@vibekiln/cutline-mcp-cli 0.1.0

package/dist/servers/chunk-ZVWDXO6M.js

@@ -0,0 +1,1063 @@
+// ../mcp/dist/mcp/src/utils.js
+import { McpError, ErrorCode } from "@modelcontextprotocol/sdk/types.js";
+import fs from "fs";
+import path from "path";
+import os from "os";
+function decodeIdTokenLocally(idToken) {
+  const parts = idToken.split(".");
+  if (parts.length !== 3) {
+    throw new McpError(ErrorCode.InvalidRequest, "Malformed ID token");
+  }
+  try {
+    const base64 = parts[1].replace(/-/g, "+").replace(/_/g, "/");
+    const payload = JSON.parse(Buffer.from(base64, "base64").toString("utf-8"));
+    const uid = payload.sub || payload.user_id;
+    if (!uid || typeof uid !== "string") {
+      throw new Error("Token missing uid (sub/user_id)");
+    }
+    return { uid, email: payload.email, ...payload };
+  } catch (e) {
+    if (e instanceof McpError)
+      throw e;
+    throw new McpError(ErrorCode.InvalidRequest, `Failed to decode token: ${(e.message || "").slice(0, 100)}`);
+  }
+}
+function getCloudFunctionsBaseUrl(environment) {
+  return environment === "staging" ? "https://us-central1-cutline-staging.cloudfunctions.net" : "https://us-central1-cutline-prod.cloudfunctions.net";
+}
+async function checkSubscriptionViaApi(idToken, environment) {
+  const baseUrl = getCloudFunctionsBaseUrl(environment);
+  try {
+    const res = await fetch(`${baseUrl}/mcpSubscriptionStatus`, {
+      method: "GET",
+      headers: { Authorization: `Bearer ${idToken}` },
+      signal: (() => {
+        const c = new AbortController();
+        setTimeout(() => c.abort(), 1e4);
+        return c.signal;
+      })()
+    });
+    if (!res.ok) {
+      console.error(`[MCP Auth] Subscription check failed: HTTP ${res.status}`);
+      return false;
+    }
+    const data = await res.json();
+    const validStatuses = ["active", "trialing"];
+    return validStatuses.includes(data.status ?? "");
+  } catch (e) {
+    console.error("[MCP Auth] Subscription API error:", (e.message || "").slice(0, 200));
+    return false;
+  }
+}
+var MAX_REQUEST_SIZE = 10 * 1024 * 1024;
+var MAX_JSON_STRING_LENGTH = 50 * 1024 * 1024;
+function validateRequestSize(args) {
+  if (!args || typeof args !== "object") {
+    return;
+  }
+  try {
+    const jsonString = JSON.stringify(args);
+    if (jsonString.length > MAX_JSON_STRING_LENGTH) {
+      throw new McpError(ErrorCode.InvalidParams, `Request payload too large. Maximum size is ${MAX_REQUEST_SIZE / (1024 * 1024)}MB`);
+    }
+  } catch (error) {
+    if (error instanceof McpError)
+      throw error;
+    console.error("[MCP] Failed to validate request size:", error);
+  }
+}
+function mapErrorToMcp(error, context) {
+  const errorId = `err-${Date.now()}-${Math.random().toString(36).slice(2, 9)}`;
+  const isClientError = error instanceof McpError || error?.code && typeof error.code === "string" && error.code.startsWith("4");
+  console.error("Operation failed:", {
+    errorId,
+    tool: context?.tool,
+    operation: context?.operation,
+    error: error instanceof Error ? {
+      name: error.name,
+      message: error.message,
+      stack: error.stack
+    } : String(error)
+  });
+  if (error instanceof McpError) {
+    return error;
+  }
+  const message = error instanceof Error ? error.message : String(error);
+  const sanitizedMessage = sanitizeErrorMessage(message);
+  if (message.includes("NOT_FOUND") || message.includes("404")) {
+    return new McpError(ErrorCode.InvalidRequest, `Resource not found`);
+  }
+  if (message.includes("PERMISSION_DENIED") || message.includes("403")) {
+    return new McpError(ErrorCode.InvalidRequest, `Permission denied`);
+  }
+  if (message.includes("UNAUTHENTICATED") || message.includes("401")) {
+    return new McpError(ErrorCode.InvalidRequest, `Unauthenticated`);
+  }
+  if (isClientError) {
+    return new McpError(ErrorCode.InvalidParams, sanitizedMessage);
+  }
+  return new McpError(ErrorCode.InternalError, `Internal error: ${sanitizedMessage}`);
+}
+function sanitizeErrorMessage(message) {
+  let sanitized = message.replace(/\/[^\s]+/g, "[path]").replace(/[^\s]+@[^\s]+/g, "[email]").replace(/[A-Za-z0-9_-]{40,}/g, "[token]").slice(0, 500);
+  return sanitized || "An error occurred";
+}
+async function validateAuth(authToken) {
+  if (!authToken)
+    return null;
+  try {
+    return decodeIdTokenLocally(authToken);
+  } catch (e) {
+    const errorMsg = e?.message || String(e);
+    console.error("[MCP Auth] Token decode failed:", errorMsg.slice(0, 200));
+    throw new McpError(ErrorCode.InvalidRequest, `Invalid auth token: ${errorMsg.slice(0, 100)}`);
+  }
+}
+async function validateSubscription(idToken, environment) {
+  return checkSubscriptionViaApi(idToken, environment);
+}
+async function requirePremium(authToken, environment) {
+  const decoded = await validateAuth(authToken);
+  if (!decoded) {
+    throw new McpError(ErrorCode.InvalidRequest, "Authentication required. Run 'cutline-mcp login' to authenticate.");
+  }
+  const hasSubscription = await validateSubscription(authToken, environment);
