@skyramp/mcp 0.1.8 → 0.2.0-rc.2

package/build/utils/scenarioDrafting.js

@@ -2,8 +2,22 @@ import { ScenarioSource } from "../types/RepositoryAnalysis.js";
 import { TestType } from "../types/TestTypes.js";
 import { CATEGORY_PRIORITY } from "../types/TestRecommendation.js";
 import { inferExpectedStatus } from "./httpDefaults.js";
-const ACTION_PATTERN = /^(me|merge|archive|search|login|logout|verify|forgot|reset|config|dashboard|webhook|migration|favicon|payment|health|status|ping|metrics|callback|confirm|activate|deactivate|subscribe|unsubscribe|unknown)$/i;
+import { WorkspaceAuthType } from "./workspaceAuth.js";
+// Only tokens that are structurally non-testable (meta, infra, static assets).
+// Semantic tokens like login, search, webhook, payment are removed — the LLM
+// already knows how to handle them and the filter was suppressing valid surfaces.
+const ACTION_PATTERN = /^(me|merge|archive|dashboard|migration|favicon|health|status|ping|metrics)$/i;
 const ACTION_VERB_HYPHEN = /^(forgot-|reset-|verify-|confirm-|send-|check-|get-|set-|update-|delete-|create-|trigger-|start-|stop-)/i;
+/** Matches paths whose last segment is an execution verb (e.g. /jobs/execute, /actions/run). */
+const EXECUTION_SUFFIX = /\/(execute|run|trigger|process|invoke|dispatch|send|apply)$/i;
+function isExecutionEndpoint(path) {
+    return EXECUTION_SUFFIX.test(path);
+}
+/** Extract the execution verb from the path's last segment (e.g. "/jobs/run" → "run"). */
+function extractExecutionVerb(endpointPath) {
+    const match = EXECUTION_SUFFIX.exec(endpointPath);
+    return match ? match[1].toLowerCase() : "execute";
+}
 /**
  * Returns true when `a` starts with `b` at a path-segment boundary.
  * Plain `startsWith` is not sufficient — "/orders-archive".startsWith("/orders") is true
@@ -128,7 +142,7 @@ export function inferResourceRelationships(endpoints) {
     }
     return relationships;
 }
-export function draftScenariosFromEndpoints(endpoints, newEndpoints = []) {
+export function draftScenariosFromEndpoints(endpoints, newEndpoints = [], wsAuthType, options = {}) {
     const scenarios = [];
     const resourceGroups = new Map();
     for (const ep of endpoints) {
@@ -175,7 +189,8 @@ export function draftScenariosFromEndpoints(endpoints, newEndpoints = []) {
             });
         }
     }
-    scenarios.push(...draftDiffDirectScenarios(newEndpoints, resourceGroups));
+    scenarios.push(...draftDiffDirectScenarios(newEndpoints, resourceGroups, wsAuthType));
+    scenarios.push(...draftAttackSurfaceExpansionScenarios(endpoints, options.changedEndpoints ?? [], wsAuthType, options.securityRelevantDiff ?? false));
     return capScenarios(scenarios);
 }
 const MAX_TOTAL_SCENARIOS = 30;
@@ -238,7 +253,7 @@ function diffDirectIntegration(method, resource, singular, group) {
                 order: 2, method: "GET", path: group.paramPath,
                 description: `Retrieve created ${singular} and verify fields`,
                 interactionType: "success", expectedStatusCode: 200,
-                chainsFrom: { sourceStep: 1, sourceField: "id", sourceLocation: "body", targetParam: `${singular}_id`, targetLocation: "path" },
+                chainsFrom: { sourceStep: 1, sourceField: "<id-field>", sourceLocation: "body", targetParam: `${singular}_id`, targetLocation: "path" },
             });
         }
     }
@@ -255,7 +270,7 @@ function diffDirectIntegration(method, resource, singular, group) {
             order: steps.length + 1, method: "DELETE", path: targetPath,
             description: `Delete ${singular}`,
             interactionType: "success", expectedStatusCode: 204,
-            ...(steps.length > 0 ? { chainsFrom: { sourceStep: 1, sourceField: "id", sourceLocation: "body", targetParam: `${singular}_id`, targetLocation: "path" } } : {}),
+            ...(steps.length > 0 ? { chainsFrom: { sourceStep: 1, sourceField: "<id-field>", sourceLocation: "body", targetParam: `${singular}_id`, targetLocation: "path" } } : {}),
         });
         if (group.paramPath && group.methods.has("GET")) {
             steps.push({
@@ -349,11 +364,8 @@ function diffDirectBoundaryValues(method, resource, singular, group) {
         description: `${method} with valid boundary values (e.g. 0, maximum allowed, empty collection) — expect 200`,
         interactionType: "success",
         expectedStatusCode: 200,
-        // Signal the execution plan that a body is required. The agent reads source
-        // to discover the actual numeric/percentage field names to test at boundaries.
