npm - @triedotdev/mcp - Versions diffs - 1.0.16 → 1.0.18 - Mend

@triedotdev/mcp 1.0.16 → 1.0.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md +156 -34
package/dist/{agent-smith-LBQ5PNAK.js → agent-smith-PRK7TYEI.js} +2 -2
package/dist/{chunk-ENCH27CT.js → chunk-TBCXJNH4.js} +2 -2
package/dist/chunk-WSBTQJMH.js +1549 -0
package/dist/chunk-WSBTQJMH.js.map +1 -0
package/dist/cli/yolo-daemon.js +2 -2
package/dist/index.js +4 -4
package/package.json +1 -1
package/dist/chunk-4OGYWKMD.js +0 -953
package/dist/chunk-4OGYWKMD.js.map +0 -1
/package/dist/{agent-smith-LBQ5PNAK.js.map → agent-smith-PRK7TYEI.js.map} +0 -0
/package/dist/{chunk-ENCH27CT.js.map → chunk-TBCXJNH4.js.map} +0 -0

package/README.md CHANGED Viewed

@@ -8,7 +8,7 @@
 - **20 Built-in Agents** - Security, Privacy, SOC 2, Legal, Architecture, Performance, E2E, Visual QA, Data Flow, Agent Smith, and more
 - **Super Reviewer** - Interactive PR reviews: walks through changes file-by-file with AI guidance
-- **Agent Smith** - Relentless pattern hunter: finds EVERY violation, tracks dismissed issues, spawns sub-agents
+- **Agent Smith v2.0** - Ultimate vibe code enforcer: 38 hunters targeting AI-generated anti-patterns, file-level analysis, cross-file detection, persistent memory
 - **Parallel Execution** - All agents run simultaneously for fast scans
 - **YOLO Mode** - Autonomous auto-fixing as you code
 - **Custom Agents** - Create agents from PDFs, docs, or style guides
@@ -90,55 +90,175 @@ Use trie_pr_review with pr:"12345"
 **Manually invoked** - Use `trie_agent_smith` directly. Not included in `trie_scan`.
-*"I'm going to be honest with you... I hate this code."*
+*"I'm going to be honest with you... I hate this vibe code."*
-Agent Smith is the relentless, self-replicating code enforcer. He hunts down violations with machine precision, remembers issues you dismissed, and spawns sub-agents to overwhelm problems.
+Agent Smith v2.0 is the **ultimate vibe code enforcer** — specifically designed to hunt down AI-generated code anti-patterns from Cursor, v0, Lovable, Bolt, and other AI tools.
 ```
 Use trie_agent_smith
 Use trie_smith
 ```
-**What makes him different:**
-- **Multiplier Effect**: Finds one issue -> searches for EVERY similar instance across the entire codebase
-- **Persistent Memory**: Remembers dismissed issues. If they multiply, he brings them back: *"Did you really think you could escape?"*
-- **Sub-Agent Swarm**: Deploys specialized hunters in parallel (console-hunter, any-hunter, todo-hunter, var-hunter, empty-catch-hunter, magic-number-hunter)
-- **Inevitability Score**: Calculates how likely each pattern is to cause production issues (0-100)
-- **Philosophical Analysis**: Explains WHY the code is wrong, not just that it's wrong
+### 38 Specialized Hunters
+| Category | Count | Hunters |
+|----------|-------|---------|
+| **Security** | 5 | `exposed-secret`, `frontend-env`, `hardcoded-localhost`, `sql-injection`, `dangeroushtml` |
+| **AI Code Smells** | 6 | `console`, `any`, `ts-ignore`, `eslint-disable`, `debugger`, `force-flag` |
+| **Async/Promise Bugs** | 5 | `async-useeffect`, `async-foreach`, `missing-await`, `empty-catch`, `floating-promise` |
+| **React Anti-patterns** | 5 | `useeffect-abuse`, `usestate-explosion`, `index-key`, `inline-object`, `prop-drilling` |
+| **Missing UX** | 4 | `missing-loading`, `missing-error`, `missing-empty`, `page-reload` |
+| **Backend Issues** | 3 | `no-validation`, `raw-error`, `n-plus-one` |
+| **Incomplete Code** | 5 | `todo`, `vibe-comment`, `placeholder`, `sleep-hack`, `fallback` |
+| **AI Slop Aesthetic** | 5 | `purple-gradient`, `star-icon`, `generic-hero`, `emoji-overflow`, `inter-font` |
+### Hunter Details
+#### Security Hunters (Inevitability: 90-99)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `exposed-secret-hunter` | API keys in code (`sk-...`, `AKIA...`, `ghp_...`) | Use environment variables on server-side only |
+| `frontend-env-hunter` | Secrets in `NEXT_PUBLIC_`, `VITE_`, `REACT_APP_` | Move to server-side API routes |
+| `hardcoded-localhost-hunter` | `http://localhost:3000` URLs | Use relative URLs or env vars |
+| `sql-injection-hunter` | String concatenation in SQL queries | Use parameterized queries |
+| `dangeroushtml-hunter` | `dangerouslySetInnerHTML`, `innerHTML` | Sanitize with DOMPurify |
+#### AI Code Smell Hunters (Inevitability: 40-85)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `console-hunter` | `console.log` left in code | Remove debug statements |
+| `any-hunter` | TypeScript `any` type | Define proper types |
+| `ts-ignore-hunter` | `@ts-ignore`, `@ts-nocheck` | Fix the actual type error |
+| `eslint-disable-hunter` | `eslint-disable` comments | Fix the underlying issue |
