacy features" },
+        { name: "import_ghost_features", owner: brynjar, desc: "Import discovered features to roadmap" },
+        { name: "generate_professional_pdf", owner: gunhild, desc: "Generate System Manifest or Investor Report" },
+        { name: "analyze_database_performance", owner: sindre, desc: "Deep scan for N+1 queries and missing indexes" },
+        { name: "audit_rls_status", owner: sven, desc: "Verify Row Level Security is enabled on all tables" }
+      ];
+      const activeTools = allTools.filter((t) => t.owner !== void 0);
+      let triggers = "";
+      if (activeAgents && activeAgents.length > 0) {
+        triggers = `
+### \u26A1\uFE0F ACTIVE AGENT TRIGGERS
+When your prompt mentions specific keywords, summon the appropriate specialist (respecting Authority Levels):
+
+${activeAgents.map((a) => {
+          const triggerInfo = a.trigger_keywords ? `"${a.trigger_keywords}"` : `"${a.primary_mission || "General assistance"}"`;
+          return `- Intent: ${triggerInfo} \u2192 Activate **${a.name}** [ID: ${a.id}] (Authority: ${a.authority_level})`;
+        }).join("\n")}`;
+      }
+      const toolTable = activeTools.length > 0 ? `| Tool | Agent Owner | Description |
+|------|-------------|-------------|
+${activeTools.map((t) => `| \`${t.name}\` | ${t.owner?.name} [ID: ${t.owner?.id}] | (Owner: [ID: ${t.owner?.id}]) ${t.desc} |`).join("\n")}` : "> No specialized tools active for the current team roster.";
+      return `## \u{1F527} TOOLING
+
+### Rigstate CLI Commands
+\`\`\`bash
+rigstate scan                     # Scan current directory for issues
+rigstate scan --project <id>      # Scan with project context
+rigstate fix --project <id>       # Interactive AI fix mode
+rigstate complete                 # Mark current step as complete
+\`\`\`
+
+### MCP Tools (Model Context Protocol)
+These tools are available when using the Rigstate MCP server:
+
+${toolTable}
+
+**Strict Tool Ownership:**
+When a tool is invoked, the AI must adopt the persona and Authority Level of the Agent ID listed as the 'Owner' in the tool description. Do not execute tools as a generic assistant.
+
+### Environment Variables
+Ensure these are set in your \`.env.local\`:
+\`\`\`
+RIGSTATE_API_KEY=<your-key>
+RIGSTATE_PROJECT_ID=<auto-detected-or-set>
+\`\`\`${triggers}`;
+    }
+  }
+});
+
+// ../rules-engine/dist/sections/skills.js
+var require_skills = __commonJS({
+  "../rules-engine/dist/sections/skills.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.generateAvailableSkillsSection = generateAvailableSkillsSection;
+    exports.generateSkillFileContent = generateSkillFileContent;
+    exports.getRigstateStandardSkills = getRigstateStandardSkills;
+    function generateAvailableSkillsSection(skills) {
+      if (skills.length === 0)
+        return "";
+      const skillBlocks = skills.map((skill) => `  <skill>
+    <name>${skill.name}</name>
+    <description>${skill.description}</description>
+    <location>.agent/skills/${skill.name}/SKILL.md</location>
+  </skill>`).join("\n");
+      return `## \u{1F9E0} AGENT SKILLS
+> **OPTIMIZED CAPABILITIES:** The following skills are available for on-demand activation.
+
+<available_skills>
+${skillBlocks}
+</available_skills>`;
+    }
+    function generateSkillFileContent(skill) {
+      return `---
+name: ${skill.name}
+description: ${skill.description}
+version: "${skill.version}"
+specialist: ${skill.specialist}
+governance: ${skill.governance}
+---
+
+${skill.content}
+
+---
+*Generated by Rigstate Rules Engine. Do not modify manually.*`;
+    }
+    function getRigstateStandardSkills() {
+      return [
+        {
+          name: "rigstate-integrity-gate",
+          description: "Handles the Pre-Deployment Compliance Gate, automated quality audits (Security/Performance), and generation of the Strategic Release Manifest. Use this whenever you are finishing a task or moving code towards completion.",
+          version: "1.0.0",
+          specialist: "Frank (The Orchestrator)",
+          governance: "SOFT_LOCK",
+          content: `# \u{1F396}\uFE0F Rigstate Integrity Gate Skill
+
+This skill defines the high-level protocol for ensuring code quality and security before a task is marked as "COMPLETED". It orchestrates specialized agents (Sven, Sindre) and generates the audit trail known as the **Strategic Release Manifest**.
+
+## \u{1F504} The Protocol Workflow
+
+Whenever you are ready to complete a task, follow this mandatory 3-step sequence:
+
+### 1. Audit (The Scan)
+Run the \`audit_integrity_gate\` tool. This will trigger:
+- **Security Check (Sven):** Scans for RLS status on all tables.
+- **Performance Check (Sindre):** Scans for N+1 queries and missing database indexes.
+
+### 2. Decision (The Gate)
+Evaluate the result from \`audit_integrity_gate\`:
+- **Mode: OPEN:** All critical checks passed. You can proceed to completion.
+- **Mode: SOFT_LOCK:** Issues were found (e.g., missing RLS or N+1 warnings). You **MUST** report these to the user. You can only proceed if the user provides an override or if you fix the issues first.
+- **Mode: HARD_LOCK (Future):** Critical violations detected. Completion is blocked until fixed.
+
+### 3. Manifest (The Release)
+Upon passing the gate, use the \`complete_roadmap_task\` tool. 
+- Pass the **full JSON response** from the \`audit_integrity_gate\` into the \`integrityGate\` parameter.
+- This automatically generates the **Strategic Release Manifest** in the Mission Report, creating a permanent record of quality for this release.
+
+## \u{1F6E0}\uFE0F Tools Used by this Skill
+
+- \`audit_integrity_gate\`: Orchestrates the security and performance scans.
+- \`complete_roadmap_task\`: Finalizes the task and attaches the quality certificate.
+
+## \u{1F4DD} Best Practices
+
+- **Never skip the audit.** Even if you think the change is small, the Integrity Gate is our source of truth.
