npm - @triedotdev/mcp - Versions diffs - 1.0.32 → 1.0.33 - Mend

@triedotdev/mcp 1.0.32 → 1.0.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/README.md +221 -100
package/dist/{chunk-3724RQC3.js → chunk-IYWVUUJU.js} +422 -14
package/dist/chunk-IYWVUUJU.js.map +1 -0
package/dist/{chunk-B6MTR6IG.js → chunk-RAN27XKJ.js} +2 -2
package/dist/cli/yolo-daemon.js +2 -2
package/dist/index.js +2 -2
package/dist/workers/agent-worker.js +1 -1
package/package.json +1 -1
package/dist/chunk-3724RQC3.js.map +0 -1
/package/dist/{chunk-B6MTR6IG.js.map → chunk-RAN27XKJ.js.map} +0 -0

package/README.md CHANGED Viewed

@@ -2,7 +2,7 @@
 **Customizable Parallel Agents for AI Code Review**
-20+ specialized agents scan your code for security, privacy, compliance, and bugs—all running in parallel with intelligent caching and real-time streaming.
+20 specialized agents scan your code for security, privacy, compliance, and bugs—all running in parallel with intelligent caching and real-time streaming.
 ---
@@ -11,14 +11,15 @@
 - [Features](#features)
 - [Quick Start](#quick-start)
 - [Usage](#usage)
+- [MCP Tools](#mcp-tools)
 - [CLI](#cli)
-- [CI/CD Integration](#cicd-integration)
-- [VS Code Extension](#vs-code-extension)
 - [Built-in Agents](#built-in-agents)
 - [Special Agents](#special-agents)
 - [Custom Agents](#custom-agents)
+- [AI-Enhanced Mode](#ai-enhanced-mode)
+- [CI/CD Integration](#cicd-integration)
+- [VS Code Extension](#vs-code-extension)
 - [Configuration](#configuration)
-- [Team Collaboration](#team-collaboration)
 - [License](#license)
 ---
@@ -29,12 +30,11 @@
 | Feature | Description |
 |---------|-------------|
-| **20+ Built-in Agents** | Security, Privacy, SOC 2, Legal, Architecture, Performance, E2E, Visual QA, Data Flow, Agent Smith, and more |
+| **20 Built-in Agents** | Security, Privacy, SOC 2, Legal, Architecture, Performance, E2E, Visual QA, Data Flow, and more |
 | **Parallel Execution** | True parallel execution with worker threads—3-5x faster scans |
 | **Result Caching** | File-based caching with SHA256 hashing—70% faster repeated scans |
-| **Streaming Progress** | Real-time progress updates as agents complete |
 | **Smart Triaging** | Only activates relevant agents based on code context |
-| **Interactive Dashboard** | Terminal UI with progress bars, filters, and issue browser |
+| **Streaming Progress** | Real-time progress updates as agents complete |
 ### Developer Experience
@@ -50,7 +50,6 @@
 | Feature | Description |
 |---------|-------------|
 | **CI/CD Integration** | GitHub Actions, pre-commit hooks, SARIF output |
-| **Team Collaboration** | Issue assignment, Slack notifications, expertise-based routing |
 | **VS Code Extension** | Inline diagnostics, quick-fix code actions, scan on save |
 ---
@@ -96,14 +95,10 @@ Trie works with any MCP-compatible AI tool (OpenCode, Windsurf, etc.). Configure
 npx @triedotdev/mcp
 ```
-Trie auto-detects which tool is running and adapts its output format accordingly.
 ---
 ## Usage
-### Basic Scanning
 Once configured, ask your AI assistant:
 ```
@@ -117,76 +112,70 @@ Run trie_security on this file
 Run trie_soc2 to check compliance
 ```
-### AI-Enhanced Mode (Recommended)
+### How It Works
-Trie works in two modes:
-| Mode | Description |
-|------|-------------|
-| **Pattern-Only** (default) | Fast regex matching for specific patterns (exposed secrets, async forEach, etc.). Limited coverage without AI. |
-| **AI-Enhanced** | Full analysis: pattern detection + AI validation + deeper issue discovery. **Recommended for comprehensive scanning.** |
-> **Note:** Pattern-only mode catches specific high-confidence issues (AWS keys, GitHub tokens, common anti-patterns) but won't find logic bugs, architectural issues, or context-dependent problems. For thorough analysis, enable AI mode.