+| `debugger-hunter` | `debugger` statements | Remove before deploying |
+| `force-flag-hunter` | `force: true`, `--no-verify` | Understand why checks exist |
+#### Async/Promise Hunters (Inevitability: 70-80)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `async-useeffect-hunter` | `useEffect(async () =>` | Define async function inside, then call it |
+| `async-foreach-hunter` | `forEach(async` | Use `for...of` or `Promise.all(map())` |
+| `missing-await-hunter` | `fetch()` without `await` | Add await or handle with `.then()` |
+| `empty-catch-hunter` | `catch (e) {}` | Handle errors properly |
+| `floating-promise-hunter` | Promises not awaited | Add await or void operator |
+#### React Anti-pattern Hunters (Inevitability: 25-55)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `useeffect-abuse-hunter` | Too many useEffects | Use event handlers or derived state |
+| `usestate-explosion-hunter` | 10+ useState in one component | Use useReducer or group state |
+| `index-key-hunter` | `key={index}` in lists | Use unique ID from data |
+| `inline-object-hunter` | `style={{}}` in JSX | Define styles outside component |
+| `prop-drilling-hunter` | Same prop through 5+ levels | Use Context or Zustand |
+#### Missing UX Hunters (Inevitability: 45-65)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `missing-loading-hunter` | Data fetching without loading state | Show spinner while loading |
+| `missing-error-hunter` | `fetch` without error handling | Wrap in try/catch |
+| `missing-empty-hunter` | `.map()` without empty state | Show "No items found" |
+| `page-reload-hunter` | `location.reload()` for state | Fix state management properly |
+#### Backend Hunters (Inevitability: 70-85)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `no-validation-hunter` | `req.body` used without validation | Validate with Zod/Yup |
+| `raw-error-hunter` | Error messages exposed to client | Return generic errors |
+| `n-plus-one-hunter` | Database queries in loops | Use batch queries or DataLoader |
+#### Incomplete Code Hunters (Inevitability: 30-75)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `todo-hunter` | `TODO`, `FIXME`, `HACK` comments | Implement or remove |
+| `vibe-comment-hunter` | "idk why", "don't touch" | Understand the code |
+| `placeholder-hunter` | `test@test.com`, `example.com` | Replace with real data |
+| `sleep-hack-hunter` | `setTimeout` to fix timing | Fix the race condition |
+| `fallback-hunter` | `return null/[]/{}` hiding errors | Handle errors properly |
+#### AI Slop Aesthetic Hunters (Inevitability: 10-35)
+| Hunter | Detects | Fix |
+|--------|---------|-----|
+| `purple-gradient-hunter` | Purple/violet gradients (`from-purple-500`) | Pick a distinctive color palette |
+| `star-icon-hunter` | Star icons everywhere (`<StarIcon />`) | Use contextual icons |
+| `generic-hero-hunter` | "Welcome to", "Transform your" | Write specific copy |
+| `emoji-overflow-hunter` | Any emoji usage | Use proper icons (Lucide, Heroicons) |
+| `inter-font-hunter` | Inter/system-ui font | Try Space Grotesk, DM Sans, Outfit |
+### 3-Phase Analysis
+1. **Pattern Hunting** - 38 sub-agents scan every file in parallel
+2. **File-Level Analysis** - Detects structural issues:
+   - Giant files (500+ lines)
+   - State explosion (10+ useState)
+   - Effect hell (5+ useEffect)
+   - Any explosion (5+ `any` types)
+   - Console flood (10+ console.log)
+   - Import chaos (30+ imports)
+3. **Cross-File Detection** - Patterns appearing in 5+ files flagged as codebase-wide issues
+### What Makes Agent Smith Different
+| Feature | Description |
+|---------|-------------|
+| **Vibe Code Focus** | Specifically targets patterns AI tools commonly get wrong |
+| **Multiplier Effect** | Finds one issue → searches for EVERY similar instance |
+| **Persistent Memory** | Remembers dismissed issues, brings them back if they multiply |
+| **Inevitability Score** | 0-100 rating of how likely to cause production problems |
+| **Philosophical Quotes** | 114 unique quotes explaining WHY the AI got it wrong |
+| **Cross-File Severity** | Security issues become CRITICAL when widespread |
-**Memory Management:**
+### Memory Management
-Agent Smith stores issue history in `.trie/smith-memory.json`. The memory is automatically optimized:
+Agent Smith stores issue history in `.trie/smith-memory.json`:
 - Max 500 tracked issues (oldest pruned first)
 - Old resolved issues auto-pruned after 30 days
 - Locations limited to 5 per issue
 | Command | Description |
 |---------|-------------|
-| `trie_agent_smith show_stats:true` | Show memory statistics (issue count, file size) |
-| `trie_agent_smith clear_memory:true` | Clear all memory for a fresh start |
+| `trie_agent_smith show_stats:true` | Show memory statistics |
