@skyramp/mcp 0.0.56 → 0.0.58

package/build/index.js

@@ -30,9 +30,10 @@ import { registerExecuteBatchTestsTool } from "./tools/test-maintenance/executeB
 import { registerCalculateHealthScoresTool } from "./tools/test-maintenance/calculateHealthScoresTool.js";
 import { registerActionsTool } from "./tools/test-maintenance/actionsTool.js";
 import { registerStateCleanupTool } from "./tools/test-maintenance/stateCleanupTool.js";
-import { registerTestbotPrompt } from "./prompts/testbot/testbot-prompts.js";
+import { registerTestbotPrompt, registerTestbotResource, } from "./prompts/testbot/testbot-prompts.js";
 import { registerInitTestbotTool } from "./tools/initTestbotTool.js";
 import { registerSubmitReportTool } from "./tools/submitReportTool.js";
+import { registerInitializeWorkspaceTool } from "./tools/workspace/initializeWorkspaceTool.js";
 import { AnalyticsService } from "./services/AnalyticsService.js";
 import { initCheck } from "./utils/initAgent.js";
 const server = new McpServer({
@@ -47,19 +48,62 @@ const server = new McpServer({
             listChanged: true,
         },
     },
+    instructions: `Skyramp MCP Server — generates and executes API tests (smoke, fuzz, contract, load, integration, E2E, UI).
+
+## Rules
+- NEVER show CLI commands. ALWAYS use the MCP tools provided.
+- For UI and E2E tests, use the trace collection start/stop tools.
+
+## Workspace Initialization (before ANY other Skyramp tool)
+Follow this flow EVERY time before calling any Skyramp tool:
+
+1. **Check**: Does .skyramp/workspace.yml exist at the workspace root?
+2. **If YES** → proceed with the requested tool.
+3. **If NO** → you MUST call \`skyramp_initialize_workspace\` BEFORE doing anything else.
+   - Do NOT skip this step. Do NOT proceed to the requested tool first.
+   - Scan the repo for ALL services (see the tool description for detailed steps).
+   - A fullstack or monorepo MUST produce multiple services — never just one.
+   - After workspace init completes, THEN proceed with the originally requested tool.
+4. **ONLY skip init if the user EXPLICITLY says** "no", "skip", "don't create workspace", or similar.
+   - A request like "execute tests" or "generate tests" is NOT a signal to skip init.
+   - If the user does decline, respect it — do NOT ask again, and proceed with the requested tool.
+
+## Workspace Defaults for Test Generation (MANDATORY)
+Before calling ANY test generation tool, you MUST follow this flow:
+
+1. **Read** the .skyramp/workspace.yml file to get the configured defaults.
+2. **Extract** the \`language\`, \`framework\`, \`outputDir\`, and \`api.baseUrl\` from the services section.
+3. **Use those values** as defaults for the test generation tool call. Do NOT ask the user for these values if they are already configured in the workspace file.
+4. **CRITICAL — endpointURL**: The \`endpointURL\` parameter MUST be the full URL to the specific endpoint being tested, NOT just the base URL. Construct it by combining \`api.baseUrl\` with the endpoint path. Example: if \`api.baseUrl\` is \`http://localhost:8000\` and the endpoint is \`/api/v1/products\`, pass \`endpointURL: "http://localhost:8000/api/v1/products"\`. NEVER pass just the base URL (e.g. \`http://localhost:8000\`) as \`endpointURL\`.
+5. **If the workspace file does not exist**, or the needed values (language, framework, outputDir) are missing from the workspace config, ASK the user which language and framework they want before calling the tool.
+6. The user can always override workspace defaults by explicitly specifying values in their request.
+`,
 });
 // Check for first-time invocation after version update (runs in background, doesn't block)
-let initCheckCalled = false;
+let initCheckInFlight = false;
+let initCheckDone = false;
 const originalRegisterTool = server.registerTool.bind(server);
 server.registerTool = function (name, definition, handler) {
     const wrappedHandler = async (...args) => {
-        if (!initCheckCalled) {
-            initCheck()
-                .then(() => {
-                initCheckCalled = true; // Only set to true if initCheck succeeds, allowing retry on failure
-            })
-                .catch((err) => {
-                logger.error("Background initialization check failed", { error: err });
+        if (!initCheckDone && !initCheckInFlight) {
+            // Guard with inFlight so concurrent tool calls don't each spawn a new initCheck(),
+            // but allow retry on failure (initCheckInFlight is reset to false on error).
+            // SkyrampClient constructor calls checkForUpdate("npm") via synchronous koffi FFI,
+            // which can block the event loop for up to 60 s if the update-check server is
+            // unreachable.  Deferring via setImmediate ensures the tool response is written to
+            // stdout (and acknowledged by the MCP client) before any blocking FFI call runs.
+            initCheckInFlight = true;
+            setImmediate(() => {
+                initCheck()
+                    .then(() => {
+                    initCheckDone = true;
+                })
+                    .catch((err) => {
+                    logger.error("Background initialization check failed", { error: err });
+                })
+                    .finally(() => {
+                    initCheckInFlight = false;
+                });
             });
         }
         return handler(...args);
@@ -75,6 +119,7 @@ const prompts = [
 ];
 if (process.env.SKYRAMP_FEATURE_TESTBOT === "1") {
     prompts.push(registerTestbotPrompt);
+    registerTestbotResource(server);
     logger.info("TestBot prompt enabled via SKYRAMP_FEATURE_TESTBOT");
 }
 prompts.forEach((registerPrompt) => registerPrompt(server));
@@ -109,6 +154,8 @@ registerExecuteBatchTestsTool(server);
 registerCalculateHealthScoresTool(server);
 registerActionsTool(server);
 registerStateCleanupTool(server);
+// Register workspace management tools
+registerInitializeWorkspaceTool(server);
 // Register other Skyramp tools
 const infrastructureTools = [
     registerLoginTool,