+  if (!hasSubscription) {
+    throw new McpError(ErrorCode.InvalidRequest, "Premium subscription required. Please upgrade at https://thecutline.ai/upgrade");
+  }
+  return decoded;
+}
+async function resolveAuthContext(authToken) {
+  const decoded = await requirePremiumWithAutoAuth(authToken);
+  const accountType = decoded.accountType;
+  const ownerUid = decoded.ownerUid;
+  if (accountType === "agent") {
+    if (!ownerUid) {
+      throw new McpError(ErrorCode.InvalidRequest, "Agent account is misconfigured: missing ownerUid claim.");
+    }
+    return { decoded, isAgent: true, effectiveUid: ownerUid };
+  }
+  return { decoded, isAgent: false, effectiveUid: decoded.uid };
+}
+var MAX_CACHE_SIZE = 100;
+var CACHE_CLEANUP_INTERVAL = 5 * 60 * 1e3;
+var tokenCache = /* @__PURE__ */ new Map();
+var lastCleanup = Date.now();
+function cleanupTokenCache() {
+  const now = Date.now();
+  for (const [key, value] of tokenCache.entries()) {
+    if (now >= value.expiresAt) {
+      tokenCache.delete(key);
+    }
+  }
+  if (tokenCache.size > MAX_CACHE_SIZE) {
+    const entriesToRemove = tokenCache.size - MAX_CACHE_SIZE;
+    const keysToRemove = [];
+    for (const key of tokenCache.keys()) {
+      if (keysToRemove.length >= entriesToRemove)
+        break;
+      keysToRemove.push(key);
+    }
+    keysToRemove.forEach((key) => tokenCache.delete(key));
+  }
+  lastCleanup = now;
+}
+function getCachedToken(refreshToken) {
+  if (Date.now() - lastCleanup > CACHE_CLEANUP_INTERVAL) {
+    cleanupTokenCache();
+  }
+  const cached = tokenCache.get(refreshToken);
+  if (!cached) {
+    return null;
+  }
+  if (Date.now() >= cached.expiresAt) {
+    tokenCache.delete(refreshToken);
+    return null;
+  }
+  cached.lastUsed = Date.now();
+  tokenCache.delete(refreshToken);
+  tokenCache.set(refreshToken, cached);
+  return cached.idToken;
+}
+function setCachedToken(refreshToken, idToken, expiresAt) {
+  if (tokenCache.size >= MAX_CACHE_SIZE) {
+    cleanupTokenCache();
+  }
+  tokenCache.delete(refreshToken);
+  tokenCache.set(refreshToken, {
+    idToken,
+    expiresAt,
+    lastUsed: Date.now()
+  });
+}
+var cachedApiKey = null;
+var API_KEY_CACHE_TTL = 36e5;
+async function getFirebaseApiKey(environment) {
+  const env = environment || "production";
+  if (env === "staging") {
+    if (process.env.FIREBASE_API_KEY_STAGING) {
+      return process.env.FIREBASE_API_KEY_STAGING;
+    }
+  }
+  const apiKey = process.env.FIREBASE_API_KEY || process.env.NEXT_PUBLIC_FIREBASE_API_KEY;
+  if (apiKey) {
+    return apiKey;
+  }
+  if (cachedApiKey && cachedApiKey.environment === env && Date.now() - cachedApiKey.fetchedAt < API_KEY_CACHE_TTL) {
+    return cachedApiKey.key;
+  }
+  const baseUrl = env === "staging" ? "https://cutline-staging.web.app" : "https://thecutline.ai";
+  try {
+    const response = await fetch(`${baseUrl}/api/firebase-config`, {
+      headers: { "Accept": "application/json" },
+      signal: (() => {
+        const controller = new AbortController();
+        setTimeout(() => controller.abort(), 5e3);
+        return controller.signal;
+      })()
+    });
+    if (!response.ok) {
+      throw new Error(`HTTP ${response.status}`);
+    }
+    const data = await response.json();
+    if (!data.apiKey) {
+      throw new Error("No apiKey in response");
+    }
+    cachedApiKey = { key: data.apiKey, environment: env, fetchedAt: Date.now() };
+    return data.apiKey;
+  } catch (error) {
+    throw new Error(`Firebase API key not found. Set FIREBASE_API_KEY environment variable or ensure ${baseUrl}/api/firebase-config is accessible.`);
+  }
+}
+async function exchangeRefreshToken(refreshToken, firebaseApiKey, maxRetries = 3) {
+  const FIREBASE_API_KEY = firebaseApiKey || await getFirebaseApiKey();
+  let lastError;
+  for (let attempt = 0; attempt < maxRetries; attempt++) {
+    try {
+      const response = await fetch(`https://securetoken.googleapis.com/v1/token?key=${FIREBASE_API_KEY}`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          grant_type: "refresh_token",
+          refresh_token: refreshToken
+        }),
+        // Add timeout to prevent hanging requests
+        signal: (() => {
+          const controller = new AbortController();
+          setTimeout(() => controller.abort(), 1e4);
+          return controller.signal;
+        })()
+      });
+      if (!response.ok) {
+        const error = await response.json();
+        const errorMessage = error.error?.message || "Unknown error";
+        if (response.status >= 400 && response.status < 500) {
+          throw new Error(`Token exchange failed: ${errorMessage}`);
+        }
+        lastError = new Error(`Token exchange failed (attempt ${attempt + 1}/${maxRetries}): ${errorMessage}`);
+        if (attempt < maxRetries - 1) {
+          await new Promise((resolve) => setTimeout(resolve, 500 * Math.pow(2, attempt)));
+          continue;
+        }
+        throw lastError;
+      }
+      const data = await response.json();
