@webpresso/agent-kit 0.26.3 → 0.27.0

package/.claude-plugin/marketplace.json

@@ -6,7 +6,7 @@
   },
   "metadata": {
     "description": "Webpresso agent-kit Claude Code plugin: blueprints, skills, hooks, MCP server",
-    "version": "0.26.3"
+    "version": "0.27.0"
   },
   "plugins": [
     {
@@ -23,5 +23,5 @@
       ]
     }
   ],
-  "version": "0.26.3"
+  "version": "0.27.0"
 }

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "webpresso",
-  "version": "0.26.3",
+  "version": "0.27.0",
   "description": "Webpresso agent-kit: blueprints, skills, lore commit protocol, tech-debt lifecycle",
   "skills": "./skills",
   "commands": "./commands",

package/dist/esm/audit/no-first-party-mjs.d.ts

@@ -0,0 +1,5 @@
+import type { RepoAuditResult } from './repo-guardrails.js';
+export declare function isIgnoredNoFirstPartyMjsPath(relativePath: string): boolean;
+export declare function findTrackedFirstPartyMjsPaths(trackedPaths: readonly string[]): string[];
+export declare function auditNoFirstPartyMjs(rootDirectory?: string): RepoAuditResult;
+//# sourceMappingURL=no-first-party-mjs.d.ts.map

package/dist/esm/audit/no-first-party-mjs.js

@@ -0,0 +1,83 @@
+import { execFileSync } from 'node:child_process';
+import { existsSync } from 'node:fs';
+import { join, resolve } from 'node:path';
+const IGNORED_PATH_PREFIXES = [
+    'node_modules',
+    'dist',
+    'build',
+    'coverage',
+    '.wrangler',
+    '.codex',
+    '.omx',
+    '.omc',
+    'logs',
+    '.test-reports',
+    '.webpresso/generated',
+];
+export function isIgnoredNoFirstPartyMjsPath(relativePath) {
+    const normalized = relativePath.replace(/\\/gu, '/');
+    return IGNORED_PATH_PREFIXES.some((prefix) => normalized === prefix || normalized.startsWith(`${prefix}/`));
+}
+export function findTrackedFirstPartyMjsPaths(trackedPaths) {
+    return trackedPaths
+        .map((path) => path.replace(/\\/gu, '/'))
+        .filter((path) => path.endsWith('.mjs'))
+        .filter((path) => !isIgnoredNoFirstPartyMjsPath(path))
+        .toSorted();
+}
+function fail(root, message) {
+    return {
+        ok: false,
+        title: 'no first-party .mjs',
+        checked: 0,
+        violations: [{ file: root, message }],
+    };
+}
+function resolveCanonicalRepoRoot(rootDirectory) {
+    const requestedRoot = resolve(rootDirectory);
+    let gitRoot;
+    try {
+        gitRoot = resolve(execFileSync('git', ['rev-parse', '--show-toplevel'], {
+            cwd: requestedRoot,
+            encoding: 'utf8',
+            stdio: ['ignore', 'pipe', 'pipe'],
+        }).trim());
+    }
+    catch {
+        return fail(requestedRoot, `run no-first-party-mjs from a canonical repo root; ${requestedRoot} is not a git repository root`);
+    }
+    if (requestedRoot !== gitRoot) {
+        return fail(requestedRoot, `run no-first-party-mjs from the canonical repo root ${gitRoot}; refusing to scan ${requestedRoot}`);
+    }
+    if (!existsSync(join(gitRoot, 'package.json'))) {
+        return fail(requestedRoot, `run no-first-party-mjs from a canonical repo root with package.json; ${gitRoot} does not qualify`);
+    }
+    return { ok: true, root: gitRoot };
+}
+function listTrackedFiles(root) {
+    const output = execFileSync('git', ['ls-files'], {
+        cwd: root,
+        encoding: 'utf8',
+        stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    return output
+        .split('\n')
+        .map((line) => line.trim())
+        .filter(Boolean);
+}
+export function auditNoFirstPartyMjs(rootDirectory = process.cwd()) {
+    const canonical = resolveCanonicalRepoRoot(rootDirectory);
+    if ('violations' in canonical)
+        return canonical;
+    const violations = findTrackedFirstPartyMjsPaths(listTrackedFiles(canonical.root)).map((file) => ({
+        file,
+        message: 'tracked first-party .mjs files are forbidden; rename this file to .ts',
+    }));
+    return {
+        ok: violations.length === 0,
+        title: 'no first-party .mjs',
+        checked: violations.length,
+        violations,
+    };
+}
+//# sourceMappingURL=no-first-party-mjs.js.map

