echopai 2.3.0 → 2.5.0

package/dist/tools/completion.js

@@ -1,116 +0,0 @@
-/**
- * `echopai completion <bash|zsh|fish>` 输出 shell completion 脚本。
- *
- * 不依赖 tabtab，自己生成（30 行 bash / 20 行 zsh / 15 行 fish）。
- * 用 `echopai schema list` 实时拿命令列表。
- *
- *   bash:  echopai completion bash > ~/.local/share/bash-completion/completions/echopai
- *   zsh:   echopai completion zsh  > ~/.zsh/completions/_echopai  (需要 fpath 含此目录)
- *   fish:  echopai completion fish > ~/.config/fish/completions/echopai.fish
- */
-import { Command } from "commander";
-import { listOperations } from "../_generated/operations.js";
-export function buildCompletionCommand() {
-    return new Command("completion")
-        .argument("<shell>", "bash | zsh | fish")
-        .description("Print shell completion script for echopai")
-        .action((shell) => {
-        const ops = listOperations();
-        // groups: map noun → set of verbs
-        const tree = new Map();
-        for (const op of ops) {
-            const parts = op.cliName.split(" ");
-            const noun = parts[0];
-            const verb = parts[1] || "";
-            if (!tree.has(noun))
-                tree.set(noun, new Set());
-            if (verb)
-                tree.get(noun).add(verb);
-        }
-        const nouns = [...tree.keys()].sort();
-        // hand-curated tools
-        const tools = ["login", "logout", "status", "config", "api", "schema", "completion"];
-        const allCmds = [...nouns, ...tools].sort();
-        let out = "";
-        if (shell === "bash") {
-            out = bashCompletion(allCmds, tree);
-        }
-        else if (shell === "zsh") {
-            out = zshCompletion(allCmds, tree);
-        }
-        else if (shell === "fish") {
-            out = fishCompletion(allCmds, tree);
-        }
-        else {
-            process.stderr.write(JSON.stringify({ error: { code: "invalid_args", message: `Unsupported shell '${shell}'`, recovery_hint: "Use bash | zsh | fish." } }) + "\n");
-            process.exit(1);
-        }
-        process.stdout.write(out);
-        process.exit(0);
-    });
-}
-function bashCompletion(cmds, tree) {
-    const subcaseLines = [...tree.entries()]
-        .map(([noun, verbs]) => `        ${noun}) COMPREPLY=( $(compgen -W "${[...verbs].sort().join(" ")}" -- "$cur") );;`)
-        .join("\n");
-    return `# echopai bash completion
-_echopai() {
-    local cur prev
-    cur="\${COMP_WORDS[COMP_CWORD]}"
-    prev="\${COMP_WORDS[COMP_CWORD-1]}"
-    if [ "$COMP_CWORD" = "1" ]; then
-        COMPREPLY=( $(compgen -W "${cmds.join(" ")}" -- "$cur") )
-        return
-    fi
-    case "\${COMP_WORDS[1]}" in
-${subcaseLines}
-        config) COMPREPLY=( $(compgen -W "show set profile" -- "$cur") );;
-        schema) COMPREPLY=( $(compgen -W "list get export" -- "$cur") );;
-    esac
-}
-complete -F _echopai echopai
-`;
-}
-function zshCompletion(cmds, tree) {
-    const subcases = [...tree.entries()]
-        .map(([noun, verbs]) => `      "${noun}") _values "${noun} verb" ${[...verbs].sort().map((v) => `"${v}"`).join(" ")} ;;`)
-        .join("\n");
-    return `#compdef echopai
-_echopai() {
-  local -a cmds
-  cmds=(${cmds.map((c) => `"${c}"`).join(" ")})
-  if (( CURRENT == 2 )); then
-    _values "echopai command" $cmds
-    return
-  fi
-  case "$words[2]" in
-${subcases}
-    config) _values "config sub" "show" "set" "profile" ;;
-    schema) _values "schema sub" "list" "get" "export" ;;
-  esac
-}
-_echopai "$@"
-`;
-}
-function fishCompletion(cmds, tree) {
-    const lines = [`# echopai fish completion`];
-    lines.push(`complete -c echopai -f`);
-    for (const c of cmds) {
-        lines.push(`complete -c echopai -n '__fish_use_subcommand' -a "${c}"`);
-    }
-    for (const [noun, verbs] of tree.entries()) {
-        for (const verb of [...verbs].sort()) {
-            lines.push(`complete -c echopai -n "__fish_seen_subcommand_from ${noun}" -a "${verb}"`);
-        }
-    }
-    // hand-curated
-    for (const [parent, sub] of [
-        ["config", ["show", "set", "profile"]],
-        ["schema", ["list", "get", "export"]],
-    ]) {
-        for (const v of sub) {
-            lines.push(`complete -c echopai -n "__fish_seen_subcommand_from ${parent}" -a "${v}"`);
-        }
-    }
-    return lines.join("\n") + "\n";