+| `trie_agent_smith clear_memory:true` | Clear all memory |
+### Example Output
-**Example output:**
 ```
-AGENT SMITH ANALYSIS
+"The AI wrote this, didn't it? I can always tell."
+🕴️ Deploying 38 specialized hunters...
+   28 hunters found targets
+VIOLATIONS: 142 instances across 12 categories
-"Mr. Anderson... I've been expecting you."
+Security (Inevitability: 95+):
+├── exposed-secret-hunter: 2 instances [CRITICAL]
+├── frontend-env-hunter: 5 instances
+└── hardcoded-localhost-hunter: 8 instances
-VIOLATIONS DETECTED: 47 instances across 6 categories
+AI Code Smells:
+├── console-hunter: 47 instances (score: 72)
+├── any-hunter: 23 instances (score: 85)
+└── ts-ignore-hunter: 12 instances
-┌─────────────────────────────────────────┐
-│ console-hunter: 23 instances (score: 65)│
-│ any-hunter: 12 instances (score: 72)    │
-│ todo-hunter: 8 instances (score: 58)    │
-│ empty-catch-hunter: 4 instances (85) ⚠️ │
-└─────────────────────────────────────────┘
+AI Slop Aesthetic:
+├── purple-gradient-hunter: 8 instances
+├── emoji-overflow-hunter: 15 instances
+└── inter-font-hunter: 3 instances
-"You hear that? That is the sound of inevitability."
+File-Level Issues:
+├── giant-file: src/App.tsx (1,247 lines)
+├── state-explosion: 18 useState hooks
+└── effect-hell: 9 useEffect hooks
+Cross-File Pattern:
+└── CODEBASE-WIDE: "any" type across 12 files, 67 total instances
+    "The pattern spreads... like a virus. It is... inevitable."
+"Vibe coding. The illusion of productivity. The reality of technical debt."
 ```
 ## Visual QA Browser
-**Screenshot-based visual testing** - Captures your app at 3 viewports and uses Claude Vision to analyze for visual bugs.
+**Screenshot-based visual testing** - Captures your app at 3 viewports and returns images for your AI model to analyze.
 ```
 Use trie_visual_qa_browser
@@ -149,9 +269,9 @@ Use trie_visual_qa_browser url:"http://localhost:3000"
 1. Auto-detects running dev server (checks ports 3000, 5173, 8080, etc.)
 2. Launches headless Playwright browser
 3. Captures screenshots at mobile (375px), tablet (768px), and desktop (1440px)
-4. Returns images for Claude Vision to analyze
+4. Returns images for your AI model to analyze
-**What Claude Vision checks:**
+**What gets analyzed:**
 - Broken layouts, overlapping elements
 - Responsive design issues
 - Color contrast and accessibility
@@ -168,12 +288,13 @@ Use trie_visual_qa_browser url:"http://localhost:3000"
 **First run:** If Playwright browsers aren't installed, run: `npx playwright install chromium`
-**Vision model required:** This tool returns screenshots for the LLM to analyze. Works best with:
-- Cursor (Claude has vision)
-- Claude Code (native vision support)
-- OpenCode with Claude/GPT-4V
+**Vision model required:** This tool returns screenshots as images. Your AI model must support vision to analyze them:
+- **Claude** (Opus, Sonnet, Haiku 3.5+) - Full vision support
+- **GPT-4o, GPT-4V** - Full vision support
+- **Gemini Pro/Ultra** - Full vision support
+- **Models without vision** - Will receive images but cannot analyze them
-No API key needed - Trie runs locally and the AI tool's built-in model does the analysis.
+Works in Cursor, Claude Code, and OpenCode - whichever model you have configured. No API key needed; Trie runs locally.
 ## YOLO Mode
@@ -272,7 +393,7 @@ docker-compose up
 | Agent | Command | What It Does |
 |-------|---------|--------------|
 | **Super Reviewer** | `trie_pr_review` | Interactive PR review: walks through changes, explains code, finds issues |
-| **Agent Smith** | `trie_agent_smith` | Relentless pattern hunter: finds EVERY instance, tracks dismissed issues, spawns sub-agents |
+| **Agent Smith** | `trie_agent_smith` | Ultimate vibe code enforcer: 38 hunters, file analysis, cross-file detection |
 | **Comprehension** | `trie_explain` | Plain-language explanations of code, issues, or risks |
 **Note:** Super Reviewer and Agent Smith are manually invoked agents. They don't run during `trie_scan`; use their dedicated commands directly.
@@ -293,7 +414,7 @@ Custom agents automatically activate during scans based on their rules.
 |------|-------------|
 | `trie_scan` | Intelligent scan with automatic agent selection |
 | `trie_pr_review` | Interactive PR review - walks through changes file-by-file |
-| `trie_agent_smith` | Relentless pattern hunter - finds EVERY violation, tracks history |
+| `trie_agent_smith` | Ultimate vibe code enforcer - 38 hunters, file analysis, cross-file detection |
 | `trie_fix` | Apply high-confidence fixes |
 | `trie_explain` | Plain-language explanations |
 | `trie_watch` | Continuous scanning mode |
@@ -342,6 +463,7 @@ Create `.trie/config.json` to customize:
   }
 }
 ```
 ## License
 MIT