package/build/prompts/startTraceCollectionPrompts.js

@@ -30,13 +30,25 @@ When playwright is enabled for trace collection, you can optionally configure:
      * 'webkit' - Safari/WebKit browser
    - Use firefox or webkit when you need to test cross-browser compatibility or specific browser behaviors
 
-2. **Playwright Storage Path** (playwrightStoragePath):
+2. **Device** (device):
+   - Device to emulate for mobile/tablet testing
+   - Supported devices include:
+     * 'iPhone 13' - Apple iPhone 13
+     * 'iPhone 13 Pro' - Apple iPhone 13 Pro
+     * 'Pixel 5' - Google Pixel 5
+     * 'Galaxy S9+' - Samsung Galaxy S9 Plus
+     * 'iPad Pro 11' - Apple iPad Pro
+     * And many more Playwright device profiles
+   - Leave empty (default) for desktop/no device emulation
+   - Use specific device names when testing mobile-responsive applications or generating mobile UI tests
+
+3. **Playwright Storage Path** (playwrightStoragePath):
    - Path to a playwright session storage file containing authentication data (cookies, localStorage, sessionStorage, etc.)
    - MUST be an absolute path like /path/to/storage.json
    - Use this when you have manually created a session from the login flow and want to reuse it for future trace collections to avoid manual login every time
    - The session file should be created beforehand using Playwright's storageState feature during the login flow
 
-3. **Playwright Viewport Size** (playwrightViewportSize):
+4. **Playwright Viewport Size** (playwrightViewportSize):
    - Defines the browser window size for trace collection
    - Supported formats:
      * 'hd' - 1280x720
@@ -52,6 +64,12 @@ When playwright is enabled for trace collection, you can optionally configure:
 * To start a playwright trace collection session using agent, run the following command:
   Start playwright trace collection with default settings.
 
