@vibecheckai/cli 3.1.8 → 3.2.0

package/mcp-server/consolidated-tools.js

@@ -1,25 +1,73 @@
 /**
  * Vibecheck MCP Consolidated Tools
  * 
- * Reduced from 50+ tools to 15 focused tools that map to CLI commands.
+ * Reduced from 50+ tools to a curated set for agents.
  * Each tool returns evidence-backed responses with file/line citations.
  * 
  * Tool Categories:
  * 1. Core Commands (5) - ship, scan, fix, verify, ctx
  * 2. Truth Queries (5) - truthpack, routes, env, auth, billing
  * 3. Evidence (3) - validate_claim, evidence, proof_graph
- * 4. Utilities (2) - status, doctor
+ * 4. Proof Artifacts (2) - evidence_pack, allowlist
+ * 5. Utilities (2) - status, doctor
+ * 
+ * Response Format (Standardized):
+ * {
+ *   ok: boolean,
+ *   data: any,
+ *   evidence: Array<{ file, line, snippet, confidence }>,
+ *   metadata: { timestamp, cached, projectFingerprint }
+ * }
  */
 
 import { execSync, spawn } from 'child_process';
 import fs from 'fs';
 import path from 'path';
+import { handleTruthFirewallTool } from './truth-firewall-tools.js';
+import { PROOF_TOOLS, handleProofTool } from './proof-tools.js';
 
 // ============================================================================
-// TOOL DEFINITIONS (15 Core Tools)
+// STANDARDIZED RESPONSE WRAPPER
 // ============================================================================
 
-export const CONSOLIDATED_TOOLS = [
+function wrapResponse(data, options = {}) {
+  const { evidence = [], cached = false, error = null } = options;
+  
+  if (error) {
+    return {
+      ok: false,
+      error: typeof error === 'string' ? error : error.message,
+      data: null,
+      evidence: [],
+      metadata: {
+        timestamp: new Date().toISOString(),
+        cached: false
+      }
+    };
+  }
+  
+  return {
+    ok: true,
+    data,
+    evidence: evidence.map(e => ({
+      file: e.file || null,
+      line: e.line || e.lines || null,
+      snippet: e.snippet || e.code || null,
+      confidence: e.confidence || 0.9,
+      reason: e.reason || null
+    })),
+    metadata: {
+      timestamp: new Date().toISOString(),
+      cached
+    }
+  };
+}
+
+// ============================================================================
+// TOOL DEFINITIONS (Curated for Agents)
+// ============================================================================
+
+const ALL_TOOLS = [
   // === CORE COMMANDS (5) ===
   {
     name: "vibecheck.ship",
@@ -159,6 +207,57 @@ export const CONSOLIDATED_TOOLS = [
       required: ["claim"]
     }
   },
+  {
+    name: "vibecheck.compile_context",
+    description: "Get task-focused context with invariants and policy controls.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        task: { type: "string", description: "Task description" },
+        policy: { type: "string", enum: ["strict", "balanced", "permissive"], default: "strict" }
+      },
+      required: ["task"]
+    }
+  },
+  {
+    name: "vibecheck.search_evidence",
+    description: "Search for evidence with file/line citations.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        query: { type: "string", description: "What to search for" },
+        type: { type: "string", enum: ["route", "handler", "middleware", "component", "env_var", "model", "any"], default: "any" },
+        limit: { type: "number", default: 10 }
+      },
+      required: ["query"]
+    }
+  },
+  {
+    name: "vibecheck.find_counterexamples",
+    description: "Find counterexamples that falsify auth/billing claims.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        claim: { type: "string", enum: ["auth_enforced", "billing_gate_exists", "route_guarded", "no_bypass"] },
+        subject: { type: "object" }
+      },
+      required: ["claim", "subject"]
+    }
+  },
+  {
+    name: "vibecheck.check_invariants",
+    description: "Check invariants (auth/billing/ux/api) for ship-killers.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        category: { type: "string", enum: ["all", "auth", "billing", "security", "ux", "api"], default: "all" }
+      }
+    }
+  },
   {
     name: "vibecheck.get_evidence",
     description: "Get file/line evidence for a specific finding or claim.",
@@ -240,6 +339,42 @@ export const CONSOLIDATED_TOOLS = [
     }
   },
 
