@tankpkg/mcp-server 0.11.0 → 0.13.0

package/dist/index.js

@@ -15,6 +15,162 @@ const MANIFEST_FILENAME = "tank.json";
 const LEGACY_MANIFEST_FILENAME = "skills.json";
 const LOCKFILE_FILENAME = "tank.lock";
 const LEGACY_LOCKFILE_FILENAME = "skills.lock";
+const supportLevelSchema$1 = z.enum([
+	"full",
+	"degraded",
+	"none"
+]);
+const adapterCapabilitiesSchema$1 = z.object({
+	instruction: supportLevelSchema$1,
+	hook: supportLevelSchema$1,
+	tool: supportLevelSchema$1,
+	agent: supportLevelSchema$1,
+	rule: supportLevelSchema$1,
+	resource: supportLevelSchema$1,
+	prompt: supportLevelSchema$1
+}).strict();
+const compilationWarningSchema$1 = z.object({
+	level: z.enum(["degraded", "skipped"]),
+	atomKind: z.string(),
+	message: z.string()
+}).strict();
+const fileWriteSchema = z.object({
+	path: z.string().min(1),
+	content: z.string()
+}).strict();
+z.object({
+	files: z.array(fileWriteSchema),
+	warnings: z.array(compilationWarningSchema$1)
+}).strict();
+z.object({
+	name: z.string().min(1, "Adapter name must not be empty"),
+	supportedRange: z.string().min(1, "Supported range must not be empty"),
+	capabilities: adapterCapabilitiesSchema$1
+}).strict();
+z.enum([
+	"instruction",
+	"hook",
+	"tool",
+	"agent",
+	"rule",
+	"resource",
+	"prompt"
+]);
+const extensionBagSchema$1 = z.record(z.string(), z.unknown()).optional();
+const modelTierSchema$1 = z.enum([
+	"fast",
+	"balanced",
+	"powerful",
+	"custom"
+]);
+modelTierSchema$1.options;
+const canonicalToolNameSchema$1 = z.enum([
+	"bash",
+	"read",
+	"write",
+	"edit",
+	"grep",
+	"glob",
+	"lsp",
+	"mcp",
+	"browser",
+	"fetch",
+	"git",
+	"task",
+	"notebook"
+]);
+canonicalToolNameSchema$1.options;
+const agentIRSchema$1 = z.object({
+	kind: z.literal("agent"),
+	name: z.string().min(1, "Agent name must not be empty"),
+	role: z.string().min(1, "Agent role must not be empty"),
+	tools: z.array(canonicalToolNameSchema$1.or(z.string().min(1))).optional(),
+	model: modelTierSchema$1.or(z.string().min(1)).optional(),
+	readonly: z.boolean().optional(),
+	extensions: extensionBagSchema$1
+}).strict();
+const hookEventSchema$1 = z.enum([
+	"pre-tool-use",
+	"post-tool-use",
+	"pre-file-read",
+	"post-file-read",
+	"pre-file-write",
+	"post-file-write",
+	"file-edited",
+	"file-watcher-updated",
+	"pre-command",
+	"post-command",
+	"pre-mcp-tool-use",
+	"post-mcp-tool-use",
+	"session-created",
+	"session-updated",
+	"session-idle",
+	"session-error",
+	"session-deleted",
+	"pre-stop",
+	"task-start",
+	"task-resume",
+	"task-complete",
+	"task-cancel",
+	"pre-user-prompt",
+	"post-response",
+	"message-updated",
+	"message-removed",
+	"system-prompt-transform",
+	"pre-context-compact",
+	"post-context-compact",
+	"permission-asked",
+	"permission-replied",
+	"lsp-diagnostics",
+	"lsp-updated",
+	"subagent-start",
+	"subagent-complete",
+	"subagent-tool-use",
+	"shell-env",
+	"todo-updated",
+	"installation-updated"
+]);
+hookEventSchema$1.options;
+const hookActionIRSchema$1 = z.object({
+	action: z.enum([
+		"block",
+		"allow",
+		"rewrite",
+		"injectContext"
+	]),
+	match: z.string().optional(),
+	reason: z.string().optional(),
+	value: z.string().optional()
+}).strict();
+const hookDslHandlerSchema = z.object({
+	type: z.literal("dsl"),
+	actions: z.array(hookActionIRSchema$1).min(1, "DSL handler must have at least one action")
+}).strict();
+const hookJsHandlerSchema = z.object({
+	type: z.literal("js"),
