@vibekiln/cutline-mcp-cli 0.1.0

package/dist/servers/tools-server.js

@@ -0,0 +1,287 @@
+#!/usr/bin/env node
+import {
+  isWriteTool
+} from "./chunk-KMUSQOTJ.js";
+import {
+  guardBoundary,
+  guardOutput,
+  withPerfTracking
+} from "./chunk-OP4EO6FV.js";
+import {
+  cfApplyEdits,
+  cfChatWithPersona,
+  cfGenerateChatSuggestion,
+  cfGenerateTrialRun,
+  cfGetWikiMarkdown,
+  cfSaveWikiMarkdown,
+  getPersona,
+  getPodcastIntroductions,
+  listPersonas,
+  mapErrorToMcp,
+  requirePremiumWithAutoAuth,
+  validateAuth,
+  validateRequestSize
+} from "./chunk-ZVWDXO6M.js";
+
+// ../mcp/dist/mcp/src/tools-server.js
+import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { CallToolRequestSchema, ErrorCode, ListToolsRequestSchema, McpError } from "@modelcontextprotocol/sdk/types.js";
+var server = new Server({
+  name: "cutline-tools",
+  version: "0.1.0"
+}, {
+  capabilities: {
+    tools: {}
+  }
+});
+server.setRequestHandler(ListToolsRequestSchema, async () => {
+  return {
+    tools: [
+      {
+        name: "trial_generate",
+        description: "Generate a trial run response",
+        inputSchema: {
+          type: "object",
+          properties: {
+            prompt: { type: "string" }
+          },
+          required: ["prompt"]
+        }
+      },
+      {
+        name: "agent_chat",
+        description: "Get chat suggestions for wiki editing",
+        inputSchema: {
+          type: "object",
+          properties: {
+            prompt: { type: "string" },
+            wikiMarkdown: { type: "string" },
+            auth_token: { type: "string" }
+          },
+          required: ["prompt"]
+        }
+      },
+      {
+        name: "wiki_load",
+        description: "Load wiki markdown",
+        inputSchema: {
+          type: "object",
+          properties: {
+            projectId: { type: "string" },
+            auth_token: { type: "string" }
+          },
+          required: ["projectId"]
+        }
+      },
+      {
+        name: "wiki_save",
+        description: "Save wiki markdown",
+        inputSchema: {
+          type: "object",
+          properties: {
+            projectId: { type: "string" },
+            markdown: { type: "string" },
+            auth_token: { type: "string" }
+          },
+          required: ["projectId", "markdown"]
+        }
+      },
+      {
+        name: "wiki_apply_edits",
+        description: "Apply edits to wiki",
+        inputSchema: {
+          type: "object",
+          properties: {
+            edits: { type: "array", items: { type: "object" } },
+            auth_token: { type: "string" }
+          },
+          required: ["edits"]
+        }
+      },
+      {
+        name: "personas_list",
+        description: "List personas for the authenticated user, optionally filtered by productId",
+        inputSchema: {
+          type: "object",
+          properties: {
+            productId: { type: "string", description: "Optional product ID to filter personas" },
+            auth_token: { type: "string" }
+          },
+          required: ["auth_token"]
+        }
+      },
+      {
+        name: "personas_get",
+        description: "Get a specific persona by ID",
+        inputSchema: {
+          type: "object",
+          properties: {
+            personaId: { type: "string" },
+            auth_token: { type: "string" }
+          },
+          required: ["personaId", "auth_token"]
+        }
+      },
+      {
+        name: "personas_chat",
+        description: "Chat with a persona. The persona object should include name, description, role, segment, demographics, personality, and behaviors.",
+        inputSchema: {
+          type: "object",
+          properties: {
+            persona: {
+              type: "object",
+              description: "Persona object with name, description, role, segment, demographics, personality, behaviors"
+            },
+            userMessage: { type: "string", description: "The user's message to the persona" },
+            product: {
+              type: "object",
+              description: "Optional product context (name, brief, etc.)"
+            },
+            conversationHistory: {
+              type: "array",
+              items: {
+                type: "object",
+                properties: {
+                  role: { type: "string", enum: ["user", "assistant"] },
+                  content: { type: "string" }
+                }
+              },
+              description: "Optional conversation history"
+            },
+            auth_token: { type: "string" }
+          },
+          required: ["persona", "userMessage", "auth_token"]
+        }
+      },
+      {
+        name: "podcast_get_participants",
+        description: "Get podcast-ready introductions for all personas in a product. Returns taglines, intro scripts, signature traits, and voice settings for each persona. Use this to have Cutline introduce podcast guests.",
+        inputSchema: {
+          type: "object",
+          properties: {
+            productId: { type: "string", description: "The product ID to get personas for" },
+            format: {
+              type: "string",