+  // === PROOF ARTIFACTS (2) ===
+  {
+    name: "vibecheck.evidence_pack",
+    description: "Build shareable evidence pack with videos, traces, screenshots. Returns zip path.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        includeVideos: { type: "boolean", description: "Include recorded videos", default: true },
+        includeTraces: { type: "boolean", description: "Include Playwright traces", default: true },
+        includeScreenshots: { type: "boolean", description: "Include screenshots", default: true },
+        applyAllowlist: { type: "boolean", description: "Filter by allowlist", default: true }
+      }
+    }
+  },
+  {
+    name: "vibecheck.allowlist",
+    description: "Manage finding allowlist. Add entries to suppress known false positives.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        action: { 
+          type: "string", 
+          enum: ["list", "add", "remove", "check"],
+          description: "Action to perform",
+          default: "list"
+        },
+        findingId: { type: "string", description: "Finding ID to add/remove (for add/remove)" },
+        pattern: { type: "string", description: "Pattern to match (for add)" },
+        reason: { type: "string", description: "Reason for allowlisting (for add)" },
+        scope: { type: "string", enum: ["global", "file", "line"], default: "global" }
+      }
+    }
+  },
+
   // === UTILITIES (2) ===
   {
     name: "vibecheck.status",
@@ -260,9 +395,62 @@ export const CONSOLIDATED_TOOLS = [
         projectPath: { type: "string", description: "Path to project root", default: "." }
       }
     }
+  },
+  
+  // === RUNTIME (1) ===
+  {
+    name: "vibecheck.reality",
+    description: "Run runtime browser verification with optional video/trace recording.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        url: { type: "string", description: "Base URL to verify (required)" },
+        projectPath: { type: "string", description: "Path to project root", default: "." },
+        auth: { type: "string", description: "Login credentials as email:password" },
+        recordVideo: { type: "boolean", description: "Record video of session", default: false },
+        recordTrace: { type: "boolean", description: "Record Playwright trace", default: false },
+        maxPages: { type: "number", description: "Max pages to crawl", default: 18 }
+      },
+      required: ["url"]
+    }
   }
 ];
 
+const ALLOWED_TOOL_NAMES = new Set([
+  // Core
+  "vibecheck.ship",
+  "vibecheck.scan",
+  "vibecheck.ctx",
+  // Truth
+  "vibecheck.get_truthpack",
+  "vibecheck.validate_claim",
+  "vibecheck.compile_context",
+  "vibecheck.search_evidence",
+  "vibecheck.find_counterexamples",
+  "vibecheck.check_invariants",
+  // Proof artifacts
+  "vibecheck.evidence_pack",
+  "vibecheck.allowlist",
+  // Runtime
+  "vibecheck.reality",
+  // Proof tools (new)
+  "vibecheck.prove",
+  "vibecheck.prove_status",
+  "vibecheck.get_evidence",
+  "vibecheck.check_flaky",
+  "vibecheck.allowlist_add",
+  "vibecheck.get_proof_graph",
+  // Utilities
+  "vibecheck.status",
+]);
+
+// Combine base tools with proof tools
+const COMBINED_TOOLS = [...ALL_TOOLS, ...PROOF_TOOLS];
+
+export const CONSOLIDATED_TOOLS = COMBINED_TOOLS.filter((tool) =>
+  ALLOWED_TOOL_NAMES.has(tool.name),
+);
+
 // ============================================================================
 // TOOL HANDLERS
 // ============================================================================
@@ -273,54 +461,46 @@ export async function handleConsolidatedTool(name, args) {
   switch (name) {
     // Core Commands
     case "vibecheck.ship":
-      return await runCliCommand("ship", projectPath, args);
+      return wrapResponse(await runCliCommand("ship", projectPath, args));
     case "vibecheck.scan":
-      return await runCliCommand("scan", projectPath, args);
-    case "vibecheck.fix":
-      return await runCliCommand("fix", projectPath, args);
-    case "vibecheck.verify":
-      return await runCliCommand("verify", projectPath, args);
+      return wrapResponse(await runCliCommand("scan", projectPath, args));
     case "vibecheck.ctx":
-      return await runCliCommand("ctx", projectPath, args);
-    
-    // Truth Queries
+      return wrapResponse(await runCliCommand("ctx", projectPath, args));
+
+    // Truth Firewall / Evidence
     case "vibecheck.get_truthpack":
-      return await getTruthpack(projectPath, args.refresh);
-    case "vibecheck.get_routes":
-      return await getRoutes(projectPath, args.type);
-    case "vibecheck.get_env":
-      return await getEnv(projectPath);
-    case "vibecheck.get_auth":
-      return await getAuth(projectPath);
-    case "vibecheck.get_billing":
-      return await getBilling(projectPath);
-    
-    // Evidence
     case "vibecheck.validate_claim":
-      return await validateClaim(projectPath, args.claim, args.type);
+    case "vibecheck.compile_context":
+    case "vibecheck.search_evidence":
+    case "vibecheck.find_counterexamples":
+    case "vibecheck.check_invariants":
+      return await handleTruthFirewallTool(name, args, projectPath);
+    
+    // Proof Artifacts
+    case "vibecheck.evidence_pack":
+      return await handleEvidencePack(projectPath, args);
+    case "vibecheck.allowlist":
+      return await handleAllowlist(projectPath, args);
+    
+    // Runtime
+    case "vibecheck.reality":
+      return await handleReality(projectPath, args);
+    
+    // Proof Tools
+    case "vibecheck.prove":
+    case "vibecheck.prove_status":
     case "vibecheck.get_evidence":
-      return await getEvidence(projectPath, args);
+    case "vibecheck.check_flaky":
+    case "vibecheck.allowlist_add":
     case "vibecheck.get_proof_graph":
-      return await getProofGraph(projectPath);
+      return await handleProofTool(name, { ...args, projectPath });
     
