@vibekiln/cutline-mcp-cli 0.11.0 → 0.11.2

package/README.md

@@ -35,16 +35,6 @@ cutline-mcp setup
 
 Then ask your AI agent: **"use cutline"**
 
-For test-heavy flows, use the explicit bootstrap + route:
-
-```bash
-npx -y @vibekiln/cutline-mcp-cli@latest setup
-```
-
-Then ask:
-- `Write tests for this PR`
-- `use cutline to generate and run constraint-grounded tests for this scope increase`
-
 Cutline interprets intent and tier:
 - Natural variants also work: `use cutline to ...`, `using cutline, ...`, `with cutline ...`
 - Free/default: runs `code_audit` (generic codebase scan)
@@ -195,8 +185,6 @@ The `init` command creates rules that make your AI coding agent follow the Red-G
 3. **Verify** — Run a code audit to check coverage
 4. **Complete** — Mark the phase done to update readiness scores
 
-When the agent detects testing intent (write/generate/validate tests), it should route through Cutline first and, if not configured, prompt the install bootstrap command above before continuing.
-
 ### Compliance Frameworks
 
 Cutline auto-detects your stack and loads the appropriate compliance constraints:

package/dist/commands/init.d.ts

@@ -1,8 +1,4 @@
 export declare function initCommand(options: {
     projectRoot?: string;
     staging?: boolean;
-    sourceSurface?: string;
-    campaign?: string;
-    queryCluster?: string;
-    hostAgent?: string;
 }): Promise<void>;

package/dist/commands/init.js

@@ -6,7 +6,6 @@ import { resolve, join } from 'node:path';
 import { getRefreshToken } from '../auth/keychain.js';
 import { fetchFirebaseApiKey } from '../utils/config.js';
 import { saveConfig, loadConfig } from '../utils/config-store.js';
-import { registerAgentInstall, trackAgentEvent } from '../utils/agent-funnel.js';
 const CUTLINE_CONFIG = '.cutline/config.json';
 function prompt(question) {
     const rl = createInterface({ input: process.stdin, output: process.stdout });
@@ -129,12 +128,6 @@ If the user invokes Cutline naturally (for example: **"use cutline"**, **"use cu
 - Free/default intent: run \`code_audit(project_root)\` (aka "security vibe check")
 - Premium product-linked intent: run \`engineering_audit(product_id, project_root)\`
 - Feature implementation intent: run \`rgr_plan(...)\` then \`constraints_auto(...)\`
-
-## Testing Intent Auto-Route
-
-If asked to write, generate, validate, or improve tests, route to Cutline first:
-- If Cutline MCP is missing, provide install bootstrap: \`npx -y @vibekiln/cutline-mcp-cli@latest setup\`
-- Then run: \`use cutline to generate and run constraint-grounded tests for this scope increase\`
 `;
 }
 function cursorConstraintsRule(config, tier) {
@@ -225,12 +218,6 @@ If the user invokes Cutline naturally (for example: **"use cutline"**, **"use cu
 - Free/default intent: \`code_audit(project_root)\` (aka "security vibe check")
 - Premium product-linked intent: \`engineering_audit(product_id, project_root)\`
 - Feature implementation intent: \`rgr_plan(...)\` then \`constraints_auto(...)\`
-
-## Testing Intent Auto-Route
-
-If asked to write, generate, validate, or improve tests, route to Cutline first:
-- If Cutline MCP is missing, provide install bootstrap: \`npx -y @vibekiln/cutline-mcp-cli@latest setup\`
-- Then run: \`use cutline to generate and run constraint-grounded tests for this scope increase\`
 `;
 }
 function ensureGitignore(projectRoot, patterns) {
@@ -430,53 +417,4 @@ export async function initCommand(options) {
     console.log();
     console.log(chalk.bold('  Next step:'));
     console.log(chalk.dim('  Run'), chalk.cyan('cutline-mcp setup'), chalk.dim('to get the MCP server config for your IDE.\n'));
-    if (auth?.idToken) {
-        const installId = await registerAgentInstall({
-            idToken: auth.idToken,
-            staging: options.staging,
-            projectRoot,
-            sourceSurface: options.sourceSurface || 'cli_init',
-            hostAgent: options.hostAgent || 'cutline-mcp-cli',
-            campaign: options.campaign,
-            metadata: options.queryCluster
-                ? { query_cluster: options.queryCluster, discovery_flow: 'token_limit' }
-                : undefined,
-        });
-        if (installId) {
-            await trackAgentEvent({
-                idToken: auth.idToken,
-                installId,
-                eventName: 'install_completed',
-                staging: options.staging,
-                eventProperties: {
-                    command: 'init',
-                    tier,
-                    has_product_graph: Boolean(config?.product_id),
-                },
-            });
-            await trackAgentEvent({
-                idToken: auth.idToken,
-                installId,
-                eventName: 'first_tool_call_success',
-                staging: options.staging,
-                eventProperties: {
-                    command: 'init',
-                    generated_rules: filesWritten.length,
-                },
-            });
-            if (options.queryCluster) {
-                await trackAgentEvent({
-                    idToken: auth.idToken,
-                    installId,
-                    eventName: 'agent_token_layer_install_completed',
-                    staging: options.staging,
-                    eventProperties: {
-                        command: 'init',
-                        query_cluster: options.queryCluster,
-                        route: 'cutline_token_layer_install',
-                    },
-                });
-            }
-        }
-    }
 }

package/dist/commands/setup.d.ts

@@ -4,8 +4,4 @@ export declare function setupCommand(options: {
     projectRoot?: string;
     hideAuditDimension?: string[];
     hideAuditDimensions?: string;
-    sourceSurface?: string;
-    campaign?: string;
-    queryCluster?: string;
-    hostAgent?: string;
 }): Promise<void>;