-        bodyMustInclude: ["numeric_or_percentage_field"],
         ...(steps.length > 0 && group.paramPath
-            ? { chainsFrom: { sourceStep: 1, sourceField: "id", sourceLocation: "body", targetParam: pathParamName, targetLocation: "path" } }
+            ? { chainsFrom: { sourceStep: 1, sourceField: "<id-field>", sourceLocation: "body", targetParam: pathParamName, targetLocation: "path" } }
             : {}),
     });
     return {
@@ -392,7 +404,7 @@ function diffDirectMutationRecalc(method, resource, singular, group) {
         interactionType: "success",
         expectedStatusCode: 200,
         ...(sourceStep > 0 && group.paramPath
-            ? { chainsFrom: { sourceStep, sourceField: "id", sourceLocation: "body", targetParam: pathParamName, targetLocation: "path" } }
+            ? { chainsFrom: { sourceStep, sourceField: "<id-field>", sourceLocation: "body", targetParam: pathParamName, targetLocation: "path" } }
             : {}),
     });
     if (group.paramPath && group.methods.has("GET")) {
@@ -404,7 +416,7 @@ function diffDirectMutationRecalc(method, resource, singular, group) {
             interactionType: "success",
             expectedStatusCode: 200,
             ...(sourceStep > 0 && group.paramPath
-                ? { chainsFrom: { sourceStep, sourceField: "id", sourceLocation: "body", targetParam: pathParamName, targetLocation: "path" } }
+                ? { chainsFrom: { sourceStep, sourceField: "<id-field>", sourceLocation: "body", targetParam: pathParamName, targetLocation: "path" } }
                 : {}),
         });
     }
@@ -421,13 +433,63 @@ function diffDirectMutationRecalc(method, resource, singular, group) {
         testType: TestType.INTEGRATION,
     };
 }
-function diffDirectAuthBoundary(method, path, resource) {
+function diffDirectExecutionHappy(method, path, resource) {
+    const verb = extractExecutionVerb(path);
+    return {
+        scenarioName: `${resource}-${method.toLowerCase()}-${verb}-happy`,
+        description: `Execution test: ${method} ${path} with valid payload — read source to identify required input fields; assert response reflects expected output (result, status, processed data)`,
+        category: "new_endpoint",
+        priority: "high",
+        steps: [{
+                order: 1,
+                method,
+                path,
+                description: `${method} ${path} with valid input payload — expect 200 OK with execution result`,
+                interactionType: "success",
+                expectedStatusCode: 200,
+            }],
+        chainingKeys: [],
+        requiresAuth: true,
+        estimatedComplexity: "moderate",
+        source: ScenarioSource.CodeInferred,
+        testType: TestType.INTEGRATION,
+    };
+}
+function diffDirectExecutionInvalid(method, path, resource) {
+    const verb = extractExecutionVerb(path);
+    return {
+        scenarioName: `${resource}-${method.toLowerCase()}-${verb}-invalid`,
+        description: `Validation test: ${method} ${path} with missing or invalid request body — read source to find required fields; assert 422 Unprocessable Entity with meaningful error`,
+        category: "new_endpoint",
+        priority: "high",
+        steps: [{
+                order: 1,
+                method,
+                path,
+                description: `${method} ${path} with missing required fields — expect 422 Unprocessable Entity`,
+                interactionType: "error",
+                expectedStatusCode: 422,
+            }],
+        chainingKeys: [],
+        requiresAuth: true,
+        estimatedComplexity: "simple",
+        source: ScenarioSource.CodeInferred,
+        testType: TestType.CONTRACT,
+    };
+}
+function diffDirectAuthBoundary(method, path, resource, wsAuthType) {
+    // Bearer and OAuth both use the "Authorization: Bearer <token>" scheme. These setups
+    // commonly return 403 (Forbidden) rather than 401 (Unauthorized) when a token is
+    // absent, because the framework treats a missing credential as insufficient permission
+    // rather than unauthenticated. All other auth types use 401.