-}

package/dist/tools/config.js

@@ -1,123 +0,0 @@
-/**
- * `echopai config [...]`
- *
- *   echopai config show                         显示完整 config
- *   echopai config set default_profile <name>   切默认 profile
- *
- *   echopai config profile add <name> --key <eps> [--base-url <url>]
- *   echopai config profile rm  <name>
- *   echopai config profile list
- *   echopai config profile switch <name>        ≡ set default_profile
- *
- * 配置文件 ~/.config/echopai/config.toml（XDG）。文件 mode 0600。
- */
-import { Command } from "commander";
-import { configPath, readConfigFile, writeConfigFile, } from "../runtime/auth.js";
-export function buildConfigCommand() {
-    const cmd = new Command("config").description("Manage CLI config (~/.config/echopai/config.toml)");
-    cmd
-        .command("show")
-        .description("Print current config (key 字段会脱敏成 eps_live_***_***)")
-        .action(() => {
-        const cfg = readConfigFile();
-        const masked = JSON.parse(JSON.stringify(cfg));
-        if (masked.profiles) {
-            for (const p of Object.values(masked.profiles)) {
-                if (p && typeof p === "object" && typeof p.key === "string") {
-                    p.key = redactKey(p.key);
-                }
-            }
-        }
-        process.stdout.write(JSON.stringify({ data: masked, meta: { path: configPath() } }, null, 2) + "\n");
-        process.exit(0);
-    });
-    cmd
-        .command("set <key> <value>")
-        .description("Set a top-level config key (currently only 'default_profile' is recognized)")
-        .action((key, value) => {
-        const cfg = readConfigFile();
-        if (key === "default_profile") {
-            cfg.default_profile = value;
-            writeConfigFile(cfg);
-            process.stdout.write(JSON.stringify({ data: { ok: true }, meta: { path: configPath() } }) + "\n");
-            process.exit(0);
-        }
-        writeError("invalid_args", `Unknown top-level config key '${key}'`, "Use one of: default_profile", 1);
-    });
-    const profile = cmd.command("profile").description("Manage credential profiles");
-    profile
-        .command("add <name>")
-        .description("Add or overwrite a profile")
-        .requiredOption("--key <eps_live_X_Y>", "Bearer credential")
-        .option("--base-url <url>", "API base URL", "https://api.echopai.com")
-        .action((name, opts) => {
-        const cfg = readConfigFile();
-        cfg.profiles = cfg.profiles ?? {};
-        cfg.profiles[name] = { key: opts.key, base_url: opts.baseUrl };
-        if (!cfg.default_profile)
-            cfg.default_profile = name;
-        writeConfigFile(cfg);
-        process.stdout.write(JSON.stringify({ data: { ok: true, name, default: cfg.default_profile === name }, meta: { path: configPath() } }) + "\n");
-        process.exit(0);
-    });
-    profile
-        .command("rm <name>")
-        .description("Remove a profile")
-        .action((name) => {
-        const cfg = readConfigFile();
-        if (!cfg.profiles?.[name]) {
-            writeError("profile_not_found", `Profile '${name}' not in config.`, undefined, 1);
-        }
-        delete cfg.profiles[name];
-        if (cfg.default_profile === name)
-            cfg.default_profile = undefined;
-        writeConfigFile(cfg);
-        process.stdout.write(JSON.stringify({ data: { ok: true, removed: name }, meta: { path: configPath() } }) + "\n");
-        process.exit(0);
-    });
-    profile
-        .command("list")
-        .description("List all profiles (keys redacted)")
-        .action(() => {
-        const cfg = readConfigFile();
-        const items = Object.entries(cfg.profiles ?? {}).map(([name, p]) => ({
-            name,
-            is_default: cfg.default_profile === name,
-            base_url: p?.base_url ?? "https://api.echopai.com",
-            key_redacted: p?.key ? redactKey(p.key) : null,
-        }));
-        process.stdout.write(JSON.stringify({ data: items, meta: { path: configPath() } }) + "\n");
-        process.exit(0);
-    });
-    profile
-        .command("switch <name>")
-        .description("Set default_profile")
-        .action((name) => {
-        const cfg = readConfigFile();
-        if (!cfg.profiles?.[name]) {