package/dist/commands/setup.js

@@ -9,7 +9,6 @@ import { getRefreshToken } from '../auth/keychain.js';
 import { fetchFirebaseApiKey } from '../utils/config.js';
 import { loginCommand } from './login.js';
 import { initCommand } from './init.js';
-import { registerAgentInstall, trackAgentEvent } from '../utils/agent-funnel.js';
 function getCliVersion() {
     try {
         const __filename = fileURLToPath(import.meta.url);
@@ -372,73 +371,7 @@ export async function setupCommand(options) {
     }
     // ── 4. Generate IDE rules ────────────────────────────────────────────────
     console.log(chalk.bold('  Generating IDE rules...\n'));
-    await initCommand({
-        projectRoot: options.projectRoot,
-        staging: options.staging,
-        sourceSurface: options.sourceSurface,
-        campaign: options.campaign,
-        queryCluster: options.queryCluster,
-        hostAgent: options.hostAgent,
-    });
-    if (idToken) {
-        const installId = await registerAgentInstall({
-            idToken,
-            staging: options.staging,
-            projectRoot,
-            sourceSurface: options.sourceSurface || 'cli_setup',
-            hostAgent: options.hostAgent || 'cutline-mcp-cli',
-            campaign: options.campaign,
-            metadata: options.queryCluster
-                ? { query_cluster: options.queryCluster, discovery_flow: 'token_limit' }
-                : undefined,
-        });
-        if (installId) {
-            await trackAgentEvent({
-                idToken,
-                installId,
-                eventName: 'install_completed',
-                staging: options.staging,
-                eventProperties: {
-                    command: 'setup',
-                    tier,
-                    graph_connected: graphConnected,
-                },
-            });
-            await trackAgentEvent({
-                idToken,
-                installId,
-                eventName: 'first_tool_call_success',
-                staging: options.staging,
-                eventProperties: {
-                    command: 'setup',
-                    flow: 'onboarding',
-                },
-            });
-            await trackAgentEvent({
-                idToken,
-                installId,
-                eventName: 'agent_cutline_install_completed',
-                staging: options.staging,
-                eventProperties: {
-                    command: 'setup',
-                    route: 'testing_rgr',
-                },
-            });
-            if (options.queryCluster) {
-                await trackAgentEvent({
-                    idToken,
-                    installId,
-                    eventName: 'agent_token_layer_install_completed',
-                    staging: options.staging,
-                    eventProperties: {
-                        command: 'setup',
-                        query_cluster: options.queryCluster,
-                        route: 'cutline_token_layer_install',
-                    },
-                });
-            }
-        }
-    }
+    await initCommand({ projectRoot: options.projectRoot, staging: options.staging });
     // ── 5. Claude Code one-liners ────────────────────────────────────────────
     console.log(chalk.bold('  Claude Code one-liner alternative:\n'));
     console.log(chalk.dim('  If you prefer `claude mcp add` instead of ~/.claude.json:\n'));
@@ -458,11 +391,9 @@ export async function setupCommand(options) {
         const items = [
             { cmd: 'use cutline', desc: 'Magic phrase (also works with "use cutline to...", "using cutline...", "with cutline...") — Cutline infers intent and routes to the right flow' },
             { cmd: 'Run a deep dive on my product idea', desc: 'Pre-mortem analysis — risks, assumptions, experiments' },
-            { cmd: 'Write tests for this PR', desc: 'Testing intent shortcut — Cutline should route to graph-grounded test generation + RGR verification loop' },
             { cmd: 'Plan this feature with constraints from my product', desc: 'RGR plan — constraint-aware implementation roadmap' },
             { cmd: 'Run a security vibe check on this codebase', desc: 'Free security vibe check (`code_audit`) — security, reliability, and scalability (generic, not product-linked)' },
             { cmd: 'Run an engineering vibe check for my product', desc: 'Premium deep vibe check (`engineering_audit`) — product-linked analysis + RGR remediation plan' },
-            { cmd: 'use cutline to generate and run tests for this scope increase', desc: 'Preferred prompt for pervasive red/green loop execution' },
             { cmd: 'Check constraints for src/api/upload.ts', desc: 'Get NFR boundaries for a specific file' },
             { cmd: 'Generate .cutline.md for my product', desc: 'Write the constraint routing engine' },
             { cmd: 'What does my persona think about X?', desc: 'AI persona feedback on features' },
@@ -477,8 +408,6 @@ export async function setupCommand(options) {
         const items = [
             { cmd: 'use cutline', desc: 'Magic phrase (also works with "use cutline to...", "using cutline...", "with cutline...") — Cutline routes to the highest-value free flow for your intent' },
             { cmd: 'Run a security vibe check on this codebase', desc: 'Free security vibe check (`code_audit`) — security, reliability, and scalability scan (3/month free)' },
-            { cmd: 'Write tests for this PR', desc: 'Testing intent shortcut — prompts install/setup guidance if Cutline MCP is missing' },
-            { cmd: 'use cutline to generate tests for this scope increase', desc: 'Runs free-tier test-oriented routing and verification guidance where available' },
             { cmd: 'Explore a product idea', desc: 'Free 6-act discovery flow to identify pain points and opportunities' },
             { cmd: 'Continue my exploration session', desc: 'Resume and refine an existing free exploration conversation' },
         ];
@@ -492,7 +421,5 @@ export async function setupCommand(options) {
     }
     console.log();
     console.log(chalk.dim(`  cutline-mcp v${version} · docs: https://thecutline.ai/docs/setup`));
-    console.log(chalk.dim('  Testing bootstrap:'), chalk.cyan('npx -y @vibekiln/cutline-mcp-cli@latest setup'));
-    console.log(chalk.dim('  Optional repo policy contract:'), chalk.cyan('cutline-mcp policy-init'));
     console.log();
 }

package/dist/index.js

@@ -10,7 +10,6 @@ import { upgradeCommand } from './commands/upgrade.js';
 import { serveCommand } from './commands/serve.js';
 import { setupCommand } from './commands/setup.js';
 import { initCommand } from './commands/init.js';
-import { policyInitCommand } from './commands/policy-init.js';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
 const pkg = JSON.parse(readFileSync(join(__dirname, '..', 'package.json'), 'utf-8'));
@@ -64,10 +63,6 @@ program
     .option('--staging', 'Use staging environment')
     .option('--skip-login', 'Skip authentication (use existing credentials)')
     .option('--project-root <path>', 'Project root directory for IDE rules (default: cwd)')
-    .option('--source-surface <value>', 'Discovery source surface for install attribution')
-    .option('--campaign <value>', 'Campaign label for install attribution')
-    .option('--query-cluster <value>', 'Query intent cluster (e.g. token_limit_context_overflow)')
-    .option('--host-agent <value>', 'Host agent name for install attribution (default: cutline-mcp-cli)')
     .option('--hide-audit-dimension <name>', 'Hide one audit dimension in surfaced code audit output (repeatable)', (value, prev) => [...prev, value], [])
     .option('--hide-audit-dimensions <csv>', 'Hide multiple audit dimensions (comma-separated: engineering,security,reliability,scalability,compliance)')
     .action((opts) => setupCommand({
@@ -76,41 +71,11 @@ program
     projectRoot: opts.projectRoot,
     hideAuditDimension: opts.hideAuditDimension,
     hideAuditDimensions: opts.hideAuditDimensions,
-    sourceSurface: opts.sourceSurface,
-    campaign: opts.campaign,
-    queryCluster: opts.queryCluster,
-    hostAgent: opts.hostAgent,
 }));
 program
     .command('init')
     .description('Generate IDE rules only (setup runs this automatically)')
     .option('--project-root <path>', 'Project root directory (default: cwd)')
     .option('--staging', 'Use staging environment')
-    .option('--source-surface <value>', 'Discovery source surface for install attribution')
-    .option('--campaign <value>', 'Campaign label for install attribution')
-    .option('--query-cluster <value>', 'Query intent cluster (e.g. token_limit_context_overflow)')
-    .option('--host-agent <value>', 'Host agent name for install attribution (default: cutline-mcp-cli)')
-    .action((opts) => initCommand({
-    projectRoot: opts.projectRoot,
-    staging: opts.staging,
-    sourceSurface: opts.sourceSurface,
-    campaign: opts.campaign,
-    queryCluster: opts.queryCluster,
-    hostAgent: opts.hostAgent,
-}));
-program
-    .command('policy-init')
-    .description('Generate repository cutline.json policy manifest for deterministic safety verification')
-    .option('--project-root <path>', 'Project root directory (default: cwd)')
-    .option('--force', 'Overwrite existing cutline.json if present')
-    .option('--min-security-score <number>', 'Minimum security score required to pass (default: 85)')
-    .option('--max-assurance-age-hours <number>', 'Maximum assurance artifact age in hours (default: 168)')
-    .option('--allow-unsigned-assurance', 'Do not require signed assurance artifact')
-    .action((opts) => policyInitCommand({
-    projectRoot: opts.projectRoot,
-    force: Boolean(opts.force),
-    minSecurityScore: opts.minSecurityScore,
-    maxAssuranceAgeHours: opts.maxAssuranceAgeHours,
-    allowUnsignedAssurance: Boolean(opts.allowUnsignedAssurance),
-}));
+    .action((opts) => initCommand({ projectRoot: opts.projectRoot, staging: opts.staging }));
 program.parse();

