chrome-devtools-mcp-for-extension 0.18.0 → 0.18.2

package/build/node_modules/chrome-devtools-frontend/front_end/models/trace/lantern/testing/MetricTestUtils.js

@@ -0,0 +1,46 @@
+// Copyright 2024 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+// Unsure why this lint is failing, given `lantern/metrics/SpeedIndex.test.ts` does the same
+// and is fine. Maybe `*.test.*` files are excluded from this rule?
+// eslint-disable-next-line rulesdir/es-modules-import
+import * as TraceLoader from '../../../../testing/TraceLoader.js';
+import * as Trace from '../../trace.js';
+import * as Lantern from '../lantern.js';
+function toLanternTrace(traceEvents) {
+    return {
+        traceEvents: traceEvents,
+    };
+}
+async function runTraceProcessor(context, trace) {
+    TraceLoader.TraceLoader.setTestTimeout(context);
+    const processor = Trace.Processor.TraceProcessor.createWithAllHandlers();
+    await processor.parse(trace.traceEvents, { isCPUProfile: false, isFreshRecording: true });
+    if (!processor.data) {
+        throw new Error('No data');
+    }
+    return processor.data;
+}
+async function getComputationDataFromFixture(context, { trace, settings, url }) {
+    settings = settings ?? {};
+    if (!settings.throttlingMethod) {
+        settings.throttlingMethod = 'simulate';
+    }
+    const data = await runTraceProcessor(context, trace);
+    const requests = Trace.LanternComputationData.createNetworkRequests(trace, data);
+    const networkAnalysis = Lantern.Core.NetworkAnalyzer.analyze(requests);
+    if (!networkAnalysis) {
+        throw new Error('no networkAnalysis');
+    }
+    const frameId = data.Meta.mainFrameId;
+    const navigationId = data.Meta.mainFrameNavigations[0].args.data?.navigationId;
+    if (!navigationId) {
+        throw new Error('no navigation id found');
+    }
+    return {
+        simulator: Lantern.Simulation.Simulator.createSimulator({ ...settings, networkAnalysis }),
+        graph: Trace.LanternComputationData.createGraph(requests, trace, data, url),
+        processedNavigation: Trace.LanternComputationData.createProcessedNavigation(data, frameId, navigationId),
+    };
+}
+export { getComputationDataFromFixture, runTraceProcessor as runTrace, toLanternTrace, };

package/build/node_modules/chrome-devtools-frontend/front_end/models/trace/lantern/testing/testing.js

@@ -0,0 +1,4 @@
+// Copyright 2024 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+export * from './MetricTestUtils.js';

package/build/src/browser.js

@@ -8,6 +8,7 @@ import os from 'node:os';
 import path from 'node:path';
 import puppeteer from 'puppeteer-core';
 import { resolveUserDataDir } from './profile-resolver.js';
+import { isProjectRootInitialized, getProjectRoot } from './project-root-state.js';
 let browser;
 const ignoredPrefixes = new Set([
     'chrome://',
@@ -719,6 +720,26 @@ async function ensureBrowserLaunched(options) {
     return browser;
 }
 export async function resolveBrowser(options) {
+    // CRITICAL: Project root must be initialized before launching Chrome
+    // This ensures proper profile isolation for multi-project environments
+    if (!isProjectRootInitialized() && !options.browserUrl && !options.userDataDir) {
+        const errorMsg = [
+            '❌ CRITICAL ERROR: Project root not initialized',
+            '',
+            'Chrome cannot be launched because the MCP client did not provide the project root directory.',
+            'This is required for proper Chrome profile isolation when using multiple projects.',
+            '',
+            '📋 Required client behavior:',
+            '1. Client must call setProjectRoot() immediately after MCP server starts',
+            '2. Or set MCP_PROJECT_ROOT environment variable before launching MCP',
+            '3. Or use --project-root CLI flag',
+            '',
+            `Current state: projectRoot=${getProjectRoot() || 'undefined'}`,
+            `Process cwd: ${process.cwd()}`,
+        ].join('\n');
+        console.error(errorMsg);
+        throw new Error('Project root not initialized - cannot launch Chrome without profile isolation');
+    }
     const resolvedBrowser = options.browserUrl
         ? await ensureBrowserConnected(options.browserUrl)
         : await ensureBrowserLaunched(options);

