claude-crap 0.3.7 → 0.4.0

package/plugin/bundle/mcp-server.mjs

@@ -2977,7 +2977,7 @@ var require_compile = __commonJS({
       const schOrFunc = root.refs[ref];
       if (schOrFunc)
         return schOrFunc;
-      let _sch = resolve6.call(this, root, ref);
+      let _sch = resolve8.call(this, root, ref);
       if (_sch === void 0) {
         const schema = (_a = root.localRefs) === null || _a === void 0 ? void 0 : _a[ref];
         const { schemaId } = this.opts;
@@ -3004,7 +3004,7 @@ var require_compile = __commonJS({
     function sameSchemaEnv(s1, s2) {
       return s1.schema === s2.schema && s1.root === s2.root && s1.baseId === s2.baseId;
     }
-    function resolve6(root, ref) {
+    function resolve8(root, ref) {
       let sch;
       while (typeof (sch = this.refs[ref]) == "string")
         ref = sch;
@@ -3579,55 +3579,55 @@ var require_fast_uri = __commonJS({
       }
       return uri;
     }
-    function resolve6(baseURI, relativeURI, options) {
+    function resolve8(baseURI, relativeURI, options) {
       const schemelessOptions = options ? Object.assign({ scheme: "null" }, options) : { scheme: "null" };
       const resolved = resolveComponent(parse(baseURI, schemelessOptions), parse(relativeURI, schemelessOptions), schemelessOptions, true);
       schemelessOptions.skipEscape = true;
       return serialize(resolved, schemelessOptions);
     }
-    function resolveComponent(base, relative3, options, skipNormalization) {
+    function resolveComponent(base, relative4, options, skipNormalization) {
       const target = {};
       if (!skipNormalization) {
         base = parse(serialize(base, options), options);
-        relative3 = parse(serialize(relative3, options), options);
+        relative4 = parse(serialize(relative4, options), options);
       }
       options = options || {};
-      if (!options.tolerant && relative3.scheme) {
-        target.scheme = relative3.scheme;
-        target.userinfo = relative3.userinfo;
-        target.host = relative3.host;
-        target.port = relative3.port;
-        target.path = removeDotSegments(relative3.path || "");
-        target.query = relative3.query;
+      if (!options.tolerant && relative4.scheme) {
+        target.scheme = relative4.scheme;
+        target.userinfo = relative4.userinfo;
+        target.host = relative4.host;
+        target.port = relative4.port;
+        target.path = removeDotSegments(relative4.path || "");
+        target.query = relative4.query;
       } else {
-        if (relative3.userinfo !== void 0 || relative3.host !== void 0 || relative3.port !== void 0) {
-          target.userinfo = relative3.userinfo;
-          target.host = relative3.host;
-          target.port = relative3.port;
-          target.path = removeDotSegments(relative3.path || "");
-          target.query = relative3.query;
+        if (relative4.userinfo !== void 0 || relative4.host !== void 0 || relative4.port !== void 0) {
+          target.userinfo = relative4.userinfo;
+          target.host = relative4.host;
+          target.port = relative4.port;
+          target.path = removeDotSegments(relative4.path || "");
+          target.query = relative4.query;
         } else {
-          if (!relative3.path) {
+          if (!relative4.path) {
             target.path = base.path;
-            if (relative3.query !== void 0) {
-              target.query = relative3.query;
+            if (relative4.query !== void 0) {
+              target.query = relative4.query;
             } else {
               target.query = base.query;
             }
           } else {
-            if (relative3.path[0] === "/") {
-              target.path = removeDotSegments(relative3.path);
+            if (relative4.path[0] === "/") {
+              target.path = removeDotSegments(relative4.path);
             } else {
               if ((base.userinfo !== void 0 || base.host !== void 0 || base.port !== void 0) && !base.path) {
-                target.path = "/" + relative3.path;
+                target.path = "/" + relative4.path;
               } else if (!base.path) {
-                target.path = relative3.path;
+                target.path = relative4.path;
               } else {
-                target.path = base.path.slice(0, base.path.lastIndexOf("/") + 1) + relative3.path;
+                target.path = base.path.slice(0, base.path.lastIndexOf("/") + 1) + relative4.path;
               }
               target.path = removeDotSegments(target.path);
             }
-            target.query = relative3.query;
+            target.query = relative4.query;
           }
           target.userinfo = base.userinfo;
           target.host = base.host;
@@ -3635,7 +3635,7 @@ var require_fast_uri = __commonJS({
         }
         target.scheme = base.scheme;
       }
-      target.fragment = relative3.fragment;
+      target.fragment = relative4.fragment;
       return target;
     }
     function equal(uriA, uriB, options) {
@@ -3806,7 +3806,7 @@ var require_fast_uri = __commonJS({
     var fastUri = {
       SCHEMES,
       normalize,
-      resolve: resolve6,
+      resolve: resolve8,
       resolveComponent,
       equal,
       serialize,
@@ -6853,6 +6853,145 @@ function buildSarifResult3(opts) {
   };
 }
 
+// src/adapters/dart-analyzer.ts
+function mapSeverity3(dartSeverity) {
+  switch (dartSeverity.toUpperCase()) {
+    case "ERROR":
+      return "error";
+    case "WARNING":
+      return "warning";
+    case "INFO":
+      return "note";
+    default:
+      return "warning";
+  }
+}
+var EFFORT_BY_SEVERITY = {
+  error: 30,
+  warning: 15,
+  note: 5,
+  none: 0
+};
+function adaptDartAnalyzer(rawOutput) {
+  let parsed;
+  if (typeof rawOutput === "string") {
+    try {
+      parsed = JSON.parse(rawOutput);
+    } catch {
+      throw new Error("[dart-analyzer adapter] rawOutput is not valid JSON");
+    }
+  } else if (rawOutput && typeof rawOutput === "object" && "diagnostics" in rawOutput) {
+    parsed = rawOutput;
+  } else {
+    throw new Error(