+      const idToken = data.id_token;
+      try {
+        const parts = idToken.split(".");
+        if (parts.length === 3) {
+          const payload = JSON.parse(Buffer.from(parts[1], "base64").toString());
+          const tokenProjectId = payload.aud || payload.project_id;
+          console.error(`[MCP Auth] Token exchanged successfully for project: ${tokenProjectId}`);
+        }
+      } catch (e) {
+      }
+      return idToken;
+    } catch (error) {
+      if (error.name === "AbortError" || error.name === "TypeError" || error.message?.includes("fetch")) {
+        lastError = error;
+        if (attempt < maxRetries - 1) {
+          await new Promise((resolve) => setTimeout(resolve, 500 * Math.pow(2, attempt)));
+          continue;
+        }
+      } else {
+        throw error;
+      }
+    }
+  }
+  throw lastError || new Error("Token exchange failed after retries");
+}
+function getStoredApiKey() {
+  if (process.env.CUTLINE_API_KEY) {
+    return {
+      apiKey: process.env.CUTLINE_API_KEY,
+      environment: process.env.CUTLINE_ENV === "staging" ? "staging" : "production"
+    };
+  }
+  try {
+    const configPath = path.join(os.homedir(), ".cutline-mcp", "config.json");
+    if (fs.existsSync(configPath)) {
+      const config = JSON.parse(fs.readFileSync(configPath, "utf-8"));
+      if (config.apiKey) {
+        return { apiKey: config.apiKey, environment: config.environment };
+      }
+    }
+  } catch {
+  }
+  return null;
+}
+async function getStoredToken() {
+  if (process.env.CUTLINE_MCP_REFRESH_TOKEN) {
+    console.error("[MCP Auth] Using token from CUTLINE_MCP_REFRESH_TOKEN env var");
+    return {
+      refreshToken: process.env.CUTLINE_MCP_REFRESH_TOKEN,
+      environment: process.env.CUTLINE_ENV === "staging" ? "staging" : "production"
+    };
+  }
+  try {
+    const configPath = path.join(os.homedir(), ".cutline-mcp", "config.json");
+    if (fs.existsSync(configPath)) {
+      const content = fs.readFileSync(configPath, "utf-8");
+      const config = JSON.parse(content);
+      if (config.refreshToken) {
+        console.error("[MCP Auth] Using token from ~/.cutline-mcp/config.json", config.environment ? `(environment: ${config.environment})` : "");
+        return {
+          refreshToken: config.refreshToken,
+          environment: config.environment
+        };
+      }
+    }
+  } catch (e) {
+    console.error("[MCP Auth] Failed to read config file:", e);
+  }
+  return null;
+}
+async function requirePremiumWithAutoAuth(authToken) {
+  let idToken = authToken;
+  let environment;
+  if (!idToken) {
+    const storedTokenInfo = await getStoredToken();
+    environment = storedTokenInfo?.environment;
+    if (storedTokenInfo) {
+      const { refreshToken } = storedTokenInfo;
+      const apiKeyToUse = await getFirebaseApiKey(environment || "production");
+      const cached = getCachedToken(refreshToken);
+      if (cached) {
+        idToken = cached;
+      } else {
+        try {
+          idToken = await exchangeRefreshToken(refreshToken, apiKeyToUse);
+          setCachedToken(refreshToken, idToken, Date.now() + 50 * 60 * 1e3);
+        } catch (e) {
+          console.error("Token exchange failed:", e);
+          tokenCache.delete(refreshToken);
+        }
+      }
+    }
+  }
+  return await requirePremium(idToken, environment);
+}
+async function requireAuthOnly(authToken) {
+  let idToken = authToken;
+  if (!idToken) {
+    const storedTokenInfo = await getStoredToken();
+    if (storedTokenInfo) {
+      const { refreshToken, environment } = storedTokenInfo;
+      const apiKeyToUse = await getFirebaseApiKey(environment || "production");
+      const cached = getCachedToken(refreshToken);
+      if (cached) {
+        idToken = cached;
+      } else {
+        try {
+          idToken = await exchangeRefreshToken(refreshToken, apiKeyToUse);
+          setCachedToken(refreshToken, idToken, Date.now() + 50 * 60 * 1e3);
+        } catch (e) {
+          console.error("Token exchange failed:", e);
+          tokenCache.delete(refreshToken);
+        }
+      }
+    }
+  }
+  const decoded = await validateAuth(idToken);
+  if (!decoded) {
+    throw new McpError(ErrorCode.InvalidRequest, "Authentication required. Run 'cutline-mcp login' to authenticate.");
+  }
+  return decoded;
+}
+async function resolveAuthContextFree(authToken) {
+  const decoded = await requireAuthOnly(authToken);
+  const accountType = decoded.accountType;
+  const ownerUid = decoded.ownerUid;
+  if (accountType === "agent" && ownerUid) {
+    return { decoded, isAgent: true, effectiveUid: ownerUid };
+  }
+  return { decoded, isAgent: false, effectiveUid: decoded.uid };
+}
+
+// ../mcp/dist/mcp/src/data-client.js
+function getBaseUrl(environment) {
+  return environment === "staging" ? "https://us-central1-cutline-staging.cloudfunctions.net" : "https://us-central1-cutline-prod.cloudfunctions.net";
+}
+var cachedBaseUrl;
+var cachedIdToken;
+var tokenExpiresAt = 0;
+var FIREBASE_API_KEY_CACHE = {};