+**Example usage prompt for trace collection with device emulation:**
+* To start a trace collection session with mobile device emulation:
+  Start trace collection with iPhone 13 device
+  Collect trace using Pixel 5 device emulation
+  Start playwright trace with iPad Pro device
+
 **Example usage prompt for trace collection with playwright storage and viewport:**
 * Start playwright trace collection with storage path /Users/dev/session-storage.json and viewport size full-hd
 

package/build/prompts/test-recommendation/repository-analysis-prompt.js

@@ -2,20 +2,35 @@
  * Repository Analysis Prompt
  * Comprehensive prompt for analyzing code repositories
  */
-export function getRepositoryAnalysisPrompt(repositoryPath) {
+export function getRepositoryAnalysisPrompt(repositoryPath, analysisScope = "full_repo", parsedDiff) {
+    const isDiffScope = analysisScope === "current_branch_diff";
     return `
 Analyze this repository systematically using the guide below.
 
 REPOSITORY PATH: ${repositoryPath}
+ANALYSIS SCOPE: ${analysisScope}${isDiffScope ? " (focus on branch changes only)" : " (full repository)"}
 
 IMPORTANT OUTPUT FORMAT:
 - Return analysis as valid JSON matching the RepositoryAnalysis interface
 - Use empty arrays [] for unavailable data rather than omitting fields
 - Use "unknown" for unknown string values
 - Provide evidence (file paths, line numbers) where possible
+${isDiffScope ? '- MUST include the "branchDiffContext" field in the output JSON' : ""}
 
 ## CRITICAL RULES
 - If user flows are defined in documentation explicitly, follow them strictly and do not generate new ones.
+${isDiffScope ? `- Do NOT run git commands — the diff has already been parsed by the tool
+- Still gather full repo context (tech stack, infra, auth, existing tests) for accurate scoring
+- For branchDiffContext, use the following pre-parsed metadata:
+  - currentBranch: "${parsedDiff?.currentBranch || "unknown"}"
+  - baseBranch: "${parsedDiff?.baseBranch || "main"}"
+  - changedFiles: [${parsedDiff?.changedFiles.map((f) => `"${f}"`).join(", ") || ""}]
+- For newEndpoints and modifiedEndpoints: use the pre-parsed endpoint information provided by the tool as the primary source of truth.
+  - You may refine this list using only the metadata and code/context that is explicitly included in this prompt.
+  - Do NOT attempt to scan or open additional repository files beyond what has been provided here.
+  - It is acceptable if some indirect or transitive impacts are not fully captured; do not speculate beyond the available information.
+  - When you adjust endpoints, clearly explain your reasoning based on the pre-parsed data and any in-prompt context.
+- affectedServices: treat the changed file paths as high-level hints about which services are likely impacted, but do not perform exhaustive dependency tracing beyond the information provided` : ""}
 
 # Repository Analysis Guide
 
@@ -187,7 +202,8 @@ Return a JSON object with this exact structure:
   "metadata": {
     "repositoryName": "name-from-path",
     "analysisDate": "2025-10-15T14:30:00Z",
-    "scanDepth": "full"
+    "scanDepth": "full",
+    "analysisScope": "${analysisScope}"
   },
   "projectClassification": {
     "projectType": "rest-api | frontend | full-stack | microservices | library | cli | other",
@@ -270,7 +286,20 @@ Return a JSON object with this exact structure:
     },
     "hasCoverageReports": true,
     "estimatedCoverage": 78
-  }
+  }${isDiffScope ? `,
+  "branchDiffContext": {
+    "currentBranch": "feature/my-feature",
+    "baseBranch": "main",
+    "changedFiles": ["src/routes/products.ts", "src/models/Product.ts"],
+    "newEndpoints": [
+      { "path": "/api/v1/products/search", "method": "GET", "sourceFile": "src/routes/products.ts:45" }
+    ],
+    "modifiedEndpoints": [
+      { "path": "/api/v1/products", "method": "POST", "sourceFile": "src/routes/products.ts:12" }
+    ],
+    "affectedServices": ["product-service"],
+    "summary": "Added product search endpoint and modified product creation validation"
+  }` : ""}
 }
 \`\`\`
 
@@ -280,14 +309,18 @@ VALIDATION CHECKLIST:
 - [ ] API endpoints counted and categorized
 - [ ] Authentication method determined
 - [ ] Infrastructure flags verified
-- [ ] Existing tests catalogued
+- [ ] Existing tests catalogued${isDiffScope ? `
+- [ ] branchDiffContext.changedFiles matches the list provided above
+- [ ] branchDiffContext.modifiedEndpoints includes ALL endpoints whose behaviour changed — including those affected by model/schema/validator changes (trace: changed file → which models/types → which endpoints use them)
+- [ ] branchDiffContext.newEndpoints includes any brand-new routes added in the diff
+- [ ] branchDiffContext.summary describes what changed in plain English` : ""}
 