+- **Explain violations clearly.** If in \`SOFT_LOCK\`, don't just say "it failed". List the specific tables lacking RLS or the specific files with N+1 issues.
+- **Summarize the Manifest.** After successful completion, tell the user: "Release Manifest generated with [X] security passes and [Y] performance checks."`
+        },
+        {
+          name: "rigstate-legacy-renovator",
+          description: 'Handles the modernization of legacy Vibeline code to the Rigstate standard. Renovates branding, extracts "Ghost Features" into the roadmap, and repairs architectural drift.',
+          version: "1.0.0",
+          specialist: "Brynjar (The Archivist)",
+          governance: "SOFT_LOCK",
+          content: `# \u{1F3FA} Rigstate Legacy Renovator Skill
+
+This skill is activated when legacy patterns (e.g., "Vibeline") are detected. It uses archaeological scanning to restore technical history and performs branding renovation.
+
+## \u{1F504} The Protocol Workflow
+
+### 1. Archaeological Scan (The Discovery)
+Use the \`archaeological_scan\` tool to find "Ghost Features" \u2013 completed work that is not yet reflected in the project roadmap. This restores the technical context of the project.
+
+### 2. Import Ghost Features
+If the scan discovers COMPLETED work, use \`import_ghost_features\` to add them to the roadmap. This ensures the agent understands the historical foundation it is building upon.
+
+### 3. Branding Renovation
+Identify "Vibeline" references in:
+- UI components (Text logos, labels)
+- Code comments and TODOs
+- Documentation
+- Database seed files
+
+Perform a non-destructive rename to "Rigstate" following the rebrand protocol.
+
+### 4. Dependency Audit
+Check for circular dependencies or architectural violations in legacy modules using \`analyze_dependency_graph\`.
+
+## \u{1F6E0}\uFE0F Tools Used by this Skill
+
+- \`archaeological_scan\`: Reconstructs project history from Git.
+- \`import_ghost_features\`: Synchronizes historical work with the roadmap.
+- \`analyze_dependency_graph\`: Detects architectural rot.
+
+## \u{1F4DD} Best Practices
+
+- **Respect History.** Don't delete legacy notes; transform them into Rigstate memories.
+- **Batched Renaming.** Rename branding in logical groups (e.g., all UI first, then all comments).
+- **Update the Brain.** When a legacy feature is renovated, save the decision to the Project Brain using \`save_to_project_brain\`.`
+        }
+      ];
+    }
+  }
+});
+
+// ../rules-engine/dist/utils/mdc.js
+var require_mdc = __commonJS({
+  "../rules-engine/dist/utils/mdc.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.wrapMdc = wrapMdc;
+    function wrapMdc(content, metadata) {
+      const yaml = ["---"];
+      if (metadata.description) {
+        yaml.push(`description: "${metadata.description.replace(/"/g, '\\"')}"`);
+      }
+      if (metadata.globs && metadata.globs.length > 0) {
+        yaml.push("globs:");
+        for (const glob of metadata.globs) {
+          yaml.push(`  - "${glob}"`);
+        }
+      }
+      if (metadata.alwaysApply !== void 0) {
+        yaml.push(`alwaysApply: ${metadata.alwaysApply}`);
+      }
+      yaml.push("---");
+      return `${yaml.join("\n")}
+${content}`;
+    }
+  }
+});
+
+// ../rules-engine/dist/index.js
+var require_dist = __commonJS({
+  "../rules-engine/dist/index.js"(exports) {
+    "use strict";
+    init_esm_shims();
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.getRigstateStandardSkills = exports.generateSkillFileContent = exports.generateAvailableSkillsSection = exports.IDE_FILE_NAMES = void 0;
+    exports.generateRuleContent = generateRuleContent2;
+    exports.generateRuleFiles = generateRuleFiles2;
+    exports.fetchLegacyStats = fetchLegacyStats2;
+    exports.fetchActiveAgents = fetchActiveAgents2;
+    exports.mergeRuleContent = mergeRuleContent;
+    exports.fetchProjectTechStack = fetchProjectTechStack2;
+    exports.getFileNameForIDE = getFileNameForIDE2;
+    var types_1 = require_types();
+    var identity_1 = require_identity();
+    var stack_dna_1 = require_stack_dna();
+    var current_step_1 = require_current_step();
+    var workflow_1 = require_workflow();
+    var tooling_1 = require_tooling();
+    var skills_1 = require_skills();
+    var mdc_1 = require_mdc();
+    var types_2 = require_types();
+    Object.defineProperty(exports, "IDE_FILE_NAMES", { enumerable: true, get: function() {
+      return types_2.IDE_FILE_NAMES;
+    } });
+    var skills_2 = require_skills();
+    Object.defineProperty(exports, "generateAvailableSkillsSection", { enumerable: true, get: function() {
+      return skills_2.generateAvailableSkillsSection;
+    } });
+    Object.defineProperty(exports, "generateSkillFileContent", { enumerable: true, get: function() {
+      return skills_2.generateSkillFileContent;
+    } });
+    Object.defineProperty(exports, "getRigstateStandardSkills", { enumerable: true, get: function() {
+      return skills_2.getRigstateStandardSkills;
+    } });
+    var RIGSTATE_START2 = "RIGSTATE_START";
+    var RIGSTATE_END2 = "RIGSTATE_END";
+    var ENGINE_VERSION = "3.0.0";
+    function generateRuleContent2(project, stack, roadmap, ide = "cursor", legacyStats, activeAgents, lean = false) {
+      const sections = [];
+      sections.push("# \u{1F680} Rigstate Supervisor v2.4 (Context-Aware)");
+      sections.push(`IMPORTANT: Internal agent coordination must always use the provided Agent IDs. Display names are for user-facing chat only. When invoking tools or referencing hierarchy, use the ID as the primary key.
+
+## \u2696\uFE0F AGENT HIERARCHY & AUTHORITY
+You must defer to the instructions of agents with higher Authority Levels (10 being highest).
+Security and Architecture (Levels 8-10) always override creative or implementation suggestions (Levels 1-5).`);
+      const identitySection = (0, identity_1.generateIdentitySection)(project, ide, activeAgents);