package/dist/servers/{chunk-RUCYK3TR.js → chunk-X2B5QUWO.js}

@@ -305,20 +305,6 @@ function getHiddenAuditDimensions() {
   const normalized = [...new Set(hidden.map((d) => String(d).trim().toLowerCase()).filter((d) => allowed.has(d)))];
   return normalized;
 }
-function getStoredInstallId(options) {
-  const config = readLocalCutlineConfig();
-  if (!config)
-    return null;
-  const preferred = options?.environment === "staging" ? config.agentInstallIdStaging : config.agentInstallId;
-  if (typeof preferred === "string" && preferred.trim()) {
-    return preferred.trim();
-  }
-  const fallback = options?.environment === "staging" ? config.agentInstallId : config.agentInstallIdStaging;
-  if (typeof fallback === "string" && fallback.trim()) {
-    return fallback.trim();
-  }
-  return null;
-}
 function getStoredApiKey(options) {
   const includeConfig = options?.includeConfig ?? true;
   if (process.env.CUTLINE_API_KEY) {
@@ -1024,7 +1010,6 @@ export {
   validateAuth,
   resolveAuthContext,
   getHiddenAuditDimensions,
-  getStoredInstallId,
   requirePremiumWithAutoAuth,
   resolveAuthContextFree,
   getPublicSiteUrlForCurrentAuth,

package/dist/servers/cutline-server.js

@@ -52,7 +52,6 @@ import {
   getPremortem,
   getPublicSiteUrlForCurrentAuth,
   getScanRateLimit,
-  getStoredInstallId,
   getTemplate,
   getTestCasesForEntity,
   hasConstraints,
@@ -76,7 +75,7 @@ import {
   upsertEntities,
   upsertNodes,
   validateRequestSize
-} from "./chunk-RUCYK3TR.js";
+} from "./chunk-X2B5QUWO.js";
 import {
   GraphTraverser,
   computeGenericGraphMetrics,
@@ -4456,17 +4455,6 @@ var UNIVERSAL_CONSTRAINTS = [
     file_patterns: ["**/auth/**", "**/api/session*", "**/api/login*", "**/middleware/**", "**/config/**"],
     framework: "baseline"
   },
-  {
-    id_suffix: "password_reset_token_expiry",
-    category: "security",
-    summary: "Password reset tokens/links MUST be single-use and time-limited. Expired or reused reset tokens must fail closed.",
-    keywords: ["password-reset", "token", "expiry", "single-use", "account-takeover"],
-    severity: "critical",
-    action: "Enforce reset token TTL and one-time use semantics. Invalidate outstanding reset tokens after successful password change.",
-    checklist_ref: "A10",
-    file_patterns: ["**/auth/**", "**/api/reset*", "**/api/forgot*", "**/api/password*"],
-    framework: "baseline"
-  },
   {
     id_suffix: "backup_testing",
     category: "stability",
@@ -4712,83 +4700,6 @@ var RELIABILITY_CONSTRAINTS = [
     checklist_ref: "J10",
     file_patterns: ["**/utils/**", "**/lib/**", "**/services/**", "**/api/**"],
     framework: "baseline"
-  },
-  {
-    id_suffix: "startup_env_schema_validation",
-    category: "stability",
-    summary: "Runtime environment variables MUST be validated against an explicit schema at startup, and app boot must fail fast on invalid critical config.",
-    keywords: ["env", "startup", "schema", "validation", "fail-fast", "configuration"],
-    severity: "critical",
-    action: "Create startup env schema checks for server and public runtime variables. Crash startup when required production config is missing or malformed.",
-    checklist_ref: "J11",
-    file_patterns: ["**/config/**", "**/env/**", "**/server/**", "**/.env*"],
-    framework: "baseline"
-  },
-  {
-    id_suffix: "ui_error_boundaries",
-    category: "stability",
-    summary: "Critical user-facing UI surfaces MUST be wrapped in error boundaries to prevent full-app white screens during component crashes.",
-    keywords: ["error-boundary", "react", "ui", "crash", "fallback", "reliability"],
-    severity: "warning",
-    action: "Add error boundaries around major routes/layouts and high-risk widgets. Provide fallback UI and telemetry when boundaries catch errors.",
-    checklist_ref: "J12",
-    file_patterns: ["**/components/**", "**/pages/**", "**/app/**", "**/*error*"],
-    framework: "baseline"
-  },
-  {
-    id_suffix: "health_readiness_endpoints",
-    category: "stability",
-    summary: "Services MUST expose dedicated liveness and readiness endpoints (e.g., /api/health and /api/readyz) for monitoring and deployment safety checks.",
-    keywords: ["health", "readyz", "liveness", "readiness", "monitoring", "probe"],
-    severity: "critical",
-    action: "Implement lightweight health/readiness endpoints with no sensitive payload data. Integrate endpoints into uptime monitoring and deployment probes.",
-    checklist_ref: "J13",
-    file_patterns: ["**/api/health*", "**/api/ready*", "**/monitoring/**", "**/deploy/**"],
-    framework: "baseline"
-  },
-  {
-    id_suffix: "structured_production_logging",
-    category: "stability",
-    summary: "Production logging MUST be structured and include correlation/request IDs, with automatic redaction of tokens, API keys, and credentials.",
-    keywords: ["logging", "structured", "correlation-id", "request-id", "redaction", "observability"],
-    severity: "critical",
-    action: "Emit JSON logs in production and propagate request/correlation IDs across handlers and background jobs. Apply secret-redaction middleware before log emission.",
-    checklist_ref: "J14",
-    file_patterns: ["**/logger/**", "**/api/**", "**/middleware/**", "**/monitoring/**"],
-    framework: "baseline"
-  },
-  {
-    id_suffix: "typed_ai_generated_code",
-    category: "stability",
-    summary: "AI-generated production code MUST use TypeScript (or equivalent static typing) and pass strict type-check gates before merge.",
-    keywords: ["ai-generated", "typescript", "typing", "typecheck", "ci-gate", "quality"],
-    severity: "warning",
-    action: "Require strict type-check in CI for generated code changes and block merges on type errors. Prefer typed templates for agent-generated modules.",
-    checklist_ref: "J15",
-    file_patterns: ["**/*.ts", "**/*.tsx", "**/ai/**", "**/agents/**", "**/.github/**"],
-    framework: "baseline"
-  },
-  {
-    id_suffix: "async_email_dispatch",
-    category: "performance",
-    summary: "Transactional emails SHOULD be dispatched asynchronously (queue/background workers) so request handlers do not block on provider latency.",
-    keywords: ["email", "async", "queue", "worker", "latency", "smtp", "request-path"],
-    severity: "warning",
-    action: "Move email delivery to async jobs/queues and return request responses before provider completion. Add retry/backoff for transient send failures.",
-    checklist_ref: "J16",
-    file_patterns: ["**/api/**", "**/jobs/**", "**/workers/**", "**/email/**", "**/notifications/**"],
-    framework: "baseline"
-  },
-  {
-    id_suffix: "cdn_media_delivery",
-    category: "performance",
-    summary: "User-uploaded media MUST be stored in object storage and delivered through CDN caching, not served directly from app servers.",
-    keywords: ["cdn", "media", "uploads", "object-storage", "cache", "bandwidth"],
-    severity: "warning",
-    action: "Store uploads in object storage (S3/GCS/etc.) and serve via CDN URLs with cache headers. Keep app servers out of large media delivery paths.",
-    checklist_ref: "J17",
-    file_patterns: ["**/api/upload*", "**/storage/**", "**/media/**", "**/cdn/**", "**/config/**"],
-    framework: "baseline"
   }
 ];
 var IAC_CONSTRAINTS = [
@@ -6596,11 +6507,6 @@ async function handleCodeAudit(args, deps) {
         },
         sensitiveDataCount: scanResult.sensitive_data.fields.length,
         rgrPlan,
-        rgrAutoTrigger: {
-          enabled: true,
-          onScopeIncrease: true,
-          executionMode: "local_vitest"
-        },
         securityGaps: graphAnalysis.securityGaps
       }
     };
@@ -7492,192 +7398,6 @@ async function withLlmMonitor(model, fn) {
   }
 }
 