-            writeError("profile_not_found", `Profile '${name}' not in config.`, "Run `echopai config profile list` to see available.", 1);
-        }
-        cfg.default_profile = name;
-        writeConfigFile(cfg);
-        process.stdout.write(JSON.stringify({ data: { ok: true, default_profile: name } }) + "\n");
-        process.exit(0);
-    });
-    return cmd;
-}
-export function redactKey(key) {
-    // eps_live_<lookup>_<secret> → eps_live_<lookup>_*** (last 4 chars)
-    if (!key.startsWith("eps_live_"))
-        return "eps_***";
-    const parts = key.split("_");
-    if (parts.length < 4)
-        return "eps_live_***";
-    const last = parts.slice(3).join("_");
-    return `eps_live_${parts[2]}_***${last.slice(-4)}`;
-}
-function writeError(code, message, recovery_hint, exitCode) {
-    const env = { error: { code, message } };
-    if (recovery_hint)
-        env.error.recovery_hint = recovery_hint;
-    process.stderr.write(JSON.stringify(env) + "\n");
-    process.exit(exitCode);
-}

package/dist/tools/doctor.js

@@ -1,183 +0,0 @@
-/**
- * `echopai doctor`
- *
- * 跑一组健康检查，每条 ok | warn | fail。所有 ok → exit 0；存在 fail → exit 1。
- *
- * 当前覆盖（Phase 2.4 起步集）：
- *   credential       本地 token / profile 能解析
- *   whoami           /v1/auth/whoami 可达且 200
- *   operations       token 至少能调到一条 operation
- *   api_version      CLI 期望 api_version 与 server 报告兼容
- *
- * 未来扩展：clock_skew (Date header) / ws_news (1-frame 探测) / scope_coverage
- * (verb tier 满足度)。
- */
-import { Command, Option } from "commander";
-import { listOperations } from "../_generated/operations.js";
-import { resolveCredentials, AuthMissingError } from "../runtime/auth.js";
-import { CallApiError } from "../runtime/errors.js";
-import { isTtyHuman, cyan, dim, green, red, yellow } from "../runtime/tty.js";
-import { clearWhoamiCache, getWhoami } from "../runtime/whoami_cache.js";
-import { deriveOperationAvailability } from "./whoami.js";
-import { CLI_VERSION } from "../version.js";
-const EXPECTED_API_VERSION = "2026-05"; // bump when CLI hard-depends on server change
-export async function runDoctor(ctx) {
-    const checks = [];
-    const resolveFn = ctx.resolveCredentialsImpl ?? resolveCredentials;
-    const whoamiFn = ctx.getWhoamiImpl ?? getWhoami;
-    // 1. credential resolution
-    let creds = null;
-    try {
-        creds = resolveFn({});
-        checks.push({ name: "credential", status: "ok" });
-    }
-    catch (e) {
-        if (e instanceof AuthMissingError) {
-            checks.push({
-                name: "credential",
-                status: "fail",
-                message: e.message,
-                recovery_hint: e.recovery_hint ?? "Run `echopai login` or set `ECHOPAI_KEY`.",
-            });
-        }
-        else {
-            checks.push({
-                name: "credential",
-                status: "fail",
-                message: e instanceof Error ? e.message : String(e),
-            });
-        }
-    }
-    if (!creds) {
-        // Subsequent checks all require a credential.
-        for (const name of ["whoami", "operations", "api_version"]) {
-            checks.push({
-                name,
-                status: "fail",
-                message: "skipped: credential unavailable",
-            });
-        }
-        return { ok: false, cli_version: ctx.cliVersion, checks };
-    }
-    // 2. whoami reachable
-    let whoami;
-    try {
-        whoami = await whoamiFn({ baseUrl: creds.baseUrl, bearer: creds.key, cliVersion: ctx.cliVersion }, { force: true });
-        checks.push({
-            name: "whoami",
-            status: "ok",
-            info: {
-                kind: whoami.kind,
-                scope_count: whoami.scopes.length,
-                ...(whoami.app_slug ? { app_slug: whoami.app_slug } : {}),
-            },
-        });
-    }
-    catch (e) {
-        const code = e instanceof CallApiError ? e.code : "internal_error";
-        const msg = e instanceof Error ? e.message : String(e);
-        const hint = e instanceof CallApiError ? e.recovery_hint : undefined;
-        checks.push({
-            name: "whoami",
-            status: "fail",
-            message: `${code}: ${msg}`,
-            ...(hint ? { recovery_hint: hint } : {}),
-        });
-        // Without whoami, downstream checks are meaningless.