package/dist/esm/cli/commands/audit-core.d.ts

@@ -1,5 +1,5 @@
 import type { RepoAuditResult } from '#audit/repo-guardrails';
-export type AuditKind = 'tph' | 'tph-e2e' | 'bundle-budget' | 'commit-message' | 'blueprint-lifecycle' | 'roadmap-links' | 'docs-frontmatter' | 'catalog-drift' | 'package-surface' | 'agents' | 'tech-debt' | 'no-relative-parent-imports' | 'no-link-protocol' | 'vision' | 'bucket-boundary' | 'skill-sizes' | 'broken-refs' | 'memory-rotation' | 'gitignore-agent-surfaces' | 'memory-unified' | 'compile-drift' | 'architecture-drift' | 'cloudflare-deploy-contract' | 'toolchain-isolation' | 'absolute-path-policy' | 'agent-cost' | 'blueprint-db-consistency' | 'blueprint-lifecycle-sql' | 'tech-debt-cadence' | 'cross-repo-correlation' | 'ai-contracts' | 'mutation' | 'quality' | 'guardrails' | 'hook-surface' | 'no-relative-package-scripts';
+export type AuditKind = 'tph' | 'tph-e2e' | 'bundle-budget' | 'commit-message' | 'blueprint-lifecycle' | 'roadmap-links' | 'docs-frontmatter' | 'catalog-drift' | 'package-surface' | 'agents' | 'tech-debt' | 'no-relative-parent-imports' | 'no-link-protocol' | 'vision' | 'bucket-boundary' | 'skill-sizes' | 'broken-refs' | 'memory-rotation' | 'gitignore-agent-surfaces' | 'memory-unified' | 'compile-drift' | 'architecture-drift' | 'cloudflare-deploy-contract' | 'toolchain-isolation' | 'absolute-path-policy' | 'no-first-party-mjs' | 'agent-cost' | 'blueprint-db-consistency' | 'blueprint-lifecycle-sql' | 'tech-debt-cadence' | 'cross-repo-correlation' | 'ai-contracts' | 'mutation' | 'quality' | 'guardrails' | 'hook-surface' | 'no-relative-package-scripts';
 export type AuditOutcome = {
     kind: 'invalid-usage';
     message: string;

package/dist/esm/cli/commands/audit.js

@@ -62,6 +62,7 @@ const REPO_AUDIT_REGISTRY = {
     'cloudflare-deploy-contract': async (root) => (await import('#audit/cloudflare-deploy-contract')).auditCloudflareDeployContract(root),
     'toolchain-isolation': async (root) => (await import('#audit/toolchain-isolation')).auditToolchainIsolation(root),
     'absolute-path-policy': async (root) => (await import('#audit/absolute-path-policy')).auditAbsolutePathPolicy(root),
+    'no-first-party-mjs': async (root) => (await import('#audit/no-first-party-mjs')).auditNoFirstPartyMjs(root),
     'agent-cost': async (root) => (await import('#audit/agent-cost')).auditAgentCost(root),
     'blueprint-db-consistency': async (root) => (await import('#audit/blueprint-db-consistency')).auditBlueprintDbConsistency(root),
     'blueprint-lifecycle-sql': async (root) => (await import('#audit/blueprint-lifecycle-sql')).auditBlueprintLifecycleSql(root),

package/dist/esm/cli/commands/init/config.d.ts

@@ -16,6 +16,14 @@ export interface AgentkitConfig {
         serverName?: string;
         toolPrefix?: string;
     };
+    /** Pretool-guard routing policy. `mechanism` lives in agent-kit; this is the
+     *  per-repo `data`. `scriptRoutes` maps a package-script name (e.g.
+     *  `docs:check`) to a `wp_audit` kind; `packageManager: 'vp-only'` opts into
+     *  routing all raw `pnpm`/`npm` invocations to the `vp` facade. */
+    guard?: {
+        packageManager?: 'vp-only';
+        scriptRoutes?: Record<string, string>;
+    };
     rules: {
         overrides: string[];
     };