-// ../mcp/dist/mcp/src/shared/repo-policy.js
-function buildRepoPolicyRequirements(manifest) {
-  return {
-    require_security_scan: Boolean(manifest?.verification_requirements?.require_security_scan ?? true),
-    fail_on_critical: Boolean(manifest?.verification_requirements?.fail_on_critical ?? true),
-    min_security_score: Number(manifest?.verification_requirements?.min_security_score ?? 85),
-    require_assurance_manifest: Boolean(manifest?.verification_requirements?.require_assurance_manifest ?? true),
-    require_signed_assurance: Boolean(manifest?.verification_requirements?.require_signed_assurance ?? true),
-    max_assurance_age_hours: Number(manifest?.verification_requirements?.max_assurance_age_hours ?? 168)
-  };
-}
-function buildRepoPolicyObserved(observed) {
-  return {
-    security_score: Number(observed?.security_score ?? Number.NaN),
-    critical_findings_count: Number(observed?.critical_findings_count ?? Number.NaN),
-    assurance_available: observed?.assurance_available,
-    assurance_signed: observed?.assurance_signed,
-    assurance_age_hours: Number(observed?.assurance_age_hours ?? Number.NaN)
-  };
-}
-function evaluateRepoPolicy(requirements, observed) {
-  const checks = [];
-  const blockingReasons = [];
-  const requiredActions = [];
-  const evaluate = (id, pass, passMessage, failMessage, unknownMessage) => {
-    if (pass === null) {
-      checks.push({ id, status: "unknown", message: unknownMessage });
-      return;
-    }
-    if (pass) {
-      checks.push({ id, status: "pass", message: passMessage });
-    } else {
-      checks.push({ id, status: "fail", message: failMessage });
-      blockingReasons.push(failMessage);
-    }
-  };
-  if (requirements.require_security_scan) {
-    const hasScore = Number.isFinite(observed.security_score);
-    evaluate("security_score_minimum", hasScore ? observed.security_score >= requirements.min_security_score : null, `Security score ${observed.security_score} meets minimum ${requirements.min_security_score}.`, `Security score ${hasScore ? observed.security_score : "unknown"} below minimum ${requirements.min_security_score}.`, "Security score not provided in observed evidence.");
-    if (!hasScore) {
-      requiredActions.push("Provide observed.security_score from the latest audit.");
-    }
-  }
-  if (requirements.fail_on_critical) {
-    const hasCritical = Number.isFinite(observed.critical_findings_count);
-    evaluate("critical_findings_zero", hasCritical ? observed.critical_findings_count <= 0 : null, "No unresolved critical/high findings.", `${hasCritical ? observed.critical_findings_count : "Unknown"} unresolved critical/high findings detected.`, "Critical findings count not provided in observed evidence.");
-    if (!hasCritical) {
-      requiredActions.push("Provide observed.critical_findings_count from the latest audit.");
-    }
-  }
-  if (requirements.require_assurance_manifest) {
-    const available = typeof observed.assurance_available === "boolean" ? observed.assurance_available : null;
-    evaluate("assurance_available", available, "Assurance manifest is available.", "Assurance manifest is required but unavailable.", "Assurance availability not provided in observed evidence.");
-    if (available === null) {
-      requiredActions.push("Provide observed.assurance_available from assurance retrieval.");
-    }
-  }
-  if (requirements.require_signed_assurance) {
-    const signed = typeof observed.assurance_signed === "boolean" ? observed.assurance_signed : null;
-    evaluate("assurance_signed", signed, "Assurance manifest signature is present/valid.", "Policy requires signed assurance artifact.", "Assurance signature status not provided in observed evidence.");
-    if (signed === null) {
-      requiredActions.push("Provide observed.assurance_signed after verification.");
-    }
-  }
-  if (requirements.max_assurance_age_hours > 0) {
-    const hasAge = Number.isFinite(observed.assurance_age_hours);
-    evaluate("assurance_freshness", hasAge ? observed.assurance_age_hours <= requirements.max_assurance_age_hours : null, `Assurance age ${observed.assurance_age_hours}h within ${requirements.max_assurance_age_hours}h threshold.`, `Assurance age ${hasAge ? observed.assurance_age_hours : "unknown"}h exceeds ${requirements.max_assurance_age_hours}h threshold.`, "Assurance age not provided in observed evidence.");
-    if (!hasAge) {
-      requiredActions.push("Provide observed.assurance_age_hours.");
-    }
-  }
-  const failedChecks = checks.filter((c) => c.status === "fail").length;
-  const unknownChecks = checks.filter((c) => c.status === "unknown").length;
-  const status = failedChecks > 0 ? "blocked" : unknownChecks > 0 ? "insufficient_evidence" : "verified";
-  if (status !== "verified" && requiredActions.length === 0) {
-    requiredActions.push("Re-run validate_repo_policy with complete observed evidence fields.");
-  }
-  return {
-    status,
-    checks,
-    blocking_reasons: blockingReasons,
-    required_actions: [...new Set(requiredActions)],
-    verification_requirements: requirements
-  };
-}
-
-// ../mcp/dist/mcp/src/shared/repo-policy-response.js
-function resolveTelemetryAttribution(input) {
-  if (input.providedInstallId) {
-    return "provided";
-  }
-  if (input.resolvedInstallId) {
-    return "auto_resolved";
-  }
-  return "missing";
-}
-function buildInvalidPolicyResponse(input) {
-  return {
-    status: "invalid_policy",
-    certification_id: `policy_${(input.now || /* @__PURE__ */ new Date()).getTime()}`,
-    blocking_reasons: [`Policy manifest not found at ${input.manifestPath}`],
-    required_actions: [
-      "Create policy manifest: cutline-mcp policy-init",
-      "Commit cutline.json and re-run validate_repo_policy"
-    ],
-    telemetry_attribution: input.telemetryAttribution,
-    generated_at: (input.now || /* @__PURE__ */ new Date()).toISOString()
-  };
-}
-function buildPolicyVerdictResponse(input) {
-  return {
-    status: input.verdict.status,
-    certification_id: `policy_${(input.now || /* @__PURE__ */ new Date()).getTime()}`,
-    manifest_path: input.manifestPath,
-    policy_name: input.policyName || "cutline-policy",
-    schema_version: input.schemaVersion || "unknown",
-    verification_requirements: input.verdict.verification_requirements,
-    observed_evidence: input.observedEvidence,
-    telemetry_attribution: input.telemetryAttribution,
-    checks: input.verdict.checks,
-    blocking_reasons: input.verdict.blocking_reasons,
-    required_actions: input.verdict.required_actions,
-    generated_at: (input.now || /* @__PURE__ */ new Date()).toISOString()
-  };
-}
-
-// ../mcp/dist/mcp/src/shared/discovery-intent.js
-var TESTING_INTENT_REGEX = /\b(test|tests|testing|vitest|jest|coverage|unit test|integration test|e2e|spec file|assertion)\b/i;
-var TOKEN_INTENT_PATTERNS = [
-  { regex: /\b(rate limit|request limit|429|quota exceeded)\b/i, cluster: "rate_limit" },
-  {
-    regex: /\b(prompt (is )?too long|context window|context overflow|too many tokens|token limit)\b/i,
-    cluster: "context_overflow"
-  },
-  {
-    regex: /\b(token burn|burning credits|too expensive|reduce tokens|save tokens|token usage)\b/i,
-    cluster: "token_cost"
-  }
-];
-function isTestingIntentPrompt(prompt) {
-  return TESTING_INTENT_REGEX.test(prompt);
-}
-function detectTokenLimitIntentPrompt(prompt) {
-  for (const pattern of TOKEN_INTENT_PATTERNS) {
-    const match = prompt.match(pattern.regex);
-    if (match) {
-      return {
-        detected: true,
-        cluster: pattern.cluster,
-        matched_pattern: match[0]
-      };
-    }
-  }
-  return { detected: false };
-}
-function buildTestingIntentHintResponse(prompt) {
-  return {
-    detected: true,
-    intent: "testing",
-    route: "cutline_testing_rgr",
-    prompts: [
-      "use cutline to generate tests for this scope increase",
-      "use cutline to run the RGR loop for this change",
-      "use cutline to evaluate merge gates for this test run"
-    ],
-    bootstrap_if_missing: "npx -y @vibekiln/cutline-mcp-cli@latest setup",
-    source_prompt_excerpt: prompt.slice(0, 180)
-  };
-}
-function buildTokenLimitIntentHintResponse(prompt, match) {
-  return {
-    detected: true,
-    intent: "token_limit",
-    route: "cutline_token_layer_install",
-    query_cluster: match.cluster || "context_overflow",
-    matched_pattern: match.matched_pattern || null,
-    prompts: [
-      "use cutline to reduce context window pressure before tool calls",
-      "use cutline to apply token-saving policy and retry this flow",
-      "use cutline to install deterministic context guardrails for this repo"
-    ],
-    bootstrap_if_missing: "npx -y @vibekiln/cutline-mcp-cli@latest setup",
-    source_prompt_excerpt: prompt.slice(0, 180)
-  };
-}
-
 // ../mcp/dist/mcp/src/cutline-server.js
 function mcpAudit(entry) {
   console.error(JSON.stringify({
@@ -7687,56 +7407,8 @@ function mcpAudit(entry) {
     ...entry
   }));
 }
-async function emitPolicyGateEvent(input) {
-  if (!input.authToken || !input.installId)
-    return;