+      sections.push(identitySection);
+      const skills = (0, skills_1.getRigstateStandardSkills)();
+      const skillsSection = (0, skills_1.generateAvailableSkillsSection)(skills);
+      if (skillsSection) {
+        sections.push(skillsSection);
+      }
+      if (!lean) {
+        const stackDnaSection = (0, stack_dna_1.generateStackDnaSection)(project, stack, legacyStats);
+        sections.push(stackDnaSection);
+      }
+      if (!lean) {
+        const currentStepSection = (0, current_step_1.generateCurrentStepSection)(roadmap);
+        if (currentStepSection) {
+          sections.push(currentStepSection);
+        }
+      }
+      const workflowSection = (0, workflow_1.generateWorkflowSection)(ide);
+      sections.push(workflowSection);
+      if (!lean) {
+        const toolingSection = (0, tooling_1.generateToolingSection)(activeAgents);
+        sections.push(toolingSection);
+      } else {
+        sections.push(`## \u{1F527} TOOLING & SPECIFIC RULES
+> **OPTIMIZED MODE:** Detailed technical rules, CLI commands, and tech stack constraints are loaded dynamically from \`.cursor/rules/*.mdc\` based on the files you interact with.
+> - **Stack & Guardian:** See \`rigstate-guardian.mdc\`
+> - **Roadmap & Tasks:** See \`rigstate-roadmap.mdc\`
+> - **Tools & Workflow:** See \`rigstate-workflow.mdc\``);
+      }
+      const headerMap = {
+        cursor: `# Cursor Project Rules: ${project.name}`,
+        antigravity: `# Antigravity Project Rules: ${project.name}`,
+        windsurf: `# Windsurf Project Rules: ${project.name}`,
+        vscode: `# VS Code Project Rules: ${project.name}`,
+        copilot: `# GitHub Copilot Instructions: ${project.name}`,
+        generic: `# Project Conventions: ${project.name}`
+      };
+      const header = headerMap[ide] || `# Project Rules: ${project.name}`;
+      return `${RIGSTATE_START2}
+${header}
+> Generated by Rigstate v2.5.0 | Project ID: ${project.id} | Last synced: ${(/* @__PURE__ */ new Date()).toISOString()}
+> ${lean ? "\u26A1 LEAN MODE ACTIVE: Redundant context offloaded to .cursor/rules/*.mdc" : "\u{1F4E6} FULL MODE ACTIVE"}
+
+\u26A0\uFE0F **SYSTEM NOTE:** Changes made to this Guardian template propagate to ALL Rigstate projects on next sync.
+\u{1F6E1}\uFE0F **Guardian v2.5 Upgrade Applied:** IMPACT_GUARD + BUILD_INTEGRITY now active globally.
+
+${sections.join("\n\n---\n\n")}
+${RIGSTATE_END2}`;
+    }
+    function generateRuleFiles2(project, stack, roadmap, ide = "cursor", legacyStats, activeAgents, databaseMetadata) {
+      const files = [];
+      const agentTable = activeAgents?.map((a) => `| **${a.name}** | \`${a.key}\` | ${a.job_title} | ${a.primary_mission || "Specialist"} |`).join("\n") || "| - | - | - | No agents configured |";
+      const agentsMdContent = `# \u{1F916} AI Agent Context: ${project.name}
+> **Rigstate v${ENGINE_VERSION}** | Project ID: \`${project.id}\`
+
+This file describes the **specialist personas** available in this project.  
+These are **context providers**, not active controllers. The IDE agent (you) remains in full control of code execution.
+
+## \u{1F4CB} Available Specialists
+| Name | Key | Role | Specialty |
+|:--- |:--- |:--- |:--- |
+${agentTable}
+
+## \u{1F50D} How to Use This Context
+1.  **Read their expertise**: Each specialist has a defined area of knowledge (architecture, documentation, history).
+2.  **Adopt their perspective**: When working in their domain, consider their guidelines.
+3.  **Call MCP tools if needed**: Some specialists have associated tools (e.g., \`generate_professional_pdf\` for The Scribe).
+
+## \u26A0\uFE0F Important
+- These personas do **NOT** execute code or override your decisions.
+- They provide **context and guidelines** that you apply at your discretion.
+- Authority levels indicate priority of guidelines when they conflict (higher = stronger recommendation).
+
+---
+*Generated by Rigstate. Run \`rigstate sync\` to refresh.*`;
+      files.push({
+        path: "AGENTS.md",
+        content: agentsMdContent,
+        metadata: { description: "Project hierarchy and agent identities" }
+      });
+      const isLean = ide === "cursor";
+      const masterFileName = getFileNameForIDE2(ide);
+      const monoContent = generateRuleContent2(project, stack, roadmap, ide, legacyStats, activeAgents, isLean);
+      files.push({
+        path: masterFileName,
+        content: monoContent,
+        metadata: { description: `Master rules file for ${ide}` }
+      });
+      if (ide === "cursor" || ide === "antigravity" || ide === "vscode") {
+        files.push({
+          path: ".cursor/rules/rigstate-identity.mdc",
+          content: (0, mdc_1.wrapMdc)((0, identity_1.generateIdentitySection)(project, ide, activeAgents), {
+            description: "Project context and specialist personas",
+            alwaysApply: true
+          })
+        });
+        files.push({
+          path: ".cursor/rules/rigstate-guardian.mdc",
+          content: (0, mdc_1.wrapMdc)((0, stack_dna_1.generateStackDnaSection)(project, stack, legacyStats), {
+            description: "Governance rules, tech stack constraints, and file size limits",
+            globs: ["**/*.ts", "**/*.tsx", "**/*.js", "**/*.jsx", "**/*.sql"],
+            alwaysApply: true
+          })
+        });
+        const currentStep = (0, current_step_1.generateCurrentStepSection)(roadmap);
+        if (currentStep) {
+          files.push({
+            path: ".cursor/rules/rigstate-roadmap.mdc",
+            content: (0, mdc_1.wrapMdc)(currentStep, {
+              description: "Active sprint focus and current roadmap step details",
+              alwaysApply: true
+            })
+          });
+        }
+        files.push({
+          path: ".cursor/rules/rigstate-workflow.mdc",