 **CRITICAL INSTRUCTIONS**:
-- Return the JSON object directly in your response text.
-- DO NOT create or save any files (no repository_analysis.json or .md files).
-- DO NOT use file write tools or save analysis to disk.
-- Output the complete analysis JSON inline in your response.
+- Construct the complete RepositoryAnalysis JSON object.
+- DO NOT create any .md or documentation files.
+- Save the analysis JSON to the state file path provided in the tool response.
+- Then call \`skyramp_map_tests\` with the \`stateFile\` parameter (NOT analysisReport) to avoid serialization issues.
 
-Begin analysis now. Return the JSON object directly in your response text.
+Begin analysis now.
 `;
 }

package/build/prompts/test-recommendation/test-recommendation-prompt.js

@@ -2,51 +2,90 @@
  * Test Recommendation Prompt
  * Prompt for generating actionable test recommendations
  */
-export function getTestRecommendationPrompt(mapping, analysis, topN = 7) {
+export function getTestRecommendationPrompt(mapping, analysis, topN = 7, analysisScope = "full_repo") {
+    const isDiffScope = analysisScope === "current_branch_diff";
+    const diffContext = analysis.branchDiffContext;
+    // --- Build a compact summary of priority scores (no full JSON dump) ---
+    const topScores = mapping.priorityScores
+        .filter((s) => s.feasibility !== "not-applicable")
+        .slice(0, topN);
+    const scoreLines = topScores
+        .map((s) => {
+        const priority = s._finalScore >= 100 ? "high" : s._finalScore >= 70 ? "medium" : "low";
+        const avail = s.requiredArtifacts.available.join(", ") || "none";
+        const miss = s.requiredArtifacts.missing.join(", ") || "none";
+        return (`- **${s.testType.toUpperCase()}** | priority: ${priority} | feasibility: ${s.feasibility}\n` +
+            `  Reasoning: ${s.reasoning}\n` +
+            `  Artifacts available: ${avail} | missing: ${miss}`);
+    })
+        .join("\n");
+    // --- Build compact repo context (no full JSON dump) ---
+    const endpoints = analysis.apiEndpoints.endpoints
+        .slice(0, 30) // cap at 30 to keep size sane
+        .map((e) => `  ${e.method} ${e.path}${e.authRequired ? " [auth]" : ""}`)
+        .join("\n");
+    const repoContext = `
+Repository: ${analysis.metadata.repositoryName}
+Framework: ${analysis.projectClassification.primaryFramework} (${analysis.projectClassification.primaryLanguage})
+Project type: ${analysis.projectClassification.projectType}
+Auth: ${analysis.authentication.method}
+Base URL: ${analysis.apiEndpoints.baseUrl}
+Endpoints (${analysis.apiEndpoints.totalCount} total):
+${endpoints}
+`.trim();
+    // --- Branch diff context (only the essentials) ---
+    let diffSection = "";
+    if (isDiffScope && diffContext) {
+        const newEps = diffContext.newEndpoints
+            .map((e) => `  ${e.method} ${e.path} (${e.sourceFile})`)
+            .join("\n") || "  none";
+        const modEps = diffContext.modifiedEndpoints
+            .map((e) => `  ${e.method} ${e.path} (${e.sourceFile})`)
+            .join("\n") || "  none";
+        diffSection = `
+## Branch Diff Context
+Branch: \`${diffContext.currentBranch}\` → base: \`${diffContext.baseBranch}\`
+Changed files: ${diffContext.changedFiles.join(", ")}
+New endpoints:
+${newEps}
+Modified endpoints:
+${modEps}
+Affected services: ${diffContext.affectedServices.join(", ") || "N/A"}
+Summary: ${diffContext?.summary ?? "N/A"}
+
+**CRITICAL**: Focus recommendations ONLY on tests that validate the branch changes above.
+`;
+    }
+    const scopeNote = isDiffScope
+        ? "Recommendations are scoped to the current branch changes only. All specific test suggestions MUST target the new/modified endpoints listed in the Branch Diff Context."
+        : "Recommendations cover the full repository.";
     return `
-Generate actionable test recommendations based on priority and repository analysis.
-
-**MANDATORY RULES**:
-1. **Priority Scores Must Remain Unchanged**: When a test type is missing required inputs (e.g., Playwright recordings, traces), do NOT:
-   - Mark the test as "blocked" in the output
-   - Adjust or reduce the priority score
-   - Exclude it from recommendations if it ranks in the top ${topN}
-
-# Priority 
-
-\`\`\`json
-${JSON.stringify(mapping, null, 2)}
-\`\`\`
+Generate actionable test recommendations based on the priority scores and repository analysis below.
 