package/build/src/config.js

@@ -23,3 +23,16 @@ export const CHATGPT_CONFIG = {
      */
     DEFAULT_MODEL: 'gpt-5-thinking',
 };
+/**
+ * Gemini configuration
+ */
+export const GEMINI_CONFIG = {
+    /**
+     * Default Gemini URL
+     */
+    DEFAULT_URL: 'https://gemini.google.com/',
+    /**
+     * Base URL for Gemini
+     */
+    BASE_URL: 'https://gemini.google.com/',
+};

package/build/src/graceful.js

@@ -0,0 +1,125 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+/**
+ * Graceful Shutdown Module
+ *
+ * Ensures clean shutdown of MCP server:
+ * - Closes Puppeteer browser gracefully
+ * - Kills orphaned Chrome processes
+ * - Handles SIGTERM, SIGINT, disconnect, uncaught exceptions
+ */
+import fs from 'node:fs/promises';
+import process from 'node:process';
+/**
+ * Setup graceful shutdown handlers
+ */
+export function setupGraceful(options) {
+    const { getBrowser, onBeforeExit, pidFile = process.env.MCP_BROWSER_PID_FILE, closeTimeoutMs = 3000, } = options;
+    let isShuttingDown = false;
+    /**
+     * Kill Chrome process using PID file
+     */
+    async function killFromPidFile() {
+        if (!pidFile)
+            return;
+        try {
+            const txt = await fs.readFile(pidFile, 'utf8').catch(() => '');
+            const pid = Number(txt.trim());
+            if (pid > 0) {
+                try {
+                    // Check if process exists
+                    process.kill(pid, 0);
+                    // Process exists, kill it
+                    process.kill(pid, 'SIGKILL');
+                    console.error(`[graceful] Killed Chrome process: ${pid}`);
+                }
+                catch (err) {
+                    // Process doesn't exist (already dead)
+                    console.error(`[graceful] Chrome process ${pid} already dead`);
+                }
+            }
+            await fs.rm(pidFile, { force: true });
+        }
+        catch (err) {
+            console.error(`[graceful] Error killing Chrome from PID file:`, err);
+        }
+    }
+    /**
+     * Graceful exit handler
+     */
+    async function gracefulExit(signal) {
+        if (isShuttingDown) {
+            console.error(`[graceful] Already shutting down, ignoring ${signal}`);
+            return;
+        }
+        isShuttingDown = true;
+        console.error(`[graceful] Shutting down... (signal: ${signal || 'unknown'})`);
+        try {
+            // Step 1: onBeforeExit callback
+            if (onBeforeExit) {
+                try {
+                    await onBeforeExit();
+                }
+                catch (err) {
+                    console.error(`[graceful] onBeforeExit error:`, err);
+                }
+            }
+            // Step 2: Close browser gracefully (with timeout)
+            const browser = getBrowser?.();
+            if (browser) {
+                try {
+                    console.error(`[graceful] Closing browser...`);
+                    await Promise.race([
+                        Promise.resolve(browser.close?.()),
+                        new Promise((_, reject) => setTimeout(() => reject(new Error('browser.close() timeout')), closeTimeoutMs)),
+                    ]);
+                    console.error(`[graceful] Browser closed successfully`);
+                }
+                catch (err) {
+                    console.error(`[graceful] Browser close error:`, err);
+                    // Continue to PID file cleanup
+                }
+            }
+            // Step 3: Kill orphaned Chrome (if browser.close() failed)
+            await killFromPidFile();
+        }
+        catch (err) {
+            console.error(`[graceful] Error during shutdown:`, err);
+        }
+        console.error(`[graceful] Shutdown complete`);
+        process.exit(0);
+    }
+    // Register signal handlers
+    process.on('SIGTERM', () => gracefulExit('SIGTERM'));
+    process.on('SIGINT', () => gracefulExit('SIGINT'));
+    process.on('disconnect', () => gracefulExit('disconnect')); // Parent died
+    process.on('uncaughtException', async (err) => {
+        console.error('[graceful] Uncaught exception:', err);
+        await gracefulExit('uncaughtException');
+    });
+    process.on('unhandledRejection', async (err) => {
+        console.error('[graceful] Unhandled rejection:', err);
+        await gracefulExit('unhandledRejection');
+    });
+    return {
+        /**
+         * Announce Chrome PID to wrapper via PID file
+         */
+        async announceBrowserPid(pid) {
+            if (!pidFile || !pid) {
+                console.error(`[graceful] Cannot announce browser PID: pidFile=${pidFile}, pid=${pid}`);
+                return;
+            }
+            try {
+                await fs.writeFile(pidFile, String(pid), 'utf8');
+                console.error(`[graceful] Announced browser PID ${pid} to ${pidFile}`);
+            }
+            catch (err) {
+                console.error(`[graceful] Failed to write PID file:`, err);
+            }
+        },
+    };
+}