+      "[dart-analyzer adapter] rawOutput must be a JSON string or an object with a 'diagnostics' array"
+    );
+  }
+  if (!Array.isArray(parsed.diagnostics)) {
+    throw new Error("[dart-analyzer adapter] 'diagnostics' must be an array");
+  }
+  const results = [];
+  let totalEffortMinutes = 0;
+  for (const diag of parsed.diagnostics) {
+    const level = mapSeverity3(diag.severity);
+    const effort = EFFORT_BY_SEVERITY[level] ?? estimateEffortMinutes(level);
+    totalEffortMinutes += effort;
+    results.push({
+      ruleId: diag.code,
+      level,
+      message: {
+        text: diag.problemMessage + (diag.correctionMessage ? ` ${diag.correctionMessage}` : "")
+      },
+      locations: [
+        {
+          physicalLocation: {
+            artifactLocation: {
+              uri: diag.location.file
+            },
+            region: {
+              startLine: diag.location.range.start.line,
+              startColumn: diag.location.range.start.column,
+              endLine: diag.location.range.end.line,
+              endColumn: diag.location.range.end.column
+            }
+          }
+        }
+      ],
+      properties: {
+        effortMinutes: effort,
+        ...diag.documentation ? { helpUri: diag.documentation } : {}
+      }
+    });
+  }
+  return {
+    document: wrapResultsInSarif("dart_analyze", "1.0.0", results),
+    sourceTool: "dart_analyze",
+    findingCount: parsed.diagnostics.length,
+    totalEffortMinutes
+  };
+}
+
+// src/adapters/dotnet-format.ts
+function adaptDotnetFormat(rawOutput) {
+  let parsed;
+  if (typeof rawOutput === "string") {
+    try {
+      parsed = JSON.parse(rawOutput);
+    } catch {
+      throw new Error("[dotnet-format adapter] rawOutput is not valid JSON");
+    }
+  } else if (Array.isArray(rawOutput)) {
+    parsed = rawOutput;
+  } else {
+    throw new Error(
+      "[dotnet-format adapter] rawOutput must be a JSON string or an array of document entries"
+    );
+  }
+  if (!Array.isArray(parsed)) {
+    throw new Error("[dotnet-format adapter] parsed output must be an array");
+  }
+  const EFFORT_MINUTES = 5;
+  const results = [];
+  let findingCount = 0;
+  let totalEffortMinutes = 0;
+  for (const doc of parsed) {
+    if (!Array.isArray(doc.FileChanges)) continue;
+    for (const change of doc.FileChanges) {
+      findingCount++;
+      totalEffortMinutes += EFFORT_MINUTES;
+      results.push({
+        ruleId: change.DiagnosticId,
+        level: "warning",
+        message: {
+          text: change.FormatDescription
+        },
+        locations: [
+          {
+            physicalLocation: {
+              artifactLocation: {
+                uri: doc.FilePath
+              },
+              region: {
+                startLine: change.LineNumber,
+                startColumn: change.CharNumber
+              }
+            }
+          }
+        ],
+        properties: {
+          effortMinutes: EFFORT_MINUTES
+        }
+      });
+    }
+  }
+  return {
+    document: wrapResultsInSarif("dotnet_format", "1.0.0", results),
+    sourceTool: "dotnet_format",
+    findingCount,
+    totalEffortMinutes
+  };
+}
+
 // src/adapters/index.ts
 function adaptScannerOutput(scanner, rawOutput) {
   switch (scanner) {
@@ -6864,6 +7003,10 @@ function adaptScannerOutput(scanner, rawOutput) {
       return adaptBandit(rawOutput);
     case "stryker":
       return adaptStryker(rawOutput);
+    case "dart_analyze":
+      return adaptDartAnalyzer(rawOutput);
+    case "dotnet_format":
+      return adaptDotnetFormat(rawOutput);
     default: {
       const exhaustive = scanner;
       throw new Error(`[adapters] Unknown scanner: ${String(exhaustive)}`);
@@ -7250,6 +7393,100 @@ import { fileURLToPath as fileURLToPath2 } from "node:url";
 import Fastify from "fastify";
 import fastifyStatic from "@fastify/static";
 
+// src/shared/exclusions.ts
+import picomatch from "picomatch";
+var DEFAULT_SKIP_DIRS = /* @__PURE__ */ new Set([
+  // Package managers / vendored deps
+  "node_modules",
+  "vendor",
+  // Version control
+  ".git",
+  // Build outputs (general)
+  "dist",
+  "build",
+  "bundle",
+  "out",
+  "target",
+  "coverage",
+  // Framework build outputs
+  ".next",
+  // Next.js
+  ".nuxt",
+  // Nuxt 2
+  ".output",
+  // Nuxt 3
+  ".vercel",
+  // Vercel
+  ".svelte-kit",
+  // SvelteKit
+  ".astro",
+  // Astro
+  ".angular",
+  // Angular
+  ".turbo",
+  // Turborepo
+  ".parcel-cache",
+  // Parcel
+  ".expo",
+  // Expo / React Native
+  // Language-specific caches
+  ".venv",
+  "venv",
+  "__pycache__",
+  ".cache",
+  ".dart_tool",
+  // Dart / Flutter
+  ".gradle",
+  // Gradle
+  // IDE state
+  ".idea",
+  // Plugin state
+  ".claude-crap",
+  ".codesight"
+]);
+var DEFAULT_SKIP_PATTERNS = [
+  "*.min.js",
+  "*.min.css",
+  "*.min.mjs",
+  "*.min.cjs",
+  "*.bundle.js",
+  "*.chunk.js"
+];
+function createExclusionFilter(userExclusions) {
+  const extraDirs = /* @__PURE__ */ new Set();
+  const fileGlobs = [];
+  for (const pattern of userExclusions ?? []) {
+    if (pattern.endsWith("/")) {
+      extraDirs.add(pattern.slice(0, -1));
+    } else {
+      fileGlobs.push(pattern);
+    }
+  }
+  const defaultFileMatchers = DEFAULT_SKIP_PATTERNS.map(
+    (p) => picomatch(p, { dot: true })
+  );
+  const userFileMatchers = fileGlobs.map(
+    (p) => picomatch(p, { dot: true })
+  );
+  return {
+    shouldSkipDir(dirName) {
+      if (dirName.startsWith(".") && dirName !== ".claude-plugin") {
+        return DEFAULT_SKIP_DIRS.has(dirName) || true;
+      }
+      return DEFAULT_SKIP_DIRS.has(dirName) || extraDirs.has(dirName);
+    },
+    shouldSkipFile(relativePath, fileName) {
+      for (const matcher of defaultFileMatchers) {
+        if (matcher(fileName)) return true;
+      }
+      for (const matcher of userFileMatchers) {
+        if (matcher(relativePath) || matcher(fileName)) return true;
+      }
+      return false;
+    }
+  };
+}
+
 // src/metrics/tdr.ts
 var RATING_ORDER = ["A", "B", "C", "D", "E"];
 function ratingToRank(rating) {
@@ -7524,7 +7761,7 @@ async function startDashboard(options) {
