@triedotdev/mcp 1.0.3 → 1.0.5

package/README.md

@@ -1,35 +1,26 @@
-# Quick Start Guide
+# Trie
 
-Get Trie Agent up and running in minutes to start scanning and fixing AI-generated code.
+**Customizable Agent Parallelization for AI Code Review**
 
-## Prerequisites
+13 specialized agents scan your code for security, privacy, compliance, and bugs—all running in parallel. Create custom agents from any document.
 
-- **Node.js 18+** installed ([download](https://nodejs.org/))
-- **AI coding tool** (Cursor, Claude Code, or VS Code with MCP support)
+## Features
 
-## Installation
+- **13 Built-in Agents** - Security, Privacy, SOC 2, Legal, Architecture, DevOps, and more
+- **Parallel Execution** - All agents run simultaneously for fast scans
+- **Custom Agents** - Create agents from PDFs, docs, or style guides
+- **No API Key Required** - Uses your AI tool's built-in Claude
+- **Smart Triaging** - Only activates relevant agents based on code context
 
-### Step 1: Install Trie Agent
+## Quick Start
 
 ```bash
 npm install -g @triedotdev/mcp
 ```
 
-### Step 2: Configure Your AI Tool
+### Configure Cursor
 
-No API key required! Trie uses your AI tool's built-in Claude to do the analysis.
-
-## Configuration
-
-### For Claude Code
-
-Use the `claude` CLI to add the MCP server:
-
-```bash
-claude mcp add Trie -- npx @triedotdev/mcp
-```
-
-Or add to `~/.claude/settings.json`:
+Settings → MCP Servers → Add:
 
 ```json
 {
@@ -42,194 +33,114 @@ Or add to `~/.claude/settings.json`:
 }
 ```
 
-### For Cursor
-
-1. Open Cursor Settings → MCP Servers
-2. Add this configuration:
+### Configure Claude Code
 
-```json
-{
-  "mcpServers": {
-    "Trie": {
-      "command": "npx",
-      "args": ["@triedotdev/mcp"]
-    }
-  }
-}
-```
-
-### For VS Code
-
-Add to your VS Code settings (`.vscode/settings.json` or user settings):
-
-```json
-{
-  "mcp.servers": {
-    "Trie": {
-      "command": "npx",
-      "args": ["@triedotdev/mcp"]
-    }
-  }
-}
+```bash
+claude mcp add Trie -- npx @triedotdev/mcp
 ```
 
 ## Usage
 
-### Scan Your Code
+Once configured, just ask your AI assistant:
 
-Once configured, use Trie Agent in your AI coding tool:
-
-**In Cursor/Claude Code:**
 ```
-Scan this code with Trie Agent
+Scan this code with Trie
 ```
 
-**Or use the MCP tool directly:**
+Or use specific agents:
+
 ```
-Use trie_scan to analyze the current file
+Run trie_security on this file
+Run trie_soc2 to check compliance
 ```
 
-### Example Workflow
-
-1. **Generate code** with your AI assistant
-2. **Scan for issues:**
-   ```
-   Scan this with Trie Agent
-   ```
-3. **Review results** - Trie will show:
-   - Risk level and activated agents
-   - Critical issues requiring review
-   - Auto-fixable issues
-   - Plain-language explanations
-4. **Apply fixes:**
-   ```
-   Auto-fix the high-confidence issues
-   ```
-5. **Generate tests:**
-   ```
-   Generate tests for this code
-   ```
+## Built-in Agents
 
-## Available Tools
+| Agent | Description |
+|-------|-------------|
+| `security` | Vulnerabilities, injection risks, hardcoded secrets |
+| `privacy` | GDPR, CCPA, PII handling, data protection |
+| `soc2` | SOC 2 Type II compliance: access controls, encryption, logging |
+| `legal` | Consent patterns, data retention, compliance |
+| `architecture` | SOLID principles, code organization, scalability |
+| `bugs` | Null safety, edge cases, async issues |
+| `types` | Type errors, missing annotations |
+| `devops` | Config issues, logging, environment variables |
+| `accessibility` | WCAG 2.1, keyboard nav, screen readers |
+| `ux` | User flow testing, error states |
+| `clean` | AI-generated code cleanup |
+| `test` | Test generation and coverage |
+| `comprehension` | Plain-language explanations |
 
-- **`trie_scan`** - Scan code with intelligent agent selection
-- **`trie_fix`** - Apply high-confidence fixes automatically
-- **`trie_explain`** - Get plain-language explanations of code/issues
-- **`trie_test`** - Generate tests or check coverage
-- **`trie_commit`** - Create smart commit messages
-- **`trie_register_agent`** - Add custom agents
+## Custom Agents
 
-## MCP Resources
+Create specialized agents from any document:
 
-Trie also exposes read-only MCP resources for querying agent info, cache stats, and scan reports:
+```
+Use trie_create_agent with filePath:"./style-guide.pdf" agentName:"my-style"
+```
 
-| Resource | Description |
-|----------|-------------|
-| `trie://agents` | List all available agents |
-| `trie://config` | Current configuration |
-| `trie://cache/stats` | Cache performance metrics |
-| `trie://signatures` | Vulnerability signature counts |
-| `trie://reports/{file}` | Access scan reports |
+Custom agents automatically activate during scans based on their rules.
 
-See [MCP_USAGE.md](MCP_USAGE.md) for detailed resource documentation.
+## Available Tools
+
+| Tool | Description |
+|------|-------------|
+| `trie_scan` | Intelligent scan with automatic agent selection |
+| `trie_fix` | Apply high-confidence fixes |
+| `trie_explain` | Plain-language explanations |
+| `trie_watch` | Continuous scanning mode |
+| `trie_create_agent` | Create custom agent from document |
+| `trie_list_agents` | List all available agents |
+
+Plus individual agent tools: `trie_security`, `trie_privacy`, `trie_soc2`, `trie_bugs`, etc.
 
 ## Example Output
 