package/build/src/login-helper.js

@@ -9,38 +9,146 @@
  */
 export async function isLoginRequired(page) {
     const currentUrl = page.url();
-    // Method 1: Check URL
+    console.error(`[login-helper] Checking login status for URL: ${currentUrl}`);
+    // Method 1: Check URL patterns
     if (currentUrl.includes('auth') ||
         currentUrl.includes('login') ||
         currentUrl.includes('signin')) {
+        console.error('[login-helper] ✅ Login required (URL contains auth/login/signin)');
         return true;
     }
-    // Method 2: Check for login UI elements
-    try {
-        // ChatGPT login page has specific elements
-        const loginButton = await page.$('button[data-testid="login-button"]');
-        const signUpButton = await page.$('a[href*="signup"]');
-        const authContainer = await page.$('[class*="auth"]');
-        if (loginButton || signUpButton || authContainer) {
+    // Gemini specific check
+    if (currentUrl.includes('gemini.google.com')) {
+        try {
+            const geminiContent = await page.evaluate(() => {
+                const bodyText = document.body.innerText.toLowerCase();
+                // Check for common login page text
+                const hasLoginText = bodyText.includes('sign in') ||
+                    bodyText.includes('login') ||
+                    bodyText.includes('google account');
+                // Check for Gemini composer
+                const hasComposer = !!(document.querySelector('div[contenteditable="true"]') ||
+                    document.querySelector('textarea'));
+                return { hasLoginText, hasComposer };
+            });
+            console.error(`[login-helper] Gemini check: ${JSON.stringify(geminiContent)}`);
+            if (geminiContent.hasComposer) {
+                console.error('[login-helper] ❌ Login NOT required (Gemini composer detected)');
+                return false;
+            }
+            console.error('[login-helper] ✅ Login required (Gemini composer missing)');
+            return true;
+        }
+        catch (error) {
+            console.error(`[login-helper] Error checking Gemini login: ${error}`);
             return true;
         }
     }
-    catch {
-        // Element check failed, continue to next method
-    }
-    // Method 3: Check for main content absence
+    // Method 2: Check page content for login indicators
     try {
-        // If we can't find the main composer, likely not logged in
-        const composer = await page.$('textarea, .ProseMirror[contenteditable="true"]');
-        if (!composer) {
-            // No composer found - might be login page
+        const pageContent = await page.evaluate(() => {
+            // Check for common login page text
+            const bodyText = document.body.innerText.toLowerCase();
+            // ChatGPT-specific login indicators
+            const hasLoginText = bodyText.includes('log in') ||
+                bodyText.includes('sign in') ||
+                bodyText.includes('welcome to chatgpt');
+            // Check for login buttons - NATIVE DOM selectors only
+            const hasLoginButton = !!(document.querySelector('[data-testid*="login"]') ||
+                document.querySelector('[class*="login-button"]') ||
+                // Check for text content in buttons
+                Array.from(document.querySelectorAll('button')).some(btn => btn.textContent?.toLowerCase().includes('log in') ||
+                    btn.textContent?.toLowerCase().includes('sign in')));
+            // Check for ChatGPT-specific composer (more strict detection)
+            // Look for the actual textarea/contenteditable that ChatGPT uses
+            let hasComposer = false;
+            // Method 1: Check for ChatGPT's main textarea (with validation)
+            const mainTextarea = document.querySelector('#prompt-textarea');
+            if (mainTextarea && mainTextarea instanceof HTMLTextAreaElement) {
+                // Additional validation: login page has a fallback textarea with class "_fallbackTextarea_"
+                // Real composer should NOT be disabled and should be in a proper composer container
+                const isFallback = mainTextarea.className.includes('fallback');
+                const isDisabled = mainTextarea.disabled;
+                if (!isFallback && !isDisabled) {
+                    console.error('[login-helper] Found valid #prompt-textarea (not fallback)');
+                    hasComposer = true;