+              enum: ["json", "script", "bullets"],
+              description: "Output format: 'json' for structured data, 'script' for host-readable text, 'bullets' for quick reference"
+            },
+            auth_token: { type: "string" }
+          },
+          required: ["productId", "auth_token"]
+        }
+      }
+    ]
+  };
+});
+server.setRequestHandler(CallToolRequestSchema, async (request) => {
+  try {
+    const { name, arguments: rawArgs } = request.params;
+    if (!rawArgs)
+      throw new McpError(ErrorCode.InvalidParams, "Missing arguments");
+    validateRequestSize(rawArgs);
+    const { args } = guardBoundary(name, rawArgs);
+    const rawResponse = await withPerfTracking(name, async () => {
+      if (isWriteTool(name)) {
+        const peekToken = args.auth_token;
+        if (peekToken) {
+          const peekDecoded = await validateAuth(peekToken).catch(() => null);
+          if (peekDecoded && peekDecoded.accountType === "agent") {
+            throw new McpError(ErrorCode.InvalidRequest, "This is a read-only agent account. Write operations require the owner account.");
+          }
+        }
+      }
+      switch (name) {
+        case "trial_generate": {
+          const { prompt } = args;
+          const text = await cfGenerateTrialRun(prompt);
+          return {
+            content: [{ type: "text", text: JSON.stringify({ ok: true, text }) }]
+          };
+        }
+        case "agent_chat": {
+          const { prompt, wikiMarkdown, auth_token } = args;
+          await requirePremiumWithAutoAuth(auth_token);
+          const text = await cfGenerateChatSuggestion(prompt, wikiMarkdown);
+          return {
+            content: [{ type: "text", text: JSON.stringify({ text }) }]
+          };
+        }
+        case "wiki_load": {
+          const { projectId, auth_token } = args;
+          await requirePremiumWithAutoAuth(auth_token);
+          const markdown = await cfGetWikiMarkdown(projectId);
+          return {
+            content: [{ type: "text", text: JSON.stringify({ markdown }) }]
+          };
+        }
+        case "wiki_save": {
+          const { projectId, markdown, auth_token } = args;
+          const decoded = await requirePremiumWithAutoAuth(auth_token);
+          await cfSaveWikiMarkdown(projectId, markdown);
+          return {
+            content: [{ type: "text", text: JSON.stringify({ ok: true }) }]
+          };
+        }
+        case "wiki_apply_edits": {
+          const { edits, auth_token } = args;
+          await requirePremiumWithAutoAuth(auth_token);
+          const result = await cfApplyEdits(edits);
+          return {
+            content: [{ type: "text", text: JSON.stringify(result) }]
+          };
+        }
+        case "personas_list": {
+          const { productId, auth_token } = args;
+          const normalizedAuthToken = auth_token && auth_token !== "auto" && auth_token.trim() !== "" ? auth_token : void 0;
+          await requirePremiumWithAutoAuth(normalizedAuthToken);
+          const personas = await listPersonas(productId);
+          return {
+            content: [{ type: "text", text: JSON.stringify({ personas }) }]
+          };
+        }
+        case "personas_get": {
+          const { personaId, auth_token } = args;
+          const normalizedAuthToken = auth_token && auth_token !== "auto" && auth_token.trim() !== "" ? auth_token : void 0;
+          await requirePremiumWithAutoAuth(normalizedAuthToken);
+          const persona = await getPersona(personaId);
+          return {
+            content: [{ type: "text", text: JSON.stringify({ persona }) }]
+          };
+        }
+        case "personas_chat": {
+          const { persona, userMessage, product, conversationHistory, auth_token } = args;
+          const normalizedAuthToken = auth_token && auth_token !== "auto" && auth_token.trim() !== "" ? auth_token : void 0;
+          await requirePremiumWithAutoAuth(normalizedAuthToken);
+          const result = await cfChatWithPersona(persona, userMessage, product, conversationHistory);
+          return {
+            content: [{ type: "text", text: JSON.stringify(result) }]
+          };
+        }
+        case "podcast_get_participants": {
+          const { productId, format, auth_token } = args;
+          const normalizedAuthToken = auth_token && auth_token !== "auto" && auth_token.trim() !== "" ? auth_token : void 0;
+          await requirePremiumWithAutoAuth(normalizedAuthToken);
+          const result = await getPodcastIntroductions(productId, format || "json");
+          return {
+            content: [{ type: "text", text: JSON.stringify(result) }]
+          };
+        }
+        default:
+          throw new McpError(ErrorCode.MethodNotFound, `Unknown tool: ${name}`);
+      }
+    });
+    return guardOutput(name, rawResponse);
+  } catch (error) {
+    throw mapErrorToMcp(error, { tool: request.params.name });
+  }
+});
+async function run() {
+  const transport = new StdioServerTransport();
+  await server.connect(transport);
+  console.error("Cutline Tools MCP Server running on stdio");
+}
+run().catch((error) => {
+  console.error("Fatal error running server:", error);
+  process.exit(1);
+});