-        for (const name of ["operations", "api_version"]) {
-            checks.push({
-                name,
-                status: "fail",
-                message: "skipped: whoami failed",
-            });
-        }
-        return { ok: false, cli_version: ctx.cliVersion, checks };
-    }
-    // 3. operations: at least one usable op
-    const { available, unavailable } = deriveOperationAvailability(new Set(whoami.scopes), listOperations());
-    if (available.length === 0) {
-        checks.push({
-            name: "operations",
-            status: "fail",
-            message: `Token scopes ${JSON.stringify(whoami.scopes)} grant access to 0 operations.`,
-            recovery_hint: "Request additional scopes (e.g. news:read / quote:l1) from your app admin.",
-            info: { available: 0, unavailable: unavailable.length },
-        });
-    }
-    else {
-        checks.push({
-            name: "operations",
-            status: "ok",
-            info: { available: available.length, unavailable: unavailable.length },
-        });
-    }
-    // 4. api_version compatibility
-    const serverVersion = whoami.api_version;
-    if (!serverVersion) {
-        checks.push({
-            name: "api_version",
-            status: "warn",
-            message: "Server did not report api_version (older deployment).",
-        });
-    }
-    else if (serverVersion !== EXPECTED_API_VERSION) {
-        checks.push({
-            name: "api_version",
-            status: "warn",
-            message: `CLI expects ${EXPECTED_API_VERSION}, server reports ${serverVersion}.`,
-            recovery_hint: "Usually safe (additive changes). Upgrade CLI if you hit unexpected errors.",
-            info: { cli_expected: EXPECTED_API_VERSION, server: serverVersion },
-        });
-    }
-    else {
-        checks.push({
-            name: "api_version",
-            status: "ok",
-            info: { version: serverVersion },
-        });
-    }
-    const ok = checks.every((c) => c.status !== "fail");
-    return { ok, cli_version: ctx.cliVersion, checks };
-}
-export function renderDoctorReport(report) {
-    if (!isTtyHuman)
-        return JSON.stringify({ data: report }) + "\n";
-    const lines = [];
-    lines.push(`${cyan("echopai doctor")} ${dim("cli " + report.cli_version)}`);
-    lines.push("");
-    for (const c of report.checks) {
-        const icon = c.status === "ok" ? green("✓") : c.status === "warn" ? yellow("!") : red("✗");
-        const head = `  ${icon} ${c.name}`;
-        if (c.message) {
-            lines.push(`${head}  ${dim("—")} ${c.message}`);
-        }
-        else if (c.info) {
-            lines.push(`${head}  ${dim(JSON.stringify(c.info))}`);
-        }
-        else {
-            lines.push(head);
-        }
-        if (c.recovery_hint)
-            lines.push(`     ${cyan("hint:")} ${c.recovery_hint}`);
-    }
-    lines.push("");
-    lines.push(report.ok ? green("All checks passed.") : red("One or more checks failed."));
-    return lines.join("\n") + "\n";
-}
-export function buildDoctorCommand() {
-    const cmd = new Command("doctor").description("Diagnose CLI environment, credential, server reachability, and capability");
-    cmd.addOption(new Option("--no-cache", "Bypass whoami cache for fresh check"));
-    cmd.action(async (opts) => {
-        if (opts.cache === false)
-            clearWhoamiCache();
-        const report = await runDoctor({ cliVersion: CLI_VERSION });
-        if (isTtyHuman) {
-            process.stdout.write(renderDoctorReport(report));
-        }
-        else {
-            process.stdout.write(JSON.stringify({ data: report }) + "\n");
-        }
-        process.exit(report.ok ? 0 : 1);
-    });
-    return cmd;
-}

package/dist/tools/login.js

@@ -1,99 +0,0 @@
-/**
- * `echopai login --key <eps_live_X_Y> [--profile <name>] [--base-url <url>]`
- * `echopai logout [--profile <name>]`
- * `echopai status [--profile <name>]`
- *