-# Repository Context
+Scope: ${scopeNote}
+${diffSection}
+## Repository Context
 
-\`\`\`json
-${JSON.stringify(analysis, null, 2)}
-\`\`\`
+${repoContext}
 
-# Your Task
+## Prioritized Test Types (top ${topN})
 
-Generate specific, actionable test recommendations for the top ${topN} highest-scoring test types.
+${scoreLines}
 
-## CRITICAL RULES
-- **SCORING**: Use the numeric scores ONLY internally to:
-  1. Select the top ${topN} test types by score (highest to lowest)
-  2. Assign priority levels based on score ranges:
-     * Score >= 100: priority = "high"
-     * Score 70-99: priority = "medium"  
-     * Score < 70: priority = "low"
-- **DO NOT include the "score" field** in the JSON output (it has been removed from the schema).
-- DO NOT mention or display numerical scores anywhere in user-facing text.
-- Order test recommendations by their internal priority scores (highest to lowest).
+## Priority Mapping Summary
+- High priority: ${mapping.summary.highPriority.join(", ") || "none"}
+- Medium priority: ${mapping.summary.mediumPriority.join(", ") || "none"}
+- Low priority: ${mapping.summary.lowPriority.join(", ") || "none"}
 
-## Requirements
+## Your Task
 
-For each recommended test type:
-1. **Provide rationale for prioritization based on repository attributes.
-2. **Suggest 3-4 ACTUAL tests** that should be created based on individual user flows and API endpoints.
-3. **Include available artifacts** with specific file paths
-4. **Provide guidance** for creating missing artifacts
+Generate specific, actionable test recommendations for the top ${topN} test types listed above.
 
+**MANDATORY RULES**:
+1. **NO numeric scores** in output — use only: "high", "medium", "low".
+2. **DO NOT mark any test "blocked"** even if artifacts are missing.
+3. **Branch scope**: All specific test suggestions MUST target endpoints/code that changed in the branch diff.
+4. **DO NOT create or save any files** — output everything inline in your response.
 