     root: publicRoot,
     prefix: "/"
   });
-  fastify.get("/api/health", async () => ({ status: "ok", server: "claude-crap", version: "0.3.7" }));
+  fastify.get("/api/health", async () => ({ status: "ok", server: "claude-crap", version: "0.4.0" }));
   fastify.get("/api/score", async () => {
     const stats = await workspaceStatsProvider();
     const score = await buildScore(config, sarifStore, stats, urlOf(fastify, config));
@@ -7535,7 +7772,7 @@ async function startDashboard(options) {
     if (!options.astEngine) {
       return { threshold: config.cyclomaticMax, totalFunctions: 0, violationCount: 0, topFunctions: [] };
     }
-    return buildComplexityReport(config, options.astEngine, logger2);
+    return buildComplexityReport(config, options.astEngine, logger2, options.exclude);
   });
   fastify.get("/api/file-detail", async (request, reply) => {
     const { path: filePath } = request.query;
@@ -7681,24 +7918,9 @@ async function killStaleDashboard(pidFilePath, port, logger2) {
   removePidFile(pidFilePath);
   await new Promise((r) => setTimeout(r, 300));
 }
-var SKIP_DIRS = /* @__PURE__ */ new Set([
-  "node_modules",
-  ".git",
-  "dist",
-  "build",
-  "out",
-  "target",
-  ".venv",
-  "venv",
-  "__pycache__",
-  ".cache",
-  ".next",
-  ".nuxt",
-  ".claude-crap",
-  ".codesight"
-]);
-async function buildComplexityReport(config, engine, logger2) {
+async function buildComplexityReport(config, engine, logger2, exclude) {
   const threshold = config.cyclomaticMax;
+  const filter = createExclusionFilter(exclude);
   const allFunctions = [];
   let totalFunctions = 0;
   async function walk2(dir) {
@@ -7709,10 +7931,9 @@ async function buildComplexityReport(config, engine, logger2) {
       return;
     }
     for (const entry of entries) {
-      if (entry.name.startsWith(".") && entry.name !== ".claude-plugin") continue;
       const full = join2(dir, entry.name);
       if (entry.isDirectory()) {
-        if (SKIP_DIRS.has(entry.name)) continue;
+        if (filter.shouldSkipDir(entry.name)) continue;
         await walk2(full);
         continue;
       }
@@ -7791,23 +8012,7 @@ function computeCrap(input, threshold) {
 
 // src/metrics/workspace-walker.ts
 import { promises as fs4 } from "node:fs";
-import { join as join3 } from "node:path";
-var SKIP_DIRS2 = /* @__PURE__ */ new Set([
-  "node_modules",
-  ".git",
-  "dist",
-  "build",
-  "out",
-  "target",
-  ".venv",
-  "venv",
-  "__pycache__",
-  ".cache",
-  ".next",
-  ".nuxt",
-  ".claude-crap",
-  ".codesight"
-]);
+import { join as join3, relative } from "node:path";
 var CODE_EXTENSIONS = /* @__PURE__ */ new Set([
   ".ts",
   ".tsx",
@@ -7831,7 +8036,8 @@ var CODE_EXTENSIONS = /* @__PURE__ */ new Set([
   ".vue"
 ]);
 var MAX_FILES_WALKED = 2e4;
-async function estimateWorkspaceLoc(workspaceRoot) {
+async function estimateWorkspaceLoc(workspaceRoot, options) {
+  const filter = createExclusionFilter(options?.exclude);
   let physicalLoc = 0;
   let fileCount = 0;
   let truncated = false;
@@ -7845,10 +8051,9 @@ async function estimateWorkspaceLoc(workspaceRoot) {
     }
     for (const entry of entries) {
       if (truncated) return;
-      if (entry.name.startsWith(".") && entry.name !== ".claude-plugin") continue;
       const full = join3(dir, entry.name);
       if (entry.isDirectory()) {
-        if (SKIP_DIRS2.has(entry.name)) continue;
+        if (filter.shouldSkipDir(entry.name)) continue;
         await walk2(full);
         continue;
       }
@@ -7858,6 +8063,8 @@ async function estimateWorkspaceLoc(workspaceRoot) {
       if (dot < 0) continue;
       const ext = lower.substring(dot);
       if (!CODE_EXTENSIONS.has(ext)) continue;
+      const relPath = relative(workspaceRoot, full);
+      if (filter.shouldSkipFile(relPath, entry.name)) continue;
       fileCount += 1;
       if (fileCount > MAX_FILES_WALKED) {
         truncated = true;
@@ -8227,6 +8434,9 @@ var CrapConfigError = class extends Error {
   }
 };
 function loadCrapConfig(options) {
+  const fileResult = readFromFile(options.workspaceRoot);
+  const exclude = fileResult?.exclude ?? [];
+  const projectDirs = fileResult?.projectDirs ?? [];
   const envRaw = process.env["CLAUDE_CRAP_STRICTNESS"];
   if (typeof envRaw === "string" && envRaw.trim() !== "") {
     const normalized = envRaw.trim().toLowerCase();
@@ -8235,11 +8445,12 @@ function loadCrapConfig(options) {
         `[crap-config] CLAUDE_CRAP_STRICTNESS="${envRaw}" is not a valid strictness. Expected one of: ${STRICTNESS_VALUES.join(", ")}.`
       );
     }
-    return { strictness: normalized, strictnessSource: "env" };
+    return { strictness: normalized, strictnessSource: "env", exclude, projectDirs };
+  }
+  if (fileResult?.strictness) {
+    return { strictness: fileResult.strictness, strictnessSource: "file", exclude, projectDirs };
   }
-  const fromFile = readFromFile(options.workspaceRoot);
-  if (fromFile) return { strictness: fromFile, strictnessSource: "file" };
-  return { strictness: DEFAULT_STRICTNESS, strictnessSource: "default" };
+  return { strictness: DEFAULT_STRICTNESS, strictnessSource: "default", exclude, projectDirs };
 }
 function readFromFile(workspaceRoot) {
   const filePath = join5(workspaceRoot, ".claude-crap.json");
@@ -8267,20 +8478,57 @@ function readFromFile(workspaceRoot) {
     );
   }
   const doc = parsed;
-  if (!("strictness" in doc)) return null;
-  const value = doc["strictness"];
-  if (typeof value !== "string") {
-    throw new CrapConfigError(
-      `[crap-config] ${filePath}: 'strictness' must be a string, got ${typeof value}`
-    );
+  let strictness = null;
+  if ("strictness" in doc) {
+    const value = doc["strictness"];
+    if (typeof value !== "string") {
+      throw new CrapConfigError(
+        `[crap-config] ${filePath}: 'strictness' must be a string, got ${typeof value}`
+      );
+    }
+    const normalized = value.trim().toLowerCase();
+    if (!isStrictness(normalized)) {
+      throw new CrapConfigError(
+        `[crap-config] ${filePath}: 'strictness' is "${value}"; expected one of ${STRICTNESS_VALUES.join(", ")}.`
