@studiometa/forge-mcp 0.1.0 → 0.2.1

package/dist/{version-Cw8OGt4r.js → version-BmEJceWJ.js}

@@ -2,7 +2,7 @@ import { readFileSync } from "node:fs";
 import { dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";
 import { HttpClient, isForgeApiError } from "@studiometa/forge-api";
-import { ACTIONS, RESOURCES, activateCertificate, createBackupConfig, createCertificate, createCommand, createDaemon, createDatabase, createDatabaseUser, createFirewallRule, createMonitor, createNginxTemplate, createRecipe, createRedirectRule, createScheduledJob, createSecurityRule, createServer, createSite, createSshKey, deleteBackupConfig, deleteCertificate, deleteDaemon, deleteDatabase, deleteDatabaseUser, deleteFirewallRule, deleteMonitor, deleteNginxTemplate, deleteRecipe, deleteRedirectRule, deleteScheduledJob, deleteSecurityRule, deleteServer, deleteSite, deleteSshKey, deploySite, getBackupConfig, getCertificate, getCommand, getDaemon, getDatabase, getDatabaseUser, getDeploymentOutput, getDeploymentScript, getEnv, getFirewallRule, getMonitor, getNginxConfig, getNginxTemplate, getRecipe, getRedirectRule, getScheduledJob, getSecurityRule, getServer, getSite, getSshKey, getUser, listBackupConfigs, listCertificates, listCommands, listDaemons, listDatabaseUsers, listDatabases, listDeployments, listFirewallRules, listMonitors, listNginxTemplates, listRecipes, listRedirectRules, listScheduledJobs, listSecurityRules, listServers, listSites, listSshKeys, rebootServer, restartDaemon, runRecipe, updateDeploymentScript, updateEnv, updateNginxConfig, updateNginxTemplate } from "@studiometa/forge-core";
+import { RESOURCES, activateCertificate, createAuditLogger, createBackupConfig, createCertificate, createCommand, createDaemon, createDatabase, createDatabaseUser, createFirewallRule, createMonitor, createNginxTemplate, createRecipe, createRedirectRule, createScheduledJob, createSecurityRule, createServer, createSite, createSshKey, deleteBackupConfig, deleteCertificate, deleteDaemon, deleteDatabase, deleteDatabaseUser, deleteFirewallRule, deleteMonitor, deleteNginxTemplate, deleteRecipe, deleteRedirectRule, deleteScheduledJob, deleteSecurityRule, deleteServer, deleteSite, deleteSshKey, deploySiteAndWait, getBackupConfig, getCertificate, getCommand, getDaemon, getDatabase, getDatabaseUser, getDeploymentOutput, getDeploymentScript, getEnv, getFirewallRule, getMonitor, getNginxConfig, getNginxTemplate, getRecipe, getRedirectRule, getScheduledJob, getSecurityRule, getServer, getSite, getSshKey, getUser, listBackupConfigs, listCertificates, listCommands, listDaemons, listDatabaseUsers, listDatabases, listDeployments, listFirewallRules, listMonitors, listNginxTemplates, listRecipes, listRedirectRules, listScheduledJobs, listSecurityRules, listServers, listSites, listSshKeys, rebootServer, restartDaemon, runRecipe, updateDeploymentScript, updateEnv, updateNginxConfig, updateNginxTemplate } from "@studiometa/forge-core";
 /**
 * MCP Server Instructions
 *
@@ -114,10 +114,18 @@ function formatDeploymentList(deployments) {
 	return `${deployments.length} deployment(s):\n${lines.join("\n")}`;
 }
 /**
-* Format a deployment action result (deploy/update-script).
+* Format a deployment action result.
+*
+* When a `DeployResult` is provided the output includes status, elapsed time,
+* and the deployment log.  When called with just IDs (legacy) it falls back to
+* the simple confirmation message so existing tests keep passing.
 */
-function formatDeployAction(siteId, serverId) {
-	return `Deployment triggered for site ${siteId} on server ${serverId}.`;
+function formatDeployAction(siteId, serverId, result) {
+	if (!result) return `Deployment triggered for site ${siteId} on server ${serverId}.`;
+	const elapsedSec = (result.elapsed_ms / 1e3).toFixed(1);
+	const lines = [`Deployment ${result.status === "success" ? "✓ succeeded" : "✗ failed"} for site ${siteId} on server ${serverId} (${elapsedSec}s).`];
+	if (result.log) lines.push("", "Deployment log:", result.log);
+	return lines.join("\n");
 }
 /**
 * Format deployment script content.