package/dist/esm/cli/commands/init/config.js

@@ -48,6 +48,18 @@ export function readConfig(repoRoot) {
         const normalizedMcp = serverName || toolPrefix
             ? { ...(serverName ? { serverName } : {}), ...(toolPrefix ? { toolPrefix } : {}) }
             : undefined;
+        const guard = parsed.guard;
+        const packageManager = guard?.packageManager === 'vp-only' ? 'vp-only' : undefined;
+        const rawScriptRoutes = guard?.scriptRoutes && typeof guard.scriptRoutes === 'object'
+            ? Object.fromEntries(Object.entries(guard.scriptRoutes).filter(([key, value]) => typeof key === 'string' && typeof value === 'string'))
+            : undefined;
+        const scriptRoutes = rawScriptRoutes && Object.keys(rawScriptRoutes).length > 0 ? rawScriptRoutes : undefined;
+        const normalizedGuard = packageManager || scriptRoutes
+            ? {
+                ...(packageManager ? { packageManager } : {}),
+                ...(scriptRoutes ? { scriptRoutes } : {}),
+            }
+            : undefined;
         const selectedHosts = Array.isArray(hosts?.selected)
             ? hosts.selected.filter((s) => ['codex', 'claude', 'opencode'].includes(String(s)))
             : [];
@@ -66,6 +78,7 @@ export function readConfig(repoRoot) {
                 ...(visibility ? { visibility } : {}),
             },
             ...(normalizedMcp ? { mcp: normalizedMcp } : {}),
+            ...(normalizedGuard ? { guard: normalizedGuard } : {}),
             rules: { overrides: overrides.filter((s) => typeof s === 'string') },
             scripts: {
                 'setup-agent': readOptionalString(scripts?.['setup-agent']),
@@ -93,11 +106,22 @@ export function mergeConfig(existing, incoming) {
             ...incoming.mcp,
         }
         : undefined;
+    const mergedScriptRoutes = existing.guard?.scriptRoutes || incoming.guard?.scriptRoutes
+        ? { ...existing.guard?.scriptRoutes, ...incoming.guard?.scriptRoutes }
+        : undefined;
+    const mergedGuard = existing.guard || incoming.guard
+        ? {
+            ...existing.guard,
+            ...incoming.guard,
+            ...(mergedScriptRoutes ? { scriptRoutes: mergedScriptRoutes } : {}),
+        }
+        : undefined;
     return {
         version: incoming.version,
         installed: { tier3Skills: tier3 },
         hosts: incoming.hosts ?? existing.hosts,
         ...(mergedMcp ? { mcp: mergedMcp } : {}),
+        ...(mergedGuard ? { guard: mergedGuard } : {}),
         rules: { overrides },
         scripts: {
             'setup-agent': incoming.scripts['setup-agent'] ?? existing.scripts['setup-agent'],