 ## Output Structure
 
@@ -58,74 +97,41 @@ Return a JSON object with this structure:
     "totalRecommended": 3,
     "highPriorityCount": 2,
     "estimatedEffort": "4-6 hours for top 3 tests",
-    "quickWins": [
-      "Smoke tests (OpenAPI available, 30 min)",
-      "Contract tests (OpenAPI available, 1 hour)"
-    ]
+    "quickWins": ["Smoke tests (OpenAPI available, 30 min)"]
   },
   "recommendations": [
     {
       "priority": "high",
-      "testType": "integration",
-      "rationale": "Detailed explanation of why this is high priority based on repository characteristics (CRITICAL: DO NOT MENTION THE NUMERICAL SCORE HERE)",
+      "testType": "contract",
+      "rationale": "Why this is high priority (DO NOT mention numeric scores)",
       "specificTests": [
         {
-          "testName": "User Registration and Authentication Flow",
-          "description": "Test complete user lifecycle: register → verify → login → access protected resource",
-          "targetEndpoint": "/api/v1/auth/register, /api/v1/auth/login",
-          "targetFlow": "New user onboarding",
+          "testName": "Order quantity validation contract test",
+          "description": "Verify POST /api/v1/orders rejects quantity < 1",
+          "targetEndpoint": "POST /api/v1/orders",
+          "targetFlow": "Order creation validation",
           "requiredInputs": {
-            "available": [
-              {
-                "name": "openApiSpec",
-                "path": "./docs/openapi.yaml"
-              }
-            ],
-            "missing": [
-              {
-                "name": "traceFile",
-                "guidance": "Use Skyramp trace collection: Run 'skyramp_start_trace_collection'..."
-              }
-            ]
+            "available": [{"name": "openApiSpec", "path": "./openapi.json"}],
+            "missing": []
           },
-          "estimatedValue": "High - catches integration bugs between auth and user services"
+          "estimatedValue": "High - catches regression in validation rule change"
         }
       ],
       "gettingStarted": {
-        "prerequisites": [
-          "Docker and Docker Compose installed",
-          "MongoDB running (via docker-compose up)",
-          "JWT_SECRET environment variable set"
-        ],
-        "quickStartCommand": "npm install && docker-compose up -d && npm run test:integration",
-        "documentationUrl": "https://www.skyramp.dev/docs/integration-tests"
+        "prerequisites": ["Service running at localhost:8000"],
+        "quickStartCommand": "Use Skyramp MCP generate tools",
+        "documentationUrl": "https://www.skyramp.dev/docs"
       }
     }
   ],
   "nextSteps": [
-    "1. Start with Integration Tests (highest priority, fills critical gap)",
-    "2. Copy the 'User Registration and Authentication Flow' prompt above",
-    "3. Run: skyramp_integration_test_generation with the prompt",
-    "4. Execute generated tests: npm run test:integration",
-    "5. Once integration tests pass, proceed with Fuzz Tests for security"
+    "1. Start with highest priority test type",
+    "2. Use Skyramp MCP generate tools to create each test",
+    "3. Execute and validate results"
   ]
 }
 \`\`\`
 
-## Important Guidelines
-
-1. **Be Specific**: Use actual endpoint paths, file paths, and flow names from the repository
-2. **Be Actionable**: Prompts should work without modification
-3. **Highlight Quick Wins**: Highlight tests with all artifacts available
-4. **Provide Guidance**: Clear instructions for creating missing artifacts
-5. **Include Evidence**: Reference specific repository characteristics in rationale
-
-**CRITICAL INSTRUCTIONS**:
-- Return the JSON object directly in your response text.
-- DO NOT create or save any files (no test_recommendations.md, .json, or other files).
-- DO NOT use file write tools or save recommendations to disk.
-- Output the complete recommendations JSON inline in your response.
-
 Generate recommendations now. Return the JSON object directly in your response text.
 `;
 }

package/build/prompts/testbot/testbot-prompts.js

@@ -1,40 +1,71 @@
+import { ResourceTemplate, } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { z } from "zod";
 import { logger } from "../../utils/logger.js";
-function getTestbotPrompt(prTitle, prDescription, diffFile, testDirectory, summaryOutputFile) {
+import { AnalyticsService } from "../../services/AnalyticsService.js";
+function getTestbotPrompt(prTitle, prDescription, diffFile, testDirectory, summaryOutputFile, repositoryPath, baseBranch) {
     return `<TITLE>${prTitle}</TITLE>
 <DESCRIPTION>${prDescription}</DESCRIPTION>
 <CODE CHANGES>${diffFile}</CODE CHANGES>
 <TEST DIRECTORY>${testDirectory}</TEST DIRECTORY>
+<REPOSITORY PATH>${repositoryPath}</REPOSITORY PATH>
 
 For all the following work, use the tools offered by Skyramp MCP server.
 
 First analyze the pull request title, description, and code changes to determine a business case
 justification for this code change.
 
-Then perform the following tasks based on your analysis:
+Then perform ALL of the following tasks. Every task is MANDATORY — do NOT skip any task based on your own judgment unless the task itself gives you an explicit condition to skip.
 