+	entry: z.string().min(1, "JS handler entry path must not be empty")
+}).strict();
+const hookHandlerIRSchema$1 = z.discriminatedUnion("type", [hookDslHandlerSchema, hookJsHandlerSchema]);
+const hookIRSchema$1 = z.object({
+	kind: z.literal("hook"),
+	name: z.string().optional(),
+	event: hookEventSchema$1,
+	match: canonicalToolNameSchema$1.or(z.string().min(1)).optional(),
+	handler: hookHandlerIRSchema$1,
+	scope: z.enum(["project", "global"]).optional(),
+	extensions: extensionBagSchema$1
+}).strict();
+const instructionIRSchema$1 = z.object({
+	kind: z.literal("instruction"),
+	content: z.string().min(1, "Content path must not be empty"),
+	scope: z.enum([
+		"project",
+		"global",
+		"directory"
+	]).optional(),
+	globs: z.array(z.string()).optional(),
+	extensions: extensionBagSchema$1
+}).strict();
 const networkPermissionsSchema$1 = z.object({ outbound: z.array(z.string()).optional() }).strict();
 const filesystemPermissionsSchema$1 = z.object({
 	read: z.array(z.string()).optional(),
@@ -53,7 +209,77 @@ z.enum([
 	"org.member.remove",
 	"org.delete"
 ]);
-const skillsJsonSchema = z.object({
+const promptIRSchema$1 = z.object({
+	kind: z.literal("prompt"),
+	name: z.string().min(1, "Prompt name must not be empty"),
+	description: z.string().optional(),
+	template: z.string().min(1, "Prompt template path must not be empty"),
+	arguments: z.array(z.object({
+		name: z.string(),
+		description: z.string().optional(),
+		required: z.boolean().optional()
+	}).strict()).optional(),
+	extensions: extensionBagSchema$1
+}).strict();
+const resourceIRSchema$1 = z.object({
+	kind: z.literal("resource"),
+	name: z.string().optional(),
+	uri: z.string().min(1, "Resource URI must not be empty"),
+	description: z.string().optional(),
+	mimeType: z.string().optional(),
+	extensions: extensionBagSchema$1
+}).strict();
+const ruleIRSchema$1 = z.object({
+	kind: z.literal("rule"),
+	name: z.string().optional(),
+	event: hookEventSchema$1,
+	match: canonicalToolNameSchema$1.or(z.string().min(1)).optional(),
+	policy: z.enum([
+		"block",
+		"allow",
+		"warn"
+	]),
+	reason: z.string().optional(),
+	extensions: extensionBagSchema$1
+}).strict();
+const mcpServerConfigSchema$1 = z.object({
+	command: z.string().min(1).optional(),
+	args: z.array(z.string()).optional(),
+	env: z.record(z.string(), z.string()).optional(),
+	runtime: z.string().min(1).optional(),
+	entry: z.string().min(1).optional()
+}).strict().refine((data) => data.command || data.runtime && data.entry, "MCP config must have either \"command\" or both \"runtime\" and \"entry\"");
+const toolIRSchema$1 = z.object({
+	kind: z.literal("tool"),
+	name: z.string().min(1, "Tool name must not be empty"),
+	description: z.string().optional(),
+	mcp: mcpServerConfigSchema$1.optional(),
+	extensions: extensionBagSchema$1
+}).strict();
+const NAME_PATTERN$1 = /^@[a-z0-9-]+\/[a-z0-9][a-z0-9-]*$/;
+const SEMVER_PATTERN$2 = /^\d+\.\d+\.\d+(-[a-zA-Z0-9.-]+)?(\+[a-zA-Z0-9.-]+)?$/;
+const atomIRSchema$1 = z.discriminatedUnion("kind", [
+	instructionIRSchema$1,
+	hookIRSchema$1,
+	toolIRSchema$1,
+	agentIRSchema$1,
+	ruleIRSchema$1,
+	resourceIRSchema$1,
+	promptIRSchema$1
+]);
+z.object({
+	name: z.string().min(1, "Name must not be empty").max(214, `Name must be 214 characters or fewer`).regex(NAME_PATTERN$1, "Name must be scoped (@org/name), lowercase alphanumeric and hyphens"),