+    const expectedStatusCode = wsAuthType === WorkspaceAuthType.Bearer || wsAuthType === WorkspaceAuthType.OAuth ? 403 : 401;
+    const statusLabel = expectedStatusCode === 403 ? "403 Forbidden" : "401 Unauthorized";
     return {
         scenarioName: `${resource}-${method.toLowerCase()}-auth-boundary`,
-        description: `Auth boundary: ${method} ${path} without authentication returns 401 Unauthorized`,
+        description: `Auth boundary: ${method} ${path} without authentication returns ${statusLabel}`,
         category: "security_boundary",
         priority: "high",
-        steps: [{ order: 1, method, path, description: `${method} ${path} without Authorization header — expect 401 Unauthorized`, interactionType: "error", expectedStatusCode: 401 }],
+        steps: [{ order: 1, method, path, description: `${method} ${path} without Authorization header — expect ${statusLabel}`, interactionType: "error", expectedStatusCode }],
         chainingKeys: [],
         requiresAuth: false,
         estimatedComplexity: "simple",
@@ -435,6 +497,134 @@ function diffDirectAuthBoundary(method, path, resource) {
         testType: TestType.CONTRACT,
     };
 }
+const DESTRUCTIVE_ACTION_TOKENS = new Set(["delete", "destroy", "remove", "cancel", "archive"]);
+const SOURCE_RESOURCE_SKIP_SEGMENTS = new Set([
+    ...SKIP_SEGMENTS,
+    "app", "apps", "handler", "handlers", "index", "page", "pages", "route", "routes", "router", "server", "src",
+]);
+function pathSegments(path) {
+    return path.split("/").filter(Boolean);
+}
+function isPathParam(segment) {
+    return /^\{[^}]+\}$/.test(segment) ||
+        /^:[A-Za-z_][A-Za-z0-9_]*$/.test(segment) ||
+        /^\[\.\.\.[^\]]+\]$/.test(segment) ||
+        /^\[\[\.\.\.[^\]]+\]\]$/.test(segment) ||
+        /^\[[^\].][^\]]*\]$/.test(segment);
+}
+function actionSegmentTokens(segment) {
+    return segment
+        .replace(/([a-z0-9])([A-Z])/g, "$1 $2")
+        .split(/[^a-z0-9]+/i)
+        .filter(Boolean)
+        .map(token => token.toLowerCase());
+}
+function isDestructiveActionSegment(segment) {
+    return actionSegmentTokens(segment).some(token => DESTRUCTIVE_ACTION_TOKENS.has(token));
+}
+function sourceFileResource(sourceFile) {
+    if (!sourceFile)
+        return undefined;
+    const sourceSegments = sourceFile.split(/[\\/]/).filter(Boolean);
+    const filename = sourceSegments.at(-1)?.replace(/\.[^.]+$/, "").toLowerCase();
+    if (filename && isRealResource(filename) && !SOURCE_RESOURCE_SKIP_SEGMENTS.has(filename))
+        return filename;
+    return [...sourceSegments]
+        .slice(0, -1)
+        .reverse()
+        .map(segment => segment.replace(/\.[^.]+$/, "").toLowerCase())
+        .find(segment => segment && isRealResource(segment) && !SOURCE_RESOURCE_SKIP_SEGMENTS.has(segment));
+}
+function collectionPathForChangedEndpoint(path, sourceFile) {
+    const segments = pathSegments(path);
+    const sourceResource = sourceFileResource(sourceFile);
+    if (segments.length > 0 &&
+        isPathParam(segments[0]) &&
+        sourceResource &&
+        (segments.length === 1 || segments[1] !== sourceResource)) {
+        return `/${sourceResource}`;
+    }
+    if (segments.length >= 2) {
+        const last = segments[segments.length - 1];
+        if (isPathParam(last)) {
+            return `/${segments.slice(0, -1).join("/")}`;
+        }
+        const paramIdx = segments.findIndex(isPathParam);
+        if (paramIdx > 0) {
+            return `/${segments.slice(0, paramIdx).join("/")}`;
+        }
+    }
+    return sourceResource ? `/${sourceResource}` : undefined;
+}
+function resourceFromCollectionPath(collectionPath) {