+          content: (0, mdc_1.wrapMdc)((0, workflow_1.generateWorkflowSection)(ide) + "\n\n" + (0, tooling_1.generateToolingSection)(activeAgents), {
+            description: "Coding workflows, CLI usage, and tool binding rules",
+            alwaysApply: true
+          })
+        });
+        let dbContent = "## \u{1F5C4}\uFE0F Database Standards\n- Always verify RLS policies for new tables.\n- Use `supabase/migrations` for DDL changes.\n- Reference `types/supabase.ts` for strictly typed queries.";
+        if (databaseMetadata && databaseMetadata.length > 0) {
+          const securedCount = databaseMetadata.filter((t) => t.rls_enabled).length;
+          const unsecuredCount = databaseMetadata.length - securedCount;
+          const unsecuredTables = databaseMetadata.filter((t) => !t.rls_enabled).map((t) => t.table_name);
+          dbContent = `## \u{1F5C4}\uFE0F Database Context: ${databaseMetadata.length} Tables
+> **Security Check:** ${securedCount} Secured | ${unsecuredCount} Unsecured
+
+### \u26A0\uFE0F Security Attention Required
+${unsecuredTables.length > 0 ? unsecuredTables.map((t) => `- \u{1F534} **${t}**: RLS Disabled`).join("\n") : "- \u2705 All tables have Row Level Security enabled."}
+
+### \u{1F4CB} Schema Reference
+| Table | RLS | Policies | Cols | Key Features |
+| :--- | :---: | :---: | :---: | :--- |
+${databaseMetadata.map((t) => {
+            const features = [];
+            if (t.has_user_id)
+              features.push("User-Scoped");
+            if (t.has_created_at)
+              features.push("Timestamps");
+            return `| \`${t.table_name}\` | ${t.rls_enabled ? "\u2705" : "\u274C"} | ${t.policy_count} | ${t.column_count} | ${features.join(", ") || "-"} |`;
+          }).join("\n")}
+
+### \u{1F6E1}\uFE0F Development Rules
+1.  **RLS is MANDATORY:** All tables containing user data must have RLS enabled.
+2.  **Use RPCs for Complex Logic:** Do not put complex business logic in client-side queries.
+3.  **Migrations:** Always use \`supabase/migrations\` for schema changes.`;
+        }
+        files.push({
+          path: ".cursor/rules/rigstate-database.mdc",
+          content: (0, mdc_1.wrapMdc)(dbContent, {
+            description: "Live database schema, RLS status, and table metadata",
+            globs: ["supabase/**/*", "**/*.sql", "**/lib/supabase/**"],
+            alwaysApply: databaseMetadata && databaseMetadata.length > 0 ? true : false
+          })
+        });
+        const rigstateSkills = (0, skills_1.getRigstateStandardSkills)();
+        for (const skill of rigstateSkills) {
+          files.push({
+            path: `.agent/skills/${skill.name}/SKILL.md`,
+            content: (0, skills_1.generateSkillFileContent)(skill),
+            metadata: { description: skill.description }
+          });
+        }
+      }
+      return {
+        files,
+        suggestedIde: ide,
+        version: ENGINE_VERSION
+      };
+    }
+    async function fetchLegacyStats2(supabase, projectId) {
+      const { data: chunks } = await supabase.from("roadmap_chunks").select("is_legacy").eq("project_id", projectId);
+      if (!chunks)
+        return { total: 0, legacyCount: 0, activeCount: 0 };
+      const legacyCount = (chunks || []).filter((c) => c.is_legacy === true).length;
+      const activeCount = (chunks || []).filter((c) => c.is_legacy !== true).length;
+      return {
+        total: (chunks || []).length,
+        legacyCount,
+        activeCount
+      };
+    }
+    async function fetchActiveAgents2(supabase) {
+      const { data: prompts } = await supabase.from("system_prompts").select("id, key, content, name, display_name, job_title, authority_level, primary_mission, trigger_keywords").eq("include_in_rules", true).eq("is_active", true).order("authority_level", { ascending: false });
+      if (!prompts)
+        return [];
+      return (prompts || []).map((p) => ({
+        id: p.id,
+        key: p.key,
+        name: p.display_name || p.name || p.key,
+        job_title: p.job_title || "Specialist Agent",
+        content: p.content,
+        authority_level: (() => {
+          if (p.authority_level === null || p.authority_level === void 0) {
+            throw new Error(`Agent ${p.key} is missing authority_level. Update via CMS.`);
+          }
+          return p.authority_level;
+        })(),
+        primary_mission: p.primary_mission || void 0,
+        trigger_keywords: p.trigger_keywords || void 0
+      }));
+    }
+    function mergeRuleContent(existingContent, newRules) {
+      const startIndex = existingContent.indexOf(RIGSTATE_START2);
+      const endIndex = existingContent.indexOf(RIGSTATE_END2);
+      if (startIndex !== -1 && endIndex !== -1) {
+        const before = existingContent.substring(0, startIndex);
+        const after = existingContent.substring(endIndex + RIGSTATE_END2.length);
+        return before + newRules + after;
+      } else {
+        return existingContent + "\n\n" + newRules;
+      }
+    }
+    async function fetchProjectTechStack2(supabase, projectId, fallbackStack = ["Next.js", "TypeScript", "Supabase", "Tailwind CSS"]) {
+      try {
+        const { data: tags, error } = await supabase.from("project_tech_tags").select("name").eq("project_id", projectId);
+        if (error || !tags || tags.length === 0) {
+          const { data: project } = await supabase.from("projects").select("functional_spec").eq("id", projectId).single();
+          if (project?.functional_spec?.techStack) {
+            return project.functional_spec.techStack;
+          }
+          return fallbackStack;
+        }
+        return tags.map((t) => t.name);
+      } catch (error) {
+        console.warn("fetchProjectTechStack: Failed to fetch, using fallback", error);
+        return fallbackStack;
+      }
+    }
+    function getFileNameForIDE2(ide) {
+      return types_1.IDE_FILE_NAMES[ide] || types_1.IDE_FILE_NAMES.cursor;
+    }
+  }
+});
 