@@ -384,14 +392,23 @@ function isUserInputError(error) {
 	return error instanceof UserInputError;
 }
 /**
-* Create a successful JSON result.
-* Accepts a string or an object (which will be JSON-serialized).
+* Create a successful result with both human-readable text and structured content.
+*
+* - When `data` is a string, `structuredContent` wraps it as `{ result: data }`.
+* - When `data` is an object/array, `structuredContent` is `{ result: data }` and
+*   the text representation is the JSON-serialized form.
 */
 function jsonResult(data) {
-	return { content: [{
-		type: "text",
-		text: typeof data === "string" ? data : JSON.stringify(data, null, 2)
-	}] };
+	return {
+		content: [{
+			type: "text",
+			text: typeof data === "string" ? data : JSON.stringify(data, null, 2)
+		}],
+		structuredContent: {
+			success: true,
+			result: data
+		}
+	};
 }
 /**
 * Validate an ID-like value (must be alphanumeric/dashes only).
@@ -403,7 +420,7 @@ function sanitizeId(value) {
 	return /^[\w-]+$/.test(value);
 }
 /**
-* Create an error result.
+* Create an error result with structured error content.
 */
 function errorResult(message) {
 	return {
@@ -411,6 +428,10 @@ function errorResult(message) {
 			type: "text",
 			text: `Error: ${message}`
 		}],
+		structuredContent: {
+			success: false,
+			error: message
+		},
 		isError: true
 	};
 }
@@ -1099,9 +1120,10 @@ async function handleDeployments(action, args, ctx) {
 			if (ctx.compact) return jsonResult(formatDeploymentList(result.data));
 			return jsonResult(result.data);
 		}
-		case "deploy":
-			await deploySite(opts, ctx.executorContext);
-			return jsonResult(formatDeployAction(args.site_id, args.server_id));
+		case "deploy": {
+			const deployResult = await deploySiteAndWait(opts, ctx.executorContext);
+			return jsonResult(formatDeployAction(args.site_id, args.server_id, deployResult.data));
+		}
 		case "get":
 			if (args.id) {
 				const result = await getDeploymentOutput({
@@ -3017,93 +3039,147 @@ const handleUser = createResourceHandler({
 		return formatUser(data);
 	}
 });
-/** Valid resources derived from core constants */
-var VALID_RESOURCES = [...RESOURCES];
 /**
-* Route to the appropriate resource handler.
+* Read-only actions — safe operations that don't modify server state.
 */
-function routeToHandler(resource, action, args, ctx) {
-	switch (resource) {
-		case "servers": return handleServers(action, args, ctx);
-		case "sites": return handleSites(action, args, ctx);
-		case "deployments": return handleDeployments(action, args, ctx);
-		case "env": return handleEnv(action, args, ctx);
-		case "nginx": return handleNginxConfig(action, args, ctx);
-		case "certificates": return handleCertificates(action, args, ctx);
-		case "databases": return handleDatabases(action, args, ctx);
-		case "database-users": return handleDatabaseUsers(action, args, ctx);
-		case "daemons": return handleDaemons(action, args, ctx);
-		case "firewall-rules": return handleFirewallRules(action, args, ctx);
-		case "ssh-keys": return handleSshKeys(action, args, ctx);
-		case "security-rules": return handleSecurityRules(action, args, ctx);
-		case "redirect-rules": return handleRedirectRules(action, args, ctx);
-		case "monitors": return handleMonitors(action, args, ctx);
-		case "nginx-templates": return handleNginxTemplates(action, args, ctx);
-		case "recipes": return handleRecipes(action, args, ctx);
-		case "backups": return handleBackups(action, args, ctx);
-		case "commands": return handleCommands(action, args, ctx);
-		case "scheduled-jobs": return handleScheduledJobs(action, args, ctx);
-		case "user": return handleUser(action, args, ctx);
-		default: return Promise.resolve(errorResult(`Unknown resource "${resource}". Valid resources: ${VALID_RESOURCES.join(", ")}. Use action="help" for documentation.`));
-	}
-}
+const READ_ACTIONS = [
+	"list",
+	"get",
+	"help",
+	"schema"
+];
 /**
-* Execute a tool call with provided credentials.
-*
-* This is the main entry point shared between stdio and HTTP transports.