+	version: z.string().regex(SEMVER_PATTERN$2, "Version must be valid semver"),
+	description: z.string().max(500).optional(),
+	atoms: z.array(atomIRSchema$1),
+	includes: z.array(z.string()).optional(),
+	skills: z.record(z.string(), z.string()).optional(),
+	permissions: permissionsSchema$1.optional(),
+	repository: z.string().url("Repository must be a valid URL").optional(),
+	visibility: z.enum(["public", "private"]).optional(),
+	audit: z.object({ min_score: z.number().min(0).max(10) }).strict().optional()
+}).strict();
+const baseManifestFields$1 = {
 	name: z.string().min(1, "Name must not be empty").max(214, `Name must be 214 characters or fewer`).regex(/^@[a-z0-9-]+\/[a-z0-9][a-z0-9-]*$/, "Name must be scoped (@org/name), lowercase alphanumeric and hyphens"),
 	version: z.string().regex(/^\d+\.\d+\.\d+(-[a-zA-Z0-9.-]+)?(\+[a-zA-Z0-9.-]+)?$/, "Version must be valid semver"),
 	description: z.string().max(500, `Description must be 500 characters or fewer`).optional(),
@@ -62,7 +288,30 @@ const skillsJsonSchema = z.object({
 	repository: z.string().url("Repository must be a valid URL").optional(),
 	visibility: z.enum(["public", "private"]).optional(),
 	audit: z.object({ min_score: z.number().min(0).max(10) }).strict().optional()
+};
+/** Legacy skills.json schema — strict, no atoms. Used for backward-compatible consumers. */
+const skillsJsonSchema = z.object(baseManifestFields$1).strict();
+z.object({
+	...baseManifestFields$1,
+	atoms: z.array(z.record(z.string(), z.unknown())).optional(),
+	includes: z.array(z.string()).optional()
 }).strict();
+const SKILL_SOURCES$1 = [
+	"registry",
+	"github",
+	"clawhub",
+	"skills_sh",
+	"agentskills_il",
+	"npm",
+	"local"
+];
+const SCAN_VERDICTS$1 = [
+	"pass",
+	"pass_with_notes",
+	"flagged",
+	"fail",
+	"error"
+];
 const lockedSkillV1Schema$1 = z.object({
 	resolved: z.string().url(),
 	integrity: z.string().regex(/^sha512-/, "Integrity must start with sha512-"),
@@ -78,7 +327,10 @@ const lockedSkillSchema$1 = z.object({
 	integrity: z.string().regex(/^sha512-/, "Integrity must start with sha512-"),
 	permissions: permissionsSchema$1,
 	audit_score: z.number().min(0).max(10).nullable(),
-	dependencies: z.record(z.string(), z.string()).optional()
+	dependencies: z.record(z.string(), z.string()).optional(),
+	source: z.enum(SKILL_SOURCES$1).optional(),
+	scan_verdict: z.enum(SCAN_VERDICTS$1).optional(),
+	scanned_at: z.string().optional()
 });
 z.object({
 	lockfileVersion: z.union([z.literal(1), z.literal(2)]),
@@ -1737,6 +1989,61 @@ const $ZodUnion = /* @__PURE__ */ $constructor("$ZodUnion", (inst, def) => {
 		});
 	};
 });
+const $ZodDiscriminatedUnion = /* @__PURE__ */ $constructor("$ZodDiscriminatedUnion", (inst, def) => {
+	def.inclusive = false;
+	$ZodUnion.init(inst, def);
+	const _super = inst._zod.parse;
+	defineLazy(inst._zod, "propValues", () => {
+		const propValues = {};
+		for (const option of def.options) {
+			const pv = option._zod.propValues;
+			if (!pv || Object.keys(pv).length === 0) throw new Error(`Invalid discriminated union option at index "${def.options.indexOf(option)}"`);
+			for (const [k, v] of Object.entries(pv)) {
+				if (!propValues[k]) propValues[k] = /* @__PURE__ */ new Set();
+				for (const val of v) propValues[k].add(val);
+			}
+		}
+		return propValues;
+	});
+	const disc = cached(() => {
+		const opts = def.options;
+		const map = /* @__PURE__ */ new Map();
+		for (const o of opts) {