package/dist/esm/hooks/pretool-guard/validators/forbidden-commands.js

@@ -1,5 +1,6 @@
 import { readConfig } from '#cli/commands/init/config';
 import { getCommand, isBashInput } from '#hooks/shared/types';
+import { AUDIT_KINDS } from '#mcp/tools/_shared/audit-kinds';
 import { createSkipResult } from './skip-result.js';
 import { buildRedirectMessage } from './mcp-redirect.js';
 export const VALIDATOR_NAME = 'forbidden-commands';
@@ -445,6 +446,57 @@ export function createAuditResult(command, rule, options = {}) {
         matchedPattern: rule.pattern.source,
     };
 }
+const AUDIT_KIND_SET = new Set(AUDIT_KINDS);
+const WP_AUDIT_RE = /^wp\s+audit\s+([a-z0-9-]+)\b/u;
+const SCRIPT_INVOCATION_RE = /^(?:pnpm run|vp run|npm run|pnpm|npm)\s+([A-Za-z0-9:_-]+)/u;
+const RAW_PM_RE = /^(?:pnpm|npm)\b/u;
+function loadGuardConfig() {
+    const repoRoot = process.env.CLAUDE_PROJECT_DIR ?? process.cwd();
+    return readConfig(repoRoot)?.guard;
+}
+/** Build a guard redirect result; non-blocking ("[AUDIT] Would block") in audit mode. */
+function guardRedirect(message) {
+    if (process.env[AUDIT_MODE_ENV] === '1') {
+        return { validator: VALIDATOR_NAME, passed: true, message: `[AUDIT] Would block:\n${message}` };
+    }
+    return { validator: VALIDATOR_NAME, passed: false, message };
+}
+/** `wp audit <kind>` (CLI) → `wp_audit(kind=...)` (MCP). Generic; not gated on config. */
+function findWpAuditRedirect(command) {
+    for (const variant of getCommandVariants(command)) {
+        const kind = WP_AUDIT_RE.exec(variant)?.[1];
+        if (kind && AUDIT_KIND_SET.has(kind)) {
+            return `"${variant}" denied — use the MCP audit tool: mcp__webpresso__wp_audit(kind="${kind}"). Returns structured, summary-first results.`;
+        }
+    }
+    return undefined;
+}
+/** Repo-declared `guard.scriptRoutes`: a package script mapped to an audit kind. */
+function findScriptRouteRedirect(command, routes) {
+    for (const variant of getCommandVariants(command)) {
+        const script = SCRIPT_INVOCATION_RE.exec(variant)?.[1];
+        if (!script)
+            continue;
+        const kind = routes[script];
+        if (!kind)
+            continue;
+        if (!AUDIT_KIND_SET.has(kind)) {
+            process.stderr.write(`[forbidden-commands] guard.scriptRoutes["${script}"] -> "${kind}" is not a known audit kind; ignoring\n`);
+            continue;
+        }
+        return `"${variant}" denied — this repo routes \`${script}\` to an audit: mcp__webpresso__wp_audit(kind="${kind}").`;
+    }
+    return undefined;
+}
+/** `guard.packageManager: 'vp-only'`: route any remaining raw pnpm/npm to the vp facade. */
+function findVpOnlyRedirect(command) {
+    for (const variant of getCommandVariants(command)) {
+        if (RAW_PM_RE.test(variant)) {
+            return `"${variant}" denied — this repo is vp-only. Use the vp facade (\`vp install\`, \`vp run <script>\`, \`vp exec <bin>\`) or the matching wp_* MCP tool.`;
+        }
+    }
+    return undefined;
+}
 export function validateForbiddenCommands(input) {
     if (process.env[SKIP_ENV_VAR] === '1')
         return createSkipResult(VALIDATOR_NAME);
@@ -459,6 +511,20 @@ export function validateForbiddenCommands(input) {
             return createAuditResult(command, rule);
         return createBlockedResult(command, rule);
     }
+    const wpAuditRedirect = findWpAuditRedirect(command);
+    if (wpAuditRedirect)
+        return guardRedirect(wpAuditRedirect);
+    const guard = loadGuardConfig();
+    if (guard?.scriptRoutes) {
+        const redirect = findScriptRouteRedirect(command, guard.scriptRoutes);
+        if (redirect)
+            return guardRedirect(redirect);
+    }
+    if (guard?.packageManager === 'vp-only') {
+        const redirect = findVpOnlyRedirect(command);
+        if (redirect)
+            return guardRedirect(redirect);
+    }
     return { validator: VALIDATOR_NAME, passed: true };
 }
 //# sourceMappingURL=forbidden-commands.js.map

package/dist/esm/mcp/tools/_shared/audit-kinds.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Canonical list of `wp_audit` kinds — single source of truth.
+ *
+ * Imported by the `wp_audit` MCP tool (for its `kind` enum + dispatch) and by
+ * the pretool-guard (to validate repo `guard.scriptRoutes` targets and to
+ * redirect `wp audit <kind>` CLI calls to the MCP tool). Kept as a tiny
+ * dependency-free module so the hook runtime, which runs on every tool call,
+ * doesn't pull in the whole audit tool graph.
+ */
+export declare const AUDIT_KINDS: readonly ["tph", "tph-e2e", "agents", "catalog-drift", "package-surface", "docs-frontmatter", "blueprint-lifecycle", "architecture-drift", "cloudflare-deploy-contract", "absolute-path-policy", "no-first-party-mjs", "roadmap-links", "bundle-budget", "commit-message", "tech-debt", "hook-surface", "ai-contracts", "no-relative-package-scripts", "toolchain-isolation"];
+export type AuditKind = (typeof AUDIT_KINDS)[number];
+export declare function isAuditKind(value: string): value is AuditKind;
+//# sourceMappingURL=audit-kinds.d.ts.map