+    const segments = pathSegments(collectionPath);
+    return segments.filter(s => !SKIP_SEGMENTS.has(s)).at(-1) ?? "resource";
+}
+function actionNameFromPath(path) {
+    const action = pathSegments(path).at(-1) ?? "destructive";
+    return action.replace(/[^a-z0-9]+/gi, "-").replace(/^-|-$/g, "").toLowerCase() || "destructive";
+}
+function endpointMethods(endpoint) {
+    return endpoint.methods.map(m => (typeof m === "string" ? m : m.method).toUpperCase());
+}
+function endpointSourceFiles(endpoint) {
+    return new Set(endpoint.methods
+        .filter((m) => typeof m !== "string")
+        .map(m => m.sourceFile)
+        .filter((sourceFile) => Boolean(sourceFile)));
+}
+function resolveSiblingPath(endpointPath, collectionPath) {
+    if (isSegmentPrefix(endpointPath, collectionPath))
+        return endpointPath;
+    const segments = pathSegments(endpointPath);
+    if (segments.length > 0 && isDestructiveActionSegment(segments[0])) {
+        return `${collectionPath}/${segments.join("/")}`;
+    }
+    return endpointPath;
+}
+function isDestructiveSiblingEndpoint(endpoint, changed, collectionPath) {
+    const methods = endpointMethods(endpoint);
+    if (!methods.includes("POST"))
+        return false;
+    const endpointSegments = pathSegments(endpoint.path);
+    const samePathFamily = isSegmentPrefix(endpoint.path, collectionPath) && endpoint.path !== collectionPath;
+    const routerRelativeDestructive = endpointSegments.length > 0 &&
+        isDestructiveActionSegment(endpointSegments[0]);
+    const sameSourceFile = Boolean(routerRelativeDestructive && changed.sourceFile && endpointSourceFiles(endpoint).has(changed.sourceFile));
+    if (!samePathFamily && !sameSourceFile)
+        return false;
+    const collectionSegments = samePathFamily ? pathSegments(collectionPath) : [];
+    const suffix = endpointSegments.slice(collectionSegments.length);
+    return suffix.some(segment => isDestructiveActionSegment(segment));
+}
+function draftAttackSurfaceExpansionScenarios(endpoints, changedEndpoints, wsAuthType, securityRelevantDiff) {
+    if (!securityRelevantDiff || changedEndpoints.length === 0)
+        return [];
+    const scenarios = [];
+    const seen = new Set();
+    for (const changed of changedEndpoints) {
+        if (changed.method.toUpperCase() !== "DELETE")
+            continue;
+        const collectionPath = collectionPathForChangedEndpoint(changed.path, changed.sourceFile);
+        if (!collectionPath)
+            continue;
+        const resource = resourceFromCollectionPath(collectionPath);
+        for (const endpoint of endpoints) {
+            if (!isDestructiveSiblingEndpoint(endpoint, changed, collectionPath))
+                continue;
+            const siblingPath = resolveSiblingPath(endpoint.path, collectionPath);
+            const scenario = diffDirectAuthBoundary("POST", siblingPath, `${resource}-${actionNameFromPath(siblingPath)}`, wsAuthType);
+            scenario.description = `Attack-surface auth boundary: ${siblingPath} is a destructive sibling of changed ${changed.method.toUpperCase()} ${changed.path}; verify it rejects missing authentication`;
+            scenario.isAttackSurfaceSecurityBoundary = true;
+            scenario.steps[0].description = `POST ${siblingPath} without the new auth/admin guard — expect ${scenario.steps[0].expectedStatusCode}`;
+            if (!seen.has(scenario.scenarioName)) {
+                seen.add(scenario.scenarioName);
+                scenarios.push(scenario);
+            }
+        }
+    }
+    return scenarios;
+}
 /**
  * Draft a unified scenario for GET endpoints without path params (collection or search).
