npm - freshcontext-mcp - Versions diffs - 0.1.6 → 0.1.7 - Mend

freshcontext-mcp 0.1.6 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md CHANGED Viewed

@@ -41,31 +41,41 @@ The AI agent always knows **when it's looking at data**, not just what the data
 | `extract_github` | README, stars, forks, language, topics, last commit from any GitHub repo |
 | `extract_hackernews` | Top stories or search results from HN with scores and timestamps |
 | `extract_scholar` | Research paper titles, authors, years, and snippets from Google Scholar |
+| `extract_reddit` | Posts and community sentiment from any subreddit or Reddit search |
 ### 🚀 Competitive Intelligence Tools
 | Tool | Description |
 |---|---|
 | `extract_yc` | Scrape YC company listings by keyword — find who's funded in your space |
+| `extract_producthunt` | Recent Product Hunt launches by keyword or topic |
 | `search_repos` | Search GitHub for similar/competing repos, ranked by stars with activity signals |
 | `package_trends` | npm and PyPI package metadata — version history, release cadence, last updated |
+### 📈 Market Data
+| Tool | Description |
+|---|---|
+| `extract_finance` | Live stock data via Yahoo Finance — price, market cap, P/E, 52w range, sector, company summary |
 ### 🗺️ Composite Tool
 | Tool | Description |
 |---|---|
-| `extract_landscape` | **One call. Full picture.** Queries YC startups + GitHub repos + HN sentiment + package ecosystem simultaneously. Returns a unified landscape report. |
+| `extract_landscape` | **One call. Full picture.** Queries YC + GitHub + HN + npm/PyPI simultaneously. Returns a unified timestamped landscape report. |
 ---
 ## Quick Start
-### Option A — Cloud (no install, works immediately)
+### Option A — Cloud (recommended, no install needed)
+Visit **[freshcontext-site.pages.dev](https://freshcontext-site.pages.dev)** for a guided 3-step install with copy-paste config. No terminal, no downloads, no antivirus alerts.
-No Node, no Playwright, nothing to install. Just add this to your Claude Desktop config and restart.
+Or add this manually to your Claude Desktop config and restart:
-**Mac:** open `~/Library/Application Support/Claude/claude_desktop_config.json`
-**Windows:** open `%APPDATA%\Claude\claude_desktop_config.json`
+**Mac:** `~/Library/Application Support/Claude/claude_desktop_config.json`
+**Windows:** `%APPDATA%\Claude\claude_desktop_config.json`
 ```json
 {
@@ -80,11 +90,11 @@ No Node, no Playwright, nothing to install. Just add this to your Claude Desktop
 Restart Claude Desktop. The freshcontext tools will appear in your session.
-> **Note:** If `claude_desktop_config.json` doesn't exist yet, create it with the content above.
+> If `claude_desktop_config.json` doesn't exist yet, create it with the content above.
 ---
-### Option B — Local (full Playwright, faster for heavy use)
+### Option B — Local (full Playwright, for heavy use)
 **Prerequisites:** Node.js 18+ ([nodejs.org](https://nodejs.org))
@@ -98,7 +108,7 @@ npm run build
 Then add to your Claude Desktop config:
-**Mac** (`~/Library/Application Support/Claude/claude_desktop_config.json`):
+**Mac:**
 ```json
 {
   "mcpServers": {
@@ -110,7 +120,7 @@ Then add to your Claude Desktop config:
 }
 ```
-**Windows** (`%APPDATA%\Claude\claude_desktop_config.json`):
+**Windows:**
 ```json
 {
   "mcpServers": {
@@ -122,58 +132,48 @@ Then add to your Claude Desktop config:
 }
 ```
-Restart Claude Desktop.
 ---
 ### Troubleshooting (Mac)
-**"command not found: node"** — Node isn't on your PATH inside Claude Desktop's environment. Use the full path:
+**"command not found: node"** — Node isn't on Claude Desktop's PATH. Use the full path:
 ```bash
 which node   # copy this output
 ```
-Then replace `"command": "node"` with `"command": "/usr/local/bin/node"` (or whatever `which node` returned).
+Replace `"command": "node"` with `"command": "/usr/local/bin/node"` (or whatever `which node` returned).