+                }
+                else {
+                    console.error('[login-helper] Found #prompt-textarea but it appears to be a fallback/disabled textarea');
+                }
+            }
+            // Method 2: Check Shadow DOM for ChatGPT's composer
+            if (!hasComposer) {
+                const shadowHosts = Array.from(document.querySelectorAll('*'));
+                for (const host of shadowHosts) {
+                    if (host.shadowRoot) {
+                        const shadowTextarea = host.shadowRoot.querySelector('#prompt-textarea');
+                        const shadowComposer = host.shadowRoot.querySelector('[data-testid="composer-textarea"]');
+                        if (shadowTextarea || shadowComposer) {
+                            console.error('[login-helper] Found composer in Shadow DOM');
+                            hasComposer = true;
+                            break;
+                        }
+                    }
+                }
+            }
+            // Method 3: Check for ChatGPT-specific ProseMirror editor (only if it's in main content area)
+            if (!hasComposer) {
+                const proseMirror = document.querySelector('.ProseMirror[contenteditable="true"]');
+                // Verify it's actually ChatGPT's main composer, not just any ProseMirror
+                if (proseMirror) {
+                    const parent = proseMirror.closest('[class*="composer"], [class*="prompt"], [class*="input-area"]');
+                    if (parent) {
+                        console.error('[login-helper] Found ChatGPT ProseMirror composer');
+                        hasComposer = true;
+                    }
+                }
+            }
+            return {
+                hasLoginText,
+                hasLoginButton,
+                hasComposer,
+                bodySnippet: bodyText.substring(0, 200)
+            };
+        });
+        console.error(`[login-helper] Page analysis: ${JSON.stringify(pageContent, null, 2)}`);
+        // Decision point 1: PRIORITY - Login button present = needs login (even if fallback composer exists)
+        if (pageContent.hasLoginButton) {
+            console.error('[login-helper] 🔍 Decision: Login button detected (highest priority)');
+            console.error('[login-helper]    hasLoginButton:', pageContent.hasLoginButton);
+            console.error('[login-helper]    hasComposer:', pageContent.hasComposer);
+            console.error('[login-helper] ✅ Login required (login button detected)');
+            return true;
+        }
+        // Decision point 2: Login text present + NO valid composer = needs login
+        if (pageContent.hasLoginText && !pageContent.hasComposer) {
+            console.error('[login-helper] 🔍 Decision: Login text detected + No valid composer');
+            console.error('[login-helper]    hasLoginText:', pageContent.hasLoginText);
+            console.error('[login-helper]    hasComposer:', pageContent.hasComposer);
+            console.error('[login-helper] ✅ Login required (login UI detected, no composer)');
             return true;
         }
+        // Decision point 3: Valid composer present = logged in
+        if (pageContent.hasComposer) {
+            console.error('[login-helper] 🔍 Decision: Valid composer found (user is logged in)');
+            console.error('[login-helper]    hasComposer:', pageContent.hasComposer);
+            console.error('[login-helper] ❌ Login NOT required (composer detected)');
+            return false;
+        }
+        // Decision point 3: Ambiguous state - safe default is to assume login required
+        console.error('[login-helper] 🔍 Decision: Unclear state (no login UI, no composer)');
+        console.error('[login-helper]    hasLoginText:', pageContent.hasLoginText);
+        console.error('[login-helper]    hasLoginButton:', pageContent.hasLoginButton);
+        console.error('[login-helper]    hasComposer:', pageContent.hasComposer);
+        console.error('[login-helper]    bodySnippet:', pageContent.bodySnippet);
+        console.error('[login-helper] ⚠️ Unclear state - assuming login required for safety');
+        return true;
     }
-    catch {
-        // Element check failed
+    catch (error) {
+        console.error(`[login-helper] Error during page content check: ${error}`);
+        // On error, assume login required for safety
+        return true;
     }
-    return false;
 }
 /**
  * Wait for user to complete login

