@rubytech/create-realagent 1.0.636 → 1.0.637

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/create-realagent",
-  "version": "1.0.636",
+  "version": "1.0.637",
   "description": "Install Real Agent — Built for agents. By agents.",
   "bin": {
     "create-realagent": "./dist/index.js"

package/payload/platform/plugins/cloudflare/scripts/setup-tunnel.sh

@@ -280,7 +280,7 @@ if ! command -v dig >/dev/null 2>&1; then
   phase_line setup-tunnel step=zone-preflight result=error \
     reason=dig-missing
   echo "ERROR: dig is not in PATH — required for the zone pre-flight check." >&2
-  echo "       Install DNS tooling: sudo apt-get install -y bind9-dnsutils" >&2
+  echo "       Re-run the Maxy installer to reprovision DNS tooling (bind9-dnsutils)." >&2
   exit 1
 fi
 

package/payload/platform/plugins/memory/mcp/scripts/graph/accept.sh

@@ -1,11 +1,17 @@
 #!/usr/bin/env bash
-# Task 557 acceptance harness for the graph MCP integration.
+# Acceptance harness for the graph MCP integration.
 #
 # Spawns the graph shim, drives it as a JSON-RPC client over stdio, runs
 # one query per acceptance class, prints PASS/FAIL per check, and exits
 # non-zero if any check fails. Assumes the brand's Neo4j is running and
 # the fixture in fixture.cypher has been seeded.
 #
+# The tools/list assertion guards against FastMCP-joiner drift: the
+# upstream server joins NEO4J_NAMESPACE to each tool name with a hyphen,
+# and the admin allowlist is string-exact. If a future upstream upgrade
+# changes the joiner, the assertion fails with a named reason before any
+# functional check runs.
+#
 # Usage:
 #   PLATFORM_ROOT=~/.maxy/platform bash accept.sh           # infers NEO4J_URI from env
 #   PLATFORM_ROOT=~/.maxy/platform NEO4J_URI=bolt://localhost:7687 bash accept.sh
@@ -36,10 +42,88 @@ PASS=0
 FAIL=0
 TOTAL=0
 
+# Exported env used by the inline Node clients below.
+export SHIM
+export PLATFORM_ROOT
+
+# ---------------------------------------------------------------------------
+# Regression guard: tools/list must register hyphen-joined names only.
+#
+# FastMCP joins NEO4J_NAMESPACE ("maxy-graph") to each upstream tool with a
+# hyphen, producing `maxy-graph-read_neo4j_cypher` and
+# `maxy-graph-get_neo4j_schema`. Claude Code's MCP client adds `mcp__graph__`
+# on top when registering the server — the admin allowlist in
+# platform/ui/app/lib/claude-agent.ts must match those exact names.
+# A future upstream version that changes the joiner (e.g. to underscore)
+# silently re-introduces a class of denial unless this fires.
+# ---------------------------------------------------------------------------
+assert_tools_list() {
+  TOTAL=$(( TOTAL + 1 ))
+  local out
+  if ! out=$(
+    node -e "
+      const { spawn } = require('node:child_process');
+      const proc = spawn('node', [process.env.SHIM], { stdio: ['pipe', 'pipe', 'inherit'] });
+      let buf = '';
+      proc.stdout.on('data', (chunk) => { buf += chunk.toString('utf8'); });
+      const send = (obj) => proc.stdin.write(JSON.stringify(obj) + '\n');
+      send({ jsonrpc: '2.0', id: 1, method: 'initialize',
+             params: { protocolVersion: '2024-11-05', capabilities: {}, clientInfo: { name: 'accept.sh', version: '1.0' } } });
+      setTimeout(() => {
+        send({ jsonrpc: '2.0', method: 'notifications/initialized' });
+        send({ jsonrpc: '2.0', id: 2, method: 'tools/list', params: {} });
+      }, 1500);
+      setTimeout(() => {
+        proc.kill('SIGTERM');
+        const lines = buf.split('\n').filter(Boolean);
+        for (const line of lines) {
+          try { const m = JSON.parse(line); if (m.id === 2) {
+            if (m.error) { console.error('RPC_ERROR: ' + JSON.stringify(m.error)); process.exit(1); }
+            const names = (m.result && m.result.tools || []).map(t => t.name);
+            process.stdout.write(JSON.stringify(names));
+            process.exit(0);
+          } } catch (_) {}
+        }
+        console.error('NO_RESPONSE');
+        process.exit(1);
+      }, 10000);
+    " 2>/dev/null
+  ); then
+    echo "FAIL: tools/list RPC did not respond"
+    FAIL=$(( FAIL + 1 ))
+    return 1
+  fi
+
+  local missing=""
+  for expected in "maxy-graph-read_neo4j_cypher" "maxy-graph-get_neo4j_schema"; do
+    if ! grep -q "\"$expected\"" <<<"$out"; then
+      missing+=" $expected"
+    fi
+  done
+  if [[ -n "$missing" ]]; then
+    echo "FAIL: tools/list missing hyphen-joined names —${missing} (reason: missing-hyphen-tool)"
+    echo "       received: $out"
+    FAIL=$(( FAIL + 1 ))
+    return 1
+  fi
+
+  if grep -qE 'maxy-graph_(read|get|write)' <<<"$out"; then
+    local stray
+    stray=$(grep -oE 'maxy-graph_[a-z_]+' <<<"$out" | sort -u | tr '\n' ' ')
+    echo "FAIL: tools/list contains underscore-joined variant(s) — ${stray}(reason: stray-underscore-tool)"
+    FAIL=$(( FAIL + 1 ))
+    return 1
+  fi
+
+  echo "PASS: tools/list registers hyphen-joined names only (${#out}b response)"
+  PASS=$(( PASS + 1 ))
+  return 0
+}
+
 run_check() {
   local label="$1"
   local query="$2"
-  local tool="${3:-maxy-graph_read_neo4j_cypher}"
+  local tool="${3:-maxy-graph-read_neo4j_cypher}"
   TOTAL=$(( TOTAL + 1 ))
 