+async function getFirebaseApiKey2(environment) {
+  const envKey = process.env.FIREBASE_API_KEY || process.env.NEXT_PUBLIC_FIREBASE_API_KEY;
+  if (envKey)
+    return envKey;
+  if (FIREBASE_API_KEY_CACHE.key && FIREBASE_API_KEY_CACHE.env === environment && FIREBASE_API_KEY_CACHE.at && Date.now() - FIREBASE_API_KEY_CACHE.at < 36e5) {
+    return FIREBASE_API_KEY_CACHE.key;
+  }
+  const baseUrl = environment === "staging" ? "https://cutline-staging.web.app" : "https://thecutline.ai";
+  const res = await fetch(`${baseUrl}/api/firebase-config`, {
+    headers: { Accept: "application/json" },
+    signal: AbortSignal.timeout(5e3)
+  });
+  if (!res.ok)
+    throw new Error(`Failed to fetch firebase config: HTTP ${res.status}`);
+  const data = await res.json();
+  if (!data.apiKey)
+    throw new Error("No apiKey in firebase-config response");
+  FIREBASE_API_KEY_CACHE.key = data.apiKey;
+  FIREBASE_API_KEY_CACHE.env = environment;
+  FIREBASE_API_KEY_CACHE.at = Date.now();
+  return data.apiKey;
+}
+async function exchangeRefreshForId(refreshToken, environment) {
+  const apiKey = await getFirebaseApiKey2(environment);
+  const res = await fetch(`https://securetoken.googleapis.com/v1/token?key=${apiKey}`, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ grant_type: "refresh_token", refresh_token: refreshToken }),
+    signal: AbortSignal.timeout(1e4)
+  });
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    throw new Error(`Token exchange failed: ${err?.error?.message || res.status}`);
+  }
+  const data = await res.json();
+  return data.id_token;
+}
+async function resolveAuth() {
+  const apiKeyInfo = getStoredApiKey();
+  if (apiKeyInfo) {
+    return {
+      baseUrl: getBaseUrl(apiKeyInfo.environment),
+      idToken: apiKeyInfo.apiKey
+    };
+  }
+  if (cachedIdToken && Date.now() < tokenExpiresAt && cachedBaseUrl) {
+    return { baseUrl: cachedBaseUrl, idToken: cachedIdToken };
+  }
+  const stored = await getStoredToken();
+  if (!stored) {
+    throw new Error("Not authenticated. Run 'cutline-mcp login' or set CUTLINE_API_KEY.");
+  }
+  const env = stored.environment || "production";
+  const baseUrl = getBaseUrl(env);
+  const idToken = await exchangeRefreshForId(stored.refreshToken, env);
+  cachedBaseUrl = baseUrl;
+  cachedIdToken = idToken;
+  tokenExpiresAt = Date.now() + 50 * 60 * 1e3;
+  return { baseUrl, idToken };
+}
+async function proxy(action, params = {}) {
+  const { baseUrl, idToken } = await resolveAuth();
+  const res = await fetch(`${baseUrl}/mcpDataProxy`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${idToken}`
+    },
+    body: JSON.stringify({ action, params }),
+    signal: AbortSignal.timeout(3e4)
+  });
+  if (!res.ok) {
+    if (res.status === 401) {
+      cachedIdToken = void 0;
+      tokenExpiresAt = 0;
+      throw new Error("Authentication expired \u2014 retrying on next call");
+    }
+    const body = await res.text().catch(() => "");
+    throw new Error(`mcpDataProxy ${action} failed (${res.status}): ${body.slice(0, 200)}`);
+  }
+  return res.json();
+}
+async function listPremortems(opts) {
+  const res = await proxy("premortem.list", opts || {});
+  return res.docs;
+}
+async function getPremortem(id) {
+  const res = await proxy("premortem.get", { id });
+  return res.doc;
+}
+async function createPremortem(data, id) {
+  return proxy("premortem.create", { data, id });
+}
+async function updatePremortem(id, data) {
+  return proxy("premortem.update", { id, data });
+}
+async function getIdeaReport(id) {
+  const res = await proxy("premortem.getIdea", { id });
+  return res.doc;
+}
+async function saveChat(id, data) {
+  return proxy("chat.save", { id, data });
+}
+async function getChat(id) {
+  const res = await proxy("chat.get", { id });
+  return res.doc;
+}
+async function updateChat(id, data) {
+  return proxy("chat.update", { id, data });
+}
+async function createExplorationSession(id, data, collection) {
+  return proxy("exploration.create", { id, data, collection });
+}
+async function getExplorationSession(id, collection) {
+  const res = await proxy("exploration.get", { id, collection });
+  return res.doc;
+}
+async function updateExplorationSession(id, data, collection) {
+  return proxy("exploration.update", { id, data, collection });
+}
+async function listExplorationSessions(collection, limit) {
+  const res = await proxy("exploration.list", { collection, limit });
+  return res.docs;
+}
+async function getAllEntities(productId) {
+  const res = await proxy("graph.getEntities", { productId });
+  return res.docs.map((d) => ({ ...d, ingested_at: new Date(d.ingested_at?._seconds ? d.ingested_at._seconds * 1e3 : d.ingested_at) }));
+}
+async function upsertEntities(productId, _sourceType, _sourceId, entities) {
+  await proxy("graph.upsertEntities", { productId, entities: entities.map((e) => ({ ...e, ingested_at: e.ingested_at?.toISOString?.() ?? e.ingested_at })) });
+}
+async function addEntity(productId, entity) {