package/dist/utils/config-store.d.ts

@@ -0,0 +1,8 @@
+export interface McpConfig {
+    refreshToken?: string;
+    environment?: 'production' | 'staging';
+    apiKey?: string;
+}
+export declare function saveConfig(config: McpConfig): void;
+export declare function loadConfig(): McpConfig;
+export declare function getRefreshTokenFromFile(): string | null;

package/dist/utils/config-store.js

@@ -0,0 +1,35 @@
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+const CONFIG_DIR = path.join(os.homedir(), '.cutline-mcp');
+const CONFIG_FILE = path.join(CONFIG_DIR, 'config.json');
+function ensureConfigDir() {
+    if (!fs.existsSync(CONFIG_DIR)) {
+        fs.mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
+    }
+}
+export function saveConfig(config) {
+    ensureConfigDir();
+    const current = loadConfig();
+    const newConfig = { ...current, ...config };
+    // Remove legacy fields that are no longer stored (e.g. firebaseApiKey)
+    // to prevent stale values from causing cross-project auth mismatches
+    delete newConfig.firebaseApiKey;
+    fs.writeFileSync(CONFIG_FILE, JSON.stringify(newConfig, null, 2), { mode: 0o600 });
+}
+export function loadConfig() {
+    try {
+        if (fs.existsSync(CONFIG_FILE)) {
+            const content = fs.readFileSync(CONFIG_FILE, 'utf-8');
+            return JSON.parse(content);
+        }
+    }
+    catch (e) {
+        // Ignore errors, return empty config
+    }
+    return {};
+}
+export function getRefreshTokenFromFile() {
+    const config = loadConfig();
+    return config.refreshToken || null;
+}

package/dist/utils/config.d.ts

@@ -0,0 +1,22 @@
+export interface Config {
+    AUTH_URL: string;
+    CALLBACK_URL: string;
+    BASE_URL: string;
+}
+export interface ConfigWithApiKey extends Config {
+    FIREBASE_API_KEY: string;
+}
+/**
+ * Get static config (URLs only, no API key)
+ */
+export declare function getConfig(options?: {
+    staging?: boolean;
+}): Config;
+/**
+ * Fetch Firebase API key from the web app's public endpoint.
+ * This avoids hardcoding API keys in source code.
+ * Falls back to environment variables if fetch fails.
+ */
+export declare function fetchFirebaseApiKey(options?: {
+    staging?: boolean;
+}): Promise<string>;

