@triedotdev/mcp 1.0.27 → 1.0.29

package/QUICK_START.md

@@ -1,6 +1,6 @@
 # Quick Start Guide
 
-Get Trie Agent up and running in minutes to start scanning and fixing AI-generated code.
+Get Trie Agent up and running in minutes to start scanning and reviewing AI-generated code.
 
 ## Prerequisites
 
@@ -104,11 +104,11 @@ Use trie_scan to analyze the current file
 3. **Review results** - Trie will show:
    - Risk level and activated agents
    - Critical issues requiring review
-   - Auto-fixable issues
+   - Suggested fix prompts for AI
    - Plain-language explanations
-4. **Apply fixes:**
+4. **Fix issues:**
    ```
-   Auto-fix the high-confidence issues
+   Apply the suggested fixes for the critical issues
    ```
 5. **Generate tests:**
    ```
@@ -118,10 +118,10 @@ Use trie_scan to analyze the current file
 ## Available Tools
 
 - **`trie_scan`** - Scan code with intelligent agent selection
-- **`trie_fix`** - Apply high-confidence fixes automatically
+- **`trie_fix`** - Generate high-confidence fix prompts
 - **`trie_explain`** - Get plain-language explanations of code/issues
 - **`trie_test`** - Generate tests or check coverage
-- **`trie_commit`** - Create smart commit messages
+- **`trie_watch`** - Monitor files for changes and report issues
 - **`trie_register_agent`** - Add custom agents
 
 ## Example Output
@@ -140,8 +140,8 @@ Results:
 Score: 72/100 (needs work)
 
 🔴 2 Critical Issues (require your review)
-🟡 3 Serious Issues (can auto-fix)
-🔵 2 Moderate Issues (can auto-fix)
+🟡 3 Serious Issues
+🔵 2 Moderate Issues
 
 Critical Issues Preview:
 1. Password stored without hashing (auth/signup.ts:23)
@@ -163,8 +163,7 @@ Create `.trie/config.json` in your project root to customize behavior:
       "critical": 70,
       "high": 40,
       "medium": 20
-    },
-    "autoFixConfidence": 0.95
+    }
   },
   "agents": {
     "builtin": {
@@ -215,14 +214,13 @@ Update your MCP config with the correct path.
 
 - **Try different code patterns** - Test with auth, payments, UI components
 - **Explore agents** - See which agents activate for different code types
-- **Use auto-fix** - Let Trie fix high-confidence issues automatically
 - **Generate tests** - Create comprehensive test suites
 - **Add custom agents** - Extend Trie with your own review logic
 
 ## Support
 
 - 📚 **Documentation**: [trie.dev/docs](https://trie.dev/docs)
-- 🐛 **Issues**: [GitHub Issues](https://github.com/Trie-OS/mcp-agent/issues)
+- 🐛 **Issues**: [GitHub Issues](https://github.com/Trie-OS/Trie-Agent/issues)
 - 💬 **Community**: [Discord](https://discord.gg/trie-ai)
 
 ---

package/README.md

@@ -18,7 +18,6 @@
 - [Special Agents](#special-agents)
 - [Custom Agents](#custom-agents)
 - [Configuration](#configuration)
-- [Docker](#docker)
 - [Team Collaboration](#team-collaboration)
 - [License](#license)
 
@@ -41,7 +40,7 @@
 
 | Feature | Description |
 |---------|-------------|
-| **YOLO Mode** | Autonomous auto-fixing as you code |
+| **Watch Mode** | Automatically scan files as you code |
 | **Custom Agents** | Create agents from PDFs, docs, or style guides |
 | **Works Everywhere** | Auto-detects Cursor, Claude Code, OpenCode, VS Code—adapts output automatically |
 | **AI-Enhanced Mode** | Optional deeper analysis with `ANTHROPIC_API_KEY` |
@@ -53,7 +52,6 @@
 | **CI/CD Integration** | GitHub Actions, pre-commit hooks, SARIF output |
 | **Team Collaboration** | Issue assignment, Slack notifications, expertise-based routing |
 | **VS Code Extension** | Inline diagnostics, quick-fix code actions, scan on save |
-| **Docker Support** | Optimized multi-stage builds for containers |
 