package/build/src/main.js

@@ -3,6 +3,34 @@
  * Copyright 2025 Google LLC
  * SPDX-License-Identifier: Apache-2.0
  */
+// Mock browser globals for chrome-devtools-frontend (Node.js environment)
+// NOTE: chrome-devtools-frontend expects browser globals (location, self, localStorage)
+// These are only needed for trace-processing modules, not for core MCP functionality
+if (typeof globalThis.location === 'undefined') {
+    globalThis.location = {
+        search: '',
+        href: '',
+        protocol: 'file:',
+        host: '',
+        hostname: '',
+        port: '',
+        pathname: '',
+        hash: '',
+    };
+}
+if (typeof globalThis.self === 'undefined') {
+    globalThis.self = globalThis;
+}
+if (typeof globalThis.localStorage === 'undefined') {
+    globalThis.localStorage = {
+        getItem: () => null,
+        setItem: () => { },
+        removeItem: () => { },
+        clear: () => { },
+        key: () => null,
+        length: 0,
+    };
+}
 import assert from 'node:assert';
 import fs from 'node:fs';
 import path from 'node:path';
@@ -17,6 +45,8 @@ import { McpResponse } from './McpResponse.js';
 import { Mutex } from './Mutex.js';
 import { resolveRoots } from './roots-manager.js';
 import { runStartupCheck } from './startup-check.js';
+import { setProjectRoot } from './project-root-state.js';
+import { setupGraceful } from './graceful.js';
 import * as bookmarkTools from './tools/bookmarks.js';
 import * as chatgptWebTools from './tools/chatgpt-web.js';
 import * as deepResearchChatGPTTools from './tools/deep_research_chatgpt.js';
@@ -24,6 +54,7 @@ import * as consoleTools from './tools/console.js';
 import * as diagnoseUiTools from './tools/diagnose-ui.js';
 import * as emulationTools from './tools/emulation.js';
 import * as extensionTools from './tools/extensions.js';
+import * as geminiWebTools from './tools/gemini-web.js';
 import * as inputTools from './tools/input.js';
 import * as networkTools from './tools/network.js';
 import * as pagesTools from './tools/pages.js';
@@ -69,6 +100,17 @@ let context;
 let uiHealthCheckRun = false; // Track if UI health check has been run
 let cachedRootsInfo = null; // Cache roots info
 let initializationComplete = false; // Track if MCP initialization is complete
+// Setup graceful shutdown
+const graceful = setupGraceful({
+    getBrowser: () => context?.browser,
+    onBeforeExit: async () => {
+        logger('[graceful] Running pre-exit cleanup...');
+        // Close log file if exists
+        if (logFile) {
+            logFile.close();
+        }
+    },
+});
 async function getContext() {
     // Wait for initialization to complete before resolving roots
     if (!initializationComplete) {
@@ -86,6 +128,17 @@ async function getContext() {
             autoCwd: process.cwd(),
         });
     }
+    // Initialize project root for profile isolation
+    // Priority: CLI flag > MCP_PROJECT_ROOT env > Roots protocol > cwd
+    const rootFromRoots = cachedRootsInfo?.rootsUris?.[0]
+        ? cachedRootsInfo.rootsUris[0].replace('file://', '')
+        : undefined;
+    const projectRootToSet = args.projectRoot ||
+        process.env.MCP_PROJECT_ROOT ||
+        rootFromRoots ||
+        process.cwd();
+    setProjectRoot(projectRootToSet);
+    logger(`[project-root] Initialized: ${projectRootToSet}`);
     const browserOptions = {
         browserUrl: args.browserUrl,
         headless: args.headless,
@@ -102,6 +155,11 @@ async function getContext() {
         rootsInfo: cachedRootsInfo, // Pass roots info to browser
     };
     const browser = await resolveBrowser(browserOptions);
+    // Announce browser PID for graceful shutdown
+    const browserPid = browser.process()?.pid;
+    if (browserPid) {
+        await graceful.announceBrowserPid(browserPid);
+    }
     // Browser factory function for reconnection
     const browserFactory = async () => {
         logger('Reconnecting browser...');
@@ -188,6 +246,7 @@ const tools = [
     ...Object.values(bookmarkTools),
     ...Object.values(chatgptWebTools),
     ...Object.values(deepResearchChatGPTTools),
+    ...Object.values(geminiWebTools),
     ...Object.values(consoleTools),
     ...Object.values(diagnoseUiTools),
     ...Object.values(emulationTools),