-**"npx: command not found"** — Same issue. Run `which npx` and use the full path for Option A:
-```json
-"command": "/usr/local/bin/npx"
-```
+**"npx: command not found"** — Same fix. Run `which npx` and use the full path.
-**Config file doesn't exist** — Create it. On Mac:
+**Config file doesn't exist** — Create it:
 ```bash
 mkdir -p ~/Library/Application\ Support/Claude
 touch ~/Library/Application\ Support/Claude/claude_desktop_config.json
 ```
-Then paste the config JSON above into it.
 ---
 ## Usage Examples
 ### Check if anyone is already building what you're building
 ```
 Use extract_landscape with topic "cashflow prediction mcp"
 ```
 Returns a unified report: who's funded (YC), what's trending (HN), what repos exist (GitHub), what packages are active (npm/PyPI). All timestamped.
-### Analyse a specific repo
+### Get community sentiment on a topic
 ```
-Use extract_github on https://github.com/anthropics/anthropic-sdk-python
+Use extract_reddit with url "r/MachineLearning"
+Use extract_hackernews with url "https://hn.algolia.com/api/v1/search?query=mcp+server&tags=story"
 ```
-### Find research papers on a topic
+### Check a company's stock
 ```
-Use extract_scholar on https://scholar.google.com/scholar?q=llm+context+freshness
+Use extract_finance with url "NVDA,MSFT,GOOG"
 ```
-### Check package ecosystem health
+### Find what just launched in your space
 ```
-Use package_trends with packages "npm:@modelcontextprotocol/sdk,pypi:langchain"
+Use extract_producthunt with url "AI developer tools"
 ```
 ---
@@ -189,24 +189,14 @@ FreshContext treats **retrieval time as first-class metadata**. Every adapter re
 - `freshness_confidence` — `high`, `medium`, or `low` based on signal quality
 - `adapter` — which source the data came from
-This makes freshness **verifiable**, not assumed.
 ---
-## Deployment
-### Local (Playwright-based)
-Uses headless Chromium via Playwright. Full browser rendering for JavaScript-heavy sites.
+## Security
-### Cloud (Cloudflare Workers)
-The `worker/` directory contains a Cloudflare Workers deployment. No Playwright dependency — runs at the edge globally.
-```bash
-cd worker
-npm install
-npx wrangler secret put API_KEY
-npx wrangler deploy
-```
+- Input sanitization and domain allowlists on all adapters
+- SSRF prevention (blocked private IP ranges)
+- KV-backed global rate limiting: 60 requests/minute per IP across all edge nodes
+- No credentials required for public data sources
 ---
@@ -217,17 +207,20 @@ freshcontext-mcp/
 ├── src/
 │   ├── server.ts              # MCP server, all tool registrations
 │   ├── types.ts               # FreshContext interfaces
-│   ├── security.ts            # Input validation, domain allowlists
+│   ├── security.ts            # Input validation, domain allowlists, SSRF prevention
 │   ├── adapters/
 │   │   ├── github.ts
 │   │   ├── hackernews.ts
 │   │   ├── scholar.ts
 │   │   ├── yc.ts
 │   │   ├── repoSearch.ts
-│   │   └── packageTrends.ts
+│   │   ├── packageTrends.ts
+│   │   ├── reddit.ts
+│   │   ├── productHunt.ts
+│   │   └── finance.ts
 │   └── tools/
 │       └── freshnessStamp.ts
-└── worker/                    # Cloudflare Workers deployment
+└── worker/                    # Cloudflare Workers deployment (all 10 tools)
     └── src/worker.ts
 ```
@@ -243,9 +236,11 @@ freshcontext-mcp/
 - [x] npm/PyPI package trends
 - [x] `extract_landscape` composite tool
 - [x] Cloudflare Workers deployment
-- [x] Worker auth + rate limiting + domain allowlists
-- [ ] Product Hunt launches adapter
-- [ ] Finance/market data adapter
+- [x] Worker auth + KV-backed global rate limiting
+- [x] Reddit community sentiment adapter
+- [x] Product Hunt launches adapter
+- [x] Yahoo Finance market data adapter
+- [ ] `extract_arxiv` — structured arXiv API (more reliable than Scholar)
 - [ ] TTL-based caching layer
 - [ ] `freshness_score` numeric metric