 ---
 
@@ -90,16 +88,6 @@ claude mcp add Trie --scope user -- npx @triedotdev/mcp
 
 **Restart Claude Code after adding the MCP server.**
 
-### Other MCP-Compatible Tools
-
-Trie works with any MCP-compatible AI tool (OpenCode, Windsurf, etc.). Configure your tool to run:
-
-```bash
-npx @triedotdev/mcp
-```
-
-Trie auto-detects which tool is running and adapts its output format accordingly.
-
 ---
 
 ## Usage
@@ -136,7 +124,10 @@ Trie works in two modes:
 # Environment variable
 export ANTHROPIC_API_KEY=sk-ant-...
 
-# Or in MCP config (Cursor)
+# Or add it to your project (recommended for CLI usage)
+echo 'ANTHROPIC_API_KEY=sk-ant-...' >> .env.local
+
+# Or in MCP config (Cursor / MCP tools)
 {
   "mcpServers": {
     "Trie": {
@@ -150,6 +141,9 @@ export ANTHROPIC_API_KEY=sk-ant-...
 }
 ```
 
+> **Important:** The `env` you set in Cursor’s MCP config is only inherited by the **MCP server process** that Cursor launches.
+> It does **not** automatically apply to standalone terminal commands like `trie-agent scan` unless your shell/project environment also has `ANTHROPIC_API_KEY`.
+
 When AI is enabled, you'll see:
 - `AI-powered analysis enabled` in output
 - `[AI VALIDATED]` and `[AI FOUND]` tags on issues
@@ -167,6 +161,9 @@ Trie includes a powerful CLI for terminal-based scanning.
 # Basic scan
 trie-agent scan
 
+# Watch for changes
+trie-agent watch
+
 # Scan specific directory
 trie-agent scan --directory ./src
 
@@ -175,66 +172,6 @@ trie-agent scan --files "src/api.ts,src/auth.ts"
 
 # Run specific agents
 trie-agent scan --agents security,privacy,bugs
-
-# Output formats
-trie-agent scan --format json --output results.json
-trie-agent scan --format sarif --output results.sarif
-```
-
-### Performance Options
-
-```bash
-# Parallel execution (default: on)
-trie-agent scan --parallel
-
-# Enable caching (default: on)
-trie-agent scan --cache
-
-# Set concurrency
-trie-agent scan --max-concurrency 8
-
-# Use worker threads
-trie-agent scan --workers
-
-# Set timeout (ms)
-trie-agent scan --timeout 120000
-```
-
-### Interactive Mode
-
-```bash
-# Terminal UI with real-time progress
-trie-agent scan --interactive
-```
-
-The interactive dashboard provides:
-- **Real-time progress bars** per agent
-- **Issue browser** with keyboard navigation
-- **Filters** by severity, agent, search
-- **Multiple views**: overview, issues, agents, files
-
-**Keyboard shortcuts:**
-| Key | Action |
-|-----|--------|
-| `Tab` | Switch views |
-| `↑/↓` | Navigate issues |
-| `Enter` | View issue details |
-| `f` | Filter issues |
-| `s` | Toggle sort |
-| `?` | Show help |
-| `q` | Quit |
-
-### Watch Mode (YOLO)
-
-```bash
-# Start daemon with auto-fixing
-trie-yolo
-
-# Watch without auto-fix
-trie-yolo --no-yolo
-
-# One-shot scan
-trie-yolo --once
 ```
 
 ---
@@ -268,114 +205,12 @@ Runs on push to `main`/`develop`, PRs, and daily schedule (2 AM UTC).
 
 Runs on every PR—fast, incremental scanning.
 