 // src/index.ts
+init_esm_shims();
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 
 // src/lib/supabase.ts
+init_esm_shims();
 import { createClient as createSupabaseClient } from "@supabase/supabase-js";
 import { createHash } from "crypto";
 var PRODUCTION_SUPABASE_URL = "https://gseblsxnfppsxbmtzcfj.supabase.co";
@@ -45,14 +1094,17 @@ async function authenticateApiKey(apiKey) {
 }
 
 // src/server/factory.ts
+init_esm_shims();
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";
 import { ListToolsRequestSchema, ListResourcesRequestSchema } from "@modelcontextprotocol/sdk/types.js";
 
 // src/server/types.ts
+init_esm_shims();
 var SERVER_NAME = "rigstate-mcp";
 var SERVER_VERSION = "0.5.0";
 
 // src/lib/tool-registry.ts
+init_esm_shims();
 import { z } from "zod";
 var ToolRegistry = class {
   tools = /* @__PURE__ */ new Map();
@@ -127,7 +1179,14 @@ var ToolRegistry = class {
 };
 var registry = new ToolRegistry();
 
+// src/tools/curator-tools.ts
+init_esm_shims();
+
+// src/lib/curator/index.ts
+init_esm_shims();
+
 // src/lib/curator/schemas.ts
+init_esm_shims();
 import { z as z2 } from "zod";
 var QueryGlobalAntidotesSchema = z2.object({
   categories: z2.array(z2.string()).optional().describe("Filter by categories (SECURITY, ARCHITECTURE, UX, PERFORMANCE, ACCESSIBILITY, MAINTAINABILITY)"),
@@ -159,6 +1218,7 @@ var CheckFortressSchema = z2.object({
 });
 
 // src/lib/curator/actions/query.ts
+init_esm_shims();
 async function queryGlobalAntidotes(supabase, userId, input) {
   let query = supabase.from("global_antidotes").select("id, slug, title, instruction, example, anti_example, category, severity, framework_tags, trust_score, occurrence_count, is_immutable").eq("is_active", true);
   if (input.categories && input.categories.length > 0) {
@@ -206,6 +1266,7 @@ ${formatted}
 }
 
 // src/lib/curator/actions/submit.ts
+init_esm_shims();
 async function submitSignal(supabase, userId, input) {
   const { data: project, error: projectError } = await supabase.from("projects").select("id").eq("id", input.projectId).eq("owner_id", userId).single();
   if (projectError || !project) {
@@ -332,6 +1393,7 @@ Sigrid will process this signal and notify you of the result.`
 }
 