package/dist/adapters/arxiv.js ADDED Viewed

@@ -0,0 +1,66 @@
+/**
+ * arXiv adapter — uses the official arXiv API (no scraping, no auth needed).
+ * Accepts a search query or a direct arXiv API URL.
+ * Docs: https://arxiv.org/help/api/user-manual
+ */
+export async function arxivAdapter(options) {
+    const input = options.url.trim();
+    // Build API URL — if they pass a plain query, construct it
+    const apiUrl = input.startsWith("http")
+        ? input
+        : `https://export.arxiv.org/api/query?search_query=all:${encodeURIComponent(input)}&start=0&max_results=10&sortBy=relevance&sortOrder=descending`;
+    const res = await fetch(apiUrl, {
+        headers: { "User-Agent": "freshcontext-mcp/0.1.7 (https://github.com/PrinceGabriel-lgtm/freshcontext-mcp)" },
+    });
+    if (!res.ok)
+        throw new Error(`arXiv API error: ${res.status} ${res.statusText}`);
+    const xml = await res.text();
+    // Parse the Atom XML response
+    const entries = [...xml.matchAll(/<entry>([\s\S]*?)<\/entry>/g)];
+    if (!entries.length) {
+        return { raw: "No results found for this query.", content_date: null, freshness_confidence: "low" };
+    }
+    const getTag = (block, tag) => {
+        const m = block.match(new RegExp(`<${tag}[^>]*>([\\s\\S]*?)<\\/${tag}>`, "i"));
+        return m ? m[1].trim().replace(/\s+/g, " ") : "";
+    };
+    const getAttr = (block, tag, attr) => {
+        const m = block.match(new RegExp(`<${tag}[^>]*${attr}="([^"]*)"`, "i"));
+        return m ? m[1].trim() : "";
+    };
+    const papers = entries.map((match, i) => {
+        const block = match[1];
+        const title = getTag(block, "title").replace(/\n/g, " ");
+        const summary = getTag(block, "summary").slice(0, 300).replace(/\n/g, " ");
+        const published = getTag(block, "published").slice(0, 10); // YYYY-MM-DD
+        const updated = getTag(block, "updated").slice(0, 10);
+        const id = getTag(block, "id").replace("http://arxiv.org/abs/", "https://arxiv.org/abs/");
+        // Authors — can be multiple
+        const authorMatches = [...block.matchAll(/<author>([\s\S]*?)<\/author>/g)];
+        const authors = authorMatches
+            .map(a => getTag(a[1], "name"))
+            .filter(Boolean)
+            .slice(0, 4)
+            .join(", ");
+        // Categories
+        const primaryCat = getAttr(block, "arxiv:primary_category", "term") ||
+            getAttr(block, "category", "term");
+        return [
+            `[${i + 1}] ${title}`,
+            `Authors: ${authors || "Unknown"}`,
+            `Published: ${published}${updated !== published ? ` (updated ${updated})` : ""}`,
+            primaryCat ? `Category: ${primaryCat}` : null,
+            `Abstract: ${summary}…`,
+            `Link: ${id}`,
+        ].filter(Boolean).join("\n");
+    });
+    const raw = papers.join("\n\n").slice(0, options.maxLength ?? 6000);
+    // Most recent publication date
+    const dates = entries
+        .map(m => getTag(m[1], "published").slice(0, 10))
+        .filter(Boolean)
+        .sort()
+        .reverse();
+    const content_date = dates[0] ?? null;
+    return { raw, content_date, freshness_confidence: content_date ? "high" : "medium" };
+}

package/dist/server.js CHANGED Viewed

@@ -124,10 +124,10 @@ server.registerTool("package_trends", {
 });
 // ─── Tool: extract_landscape ─────────────────────────────────────────────────
 server.registerTool("extract_landscape", {
-    description: "Composite intelligence tool. Given a project idea or keyword, simultaneously queries YC startups, GitHub repos, HN sentiment, and package activity to answer: Who is building this? Is it funded? What's getting traction? Returns a unified timestamped landscape report.",
+    description: "Composite intelligence tool. Given a project idea or keyword, simultaneously queries YC startups, GitHub repos, HN, Reddit, Product Hunt, and package registries to answer: Who is building this? Is it funded? What's getting traction? Returns a unified 6-source timestamped landscape report.",
     inputSchema: z.object({
         topic: z.string().describe("Your project idea or keyword e.g. 'mcp server' or 'cashflow prediction'"),
-        max_length: z.number().optional().default(8000),
+        max_length: z.number().optional().default(10000),
     }),
     annotations: { readOnlyHint: true, openWorldHint: true },
 }, async ({ topic, max_length }) => {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "freshcontext-mcp",
-  "version": "0.1.6",
+  "version": "0.1.7",
   "description": "Real-time web extraction MCP server with freshness timestamps for AI agents",
   "keywords": [
     "mcp",
@@ -49,3 +49,4 @@
   }
 }