-**Features:**
-- Only scans changed files (efficient for large codebases)
-- 5-minute timeout for quick feedback
-- Agent Smith pattern detection
-- Comments on PR if issues found
-
-### Reusable Action
-
-Use the action in any workflow:
-
-```yaml
-name: Security Check
-on: [push, pull_request]
-
-jobs:
-  scan:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      
-      - name: Trie Security Scan
-        uses: trie-dev/security-action@v1
-        with:
-          agents: security,privacy,bugs
-          fail-on: critical
-          format: sarif
-          upload-sarif: true
-          comment-pr: true
-          parallel: true
-          cache: true
-```
-
-**Inputs:**
-
-| Input | Default | Description |
-|-------|---------|-------------|
-| `agents` | `security,privacy,bugs` | Comma-separated agent list |
-| `fail-on` | `critical` | Fail threshold: `critical`, `serious`, `moderate`, `low` |
-| `format` | `sarif` | Output format: `json`, `sarif`, `console` |
-| `upload-sarif` | `true` | Upload to GitHub Security tab |
-| `comment-pr` | `true` | Comment results on PRs |
-| `parallel` | `true` | Run agents in parallel |
-| `cache` | `true` | Enable result caching |
-
-**Outputs:**
-
-| Output | Description |
-|--------|-------------|
-| `results-file` | Path to scan results |
-| `critical-count` | Number of critical issues |
-| `serious-count` | Number of serious issues |
-| `total-count` | Total issues found |
-| `passed` | Whether scan passed |
-
-### Required Secrets
-
-| Secret | Required | Description |
-|--------|----------|-------------|
-| `ANTHROPIC_API_KEY` | Optional | Enables AI-enhanced scanning |
-
 ---
 
 ## VS Code Extension
 
 Native VS Code extension with inline diagnostics and quick fixes.
 
-### Features
-
-- **Inline Diagnostics** — Issues appear as squiggly underlines in editor
-- **Quick-fix Code Actions** — "Copy suggested fix" for each issue
-- **Scan on Save** — Automatically scan files when saved
-- **Workspace Scanning** — Scan entire workspace with one command
-
-### Installation
-
-```bash
-cd vscode-extension
-npm install
-npm run compile
-# Then "Run Extension" from VS Code debugger
-```
-
-Or package for distribution:
-
-```bash
-npx vsce package
-```
-
-### Commands
-
-| Command | Description |
-|---------|-------------|
-| `Trie: Scan Workspace` | Scan all files in workspace |
-| `Trie: Scan Current File` | Scan active file only |
-| `Trie: Copy Fix` | Copy suggested fix to clipboard |
-
-### Settings
-
-| Setting | Default | Description |
-|---------|---------|-------------|
-| `trie.executablePath` | `trie-agent` | Path to CLI executable |
-| `trie.scanOnSave` | `true` | Scan files on save |
-| `trie.parallel` | `true` | Run agents in parallel |
-| `trie.cache` | `true` | Enable caching |
-| `trie.useWorkers` | `false` | Use worker threads |
-| `trie.maxConcurrency` | `4` | Max parallel agents |
-| `trie.timeoutMs` | `120000` | Scan timeout |
-
 ---
 
 ## Built-in Agents
@@ -389,35 +224,6 @@ npx vsce package
 | **SOC 2** | `trie_soc2` | Access control gaps, missing audit logs, encryption issues |
 | **Legal** | `trie_legal` | HIPAA/COPPA compliance, consent patterns, data retention |
 
-### Code Quality
-
-| Agent | Command | What It Catches |
-|-------|---------|-----------------|
-| **Architecture** | `trie_architecture` | N+1 queries, circular deps, SOLID violations, god classes |
-| **Bugs** | `trie_bugs` | Null dereference, race conditions, off-by-one, async bugs |
-| **Types** | `trie_types` | Missing annotations, unsafe casts, implicit `any` |
-| **Clean** | `trie_clean` | AI code smells: huge files, console.logs, useEffect abuse |
-| **Data Flow** | `trie_data_flow` | Schema mismatches, hardcoded IDs, type coercion bugs |
-| **Performance** | `trie_performance` | Memory leaks, N+1 queries, unnecessary re-renders |
-
-### Design & UX
-
-| Agent | Command | What It Catches |
-|-------|---------|-----------------|
-| **Design Engineer** | `trie_design` | Design systems, motion design, Awwwards-level polish |
-| **Accessibility** | `trie_accessibility` | Missing ARIA, color contrast, keyboard nav (WCAG 2.1) |
-| **UX** | `trie_ux` | Missing loading states, poor error handling, broken flows |
-| **Visual QA** | `trie_visual_qa` | Layout shifts, z-index wars, responsive gaps |
-| **Visual QA Browser** | `trie_visual_qa_browser` | Screenshots at 3 viewports for vision analysis |
-
-### DevOps & Testing
-
-| Agent | Command | What It Catches |
-|-------|---------|-----------------|
-| **DevOps** | `trie_devops` | Missing env vars, config issues, no health checks |
-| **Test** | `trie_test` | Missing coverage, untested edge cases, weak assertions |
-| **E2E** | `trie_e2e` | Flaky tests, hardcoded waits, brittle selectors |
-
 ---
 