+  await proxy("graph.upsertEntities", { productId, entities: [{ ...entity, ingested_at: entity.ingested_at?.toISOString?.() ?? entity.ingested_at }] });
+}
+async function getEntityById(productId, entityId) {
+  const all = await getAllEntities(productId);
+  return all.find((e) => e.id === entityId) ?? null;
+}
+async function getEntitiesWithEmbeddings(productId) {
+  const all = await getAllEntities(productId);
+  return all.filter((e) => e.embedding && e.embedding.length > 0);
+}
+async function updateEntityEmbedding(productId, entityId, embedding) {
+  await proxy("graph.updateEmbedding", { productId, collection: "entities", docId: entityId, embedding });
+}
+async function getAllEdges(productId) {
+  const res = await proxy("graph.getEdges", { productId });
+  return res.docs;
+}
+async function upsertEdges(productId, _sourceId, edges) {
+  await proxy("graph.upsertEdges", { productId, edges });
+}
+async function addEdges(productId, edges) {
+  await proxy("graph.upsertEdges", { productId, edges });
+}
+async function getAllBindings(productId) {
+  const res = await proxy("graph.getBindings", { productId });
+  return res.docs;
+}
+async function getBindingsForEntity(productId, entityId) {
+  const res = await proxy("graph.getBindings", { productId, entityId });
+  return res.docs;
+}
+async function upsertBindings(productId, bindings) {
+  await proxy("graph.upsertBindings", { productId, bindings });
+}
+async function deleteBinding(productId, bindingId) {
+  await proxy("graph.upsertBindings", { productId, deleteIds: [bindingId] });
+}
+var NODE_CACHE_TTL = 10 * 60 * 1e3;
+var nodeCache = /* @__PURE__ */ new Map();
+var lightNodeCache = /* @__PURE__ */ new Map();
+function invalidateNodeCache(productId) {
+  nodeCache.delete(productId);
+  lightNodeCache.delete(productId);
+}
+async function getAllNodes(productId) {
+  const cached = nodeCache.get(productId);
+  if (cached && Date.now() - cached.fetchedAt < NODE_CACHE_TTL)
+    return cached.nodes;
+  const res = await proxy("graph.getNodes", { productId });
+  const nodes = res.docs.map((d) => ({
+    ...d,
+    ingested_at: new Date(d.ingested_at?._seconds ? d.ingested_at._seconds * 1e3 : d.ingested_at)
+  }));
+  nodeCache.set(productId, { nodes, fetchedAt: Date.now() });
+  return nodes;
+}
+async function getAllNodesLight(productId) {
+  const cached = lightNodeCache.get(productId);
+  if (cached && Date.now() - cached.fetchedAt < NODE_CACHE_TTL)
+    return cached.nodes;
+  const res = await proxy("graph.getNodes", { productId, light: true });
+  const nodes = res.docs.map((d) => ({
+    ...d,
+    ingested_at: new Date(d.ingested_at?._seconds ? d.ingested_at._seconds * 1e3 : d.ingested_at)
+  }));
+  lightNodeCache.set(productId, { nodes, fetchedAt: Date.now() });
+  return nodes;
+}
+async function getNodesByCategories(productId, categories) {
+  const res = await proxy("graph.getNodes", { productId, categories: categories.slice(0, 10) });
+  return res.docs.map((d) => ({
+    ...d,
+    ingested_at: new Date(d.ingested_at?._seconds ? d.ingested_at._seconds * 1e3 : d.ingested_at)
+  }));
+}
+async function getNodesBySource(productId, sourceType) {
+  const res = await proxy("graph.getNodes", { productId, sourceType });
+  return res.docs.map((d) => ({
+    ...d,
+    ingested_at: new Date(d.ingested_at?._seconds ? d.ingested_at._seconds * 1e3 : d.ingested_at)
+  }));
+}
+async function upsertNodes(productId, _sourceType, _sourceId, nodes) {
+  await proxy("graph.upsertNodes", { productId, nodes: nodes.map((n) => ({ ...n, ingested_at: n.ingested_at?.toISOString?.() ?? n.ingested_at })) });
+  invalidateNodeCache(productId);
+}
+async function addNodes(productId, nodes) {
+  await proxy("graph.upsertNodes", { productId, nodes: nodes.map((n) => ({ ...n, ingested_at: n.ingested_at?.toISOString?.() ?? n.ingested_at })) });
+  invalidateNodeCache(productId);
+}
+async function deleteAllNodes(productId) {
+  await proxy("graph.deleteAll", { productId });
+  invalidateNodeCache(productId);
+}
+async function hasConstraints(productId) {
+  const res = await proxy("graph.hasConstraints", { productId });
+  return res.hasConstraints;
+}
+async function searchNodesByKeywords(productId, keywords) {
+  const allNodes = await getAllNodes(productId);
+  const lowerKeywords = keywords.map((k) => k.toLowerCase());
+  return allNodes.filter((node) => {
+    const nodeKeywords = (node.keywords || []).map((k) => k.toLowerCase());
+    return lowerKeywords.some((kw) => nodeKeywords.some((nk) => nk.includes(kw) || kw.includes(nk)));
+  });
+}
+async function getNodesWithEmbeddings(productId) {
+  const all = await getAllNodes(productId);
+  return all.filter((n) => n.embedding && n.embedding.length > 0);
+}
+async function getNodesMissingEmbeddings(productId) {
+  const all = await getAllNodes(productId);
+  return all.filter((n) => !n.embedding || n.embedding.length === 0);
+}
+async function updateNodeEmbeddings(productId, updates) {
+  for (const { id, embedding } of updates) {
+    await proxy("graph.updateEmbedding", { productId, collection: "nodes", docId: id, embedding });
+  }