+      );
+    }
+    strictness = normalized;
   }
-  const normalized = value.trim().toLowerCase();
-  if (!isStrictness(normalized)) {
-    throw new CrapConfigError(
-      `[crap-config] ${filePath}: 'strictness' is "${value}"; expected one of ${STRICTNESS_VALUES.join(", ")}.`
-    );
+  let exclude = [];
+  if ("exclude" in doc) {
+    const raw2 = doc["exclude"];
+    if (!Array.isArray(raw2)) {
+      throw new CrapConfigError(
+        `[crap-config] ${filePath}: 'exclude' must be an array of strings`
+      );
+    }
+    for (const item of raw2) {
+      if (typeof item !== "string") {
+        throw new CrapConfigError(
+          `[crap-config] ${filePath}: every entry in 'exclude' must be a string, got ${typeof item}`
+        );
+      }
+    }
+    exclude = raw2;
   }
-  return normalized;
+  let projectDirs = [];
+  if ("projectDirs" in doc) {
+    const raw2 = doc["projectDirs"];
+    if (!Array.isArray(raw2)) {
+      throw new CrapConfigError(
+        `[crap-config] ${filePath}: 'projectDirs' must be an array of strings`
+      );
+    }
+    for (const item of raw2) {
+      if (typeof item !== "string") {
+        throw new CrapConfigError(
+          `[crap-config] ${filePath}: every entry in 'projectDirs' must be a string, got ${typeof item}`
+        );
+      }
+    }
+    projectDirs = raw2;
+  }
+  return { strictness, exclude, projectDirs };
 }
 function isStrictness(value) {
   return STRICTNESS_VALUES.includes(value);
@@ -8288,7 +8536,7 @@ function isStrictness(value) {
 
 // src/tools/test-harness.ts
 import { promises as fs6 } from "node:fs";
-import { basename, dirname as dirname4, extname, isAbsolute as isAbsolute3, join as join6, relative, resolve as resolve5, sep as sep2 } from "node:path";
+import { basename, dirname as dirname4, extname, isAbsolute as isAbsolute3, join as join6, relative as relative2, resolve as resolve5, sep as sep2 } from "node:path";
 var TEST_SUFFIX_PATTERN = /\.(test|spec)\./;
 function isTestFile(filePath) {
   const base = basename(filePath);
@@ -8303,7 +8551,7 @@ function candidatePaths(workspaceRoot, filePath) {
   const base = basename(absSource, ext);
   const dir = dirname4(absSource);
   const absWorkspace = resolve5(workspaceRoot);
-  const relFromRoot = relative(absWorkspace, absSource);
+  const relFromRoot = relative2(absWorkspace, absSource);
   const relDir = dirname4(relFromRoot);
   const candidates = /* @__PURE__ */ new Set();
   candidates.add(join6(dir, `${base}.test${ext}`));
@@ -8355,8 +8603,8 @@ import { existsSync as existsSync5 } from "node:fs";
 import { join as join11 } from "node:path";
 
 // src/scanner/detector.ts
-import { existsSync as existsSync2, readFileSync as readFileSync3 } from "node:fs";
-import { join as join7 } from "node:path";
+import { existsSync as existsSync2, readFileSync as readFileSync3, readdirSync } from "node:fs";
+import { join as join7, resolve as resolve6 } from "node:path";
 import { execFile } from "node:child_process";
 var SCANNER_SIGNALS = {
   eslint: {
@@ -8405,6 +8653,19 @@ var SCANNER_SIGNALS = {
     ],
     packageJsonKeys: ["@stryker-mutator/core"],
     binaryNames: ["stryker"]
+  },
+  dart_analyze: {
+    configFiles: [
+      "analysis_options.yaml",
+      "pubspec.yaml"
+    ],
+    packageJsonKeys: [],
+    binaryNames: ["dart"]
+  },
+  dotnet_format: {
+    configFiles: [],
+    packageJsonKeys: [],
+    binaryNames: ["dotnet"]
   }
 };
 function probeConfigFiles(workspaceRoot, scanner) {
@@ -8435,14 +8696,14 @@ function probePackageJson(workspaceRoot, scanner) {
   }
 }
 function probeBinary(binaryName) {
-  return new Promise((resolve6) => {
+  return new Promise((resolve8) => {
     execFile("which", [binaryName], { timeout: 5e3 }, (err) => {
-      resolve6(err === null);
+      resolve8(err === null);
     });
   });
 }
 async function detectScanners(workspaceRoot) {
-  const scanners = ["eslint", "semgrep", "bandit", "stryker"];
+  const scanners = ["eslint", "semgrep", "bandit", "stryker", "dart_analyze", "dotnet_format"];
   const results = await Promise.all(
     scanners.map(async (scanner) => {
       const configProbe = probeConfigFiles(workspaceRoot, scanner);
@@ -8455,10 +8716,13 @@ async function detectScanners(workspaceRoot) {
         };
       }
       if (probePackageJson(workspaceRoot, scanner)) {
+        const binName = SCANNER_SIGNALS[scanner].binaryNames[0];
+        const binPath = binName ? join7(workspaceRoot, "node_modules", ".bin", binName) : null;
+        const installed = binPath !== null && existsSync2(binPath);
         return {
           scanner,
-          available: true,
-          reason: `found in package.json dependencies`
+          available: installed,
+          reason: installed ? "found in package.json and installed" : `found in package.json but not installed (run \`npm install\`)`
         };
       }
       const signals = SCANNER_SIGNALS[scanner];
@@ -8480,6 +8744,58 @@ async function detectScanners(workspaceRoot) {
   );
   return results;
 }
+var MONOREPO_DIRS = ["apps", "packages", "libs", "modules", "services"];
+async function detectMonorepoScanners(workspaceRoot) {
+  const subdirs = /* @__PURE__ */ new Set();
+  try {
+    const pkgPath = join7(workspaceRoot, "package.json");
+    const raw = readFileSync3(pkgPath, "utf-8");
+    const pkg = JSON.parse(raw);
+    if (Array.isArray(pkg.workspaces)) {
+      for (const ws of pkg.workspaces) {
+        if (typeof ws === "string" && !ws.includes("*")) {
+          const full = resolve6(workspaceRoot, ws);
+          if (existsSync2(full)) subdirs.add(full);
+        }
+      }
+    }
+  } catch {
+  }
+  for (const dir of MONOREPO_DIRS) {
+    const full = join7(workspaceRoot, dir);
+    try {
+      const entries = readdirSync(full, { withFileTypes: true });
+      for (const entry of entries) {
+        if (entry.isDirectory() && !entry.name.startsWith(".")) {
+          subdirs.add(join7(full, entry.name));
+        }
+      }
+    } catch {
+    }
+  }
+  if (subdirs.size === 0) return [];