 ```
-🔍 TRIE AGENT SCAN
+TRIE AGENT SCAN
 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
 Smart Triaging:
 ✓ Risk Level: high
-✓ Reason: High-risk authentication feature
-✓ Agents activated: security, privacy, legal, architecture, typecheck
-✓ Execution time: 8.2s
-
-Results:
-Score: 72/100 (needs work)
-
-🔴 2 Critical Issues (require your review)
-🟡 3 Serious Issues (can auto-fix)
-🔵 2 Moderate Issues (can auto-fix)
-
-Critical Issues Preview:
-1. Password stored without hashing (auth/signup.ts:23)
-   Agent: Security | Confidence: 100%
-2. PII stored in plain text (models/user.ts:15)
-   Agent: Privacy | Confidence: 95%
+✓ Agents activated: security, soc2, privacy, architecture
+✓ Execution time: 3.2s
+
+Results: 72/100
+
+🔴 2 Critical Issues
+   • Hardcoded API key (CC6.1) - src/api.ts:15
+   • SQL injection risk - src/db.ts:42
+
+🟡 3 Serious Issues (auto-fixable)
+🔵 2 Moderate Issues
 ```
 
-## Configuration (Optional)
+## Configuration
 
-Create `.trie/config.json` in your project root to customize behavior:
+Create `.trie/config.json` to customize:
 