+* Write actions — operations that modify server state.
+* These are separated into the `forge_write` tool for safety.
 */
-async function executeToolWithCredentials(_name, args, credentials) {
-	const { resource, action, compact, ...rest } = args;
-	if (!resource || !action) return errorResult("Missing required fields: \"resource\" and \"action\".");
-	if (action === "help")
- /* v8 ignore start */
-	return resource ? handleHelp(resource) : handleHelpOverview();
-	if (action === "schema")
- /* v8 ignore start */
-	return resource ? handleSchema(resource) : handleSchemaOverview();
-	if (!VALID_RESOURCES.includes(resource)) return errorResult(`Unknown resource "${resource}". Valid resources: ${VALID_RESOURCES.join(", ")}. Use action="help" for documentation.`);
-	const handlerContext = {
-		executorContext: { client: new HttpClient({ token: credentials.apiToken }) },
-		compact: compact ?? action !== "get",
-		includeHints: action === "get"
-	};
-	try {
-		return await routeToHandler(resource, action, {
-			resource,
-			action,
-			...rest
-		}, handlerContext);
-	} catch (error) {
-		if (isUserInputError(error)) return errorResult(error.toFormattedMessage());
-		if (isForgeApiError(error)) return errorResult(`Forge API error (${error.status}): ${error.message}`);
-		/* v8 ignore stop */
-		return errorResult(error instanceof Error ? error.message : String(error));
-	}
+const WRITE_ACTIONS = [
+	"create",
+	"update",
+	"delete",
+	"deploy",
+	"reboot",
+	"restart",
+	"activate",
+	"run"
+];
+/**
+* Check if an action is a write action.
+*/
+function isWriteAction(action) {
+	return WRITE_ACTIONS.includes(action);
 }
 /**
-* Generate the tool description dynamically from the constants.
+* Check if an action is a read action.
 */
-function generateDescription() {
-	return [
-		"Laravel Forge API.",
-		`Resources: ${RESOURCES.join(", ")}.`,
-		`Actions: ${ACTIONS.join(", ")} (varies by resource).`,
-		"Discovery: action=help with any resource for filters and examples.",
-		"Server operations require id. Site operations require server_id.",
-		"Deployment operations require server_id and site_id."
-	].join("\n");
+function isReadAction(action) {
+	return READ_ACTIONS.includes(action);
 }
 /**
-* Single consolidated tool for Laravel Forge MCP server.
+* Output schema shared by all forge tools.
+*
+* All tools return a consistent envelope:
+* - success: true/false
+* - result: the resource data (shape varies by resource and action)
+* - error: error message (only when success is false)
+*
+* The `result` field contains resource-specific data:
+* - list actions → array of resource objects
+* - get actions → single resource object (or string for env/nginx/scripts)
+* - help/schema → documentation text or schema object
+* - write actions → confirmation message or updated resource
+*/
+var OUTPUT_SCHEMA = {
+	type: "object",
+	properties: {
+		success: {
+			type: "boolean",
+			description: "Whether the operation succeeded"
+		},
+		result: { description: "Operation result — shape varies by resource and action (array for list, object for get, string for text content)" },
+		error: {
+			type: "string",
+			description: "Error message (only present on failure)"
+		}
+	},
+	required: ["success"]
+};
+/**
+* Shared input schema properties used by both forge and forge_write tools.
+*/
+var SHARED_INPUT_PROPERTIES = {
+	resource: {
+		type: "string",
+		enum: [...RESOURCES],
+		description: "Forge resource to operate on"
+	},
+	id: {
+		type: "string",
+		description: "Resource ID (for get, delete, update actions)"
+	},
+	server_id: {
+		type: "string",
+		description: "Server ID (required for most resources)"
+	},
+	site_id: {
+		type: "string",
+		description: "Site ID (required for site-level resources: deployments, env, certificates, etc.)"
+	},
+	compact: {
+		type: "boolean",
+		description: "Compact output (default: true for list, false for get)"
+	}
+};
+/**
+* Core tools available in both stdio and HTTP transports.
 *
-* The resource/action enums and description are derived from
-* the shared constants in forge-core — the single source of truth.