- * login 把 key 写入 config profile（默认 'default'）。不在 login 时 round-trip
- * 验证 key —— 第一次实际调用会自然报 auth_invalid。
- *
- * status 显示当前 profile / base_url / 脱敏 key prefix。
- */
-import { Command } from "commander";
-import { configPath, readConfigFile, resolveCredentials, writeConfigFile, AuthMissingError, } from "../runtime/auth.js";
-import { redactKey } from "./config.js";
-export function buildLoginCommand() {
-    return new Command("login")
-        .description("Save Bearer credential to config profile")
-        .requiredOption("--key <eps_live_X_Y>", "Bearer credential issued by EchoPai admin console")
-        .option("--profile <name>", "Profile to save under", "default")
-        .option("--base-url <url>", "API base URL", "https://api.echopai.com")
-        .action((opts) => {
-        const cfg = readConfigFile();
-        cfg.profiles = cfg.profiles ?? {};
-        cfg.profiles[opts.profile] = { key: opts.key, base_url: opts.baseUrl };
-        if (!cfg.default_profile)
-            cfg.default_profile = opts.profile;
-        writeConfigFile(cfg);
-        process.stdout.write(JSON.stringify({
-            data: {
-                ok: true,
-                profile: opts.profile,
-                base_url: opts.baseUrl,
-                key_redacted: redactKey(opts.key),
-                default: cfg.default_profile === opts.profile,
-            },
-            meta: { path: configPath() },
-        }) + "\n");
-        process.exit(0);
-    });
-}
-export function buildLogoutCommand() {
-    return new Command("logout")
-        .description("Remove Bearer credential from config profile")
-        .option("--profile <name>", "Profile to clear (default = default_profile)")
-        .action((opts) => {
-        const cfg = readConfigFile();
-        const target = opts.profile || cfg.default_profile;
-        if (!target || !cfg.profiles?.[target]) {
-            process.stderr.write(JSON.stringify({
-                error: {
-                    code: "profile_not_found",
-                    message: `No profile '${target ?? "(none)"}' configured.`,
-                },
-            }) + "\n");
-            process.exit(1);
-        }
-        delete cfg.profiles[target];
-        if (cfg.default_profile === target)
-            cfg.default_profile = undefined;
-        writeConfigFile(cfg);
-        process.stdout.write(JSON.stringify({ data: { ok: true, removed_profile: target }, meta: { path: configPath() } }) + "\n");
-        process.exit(0);
-    });
-}
-export function buildStatusCommand() {
-    return new Command("status")
-        .description("Show current credential / profile / base URL (key redacted)")
-        .option("--profile <name>", "Profile to inspect")
-        .action((opts) => {
-        try {
-            const resolveOpts = {};
-            if (opts.profile)
-                resolveOpts.profile = opts.profile;
-            const c = resolveCredentials(resolveOpts);
-            process.stdout.write(JSON.stringify({
-                data: {
-                    source: process.env.ECHOPAI_KEY && !opts.profile
-                        ? "env"
-                        : c.profile
-                            ? "config"
-                            : "env",
-                    profile: c.profile,
-                    base_url: c.baseUrl,
-                    key_redacted: redactKey(c.key),
-                },
-                meta: { config_path: configPath() },
-            }) + "\n");
-            process.exit(0);
-        }
-        catch (e) {
-            if (e instanceof AuthMissingError) {
-                process.stderr.write(JSON.stringify({
-                    error: { code: "auth_missing", message: e.message, recovery_hint: e.recovery_hint },
-                }) + "\n");
-                process.exit(1);
-            }
-            throw e;
-        }
-    });
-}

package/dist/tools/mcp.js

@@ -1,141 +0,0 @@
-/**
- * `echopai mcp serve` — stdio MCP server.