 ```json
 {
-  "version": "1.0",
-  "triaging": {
-    "enabled": true,
-    "riskThresholds": {
-      "critical": 70,
-      "high": 40,
-      "medium": 20
-    },
-    "autoFixConfidence": 0.95
-  },
   "agents": {
     "builtin": {
       "security": { "enabled": true },
-      "privacy": { "enabled": true },
-      "legal": { "enabled": true },
-      "design-engineer": { "enabled": true }
+      "soc2": { "enabled": true },
+      "privacy": { "enabled": true }
     }
+  },
+  "compliance": {
+    "standards": ["GDPR", "CCPA", "SOC2"]
   }
 }
 ```
 
-## Troubleshooting
-
-### Agent not found
-
-**Problem:** Can't find the Trie Agent executable
-
-**Solution:** Make sure you have Node.js 18+ installed and try:
-```bash
-npx @triedotdev/mcp --help
-```
-
-### No agents activating
-
-**Problem:** Scan runs but no agents are triggered
-
-**Solution:**
-- Check that your code matches patterns (auth, payments, UI, etc.)
-- Review the triaging logic in `.trie/config.json`
-- Try scanning a file with known issues (auth, payments, etc.)
-
-### MCP connection fails
-
-**Problem:** Can't connect to Trie Agent server
-
-**Solution:**
-1. Verify Node.js is installed: `node --version` (should be 18+)
-2. Check the path in MCP config is correct
-3. Restart your AI coding tool
-4. Check console/logs for error messages
-
-## Next Steps
-
-- **Try different code patterns** - Test with auth, payments, UI components
-- **Explore agents** - See which agents activate for different code types
-- **Use auto-fix** - Let Trie fix high-confidence issues automatically
-- **Generate tests** - Create comprehensive test suites
-- **Add custom agents** - Extend Trie with your own review logic
-
-## Support
+## Links
 
-- 📚 **Documentation**: [trie.dev/docs](https://trie.dev/docs)
-- 🐛 **Issues**: [GitHub Issues](https://github.com/Trie-OS/mcp-agent/issues)
-- 💬 **Community**: [Discord](https://discord.gg/trie-ai)
+- [Documentation](https://trie.dev/docs)
+- [GitHub](https://github.com/Trie-OS/mcp-agent)
+- [Discord](https://discord.gg/trie-ai)
 
----
+## License
 
-**Ready to ship safer code?** Start scanning your AI-generated code now! 🚀
+MIT

package/dist/{chunk-E7CKHS3R.js → chunk-77JFVVWF.js}

@@ -670,10 +670,9 @@ import { basename as basename3 } from "path";
 var PRIVACY_INDICATORS = {
   high: [
     { pattern: /email|phone|ssn|social.*security|passport|driver.*license/i, reason: "PII fields" },
-    { pattern: /patient|medical|diagnosis|medication|treatment|symptom/i, reason: "PHI/health data" },
     { pattern: /credit.*card|card.*number|cvv|expiry/i, reason: "payment data" },
     { pattern: /password|credential|secret|token/i, reason: "credentials" },
-    { pattern: /gdpr|hipaa|ccpa|coppa|consent/i, reason: "compliance mentions" }
+    { pattern: /gdpr|ccpa|coppa|consent/i, reason: "compliance mentions" }
   ],
   medium: [
     { pattern: /user.*data|personal.*info|profile/i, reason: "user data" },
@@ -713,17 +712,16 @@ var CRITICAL_PRIVACY_PATTERNS = [
 ];
 var PrivacyAgent = class extends BaseAgent {
   name = "privacy";
-  description = "AI-powered privacy analysis: GDPR, HIPAA, CCPA, COPPA compliance";
+  description = "AI-powered privacy analysis: GDPR, CCPA, PCI-DSS compliance";
   version = "2.0.0";
   shouldActivate(context) {
-    const hasHealthSignals = context.touchesHealthData;
     const hasUserDataSignals = context.touchesUserData && (context.touchesDatabase || context.touchesAuth || context.patterns?.hasFormHandling || context.patterns?.hasEmailHandling || context.touchesThirdPartyAPI);
     const fileNameSignals = context.filePatterns.some(
-      (pattern) => ["profile", "account", "customer", "member", "identity", "patient"].some(
+      (pattern) => ["profile", "account", "customer", "member", "identity"].some(
         (keyword) => pattern.includes(keyword)