+* Split into two tools for safety:
+* - `forge` — read-only operations (auto-approvable by MCP clients)
+* - `forge_write` — write operations (always requires confirmation)
 */
 const TOOLS = [{
 	name: "forge",
-	description: generateDescription(),
+	title: "Laravel Forge",
+	description: [
+		"Laravel Forge API — read operations.",
+		`Resources: ${RESOURCES.join(", ")}.`,
+		`Actions: ${[...READ_ACTIONS].join(", ")}.`,
+		"Discovery: action=help with any resource for filters and examples.",
+		"Server operations require id. Site operations require server_id.",
+		"Deployment operations require server_id and site_id."
+	].join("\n"),
 	annotations: {
 		title: "Laravel Forge",
+		readOnlyHint: true,
+		destructiveHint: false,
+		idempotentHint: true,
+		openWorldHint: true
+	},
+	inputSchema: {
+		type: "object",
+		properties: {
+			...SHARED_INPUT_PROPERTIES,
+			action: {
+				type: "string",
+				enum: [...READ_ACTIONS],
+				description: "Read action to perform. Use \"help\" for resource documentation."
+			}
+		},
+		required: ["resource", "action"]
+	},
+	outputSchema: OUTPUT_SCHEMA
+}, {
+	name: "forge_write",
+	title: "Laravel Forge (Write)",
+	description: [
+		"Laravel Forge API — write operations (create, update, delete, deploy, reboot, etc.).",
+		`Resources: ${RESOURCES.join(", ")}.`,
+		`Actions: ${[...WRITE_ACTIONS].join(", ")}.`,
+		"Server operations require id. Site operations require server_id.",
+		"Deployment operations require server_id and site_id.",
+		"Use forge tool with action=help for resource documentation."
+	].join("\n"),
+	annotations: {
+		title: "Laravel Forge (Write)",
 		readOnlyHint: false,
 		destructiveHint: true,
 		idempotentHint: false,
@@ -3112,108 +3188,132 @@ const TOOLS = [{
 	inputSchema: {
 		type: "object",
 		properties: {
-			resource: {
+			...SHARED_INPUT_PROPERTIES,
+			action: {
 				type: "string",
-				enum: [...RESOURCES]
+				enum: [...WRITE_ACTIONS],
+				description: "Write action to perform"
 			},
-			action: {
+			name: {
 				type: "string",
-				enum: [...ACTIONS],
-				description: "Use \"help\" for resource documentation"
+				description: "Resource name (servers, databases, daemons, etc.)"
 			},
-			id: {
+			provider: {
 				type: "string",
-				description: "Resource ID"
+				description: "Server provider (e.g. ocean2, linode, aws)"
 			},
-			server_id: {
+			region: {
 				type: "string",
-				description: "Server ID (required for most resources)"
+				description: "Server region (e.g. nyc3, us-east-1)"
 			},
-			site_id: {
+			size: {
 				type: "string",
-				description: "Site ID (required for site-level resources)"
+				description: "Server size (e.g. s-1vcpu-1gb)"
+			},
+			credential_id: {
+				type: "string",
+				description: "Provider credential ID for server creation"
+			},
+			type: {
+				type: "string",
+				description: "Resource type (e.g. app, web, worker for servers; mysql, postgres for databases; disk_usage, used_memory for monitors)"
+			},
+			domain: {
+				type: "string",
+				description: "Site domain name (e.g. example.com)"
+			},
+			project_type: {
+				type: "string",
+				description: "Site project type (e.g. php, html, symfony, laravel)"
+			},
+			directory: {
+				type: "string",
+				description: "Web directory relative to site root (e.g. /public)"
 			},
-			compact: {
-				type: "boolean",
-				description: "Compact output (default: true for list, false for get)"
-			},
-			name: { type: "string" },
-			provider: { type: "string" },
-			region: { type: "string" },
-			size: { type: "string" },
-			credential_id: { type: "string" },
-			type: { type: "string" },
-			domain: { type: "string" },
-			project_type: { type: "string" },
-			directory: { type: "string" },
 			content: {
 				type: "string",
-				description: "Content for env, nginx, or deployment script"
+				description: "Content body for env variables, nginx config, or deployment script updates"
 			},
 			command: {
 				type: "string",
-				description: "Shell command (daemons, recipes)"
+				description: "Shell command to execute (daemons: background process command; recipes: bash script inline; commands: site command)"
 			},
 			user: {
 				type: "string",
-				description: "Execution user (daemons, recipes)"
+				description: "Unix user to run as (daemons, scheduled jobs; e.g. forge, root)"
 			},
 			port: {
 				type: ["string", "number"],
-				description: "Port number or range (firewall rules)"
+				description: "Port number or range (firewall rules, e.g. 80 or 8000-9000)"
 			},
 			ip_address: {
 				type: "string",
-				description: "IP address (firewall rules)"
+				description: "IP address to allow/block (firewall rules, e.g. 192.168.1.1)"
 			},
 			key: {
 				type: "string",
-				description: "Public SSH key content"
+				description: "Public SSH key content (ssh-rsa ... or ssh-ed25519 ...)"