  * Rather than hardcoding keyword detection, the description instructs the LLM to read
@@ -504,9 +694,11 @@ function diffDirectGetCollection(path, resource, singular, group) {
  * (category "security_boundary" → HIGH priority, not CRITICAL) so it
  * lands in ADDITIONAL deterministically instead of depending on LLM
  * supplement. GET is excluded (often public); POST is excluded because
- * the security-boundary supplement tier covers it.
+ * the security-boundary supplement tier covers it. Exception: execution
+ * endpoints (/execute, /run, /trigger, etc.) include auth-boundary for
+ * all non-GET methods (including POST) since they are high-value targets.
  */
-export function draftDiffDirectScenarios(newEndpoints, resourceGroups) {
+export function draftDiffDirectScenarios(newEndpoints, resourceGroups, wsAuthType) {
     if (newEndpoints.length === 0)
         return [];
     const scenarios = [];
@@ -591,6 +783,17 @@ export function draftDiffDirectScenarios(newEndpoints, resourceGroups) {
             }
         };
         for (const method of methods) {
+            // Execution endpoints get their own focused templates instead of CRUD lifecycle ones.
+            // Caller-traced execution endpoints (Bug 5 scenario) are handled by the LLM prompt;
+            // this fires only when a new /execute-style endpoint appears directly in the diff.
+            // GET is excluded — execution endpoints use request bodies, which don't apply to GET.
+            // MULTI is excluded — it's a sentinel for catch-all handlers, not a real HTTP verb.
+            if (isExecutionEndpoint(resolvedPath) && method !== "GET" && method !== "MULTI") {
+                add(diffDirectExecutionHappy(method, resolvedPath, resource));
+                add(diffDirectExecutionInvalid(method, resolvedPath, resource));
+                add(diffDirectAuthBoundary(method, resolvedPath, resource, wsAuthType));
+                continue;
+            }
             if (method === "PUT" || method === "PATCH") {
                 // mutation-recalc tests the primary calculation flow
                 add(diffDirectMutationRecalc(method, resource, singular, group));
@@ -618,7 +821,7 @@ export function draftDiffDirectScenarios(newEndpoints, resourceGroups) {
                 add(diffDirectGetCollection(resolvedPath, resource, singular, group));
             }
             if (method === "PUT" || method === "PATCH" || method === "DELETE")
-                add(diffDirectAuthBoundary(method, resolvedPath, resource));
+                add(diffDirectAuthBoundary(method, resolvedPath, resource, wsAuthType));
         }
     }
     return scenarios;

package/build/utils/scenarioDrafting.test.js

@@ -1,5 +1,6 @@
 // @ts-ignore
 import { isRealResource, draftScenariosFromEndpoints, draftDiffDirectScenarios, inferResourceRelationships, } from "./scenarioDrafting.js";
+import { WorkspaceAuthType } from "./workspaceAuth.js";
 describe("isRealResource", () => {
     it("accepts normal resource names", () => {
         expect(isRealResource("users")).toBe(true);
@@ -12,14 +13,15 @@ describe("isRealResource", () => {
         expect(isRealResource("user-profiles")).toBe(true);
         expect(isRealResource("api-keys")).toBe(true);
     });
-    it("rejects action-like single words", () => {
-        expect(isRealResource("login")).toBe(false);
-        expect(isRealResource("logout")).toBe(false);
-        expect(isRealResource("verify")).toBe(false);
+    it("rejects infra/monitoring tokens but accepts semantic endpoint names", () => {
         expect(isRealResource("health")).toBe(false);
         expect(isRealResource("ping")).toBe(false);
         expect(isRealResource("dashboard")).toBe(false);
-        expect(isRealResource("webhook")).toBe(false);
+        // login, logout, verify, webhook are real resources (phase 6a)
+        expect(isRealResource("login")).toBe(true);
+        expect(isRealResource("logout")).toBe(true);
+        expect(isRealResource("verify")).toBe(true);
+        expect(isRealResource("webhook")).toBe(true);
     });
     it("rejects action-verb-hyphenated patterns", () => {
         expect(isRealResource("forgot-password")).toBe(false);
