@securityreviewai/security-review-mcp 0.2.10 → 0.2.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +10 -3
  2. package/dist/api/client.js +1 -1
  3. package/dist/tools/projectTools.js +4 -4
  4. package/package.json +1 -1
package/README.md CHANGED
@@ -4,7 +4,7 @@ TypeScript MCP server for [SecurityReview.ai](https://securityreview.ai), publis
4
4
 
5
5
  - Pure Node runtime (no Python bootstrap)
6
6
  - Stdio MCP server compatible with Cursor, Windsurf, Claude Desktop, ChatGPT MCP, and other MCP clients
7
- - 53 tools for project/document/review/workflow/integration operations
7
+ - 54 tools for project/document/review/workflow/integration operations
8
8
  - 8 built-in security-analysis prompts
9
9
  - 4 read-only MCP resources
10
10
 
@@ -108,7 +108,7 @@ Compatibility flags (no-op, retained for older configs):
108
108
  - `--python <path>`
109
109
  - `--force-install`
110
110
 
111
- ## Tool Catalog (53)
111
+ ## Tool Catalog (54)
112
112
 
113
113
  ### Projects
114
114
 
@@ -130,6 +130,7 @@ Compatibility flags (no-op, retained for older configs):
130
130
  | `get_project_profile_security_control` | Get one security control by ID |
131
131
  | `list_profile_compliance_requirements` | List compliance requirements in project profile |
132
132
  | `get_profile_compliance_requirement` | Get one compliance requirement by ID |
133
+ | `update_vibe_project_profile` | Push/update vibe profile data (architecture notes, tech categories, user groups, compliance requirements, language stacks, description) by project ID |
133
134
 
134
135
  ### Documents
135
136
 
@@ -232,7 +233,13 @@ Compatibility flags (no-op, retained for older configs):
232
233
  4. `start_workflow`
233
234
  5. `get_workflow_status`
234
235
 
235
- ### 3) Bring in Jira/Confluence Context
236
+ ### 3) Populate a Project Profile from Vibe/AI Context
237
+
238
+ 1. `create_project` (or resolve with `find_project_by_name`)
239
+ 2. `update_vibe_project_profile` — supply any combination of `architecture_notes`, `tech_categories`, `user_groups`, `compliance_requirements`, `language_stacks`, and `description`
240
+ 3. `get_full_project_profile` — verify the updated profile
241
+
242
+ ### 4) Bring in Jira/Confluence Context
236
243
 
237
244
  1. `fetch_jira_issue` or `fetch_confluence_page`
238
245
  2. `link_external_document` or `fetch_and_link_to_srai`
package/dist/api/client.js CHANGED
@@ -174,7 +174,7 @@ export class SraiApiClient {
174
174
  return this.request("GET", `/api/projects/${projectId}/profile/compliance-requirements/${requirementId}`);
175
175
  }
176
176
  async updateVibeProjectProfile(projectId, payload) {
177
- return this.request("PATCH", `/api/projects/${projectId}/profile`, {
177
+ return this.request("POST", `/api/projects/${projectId}/ai-ide/profile`, {
178
178
  jsonBody: payload,
179
179
  });
180
180
  }
package/dist/tools/projectTools.js CHANGED
@@ -109,7 +109,7 @@ export function registerProjectTools(server) {
109
109
  .array(z.string())
110
110
  .optional()
111
111
  .describe("List of architecture note strings describing the system design."),
112
- tech_categories: z
112
+ technology_categories: z
113
113
  .array(z.object({
114
114
  name: z.string().describe("Technology category name (e.g. 'Frontend', 'Database')."),
115
115
  tools: z.array(z.string()).optional().describe("Tools or technologies within this category."),
@@ -135,12 +135,12 @@ export function registerProjectTools(server) {
135
135
  .optional()
136
136
  .describe("Programming languages and frameworks used (e.g. 'Python/Django', 'TypeScript/React')."),
137
137
  },
138
- }, async ({ project_id, architecture_notes, tech_categories, user_groups, compliance_requirements, description, language_stacks }) => {
138
+ }, async ({ project_id, architecture_notes, technology_categories, user_groups, compliance_requirements, description, language_stacks }) => {
139
139
  const payload = {};
140
140
  if (architecture_notes !== undefined)
141
141
  payload.architecture_notes = architecture_notes;
142
- if (tech_categories !== undefined)
143
- payload.tech_categories = tech_categories;
142
+ if (technology_categories !== undefined)
143
+ payload.technology_categories = technology_categories;
144
144
  if (user_groups !== undefined)
145
145
  payload.user_groups = user_groups;
146
146
  if (compliance_requirements !== undefined)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@securityreviewai/security-review-mcp",
3
- "version": "0.2.10",
3
+ "version": "0.2.12",
4
4
  "description": "Security Review MCP server (pure Node/TypeScript, npx-ready)",
5
5
  "license": "UNLICENSED",
6
6
  "private": false,