 			},
 			from: {
 				type: "string",
-				description: "Source path (redirect rules)"
+				description: "Source path for redirect rules (e.g. /old-page)"
 			},
 			to: {
 				type: "string",
-				description: "Destination URL (redirect rules)"
+				description: "Destination URL for redirect rules (e.g. /new-page)"
 			},
 			credentials: {
 				type: "array",
-				description: "Credentials array [{username, password}] (security rules)",
+				description: "HTTP basic auth credentials for security rules [{username, password}]",
 				items: { type: "object" }
 			},
 			operator: {
 				type: "string",
-				description: "Comparison operator (monitors)"
+				description: "Comparison operator for monitors (e.g. gte, lte)"
 			},
 			threshold: {
 				type: "number",
-				description: "Threshold value (monitors)"
+				description: "Threshold value that triggers the monitor alert"
 			},
 			minutes: {
 				type: "number",
-				description: "Check interval in minutes (monitors)"
+				description: "Check interval in minutes for monitors (e.g. 5)"
+			},
+			frequency: {
+				type: "string",
+				description: "Cron frequency for scheduled jobs (e.g. minutely, hourly, nightly, custom)"
 			},
 			script: {
 				type: "string",
-				description: "Bash script content (recipes)"
+				description: "Bash script content for recipes"
 			},
 			servers: {
 				type: "array",
-				description: "Server IDs to run recipe on",
+				description: "Server IDs to run a recipe on (e.g. [123, 456])",
 				items: { type: "number" }
 			}
 		},
 		required: ["resource", "action"]
-	}
+	},
+	outputSchema: OUTPUT_SCHEMA
 }];
 /**
+* Get the list of core tools, optionally filtered.
+*
+* In read-only mode, forge_write is excluded entirely — it won't appear
+* in the tool listing and cannot be called.
+*/
+function getTools(options) {
+	if (options?.readOnly) return TOOLS.filter((t) => t.name !== "forge_write");
+	return [...TOOLS];
+}
+/**
 * Additional tools only available in stdio mode.
 */
 const STDIO_ONLY_TOOLS = [{
 	name: "forge_configure",
-	description: "Configure Laravel Forge API token",
+	title: "Configure Forge",
+	description: "Configure Laravel Forge API token. The token is stored locally in the XDG config directory.",
 	annotations: {
 		title: "Configure Forge",
 		readOnlyHint: false,
@@ -3228,10 +3328,26 @@ const STDIO_ONLY_TOOLS = [{
 			description: "Your Laravel Forge API token"
 		} },
 		required: ["apiToken"]
+	},
+	outputSchema: {
+		type: "object",
+		properties: {
+			success: { type: "boolean" },
+			message: {
+				type: "string",
+				description: "Confirmation message"
+			},
+			apiToken: {
+				type: "string",
+				description: "Masked API token (last 4 chars)"
+			}
+		},
+		required: ["success"]
 	}
 }, {
 	name: "forge_get_config",
-	description: "Get current Forge configuration",
+	title: "Get Forge Config",
+	description: "Get current Forge configuration (shows masked token and config status).",
 	annotations: {
 		title: "Get Forge Config",
 		readOnlyHint: true,
@@ -3242,9 +3358,113 @@ const STDIO_ONLY_TOOLS = [{
 	inputSchema: {
 		type: "object",
 		properties: {}
+	},
+	outputSchema: {
+		type: "object",
+		properties: {
+			apiToken: {
+				type: "string",
+				description: "Masked API token or 'not configured'"
+			},
+			configured: {
+				type: "boolean",
+				description: "Whether a token is configured"
+			}
+		},
+		required: ["configured"]
 	}
 }];
-const VERSION = "0.1.0";
-export { INSTRUCTIONS as a, executeToolWithCredentials as i, STDIO_ONLY_TOOLS as n, TOOLS as r, VERSION as t };
+/** Valid resources derived from core constants */
+var VALID_RESOURCES = [...RESOURCES];
+var _auditLogger = null;
+function getAuditLogger() {
+	if (!_auditLogger) _auditLogger = createAuditLogger("mcp");
+	return _auditLogger;
+}
+/**
+* Route to the appropriate resource handler.
