@zibby/skills 0.1.20 → 0.1.23

package/bin/mcp-lark.mjs

@@ -0,0 +1,209 @@
+#!/usr/bin/env node
+/**
+ * Zibby Lark / Feishu MCP Server — standalone stdio MCP binary.
+ *
+ * Mirrors @zibby/mcp-browser + bin/mcp-sentry.mjs: self-contained
+ * MCP server that exposes Lark messaging tools to any MCP client
+ * (Claude Code, Cursor, Codex, Gemini). Skill's `resolve()` spawns
+ * this binary; everything else runs inside the spawned process.
+ *
+ * Auth: reads PROJECT_API_TOKEN + PROGRESS_API_URL + EXECUTION_ID
+ * + PROJECT_ID + STAGE from the inherited env. The backend's
+ * resolveIntegrationToken('lark') endpoint returns appId + appSecret;
+ * we exchange those for a tenant_access_token cached locally (~2h TTL).
+ */
+
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { z } from 'zod';
+import { resolveIntegrationToken } from '@zibby/core/backend-client.js';
+
+// Lark's tenant_access_token TTL is ~2h. Cache slightly under that —
+// keeps the MCP server alive across multiple tool calls without
+// re-fetching from Lark every time.
+const TOKEN_TTL_MS = 100 * 60 * 1000;
+let tokenCache = null;
+
+async function getTenantAccessToken() {
+  const { appId, appSecret, host } = await resolveIntegrationToken('lark');
+  if (tokenCache && tokenCache.appId === appId && tokenCache.expiresAt > Date.now()) {
+    return { token: tokenCache.token, host };
+  }
+  const res = await fetch(`${host}/open-apis/auth/v3/tenant_access_token/internal`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ app_id: appId, app_secret: appSecret }),
+  });
+  const data = await res.json();
+  if (data.code !== 0) {
+    throw new Error(`Lark tenant_access_token failed: ${data.msg || data.code}`);
+  }
+  tokenCache = { token: data.tenant_access_token, expiresAt: Date.now() + TOKEN_TTL_MS, appId };
+  return { token: data.tenant_access_token, host };
+}
+
+async function larkApi(method, path, params = {}) {
+  const { token, host } = await getTenantAccessToken();
+  const init = {
+    method,
+    headers: {
+      Authorization: `Bearer ${token}`,
+      'Content-Type': 'application/json; charset=utf-8',
+    },
+  };
+  if (method !== 'GET') init.body = JSON.stringify(params);
+  const res = await fetch(`${host}${path}`, init);
+  const data = await res.json();
+  if (data.code !== 0) {
+    throw new Error(`Lark API ${path} error: ${data.msg || data.code}`);
+  }
+  return data.data || {};
+}
+
+function textContent(text) {
+  return JSON.stringify({ text });
+}
+
+// receive_id_type required by Lark; inferred from the id prefix.
+//   oc_* → chat_id, ou_* → open_id, on_* → union_id, cli_* → app_id,
+//   email-looking → email, else chat_id (most common bot target).
+function inferReceiveIdType(id) {
+  if (!id || typeof id !== 'string') return 'chat_id';
+  if (id.startsWith('oc_')) return 'chat_id';
+  if (id.startsWith('ou_')) return 'open_id';
+  if (id.startsWith('on_')) return 'union_id';
+  if (id.startsWith('cli_')) return 'app_id';
+  if (id.includes('@')) return 'email';
+  return 'chat_id';
+}
+
+const server = new McpServer(
+  { name: 'zibby-lark', version: '1.0.0' },
+  { capabilities: { tools: {} } },
+);
+
+// ── lark_send_message ──────────────────────────────────────────────
+server.registerTool(
+  'lark_send_message',
+  {
+    title: 'Send Lark Message',
+    description: 'Send a text message to a Lark chat, user, or DM. receive_id can be a chat_id (oc_*), open_id (ou_*), union_id (on_*), or email.',
+    inputSchema: z.object({
+      receive_id: z.string().describe('Target id: chat_id (oc_*), open_id (ou_*), union_id (on_*), or email'),
+      text: z.string().describe('Message text'),
+    }),
+  },
+  async (args = {}) => {
+    try {
+      if (!args.receive_id || !args.text) {
+        return { content: [{ type: 'text', text: JSON.stringify({ error: 'receive_id and text are required' }) }], isError: true };
+      }
+      const receiveIdType = inferReceiveIdType(args.receive_id);
+      const data = await larkApi(
+        'POST',
+        `/open-apis/im/v1/messages?receive_id_type=${receiveIdType}`,
+        { receive_id: args.receive_id, msg_type: 'text', content: textContent(args.text) },
+      );
+      return { content: [{ type: 'text', text: JSON.stringify({ ok: true, message_id: data.message_id }) }] };
+    } catch (err) {
+      return { content: [{ type: 'text', text: `Error: ${err.message}` }], isError: true };
+    }
+  },
+);
+
+// ── lark_reply ─────────────────────────────────────────────────────
+server.registerTool(
+  'lark_reply',
+  {
+    title: 'Reply to Lark Message',
+    description: 'Reply to an existing Lark message (creates a thread). Use the message_id from the inbound event.',