-**Enable AI mode:**
-**For MCP usage (Cursor/Claude Code):**
-Add the API key to your MCP configuration:
-```json
-{
-  "mcpServers": {
-    "Trie": {
-      "command": "npx",
-      "args": ["@triedotdev/mcp"],
-      "env": {
-        "ANTHROPIC_API_KEY": "sk-ant-..."
-      }
-    }
-  }
-}
-```
+Trie generates **actionable reports** with high-confidence issues. It does not auto-fix code. Instead:
-**For CLI usage (terminal/CI):**
+1. **Trie scans** your code and generates a report with prioritized issues
+2. **You review** the issues in the report
+3. **You (or Cursor/Claude Code)** apply fixes based on Trie's recommendations
-Add the API key to your project's `.env.local` file (in your project root):
+---
-```bash
-echo 'ANTHROPIC_API_KEY=sk-ant-...' >> .env.local
-```
+## MCP Tools
-Then load it before running CLI commands:
+These tools are available when using Trie via MCP (Cursor, Claude Code, etc.).
-```bash
-# Load environment variables
-set -a; source .env.local; set +a
+### Core Tools
-# Now run CLI commands
-trie-agent scan
-```
+| Tool | Description |
+|------|-------------|
+| `trie_scan` | Scan code with intelligent agent selection |
+| `trie_watch` | Watch mode—automatically scan files as you code |
+| `trie_fix` | Generate fix recommendations for detected issues |
+| `trie_explain` | Explain code, issues, or changes in plain language |
-> **Important:**
-> - **MCP config** (`env` in mcp.json) only applies to the MCP server process launched by Cursor/Claude Code
-> - **CLI commands** (`trie-agent scan`, `trie-agent watch`) need the key in your shell environment (via `.env.local` or `export`)
-> - The MCP server and CLI are separate processes with separate environments
+### Custom Agent Tools
-When AI is enabled, you'll see:
-- `AI-powered analysis enabled` in output
-- `[AI VALIDATED]` and `[AI FOUND]` tags on issues
-- Richer fix recommendations
+| Tool | Description |
+|------|-------------|
+| `trie_create_agent` | Create a custom agent from a PDF, TXT, or MD document |
+| `trie_save_agent` | Save a custom agent configuration |
+| `trie_list_agents` | List all registered agents (built-in and custom) |
+### Individual Agent Tools
+Run a specific agent directly:
+| Tool | What It Catches |
+|------|-----------------|
+| `trie_security` | SQL injection, XSS, hardcoded secrets, auth bypasses, OWASP Top 10 |
+| `trie_privacy` | GDPR/CCPA/PCI-DSS compliance, PII exposure, logging sensitive data |
+| `trie_soc2` | Access control gaps, missing audit logs, encryption issues |
+| `trie_legal` | HIPAA/COPPA compliance, consent patterns, data retention |
+| `trie_accessibility` | WCAG 2.1 compliance, keyboard nav, screen readers, color contrast |
+| `trie_architecture` | Code organization, SOLID principles, N+1 queries, scalability |
+| `trie_bugs` | Null safety, edge cases, async issues, common bugs |
+| `trie_types` | Type errors, missing annotations, null checks |
+| `trie_devops` | Config issues, logging, environment variables, deployment patterns |
+| `trie_clean` | Clean up AI-generated code: find vibe-coded patterns and quick fixes |
+| `trie_design` | Awwwards-level polish, design systems, motion design |
+| `trie_ux` | Simulate happy path, security tester, confused user, impatient user |
 ---
 ## CLI
-Trie includes a CLI for terminal-based scanning and CI/CD integration. The CLI generates reports with actionable issues—it does not auto-fix code. Use Cursor or Claude Code to apply fixes based on the reports.
+Trie includes a CLI for terminal-based scanning and CI/CD integration.
-> **Note:** The CLI is separate from MCP tools. Use MCP tools (`trie_scan`, `trie_watch`) when working inside Cursor/Claude Code. Use the CLI (`trie-agent scan`, `trie-agent watch`) for terminal/CI usage.
+> **Note:** The CLI is separate from MCP tools. Use MCP tools (`trie_scan`, `trie_watch`) when working inside Cursor/Claude Code. Use the CLI for terminal/CI usage.