+			const values = o._zod.propValues?.[def.discriminator];
+			if (!values || values.size === 0) throw new Error(`Invalid discriminated union option at index "${def.options.indexOf(o)}"`);
+			for (const v of values) {
+				if (map.has(v)) throw new Error(`Duplicate discriminator value "${String(v)}"`);
+				map.set(v, o);
+			}
+		}
+		return map;
+	});
+	inst._zod.parse = (payload, ctx) => {
+		const input = payload.value;
+		if (!isObject(input)) {
+			payload.issues.push({
+				code: "invalid_type",
+				expected: "object",
+				input,
+				inst
+			});
+			return payload;
+		}
+		const opt = disc.value.get(input?.[def.discriminator]);
+		if (opt) return opt._zod.run(payload, ctx);
+		if (def.unionFallback) return _super(payload, ctx);
+		payload.issues.push({
+			code: "invalid_union",
+			errors: [],
+			note: "No matching discriminator",
+			discriminator: def.discriminator,
+			input,
+			path: [def.discriminator],
+			inst
+		});
+		return payload;
+	};
+});
 const $ZodIntersection = /* @__PURE__ */ $constructor("$ZodIntersection", (inst, def) => {
 	$ZodType.init(inst, def);
 	inst._zod.parse = (payload, ctx) => {
@@ -3685,6 +3992,18 @@ function union(options, params) {
 		...normalizeParams(params)
 	});
 }
+const ZodDiscriminatedUnion = /* @__PURE__ */ $constructor("ZodDiscriminatedUnion", (inst, def) => {
+	ZodUnion.init(inst, def);
+	$ZodDiscriminatedUnion.init(inst, def);
+});
+function discriminatedUnion(discriminator, options, params) {
+	return new ZodDiscriminatedUnion({
+		type: "union",
+		options,
+		discriminator,
+		...normalizeParams(params)
+	});
+}
 const ZodIntersection = /* @__PURE__ */ $constructor("ZodIntersection", (inst, def) => {
 	$ZodIntersection.init(inst, def);
 	ZodType.init(inst, def);
@@ -3930,6 +4249,159 @@ function superRefine(fn) {
 	return /* @__PURE__ */ _superRefine(fn);
 }
 const REGISTRY_URL = process.env.TANK_REGISTRY_URL || "https://www.tankpkg.dev";
+const supportLevelSchema = _enum([
+	"full",
+	"degraded",
+	"none"
+]);
+const adapterCapabilitiesSchema = object({
+	instruction: supportLevelSchema,
+	hook: supportLevelSchema,
+	tool: supportLevelSchema,
+	agent: supportLevelSchema,
+	rule: supportLevelSchema,
+	resource: supportLevelSchema,
+	prompt: supportLevelSchema
+}).strict();
+const compilationWarningSchema = object({
+	level: _enum(["degraded", "skipped"]),
+	atomKind: string(),
+	message: string()
+}).strict();
+object({
+	files: array(object({
+		path: string().min(1),
+		content: string()
+	}).strict()),
+	warnings: array(compilationWarningSchema)
+}).strict();
+object({
+	name: string().min(1, "Adapter name must not be empty"),
+	supportedRange: string().min(1, "Supported range must not be empty"),
+	capabilities: adapterCapabilitiesSchema
+}).strict();
+_enum([
+	"instruction",
+	"hook",
+	"tool",
+	"agent",
+	"rule",
+	"resource",
+	"prompt"
+]);
+const extensionBagSchema = record(string(), unknown()).optional();
+const modelTierSchema = _enum([
+	"fast",
+	"balanced",
+	"powerful",
+	"custom"
+]);
+modelTierSchema.options;
+const canonicalToolNameSchema = _enum([
+	"bash",
+	"read",
+	"write",
+	"edit",
+	"grep",
+	"glob",
+	"lsp",
+	"mcp",
+	"browser",
+	"fetch",
+	"git",
+	"task",
+	"notebook"
+]);
+canonicalToolNameSchema.options;
+const agentIRSchema = object({
+	kind: literal("agent"),
+	name: string().min(1, "Agent name must not be empty"),
+	role: string().min(1, "Agent role must not be empty"),