package/dist/esm/mcp/tools/_shared/audit-kinds.js

@@ -0,0 +1,34 @@
+/**
+ * Canonical list of `wp_audit` kinds — single source of truth.
+ *
+ * Imported by the `wp_audit` MCP tool (for its `kind` enum + dispatch) and by
+ * the pretool-guard (to validate repo `guard.scriptRoutes` targets and to
+ * redirect `wp audit <kind>` CLI calls to the MCP tool). Kept as a tiny
+ * dependency-free module so the hook runtime, which runs on every tool call,
+ * doesn't pull in the whole audit tool graph.
+ */
+export const AUDIT_KINDS = [
+    'tph',
+    'tph-e2e',
+    'agents',
+    'catalog-drift',
+    'package-surface',
+    'docs-frontmatter',
+    'blueprint-lifecycle',
+    'architecture-drift',
+    'cloudflare-deploy-contract',
+    'absolute-path-policy',
+    'no-first-party-mjs',
+    'roadmap-links',
+    'bundle-budget',
+    'commit-message',
+    'tech-debt',
+    'hook-surface',
+    'ai-contracts',
+    'no-relative-package-scripts',
+    'toolchain-isolation',
+];
+export function isAuditKind(value) {
+    return AUDIT_KINDS.includes(value);
+}
+//# sourceMappingURL=audit-kinds.js.map

package/dist/esm/mcp/tools/_shared/project-root.d.ts

@@ -8,10 +8,15 @@
  * `oxlint` spawned with the inherited cwd would lint the wrong tree.
  *
  * Resolution order, first hit wins:
- *   1. `CLAUDE_PROJECT_DIR` env var (when set by Claude Code hooks).
- *   2. Walk up from `process.cwd()` looking for a marker:
- *      `.git`, `pnpm-workspace.yaml`, then `package.json`.
- *   3. Loud throw — diagnosing a wrong-tree lint silently is worse than
+ *   1. `explicitCwd` — caller says "use exactly this", no walk.
+ *   2. An explicitly-passed `cwd` walked up to a marker (`.git`,
+ *      `pnpm-workspace.yaml`, then `package.json`). A deliberate caller cwd
+ *      outranks `CLAUDE_PROJECT_DIR`, which for a plugin-scope MCP server is
+ *      the whole session/workspace root. If the passed cwd has no marker, fall
+ *      back to `CLAUDE_PROJECT_DIR`, then throw — do not widen to `process.cwd()`.
+ *   3. `CLAUDE_PROJECT_DIR` env var (when no explicit cwd was passed).
+ *   4. Walk up from `process.cwd()` looking for a marker.
+ *   5. Loud throw — diagnosing a wrong-tree lint silently is worse than
  *      forcing the caller to pass an explicit cwd.
  *
  * The walk searches `.git` and `pnpm-workspace.yaml` *before* `package.json`