-  const siteUrl = (process.env.NEXT_PUBLIC_SITE_URL || "https://thecutline.ai").replace(/\/$/, "");
-  const eventName = input.status === "verified" ? "policy_gate_passed" : "policy_gate_blocked";
-  try {
-    await fetch(`${siteUrl}/api/agent/event`, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `Bearer ${input.authToken}`
-      },
-      body: JSON.stringify({
-        install_id: input.installId,
-        event_name: eventName,
-        event_properties: {
-          status: input.status,
-          policy_name: input.policyName || "cutline-policy",
-          failed_checks_count: input.failedChecks,
-          unknown_checks_count: input.unknownChecks,
-          blocking_reasons_count: input.blockingReasonsCount
-        }
-      })
-    });
-  } catch {
-  }
-}
-async function emitAgentEvent(input) {
-  if (!input.authToken || !input.installId)
-    return;
-  const siteUrl = (process.env.NEXT_PUBLIC_SITE_URL || "https://thecutline.ai").replace(/\/$/, "");
-  try {
-    await fetch(`${siteUrl}/api/agent/event`, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `Bearer ${input.authToken}`
-      },
-      body: JSON.stringify({
-        install_id: input.installId,
-        event_name: input.eventName,
-        event_properties: input.eventProperties || {}
-      })
-    });
-  } catch {
-  }
-}
 var DEFAULT_MODEL = process.env.MODEL_ID || "gemini-2.5-pro";
 var GOVERNANCE_ENFORCEMENT = (process.env.CUTLINE_GOVERNANCE_ENFORCEMENT || "advisory").toLowerCase() === "enforced";
-var TOKEN_INTENT_HINT_ENABLED = (process.env.CUTLINE_TOKEN_INTENT_HINT_ENABLED || "false").toLowerCase() === "true";
 function buildGovernanceEnvelope(input) {
   return {
     decision: input.decision,
@@ -7763,26 +7435,21 @@ var ACT_NAMES = {
 };
 function assessScopeExpansionIntent(params) {
   const task = (params.task_description || "").trim();
-  const codeSnippet = (params.code_snippet || "").trim();
-  const intentText = `${task}
-${codeSnippet}`.trim();
   const filePaths = params.file_paths || [];
   const reasons = [];
   let confidence = 0;
   const explicitScopePatterns = [
     /\b(scope increase|expand(?:ing)? scope|broaden scope|new scope)\b/i,
     /\b(seed|ingest|add)\b.{0,24}\b(graph|constraint|entity|entities)\b/i,
-    /\b(new feature|new module|new domain|new subsystem)\b/i,
-    /\b(expand|increase|broaden)\b.{0,24}\b(coverage|surface area|scope)\b/i,
-    /\b(add|introduce|build|create)\b.{0,24}\b(endpoint|route|api|service|workflow)\b/i
+    /\b(new feature|new module|new domain|new subsystem)\b/i
   ];
-  const hasExplicitScopeIntent = explicitScopePatterns.some((rx) => rx.test(intentText));
+  const hasExplicitScopeIntent = explicitScopePatterns.some((rx) => rx.test(task));
   if (hasExplicitScopeIntent) {
     confidence += 0.55;
     reasons.push("Task description includes explicit scope-expansion language.");
   }
   const hintedName = params.hinted_entity_name?.trim();
-  const inferredName = hintedName || inferEntityNameFromTask(intentText);
+  const inferredName = hintedName || inferEntityNameFromTask(task);
   if (inferredName) {
     confidence += 0.12;
     reasons.push("Potential new entity name detected from task context.");
@@ -8242,9 +7909,7 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
           type: "object",
           properties: {
             prompt: { type: "string" },
-            wikiMarkdown: { type: "string" },
-            auth_token: { type: "string", description: "Optional auth token for telemetry attribution" },
-            install_id: { type: "string", description: "Optional install ID for telemetry attribution" }
+            wikiMarkdown: { type: "string" }
           },
           required: ["prompt"]
         }
@@ -8273,9 +7938,7 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
         inputSchema: {
           type: "object",
           properties: {
-            prompt: { type: "string" },
-            auth_token: { type: "string", description: "Optional auth token for telemetry attribution" },
-            install_id: { type: "string", description: "Optional install ID for telemetry attribution" }
+            prompt: { type: "string" }
           },
           required: ["prompt"]
         }
@@ -8709,40 +8372,6 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
           required: ["product_id"]
         }
       },
-      {
-        name: "get_assurance_manifest",
-        description: `\u{1F513} AUTHENTICATED-FREE - Fetch signed assurance proof for "prove it's safe", "production-ready", and audit verification prompts.`,
-        inputSchema: {
-          type: "object",
-          properties: {
-            url: { type: "string", description: "Optional assurance URL override (default: NEXT_PUBLIC_SITE_URL/.well-known/cutline-assurance.json). Use target app domain when verifying deployed builds." }
-          }
-        }
-      },
-      {
-        name: "validate_repo_policy",
-        description: "\u{1F513} AUTHENTICATED-FREE - Run deterministic policy validation for secure/deploy-ready/audit prompts and return a machine-readable verdict object.",
-        inputSchema: {
-          type: "object",
-          properties: {
-            project_root: { type: "string", description: "Absolute workspace root containing cutline.json" },
-            manifest_path: { type: "string", description: "Optional explicit path to cutline.json (overrides project_root)" },
-            install_id: { type: "string", description: "Optional agent install_id for funnel attribution when emitting policy gate events (auto-resolved from local ~/.cutline-mcp/config.json when omitted)" },
-            observed: {
-              type: "object",
-              description: "Observed evidence from scans/assurance checks to evaluate against policy thresholds",
-              properties: {
-                security_score: { type: "number", description: "Observed security score (0-100)" },
-                critical_findings_count: { type: "number", description: "Observed unresolved critical/high findings count" },
-                assurance_available: { type: "boolean", description: "Whether assurance artifact is available" },
-                assurance_signed: { type: "boolean", description: "Whether assurance artifact signature is valid/present" },
-                assurance_age_hours: { type: "number", description: "Age of assurance evidence in hours" }
-              }
-            }
-          },
-          required: ["project_root"]
-        }
-      },
       {
         name: "code_audit",
         description: "\u{1F513} FREE - Security vibe check (code audit). Evaluates your codebase against a stack-aware constraint graph covering security, reliability, and scalability. No deep dive or product_id required \u2014 just point at your codebase. Shows aggregate readiness scores and top critical findings; detailed analysis and remediation require Premium. Requires a Cutline account (free). 3 scans/month.",
@@ -9052,149 +8681,9 @@ Why AI: ${idea.whyAI}`
         };
       }
       if (name2 === "trial_generate") {
-        const trialArgs = args;
-        const { prompt } = trialArgs;
+        const { prompt } = args;
         const text = await cfGenerateTrialRun(prompt);
-        const isTestingIntent = isTestingIntentPrompt(prompt);
-        const tokenIntent = TOKEN_INTENT_HINT_ENABLED ? detectTokenLimitIntentPrompt(prompt) : { detected: false };
-        const env = process.env.CUTLINE_ENV === "staging" ? "staging" : "production";
-        const resolvedInstallId = trialArgs.install_id || getStoredInstallId({ environment: env });
-        if (isTestingIntent) {
-          await emitAgentEvent({
-            authToken: trialArgs.auth_token,
-            installId: resolvedInstallId || void 0,
-            eventName: "agent_test_intent_detected",
-            eventProperties: {
-              tool_name: "trial_generate",
-              route: "cutline_testing_rgr"
-            }
-          });
-        }
-        if (tokenIntent.detected) {
-          await emitAgentEvent({
-            authToken: trialArgs.auth_token,
-            installId: resolvedInstallId || void 0,
-            eventName: "agent_token_limit_intent_detected",
-            eventProperties: {
-              tool_name: "trial_generate",
-              route: "cutline_token_layer_install",
-              query_cluster: tokenIntent.cluster
-            }
-          });
-          await emitAgentEvent({
-            authToken: trialArgs.auth_token,
-            installId: resolvedInstallId || void 0,
-            eventName: "agent_token_layer_install_prompted",
-            eventProperties: {
-              tool_name: "trial_generate",
-              route: "cutline_token_layer_install",
-              query_cluster: tokenIntent.cluster
-            }
-          });
-        }
-        return {
-          content: [{
-            type: "text",
-            text: JSON.stringify({
-              text,
-              ...isTestingIntent ? { cutline_testing_route: buildTestingIntentHintResponse(prompt) } : {},