     // Utilities
     case "vibecheck.status":
-      return await getStatus(projectPath);
-    case "vibecheck.doctor":
-      return await runCliCommand("doctor", projectPath, args);
-    
-    // Spec-required tools
-    case "vibecheck.get_contracts":
-      return await getContracts(projectPath);
-    case "vibecheck.validate_plan":
-      return await validatePlan(projectPath, args.plan);
-    case "vibecheck.share":
-      return await buildShare(projectPath, args.missionDir);
-    case "vibecheck.pr_comment":
-      return await renderPRComment(projectPath, args.maxFindings);
+      return wrapResponse(await getStatus(projectPath));
     
     default:
-      return { error: `Unknown tool: ${name}`, available: CONSOLIDATED_TOOLS.map(t => t.name) };
+      return wrapResponse(null, { error: `Unknown tool: ${name}. Available: ${CONSOLIDATED_TOOLS.map(t => t.name).join(', ')}` });
   }
 }
 
@@ -801,4 +981,190 @@ async function renderPRComment(projectPath, maxFindings = 12) {
   }
 }
 
-export default { CONSOLIDATED_TOOLS, handleConsolidatedTool };
+// ============================================================================
+// PROOF ARTIFACT HANDLERS
+// ============================================================================
+
+async function handleEvidencePack(projectPath, args) {
+  try {
+    // Try to import the evidence-pack module
+    const evidencePackPath = path.join(path.dirname(new URL(import.meta.url).pathname), '..', 'bin', 'runners', 'lib', 'evidence-pack.js');
+    
+    // For Windows, fix the path
+    const normalizedPath = process.platform === 'win32' 
+      ? evidencePackPath.replace(/^\/([A-Za-z]):/, '$1:')
+      : evidencePackPath;
+    
+    let evidencePack;
+    try {
+      evidencePack = await import(`file://${normalizedPath}`);
+    } catch {
+      // Fall back to CLI command
+      return wrapResponse(await runCliCommand("evidence-pack", projectPath, args));
+    }
+    
+    const pack = await evidencePack.buildEvidencePack(projectPath, {
+      includeVideos: args.includeVideos !== false,
+      includeTraces: args.includeTraces !== false,
+      includeScreenshots: args.includeScreenshots !== false,
+      applyAllowlist: args.applyAllowlist !== false
+    });
+    
+    return wrapResponse({
+      packId: pack.id,
+      manifestPath: pack.manifestPath,
+      zipPath: pack.zipPath,
+      summary: pack.summary
+    }, {
+      evidence: pack.manifest.findings.slice(0, 5).map(f => ({
+        file: f.where?.file,
+        line: f.where?.line,
+        snippet: f.what,
+        confidence: f.confidence
+      }))
+    });
+  } catch (error) {
+    return wrapResponse(null, { error: error.message });
+  }
+}
+
+async function handleAllowlist(projectPath, args) {
+  try {
+    const evidencePackPath = path.join(path.dirname(new URL(import.meta.url).pathname), '..', 'bin', 'runners', 'lib', 'evidence-pack.js');
+    const normalizedPath = process.platform === 'win32' 
+      ? evidencePackPath.replace(/^\/([A-Za-z]):/, '$1:')
+      : evidencePackPath;
+    
+    let evidencePack;
+    try {
+      evidencePack = await import(`file://${normalizedPath}`);
+    } catch {
+      return wrapResponse(null, { error: 'Evidence pack module not available' });
+    }
+    
+    const action = args.action || 'list';
+    
+    switch (action) {
+      case 'list': {
+        const allowlist = evidencePack.loadAllowlist(projectPath);
+        return wrapResponse({
+          entries: allowlist.entries || [],
+          lastUpdated: allowlist.lastUpdated
+        });
+      }
+      
+      case 'add': {
+        if (!args.findingId && !args.pattern) {