       )
     );
-    return hasHealthSignals || hasUserDataSignals || fileNameSignals && context.touchesDatabase;
+    return hasUserDataSignals || fileNameSignals && context.touchesDatabase;
   }
   /**
    * Check file relevance for privacy analysis
@@ -771,8 +769,6 @@ Analyze code for privacy violations and data protection issues.
 KEY REGULATIONS:
 - **GDPR**: EU data protection (consent, data minimization, right to erasure)
 - **CCPA**: California privacy (disclosure, opt-out, data access)
-- **HIPAA**: Health data protection (PHI encryption, access controls)
-- **COPPA**: Children's privacy (parental consent for under 13)
 - **PCI DSS**: Payment card data security
 
 FOCUS ON:
@@ -820,15 +816,6 @@ ${content}
 - Is PII encrypted in transit?
 - Is there data minimization (only collecting what's needed)?
 - Are there proper access controls?`;
-    }
-    if (relevance.indicators.includes("PHI/health data")) {
-      prompt += `
-
-### HIPAA Compliance (Health Data)
-- Is PHI encrypted with AES-256 or equivalent?
-- Are there audit logs for PHI access?
-- Is there access control based on roles?
-- Is there a breach notification mechanism?`;
     }
     if (relevance.indicators.includes("payment data")) {
       prompt += `
@@ -838,14 +825,6 @@ ${content}
 - Is CVV NOT being stored?
 - Are there access controls?
 - Is data properly tokenized?`;
-    }
-    if (relevance.indicators.includes("age data (COPPA)")) {
-      prompt += `
-
-### COPPA Compliance (Children's Data)
-- Is age verified before data collection?
-- Is parental consent obtained for under 13?
-- Is data from children handled specially?`;
     }
     if (relevance.indicators.includes("tracking") || relevance.indicators.includes("client storage")) {
       prompt += `
@@ -1377,7 +1356,7 @@ var LegalAgent = class extends BaseAgent {
   description = "Compliance with GDPR, CCPA, data protection laws, and legal requirements";
   version = "1.0.0";
   shouldActivate(context) {
-    return context.touchesUserData || context.touchesHealthData || context.touchesPayments || context.touchesAuth;
+    return context.touchesUserData || context.touchesPayments || context.touchesAuth;
   }
   async analyzeFiles(files, _context) {
     const issues = [];
@@ -2752,6 +2731,182 @@ var TrieCleanAgent = class extends BaseAgent {
   }
 };
 
+// src/agents/soc2.ts
+var SOC2_PATTERNS = {
+  // CC6 - Logical Access Controls
+  hardcodedSecrets: [
+    { pattern: /['"]sk_live_[A-Za-z0-9]{20,}['"]/, issue: "Hardcoded Stripe live key", regulation: "CC6.1" },
+    { pattern: /['"]AKIA[A-Z0-9]{16}['"]/, issue: "Hardcoded AWS access key", regulation: "CC6.1" },
+    { pattern: /['"]ghp_[A-Za-z0-9]{36}['"]/, issue: "Hardcoded GitHub token", regulation: "CC6.1" },
+    { pattern: /password\s*[:=]\s*['"][^'"]{8,}['"](?!.*example|test|placeholder)/i, issue: "Hardcoded password", regulation: "CC6.1" },
+    { pattern: /api[_-]?key\s*[:=]\s*['"][A-Za-z0-9]{20,}['"]/i, issue: "Hardcoded API key", regulation: "CC6.1" },
+    { pattern: /secret\s*[:=]\s*['"][^'"]{16,}['"]/i, issue: "Hardcoded secret value", regulation: "CC6.1" }
+  ],
+  // Missing access control
+  accessControl: [
+    { pattern: /\/\/\s*TODO:?\s*(add|implement)?\s*(auth|access|permission)/i, issue: "Missing access control (TODO)", regulation: "CC6.2" },
+    { pattern: /isAdmin\s*[:=]\s*true|role\s*[:=]\s*['"]admin['"]/i, issue: "Hardcoded admin privilege", regulation: "CC6.3" }
+  ],
+  // CC7 - System Operations (Logging & Monitoring)
+  logging: [
+    { pattern: /console\.(log|error|warn)\s*\([^)]*password/i, issue: "Password logged to console", regulation: "CC7.2" },
+    { pattern: /console\.(log|error|warn)\s*\([^)]*token/i, issue: "Token logged to console", regulation: "CC7.2" },