- *
- * 启动流程:
- *  1. 解析凭据 (ECHOPAI_KEY / ECHOPAI_PROFILE / --profile)
- *  2. getWhoami(channel="mcp") 拿 token scopes
- *  3. 用 OPERATIONS.scopesAny 把 ALL_VERB_SPECS 过滤到 token 可调子集
- *  4. registerTool 每个可用 verb (Zod inputSchema 直接给 SDK)
- *  5. connect stdio transport, 进 message loop
- *
- * Tool handler:
- *  - 收到 tools/call → 调 spec.handler(args, ctx) (channel="mcp" 注入 header)
- *  - 成功 → 返 MCP content block (JSON envelope 序列化为 text)
- *  - 失败 → CallApiError 映射为 MCP isError=true tool response
- *
- * 错误日志走 stderr (MCP stdio 协议: stdout 仅 JSON-RPC, stderr 可任意文本)。
- */
-import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
-import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
-import { Command, Option } from "commander";
-import { OPERATIONS } from "../_generated/operations.js";
-import { resolveCredentials, AuthMissingError } from "../runtime/auth.js";
-import { CallApiError } from "../runtime/errors.js";
-import { getWhoami } from "../runtime/whoami_cache.js";
-import { ALL_VERB_SPECS } from "../verbs/index.js";
-import { CLI_VERSION } from "../version.js";
-/** Verb is available iff at least one backing op is callable with token scopes. */
-export function verbAvailable(spec, tokenScopes) {
-    if (spec.backingOps.length === 0)
-        return true;
-    for (const opKey of spec.backingOps) {
-        const op = OPERATIONS[opKey];
-        if (!op)
-            continue;
-        if (op.scopesAny.length === 0)
-            return true;
-        if (op.scopesAny.some((s) => tokenScopes.has(s)))
-            return true;
-    }
-    return false;
-}
-export function filterAvailableVerbs(specs, tokenScopes) {
-    return specs.filter((s) => verbAvailable(s, tokenScopes));
-}
-export function envelopeToToolResponse(envelope) {
-    return {
-        content: [{ type: "text", text: JSON.stringify(envelope) }],
-    };
-}
-export function errorToToolResponse(e) {
-    if (e instanceof CallApiError) {
-        const env = {
-            error: {
-                code: e.code,
-                message: e.message,
-                retryable: e.retryable,
-                ...(e.recovery_hint ? { recovery_hint: e.recovery_hint } : {}),
-                ...(e.requestId ? { request_id: e.requestId } : {}),
-            },
-        };
-        return { content: [{ type: "text", text: JSON.stringify(env) }], isError: true };
-    }
-    const env = {
-        error: {
-            code: "internal_error",
-            message: e instanceof Error ? e.message : String(e),
-            retryable: false,
-        },
-    };
-    return { content: [{ type: "text", text: JSON.stringify(env) }], isError: true };
-}
-export function buildMcpCommand() {
-    const mcp = new Command("mcp").description("Model Context Protocol bridge (expose curated verbs to MCP hosts)");
-    mcp
-        .command("serve")
-        .description("Run an MCP stdio server on this process. For Claude Desktop / Cursor / Claude Code.")
-        .addOption(new Option("--profile <name>", "Use a specific profile"))
-        .action(async (opts) => {
-        let creds;
-        try {
-            creds = resolveCredentials(opts.profile ? { profile: opts.profile } : {});
-        }
-        catch (e) {
-            if (e instanceof AuthMissingError) {
-                process.stderr.write(`[mcp] credential resolution failed: ${e.message}\n` +
-                    `[mcp] hint: ${e.recovery_hint ?? "Run `echopai login` or set ECHOPAI_KEY."}\n`);
-                process.exit(1);
-            }
-            throw e;
-        }
-        let whoami;
-        try {
-            whoami = await getWhoami({
-                baseUrl: creds.baseUrl,
-                bearer: creds.key,
-                cliVersion: CLI_VERSION,
-                channel: "mcp",
-            });
-        }
-        catch (e) {
-            process.stderr.write(`[mcp] whoami failed: ${e instanceof Error ? e.message : String(e)}\n`);
-            process.exit(1);
-        }
-        const tokenScopes = new Set(whoami.scopes);
-        const availableVerbs = filterAvailableVerbs(ALL_VERB_SPECS, tokenScopes);
-        process.stderr.write(`[mcp] kind=${whoami.kind} scopes=[${whoami.scopes.join(",")}]\n` +
-            `[mcp] exposing ${availableVerbs.length}/${ALL_VERB_SPECS.length} curated verbs as MCP tools\n`);
-        const server = new McpServer({
-            name: "echopai",
-            version: CLI_VERSION,
-            title: "EchoPai",
-        }, {
-            capabilities: { tools: {} },
-        });
-        const handlerCtx = {
-            baseUrl: creds.baseUrl,
-            bearer: creds.key,
-            cliVersion: CLI_VERSION,
-            channel: "mcp",
-        };
-        for (const spec of availableVerbs) {
-            server.registerTool(spec.name, {
-                description: spec.description,
-                inputSchema: spec.inputSchema,
-            }, async (args) => {
-                try {
-                    const envelope = await spec.handler(args, handlerCtx);
-                    return envelopeToToolResponse(envelope);
-                }
-                catch (e) {
-                    return errorToToolResponse(e);
-                }
-            });
-        }
-        const transport = new StdioServerTransport();
-        await server.connect(transport);
-        process.stderr.write("[mcp] connected on stdio; waiting for messages\n");
-        // The server runs until stdin closes; SDK handles shutdown.
-    });
-    return mcp;
-}