+  const detections = [];
+  const scanners = ["eslint", "semgrep", "bandit", "stryker", "dart_analyze", "dotnet_format"];
+  for (const subdir of subdirs) {
+    for (const scanner of scanners) {
+      const configProbe = probeConfigFiles(subdir, scanner);
+      if (!configProbe.found) continue;
+      if (scanner === "dart_analyze") {
+        const hasBinary = await probeBinary("dart");
+        if (!hasBinary) continue;
+      }
+      const relDir = subdir.replace(workspaceRoot + "/", "");
+      detections.push({
+        scanner,
+        available: true,
+        reason: `config file found in ${relDir}/`,
+        ...configProbe.path ? { configPath: configProbe.path } : {},
+        workingDir: subdir
+      });
+    }
+  }
+  return detections;
+}
 
 // src/scanner/runner.ts
 import { execFile as execFile2 } from "node:child_process";
@@ -8516,17 +8832,39 @@ function getScannerCommand(scanner, workspaceRoot) {
         nonZeroIsNormal: false,
         outputFile: join8(workspaceRoot, "reports", "mutation", "mutation.json")
       };
+    case "dart_analyze":
+      return {
+        command: "dart",
+        args: ["analyze", "--format=json", "."],
+        timeoutMs: 12e4,
+        nonZeroIsNormal: true
+        // exits 3 when findings exist
+      };
+    case "dotnet_format":
+      return {
+        command: "dotnet",
+        args: [
+          "format",
+          "--verify-no-changes",
+          "--report",
+          join8(workspaceRoot, ".claude-crap", "dotnet-report.json")
+        ],
+        timeoutMs: 12e4,
+        nonZeroIsNormal: true,
+        outputFile: join8(workspaceRoot, ".claude-crap", "dotnet-report.json")
+      };
   }
 }
-function runScanner(scanner, workspaceRoot) {
+function runScanner(scanner, workspaceRoot, options) {
   const start = Date.now();
-  const cmd = getScannerCommand(scanner, workspaceRoot);
-  return new Promise((resolve6) => {
+  const cwd = options?.workingDir ?? workspaceRoot;
+  const cmd = getScannerCommand(scanner, cwd);
+  return new Promise((resolve8) => {
     execFile2(
       cmd.command,
       cmd.args,
       {
-        cwd: workspaceRoot,
+        cwd,
         timeout: cmd.timeoutMs,
         maxBuffer: 50 * 1024 * 1024,
         // 50 MB — large codebases produce verbose output
@@ -8540,7 +8878,7 @@ function runScanner(scanner, workspaceRoot) {
           if (cmd.outputFile && existsSync3(cmd.outputFile)) {
             try {
               const fileOutput = readFileSync4(cmd.outputFile, "utf-8");
-              resolve6({
+              resolve8({
                 scanner,
                 success: true,
                 rawOutput: fileOutput,
@@ -8550,7 +8888,7 @@ function runScanner(scanner, workspaceRoot) {
             } catch {
             }
           }
-          resolve6({
+          resolve8({
             scanner,
             success: false,
             rawOutput: "",
@@ -8563,7 +8901,7 @@ function runScanner(scanner, workspaceRoot) {
           if (existsSync3(cmd.outputFile)) {
             try {
               const fileOutput = readFileSync4(cmd.outputFile, "utf-8");
-              resolve6({
+              resolve8({
                 scanner,
                 success: true,
                 rawOutput: fileOutput,
@@ -8571,7 +8909,7 @@ function runScanner(scanner, workspaceRoot) {
               });
               return;
             } catch (readErr) {
-              resolve6({
+              resolve8({
                 scanner,
                 success: false,
                 rawOutput: "",
@@ -8581,7 +8919,7 @@ function runScanner(scanner, workspaceRoot) {
               return;
             }
           }
-          resolve6({
+          resolve8({
             scanner,
             success: false,
             rawOutput: "",
@@ -8592,7 +8930,7 @@ function runScanner(scanner, workspaceRoot) {
         }
         const output = stdout.trim();
         if (!output) {
-          resolve6({
+          resolve8({
             scanner,
             success: true,
             rawOutput: "[]",
@@ -8601,7 +8939,7 @@ function runScanner(scanner, workspaceRoot) {
           });
           return;
         }
-        resolve6({
+        resolve8({
           scanner,
           success: true,
           rawOutput: output,
@@ -8613,7 +8951,7 @@ function runScanner(scanner, workspaceRoot) {
 }
 
 // src/scanner/bootstrap.ts
-import { existsSync as existsSync4, writeFileSync as writeFileSync2, readdirSync } from "node:fs";
+import { existsSync as existsSync4, writeFileSync as writeFileSync2, readdirSync as readdirSync2 } from "node:fs";
 import { join as join9 } from "node:path";
 import { execFile as execFile3 } from "node:child_process";
 function detectProjectType(workspaceRoot) {
@@ -8630,12 +8968,13 @@ function detectProjectType(workspaceRoot) {
   }
   if (has("Directory.Build.props")) return "csharp";
   try {
-    const entries = readdirSync(workspaceRoot);
+    const entries = readdirSync2(workspaceRoot);
     if (entries.some((e) => e.endsWith(".csproj") || e.endsWith(".sln"))) {
       return "csharp";
     }
   } catch {
   }
+  if (has("pubspec.yaml")) return "dart";
   return "unknown";
 }
 function generateEslintConfig(isTypeScript) {
@@ -8677,7 +9016,7 @@ export default [
 `;
 }
 function npmInstall(workspaceRoot, packages) {
-  return new Promise((resolve6) => {
+  return new Promise((resolve8) => {
     execFile3(
       "npm",
       ["install", "--save-dev", ...packages],
@@ -8688,14 +9027,14 @@ function npmInstall(workspaceRoot, packages) {
       },
       (err, stdout, stderr) => {
         if (err) {
-          resolve6({
+          resolve8({
             action: `npm install --save-dev ${packages.join(" ")}`,
             success: false,
             detail: stderr || err.message
           });
           return;
         }
-        resolve6({
+        resolve8({
           action: `npm install --save-dev ${packages.join(" ")}`,
           success: true,
           detail: `installed ${packages.join(", ")}`
@@ -8744,12 +9083,23 @@ function getRecommendation(projectType) {