+    { pattern: /console\.(log|error|warn)\s*\([^)]*secret/i, issue: "Secret logged to console", regulation: "CC7.2" },
+    { pattern: /console\.(log|error|warn)\s*\([^)]*apiKey/i, issue: "API key logged to console", regulation: "CC7.2" }
+  ],
+  // Error handling
+  errorHandling: [
+    { pattern: /catch\s*\([^)]*\)\s*\{\s*\}/, issue: "Empty catch block - errors silently swallowed", regulation: "CC7.3" },
+    { pattern: /catch\s*\([^)]*\)\s*\{\s*\/\//, issue: "Catch block only has comments", regulation: "CC7.3" },
+    { pattern: /\.catch\s*\(\s*\(\s*\)\s*=>\s*\{\s*\}\s*\)/, issue: "Empty .catch() handler", regulation: "CC7.3" }
+  ],
+  // CC8 - Change Management (implicit through code patterns)
+  changeManagement: [
+    { pattern: /\/\/\s*HACK|\/\/\s*FIXME.*security|\/\/\s*XXX/i, issue: "Security-related HACK/FIXME comment", regulation: "CC8.1" },
+    { pattern: /\/\/\s*temporary|\/\/\s*remove\s*(before|in)\s*prod/i, issue: "Temporary code flagged for removal", regulation: "CC8.1" }
+  ],
+  // Security - Encryption
+  encryption: [
+    { pattern: /md5\s*\(|crypto\.createHash\s*\(\s*['"]md5['"]\s*\)/i, issue: "MD5 is cryptographically broken", regulation: "CC6.7" },
+    { pattern: /sha1\s*\(|crypto\.createHash\s*\(\s*['"]sha1['"]\s*\)/i, issue: "SHA1 is deprecated for security use", regulation: "CC6.7" },
+    { pattern: /DES|3DES|RC4|Blowfish/i, issue: "Weak/deprecated encryption algorithm", regulation: "CC6.7" },
+    { pattern: /Math\.random\s*\(\s*\).*(?:token|key|secret|password|id)/i, issue: "Math.random() used for security-sensitive value", regulation: "CC6.7" }
+  ],
+  // Security - Input validation
+  inputValidation: [
+    { pattern: /eval\s*\(\s*(?:req\.|request\.|params\.|query\.)/i, issue: "eval() with user input - code injection risk", regulation: "CC6.6" },
+    { pattern: /innerHTML\s*=\s*(?:req\.|request\.|params\.|data\.)/i, issue: "innerHTML with unescaped user input - XSS risk", regulation: "CC6.6" },
+    { pattern: /exec\s*\(\s*(?:req\.|request\.|params\.|`)/i, issue: "Command execution with user input", regulation: "CC6.6" },
+    { pattern: /\$\{.*\}.*(?:SELECT|INSERT|UPDATE|DELETE)/i, issue: "SQL query with string interpolation", regulation: "CC6.6" }
+  ],
+  // Security - Authentication
+  authentication: [
+    { pattern: /jwt\.sign\s*\([^)]*expiresIn:\s*['"]?\d{6,}['"]?/i, issue: "JWT with very long expiration", regulation: "CC6.1" },
+    { pattern: /verify\s*[:=]\s*false|rejectUnauthorized\s*[:=]\s*false/i, issue: "TLS/SSL verification disabled", regulation: "CC6.7" },
+    { pattern: /sameSite\s*[:=]\s*['"]none['"]/i, issue: "Cookie SameSite=None may enable CSRF", regulation: "CC6.1" },
+    { pattern: /httpOnly\s*[:=]\s*false/i, issue: "Cookie httpOnly disabled - XSS risk", regulation: "CC6.1" },
+    { pattern: /secure\s*[:=]\s*false.*cookie/i, issue: "Cookie secure flag disabled", regulation: "CC6.1" }
+  ]
+};
+var REGULATION_DESCRIPTIONS = {
+  "CC6.1": "Logical Access Security - Access controls and authentication",
+  "CC6.2": "Role-Based Access Control - Segregation of duties",
+  "CC6.3": "Least Privilege - Minimal necessary access rights",
+  "CC6.6": "Protection Against Threats - Input validation and injection prevention",
+  "CC6.7": "Data Protection - Encryption and secure transmission",
+  "CC7.2": "Monitoring - Security event logging without sensitive data exposure",
+  "CC7.3": "Incident Detection - Proper error handling and alerting",
+  "CC8.1": "Change Management - Controlled changes with proper review"
+};
+var SOC2Agent = class extends BaseAgent {
+  name = "soc2";
+  description = "SOC 2 Type II compliance: access controls, encryption, logging, change management";
+  version = "1.0.0";
+  shouldActivate(context) {
+    return context.touchesAuth || context.touchesAPI || context.touchesDatabase || context.touchesUserData || context.touchesSecurityConfig || context.touchesLogging;