package/dist/esm/mcp/tools/_shared/project-root.js

@@ -8,10 +8,15 @@
  * `oxlint` spawned with the inherited cwd would lint the wrong tree.
  *
  * Resolution order, first hit wins:
- *   1. `CLAUDE_PROJECT_DIR` env var (when set by Claude Code hooks).
- *   2. Walk up from `process.cwd()` looking for a marker:
- *      `.git`, `pnpm-workspace.yaml`, then `package.json`.
- *   3. Loud throw — diagnosing a wrong-tree lint silently is worse than
+ *   1. `explicitCwd` — caller says "use exactly this", no walk.
+ *   2. An explicitly-passed `cwd` walked up to a marker (`.git`,
+ *      `pnpm-workspace.yaml`, then `package.json`). A deliberate caller cwd
+ *      outranks `CLAUDE_PROJECT_DIR`, which for a plugin-scope MCP server is
+ *      the whole session/workspace root. If the passed cwd has no marker, fall
+ *      back to `CLAUDE_PROJECT_DIR`, then throw — do not widen to `process.cwd()`.
+ *   3. `CLAUDE_PROJECT_DIR` env var (when no explicit cwd was passed).
+ *   4. Walk up from `process.cwd()` looking for a marker.
+ *   5. Loud throw — diagnosing a wrong-tree lint silently is worse than
  *      forcing the caller to pass an explicit cwd.
  *
  * The walk searches `.git` and `pnpm-workspace.yaml` *before* `package.json`
@@ -42,20 +47,39 @@ function walkUp(start, markers) {
     }
     return null;
 }
+/**
+ * Walk up from `start` to the nearest project root. Strong markers
+ * (`.git`, `pnpm-workspace.yaml`) anchor at the workspace root in preference to
+ * a closer weak marker (`package.json`) in a nested package dir.
+ */
+function walkToProjectRoot(start) {
+    return walkUp(start, STRONG_MARKERS) ?? walkUp(start, WEWP_MARKERS);
+}
 export function resolveProjectRoot(options = {}) {
     if (options.explicitCwd)
         return options.explicitCwd;
     const env = options.env ?? process.env;
     const fromEnv = env.CLAUDE_PROJECT_DIR;
+    // A caller-supplied cwd is a deliberate "scope to this project" signal and
+    // must outrank the ambient CLAUDE_PROJECT_DIR — for a plugin-scope MCP server
+    // that env var is the whole session/workspace root, so without this an
+    // explicit `wp_lint`/`wp_test` cwd would scan every sibling repo. Anchor at
+    // the cwd's project root; if it has no marker, defer to CLAUDE_PROJECT_DIR,
+    // then throw — never silently widen the search to process.cwd().
+    if (options.cwd) {
+        const fromCwd = walkToProjectRoot(options.cwd);
+        if (fromCwd)
+            return fromCwd;
+        if (fromEnv && fromEnv.length > 0)
+            return fromEnv;
+        throw new ProjectRootNotFoundError(options.cwd);
+    }
     if (fromEnv && fromEnv.length > 0)
         return fromEnv;
-    const start = options.cwd ?? process.cwd();
-    const fromStrong = walkUp(start, STRONG_MARKERS);
-    if (fromStrong)
-        return fromStrong;
-    const fromWeak = walkUp(start, WEWP_MARKERS);
-    if (fromWeak)
-        return fromWeak;
+    const start = process.cwd();
+    const fromCwd = walkToProjectRoot(start);
+    if (fromCwd)
+        return fromCwd;
     throw new ProjectRootNotFoundError(start);
 }
 //# sourceMappingURL=project-root.js.map

package/dist/esm/mcp/tools/audit.d.ts

@@ -24,17 +24,19 @@ declare const inputSchema: z.ZodObject<{
         "tech-debt": "tech-debt";
         tph: "tph";
         "tph-e2e": "tph-e2e";
-        "bundle-budget": "bundle-budget";
-        "commit-message": "commit-message";
-        "blueprint-lifecycle": "blueprint-lifecycle";
-        "roadmap-links": "roadmap-links";
-        "docs-frontmatter": "docs-frontmatter";
         "catalog-drift": "catalog-drift";
         "package-surface": "package-surface";
+        "docs-frontmatter": "docs-frontmatter";
+        "blueprint-lifecycle": "blueprint-lifecycle";
         "architecture-drift": "architecture-drift";
         "cloudflare-deploy-contract": "cloudflare-deploy-contract";
         "absolute-path-policy": "absolute-path-policy";
+        "no-first-party-mjs": "no-first-party-mjs";
+        "roadmap-links": "roadmap-links";
+        "bundle-budget": "bundle-budget";
+        "commit-message": "commit-message";
         "ai-contracts": "ai-contracts";
+        "toolchain-isolation": "toolchain-isolation";
     }>;
     cwd: z.ZodOptional<z.ZodString>;
     directory: z.ZodOptional<z.ZodString>;