         installInstructions: "pip install bandit  (or: pipx install bandit, poetry add --group dev bandit)"
       };
     case "java":
-    case "csharp":
       return {
         scanner: "semgrep",
         canAutoInstall: false,
         installInstructions: "brew install semgrep  (or: pip install semgrep, pipx install semgrep)"
       };
+    case "csharp":
+      return {
+        scanner: "dotnet_format",
+        canAutoInstall: false,
+        installInstructions: "Install the .NET SDK: https://dotnet.microsoft.com/download"
+      };
+    case "dart":
+      return {
+        scanner: "dart_analyze",
+        canAutoInstall: false,
+        installInstructions: "Install the Dart SDK: https://dart.dev/get-dart  (or Flutter SDK which includes Dart)"
+      };
     case "unknown":
       return {
         scanner: "semgrep",
@@ -8896,23 +9246,7 @@ function buildResult(projectType, steps, autoScanResult, recommendation) {
 
 // src/scanner/complexity-scanner.ts
 import { promises as fs7 } from "node:fs";
-import { join as join10, relative as relative2 } from "node:path";
-var SKIP_DIRS3 = /* @__PURE__ */ new Set([
-  "node_modules",
-  ".git",
-  "dist",
-  "build",
-  "out",
-  "target",
-  ".venv",
-  "venv",
-  "__pycache__",
-  ".cache",
-  ".next",
-  ".nuxt",
-  ".claude-crap",
-  ".codesight"
-]);
+import { join as join10, relative as relative3 } from "node:path";
 var MAX_FILES = 2e4;
 var RULE_ID = "complexity/cyclomatic-max";
 var SOURCE_TOOL = "complexity";
@@ -8920,7 +9254,8 @@ async function scanComplexity(workspaceRoot, engine, sarifStore, config, logger2
   const start = Date.now();
   const threshold = config.cyclomaticMax;
   const errorThreshold = threshold * 2;
-  const files = await collectSourceFiles(workspaceRoot);
+  const filter = createExclusionFilter(config.exclude);
+  const files = await collectSourceFiles(workspaceRoot, filter);
   logger2.info(
     { fileCount: files.length, threshold },
     "complexity-scanner: starting analysis"
@@ -8939,7 +9274,7 @@ async function scanComplexity(workspaceRoot, engine, sarifStore, config, logger2
       for (const fn of metrics.functions) {
         if (fn.cyclomaticComplexity <= threshold) continue;
         const level = fn.cyclomaticComplexity >= errorThreshold ? "error" : "warning";
-        const relPath = relative2(workspaceRoot, filePath);
+        const relPath = relative3(workspaceRoot, filePath);
         sarifResults.push({
           ruleId: RULE_ID,
           level,
@@ -8990,7 +9325,7 @@ async function scanComplexity(workspaceRoot, engine, sarifStore, config, logger2
   );
   return { filesScanned, functionsAnalyzed, violations, durationMs };
 }
-async function collectSourceFiles(workspaceRoot) {
+async function collectSourceFiles(workspaceRoot, filter) {
   const files = [];
   let truncated = false;
   async function walk2(dir) {
@@ -9003,15 +9338,16 @@ async function collectSourceFiles(workspaceRoot) {
     }
     for (const entry of entries) {
       if (truncated) return;
-      if (entry.name.startsWith(".") && entry.name !== ".claude-plugin") continue;
       const full = join10(dir, entry.name);
       if (entry.isDirectory()) {
-        if (SKIP_DIRS3.has(entry.name)) continue;
+        if (filter.shouldSkipDir(entry.name)) continue;
         await walk2(full);
         continue;
       }
       if (!entry.isFile()) continue;
       if (!detectLanguageFromPath(entry.name)) continue;
+      const relPath = relative3(workspaceRoot, full);
+      if (filter.shouldSkipFile(relPath, entry.name)) continue;
       files.push(full);
       if (files.length >= MAX_FILES) {
         truncated = true;
@@ -9038,10 +9374,18 @@ function ingestScannerRun(scanner, rawOutput, sarifStore) {
 async function autoScan(workspaceRoot, sarifStore, logger2, options) {
   const start = Date.now();
   const detected = await detectScanners(workspaceRoot);
+  const monorepoDetected = await detectMonorepoScanners(workspaceRoot);
+  const rootScannerSet = new Set(detected.filter((d) => d.available).map((d) => d.scanner));
+  for (const md of monorepoDetected) {
+    if (!rootScannerSet.has(md.scanner)) {
+      detected.push(md);
+    }
+  }
   const available = detected.filter((d) => d.available);
   logger2.info(
     {
       detected: detected.map((d) => `${d.scanner}:${d.available}`),
+      monorepo: monorepoDetected.length,
       available: available.length
     },
     "auto-scan: detection complete"
@@ -9096,7 +9440,7 @@ async function autoScan(workspaceRoot, sarifStore, logger2, options) {
     };
   }
   const runResults = await Promise.allSettled(
-    available.map((d) => runScanner(d.scanner, workspaceRoot))
+    available.map((d) => runScanner(d.scanner, workspaceRoot, d.workingDir ? { workingDir: d.workingDir } : void 0))
   );
   const results = [];
   let totalFindings = 0;
@@ -9177,7 +9521,7 @@ async function autoScan(workspaceRoot, sarifStore, logger2, options) {
         workspaceRoot,
         options.engine,
         sarifStore,
-        { cyclomaticMax: options.cyclomaticMax ?? 15 },
+        { cyclomaticMax: options.cyclomaticMax ?? 15, ...options.exclude ? { exclude: options.exclude } : {} },
         logger2
       );
       totalFindings += complexityScan.violations;
@@ -9197,6 +9541,192 @@ async function autoScan(workspaceRoot, sarifStore, logger2, options) {
   };
 }
 
+// src/monorepo/project-map.ts
+import { existsSync as existsSync6, readFileSync as readFileSync5, readdirSync as readdirSync3 } from "node:fs";
+import { promises as fs8 } from "node:fs";
+import { join as join12, basename as basename2, resolve as resolve7 } from "node:path";
+import { execFile as execFile4 } from "node:child_process";
+var MONOREPO_DIRS2 = ["apps", "packages", "libs", "modules", "services"];
+var SCANNER_FOR_TYPE = {
+  typescript: "eslint",
+  javascript: "eslint",
+  python: "bandit",
+  java: "semgrep",
+  csharp: "dotnet_format",
+  dart: "dart_analyze",
+  unknown: null
+};
+var BINARY_FOR_SCANNER = {
+  eslint: "eslint",
+  bandit: "bandit",