 ### Commands
 ```bash
+# List available commands
+trie-agent help
 # Basic scan (generates report and exits)
 trie-agent scan
@@ -204,6 +193,9 @@ trie-agent scan --agents security,privacy,bugs
 # Output JSON report
 trie-agent scan --format json --output report.json
+# List all available agents
+trie-agent agents
 ```
 ### CLI vs MCP Tools
@@ -214,27 +206,160 @@ trie-agent scan --format json --output report.json
 | **Terminal/CI** | CLI (`trie-agent scan`, `trie-agent watch`) | Running from terminal, CI pipelines, scripts |
 | **VS Code** | VS Code extension | Using VS Code (not Cursor/Claude Code) |
-Both generate the same reports—they're just different interfaces to the same scanning engine.
+---
+## Built-in Agents
+### Security & Compliance (4 agents)
+| Agent | Description |
+|-------|-------------|
+| **Security** | SQL injection, XSS, hardcoded secrets, auth bypasses, OWASP Top 10 |
+| **Privacy** | GDPR/CCPA/PCI-DSS compliance, PII exposure, data encryption |
+| **SOC 2** | Access control gaps, missing audit logs, encryption, secrets management |
+| **Legal** | HIPAA/COPPA compliance, consent patterns, data retention |
+### Code Quality (6 agents)
+| Agent | Description |
+|-------|-------------|
+| **TypeCheck** | Type errors, missing annotations, null checks |
+| **Bug Finding** | Null safety, edge cases, async issues, race conditions |
+| **Software Architect** | Code organization, SOLID principles, N+1 queries, scalability |
+| **Test** | Missing test coverage, test quality, edge case coverage |
+| **Performance** | Memory leaks, inefficient algorithms, bundle size |
+| **Trie Clean** | Clean up AI-generated "vibe code": find common mistakes and quick fixes |
+### UI/UX (5 agents)
+| Agent | Description |
+|-------|-------------|
+| **Accessibility** | WCAG 2.1 compliance, keyboard nav, screen readers, color contrast |
+| **Design Engineer** | Awwwards-level polish, design systems, motion design, creative CSS |
+| **User Testing** | Simulate happy path, security tester, confused user, impatient user |
+| **Visual QA** | Visual regression, responsive design, cross-browser issues |
+| **E2E** | End-to-end test coverage, user flow validation |
+### Operations (3 agents)
+| Agent | Description |
+|-------|-------------|
+| **DevOps** | Config issues, logging, environment variables, deployment patterns |
+| **Data Flow** | Data flow analysis, state management, API contracts |
+| **Comprehension** | Plain language explanations for non-technical stakeholders |
 ---
-## How It Works
+## Special Agents
-Trie generates **actionable reports** with high-confidence issues. It does not auto-fix code. Instead:
+These agents are **manually invoked**—they don't run during `trie_scan`.
-1. **Trie scans** your code and generates a report with prioritized issues
-2. **You review** the issues in the report (or share with Cursor/Claude Code)
-3. **You (or Cursor/Claude Code)** apply fixes based on Trie's recommendations
+### Super Reviewer
+Interactive PR reviews: walks through changes file-by-file with AI guidance.
-This keeps you in control while providing comprehensive issue detection. Trie focuses on **finding and reporting** issues—you decide how to fix them.
+```
+Run trie_super_reviewer on this PR
+```
+### Agent Smith
+The ultimate AI code enforcer—43 specialized hunters targeting AI-generated anti-patterns. Runs a swarm of sub-agents to find "vibe-coded" patterns.
+```
+Run trie_agent_smith on this codebase
+```
 ---
-## CI/CD Integration
+## Custom Agents
-Trie integrates seamlessly with GitHub Actions for automated security scanning.
+Create your own agents from PDFs, style guides, or documentation.
-### Quick Setup
+### Create a Custom Agent
+```
+Create a custom agent from my-style-guide.pdf called "brand_guidelines"
+```
+Or use the MCP tool directly:
+```
+trie_create_agent with filePath: "./docs/style-guide.pdf", agentName: "brand_guidelines"
+```
+### How It Works
+1. **Parse** — Trie extracts text from your document (PDF, TXT, MD)
+2. **Compress** — AI distills the document into actionable rules
+3. **Register** — The agent is saved to `.trie/agents/` and loaded automatically
+### List Custom Agents
+```
+trie_list_agents
+```
+Custom agents are stored in `.trie/agents/` in your project directory.