+	tools: array(canonicalToolNameSchema.or(string().min(1))).optional(),
+	model: modelTierSchema.or(string().min(1)).optional(),
+	readonly: boolean().optional(),
+	extensions: extensionBagSchema
+}).strict();
+const hookEventSchema = _enum([
+	"pre-tool-use",
+	"post-tool-use",
+	"pre-file-read",
+	"post-file-read",
+	"pre-file-write",
+	"post-file-write",
+	"file-edited",
+	"file-watcher-updated",
+	"pre-command",
+	"post-command",
+	"pre-mcp-tool-use",
+	"post-mcp-tool-use",
+	"session-created",
+	"session-updated",
+	"session-idle",
+	"session-error",
+	"session-deleted",
+	"pre-stop",
+	"task-start",
+	"task-resume",
+	"task-complete",
+	"task-cancel",
+	"pre-user-prompt",
+	"post-response",
+	"message-updated",
+	"message-removed",
+	"system-prompt-transform",
+	"pre-context-compact",
+	"post-context-compact",
+	"permission-asked",
+	"permission-replied",
+	"lsp-diagnostics",
+	"lsp-updated",
+	"subagent-start",
+	"subagent-complete",
+	"subagent-tool-use",
+	"shell-env",
+	"todo-updated",
+	"installation-updated"
+]);
+hookEventSchema.options;
+const hookActionIRSchema = object({
+	action: _enum([
+		"block",
+		"allow",
+		"rewrite",
+		"injectContext"
+	]),
+	match: string().optional(),
+	reason: string().optional(),
+	value: string().optional()
+}).strict();
+const hookHandlerIRSchema = discriminatedUnion("type", [object({
+	type: literal("dsl"),
+	actions: array(hookActionIRSchema).min(1, "DSL handler must have at least one action")
+}).strict(), object({
+	type: literal("js"),
+	entry: string().min(1, "JS handler entry path must not be empty")
+}).strict()]);
+const hookIRSchema = object({
+	kind: literal("hook"),
+	name: string().optional(),
+	event: hookEventSchema,
+	match: canonicalToolNameSchema.or(string().min(1)).optional(),
+	handler: hookHandlerIRSchema,
+	scope: _enum(["project", "global"]).optional(),
+	extensions: extensionBagSchema
+}).strict();
+const instructionIRSchema = object({
+	kind: literal("instruction"),
+	content: string().min(1, "Content path must not be empty"),
+	scope: _enum([
+		"project",
+		"global",
+		"directory"
+	]).optional(),
+	globs: array(string()).optional(),
+	extensions: extensionBagSchema
+}).strict();
 const networkPermissionsSchema = object({ outbound: array(string()).optional() }).strict();
 const filesystemPermissionsSchema = object({
 	read: array(string()).optional(),
@@ -3968,7 +4440,77 @@ _enum([
 	"org.member.remove",
 	"org.delete"
 ]);
+const promptIRSchema = object({
+	kind: literal("prompt"),
+	name: string().min(1, "Prompt name must not be empty"),
+	description: string().optional(),
+	template: string().min(1, "Prompt template path must not be empty"),
+	arguments: array(object({
+		name: string(),
+		description: string().optional(),
+		required: boolean().optional()
+	}).strict()).optional(),
+	extensions: extensionBagSchema
+}).strict();
+const resourceIRSchema = object({
+	kind: literal("resource"),
+	name: string().optional(),
+	uri: string().min(1, "Resource URI must not be empty"),
+	description: string().optional(),
+	mimeType: string().optional(),
+	extensions: extensionBagSchema
+}).strict();
+const ruleIRSchema = object({
+	kind: literal("rule"),
+	name: string().optional(),
+	event: hookEventSchema,
+	match: canonicalToolNameSchema.or(string().min(1)).optional(),
+	policy: _enum([
+		"block",
+		"allow",
+		"warn"
+	]),
+	reason: string().optional(),
+	extensions: extensionBagSchema