+  semgrep: "semgrep",
+  dart_analyze: "dart",
+  dotnet_format: "dotnet"
+};
+function probeBinary2(binaryName) {
+  return new Promise((resolve8) => {
+    execFile4("which", [binaryName], { timeout: 5e3 }, (err) => {
+      resolve8(err === null);
+    });
+  });
+}
+function detectProjectType2(dir) {
+  const has = (file) => existsSync6(join12(dir, file));
+  if (has("pubspec.yaml")) return "dart";
+  if (has("package.json")) {
+    if (has("tsconfig.json")) return "typescript";
+    return "javascript";
+  }
+  if (has("pyproject.toml") || has("setup.py") || has("requirements.txt")) {
+    return "python";
+  }
+  if (has("pom.xml") || has("build.gradle") || has("build.gradle.kts")) {
+    return "java";
+  }
+  if (has("Directory.Build.props")) return "csharp";
+  try {
+    const entries = readdirSync3(dir);
+    if (entries.some((e) => e.endsWith(".csproj") || e.endsWith(".sln"))) {
+      return "csharp";
+    }
+  } catch {
+  }
+  return "unknown";
+}
+function extractWorkspacePatterns(workspaces) {
+  if (Array.isArray(workspaces)) {
+    return workspaces.filter((v) => typeof v === "string");
+  }
+  if (workspaces !== null && typeof workspaces === "object" && "packages" in workspaces && Array.isArray(workspaces.packages)) {
+    return workspaces.packages.filter(
+      (v) => typeof v === "string"
+    );
+  }
+  return [];
+}
+function expandWorkspacePattern(workspaceRoot, pattern) {
+  if (pattern.endsWith("/*")) {
+    const parentDir = join12(workspaceRoot, pattern.slice(0, -2));
+    try {
+      const entries = readdirSync3(parentDir, { withFileTypes: true });
+      return entries.filter((e) => e.isDirectory() && !e.name.startsWith(".")).map((e) => join12(parentDir, e.name));
+    } catch {
+      return [];
+    }
+  }
+  const full = resolve7(workspaceRoot, pattern);
+  try {
+    const entries = readdirSync3(full, { withFileTypes: true });
+    void entries;
+    return [full];
+  } catch {
+    return [];
+  }
+}
+function collectSubdirectories(workspaceRoot, extraDirs) {
+  const subdirs = /* @__PURE__ */ new Set();
+  const pkgPath = join12(workspaceRoot, "package.json");
+  if (existsSync6(pkgPath)) {
+    try {
+      const raw = readFileSync5(pkgPath, "utf-8");
+      const pkg = JSON.parse(raw);
+      const patterns = extractWorkspacePatterns(pkg["workspaces"]);
+      for (const pattern of patterns) {
+        for (const absPath of expandWorkspacePattern(workspaceRoot, pattern)) {
+          subdirs.add(absPath);
+        }
+      }
+    } catch {
+    }
+  }
+  if (extraDirs && extraDirs.length > 0) {
+    for (const dir of extraDirs) {
+      const absDir = resolve7(workspaceRoot, dir);
+      if (!existsSync6(absDir)) continue;
+      const hasMarker = PROJECT_MARKERS.some((m) => existsSync6(join12(absDir, m)));
+      if (hasMarker) {
+        subdirs.add(absDir);
+        continue;
+      }
+      try {
+        const entries = readdirSync3(absDir, { withFileTypes: true });
+        for (const entry of entries) {
+          if (entry.isDirectory() && !entry.name.startsWith(".")) {
+            subdirs.add(join12(absDir, entry.name));
+          }
+        }
+      } catch {
+      }
+    }
+  }
+  const configuredDirNames = new Set(extraDirs?.map((d) => d.split("/")[0]) ?? []);
+  for (const dir of MONOREPO_DIRS2) {
+    if (configuredDirNames.has(dir)) continue;
+    const parentDir = join12(workspaceRoot, dir);
+    try {
+      const entries = readdirSync3(parentDir, { withFileTypes: true });
+      for (const entry of entries) {
+        if (entry.isDirectory() && !entry.name.startsWith(".")) {
+          subdirs.add(join12(parentDir, entry.name));
+        }
+      }
+    } catch {
+    }
+  }
+  return subdirs;
+}
+var PROJECT_MARKERS = [
+  "package.json",
+  "pubspec.yaml",
+  "pyproject.toml",
+  "setup.py",
+  "pom.xml",
+  "build.gradle",
+  "build.gradle.kts",
+  "Directory.Build.props"
+];
+async function discoverProjectMap(workspaceRoot, options) {
+  const subdirs = collectSubdirectories(workspaceRoot, options?.projectDirs);
+  const binaryCache = /* @__PURE__ */ new Map();
+  const probeScanner = (scanner) => {
+    const binaryName = BINARY_FOR_SCANNER[scanner];
+    if (binaryName === void 0) return Promise.resolve(false);
+    const cached = binaryCache.get(scanner);
+    if (cached !== void 0) return cached;
+    const probe = probeBinary2(binaryName);
+    binaryCache.set(scanner, probe);
+    return probe;
+  };
+  const projectEntries = await Promise.all(
+    [...subdirs].map(async (absPath) => {
+      const relPath = absPath.replace(workspaceRoot + "/", "");
+      const type = detectProjectType2(absPath);
+      const scanner = SCANNER_FOR_TYPE[type];
+      const scannerAvailable = scanner !== null ? await probeScanner(scanner) : false;
+      return {
+        name: basename2(absPath),
+        path: relPath,
+        type,
+        scanner,
+        scannerAvailable
+      };
+    })
+  );
+  projectEntries.sort((a, b) => a.path.localeCompare(b.path));
+  return {
+    generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    workspaceRoot,
+    isMonorepo: projectEntries.length > 0,
+    projects: projectEntries
+  };
+}
+async function persistProjectMap(map, workspaceRoot) {
+  const dir = join12(workspaceRoot, ".claude-crap");
+  await fs8.mkdir(dir, { recursive: true });
+  const filePath = join12(dir, "projects.json");
+  await fs8.writeFile(filePath, JSON.stringify(map, null, 2) + "\n", "utf-8");
+}
+
 // src/schemas/tool-schemas.ts
 var computeCrapSchema = {
   type: "object",
@@ -9287,11 +9817,22 @@ var scoreProjectSchema = {
       type: "string",
       enum: ["markdown", "json", "both"],
       description: "Output format. `markdown` returns only the chat summary, `json` returns only the structured snapshot, `both` (default) returns both as separate content blocks."
+    },
+    scope: {
+      type: "string",
+      description: "Optional project name from the project map. When provided, the score is computed only for files within that project's subtree. Omit to score the entire workspace."