package/build/src/profile-resolver.js

@@ -15,6 +15,7 @@ import path from 'node:path';
 import crypto from 'node:crypto';
 import { detectProjectName, detectProjectRoot } from './project-detector.js';
 import { detectClientType } from './client-detector.js';
+import { getProjectRoot } from './project-root-state.js';
 const CACHE_ROOT = path.join(os.homedir(), '.cache', 'chrome-devtools-mcp');
 // --- Public API ---
 export function resolveUserDataDir(opts) {
@@ -47,7 +48,25 @@ export function resolveUserDataDir(opts) {
         clientId = sanitize(detected);
         console.error(`[profiles] Auto-detected client from parent process: ${clientId}`);
     }
-    // 0) CI detection → ephemeral session directory (unless MCP_PERSIST_PROFILES)
+    // 0a) MCP_SHARED_PROFILE → shared profile across all projects
+    //     - Uses a single profile for all projects to avoid re-login
+    if (opts.env.MCP_SHARED_PROFILE === 'true') {
+        const key = 'shared';
+        const p = projectProfilePath(key, clientId, channel);
+        const result = {
+            path: p,
+            reason: 'MCP_USER_DATA_DIR', // Treat as explicit user choice
+            projectKey: key,
+            projectName: 'shared',
+            hash: '00000000',
+            clientId,
+            channel,
+        };
+        console.error(`[profiles] resolved(MCP_SHARED_PROFILE): ${result.path} (client=${clientId})`);
+        console.error(`[profiles] ℹ️  Using shared profile - login state persists across all projects`);
+        return result;
+    }
+    // 0b) CI detection → ephemeral session directory (unless MCP_PERSIST_PROFILES)
     //    - This happens before other priorities to keep CI clean by default.
     if (isCI(opts.env) && !opts.env.MCP_PERSIST_PROFILES) {
         const sessionId = `${process.pid}-${Date.now()}`;
@@ -122,9 +141,65 @@ export function resolveUserDataDir(opts) {
         console.error(`[profiles] resolved(MCP_PROJECT_ID): ${result.path} (projectId=${projectId}, client=${clientId})`);
         return result;
     }
-    // 4) AUTO: detect by root -> name -> hash
+    // 3.5) ENV: MCP_PROJECT_ROOT (MCP Roots protocol - actual project directory)
+    const projectRoot = opts.env.MCP_PROJECT_ROOT;
+    if (projectRoot) {
+        console.error(`[profiles] MCP_PROJECT_ROOT detected: "${projectRoot}"`);
+        try {
+            const name = detectProjectName(projectRoot);
+            console.error(`[profiles] MCP_PROJECT_ROOT name="${name}"`);
+            const realRoot = realpathSafe(projectRoot);
+            const hash = shortHash(realRoot);
+            const key = `${sanitize(name)}_${hash}`;
+            const p = projectProfilePath(key, clientId, channel);
+            const result = {
+                path: p,
+                reason: 'MCP_PROJECT_ROOT',
+                projectKey: key,
+                projectName: sanitize(name),
+                hash,
+                clientId,
+                channel,
+            };
+            console.error(`[profiles] resolved(MCP_PROJECT_ROOT): ${result.path} (root=${projectRoot}, name=${name}, hash=${hash}, client=${clientId})`);
+            return result;
+        }
+        catch (e) {
+            console.error(`[profiles] MCP_PROJECT_ROOT resolution failed: ${e}`);
+            // Fall through to AUTO detection
+        }
+    }
+    // 4) INITIALIZED_PROJECT_ROOT: Use globally initialized project root (highest priority for AUTO mode)
+    const initializedRoot = getProjectRoot();
+    if (initializedRoot) {
+        console.error(`[profiles] Using initialized project root: "${initializedRoot}"`);
+        try {
+            const name = detectProjectName(initializedRoot);
+            console.error(`[profiles] Initialized root name="${name}"`);
+            const realRoot = realpathSafe(initializedRoot);
+            const hash = shortHash(realRoot);
+            const key = `${sanitize(name)}_${hash}`;
+            const p = projectProfilePath(key, clientId, channel);
+            const result = {
+                path: p,
+                reason: 'AUTO',
+                projectKey: key,
+                projectName: sanitize(name),
+                hash,
+                clientId,
+                channel,
+            };
+            console.error(`[profiles] resolved(INITIALIZED_ROOT): ${result.path} (root=${initializedRoot}, name=${name}, hash=${hash}, client=${clientId})`);
+            return result;
+        }
+        catch (e) {
+            console.error(`[profiles] Initialized root resolution failed: ${e}`);
+            // Fall through to cwd-based AUTO detection
+        }
+    }
+    // 5) AUTO: detect by root -> name -> hash (fallback if no initialized root)
     try {
-        console.error(`[profiles] AUTO detection: cwd="${opts.cwd}"`);
+        console.error(`[profiles] AUTO detection (cwd fallback): cwd="${opts.cwd}"`);
         const root = detectProjectRoot(opts.cwd);
         console.error(`[profiles] AUTO detection: root="${root}"`);
         const name = detectProjectName(root);

package/build/src/project-root-state.js

@@ -0,0 +1,13 @@
+// src/project-root-state.ts
+// Global state for MCP project root (set during initialization)
+let projectRoot;
+export function setProjectRoot(path) {
+    projectRoot = path;
+    console.error(`[MCP] Project root initialized: ${path}`);
+}
+export function getProjectRoot() {
+    return projectRoot;
+}
+export function isProjectRootInitialized() {
+    return projectRoot !== undefined;
+}