package/src/adapters/arxiv.ts ADDED Viewed

@@ -0,0 +1,84 @@
+import { AdapterResult, ExtractOptions } from "../types.js";
+/**
+ * arXiv adapter — uses the official arXiv API (no scraping, no auth needed).
+ * Accepts a search query or a direct arXiv API URL.
+ * Docs: https://arxiv.org/help/api/user-manual
+ */
+export async function arxivAdapter(options: ExtractOptions): Promise<AdapterResult> {
+  const input = options.url.trim();
+  // Build API URL — if they pass a plain query, construct it
+  const apiUrl = input.startsWith("http")
+    ? input
+    : `https://export.arxiv.org/api/query?search_query=all:${encodeURIComponent(input)}&start=0&max_results=10&sortBy=relevance&sortOrder=descending`;
+  const res = await fetch(apiUrl, {
+    headers: { "User-Agent": "freshcontext-mcp/0.1.7 (https://github.com/PrinceGabriel-lgtm/freshcontext-mcp)" },
+  });
+  if (!res.ok) throw new Error(`arXiv API error: ${res.status} ${res.statusText}`);
+  const xml = await res.text();
+  // Parse the Atom XML response
+  const entries = [...xml.matchAll(/<entry>([\s\S]*?)<\/entry>/g)];
+  if (!entries.length) {
+    return { raw: "No results found for this query.", content_date: null, freshness_confidence: "low" };
+  }
+  const getTag = (block: string, tag: string): string => {
+    const m = block.match(new RegExp(`<${tag}[^>]*>([\\s\\S]*?)<\\/${tag}>`, "i"));
+    return m ? m[1].trim().replace(/\s+/g, " ") : "";
+  };
+  const getAttr = (block: string, tag: string, attr: string): string => {
+    const m = block.match(new RegExp(`<${tag}[^>]*${attr}="([^"]*)"`, "i"));
+    return m ? m[1].trim() : "";
+  };
+  const papers = entries.map((match, i) => {
+    const block = match[1];
+    const title = getTag(block, "title").replace(/\n/g, " ");
+    const summary = getTag(block, "summary").slice(0, 300).replace(/\n/g, " ");
+    const published = getTag(block, "published").slice(0, 10); // YYYY-MM-DD
+    const updated = getTag(block, "updated").slice(0, 10);
+    const id = getTag(block, "id").replace("http://arxiv.org/abs/", "https://arxiv.org/abs/");
+    // Authors — can be multiple
+    const authorMatches = [...block.matchAll(/<author>([\s\S]*?)<\/author>/g)];
+    const authors = authorMatches
+      .map(a => getTag(a[1], "name"))
+      .filter(Boolean)
+      .slice(0, 4)
+      .join(", ");
+    // Categories
+    const primaryCat = getAttr(block, "arxiv:primary_category", "term") ||
+      getAttr(block, "category", "term");
+    return [
+      `[${i + 1}] ${title}`,
+      `Authors: ${authors || "Unknown"}`,
+      `Published: ${published}${updated !== published ? ` (updated ${updated})` : ""}`,
+      primaryCat ? `Category: ${primaryCat}` : null,
+      `Abstract: ${summary}…`,
+      `Link: ${id}`,
+    ].filter(Boolean).join("\n");
+  });
+  const raw = papers.join("\n\n").slice(0, options.maxLength ?? 6000);
+  // Most recent publication date
+  const dates = entries
+    .map(m => getTag(m[1], "published").slice(0, 10))
+    .filter(Boolean)
+    .sort()
+    .reverse();
+  const content_date = dates[0] ?? null;
+  return { raw, content_date, freshness_confidence: content_date ? "high" : "medium" };
+}