@@ -31,9 +33,9 @@ describe("isRealResource", () => {
         expect(isRealResource("delete-cache")).toBe(false);
     });
     it("is case-insensitive", () => {
-        expect(isRealResource("Login")).toBe(false);
-        expect(isRealResource("VERIFY")).toBe(false);
-        expect(isRealResource("Forgot-Password")).toBe(false);
+        expect(isRealResource("Login")).toBe(true); // login is now a real resource (phase 6a)
+        expect(isRealResource("VERIFY")).toBe(true); // verify is now a real resource (phase 6a)
+        expect(isRealResource("Forgot-Password")).toBe(false); // ACTION_VERB_HYPHEN still filters this
     });
 });
 describe("draftScenariosFromEndpoints — irregular plural singularization", () => {
@@ -72,6 +74,121 @@ describe("draftScenariosFromEndpoints", () => {
         expect(draftScenariosFromEndpoints([])).toEqual([]);
     });
 });
+describe("draftScenariosFromEndpoints — attack-surface expansion", () => {
+    const endpoints = [
+        { path: "/{id:uuid}", methods: [{ method: "DELETE", sourceFile: "src/prefect/server/api/flows.py" }] },
+        { path: "/bulk_delete", methods: [{ method: "POST", sourceFile: "src/prefect/server/api/flows.py" }] },
+        { path: "/{id:uuid}", methods: [{ method: "DELETE", sourceFile: "src/prefect/server/api/deployments.py" }] },
+        { path: "/bulk_delete", methods: [{ method: "POST", sourceFile: "src/prefect/server/api/deployments.py" }] },
+    ];
+    it("drafts auth-boundary scenarios for same-file destructive bulk siblings", () => {
+        const scenarios = draftScenariosFromEndpoints(endpoints, [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: true,
+            changedEndpoints: [
+                { method: "DELETE", path: "/{id:uuid}", sourceFile: "src/prefect/server/api/flows.py" },
+                { method: "DELETE", path: "/{id:uuid}", sourceFile: "src/prefect/server/api/deployments.py" },
+            ],
+        });
+        const flowBulkDelete = scenarios.find(s => s.scenarioName === "flows-bulk-delete-post-auth-boundary");
+        const deploymentBulkDelete = scenarios.find(s => s.scenarioName === "deployments-bulk-delete-post-auth-boundary");
+        expect(flowBulkDelete).toBeDefined();
+        expect(flowBulkDelete.category).toBe("security_boundary");
+        expect(flowBulkDelete.testType).toBe("contract");
+        expect(flowBulkDelete.steps[0]).toMatchObject({
+            method: "POST",
+            path: "/flows/bulk_delete",
+            expectedStatusCode: 401,
+        });
+        expect(flowBulkDelete.description).toContain("destructive sibling");
+        expect(deploymentBulkDelete).toBeDefined();
+        expect(deploymentBulkDelete.steps[0]).toMatchObject({
+            method: "POST",
+            path: "/deployments/bulk_delete",
+            expectedStatusCode: 401,
+        });
+    });
+    it("does not expand when the diff lacks security signals", () => {
+        const scenarios = draftScenariosFromEndpoints(endpoints, [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: false,
+            changedEndpoints: [{ method: "DELETE", path: "/{id:uuid}", sourceFile: "src/prefect/server/api/flows.py" }],
+        });
+        expect(scenarios.some(s => s.scenarioName.includes("bulk-delete"))).toBe(false);
+    });
+    it("uses the source-file resource for router-relative nested destructive endpoints", () => {
+        const scenarios = draftScenariosFromEndpoints([
+            { path: "/{id:uuid}/schedules/{schedule_id:uuid}", methods: [{ method: "DELETE", sourceFile: "src/prefect/server/api/deployments.py" }] },
+            { path: "/bulk_delete", methods: [{ method: "POST", sourceFile: "src/prefect/server/api/deployments.py" }] },
+            { path: "/{id:uuid}/schedules/bulk_delete", methods: [{ method: "POST", sourceFile: "src/prefect/server/api/deployments.py" }] },
+        ], [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: true,
+            changedEndpoints: [
+                { method: "DELETE", path: "/{id:uuid}/schedules/{schedule_id:uuid}", sourceFile: "src/prefect/server/api/deployments.py" },
+            ],
+        });
+        expect(scenarios.some(s => s.steps.some(step => step.path === "/deployments/bulk_delete"))).toBe(true);