+  }
+  async analyzeFiles(files, _context) {
+    const issues = [];
+    for (const file of files) {
+      if (/node_modules|\.d\.ts$|\.min\.|dist\/|build\/|\.test\.|\.spec\./i.test(file)) {
+        continue;
+      }
+      try {
+        const content = await this.readFile(file);
+        const lines = content.split("\n");
+        for (const [category, patterns] of Object.entries(SOC2_PATTERNS)) {
+          for (const { pattern, issue, regulation } of patterns) {
+            for (let i = 0; i < lines.length; i++) {
+              const line = lines[i] || "";
+              if (pattern.test(line)) {
+                if (this.isTestOrExample(line, content)) {
+                  continue;
+                }
+                const severity = this.getSeverity(category, regulation);
+                const regulationDesc = REGULATION_DESCRIPTIONS[regulation] || regulation;
+                issues.push(this.createIssue(
+                  this.generateIssueId(),
+                  severity,
+                  `[SOC 2 ${regulation}] ${issue}`,
+                  this.getFix(category, issue),
+                  file,
+                  i + 1,
+                  this.getConfidence(category),
+                  `SOC 2 ${regulation}: ${regulationDesc}`,
+                  this.isAutoFixable(category)
+                ));
+                break;
+              }
+            }
+          }
+        }
+      } catch (error) {
+        console.error(`SOC2 Agent: Error reading file ${file}:`, error);
+      }
+    }
+    return issues;
+  }
+  isTestOrExample(line, content) {
+    if (/example|test|mock|fake|dummy|placeholder|sample/i.test(line)) {
+      return true;
+    }
+    if (/describe\s*\(|it\s*\(|test\s*\(|jest|mocha|vitest/i.test(content.slice(0, 500))) {
+      return true;
+    }
+    return false;
+  }
+  getSeverity(category, regulation) {
+    if (category === "hardcodedSecrets" || regulation === "CC6.6") {
+      return "critical";
+    }
+    if (category === "encryption" || category === "logging" || category === "authentication") {
+      return "serious";
+    }
+    if (category === "accessControl" || category === "errorHandling") {
+      return "moderate";
+    }
+    return "low";
+  }
+  getConfidence(category) {
+    switch (category) {
+      case "hardcodedSecrets":
+        return 0.95;
+      case "logging":
+        return 0.9;
+      case "encryption":
+        return 0.85;
+      case "inputValidation":
+        return 0.85;
+      case "authentication":
+        return 0.8;
+      case "errorHandling":
+        return 0.75;
+      case "accessControl":
+        return 0.7;
+      case "changeManagement":
+        return 0.6;
+      default:
+        return 0.7;
+    }
+  }
+  isAutoFixable(category) {
+    return category === "errorHandling";
+  }
+  getFix(category, issue) {
+    const fixes = {
+      hardcodedSecrets: "Move secrets to environment variables or a secrets manager (e.g., HashiCorp Vault, AWS Secrets Manager)",
+      accessControl: "Implement proper RBAC with dynamic role checking. Never hardcode admin privileges.",
+      logging: "Remove sensitive data from logs. Use structured logging with PII filtering.",
+      errorHandling: "Add proper error handling: log the error, notify monitoring, and return safe error messages.",
+      encryption: "Use strong algorithms: AES-256-GCM for encryption, SHA-256+ for hashing, crypto.randomBytes() for random values.",
+      inputValidation: "Validate and sanitize all user input. Use parameterized queries for SQL. Escape HTML output.",
+      authentication: "Use secure cookie settings (httpOnly, secure, sameSite). Set reasonable JWT expiration (15min-24h).",