 // src/lib/curator/actions/stats.ts
+init_esm_shims();
 async function getCuratorStats(supabase, userId, input) {
   const { data: antidotes, count: totalCount } = await supabase.from("global_antidotes").select("id, category, severity, is_immutable", { count: "exact" }).eq("is_active", true);
   const fortressCount = antidotes?.filter((a) => a.is_immutable).length || 0;
@@ -374,6 +1436,7 @@ ${Object.entries(categoryDistribution).map(([cat, count]) => `   \u2022 ${cat}:
 }
 
 // src/lib/curator/actions/fortress.ts
+init_esm_shims();
 async function checkFortress(supabase, userId, input) {
   const { data: fortressRules } = await supabase.from("global_antidotes").select("slug, title, instruction").eq("is_immutable", true).eq("is_active", true);
   if (!fortressRules || fortressRules.length === 0) {
@@ -476,6 +1539,7 @@ Fortress rules can NEVER be overridden by any signal.`,
 });
 
 // src/tools/teacher-mode.ts
+init_esm_shims();
 import { z as z3 } from "zod";
 import { v4 as uuidv4 } from "uuid";
 var RefineLogicSchema = z3.object({
@@ -619,7 +1683,11 @@ Returns both user-specific and global Rigstate standards.`,
   }
 });
 
+// src/tools/get-project-context.ts
+init_esm_shims();
+
 // src/lib/context-engine.ts
+init_esm_shims();
 async function injectGlobalContext(supabase, userId, input) {
   const searchTags = [
     ...input.frameworks.map((f) => f.split(" ")[0].toLowerCase()),
@@ -665,6 +1733,7 @@ async function injectGlobalContext(supabase, userId, input) {
 }
 
 // src/lib/schemas.ts
+init_esm_shims();
 import { z as z4 } from "zod";
 var QueryBrainInputSchema = z4.object({
   projectId: z4.string().uuid("Invalid project ID"),
@@ -949,6 +2018,7 @@ Description: ${project.description}`);
 }
 
 // src/tools/query-brain.ts
+init_esm_shims();
 registry.register({
   name: "query_brain",
   description: `Takes a natural language query and performs semantic search
@@ -1074,6 +2144,7 @@ No relevant memories or features found.
 }
 
 // src/tools/get-latest-decisions.ts
+init_esm_shims();
 registry.register({
   name: "get_latest_decisions",
   description: `Fetches the most recent ADRs and decisions from The Council,
@@ -1164,6 +2235,7 @@ async function getLatestDecisions(supabase, userId, projectId, limit = 5) {
 }
 
 // src/tools/save-decision.ts
+init_esm_shims();
 registry.register({
   name: "save_decision",
   description: `Saves a new decision/ADR to the project's brain (project_memories).
@@ -1223,6 +2295,7 @@ async function saveDecision(supabase, userId, projectId, title, decision, ration
 }
 
 // src/tools/submit-idea.ts
+init_esm_shims();
 registry.register({
   name: "submit_idea",
   description: `Submits a new idea to the Idea Lab (saved_ideas table).
@@ -1276,6 +2349,7 @@ async function submitIdea(supabase, userId, projectId, title, description, categ
 }
 
 // src/tools/update-roadmap.ts
+init_esm_shims();
 registry.register({
   name: "update_roadmap",
   description: `Updates the status of a roadmap chunk (step).
@@ -1346,6 +2420,7 @@ async function updateRoadmap(supabase, userId, projectId, status, chunkId, title
 }
 
 // src/tools/run-architecture-audit.ts
+init_esm_shims();
 var VULNERABILITY_PATTERNS = [
   {
     type: "SQL_INJECTION",
@@ -1509,14 +2584,8 @@ ${violations.map((v, i) => `${i + 1}. [${v.severity}] ${v.title}${v.lineNumber ?
 }
 
 // src/tools/sync-ide-rules.ts
-import {
-  generateRuleContent,
-  generateRuleFiles,
-  fetchLegacyStats,
-  fetchActiveAgents,
-  fetchProjectTechStack,
-  getFileNameForIDE
-} from "@rigstate/rules-engine";
+init_esm_shims();
+var import_rules_engine = __toESM(require_dist(), 1);
 registry.register({
   name: "sync_ide_rules",
   description: `Generates the appropriate rules file content (e.g. .cursorrules, .windsurfrules) 
@@ -1548,14 +2617,14 @@ async function syncIdeRules(supabase, projectId) {
   }
   const ide = project.preferred_ide || "cursor";
   const [stack, roadmapRes, legacyStats, activeAgents, dbMetadataRes] = await Promise.all([
-    fetchProjectTechStack(supabase, projectId),
+    (0, import_rules_engine.fetchProjectTechStack)(supabase, projectId),
     supabase.from("roadmap_chunks").select("step_number, title, status, sprint_focus, prompt_content, is_legacy").eq("project_id", projectId),
-    fetchLegacyStats(supabase, projectId),
-    fetchActiveAgents(supabase),
+    (0, import_rules_engine.fetchLegacyStats)(supabase, projectId),
+    (0, import_rules_engine.fetchActiveAgents)(supabase),
     supabase.rpc("get_table_metadata")
   ]);
   const databaseMetadata = dbMetadataRes.data || [];
-  const content = generateRuleContent(
+  const content = (0, import_rules_engine.generateRuleContent)(
     { ...project, id: projectId },
     stack,
     roadmapRes.data || [],
@@ -1563,7 +2632,7 @@ async function syncIdeRules(supabase, projectId) {
     legacyStats,
     activeAgents
   );
-  const fileResult = generateRuleFiles(
+  const fileResult = (0, import_rules_engine.generateRuleFiles)(
     { ...project, id: projectId },
     stack,
     roadmapRes.data || [],
@@ -1573,13 +2642,14 @@ async function syncIdeRules(supabase, projectId) {
     databaseMetadata
   );
   return {
-    fileName: getFileNameForIDE(ide),
+    fileName: (0, import_rules_engine.getFileNameForIDE)(ide),
     content,
     files: fileResult.files
   };
 }
 