+    inputSchema: z.object({
+      message_id: z.string().describe('Lark message id (om_*) to reply to'),
+      text: z.string().describe('Reply text'),
+    }),
+  },
+  async (args = {}) => {
+    try {
+      if (!args.message_id || !args.text) {
+        return { content: [{ type: 'text', text: JSON.stringify({ error: 'message_id and text are required' }) }], isError: true };
+      }
+      const data = await larkApi(
+        'POST',
+        `/open-apis/im/v1/messages/${encodeURIComponent(args.message_id)}/reply`,
+        { msg_type: 'text', content: textContent(args.text) },
+      );
+      return { content: [{ type: 'text', text: JSON.stringify({ ok: true, message_id: data.message_id }) }] };
+    } catch (err) {
+      return { content: [{ type: 'text', text: `Error: ${err.message}` }], isError: true };
+    }
+  },
+);
+
+// ── lark_list_chats ────────────────────────────────────────────────
+server.registerTool(
+  'lark_list_chats',
+  {
+    title: 'List Lark Chats',
+    description: 'List chats (groups + DMs) the bot is a member of.',
+    inputSchema: z.object({
+      page_size: z.number().optional().describe('Max results (default 50)'),
+    }),
+  },
+  async (args = {}) => {
+    try {
+      const pageSize = args.page_size || 50;
+      const data = await larkApi('GET', `/open-apis/im/v1/chats?page_size=${pageSize}`);
+      const chats = (data.items || []).map((c) => ({
+        chat_id: c.chat_id,
+        name: c.name,
+        description: c.description,
+        owner_id: c.owner_id,
+        chat_mode: c.chat_mode,
+      }));
+      return { content: [{ type: 'text', text: JSON.stringify({ chats }) }] };
+    } catch (err) {
+      return { content: [{ type: 'text', text: `Error: ${err.message}` }], isError: true };
+    }
+  },
+);
+
+// ── lark_get_chat_history ──────────────────────────────────────────
+server.registerTool(
+  'lark_get_chat_history',
+  {
+    title: 'Get Lark Chat History',
+    description: 'Fetch recent messages in a chat.',
+    inputSchema: z.object({
+      chat_id: z.string().describe('Chat id (oc_*)'),
+      page_size: z.number().optional().describe('Max messages (default 20)'),
+    }),
+  },
+  async (args = {}) => {
+    try {
+      if (!args.chat_id) {
+        return { content: [{ type: 'text', text: JSON.stringify({ error: 'chat_id is required' }) }], isError: true };
+      }
+      const pageSize = args.page_size || 20;
+      const data = await larkApi(
+        'GET',
+        `/open-apis/im/v1/messages?container_id_type=chat&container_id=${encodeURIComponent(args.chat_id)}&page_size=${pageSize}&sort_type=ByCreateTimeDesc`,
+      );
+      const messages = (data.items || []).map((m) => ({
+        message_id: m.message_id,
+        sender_id: m.sender?.id,
+        sender_type: m.sender?.sender_type,
+        msg_type: m.msg_type,
+        content: m.body?.content,
+        create_time: m.create_time,
+      }));
+      return { content: [{ type: 'text', text: JSON.stringify({ messages }) }] };
+    } catch (err) {
+      return { content: [{ type: 'text', text: `Error: ${err.message}` }], isError: true };
+    }
+  },
+);
+
+const transport = new StdioServerTransport();
+await server.connect(transport);
+
+console.error('[mcp-lark] connected (4 tools: lark_send_message, lark_reply, lark_list_chats, lark_get_chat_history)');

package/bin/mcp-sentry.mjs

@@ -0,0 +1,151 @@
+#!/usr/bin/env node
+/**
+ * Zibby Sentry MCP Server — standalone stdio MCP binary.
+ *
+ * Mirrors the @zibby/mcp-browser pattern: this is a self-contained
+ * MCP server that exposes Sentry tools (list_projects, list_issues,
+ * get_issue) to any MCP client (Claude Code, Cursor, etc.). Skill's
+ * `resolve()` just spawns this binary; everything else runs inside
+ * the spawned process.
+ *
+ * Why standalone vs the function-bridge approach: the bridge required
+ * the parent's in-memory handler registry to be visible to the child,
+ * but each Node process has its own module instance map. Even when
+ * the bridge re-imported the skill module, the `registerHandlers`
+ * side-effect didn't always land in the same registry the bridge
+ * subsequently read from (cross-package vs relative ESM URL resolution
+ * subtleties). A self-contained binary side-steps the whole issue.
+ *
+ * Auth: reads PROJECT_API_TOKEN + PROGRESS_API_URL + EXECUTION_ID
+ * + PROJECT_ID + STAGE from the inherited env (set by workflow-executor.js
+ * on every Fargate task). resolveIntegrationToken('sentry') hits the
+ * project's backend → returns the Sentry OAuth access token + org slug.