+      changeManagement: "Address security-related TODOs before deployment. Document in issue tracker if deferring."
+    };
+    return fixes[category] || "Review and fix according to SOC 2 requirements.";
+  }
+};
+
 // src/agents/custom-agent.ts
 var CustomAgent = class extends BaseAgent {
   name;
@@ -2983,7 +3138,8 @@ var AgentRegistry = class {
       new DevOpsAgent(),
       new BugFindingAgent(),
       new UserTestingAgent(),
-      new TrieCleanAgent()
+      new TrieCleanAgent(),
+      new SOC2Agent()
     ];
     console.error(`Loaded config for ${builtinAgents.length} built-in agents`);
     for (const agent of builtinAgents) {
@@ -3870,10 +4026,6 @@ var Triager = class {
         confidence += 0.5;
         reasons.push("PII handling");
       }
-      if (context.touchesHealthData) {
-        confidence += 0.6;
-        reasons.push("PHI/HIPAA");
-      }
       if (context.touchesAuth) {
         confidence += 0.3;
         reasons.push("credentials");
@@ -3893,10 +4045,6 @@ var Triager = class {
     }
     if (agent.name === "legal") {
       tier = 2;
-      if (context.touchesHealthData) {
-        confidence += 0.6;
-        reasons.push("HIPAA compliance");
-      }
       if (context.touchesUserData) {
         confidence += 0.4;
         reasons.push("GDPR/CCPA");
@@ -4059,6 +4207,29 @@ var Triager = class {
         reasons.push("React code");
       }
     }
+    if (agent.name === "soc2") {
+      tier = 2;
+      if (context.touchesAuth) {
+        confidence += 0.4;
+        reasons.push("authentication");
+      }
+      if (context.touchesSecurityConfig) {
+        confidence += 0.4;
+        reasons.push("security config");
+      }
+      if (context.touchesLogging) {
+        confidence += 0.3;
+        reasons.push("logging");
+      }
+      if (context.touchesAPI) {
+        confidence += 0.25;
+        reasons.push("API endpoints");
+      }
+      if (context.touchesDatabase) {
+        confidence += 0.2;
+        reasons.push("data access");
+      }
+    }
     confidence = Math.min(1, confidence);
     return { agent, confidence, reasons, tier, isCustom: false };
   }
@@ -4121,7 +4292,6 @@ var Triager = class {
     if (context.touchesPayments) reasons.push("payments");
     if (context.touchesDatabase) reasons.push("database");
     if (context.touchesUserData) reasons.push("user data");
-    if (context.touchesHealthData) reasons.push("PHI");
     if (context.touchesUI) reasons.push("UI");
     if (context.touchesAPI) reasons.push("API");
     if (context.isNewFeature) reasons.push("new feature");
@@ -6270,6 +6440,16 @@ var TrieScanTool = class {
   agentRegistry = new AgentRegistry();
   incrementalScanner = null;
   progress = new ProgressReporter();
+  customAgentsLoaded = false;
+  /**
+   * Ensure custom agents are loaded before using the registry
+   */
+  async ensureCustomAgentsLoaded() {
+    if (!this.customAgentsLoaded) {
+      await this.agentRegistry.loadCustomAgents();
+      this.customAgentsLoaded = true;
+    }
+  }
   async execute(args) {
     const startTime = Date.now();
     try {
@@ -6328,6 +6508,7 @@ var TrieScanTool = class {
       const riskLevel = this.riskAssessor.assessRisk(context);
       this.logRiskAssessment(context, riskLevel);
       this.progress.startPhase("ai-review", "Selecting AI agents...");
+      await this.ensureCustomAgentsLoaded();
       const selectedAgents = forceAgents ? this.agentRegistry.getAgentsByNames(forceAgents) : await this.triager.selectAgents(context, riskLevel);
       const allAgentNames = this.agentRegistry.getAgentNames();
       this.logTriaging(selectedAgents.map((a) => a.name), allAgentNames, context, riskLevel);
@@ -7612,4 +7793,4 @@ export {
   getSystemPrompt,
   TrieFixTool
 };
-//# sourceMappingURL=chunk-E7CKHS3R.js.map
+//# sourceMappingURL=chunk-77JFVVWF.js.map