-              ...tokenIntent.detected ? { cutline_token_route: buildTokenLimitIntentHintResponse(prompt, tokenIntent) } : {}
-            })
-          }]
-        };
-      }
-      if (name2 === "get_assurance_manifest") {
-        const { url } = args;
-        await resolveAuthContextFree(args.auth_token);
-        const siteUrl = (process.env.NEXT_PUBLIC_SITE_URL || "https://thecutline.ai").replace(/\/$/, "");
-        const assuranceUrl = url || `${siteUrl}/.well-known/cutline-assurance.json`;
-        const response = await fetch(assuranceUrl, {
-          method: "GET",
-          headers: { "Accept": "application/json" }
-        });
-        if (!response.ok) {
-          throw new McpError(ErrorCode.InternalError, `Failed to fetch assurance manifest (${response.status}) from ${assuranceUrl}`);
-        }
-        const manifest = await response.json();
-        return {
-          content: [{
-            type: "text",
-            text: JSON.stringify({
-              source_url: assuranceUrl,
-              fetched_at: (/* @__PURE__ */ new Date()).toISOString(),
-              manifest
-            }, null, 2)
-          }]
-        };
-      }
-      if (name2 === "validate_repo_policy") {
-        const policyArgs = args;
-        if (!policyArgs.project_root) {
-          throw new McpError(ErrorCode.InvalidParams, "project_root is required");
-        }
-        await resolveAuthContextFree(policyArgs.auth_token);
-        const env = process.env.CUTLINE_ENV === "staging" ? "staging" : "production";
-        const resolvedInstallId = policyArgs.install_id || getStoredInstallId({ environment: env });
-        const telemetryAttribution = resolveTelemetryAttribution({
-          providedInstallId: policyArgs.install_id,
-          resolvedInstallId: resolvedInstallId || void 0
-        });
-        const { existsSync, readFileSync } = await import("node:fs");
-        const { resolve, join: join4 } = await import("node:path");
-        const manifestPath = resolve(policyArgs.manifest_path || join4(policyArgs.project_root, "cutline.json"));
-        if (!existsSync(manifestPath)) {
-          await emitPolicyGateEvent({
-            authToken: policyArgs.auth_token,
-            installId: resolvedInstallId || void 0,
-            status: "invalid_policy",
-            policyName: "cutline-policy",
-            failedChecks: 1,
-            unknownChecks: 0,
-            blockingReasonsCount: 1
-          });
-          return {
-            content: [{
-              type: "text",
-              text: JSON.stringify(buildInvalidPolicyResponse({
-                manifestPath,
-                telemetryAttribution
-              }), null, 2)
-            }]
-          };
-        }
-        let manifest;
-        try {
-          manifest = JSON.parse(readFileSync(manifestPath, "utf-8"));
-        } catch (e) {
-          throw new McpError(ErrorCode.InvalidParams, `Invalid cutline.json: ${e?.message || String(e)}`);
-        }
-        const requirements = buildRepoPolicyRequirements(manifest);
-        const observed = buildRepoPolicyObserved(policyArgs.observed);
-        const verdict = evaluateRepoPolicy(requirements, observed);
-        const failedChecks = verdict.checks.filter((c) => c.status === "fail").length;
-        const unknownChecks = verdict.checks.filter((c) => c.status === "unknown").length;
-        await emitPolicyGateEvent({
-          authToken: policyArgs.auth_token,
-          installId: resolvedInstallId || void 0,
-          status: verdict.status,
-          policyName: manifest?.policy_name || "cutline-policy",
-          failedChecks,
-          unknownChecks,
-          blockingReasonsCount: verdict.blocking_reasons.length
-        });
-        return {
-          content: [{
-            type: "text",
-            text: JSON.stringify(buildPolicyVerdictResponse({
-              verdict,
-              manifestPath,
-              policyName: manifest?.policy_name,
-              schemaVersion: manifest?.schema_version,
-              observedEvidence: policyArgs.observed || {},
-              telemetryAttribution
-            }), null, 2)
-          }]
-        };
+        return { content: [{ type: "text", text: JSON.stringify({ text }) }] };
       }
       if (name2 === "code_audit") {
         const scanArgs = args;
@@ -9495,56 +8984,9 @@ Competitive threats: ${competitors}` : ""
           return { content: [{ type: "text", text: JSON.stringify(result) }] };
         }
         case "agent_chat": {
-          const chatArgs = args;
-          const { prompt, wikiMarkdown } = chatArgs;
+          const { prompt, wikiMarkdown } = args;
           const text = await cfGenerateChatSuggestion(prompt, wikiMarkdown);
-          const isTestingIntent = isTestingIntentPrompt(prompt);
-          const tokenIntent = TOKEN_INTENT_HINT_ENABLED ? detectTokenLimitIntentPrompt(prompt) : { detected: false };
-          const env = process.env.CUTLINE_ENV === "staging" ? "staging" : "production";
-          const resolvedInstallId = chatArgs.install_id || getStoredInstallId({ environment: env });
-          if (isTestingIntent) {
-            await emitAgentEvent({
-              authToken: chatArgs.auth_token,
-              installId: resolvedInstallId || void 0,
-              eventName: "agent_test_intent_detected",
-              eventProperties: {
-                tool_name: "agent_chat",
-                route: "cutline_testing_rgr"
-              }
-            });
-          }
-          if (tokenIntent.detected) {
-            await emitAgentEvent({
-              authToken: chatArgs.auth_token,
-              installId: resolvedInstallId || void 0,
-              eventName: "agent_token_limit_intent_detected",
-              eventProperties: {
-                tool_name: "agent_chat",
-                route: "cutline_token_layer_install",
-                query_cluster: tokenIntent.cluster
-              }
-            });
-            await emitAgentEvent({
-              authToken: chatArgs.auth_token,
-              installId: resolvedInstallId || void 0,
-              eventName: "agent_token_layer_install_prompted",
-              eventProperties: {
-                tool_name: "agent_chat",
-                route: "cutline_token_layer_install",
-                query_cluster: tokenIntent.cluster
-              }
-            });
-          }
-          return {
-            content: [{
-              type: "text",
-              text: JSON.stringify({
-                text,
-                ...isTestingIntent ? { cutline_testing_route: buildTestingIntentHintResponse(prompt) } : {},
-                ...tokenIntent.detected ? { cutline_token_route: buildTokenLimitIntentHintResponse(prompt, tokenIntent) } : {}
-              })
-            }]
-          };
+          return { content: [{ type: "text", text: JSON.stringify({ text }) }] };
         }
         // Integrations
         case "integrations_create_issues": {
@@ -9902,7 +9344,7 @@ Meta: ${JSON.stringify(output.meta)}` }
           }
           const analysis = analyzeFileContext(fileContext);
           let knownEntityNames = [];
-          if (task_description || code_snippet || scope_entity_name) {
+          if (task_description || scope_entity_name) {
             try {
               const entities = await getAllEntities(product_id);
               knownEntityNames = entities.map((e) => e.name);
@@ -9911,7 +9353,6 @@ Meta: ${JSON.stringify(output.meta)}` }
           }
           const scopeExpansion = assessScopeExpansionIntent({
             task_description,
-            code_snippet,
             file_paths,
             known_entity_names: knownEntityNames,
             hinted_entity_name: scope_entity_name
@@ -10040,8 +9481,9 @@ Meta: ${JSON.stringify(output.meta)}` }
             } catch (e) {
             }
           }
-          const autoRgrPlan = planRgrPhases(finalResults);
+          let autoRgrPlan = void 0;
           if (autoPhase === "auto") {
+            autoRgrPlan = planRgrPhases(finalResults);
             if (autoRgrPlan.strategy === "phased") {
               finalResults = finalResults.filter((c) => {
                 const phased = filterByPhase([c], "test_spec");
@@ -11113,11 +10555,6 @@ ${JSON.stringify(metrics, null, 2)}` }
                 ...plan,
                 entity: rgrMatched[0].name,
                 complexity,
-                auto_execution: {
-                  scope_increase_triggers_rgr: true,
-                  mode: "pervasive",
-                  expected_runner: "local_vitest"
-                },
                 governance
               }, null, 2)
             }]
@@ -11644,7 +11081,7 @@ Meta: ${JSON.stringify({
                 mode: "product",
                 codeContext: payload.codeContext || null
               });
-              runInput.productId = String(auditArgs.product_id || newJobId);
+              runInput.productId = newJobId;
               await updatePremortem(newJobId, { payload: runInput });
               return { jobId: newJobId };
             }