 ## Special Agents
@@ -428,270 +234,10 @@ These agents are **manually invoked**—they don't run during `trie_scan`.
 
 Interactive PR reviews: walks through changes file-by-file with AI guidance.
 
-```
-Use trie_pr_review
-Use trie_pr_review with pr:"12345"
-```
-
-**What it does:**
-- Orders files for comprehension (schemas → core → implementation → tests)
-- Explains what changed and why
-- Hunts for state bugs, race conditions, missing error handling
-- Pauses after each file for your input
-
-**Requirements:** [GitHub CLI (`gh`)](https://cli.github.com/) installed and authenticated
-
 ### Agent Smith
 
-*"I'm going to be honest with you... I hate this AI code."*
-
 The ultimate AI code enforcer—43 specialized hunters targeting AI-generated anti-patterns.
 
-```
-Use trie_agent_smith
-Use trie_smith
-```
-
-**43 Hunters across 9 categories:**
-
-| Category | Hunters |
-|----------|---------|
-| **Security** | exposed-secret, frontend-env, hardcoded-localhost, sql-injection, dangeroushtml |
-| **AI Code Smells** | console, any, ts-ignore, eslint-disable, debugger, force-flag |
-| **Async/Promise Bugs** | async-useeffect, async-foreach, missing-await, empty-catch, floating-promise |
-| **React Anti-patterns** | useeffect-abuse, usestate-explosion, index-key, inline-object, prop-drilling |
-| **Missing UX** | missing-loading, missing-error, missing-empty, page-reload |
-| **Backend Issues** | no-validation, raw-error, n-plus-one |
-| **Incomplete Code** | todo, vibe-comment, placeholder, sleep-hack, fallback |
-| **Dead Code** | commented-code, unreachable-code, unused-import, empty-function, dead-branch |
-| **AI Slop Aesthetic** | purple-gradient, star-icon, generic-hero, emoji-overflow, inter-font |
-
-**Memory commands:**
-```
-trie_agent_smith show_stats:true    # Show memory statistics
-trie_agent_smith clear_memory:true  # Clear all memory
-```
-
-### Visual QA Browser
-
-Screenshot-based visual testing with AI vision analysis.
-
-```
-Use trie_visual_qa_browser
-Use trie_visual_qa_browser url:"http://localhost:3000"
-```
-
-**What it does:**
-1. Auto-detects running dev server
-2. Captures screenshots at mobile (375px), tablet (768px), desktop (1440px)
-3. Returns images for AI vision analysis
-
-**Requirements:** Playwright (`npx playwright install chromium`) and a vision-capable model
-
----
-
-## Custom Agents
-
-Create specialized agents from any document:
-
-```
-Use trie_create_agent with filePath:"./style-guide.pdf" agentName:"my-style"
-```
-
-Supported formats: PDF, Markdown, text files.
-
-Custom agents automatically activate during scans based on their rules.
-
----
-
-## Configuration
-
-### Config File
-
-Create `.trie/config.json` in your project root:
-
-```json
-{
-  "version": "1.0.0",
-  "agents": {
-    "enabled": ["security", "privacy", "bugs", "types"],
-    "disabled": [],
-    "parallel": true,
-    "maxConcurrency": 4,
-    "timeout": 120000,
-    "cache": true
-  },
-  "compliance": {
-    "standards": ["SOC2", "GDPR"],
-    "enforceCompliance": false,
-    "reportFormat": "json"
-  },
-  "output": {
-    "format": "console",
-    "level": "all",
-    "interactive": false,
-    "streaming": true,
-    "colors": true
-  },
-  "paths": {
-    "include": [],
-    "exclude": ["node_modules", "dist", "build", ".git"],
-    "configDir": ".trie",
-    "outputDir": "trie-reports"
-  },
-  "integrations": {
-    "slack": {
-      "enabled": false,
-      "webhook": "",
-      "channel": "#security-alerts"