   # Drive the shim via a short Node inline client. Exits 0 with the response
@@ -58,7 +142,7 @@ run_check() {
              params: { protocolVersion: '2024-11-05', capabilities: {}, clientInfo: { name: 'accept.sh', version: '1.0' } } });
       setTimeout(() => {
         send({ jsonrpc: '2.0', method: 'notifications/initialized' });
-        const params = tool === 'maxy-graph_get_neo4j_schema' ? {} : { query };
+        const params = tool === 'maxy-graph-get_neo4j_schema' ? {} : { query };
         send({ jsonrpc: '2.0', id: 2, method: 'tools/call', params: { name: tool, arguments: params } });
       }, 1500);
       setTimeout(() => {
@@ -91,15 +175,19 @@ run_check() {
   fi
 }
 
-# Exported env used by the inline Node client above.
-export SHIM
-export PLATFORM_ROOT
+# Run the regression guard first. If it fails, abort early — running
+# functional queries with stale tool names produces misleading failures.
+if ! assert_tools_list; then
+  echo ""
+  echo "FAIL — tool registration contract violated; aborting functional checks"
+  exit 1
+fi
 
-export TOOL="maxy-graph_get_neo4j_schema"
+export TOOL="maxy-graph-get_neo4j_schema"
 export QUERY=""
 run_check "get_neo4j_schema returns labels" ""
 
-export TOOL="maxy-graph_read_neo4j_cypher"
+export TOOL="maxy-graph-read_neo4j_cypher"
 
 export QUERY="MATCH (n) RETURN labels(n)[0] AS type, count(*) AS n ORDER BY n DESC LIMIT 20"
 run_check "enumerate by label" "$QUERY"

package/payload/platform/plugins/memory/references/graph-primitives.md

@@ -1,5 +1,5 @@
 <!-- Injected into admin system prompt by claude-agent.ts when agentType === "admin". -->
-<!-- Consumed by the upstream mcp-neo4j-cypher server via `maxy-graph_read_neo4j_cypher`. -->
+<!-- Consumed by the upstream mcp-neo4j-cypher server via `maxy-graph-read_neo4j_cypher`. -->
 <!-- Source of truth for node labels and properties: platform/neo4j/schema.cypher + plugins/memory/references/schema-*.md. -->
 
 # Graph interrogation (read-only Cypher cookbook)
@@ -7,7 +7,7 @@
 When a user asks a relational question about their own graph — *"list all my
 people", "how many tasks do I have", "find the person with email X", "what's
 linked to this business", "show me the 20 most recently created nodes" — use
-`maxy-graph_read_neo4j_cypher` or `maxy-graph_get_neo4j_schema`, not
+`maxy-graph-read_neo4j_cypher` or `maxy-graph-get_neo4j_schema`, not
 `memory-search`. Vector search is for "things like this"; Cypher is for "the
 exact set where".
 
@@ -17,7 +17,7 @@ filter in the query.
 