package/dist/esm/mcp/tools/audit.js

@@ -18,26 +18,9 @@ import { spawn } from 'node:child_process';
 import { z } from 'zod';
 import { resolveAuditScriptPath } from '#audit/resolve-audit-script';
 import { applyOutputTransform } from '#output-transforms/index';
+import { AUDIT_KINDS } from './_shared/audit-kinds.js';
 import { createSummaryOutputSchema, createSummaryResult } from './_shared/result.js';
-const KINDS = [
-    'tph',
-    'tph-e2e',
-    'agents',
-    'catalog-drift',
-    'package-surface',
-    'docs-frontmatter',
-    'blueprint-lifecycle',
-    'architecture-drift',
-    'cloudflare-deploy-contract',
-    'absolute-path-policy',
-    'roadmap-links',
-    'bundle-budget',
-    'commit-message',
-    'tech-debt',
-    'hook-surface',
-    'ai-contracts',
-    'no-relative-package-scripts',
-];
+const KINDS = AUDIT_KINDS;
 const inputSchema = z.object({
     kind: z.enum(KINDS),
     /** Working tree to run the audit against. Alias kept as `directory` for back-compat. */
@@ -176,6 +159,26 @@ async function dispatch(input) {
                 details: auditResult,
             };
         }
+        case 'no-first-party-mjs': {
+            const { auditNoFirstPartyMjs } = await import('#audit/no-first-party-mjs');
+            const auditResult = auditNoFirstPartyMjs(input.cwd ?? input.directory ?? process.cwd());
+            return {
+                passed: auditResult.ok,
+                summary: summarizeRepoAudit(kind, auditResult),
+                kind,
+                details: auditResult,
+            };
+        }
+        case 'toolchain-isolation': {
+            const { auditToolchainIsolation } = await import('#audit/toolchain-isolation');
+            const auditResult = auditToolchainIsolation(input.cwd ?? input.directory ?? process.cwd());
+            return {
+                passed: auditResult.ok,
+                summary: summarizeRepoAudit(kind, auditResult),
+                kind,
+                details: auditResult,
+            };
+        }
         case 'roadmap-links': {
             const { auditRoadmapLinks } = await import('#audit/roadmap-links');
             const auditResult = auditRoadmapLinks(input.cwd ?? input.directory ?? process.cwd());
@@ -304,7 +307,7 @@ async function dispatch(input) {
 }
 const tool = {
     name: 'wp_audit',
-    description: 'Run a packaged repo audit. `kind` selects the audit (tph, tph-e2e, catalog-drift, docs-frontmatter, blueprint-lifecycle, architecture-drift, absolute-path-policy, roadmap-links, bundle-budget, commit-message, tech-debt, hook-surface, package-surface, no-relative-package-scripts). Returns {passed, kind, details}.',
+    description: 'Run a packaged repo audit. `kind` selects the audit (tph, tph-e2e, catalog-drift, docs-frontmatter, blueprint-lifecycle, architecture-drift, absolute-path-policy, no-first-party-mjs, roadmap-links, bundle-budget, commit-message, tech-debt, hook-surface, package-surface, no-relative-package-scripts). Returns {passed, kind, details}.',
     inputSchema,
     outputSchema,
     annotations: {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@webpresso/agent-kit",
-  "version": "0.26.3",
+  "version": "0.27.0",
   "private": false,
   "repository": {
     "type": "git",
@@ -710,10 +710,10 @@
     "@stryker-mutator/typescript-checker": "^9.6.1",
     "@playwright/test": "^1.55.0",
     "wrangler": "^4.50.0",
-    "@webpresso/agent-kit-runtime-darwin-arm64": "0.26.3",
-    "@webpresso/agent-kit-runtime-darwin-x64": "0.26.3",
-    "@webpresso/agent-kit-runtime-linux-x64": "0.26.3",
-    "@webpresso/agent-kit-runtime-linux-arm64": "0.26.3",
-    "@webpresso/agent-kit-runtime-windows-x64": "0.26.3"
+    "@webpresso/agent-kit-runtime-darwin-arm64": "0.27.0",
+    "@webpresso/agent-kit-runtime-darwin-x64": "0.27.0",
+    "@webpresso/agent-kit-runtime-linux-x64": "0.27.0",
+    "@webpresso/agent-kit-runtime-linux-arm64": "0.27.0",
+    "@webpresso/agent-kit-runtime-windows-x64": "0.27.0"
   }
 }