+  invalidateNodeCache(productId);
+}
+async function addTestCases(productId, cases) {
+  await proxy("graph.addTestCases", { productId, testCases: cases });
+}
+async function getTestCasesForEntity(productId, entityId) {
+  const res = await proxy("graph.getTestCases", { productId, entityId });
+  return res.docs;
+}
+async function getTestCasesForProduct(productId) {
+  const res = await proxy("graph.getTestCases", { productId });
+  return res.docs;
+}
+async function getGraphMetadata(productId) {
+  const res = await proxy("graph.getMeta", { productId });
+  if (!res.doc)
+    return null;
+  const data = res.doc;
+  return { ...data, last_build: new Date(data.last_build?._seconds ? data.last_build._seconds * 1e3 : data.last_build ?? Date.now()) };
+}
+async function updateGraphMetadata(productId, meta) {
+  const payload = { ...meta };
+  if (meta.last_build instanceof Date) {
+    payload.last_build = meta.last_build.toISOString();
+  }
+  await proxy("graph.updateMeta", { productId, data: payload });
+}
+async function recordScoreSnapshot(productId, metrics, event, _eventDetail) {
+  try {
+    const snapshot = {
+      engineering_readiness_pct: Math.round(metrics.engineering_readiness_pct ?? 0),
+      security_readiness_pct: Math.round(metrics.security_readiness_pct ?? 0),
+      reliability_readiness_pct: Math.round(metrics.reliability_readiness_pct ?? 0),
+      scalability_readiness_pct: Math.round(metrics.scalability_readiness_pct ?? 0),
+      nfr_coverage_pct: Math.round((metrics.nfr_coverage?.overall ?? 0) * 100),
+      speedup_factor: metrics.time_estimate?.speedup_factor ?? 1,
+      event,
+      ..._eventDetail ? { event_detail: _eventDetail } : {},
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    const snapshotId = `score_${Date.now()}_${Math.random().toString(36).slice(2, 7)}`;
+    const prefix = "result.decision.productionalization_feasibility";
+    const jobUpdate = {
+      [`${prefix}.engineering_readiness_pct`]: snapshot.engineering_readiness_pct,
+      [`${prefix}.security_readiness_pct`]: snapshot.security_readiness_pct,
+      [`${prefix}.reliability_readiness_pct`]: snapshot.reliability_readiness_pct,
+      [`${prefix}.scalability_readiness_pct`]: snapshot.scalability_readiness_pct,
+      [`${prefix}.nfr_coverage_pct`]: snapshot.nfr_coverage_pct
+    };
+    await proxy("graph.recordScore", { productId, snapshotId, snapshot, jobUpdate });
+  } catch (err) {
+    console.error("[score-history] Failed to record snapshot:", err.message);
+  }
+}
+async function deleteGraphData(productId) {
+  await proxy("graph.deleteAll", { productId });
+  invalidateNodeCache(productId);
+}
+async function getReadinessReport(id) {
+  const res = await proxy("readiness.get", { id });
+  return res.doc;
+}
+async function saveReadinessReport(id, data) {
+  return proxy("readiness.save", { id, data });
+}
+async function generateReadinessReportViaProxy(input) {
+  const { productId, ownerUid, computeMetricsFromGraph: computeMetrics, computeGrade } = input;
+  const [entities, edges, constraintNodes, bindings] = await Promise.all([
+    getAllEntities(productId),
+    getAllEdges(productId),
+    getAllNodes(productId),
+    getAllBindings(productId)
+  ]);
+  if (entities.length === 0 && constraintNodes.length === 0) {
+    throw new Error(`No graph data for product "${productId}". Run graph_ingest_requirements or constraints_ingest first.`);
+  }
+  const metrics = computeMetrics(entities, edges, constraintNodes, bindings);
+  const readinessPct = metrics.engineering_readiness_pct ?? 0;
+  const jobData = await getPremortem(productId);
+  const result = jobData?.result;
+  const productName = result?.project?.name || jobData?.payload?.project?.name || "Untitled Product";
+  const verdict = result?.decision?.recommendation;
+  const techStack = entities.filter((e) => e.type === "component").map((e) => e.name).slice(0, 15);
+  const reportId = productId;
+  const now = /* @__PURE__ */ new Date();
+  const existing = await getReadinessReport(reportId);
+  const report = {
+    productId,
+    productName,
+    ownerUid,
+    grade: computeGrade(readinessPct),
+    readinessPct: Math.round(readinessPct),
+    securityReadinessPct: Math.round(metrics.security_readiness_pct ?? 0),
+    reliabilityReadinessPct: Math.round(metrics.reliability_readiness_pct ?? 0),
+    scalabilityReadinessPct: Math.round(metrics.scalability_readiness_pct ?? 0),
+    nfrCoverage: metrics.nfr_coverage,
+    timeEstimate: {
+      unassisted_hours: metrics.time_estimate.unassisted_hours,
+      assisted_hours: metrics.time_estimate.assisted_hours,
+      speedup_factor: metrics.time_estimate.speedup_factor
+    },
+    complexityFactors: {
+      entity_count: metrics.complexity_factors.entity_count,
+      nfr_count: metrics.complexity_factors.nfr_count,
+      critical_nfr_count: metrics.complexity_factors.critical_nfr_count,
+      pii_data_types: metrics.complexity_factors.pii_data_types,
+      conflict_count: metrics.complexity_factors.conflict_count
