blackveil-dns 2.6.0 → 2.6.4

package/dist/index.d.ts

@@ -191,7 +191,7 @@ declare function sanitizeDomain(input: string): string;
 declare function sanitizeInput(input: string, maxLength?: number): string;
 
 /** Server version — keep in sync with package.json */
-declare const SERVER_VERSION = "2.6.0";
+declare const SERVER_VERSION = "2.6.4";
 
 /**
  * Map of every tool name to its Zod argument schema.

package/dist/index.js

@@ -571,7 +571,7 @@ function sanitizeInput(input, maxLength = 500) {
 }
 
 // src/lib/server-version.ts
-var SERVER_VERSION = "2.6.0";
+var SERVER_VERSION = "2.6.4";
 var DomainSchema = z.string().min(1).max(253);
 z.string().regex(/^[0-9a-f]{64}$/);
 var DkimSelectorSchema = z.string().transform((s) => s.trim().toLowerCase()).pipe(z.string().max(63).regex(/^[a-z0-9]([a-z0-9-]*[a-z0-9])?$/));
@@ -761,42 +761,42 @@ function toInputSchema(schema) {
 }
 var TOOL_DEFS = {
   check_mx: {
-    description: "Validate MX records and email provider detection.",
+    description: "Look up MX records for a domain. Shows mail servers, email provider detection, and validates configuration.",
     schema: BaseDomainArgs,
     group: "email_auth",
     tier: "protective",
     scanIncluded: true
   },
   check_spf: {
-    description: "Validate SPF syntax, policy, and trust surface.",
+    description: "Look up and validate SPF record for a domain. Shows authorized senders, syntax issues, and trust surface.",
     schema: BaseDomainArgs,
     group: "email_auth",
     tier: "core",
     scanIncluded: true
   },
   check_dmarc: {
-    description: "Validate DMARC policy, alignment, and reporting.",
+    description: "Look up and validate DMARC record for a domain. Shows policy enforcement, alignment mode, and reporting config.",
     schema: BaseDomainArgs,
     group: "email_auth",
     tier: "core",
     scanIncluded: true
   },
   check_dkim: {
-    description: "Probe DKIM selectors and validate key strength.",
+    description: "Look up DKIM records for a domain. Probes common selectors and validates key strength and algorithm.",
     schema: CheckDkimArgs,
     group: "email_auth",
     tier: "core",
     scanIncluded: true
   },
   check_dnssec: {
-    description: "Verify DNSSEC validation and DNSKEY/DS records.",
+    description: "Check DNSSEC status for a domain. Verifies DNSKEY/DS records and validation chain.",
     schema: BaseDomainArgs,
     group: "infrastructure",
     tier: "core",
     scanIncluded: true
   },
   check_ssl: {
-    description: "Verify SSL/TLS certificate and HTTPS config.",
+    description: "Check SSL/TLS certificate for a domain. Shows issuer, expiry, protocol versions, and HTTPS configuration.",
     schema: BaseDomainArgs,
     group: "infrastructure",
     tier: "core",
@@ -810,14 +810,14 @@ var TOOL_DEFS = {
     scanIncluded: true
   },
   check_ns: {
-    description: "Analyze NS delegation and provider diversity.",
+    description: "Look up NS (nameserver) records for a domain. Shows DNS provider, delegation, and redundancy.",
     schema: BaseDomainArgs,
     group: "infrastructure",
     tier: "protective",
     scanIncluded: true
   },
   check_caa: {
-    description: "Check authorized Certificate Authorities via CAA.",
+    description: "Look up CAA records for a domain. Shows which Certificate Authorities are authorized to issue certificates.",
     schema: BaseDomainArgs,
     group: "infrastructure",
     tier: "protective",
@@ -880,7 +880,7 @@ var TOOL_DEFS = {
     scanIncluded: true
   },
   scan_domain: {
-    description: "Full DNS and email security audit. Score, grade, maturity, findings. Start here.",
+    description: "Look up any domain to get a full DNS and email security audit. Use this whenever a user mentions a domain name, asks to check/scan/lookup/analyze a domain, or wants to know about a domain's security posture. Returns score, grade, maturity stage, and prioritized findings. Start here for any domain-related question.",
     schema: ScanDomainArgs,
     group: "meta",
     scanIncluded: false
@@ -1023,13 +1023,13 @@ var TOOL_DEFS = {
     scanIncluded: false
   },
   resolve_spf_chain: {
-    description: "Recursively resolve the full SPF include chain. Shows lookup count, tree depth, and flags issues like circular includes or exceeding the 10-lookup limit.",
+    description: "Trace the full SPF include chain for a domain. Recursively resolves all includes, shows lookup count, tree depth, and flags circular includes or exceeding the 10-lookup limit.",
     schema: BaseDomainArgs,
     group: "intelligence",
     scanIncluded: false
   },
   discover_subdomains: {
-    description: "Discover subdomains via Certificate Transparency logs. Reveals shadow IT, forgotten services, and unauthorized certificate issuance.",
+    description: "Find subdomains of a domain using Certificate Transparency logs. Reveals shadow IT, forgotten services, and unauthorized certificate issuance.",
     schema: BaseDomainArgs,
     group: "intelligence",
     scanIncluded: false
@@ -3655,7 +3655,7 @@ async function scanDomain(domain, kv, runtimeOptions) {
           )
         ];
         const result2 = buildCheckResult(category, findings);
-        checkResults.push({ ...result2, score: 0, checkStatus: "timeout" });
+        checkResults.push({ ...result2, score: 0, passed: false, checkStatus: "timeout" });
         degradedStatuses.set(category, "timeout");
       }
     }
@@ -3666,7 +3666,7 @@ async function scanDomain(domain, kv, runtimeOptions) {
     if (degradedStatuses.size > 0) {
       checkResults = checkResults.map((r) => {
         const status = degradedStatuses.get(r.category);
-        return status ? { ...r, score: 0, checkStatus: status } : r;
+        return status ? { ...r, score: 0, passed: false, checkStatus: status } : r;
       });
     }
     let domainContext = detectDomainContext(checkResults);