+ */
+
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { z } from 'zod';
+import { resolveIntegrationToken } from '@zibby/core/backend-client.js';
+
+async function sentryFetch(path, opts = {}) {
+  const { token, organizationSlug } = await resolveIntegrationToken('sentry');
+  const url = `https://sentry.io/api/0/organizations/${organizationSlug}${path}`;
+  const res = await fetch(url, {
+    method: opts.method || 'GET',
+    headers: { Authorization: `Bearer ${token}`, 'Content-Type': 'application/json' },
+  });
+  if (!res.ok) {
+    const err = await res.text().catch(() => '');
+    throw new Error(`Sentry API ${res.status}: ${err.slice(0, 300)}`);
+  }
+  return res.json();
+}
+
+const server = new McpServer(
+  { name: 'zibby-sentry', version: '1.0.0' },
+  { capabilities: { tools: {} } },
+);
+
+// ── sentry_list_projects ────────────────────────────────────────────
+server.registerTool(
+  'sentry_list_projects',
+  {
+    title: 'List Sentry Projects',
+    description: 'List Sentry projects in the connected organization.',
+    inputSchema: z.object({}),
+  },
+  async () => {
+    try {
+      const data = await sentryFetch('/projects/?per_page=50');
+      const text = JSON.stringify({
+        projects: data.map((p) => ({ slug: p.slug, name: p.name, platform: p.platform })),
+      });
+      return { content: [{ type: 'text', text }] };
+    } catch (err) {
+      return { content: [{ type: 'text', text: `Error: ${err.message}` }], isError: true };
+    }
+  },
+);
+
+// ── sentry_list_issues ──────────────────────────────────────────────
+server.registerTool(
+  'sentry_list_issues',
+  {
+    title: 'List Sentry Issues',
+    description: 'List Sentry issues (errors). Supports Sentry search syntax in the query field (e.g. "is:unresolved level:error age:-1h").',
+    inputSchema: z.object({
+      project: z.string().optional().describe('Project slug (optional)'),
+      query: z.string().optional().describe('Sentry search query (default: is:unresolved)'),
+      sort: z.string().optional().describe('Sort order: date, new, priority, freq, user (default: date)'),
+      limit: z.number().optional().describe('Max issues to return (default 25)'),
+    }),
+  },
+  async (args = {}) => {
+    try {
+      const project = args.project || '';
+      const query = args.query || 'is:unresolved';
+      const sort = args.sort || 'date';
+      let path = `/issues/?query=${encodeURIComponent(query)}&sort=${sort}&per_page=${args.limit || 25}`;
+      if (project) path += `&project=${encodeURIComponent(project)}`;
+      const data = await sentryFetch(path);
+      const text = JSON.stringify({
+        issues: data.map((i) => ({
+          id: i.id, title: i.title, culprit: i.culprit,
+          count: i.count, firstSeen: i.firstSeen, lastSeen: i.lastSeen,
+          level: i.level, status: i.status,
+        })),
+      });
+      return { content: [{ type: 'text', text }] };
+    } catch (err) {
+      return { content: [{ type: 'text', text: `Error: ${err.message}` }], isError: true };
+    }
+  },
+);
+
+// ── sentry_get_issue ────────────────────────────────────────────────
+server.registerTool(
+  'sentry_get_issue',
+  {
+    title: 'Get Sentry Issue Details',
+    description: 'Get details of a specific Sentry issue (culprit, metadata, userCount, etc).',
+    inputSchema: z.object({
+      issueId: z.string().describe('Sentry issue ID'),
+    }),
+  },
+  async (args = {}) => {
+    try {
+      const { issueId } = args;
+      if (!issueId) {
+        return { content: [{ type: 'text', text: JSON.stringify({ error: 'issueId is required' }) }], isError: true };
+      }
+      // Issue details hit /issues/<id>/ (NOT under /organizations/), so
+      // we resolve just the token and build the URL directly.
+      const { token } = await resolveIntegrationToken('sentry');
+      const res = await fetch(`https://sentry.io/api/0/issues/${issueId}/`, {
+        headers: { Authorization: `Bearer ${token}` },
+      });
+      if (!res.ok) {
+        throw new Error(`Sentry API ${res.status}`);
+      }
+      const data = await res.json();
+      const text = JSON.stringify({
+        id: data.id, title: data.title, culprit: data.culprit,
+        metadata: data.metadata, count: data.count, userCount: data.userCount,
+        firstSeen: data.firstSeen, lastSeen: data.lastSeen,
+        level: data.level, status: data.status,
+        project: { slug: data.project?.slug, name: data.project?.name },
+      });
+      return { content: [{ type: 'text', text }] };
+    } catch (err) {
+      return { content: [{ type: 'text', text: `Error: ${err.message}` }], isError: true };
+    }
+  },
+);
+
+const transport = new StdioServerTransport();
+await server.connect(transport);
+
+// Tiny diagnostic line on stderr so operators can confirm the MCP
+// server actually started. stdout is reserved for MCP JSON-RPC; only
+// stderr is safe for human-readable logs.
+console.error('[mcp-sentry] connected (3 tools: sentry_list_projects, sentry_list_issues, sentry_get_issue)');