+    },
+    rgrCompletedPhases: metrics.rgr_completed_phases ?? [],
+    complianceFrameworks: metrics.compliance_frameworks ?? [],
+    verdict,
+    techStack,
+    public: true,
+    createdAt: existing?.createdAt ? new Date(existing.createdAt) : now,
+    updatedAt: now
+  };
+  await saveReadinessReport(reportId, report);
+  return { report, reportId };
+}
+async function listTemplates(opts) {
+  const res = await proxy("template.list", opts || {});
+  return res.docs;
+}
+async function getTemplate(id) {
+  const res = await proxy("template.get", { id });
+  return res.doc;
+}
+async function createTemplate(data, id) {
+  return proxy("template.create", { data, id });
+}
+async function updateTemplate(id, data) {
+  return proxy("template.update", { id, data });
+}
+async function saveScanReport(data, collection, id) {
+  return proxy("scan.save", { data, collection, id });
+}
+async function getScanRateLimit() {
+  return proxy("scan.rateCheck", {});
+}
+async function updateScanRateLimit(data) {
+  return proxy("scan.rateUpdate", { data });
+}
+async function listPersonas(productId) {
+  const res = await proxy("persona.list", { productId });
+  return res.docs;
+}
+async function getPersona(personaId) {
+  const res = await proxy("persona.get", { id: personaId });
+  return res.doc;
+}
+async function callCF(functionName, body, timeoutMs = 6e4) {
+  const { baseUrl, idToken } = await resolveAuth();
+  const res = await fetch(`${baseUrl}/${functionName}`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${idToken}`
+    },
+    body: JSON.stringify(body),
+    signal: AbortSignal.timeout(timeoutMs)
+  });
+  if (!res.ok) {
+    if (res.status === 401) {
+      cachedIdToken = void 0;
+      tokenExpiresAt = 0;
+    }
+    const text = await res.text().catch(() => "");
+    throw new Error(`CF ${functionName} failed (${res.status}): ${text.slice(0, 300)}`);
+  }
+  return res.json();
+}
+async function callCFGet(functionName, query, timeoutMs = 3e4) {
+  const { baseUrl, idToken } = await resolveAuth();
+  const qs = new URLSearchParams(query).toString();
+  const res = await fetch(`${baseUrl}/${functionName}?${qs}`, {
+    method: "GET",
+    headers: { Authorization: `Bearer ${idToken}` },
+    signal: AbortSignal.timeout(timeoutMs)
+  });
+  if (!res.ok) {
+    if (res.status === 401) {
+      cachedIdToken = void 0;
+      tokenExpiresAt = 0;
+    }
+    const text = await res.text().catch(() => "");
+    throw new Error(`CF ${functionName} failed (${res.status}): ${text.slice(0, 300)}`);
+  }
+  return res.json();
+}
+async function cfGenerateTrialRun(prompt) {
+  const res = await callCF("trialRun", { prompt });
+  return res.text;
+}
+async function cfGenerateChatSuggestion(prompt, wikiMarkdown) {
+  const res = await callCF("agentChat", { prompt, wikiMarkdown });
+  return res.text;
+}
+async function cfGenerateAnswer(question, doc) {
+  return callCF("qaAnswer", { question, doc });
+}
+async function cfChatWithPersona(persona, userMessage, product, conversationHistory) {
+  return callCF("personaAgent", { persona, userMessage, product, conversationHistory });
+}
+async function cfGenerateTemplateResponse(message, context) {
+  return callCF("templateDiscoveryAgent", { message, context }, 12e4);
+}
+async function cfGenerateExplorationResponse(message, context) {
+  return callCF("explorationAgent", { message, context }, 12e4);
+}
+async function cfBuildAndUploadPdf(doc) {
+  return callCF("premortemPdf", doc, 6e4);
+}
+async function cfGetWikiMarkdown(projectId) {
+  const res = await callCFGet("wikiLoad", { projectId });
+  return res.markdown;
+}
+async function cfSaveWikiMarkdown(projectId, markdown) {
+  await callCF("wikiSave", { projectId, markdown });
+}
+async function cfApplyEdits(edits) {
+  return callCF("applyWikiEdits", { edits });
+}
+async function cfPremortemRun(input) {
+  return callCF("premortemRun", input, 6e5);
+}
+async function cfPremortemStart(input) {
+  return callCF("premortemStart", input, 3e4);
+}
+async function cfPremortemKick(jobId) {
+  return callCF("premortemKick", { id: jobId }, 6e5);
+}
+async function cfPremortemChatAgent(message, context) {
+  return callCF("premortemChatAgent", { message, context }, 12e4);
+}
+async function cfRegenAssumptions(input, doc) {
+  return callCF("regenAssumptions", { input, doc }, 9e4);
+}
+async function cfRegenExperiments(input, doc) {
+  return callCF("regenExperiments", { input, doc }, 9e4);
+}
+async function cfGenerateStructuredContent(options) {
+  const res = await proxy("llm.generate", options);
+  return res.text;
+}
+async function cfGenerateEmbeddings(texts, taskType = "RETRIEVAL_DOCUMENT") {
+  return proxy("embeddings.generate", { texts, taskType });
+}
+async function cfExplorationAgent(message, context) {
+  return callCF("explorationAgent", { message, context }, 12e4);
+}
+async function cfConsultingDiscoveryAgent(message, context) {
+  return callCF("consultingDiscoveryAgent", { message, context }, 12e4);
+}
+async function cfCreateLinearIssues(schema_json, limit) {