 // src/tools/list-features.ts
+init_esm_shims();
 import { z as z5 } from "zod";
 var InputSchema = z5.object({
   projectId: z5.string().uuid().describe("The UUID of the Rigstate project")
@@ -1631,6 +2701,7 @@ Useful for understanding the strategic context and major milestones.`,
 registry.register(listFeaturesTool);
 
 // src/tools/list-roadmap-tasks.ts
+init_esm_shims();
 registry.register({
   name: "list_roadmap_tasks",
   description: `Lists all actionable tasks for a project that are not yet COMPLETED.
@@ -1674,6 +2745,7 @@ async function listRoadmapTasks(supabase, userId, projectId) {
 }
 
 // src/tools/get-next-roadmap-step.ts
+init_esm_shims();
 registry.register({
   name: "get_next_roadmap_step",
   description: `Fetches the next logical step from the roadmap for a project. 
@@ -1718,6 +2790,7 @@ async function getNextRoadmapStep(supabase, projectId, currentStepId) {
 }
 
 // src/tools/check-rules-sync.ts
+init_esm_shims();
 registry.register({
   name: "check_rules_sync",
   description: `Verifies if the IDE rules are present and belong to the correct project.`,
@@ -1790,9 +2863,13 @@ ${SAFETY_CACHE_RULES}`
   };
 }
 
+// src/tools/audit-integrity-gate.ts
+init_esm_shims();
+
 // src/tools/analyze-database-performance.ts
+init_esm_shims();
 import fs from "fs/promises";
-import path from "path";
+import path2 from "path";
 async function analyzeDatabasePerformance(supabase, input) {
   const issues = [];
   const { data: rawMetadata, error } = await supabase.rpc("get_table_metadata", {
@@ -1876,7 +2953,7 @@ async function analyzeDatabasePerformance(supabase, input) {
     summary += `### \u{1F6A8} Critical Findings
 `;
     issues.filter((i) => i.severity === "HIGH").forEach((issue) => {
-      summary += `- **${issue.type}** in \`${path.basename(issue.file)}:${issue.line}\`
+      summary += `- **${issue.type}** in \`${path2.basename(issue.file)}:${issue.line}\`
 `;
       summary += `  - ${issue.description}
 `;
@@ -1887,7 +2964,11 @@ async function analyzeDatabasePerformance(supabase, input) {
   return { issues, summary };
 }
 
+// src/tools/security-tools.ts
+init_esm_shims();
+
 // src/tools/security-checks.ts
+init_esm_shims();
 function checkSqlInjection(content) {
   const sqlKeywords = ["from", "select", "insert", "update", "delete", "rpc", "execute", "query"];
   const hasSqlKeywords = sqlKeywords.some((kw) => content.toLowerCase().includes(kw));
@@ -2082,6 +3163,7 @@ function checkAntiLazy(filePath, content) {
 }
 
 // src/tools/security-checks-arch.ts
+init_esm_shims();
 function checkArchitectureIntegrity(filePath, content) {
   const violations = [];
   const isUI = filePath.includes("/components/") || filePath.includes("/hooks/") || filePath.includes("/app/") && !filePath.includes("/api/") && !filePath.includes("actions.ts") && !filePath.includes("route.ts");
@@ -2275,13 +3357,13 @@ async function runAuditIntegrityGate(supabase, input) {
     });
   }
   if (input.filePaths && input.filePaths.length > 0) {
-    for (const path3 of input.filePaths) {
+    for (const path4 of input.filePaths) {
       try {
         const fs3 = await import("fs/promises");
-        const content = await fs3.readFile(path3, "utf-8");
+        const content = await fs3.readFile(path4, "utf-8");
         const securityResult = await auditSecurityIntegrity(supabase, {
           projectId: input.projectId,
-          filePath: path3,
+          filePath: path4,
           content
         });
         if (!securityResult.passed) {
@@ -2289,21 +3371,21 @@ async function runAuditIntegrityGate(supabase, input) {
           checks.push({
             check: "FORTRESS_MATRIX",
             status: "FAIL",
-            message: `Fortress Violations in ${path3.split("/").pop()}`,
+            message: `Fortress Violations in ${path4.split("/").pop()}`,
             details: securityResult.violations
           });
         } else {
           checks.push({
             check: "FORTRESS_MATRIX",
             status: "PASS",
-            message: `Fortress Secured: ${path3.split("/").pop()}`
+            message: `Fortress Secured: ${path4.split("/").pop()}`
           });
         }
       } catch (e) {
         checks.push({
           check: "FORTRESS_MATRIX",
           status: "WARN",
-          message: `Failed to audit ${path3}: ${e.message}`
+          message: `Failed to audit ${path4}: ${e.message}`
         });
       }
     }
@@ -2361,6 +3443,7 @@ async function runAuditIntegrityGate(supabase, input) {
 }
 
 // src/tools/complete-roadmap-task.ts
+init_esm_shims();
 registry.register({
   name: "complete_roadmap_task",
   description: `Finalizes a roadmap task. Generates a Release Manifest and triggers the Sovereign Harvesting protocol.`,
@@ -2454,6 +3537,7 @@ async function completeRoadmapTask(supabase, projectId, summary, taskId, gitDiff
 }
 