+          return wrapResponse(null, { error: 'Either findingId or pattern is required' });
+        }
+        
+        const entry = evidencePack.addToAllowlist(projectPath, {
+          findingId: args.findingId,
+          pattern: args.pattern,
+          reason: args.reason || 'Added via MCP tool',
+          scope: args.scope || 'global',
+          addedBy: 'mcp'
+        });
+        
+        return wrapResponse({
+          added: entry,
+          message: `Added allowlist entry: ${entry.id}`
+        });
+      }
+      
+      case 'remove': {
+        if (!args.findingId) {
+          return wrapResponse(null, { error: 'findingId is required for remove action' });
+        }
+        
+        const allowlist = evidencePack.loadAllowlist(projectPath);
+        const before = allowlist.entries.length;
+        allowlist.entries = allowlist.entries.filter(e => e.id !== args.findingId && e.findingId !== args.findingId);
+        evidencePack.saveAllowlist(projectPath, allowlist);
+        
+        return wrapResponse({
+          removed: before - allowlist.entries.length,
+          remaining: allowlist.entries.length
+        });
+      }
+      
+      case 'check': {
+        if (!args.findingId) {
+          return wrapResponse(null, { error: 'findingId is required for check action' });
+        }
+        
+        const allowlist = evidencePack.loadAllowlist(projectPath);
+        const result = evidencePack.isAllowlisted({ id: args.findingId }, allowlist);
+        
+        return wrapResponse({
+          allowed: result.allowed,
+          reason: result.reason,
+          entryId: result.entry?.id
+        });
+      }
+      
+      default:
+        return wrapResponse(null, { error: `Unknown action: ${action}` });
+    }
+  } catch (error) {
+    return wrapResponse(null, { error: error.message });
+  }
+}
+
+async function handleReality(projectPath, args) {
+  try {
+    if (!args.url) {
+      return wrapResponse(null, { error: 'url is required' });
+    }
+    
+    const cmdArgs = {
+      url: args.url,
+      projectPath,
+      json: true
+    };
+    
+    if (args.auth) cmdArgs.auth = args.auth;
+    if (args.recordVideo) cmdArgs['--video'] = true;
+    if (args.recordTrace) cmdArgs['--trace'] = true;
+    if (args.maxPages) cmdArgs.maxPages = args.maxPages;
+    
+    // Build CLI command
+    const binPath = path.join(path.dirname(new URL(import.meta.url).pathname), '..', 'bin', 'vibecheck.js');
+    const normalizedBinPath = process.platform === 'win32' 
+      ? binPath.replace(/^\/([A-Za-z]):/, '$1:')
+      : binPath;
+    
+    let cliArgs = ['reality', '--url', args.url, '--json'];
+    if (args.auth) cliArgs.push('--auth', args.auth);
+    if (args.recordVideo) cliArgs.push('--video');
+    if (args.recordTrace) cliArgs.push('--trace');
+    if (args.maxPages) cliArgs.push('--max-pages', String(args.maxPages));
+    
+    const result = execSync(`node "${normalizedBinPath}" ${cliArgs.join(' ')}`, {
+      cwd: projectPath,
+      encoding: 'utf8',
+      timeout: 300000 // 5 minutes for runtime tests
+    });
+    
+    try {
+      const parsed = JSON.parse(result);
+      return wrapResponse(parsed, {
+        evidence: (parsed.findings || []).slice(0, 5).map(f => ({
+          file: f.file,
+          line: f.line,
+          snippet: f.title,
+          confidence: f.confidence || 0.8
+        }))
+      });
+    } catch {
+      return wrapResponse({ output: result });
+    }
+  } catch (error) {
+    return wrapResponse(null, { 
+      error: error.message,
+      output: error.stdout || error.stderr 
+    });
+  }
+}
+
+export default { CONSOLIDATED_TOOLS, handleConsolidatedTool, wrapResponse };