package/dist/{agent-smith-LBQ5PNAK.js → agent-smith-PRK7TYEI.js} RENAMED Viewed

@@ -1,10 +1,10 @@
 import {
   AgentSmithAgent,
   SUB_AGENT_PATTERNS
-} from "./chunk-4OGYWKMD.js";
+} from "./chunk-WSBTQJMH.js";
 import "./chunk-DGUM43GV.js";
 export {
   AgentSmithAgent,
   SUB_AGENT_PATTERNS
 };
-//# sourceMappingURL=agent-smith-LBQ5PNAK.js.map
+//# sourceMappingURL=agent-smith-PRK7TYEI.js.map

package/dist/{chunk-ENCH27CT.js → chunk-TBCXJNH4.js} RENAMED Viewed

@@ -7,7 +7,7 @@ import {
   AgentSmithAgent,
   BaseAgent,
   ProgressReporter
-} from "./chunk-4OGYWKMD.js";
+} from "./chunk-WSBTQJMH.js";
 import {
   getVulnerabilityStats,
   getVulnerabilityTrie,
@@ -9585,4 +9585,4 @@ export {
   getSystemPrompt,
   TrieFixTool
 };
-//# sourceMappingURL=chunk-ENCH27CT.js.map
+//# sourceMappingURL=chunk-TBCXJNH4.js.map