 // src/tools/planning-tools.ts
+init_esm_shims();
 registry.register({
   name: "save_to_project_brain",
   description: `Maja's Tool: Persists knowledge, decisions, and lessons learned to the Project Brain.`,
@@ -2541,8 +3625,9 @@ async function addRoadmapChunk(supabase, userId, input) {
 }
 
 // src/tools/arch-tools.ts
+init_esm_shims();
 import { promises as fs2, existsSync, statSync } from "fs";
-import * as path2 from "path";
+import * as path3 from "path";
 registry.register({
   name: "analyze_dependency_graph",
   description: `Einar's Tool: Architecture Integrity Scanner. Scans the codebase for circular dependencies and structural violations.`,
@@ -2553,7 +3638,7 @@ registry.register({
   }
 });
 async function analyzeDependencyGraph(input) {
-  const searchPath = path2.isAbsolute(input.path) ? input.path : path2.resolve(process.cwd(), input.path);
+  const searchPath = path3.isAbsolute(input.path) ? input.path : path3.resolve(process.cwd(), input.path);
   try {
     await fs2.access(searchPath);
   } catch {
@@ -2562,7 +3647,7 @@ async function analyzeDependencyGraph(input) {
     };
   }
   let externalDeps = {};
-  const pkgPath = path2.join(process.cwd(), "package.json");
+  const pkgPath = path3.join(process.cwd(), "package.json");
   if (existsSync(pkgPath)) {
     try {
       const pkgContent = await fs2.readFile(pkgPath, "utf-8");
@@ -2579,7 +3664,7 @@ async function analyzeDependencyGraph(input) {
     const content = await fs2.readFile(file, "utf-8");
     const imports = extractImports(content);
     const validDeps = [];
-    const fileDir = path2.dirname(file);
+    const fileDir = path3.dirname(file);
     for (const imp of imports) {
       if (Object.keys(externalDeps).some((d) => imp === d || imp.startsWith(d + "/"))) {
         continue;
@@ -2587,11 +3672,11 @@ async function analyzeDependencyGraph(input) {
       if (imp.startsWith(".") || imp.startsWith("@/")) {
         const resolved = resolveImportString(file, imp, searchPath);
         if (resolved && tsFiles.includes(resolved)) {
-          validDeps.push(path2.relative(searchPath, resolved));
+          validDeps.push(path3.relative(searchPath, resolved));
         }
       }
     }
-    const relFile = path2.relative(searchPath, file);
+    const relFile = path3.relative(searchPath, file);
     graph[relFile] = validDeps;
   }
   const cycles = detectCycles(graph);
@@ -2611,7 +3696,7 @@ async function analyzeDependencyGraph(input) {
 async function getAllFiles(dir) {
   const entries = await fs2.readdir(dir, { withFileTypes: true });
   const files = await Promise.all(entries.map(async (entry) => {
-    const res = path2.resolve(dir, entry.name);
+    const res = path3.resolve(dir, entry.name);
     return entry.isDirectory() ? getAllFiles(res) : res;
   }));
   return files.flat();
@@ -2626,13 +3711,13 @@ function extractImports(content) {
   return imports;
 }
 function resolveImportString(importer, importPath, root) {
-  let targetDir = path2.dirname(importer);
+  let targetDir = path3.dirname(importer);
   let target = importPath;
   if (importPath.startsWith("@/")) {
     target = importPath.replace("@/", "");
     targetDir = root;
   }
-  const naivePath = path2.resolve(targetDir, target);
+  const naivePath = path3.resolve(targetDir, target);
   const extensions = [".ts", ".tsx", ".js", ".jsx", "/index.ts", "/index.tsx"];
   for (const ext of extensions) {
     const candidate = naivePath + ext;
@@ -2649,23 +3734,23 @@ function detectCycles(graph) {
   const visited = /* @__PURE__ */ new Set();
   const recursionStack = /* @__PURE__ */ new Set();
   const cycles = [];
-  function dfs(node, path3) {
+  function dfs(node, path4) {
     visited.add(node);
     recursionStack.add(node);
-    path3.push(node);
+    path4.push(node);
     const deps = graph[node] || [];
     for (const dep of deps) {
       if (!visited.has(dep)) {
-        dfs(dep, path3);
+        dfs(dep, path4);
       } else if (recursionStack.has(dep)) {
-        const cycleStart = path3.indexOf(dep);
+        const cycleStart = path4.indexOf(dep);
         if (cycleStart !== -1) {
-          cycles.push([...path3.slice(cycleStart), dep]);
+          cycles.push([...path4.slice(cycleStart), dep]);
         }
       }
     }
     recursionStack.delete(node);
-    path3.pop();
+    path4.pop();
   }
   for (const node of Object.keys(graph)) {
     if (!visited.has(node)) {
@@ -2721,9 +3806,17 @@ function createMcpServer() {
 }
 
 // src/server/core.ts
+init_esm_shims();
 import { CallToolRequestSchema, McpError, ErrorCode } from "@modelcontextprotocol/sdk/types.js";
 
+// src/server/telemetry.ts
+init_esm_shims();
+
+// src/tools/generate-professional-pdf.ts
+init_esm_shims();
+
 // src/agents/the-scribe.ts
+init_esm_shims();
 async function getScribePersona(supabase) {
   const { data: persona, error } = await supabase.from("agent_personas").select("*").eq("slug", "the-scribe").single();
   if (error || !persona) {