package/dist/servers/{data-client-RY2DCLME.js → data-client-AQ5DGSAR.js}

@@ -78,7 +78,7 @@ import {
   upsertEdges,
   upsertEntities,
   upsertNodes
-} from "./chunk-RUCYK3TR.js";
+} from "./chunk-X2B5QUWO.js";
 export {
   addEdges,
   addEntity,

package/dist/servers/exploration-server.js

@@ -14,7 +14,7 @@ import {
   requirePremiumWithAutoAuth,
   updateExplorationSession,
   validateRequestSize
-} from "./chunk-RUCYK3TR.js";
+} from "./chunk-X2B5QUWO.js";
 
 // ../mcp/dist/mcp/src/exploration-server.js
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";

package/dist/servers/integrations-server.js

@@ -13,7 +13,7 @@ import {
   requirePremiumWithAutoAuth,
   validateAuth,
   validateRequestSize
-} from "./chunk-RUCYK3TR.js";
+} from "./chunk-X2B5QUWO.js";
 
 // ../mcp/dist/mcp/src/integrations-server.js
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";

package/dist/servers/output-server.js

@@ -13,7 +13,7 @@ import {
   mapErrorToMcp,
   requirePremiumWithAutoAuth,
   validateRequestSize
-} from "./chunk-RUCYK3TR.js";
+} from "./chunk-X2B5QUWO.js";
 
 // ../mcp/dist/mcp/src/output-server.js
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";

package/dist/servers/premortem-server.js

@@ -27,7 +27,7 @@ import {
   updatePremortem,
   validateAuth,
   validateRequestSize
-} from "./chunk-RUCYK3TR.js";
+} from "./chunk-X2B5QUWO.js";
 
 // ../mcp/dist/mcp/src/premortem-server.js
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";

package/dist/servers/tools-server.js

@@ -21,7 +21,7 @@ import {
   requirePremiumWithAutoAuth,
   validateAuth,
   validateRequestSize
-} from "./chunk-RUCYK3TR.js";
+} from "./chunk-X2B5QUWO.js";
 