     }
   },
   required: [],
   additionalProperties: false
 };
+var listProjectsSchema = {
+  type: "object",
+  description: "List all discovered sub-projects in the workspace. In a monorepo, returns each sub-project with its type, path, and recommended scanner. In a single-project workspace, returns an empty list.",
+  properties: {},
+  required: [],
+  additionalProperties: false
+};
 var requireTestHarnessSchema = {
   type: "object",
   description: "Check whether a production source file has a matching test file. Returns the first existing test path, or the full list of paths the resolver probed when none exists. Use this BEFORE writing any functional code \u2014 the CLAUDE.md Golden Rule requires a test harness to exist first.",
@@ -9313,7 +9854,7 @@ var ingestScannerOutputSchema = {
   properties: {
     scanner: {
       type: "string",
-      enum: ["semgrep", "eslint", "bandit", "stryker"],
+      enum: ["semgrep", "eslint", "bandit", "stryker", "dart_analyze", "dotnet_format"],
       description: "Identifier of the producing scanner."
     },
     rawOutput: {
@@ -9373,6 +9914,20 @@ async function main() {
     { config: { ...config, pluginRoot: "<redacted>" } },
     "claude-crap MCP server starting"
   );
+  let userExclusions = [];
+  let userProjectDirs = [];
+  try {
+    const crapConfig = loadCrapConfig({ workspaceRoot: config.pluginRoot });
+    userExclusions = crapConfig.exclude;
+    userProjectDirs = crapConfig.projectDirs;
+    if (userExclusions.length > 0) {
+      logger.info({ exclude: userExclusions }, "user exclusions loaded from .claude-crap.json");
+    }
+    if (userProjectDirs.length > 0) {
+      logger.info({ projectDirs: userProjectDirs }, "user projectDirs loaded from .claude-crap.json");
+    }
+  } catch {
+  }
   const astEngine = new TreeSitterEngine();
   const sarifStore = new SarifStore({
     workspaceRoot: config.pluginRoot,
@@ -9383,14 +9938,41 @@ async function main() {
     { findings: sarifStore.size(), path: sarifStore.consolidatedReportPath },
     "SARIF store ready"
   );
+  let projectMap = null;
+  try {
+    projectMap = await discoverProjectMap(config.pluginRoot, { projectDirs: userProjectDirs });
+    if (projectMap.isMonorepo) {
+      logger.info(
+        { projects: projectMap.projects.map((p) => `${p.name}(${p.type})`), count: projectMap.projects.length },
+        "monorepo project map discovered"
+      );
+      await persistProjectMap(projectMap, config.pluginRoot);
+      const needsEslint = projectMap.projects.some(
+        (p) => (p.type === "typescript" || p.type === "javascript") && !p.scannerAvailable
+      );
+      if (needsEslint) {
+        logger.info("monorepo: JS/TS projects detected but ESLint not installed \u2014 bootstrapping");
+        try {
+          await bootstrapScanner(config.pluginRoot, sarifStore, logger);
+          projectMap = await discoverProjectMap(config.pluginRoot, { projectDirs: userProjectDirs });
+          await persistProjectMap(projectMap, config.pluginRoot);
+        } catch (err) {
+          logger.warn({ err: err.message }, "monorepo ESLint bootstrap failed");
+        }
+      }
+    }
+  } catch (err) {
+    logger.warn({ err: err.message }, "project map discovery failed");
+  }
   let dashboard = null;
   try {
     dashboard = await startDashboard({
       config,
       sarifStore,
-      workspaceStatsProvider: () => estimateWorkspaceLoc(config.pluginRoot),
+      workspaceStatsProvider: () => estimateWorkspaceLoc(config.pluginRoot, { exclude: userExclusions }),
       logger,
-      astEngine
+      astEngine,
+      exclude: userExclusions
     });
   } catch (err) {
     logger.warn(
@@ -9468,12 +10050,20 @@ async function main() {
         name: "bootstrap_scanner",
         description: "Detect project type, install the right scanner (ESLint for JS/TS, Bandit for Python, Semgrep for Java/C#), create minimal config, and run auto_scan to verify.",
         inputSchema: bootstrapScannerSchema
+      },
+      {
+        name: "list_projects",
+        description: "List all discovered sub-projects in the workspace. In a monorepo, returns each sub-project with its type, path, and recommended scanner.",
+        inputSchema: listProjectsSchema
       }
     ]
   }));
   server.setRequestHandler(CallToolRequestSchema, async (request) => {
     const { name, arguments: args } = request.params;
     logger.info({ tool: name }, "Tool call received");
+    return handleToolCall(name, args);
+  });
+  async function handleToolCall(name, args) {
     switch (name) {
       case "compute_crap": {
         const typed = args;
@@ -9559,10 +10149,18 @@ async function main() {
       case "score_project": {
         const typed = args ?? {};
         const format = typed.format ?? "both";
+        let scoreRoot = config.pluginRoot;
+        if (typed.scope && projectMap) {
+          const project = projectMap.projects.find((p) => p.name === typed.scope);
+          if (project) {
+            const { join: join13 } = await import("node:path");
+            scoreRoot = join13(config.pluginRoot, project.path);
+          }
+        }
         try {
-          const workspace = await estimateWorkspaceLoc(config.pluginRoot);
+          const workspace = await estimateWorkspaceLoc(scoreRoot, { exclude: userExclusions });
           const score = computeProjectScore({
-            workspaceRoot: config.pluginRoot,
+            workspaceRoot: scoreRoot,
             minutesPerLoc: config.minutesPerLoc,
             tdrMaxRating: config.tdrMaxRating,
             workspace: { physicalLoc: workspace.physicalLoc, fileCount: workspace.fileCount },
@@ -9783,7 +10381,8 @@ async function main() {
         try {
           const result = await autoScan(config.pluginRoot, sarifStore, logger, {
             engine: astEngine,
-            cyclomaticMax: config.cyclomaticMax
+            cyclomaticMax: config.cyclomaticMax,
+            exclude: userExclusions
           });
           const markdown = renderAutoScanMarkdown(result);
           return {
@@ -9809,10 +10408,28 @@ async function main() {
           };
         }
       }
+      case "list_projects": {
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(
+                {
+                  tool: "list_projects",
+                  isMonorepo: projectMap?.isMonorepo ?? false,
+                  projects: projectMap?.projects ?? []
+                },
+                null,
+                2
+              )
+            }
+          ]
+        };
+      }
       default:
         throw new Error(`[claude-crap] Unknown tool: ${name}`);
     }
-  });
+  }
   server.setRequestHandler(ListResourcesRequestSchema, async () => ({
     resources: [
       {
@@ -9862,7 +10479,8 @@ async function main() {
   logger.info("claude-crap MCP server ready (stdio)");
   autoScan(config.pluginRoot, sarifStore, logger, {
     engine: astEngine,
-    cyclomaticMax: config.cyclomaticMax
+    cyclomaticMax: config.cyclomaticMax,
+    exclude: userExclusions
   }).then((result) => {
     const scanners = result.results.filter((r) => r.success).map((r) => r.scanner);
     logger.info(