-    },
-    "github": {
-      "enabled": true
-    }
-  }
-}
-```
-
-### Configuration Validation
-
-Trie validates configuration on startup using Zod schemas:
-- Invalid configurations log errors and fall back to defaults
-- Missing API keys show warnings
-- File paths are verified to exist
-
----
-
-## Docker
-
-Optimized multi-stage Docker builds for CI/CD or isolated environments.
-
-### Build
-
-```bash
-docker build -t trie-agent .
-```
-
-### Run
-
-```bash
-# YOLO mode (auto-fix)
-docker run -v $(pwd):/app trie-agent --yolo
-
-# Watch mode (scan only)
-docker run -v $(pwd):/app trie-agent
-
-# CI mode (one-shot scan)
-docker run -v $(pwd):/app trie-agent --once
-```
-
-### Docker Compose
-
-```bash
-docker-compose up
-```
-
-### Modes
-
-| Mode | Flag | Description |
-|------|------|-------------|
-| YOLO | `--yolo` | Auto-fix high-confidence issues |
-| Watch | (default) | Scan on file changes |
-| CI | `--once` | One-shot scan, exit with code |
-
----
-
-## Team Collaboration
-
-Coordinate security scanning across your team with automatic issue assignment and notifications.
-
-### Team Configuration
-
-Create `.trie/team.json`:
-
-```json
-{
-  "members": [
-    {
-      "id": "alice",
-      "name": "Alice Smith",
-      "email": "alice@example.com",
-      "slack": "@alice",
-      "expertise": ["security", "privacy"],
-      "maxIssues": 10
-    },
-    {
-      "id": "bob",
-      "name": "Bob Jones",
-      "email": "bob@example.com",
-      "slack": "@bob",
-      "expertise": ["bugs", "performance"],
-      "maxIssues": 15
-    }
-  ]
-}
-```
-
-### Automatic Issue Assignment
-
-Trie automatically assigns issues based on:
-- **Expertise matching** — Security issues go to security experts
-- **Workload balancing** — Respects `maxIssues` limits
-- **Priority weighting** — Critical issues assigned first
-
-### Slack Integration
-
-Uses Slack's [Incoming Webhooks](https://api.slack.com/messaging/webhooks) — no OAuth or bot tokens required.
-
-**Setup:**
-1. Go to your Slack workspace → Apps → Incoming Webhooks
-2. Create a webhook for your channel
-3. Add to `.trie/config.json`:
-
-```json
-{
-  "integrations": {
-    "slack": {
-      "enabled": true,
-      "webhook": "https://hooks.slack.com/services/...",
-      "channel": "#security-alerts"
-    }
-  }
-}
-```
-
-**Notifications sent for:**
-- Scan completion summaries with issue counts
-- Critical issue alerts (immediate)
-- Issue assignments to team members
-- Escalations for overdue items
-- Daily/weekly team summaries
-
-### Smart Issue Grouping
-
-Issues are automatically:
-- **Grouped** by pattern (same issue across files)
-- **Prioritized** by risk score (0-100)
-- **Categorized**: security, performance, maintainability, correctness, style
-- **Bulk-fix detected** for trivial issues
-
----
-
-## Available Tools
-
-| Tool | Description |
-|------|-------------|
-| `trie_scan` | Intelligent scan with automatic agent selection |
-| `trie_pr_review` | Interactive PR review |
-| `trie_agent_smith` | AI code enforcer—43 hunters |
-| `trie_fix` | Apply high-confidence fixes |
-| `trie_explain` | Plain-language explanations |
-| `trie_watch` | Continuous scanning mode |
-| `trie_create_agent` | Create custom agent from document |
-| `trie_list_agents` | List all available agents |
-| `trie_visual_qa_browser` | Screenshot for vision analysis |
-
-Plus individual agent tools: `trie_security`, `trie_privacy`, `trie_soc2`, `trie_bugs`, etc.
-
 ---
 
 ## License