+---
+## AI-Enhanced Mode
+Trie works in two modes:
+| Mode | Description |
+|------|-------------|
+| **Pattern-Only** (default) | Fast regex matching for specific patterns (exposed secrets, async forEach, etc.). Limited coverage. |
+| **AI-Enhanced** | Full analysis: pattern detection + AI validation + deeper issue discovery. **Recommended.** |
+### Enable AI Mode
+**For MCP usage (Cursor/Claude Code):**
+Add the API key to your MCP configuration:
+```json
+{
+  "mcpServers": {
+    "Trie": {
+      "command": "npx",
+      "args": ["@triedotdev/mcp"],
+      "env": {
+        "ANTHROPIC_API_KEY": "sk-ant-..."
+      }
+    }
+  }
+}
+```
+**For CLI usage (terminal/CI):**
+Add the API key to your project's `.env.local` file:
+```bash
+echo 'ANTHROPIC_API_KEY=sk-ant-...' >> .env.local
+```
+Then load it before running CLI commands:
+```bash
+set -a; source .env.local; set +a
+trie-agent scan
+```
+> **Important:** MCP config only applies to the MCP server. CLI commands need the key in your shell environment.
+When AI is enabled, you'll see:
+- `AI-powered analysis enabled` in output
+- `[AI VALIDATED]` and `[AI FOUND]` tags on issues
+- Richer fix recommendations
+---
+## CI/CD Integration
+### GitHub Actions
 Copy the workflow files to your repo:
@@ -245,19 +370,15 @@ cp node_modules/@triedotdev/mcp/.github/workflows/trie-*.yml .github/workflows/
 ### Available Workflows
-#### Full Security Scan (`trie-security-scan.yml`)
-Runs on push to `main`/`develop`, PRs, and daily schedule (2 AM UTC).
-**Features:**
+**Full Security Scan** (`trie-security-scan.yml`)
+- Runs on push to `main`/`develop`, PRs, and daily schedule
 - Runs security agents: `security`, `privacy`, `soc2`, `legal`
 - Uploads SARIF to GitHub Security tab
 - Comments on PRs with summary
 - Fails build on critical issues
-#### Pre-commit Checks (`trie-pre-commit.yml`)
-Runs on every PR—fast, incremental scanning.
+**Pre-commit Checks** (`trie-pre-commit.yml`)
+- Runs on every PR—fast, incremental scanning
 ---
@@ -265,32 +386,32 @@ Runs on every PR—fast, incremental scanning.
 Native VS Code extension with inline diagnostics and quick fixes.
----
-## Built-in Agents
-### Security & Compliance
-| Agent | Command | What It Catches |
-|-------|---------|-----------------|
-| **Security** | `trie_security` | SQL injection, XSS, hardcoded secrets, auth bypasses, OWASP Top 10 |
-| **Privacy** | `trie_privacy` | GDPR/CCPA/PCI-DSS compliance, data exposure, logging sensitive data |
-| **SOC 2** | `trie_soc2` | Access control gaps, missing audit logs, encryption issues |
-| **Legal** | `trie_legal` | HIPAA/COPPA compliance, consent patterns, data retention |
+### Features
+- Inline diagnostics from Trie scans
+- Quick-fix code actions
+- Scan on save
+- Status bar integration
 ---
-## Special Agents
-These agents are **manually invoked**—they don't run during `trie_scan`.
+## Configuration
-### Super Reviewer
+### Scan Options
-Interactive PR reviews: walks through changes file-by-file with AI guidance.
+| Option | Description | Default |
+|--------|-------------|---------|
+| `parallel` | Run agents in parallel | `true` |
+| `cache` | Enable result caching | `true` |
+| `maxConcurrency` | Max parallel agents | `4` |
+| `timeoutMs` | Agent timeout in milliseconds | `120000` |
+| `streaming` | Stream progress updates | `true` |
+| `workers` | Use worker threads | `true` |
-### Agent Smith
+### Example
-The ultimate AI code enforcer—43 specialized hunters targeting AI-generated anti-patterns.
+```
+trie_scan with parallel: true, cache: true, maxConcurrency: 8
+```
 ---