+}).strict();
+const mcpServerConfigSchema = object({
+	command: string().min(1).optional(),
+	args: array(string()).optional(),
+	env: record(string(), string()).optional(),
+	runtime: string().min(1).optional(),
+	entry: string().min(1).optional()
+}).strict().refine((data) => data.command || data.runtime && data.entry, "MCP config must have either \"command\" or both \"runtime\" and \"entry\"");
+const toolIRSchema = object({
+	kind: literal("tool"),
+	name: string().min(1, "Tool name must not be empty"),
+	description: string().optional(),
+	mcp: mcpServerConfigSchema.optional(),
+	extensions: extensionBagSchema
+}).strict();
+const NAME_PATTERN = /^@[a-z0-9-]+\/[a-z0-9][a-z0-9-]*$/;
+const SEMVER_PATTERN$1 = /^\d+\.\d+\.\d+(-[a-zA-Z0-9.-]+)?(\+[a-zA-Z0-9.-]+)?$/;
+const atomIRSchema = discriminatedUnion("kind", [
+	instructionIRSchema,
+	hookIRSchema,
+	toolIRSchema,
+	agentIRSchema,
+	ruleIRSchema,
+	resourceIRSchema,
+	promptIRSchema
+]);
 object({
+	name: string().min(1, "Name must not be empty").max(214, `Name must be 214 characters or fewer`).regex(NAME_PATTERN, "Name must be scoped (@org/name), lowercase alphanumeric and hyphens"),
+	version: string().regex(SEMVER_PATTERN$1, "Version must be valid semver"),
+	description: string().max(500).optional(),
+	atoms: array(atomIRSchema),
+	includes: array(string()).optional(),
+	skills: record(string(), string()).optional(),
+	permissions: permissionsSchema.optional(),
+	repository: string().url("Repository must be a valid URL").optional(),
+	visibility: _enum(["public", "private"]).optional(),
+	audit: object({ min_score: number().min(0).max(10) }).strict().optional()
+}).strict();
+const baseManifestFields = {
 	name: string().min(1, "Name must not be empty").max(214, `Name must be 214 characters or fewer`).regex(/^@[a-z0-9-]+\/[a-z0-9][a-z0-9-]*$/, "Name must be scoped (@org/name), lowercase alphanumeric and hyphens"),
 	version: string().regex(/^\d+\.\d+\.\d+(-[a-zA-Z0-9.-]+)?(\+[a-zA-Z0-9.-]+)?$/, "Version must be valid semver"),
 	description: string().max(500, `Description must be 500 characters or fewer`).optional(),
@@ -3977,7 +4519,29 @@ object({
 	repository: string().url("Repository must be a valid URL").optional(),
 	visibility: _enum(["public", "private"]).optional(),
 	audit: object({ min_score: number().min(0).max(10) }).strict().optional()
+};
+object(baseManifestFields).strict();
+object({
+	...baseManifestFields,
+	atoms: array(record(string(), unknown())).optional(),
+	includes: array(string()).optional()
 }).strict();
+const SKILL_SOURCES = [
+	"registry",
+	"github",
+	"clawhub",
+	"skills_sh",
+	"agentskills_il",
+	"npm",
+	"local"
+];
+const SCAN_VERDICTS = [
+	"pass",
+	"pass_with_notes",
+	"flagged",
+	"fail",
+	"error"
+];
 const lockedSkillV1Schema = object({
 	resolved: string().url(),
 	integrity: string().regex(/^sha512-/, "Integrity must start with sha512-"),
@@ -3993,7 +4557,10 @@ const lockedSkillSchema = object({
 	integrity: string().regex(/^sha512-/, "Integrity must start with sha512-"),
 	permissions: permissionsSchema,
 	audit_score: number().min(0).max(10).nullable(),
-	dependencies: record(string(), string()).optional()
+	dependencies: record(string(), string()).optional(),
+	source: _enum(SKILL_SOURCES).optional(),
+	scan_verdict: _enum(SCAN_VERDICTS).optional(),
+	scanned_at: string().optional()
 });
 object({
 	lockfileVersion: union([literal(1), literal(2)]),