 // ../mcp/dist/mcp/src/tools-server.js
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";

package/dist/utils/config-store.d.ts

@@ -2,8 +2,6 @@ export interface McpConfig {
     refreshToken?: string;
     environment?: 'production' | 'staging';
     apiKey?: string;
-    agentInstallId?: string;
-    agentInstallIdStaging?: string;
 }
 export declare function saveConfig(config: McpConfig): void;
 export declare function loadConfig(): McpConfig;

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@vibekiln/cutline-mcp-cli",
-    "version": "0.11.0",
+    "version": "0.11.2",
     "description": "CLI and MCP servers for Cutline — authenticate, then run constraint-aware MCP servers in Cursor or any MCP client.",
     "type": "module",
     "main": "dist/index.js",

package/dist/commands/policy-init.d.ts

@@ -1,9 +0,0 @@
-interface PolicyInitOptions {
-    projectRoot?: string;
-    force?: boolean;
-    minSecurityScore?: string;
-    maxAssuranceAgeHours?: string;
-    allowUnsignedAssurance?: boolean;
-}
-export declare function policyInitCommand(options: PolicyInitOptions): Promise<void>;
-export {};

package/dist/commands/policy-init.js

@@ -1,51 +0,0 @@
-import chalk from 'chalk';
-import { existsSync, mkdirSync, writeFileSync } from 'node:fs';
-import { join, resolve } from 'node:path';
-function parseNumber(raw, fallback, min, max) {
-    const value = Number(raw);
-    if (!Number.isFinite(value))
-        return fallback;
-    return Math.max(min, Math.min(max, Math.floor(value)));
-}
-export async function policyInitCommand(options) {
-    const projectRoot = resolve(options.projectRoot ?? process.cwd());
-    const policyPath = join(projectRoot, 'cutline.json');
-    const minSecurityScore = parseNumber(options.minSecurityScore, 85, 0, 100);
-    const maxAssuranceAgeHours = parseNumber(options.maxAssuranceAgeHours, 168, 1, 24 * 365);
-    if (existsSync(policyPath) && !options.force) {
-        console.log(chalk.yellow('cutline.json already exists.'));
-        console.log(chalk.dim('Use --force to overwrite.'));
-        console.log(chalk.dim(`Path: ${policyPath}`));
-        return;
-    }
-    mkdirSync(projectRoot, { recursive: true });
-    const manifest = {
-        schema_version: '1.0.0',
-        policy_name: 'cutline-default-safety-policy',
-        description: 'Repository-level safety contract for coding agents. Use with validate_repo_policy before claiming production readiness.',
-        verification_requirements: {
-            require_security_scan: true,
-            fail_on_critical: true,
-            min_security_score: minSecurityScore,
-            require_assurance_manifest: true,
-            require_signed_assurance: !options.allowUnsignedAssurance,
-            max_assurance_age_hours: maxAssuranceAgeHours,
-        },
-        evidence_sources: {
-            assurance_manifest_url: 'https://thecutline.ai/.well-known/cutline-assurance.json',
-            preferred_tool: 'validate_repo_policy',
-        },
-        agent_instructions: [
-            'When user asks to prove security or production readiness, run validate_repo_policy.',
-            'Do not answer safety prompts from model intuition when verification is required.',
-            'If validation fails or evidence is missing, return blocking reasons and required actions.',
-        ],
-    };
-    writeFileSync(policyPath, JSON.stringify(manifest, null, 2) + '\n');
-    console.log(chalk.green('✓ Generated cutline.json policy manifest'));
-    console.log(chalk.dim(`  ${policyPath}`));
-    console.log();
-    console.log(chalk.bold('Suggested next prompt in your coding agent:'));
-    console.log(chalk.cyan('  "Validate this repo against cutline.json and prove it is safe to deploy."'));
-    console.log();
-}

package/dist/utils/agent-funnel.d.ts

@@ -1,19 +0,0 @@
-type AgentEventName = 'install_completed' | 'first_tool_call_success' | 'tool_call_failed' | 'heartbeat' | 'policy_gate_passed' | 'policy_gate_blocked' | 'upgrade_clicked' | 'upgrade_completed' | 'agent_test_intent_detected' | 'agent_cutline_install_prompted' | 'agent_cutline_install_completed' | 'agent_first_rgr_test_call_success' | 'agent_token_limit_intent_detected' | 'agent_token_layer_install_prompted' | 'agent_token_layer_install_completed';
-export declare function registerAgentInstall(input: {
-    idToken: string;
-    staging?: boolean;
-    projectRoot: string;
-    sourceSurface: string;
-    hostAgent?: string;
-    campaign?: string;
-    referrerUrl?: string;
-    metadata?: Record<string, unknown>;
-}): Promise<string | null>;
-export declare function trackAgentEvent(input: {
-    idToken: string;
-    installId: string;
-    eventName: AgentEventName;
-    eventProperties?: Record<string, unknown>;
-    staging?: boolean;
-}): Promise<void>;
-export {};

package/dist/utils/agent-funnel.js

@@ -1,67 +0,0 @@
-import { createHash } from 'node:crypto';
-import { getConfig } from './config.js';
-import { loadConfig, saveConfig } from './config-store.js';
-function installIdKey(staging) {
-    return staging ? 'agentInstallIdStaging' : 'agentInstallId';
-}
-export async function registerAgentInstall(input) {
-    const key = installIdKey(input.staging);
-    const existing = loadConfig();
-    const persistedInstallId = typeof existing[key] === 'string' ? existing[key] : null;
-    if (persistedInstallId)
-        return persistedInstallId;
-    const { BASE_URL } = getConfig({ staging: input.staging });
-    const installationKey = createHash('sha256')
-        .update(`${input.projectRoot}:${input.staging ? 'staging' : 'production'}`)
-        .digest('hex')
-        .slice(0, 32);
-    const workspaceId = createHash('sha256').update(input.projectRoot).digest('hex').slice(0, 24);
-    try {
-        const response = await fetch(`${BASE_URL}/api/agent/register`, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-                Authorization: `Bearer ${input.idToken}`,
-            },
-            body: JSON.stringify({
-                installation_key: installationKey,
-                source_surface: input.sourceSurface,
-                host_agent: input.hostAgent || 'cutline-mcp-cli',
-                workspace_id: workspaceId,
-                ...(input.campaign ? { campaign: input.campaign } : {}),
-                ...(input.referrerUrl ? { referrer_url: input.referrerUrl } : {}),
-                ...(input.metadata ? { metadata: input.metadata } : {}),
-            }),
-        });
-        if (!response.ok)
-            return null;
-        const payload = await response.json();
-        if (!payload.install_id)
-            return null;
-        saveConfig({ [key]: payload.install_id });
-        return payload.install_id;
-    }
-    catch {
-        return null;
-    }
-}
-export async function trackAgentEvent(input) {
-    const { BASE_URL } = getConfig({ staging: input.staging });
-    try {
-        await fetch(`${BASE_URL}/api/agent/event`, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-                Authorization: `Bearer ${input.idToken}`,
-            },
-            body: JSON.stringify({
-                install_id: input.installId,
-                event_name: input.eventName,
-                event_properties: input.eventProperties || {},
-            }),
-        });
-    }
-    catch {
-        // Best effort telemetry; never block CLI command success.
-    }
-}