+        expect(scenarios.some(s => s.steps.some(step => step.path === "/{id:uuid}/schedules/bulk_delete"))).toBe(false);
+    });
+    it("preserves Express-style tenant params for attack-surface siblings", () => {
+        const scenarios = draftScenariosFromEndpoints([
+            { path: "/:tenant_id/deployments/:id", methods: [{ method: "DELETE", sourceFile: "src/routes/deployments.ts" }] },
+            { path: "/:tenant_id/deployments/bulk_delete", methods: [{ method: "POST", sourceFile: "src/routes/deployments.ts" }] },
+        ], [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: true,
+            changedEndpoints: [
+                { method: "DELETE", path: "/:tenant_id/deployments/:id", sourceFile: "src/routes/deployments.ts" },
+            ],
+        });
+        expect(scenarios.some(s => s.steps.some(step => step.path === "/:tenant_id/deployments/bulk_delete"))).toBe(true);
+    });
+    it("preserves Next-style tenant params for attack-surface siblings", () => {
+        const scenarios = draftScenariosFromEndpoints([
+            { path: "/[tenant_id]/deployments/[id]", methods: [{ method: "DELETE", sourceFile: "src/app/api/deployments/route.ts" }] },
+            { path: "/[tenant_id]/deployments/bulk_delete", methods: [{ method: "POST", sourceFile: "src/app/api/deployments/route.ts" }] },
+        ], [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: true,
+            changedEndpoints: [
+                { method: "DELETE", path: "/[tenant_id]/deployments/[id]", sourceFile: "src/app/api/deployments/route.ts" },
+            ],
+        });
+        expect(scenarios.some(s => s.steps.some(step => step.path === "/[tenant_id]/deployments/bulk_delete"))).toBe(true);
+    });
+    it("preserves full tenant-scoped paths when the resource segment is explicit", () => {
+        const scenarios = draftScenariosFromEndpoints([
+            { path: "/{tenant_id}/deployments/{id}", methods: [{ method: "DELETE", sourceFile: "src/prefect/server/api/deployments.py" }] },
+            { path: "/{tenant_id}/deployments/bulk_delete", methods: [{ method: "POST", sourceFile: "src/prefect/server/api/deployments.py" }] },
+        ], [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: true,
+            changedEndpoints: [
+                { method: "DELETE", path: "/{tenant_id}/deployments/{id}", sourceFile: "src/prefect/server/api/deployments.py" },
+            ],
+        });
+        expect(scenarios.some(s => s.steps.some(step => step.path === "/{tenant_id}/deployments/bulk_delete"))).toBe(true);
+    });
+    it("does not invent a bulk sibling when no destructive sibling endpoint exists", () => {
+        const scenarios = draftScenariosFromEndpoints([{ path: "/{id:uuid}", methods: [{ method: "DELETE", sourceFile: "src/prefect/server/api/flows.py" }] }], [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: true,
+            changedEndpoints: [{ method: "DELETE", path: "/{id:uuid}", sourceFile: "src/prefect/server/api/flows.py" }],
+        });
+        expect(scenarios).toEqual([]);
+    });
+    it("does not expand ordinary changed GET endpoints", () => {
+        const scenarios = draftScenariosFromEndpoints(endpoints, [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: true,
+            changedEndpoints: [{ method: "GET", path: "/{id:uuid}", sourceFile: "src/prefect/server/api/flows.py" }],
+        });
+        expect(scenarios.some(s => s.scenarioName.includes("bulk-delete"))).toBe(false);
+    });
+    it("does not promote unrelated destructive routes from the same source file", () => {
+        const scenarios = draftScenariosFromEndpoints([
+            { path: "/flows/{id:uuid}", methods: [{ method: "DELETE", sourceFile: "src/routes/api.py" }] },
+            { path: "/admin/bulk_delete", methods: [{ method: "POST", sourceFile: "src/routes/api.py" }] },
+        ], [], WorkspaceAuthType.ApiKey, {
+            securityRelevantDiff: true,
+            changedEndpoints: [{ method: "DELETE", path: "/flows/{id:uuid}", sourceFile: "src/routes/api.py" }],
+        });
+        expect(scenarios).toEqual([]);
+    });
+});
 describe("inferResourceRelationships", () => {