package/dist/utils/config.js

@@ -0,0 +1,48 @@
+/**
+ * Get static config (URLs only, no API key)
+ */
+export function getConfig(options = {}) {
+    if (options.staging) {
+        return {
+            AUTH_URL: process.env.CUTLINE_AUTH_URL || 'https://cutline-staging.web.app/mcp-auth',
+            CALLBACK_URL: 'http://localhost:8765',
+            BASE_URL: 'https://cutline-staging.web.app',
+        };
+    }
+    return {
+        AUTH_URL: process.env.CUTLINE_AUTH_URL || 'https://thecutline.ai/mcp-auth',
+        CALLBACK_URL: 'http://localhost:8765',
+        BASE_URL: 'https://thecutline.ai',
+    };
+}
+/**
+ * Fetch Firebase API key from the web app's public endpoint.
+ * This avoids hardcoding API keys in source code.
+ * Falls back to environment variables if fetch fails.
+ */
+export async function fetchFirebaseApiKey(options = {}) {
+    // First check environment variables
+    const envKey = process.env.FIREBASE_API_KEY || process.env.NEXT_PUBLIC_FIREBASE_API_KEY;
+    if (envKey) {
+        return envKey;
+    }
+    // Fetch from web app endpoint
+    const config = getConfig(options);
+    try {
+        const response = await fetch(`${config.BASE_URL}/api/firebase-config`, {
+            headers: { 'Accept': 'application/json' },
+        });
+        if (!response.ok) {
+            throw new Error(`HTTP ${response.status}`);
+        }
+        const data = await response.json();
+        if (!data.apiKey) {
+            throw new Error('No apiKey in response');
+        }
+        return data.apiKey;
+    }
+    catch (error) {
+        throw new Error(`Failed to fetch Firebase config from ${config.BASE_URL}/api/firebase-config. ` +
+            `Please set FIREBASE_API_KEY environment variable or ensure network connectivity.`);
+    }
+}

package/mcpb/manifest.json

@@ -0,0 +1,77 @@
+{
+  "manifest_version": "0.3",
+  "name": "cutline-mcp",
+  "display_name": "Cutline — Engineering Guardrails",
+  "version": "0.5.0",
+  "description": "Security, reliability, and scalability constraints for your coding agent. Free code audits with 9 compliance frameworks built in.",
+  "long_description": "Cutline is a guardrail middleware for AI coding agents. It extracts non-functional requirements (security, scalability, reliability) from your ideas and injects them as structured constraints into your agent's context. Includes free code audits (3/month), SOC 2 / PCI-DSS / HIPAA / GDPR / OWASP LLM Top 10 compliance frameworks, pre-mortem risk analysis, and a Red-Green-Refactor workflow for systematic remediation.",
+  "author": {
+    "name": "Cutline",
+    "url": "https://thecutline.ai"
+  },
+  "repository": "https://github.com/kylewadegrove/cutline",
+  "homepage": "https://thecutline.ai",
+  "documentation": "https://thecutline.ai/docs/setup",
+  "license": "MIT",
+  "keywords": [
+    "security",
+    "guardrail",
+    "vibecoding",
+    "code-audit",
+    "compliance",
+    "soc2",
+    "nfr",
+    "constraint",
+    "pre-mortem"
+  ],
+  "server": {
+    "type": "node",
+    "entry_point": "server/cutline-server.js",
+    "mcp_config": {
+      "command": "npx",
+      "args": ["-y", "@vibekiln/cutline-mcp-cli@latest", "serve", "constraints"]
+    }
+  },
+  "tools": [
+    {
+      "name": "engineering_audit",
+      "description": "Premium deep, product-linked engineering audit with RGR remediation planning"
+    },
+    {
+      "name": "code_audit",
+      "description": "Free security, reliability, and scalability code audit of your codebase (3/month)"
+    },
+    {
+      "name": "constraints_auto",
+      "description": "Auto-inject relevant constraints based on file context"
+    },
+    {
+      "name": "constraints_query",
+      "description": "Query product constraints by keyword"
+    },
+    {
+      "name": "exploration_start",
+      "description": "Start a guided product idea exploration"
+    },
+    {
+      "name": "premortem_run",
+      "description": "Run a full pre-mortem risk analysis on a product idea"
+    },
+    {
+      "name": "graph_metrics",
+      "description": "Get engineering readiness scores and NFR coverage"
+    }
+  ],
+  "user_config": {
+    "properties": {
+      "CUTLINE_ENVIRONMENT": {
+        "type": "string",
+        "description": "Environment: 'production' or 'staging'",
+        "default": "production"
+      }
+    }
+  },
+  "compatibility": {
+    "clients": ["claude-desktop"]
+  }
+}