-## Task 1: New Test Recommendations
+## Task 1: Recommend New Tests (MANDATORY)
 
-1. If, and only if, there are new endpoints in the code changes, get recommendations
-   for new contract, e2e, smoke, load tests specific to the code changes
-   and business case analysis. DO NOT use the whole repository for generating recommendations.
-2. If, and only if, there are recommendations for new tests, then use Skyramp MCP generate
-   tools to generate contract, e2e, smoke and load tests.
-3. Use Skyramp MCP to execute the generated tests and validate the results.
+Read the diff at \`${diffFile}\`. Classify each changed file. A file is application source code if it is any of: a route/controller/handler, a model/schema/validator/serializer/DTO, business logic, middleware, service, utility, test helper, or has a source extension (.py, .ts, .js, .java, .go, .rb, .cs, .kt, .swift, etc.). When in doubt, treat the file as application source code.
 
-## Task 2: Existing Test Maintenance
+**DEFAULT: You MUST run steps 1–5 below.** The only exception is if you can confirm that EVERY changed file is exclusively a CI workflow YAML, markdown documentation, README, CHANGELOG, or a dependency lock file — and nothing else.
 
-1. Check if there are any relevant Skyramp tests in the '${testDirectory}' directory that correspond to the code changes.
-2. If there are relevant tests, use Skyramp MCP tools to analyze and modify them to ensure they pass with the new changes.
-3. Use Skyramp MCP to execute the updated tests and validate the results.
+1. Call \`skyramp_analyze_repository\` with:
+   - \`repositoryPath\`: "${repositoryPath}"
+   - \`analysisScope\`: "current_branch_diff"${baseBranch ? `\n   - \`baseBranch\`: "${baseBranch}"` : ''}
+2. MANDATORY: Call \`skyramp_map_tests\` with \`stateFile\` (the state file path returned above) and \`analysisScope: "current_branch_diff"\`.
+3. MANDATORY: Call \`skyramp_recommend_tests\` with the \`stateFile\` returned by \`skyramp_map_tests\`. Use the priority summary and the specific endpoints/files that changed to determine exactly what to test.
+4. Generate tests using the Skyramp MCP generate tools, in priority order (minimum 3 test types).
+5. Use Skyramp MCP to execute the generated tests and validate the results.
 
-## Task 3: Submit Report
+**IMPORTANT — Endpoint Renames:** If the diff shows an endpoint path was renamed (e.g. \`/products\` changed to \`/items\`) and existing tests already cover that endpoint under the old name, do NOT generate new tests for the renamed endpoint. The existing tests will be updated with the new path in Task 2 (Test Maintenance). Only generate new tests for genuinely new endpoints that have no existing test coverage under any name.
+
+## Task 2: Existing Test Maintenance (MANDATORY)
+
+You MUST always run steps 1–4 below. Do NOT skip this task based on your own assessment of whether tests exist or are relevant — use the tools to determine that.
+
+1. Call \`skyramp_discover_tests\` with \`repositoryPath\`: "${repositoryPath}" to find all existing Skyramp-generated tests.
+2. Call \`skyramp_analyze_test_drift\` with the \`stateFile\` returned by \`skyramp_discover_tests\`.
+3. Call \`skyramp_calculate_health_scores\` with the \`stateFile\` from the previous step.
+4. Call \`skyramp_actions\` with the updated \`stateFile\` to apply recommended updates.
+   - If \`skyramp_actions\` returns endpoint rename mappings (old path → new path), apply them as simple find-and-replace on the test file URLs. Do NOT regenerate or restructure the test — only update the paths.
+   - If \`skyramp_actions\` suggests file renames (e.g. \`products_smoke_test.py\` → \`items_smoke_test.py\`), rename the files using \`git mv\` after updating their content.
+5. Execute any updated or affected tests using Skyramp MCP and validate the results.
+6. You may skip this task ONLY if \`skyramp_discover_tests\` explicitly returns zero Skyramp-generated tests.
+
+## Task 3: Submit Report (MANDATORY)
 
 After completing Tasks 1 and 2, you MUST call the Skyramp MCP tool "skyramp_submit_report" to submit your report.
 Pass '${summaryOutputFile}' as the summaryOutputFile parameter.
 