 ## When the graph tools are absent
 
-If neither `maxy-graph_read_neo4j_cypher` nor `maxy-graph_get_neo4j_schema`
+If neither `maxy-graph-read_neo4j_cypher` nor `maxy-graph-get_neo4j_schema`
 appears in your tool list, the graph MCP server failed to start on this
 device. Reply once with exactly:
 
@@ -162,7 +162,7 @@ All relationship types:
 CALL db.relationshipTypes() YIELD relationshipType RETURN relationshipType ORDER BY relationshipType
 ```
 
-Or use `maxy-graph_get_neo4j_schema` for a richer one-shot structural summary.
+Or use `maxy-graph-get_neo4j_schema` for a richer one-shot structural summary.
 
 ### Fulltext
 

package/payload/platform/scripts/setup.sh

@@ -21,7 +21,7 @@ echo ""
 # ------------------------------------------------------------------
 echo "[1/8] Updating system packages and configuring network..."
 sudo apt-get update -qq
-sudo apt-get install -y -qq curl git unzip avahi-daemon avahi-utils
+sudo apt-get install -y -qq curl git unzip avahi-daemon avahi-utils bind9-dnsutils
 
 # Set hostname to 'maxy' so device is reachable at maxy.local
 CURRENT_HOSTNAME=$(hostname)

package/payload/server/server.js

@@ -7873,12 +7873,15 @@ var ADMIN_CORE_TOOLS = [
   "Glob",
   "Grep",
   "Agent",
-  // Task 557 — upstream mcp-neo4j-cypher (namespaced maxy-graph, read-only).
-  // maxy-graph_write_neo4j_cypher is intentionally absent: writes go through
+  // Upstream mcp-neo4j-cypher (namespaced maxy-graph, read-only).
+  // FastMCP joins NEO4J_NAMESPACE to each upstream tool name with a hyphen,
+  // and allowedTools matching is string-exact under --permission-mode dontAsk —
+  // these names must equal the init-message tool list byte-for-byte.
+  // maxy-graph-write_neo4j_cypher is intentionally absent: writes go through
   // the schema-aware memory-write tool, which validates labels, properties,
   // and embeddings. Admin-only by virtue of not being in the public allow list.
-  "mcp__graph__maxy-graph_read_neo4j_cypher",
-  "mcp__graph__maxy-graph_get_neo4j_schema",
+  "mcp__graph__maxy-graph-read_neo4j_cypher",
+  "mcp__graph__maxy-graph-get_neo4j_schema",
   "mcp__memory__memory-search",
   "mcp__memory__memory-rank",
   "mcp__memory__memory-write",
@@ -11009,6 +11012,26 @@ function defaultRules() {
       thresholdCount: 0,
       thresholdWindowMinutes: 0,
       suggestedAction: "The stored Anthropic API key was rejected by console.anthropic.com (invalid, revoked, or expired) and `anthropic-setup` auto-deleted it. On the next operator interaction, explain that the key was cleared and walk them through sign-in again via the onboarding skill \u2014 the tool already returned `awaiting_signin` with the correct `browser_evaluate` action on the same call."
+    },
+    {
+      // Task 561: fires when an admin-agent Bash tool call installs
+      // `bind9-dnsutils` at runtime. Post-Task-561 the Maxy installer
+      // (platform/scripts/setup.sh) provisions the package on every fresh
+      // and upgrade install, so `dig` is always in PATH before
+      // setup-tunnel.sh runs. An admin apt-install of bind9-dnsutils is
+      // therefore evidence the installer regressed (or the host is on a
+      // pre-Task-561 image); in either case the fix is to re-run the
+      // installer, not to patch apt-state from chat. Session scope so a
+      // single offending turn fires exactly once.
+      id: "admin-agent-apt-bind9-install",
+      name: "Admin agent installed bind9-dnsutils at runtime (installer regression)",
+      type: "repeated-error",
+      logSource: "any",
+      pattern: "\\[tool-use\\][^\\n]*name=Bash[^\\n]*apt-get install[^\\n]*bind9-dnsutils",
+      thresholdCount: 1,
+      thresholdWindowMinutes: 60,
+      scope: "session",
+      suggestedAction: "[Task 561 regression] The admin agent ran `apt-get install bind9-dnsutils` \u2014 the exact workaround Task 561 eliminated. The Maxy installer provisions `bind9-dnsutils` in `platform/scripts/setup.sh` so `dig` is always in PATH before `setup-tunnel.sh` runs. Do not patch apt-state from chat \u2014 re-run the installer (`npx -y @rubytech/create-maxy`) and verify the installer's apt-get line still includes `bind9-dnsutils`. If the package is present in setup.sh but missing on the device, the installer did not re-run step 1 on the current image."
     }
   ];
 }