+*/
+function routeToHandler(resource, action, args, ctx) {
+	switch (resource) {
+		case "servers": return handleServers(action, args, ctx);
+		case "sites": return handleSites(action, args, ctx);
+		case "deployments": return handleDeployments(action, args, ctx);
+		case "env": return handleEnv(action, args, ctx);
+		case "nginx": return handleNginxConfig(action, args, ctx);
+		case "certificates": return handleCertificates(action, args, ctx);
+		case "databases": return handleDatabases(action, args, ctx);
+		case "database-users": return handleDatabaseUsers(action, args, ctx);
+		case "daemons": return handleDaemons(action, args, ctx);
+		case "firewall-rules": return handleFirewallRules(action, args, ctx);
+		case "ssh-keys": return handleSshKeys(action, args, ctx);
+		case "security-rules": return handleSecurityRules(action, args, ctx);
+		case "redirect-rules": return handleRedirectRules(action, args, ctx);
+		case "monitors": return handleMonitors(action, args, ctx);
+		case "nginx-templates": return handleNginxTemplates(action, args, ctx);
+		case "recipes": return handleRecipes(action, args, ctx);
+		case "backups": return handleBackups(action, args, ctx);
+		case "commands": return handleCommands(action, args, ctx);
+		case "scheduled-jobs": return handleScheduledJobs(action, args, ctx);
+		case "user": return handleUser(action, args, ctx);
+		default: return Promise.resolve(errorResult(`Unknown resource "${resource}". Valid resources: ${VALID_RESOURCES.join(", ")}. Use action="help" for documentation.`));
+	}
+}
+/**
+* Execute a tool call with provided credentials.
+*
+* This is the main entry point shared between stdio and HTTP transports.
+* Validates that the action matches the tool (read vs write).
+*/
+async function executeToolWithCredentials(name, args, credentials) {
+	const { resource, action, compact, ...rest } = args;
+	if (!resource || !action) return errorResult("Missing required fields: \"resource\" and \"action\".");
+	if (name === "forge" && isWriteAction(action)) return errorResult(`Action "${action}" is a write operation. Use the "forge_write" tool instead.`);
+	if (name === "forge_write" && isReadAction(action)) return errorResult(`Action "${action}" is a read operation. Use the "forge" tool instead.`);
+	if (action === "help")
+ /* v8 ignore start */
+	return resource ? handleHelp(resource) : handleHelpOverview();
+	if (action === "schema")
+ /* v8 ignore start */
+	return resource ? handleSchema(resource) : handleSchemaOverview();
+	if (!VALID_RESOURCES.includes(resource)) return errorResult(`Unknown resource "${resource}". Valid resources: ${VALID_RESOURCES.join(", ")}. Use action="help" for documentation.`);
+	const handlerContext = {
+		executorContext: { client: new HttpClient({ token: credentials.apiToken }) },
+		compact: compact ?? action !== "get",
+		includeHints: action === "get"
+	};
+	try {
+		const result = await routeToHandler(resource, action, {
+			resource,
+			action,
+			...rest
+		}, handlerContext);
+		if (name === "forge_write") getAuditLogger().log({
+			source: "mcp",
+			resource,
+			action,
+			args: rest,
+			status: result.isError ? "error" : "success"
+		});
+		return result;
+	} catch (error) {
+		let errorMessage;
+		if (isUserInputError(error)) errorMessage = error.toFormattedMessage();
+		else if (isForgeApiError(error)) errorMessage = `Forge API error (${error.status}): ${error.message}`;
+		else
+ /* v8 ignore start */
+		errorMessage = error instanceof Error ? error.message : String(error);
+		if (name === "forge_write") getAuditLogger().log({
+			source: "mcp",
+			resource,
+			action,
+			args: rest,
+			status: "error",
+			error: errorMessage
+		});
+		return errorResult(errorMessage);
+	}
+}
+const VERSION = "0.2.1";
+export { INSTRUCTIONS as a, getTools as i, executeToolWithCredentials as n, STDIO_ONLY_TOOLS as r, VERSION as t };
 
-//# sourceMappingURL=version-Cw8OGt4r.js.map
+//# sourceMappingURL=version-BmEJceWJ.js.map