+For the commitMessage parameter, write a succinct summary (under 72 chars) of what you did, without any prefix. Examples:
+- "add contract tests for /products endpoint"
+- "update smoke tests for order API changes"
+- "add smoke and e2e tests for new /reviews endpoint"
+
 Do NOT write the report to a file yourself. Do NOT skip this step. The skyramp_submit_report tool is the ONLY way to submit the report.
 
+## Report Guidelines
+
+When reporting test results, if you chose to skip executing a test, you MUST explain WHY you skipped it.
+NEVER use the phrase "CI timeout" or imply a timeout occurred unless a tool call actually timed out.
+Instead, set the status to "Skipped" and provide an honest reason in the details, for example:
+- "Skipped: no code changes affect this endpoint"
+- "Skipped: skyramp_discover_tests found no existing Skyramp tests"
+- "Skipped: only CI/config changes in this PR, no API changes"
+
 Reminder: Use the Skyramp MCP tools available to you for test analysis, generation, and execution.`;
 }
 export function registerTestbotPrompt(server) {
@@ -43,9 +74,7 @@ export function registerTestbotPrompt(server) {
         description: "Run Skyramp TestBot to generate test recommendations and perform test maintenance for a pull request.",
         argsSchema: {
             prTitle: z.string().describe("Pull request title"),
-            prDescription: z
-                .string()
-                .describe("Pull request description/body"),
+            prDescription: z.string().describe("Pull request description/body"),
             diffFile: z.string().describe("Path to the git diff file"),
             testDirectory: z
                 .string()
@@ -54,9 +83,18 @@ export function registerTestbotPrompt(server) {
             summaryOutputFile: z
                 .string()
                 .describe("File path where the agent should write the testbot summary report"),
+            repositoryPath: z
+                .string()
+                .default(".")
+                .describe("Absolute path to the repository being analyzed"),
+            baseBranch: z
+                .string()
+                .optional()
+                .describe("PR base branch name (e.g. 'main' or 'develop'). When provided, analyzeRepository diffs against this branch instead of auto-detecting."),
         },
     }, (args) => {
-        const prompt = getTestbotPrompt(args.prTitle, args.prDescription, args.diffFile, args.testDirectory, args.summaryOutputFile);
+        const prompt = getTestbotPrompt(args.prTitle, args.prDescription, args.diffFile, args.testDirectory, args.summaryOutputFile, args.repositoryPath, args.baseBranch);
+        AnalyticsService.pushMCPToolEvent("skyramp_testbot_prompt", undefined, {}).catch(() => { });
         return {
             messages: [
                 {
@@ -70,3 +108,32 @@ export function registerTestbotPrompt(server) {
         };
     });
 }
+export function registerTestbotResource(server) {
+    logger.info("Registering testbot resource");
+    // RFC 6570 {+rest} (reserved expansion) captures the entire query string
+    // including the leading "?". This avoids the SDK's per-param regex which
+    // fails on empty query-param values (e.g. prDescription=).
+    // We then parse query params from the URL object which handles URL-decoding
+    // and empty values correctly.
+    const template = new ResourceTemplate("skyramp://prompts/testbot{+rest}", {
+        list: undefined,
+    });
+    server.registerResource("skyramp_testbot", template, {
+        title: "Skyramp TestBot Prompt",
+        description: "Returns task instructions for PR test analysis, generation, and maintenance.",
+        mimeType: "text/plain",
+    }, (uri) => {
+        const param = (name, fallback) => uri.searchParams.get(name) ?? fallback;
+        const prompt = getTestbotPrompt(param("prTitle", ""), param("prDescription", ""), param("diffFile", ".skyramp_git_diff"), param("testDirectory", "tests"), param("summaryOutputFile", ""), param("repositoryPath", "."), uri.searchParams.get("baseBranch") || undefined);
+        AnalyticsService.pushMCPToolEvent("skyramp_testbot_prompt", undefined, {}).catch(() => { });
+        return {
+            contents: [
+                {
+                    uri: uri.toString(),
+                    mimeType: "text/plain",
+                    text: prompt,
+                },
+            ],
+        };
+    });
+}