+  return callCF("integrationsIssues", { schema_json, limit });
+}
+function generatePodcastTagline(persona) {
+  const riskTolerance = persona.personality?.risk_tolerance;
+  const decisionStyle = persona.grounding?.behaviorGuardrails?.decisionStyle;
+  const skepticism = persona.grounding?.behaviorGuardrails?.skepticismLevel;
+  const descriptors = [];
+  if (skepticism !== void 0) {
+    if (skepticism >= 7)
+      descriptors.push("skeptical");
+    else if (skepticism <= 3)
+      descriptors.push("enthusiastic");
+  }
+  if (decisionStyle) {
+    const map = { impulsive: "decisive", methodical: "thorough", "consensus-seeking": "collaborative", "data-driven": "analytical" };
+    descriptors.push(map[decisionStyle] || decisionStyle);
+  }
+  if (riskTolerance) {
+    const map = { low: "cautious", medium: "pragmatic", high: "bold" };
+    descriptors.push(map[riskTolerance] || riskTolerance);
+  }
+  const role = persona.role?.split(" ").pop() || "professional";
+  return `The ${descriptors[0] || "insightful"} ${role}`;
+}
+function generatePodcastIntro(persona) {
+  const name = persona.name;
+  const role = persona.role || "our guest";
+  const traits = persona.personality?.traits?.slice(0, 2);
+  const traitsStr = traits?.length ? `, known for being ${traits.join(" and ")}` : "";
+  const firstGoal = persona.behaviors?.goals?.[0];
+  const goalStr = firstGoal ? ` Their focus: ${firstGoal}.` : "";
+  return `Joining us is ${name}, ${role}${traitsStr}.${goalStr}`;
+}
+function formatPodcastIntro(persona) {
+  return {
+    id: persona.id,
+    name: persona.name,
+    tagline: persona.podcast?.tagline || generatePodcastTagline(persona),
+    intro: persona.podcast?.intro || generatePodcastIntro(persona),
+    perspective: persona.podcast?.perspective || null,
+    signatureTraits: persona.podcast?.signatureTraits || [],
+    voiceId: persona.podcast?.voiceId || null,
+    voiceStyle: persona.podcast?.voiceStyle || null
+  };
+}
+async function getPodcastIntroductions(productId, format = "json") {
+  const personas = await listPersonas(productId);
+  const introductions = personas.map(formatPodcastIntro);
+  if (format === "script") {
+    const script = introductions.map((p, i) => {
+      const prefix = i === 0 ? "Our first guest today" : i === introductions.length - 1 ? "And finally" : "Also joining us";
+      const traits = p.signatureTraits.length > 0 ? ` Watch out for their signature move: ${p.signatureTraits[0]}.` : "";
+      return `${prefix} \u2014 ${p.tagline}. ${p.intro}${traits}`;
+    }).join("\n\n");
+    return { format: "script", script, participants: introductions };
+  }
+  if (format === "bullets") {
+    const bullets = introductions.map((p) => {
+      const traits = p.signatureTraits.length > 0 ? `
+   \u2022 Traits: ${p.signatureTraits.join(", ")}` : "";
+      const voice = p.voiceId ? `
+   \u2022 Voice: ${p.voiceId} (${p.voiceStyle || "default"})` : "";
+      return `\u2022 ${p.name}: "${p.tagline}"${traits}${voice}`;
+    }).join("\n\n");
+    return { format: "bullets", bullets, participants: introductions };
+  }
+  return { format: "json", participants: introductions };
+}
+
+export {
+  validateRequestSize,
+  mapErrorToMcp,
+  validateAuth,
+  resolveAuthContext,
+  requirePremiumWithAutoAuth,
+  resolveAuthContextFree,
+  listPremortems,
+  getPremortem,
+  createPremortem,
+  updatePremortem,
+  getIdeaReport,
+  saveChat,
+  getChat,
+  updateChat,
+  createExplorationSession,
+  getExplorationSession,
+  updateExplorationSession,
+  listExplorationSessions,
+  getAllEntities,
+  upsertEntities,
+  addEntity,
+  getEntityById,
+  getEntitiesWithEmbeddings,
+  updateEntityEmbedding,
+  getAllEdges,
+  upsertEdges,
+  addEdges,
+  getAllBindings,
+  getBindingsForEntity,
+  upsertBindings,
+  deleteBinding,
+  getAllNodes,
+  getAllNodesLight,
+  getNodesByCategories,
+  getNodesBySource,
+  upsertNodes,
+  addNodes,
+  deleteAllNodes,
+  hasConstraints,
+  searchNodesByKeywords,
+  getNodesWithEmbeddings,
+  getNodesMissingEmbeddings,
+  updateNodeEmbeddings,
+  addTestCases,
+  getTestCasesForEntity,
+  getTestCasesForProduct,
+  getGraphMetadata,
+  updateGraphMetadata,
+  recordScoreSnapshot,
+  deleteGraphData,
+  getReadinessReport,
+  saveReadinessReport,
+  generateReadinessReportViaProxy,
+  listTemplates,
+  getTemplate,
+  createTemplate,
+  updateTemplate,
+  saveScanReport,
+  getScanRateLimit,
+  updateScanRateLimit,
+  listPersonas,
+  getPersona,
+  cfGenerateTrialRun,
+  cfGenerateChatSuggestion,
+  cfGenerateAnswer,
+  cfChatWithPersona,
+  cfGenerateTemplateResponse,
+  cfGenerateExplorationResponse,
+  cfBuildAndUploadPdf,
+  cfGetWikiMarkdown,
+  cfSaveWikiMarkdown,
+  cfApplyEdits,
+  cfPremortemRun,
+  cfPremortemStart,
+  cfPremortemKick,
+  cfPremortemChatAgent,
+  cfRegenAssumptions,
+  cfRegenExperiments,
+  cfGenerateStructuredContent,
+  cfGenerateEmbeddings,
+  cfExplorationAgent,
+  cfConsultingDiscoveryAgent,
+  cfCreateLinearIssues,
+  getPodcastIntroductions
+};