package/package.json

@@ -0,0 +1,76 @@
+{
+    "name": "@vibekiln/cutline-mcp-cli",
+    "version": "0.1.0",
+    "description": "CLI and MCP servers for Cutline — authenticate, then run constraint-aware MCP servers in Cursor or any MCP client.",
+    "type": "module",
+    "main": "dist/index.js",
+    "bin": {
+        "cutline-mcp": "./dist/index.js"
+    },
+    "files": [
+        "dist/**/*",
+        "README.md",
+        "server.json",
+        "smithery.yaml",
+        "Dockerfile",
+        "mcpb/manifest.json"
+    ],
+    "scripts": {
+        "build:cli": "tsc",
+        "build:servers": "node scripts/bundle-servers.mjs",
+        "build": "npm run build:cli && npm run build:servers",
+        "build:mcpb": "bash scripts/build-mcpb.sh",
+        "dev": "tsc --watch",
+        "start": "node dist/index.js",
+        "prepublishOnly": "npm run build"
+    },
+    "mcpName": "ai.thecutline/cutline-mcp",
+    "keywords": [
+        "cutline",
+        "mcp",
+        "mcp-server",
+        "model-context-protocol",
+        "cli",
+        "security",
+        "guardrail",
+        "vibecoding",
+        "cursor",
+        "claude",
+        "windsurf",
+        "code-audit",
+        "engineering-audit",
+        "nfr",
+        "constraint",
+        "soc2",
+        "hipaa",
+        "pci-dss",
+        "gdpr",
+        "owasp",
+        "pre-mortem",
+        "ai-safety",
+        "cursor-security"
+    ],
+    "author": "Cutline",
+    "license": "MIT",
+    "dependencies": {
+        "@modelcontextprotocol/sdk": "^1.0.0",
+        "chalk": "^4.1.2",
+        "commander": "^11.1.0",
+        "dotenv": "^16.4.5",
+        "open": "^9.1.0",
+        "ora": "^5.4.1",
+        "zod": "^3.23.8"
+    },
+    "devDependencies": {
+        "@types/express": "^4.17.21",
+        "@types/node": "^20.0.0",
+        "esbuild": "^0.25.0",
+        "typescript": "^5.3.0"
+    },
+    "engines": {
+        "node": ">=18.0.0"
+    },
+    "publishConfig": {
+        "access": "public"
+    }
+}

package/server.json

@@ -0,0 +1,42 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
+  "name": "ai.thecutline/cutline-mcp",
+  "title": "Cutline — Engineering Guardrails for Vibecoding",
+  "description": "Security, reliability, and scalability constraints for your coding agent. Free code audits, compliance frameworks, and pre-mortem analysis.",
+  "version": "0.5.0",
+  "repository": {
+    "url": "https://github.com/kylewadegrove/cutline",
+    "source": "github"
+  },
+  "websiteUrl": "https://thecutline.ai",
+  "icons": {
+    "light": "https://thecutline.ai/assets/brand/cutline-icon-light.png",
+    "dark": "https://thecutline.ai/assets/brand/cutline-icon-dark.png"
+  },
+  "packages": [
+    {
+      "registryType": "npm",
+      "identifier": "@vibekiln/cutline-mcp-cli",
+      "version": "0.5.0",
+      "transport": {
+        "type": "stdio"
+      },
+      "environment_variables": [
+        {
+          "name": "CUTLINE_AUTH",
+          "description": "Authentication is handled via `cutline-mcp login` (stored in keychain). No manual env vars needed.",
+          "required": false
+        }
+      ]
+    }
+  ],
+  "_meta": {
+    "io.modelcontextprotocol.registry/publisher-provided": {
+      "categories": ["security", "infrastructure", "developer-tools"],
+      "compliance_frameworks": ["SOC 2", "PCI-DSS", "HIPAA", "GDPR/CCPA", "OWASP LLM Top 10", "FedRAMP", "GLBA", "FERPA/COPPA"],
+      "free_tier": true,
+      "free_tools": ["code_audit", "exploration_start", "exploration_chat", "exploration_graduate", "llm_status", "perf_status"],
+      "tool_count": 54
+    }
+  }
+}

package/smithery.yaml

@@ -0,0 +1,10 @@
+# Smithery registry configuration for Cutline MCP
+# https://smithery.ai/docs/publishing
+
+runtime: "container"
+
+env:
+  NODE_ENV: "production"
+
+# The Dockerfile builds a minimal image with the bundled MCP server
+# and exposes the stdio transport for Smithery's container runtime.