     it("returns empty map for endpoints with no nesting or FK fields", () => {
         const endpoints = [
@@ -379,7 +496,7 @@ describe("diffDirectMutationRecalc — diverse app types (no hardcoded field nam
             const chaining = mutationStep.chainsFrom;
             expect(chaining.targetParam).toBe(expectedParamName);
             expect(chaining.sourceStep).toBe(1);
-            expect(chaining.sourceField).toBe("id");
+            expect(chaining.sourceField).toBe("<id-field>");
         }
         else {
             expect(mutationStep.chainsFrom).toBeUndefined();
@@ -643,3 +760,59 @@ describe("path collision fix — resourceGroups disambiguation", () => {
         expect(allPaths.some((p) => p.includes("orders-archive"))).toBe(false);
     });
 });
+describe("draftDiffDirectScenarios — execution endpoints", () => {
+    it("produces execution templates for /execute-style endpoints (non-GET)", () => {
+        const newEndpoints = [{ method: "POST", path: "/api/jobs/execute" }];
+        const resourceGroups = new Map([
+            ["jobs", { basePath: "/api/jobs", methods: new Set(["GET", "POST"]), paramPath: "/api/jobs/{id}" }],
+        ]);
+        const result = draftDiffDirectScenarios(newEndpoints, resourceGroups);
+        const names = result.map((s) => s.scenarioName);
+        expect(names).toContain("jobs-post-execute-happy");
+        expect(names).toContain("jobs-post-execute-invalid");
+        expect(names).toContain("jobs-post-auth-boundary");
+        // Should NOT produce CRUD lifecycle templates
+        expect(names.some((n) => n.includes("integration") || n.includes("contract"))).toBe(false);
+    });
+    it("does not produce execution templates for GET on execution endpoints", () => {
+        const newEndpoints = [{ method: "GET", path: "/api/jobs/execute" }];
+        const resourceGroups = new Map([
+            ["jobs", { basePath: "/api/jobs", methods: new Set(["GET"]), paramPath: "/api/jobs/{id}" }],
+        ]);
+        const result = draftDiffDirectScenarios(newEndpoints, resourceGroups);
+        const names = result.map((s) => s.scenarioName);
+        // GET should fall through to normal GET handling, not execution templates
+        expect(names.some((n) => n.includes("execute-happy"))).toBe(false);
+        expect(names.some((n) => n.includes("execute-invalid"))).toBe(false);
+    });
+});
+describe("draftDiffDirectScenarios — auth boundary status codes", () => {
+    const newEndpoints = [{ method: "DELETE", path: "/api/orders/{id}" }];
+    const resourceGroups = new Map([
+        ["orders", { basePath: "/api/orders", methods: new Set(["GET", "POST", "DELETE"]), paramPath: "/api/orders/{id}" }],
+    ]);
+    it("expects 403 for Bearer auth type", () => {
+        const result = draftDiffDirectScenarios(newEndpoints, resourceGroups, WorkspaceAuthType.Bearer);
+        const authScenario = result.find((s) => s.scenarioName.includes("auth-boundary"));
+        expect(authScenario).toBeDefined();
+        expect(authScenario.steps[0].expectedStatusCode).toBe(403);
+    });
+    it("expects 403 for OAuth auth type (uses Bearer scheme)", () => {
+        const result = draftDiffDirectScenarios(newEndpoints, resourceGroups, WorkspaceAuthType.OAuth);
+        const authScenario = result.find((s) => s.scenarioName.includes("auth-boundary"));
+        expect(authScenario).toBeDefined();
+        expect(authScenario.steps[0].expectedStatusCode).toBe(403);
+    });
+    it("expects 401 for other auth types", () => {
+        const result = draftDiffDirectScenarios(newEndpoints, resourceGroups, WorkspaceAuthType.ApiKey);
+        const authScenario = result.find((s) => s.scenarioName.includes("auth-boundary"));
+        expect(authScenario).toBeDefined();
+        expect(authScenario.steps[0].expectedStatusCode).toBe(401);
+    });
+    it("expects 401 when no auth type specified", () => {
+        const result = draftDiffDirectScenarios(newEndpoints, resourceGroups);
+        const authScenario = result.find((s) => s.scenarioName.includes("auth-boundary"));
+        expect(authScenario).toBeDefined();
+        expect(authScenario.steps[0].expectedStatusCode).toBe(401);
+    });
+});