package/src/server.ts CHANGED Viewed

@@ -11,6 +11,7 @@ import { packageTrendsAdapter } from "./adapters/packageTrends.js";
 import { redditAdapter } from "./adapters/reddit.js";
 import { productHuntAdapter } from "./adapters/productHunt.js";
 import { financeAdapter } from "./adapters/finance.js";
+import { arxivAdapter } from "./adapters/arxiv.js";
 import { stampFreshness, formatForLLM } from "./tools/freshnessStamp.js";
 import { SecurityError, formatSecurityError } from "./security.js";
@@ -162,10 +163,10 @@ server.registerTool(
   "extract_landscape",
   {
     description:
-      "Composite intelligence tool. Given a project idea or keyword, simultaneously queries YC startups, GitHub repos, HN sentiment, and package activity to answer: Who is building this? Is it funded? What's getting traction? Returns a unified timestamped landscape report.",
+      "Composite intelligence tool. Given a project idea or keyword, simultaneously queries YC startups, GitHub repos, HN, Reddit, Product Hunt, and package registries to answer: Who is building this? Is it funded? What's getting traction? Returns a unified 6-source timestamped landscape report.",
     inputSchema: z.object({
       topic: z.string().describe("Your project idea or keyword e.g. 'mcp server' or 'cashflow prediction'"),
-      max_length: z.number().optional().default(8000),
+      max_length: z.number().optional().default(10000),
     }),
     annotations: { readOnlyHint: true, openWorldHint: true },
   },
@@ -209,3 +210,6 @@ main().catch(console.error);

package/worker/src/worker.ts CHANGED Viewed

@@ -7,7 +7,8 @@ import { z } from "zod";
 interface Env {
   BROWSER: Fetcher;
-  API_KEY?: string; // Optional: set via `wrangler secret put API_KEY`
+  RATE_LIMITER: KVNamespace;
+  API_KEY?: string;
 }
 interface FreshContext {
@@ -26,152 +27,97 @@ const ALLOWED_DOMAINS: Record<string, string[]> = {
   scholar:     ["scholar.google.com"],
   hackernews:  ["news.ycombinator.com", "hn.algolia.com"],
   yc:          ["www.ycombinator.com", "ycombinator.com"],
+  producthunt: ["www.producthunt.com", "producthunt.com"],
+  // reddit, finance, repoSearch, packageTrends use fetch APIs — no browser, no domain restriction needed
 };
 const PRIVATE_IP_PATTERNS = [
-  /^localhost$/i,
-  /^127\./,
-  /^10\./,
-  /^192\.168\./,
-  /^172\.(1[6-9]|2\d|3[01])\./,
-  /^169\.254\./,
-  /^::1$/,
-  /^fc00:/i,
-  /^fe80:/i,
+  /^localhost$/i, /^127\./, /^10\./, /^192\.168\./,
+  /^172\.(1[6-9]|2\d|3[01])\./, /^169\.254\./, /^::1$/, /^fc00:/i, /^fe80:/i,
 ];
-const MAX_URL_LENGTH    = 500;
-const MAX_QUERY_LENGTH  = 200;
 class SecurityError extends Error {
-  constructor(message: string) {
-    super(message);
-    this.name = "SecurityError";
-  }
+  constructor(message: string) { super(message); this.name = "SecurityError"; }
 }
 function validateUrl(rawUrl: string, adapter: string): string {
-  if (rawUrl.length > MAX_URL_LENGTH)
-    throw new SecurityError(`URL too long (max ${MAX_URL_LENGTH} chars)`);
+  if (rawUrl.length > 500) throw new SecurityError("URL too long (max 500 chars)");
   let parsed: URL;
-  try { parsed = new URL(rawUrl); }
-  catch { throw new SecurityError("Invalid URL format"); }
+  try { parsed = new URL(rawUrl); } catch { throw new SecurityError("Invalid URL format"); }
   if (!["http:", "https:"].includes(parsed.protocol))
     throw new SecurityError("Only http/https URLs are allowed");
   const hostname = parsed.hostname.toLowerCase();
-  for (const pattern of PRIVATE_IP_PATTERNS) {
-    if (pattern.test(hostname))
-      throw new SecurityError("Access to private/internal addresses is not allowed");
-  }
+  for (const p of PRIVATE_IP_PATTERNS)
+    if (p.test(hostname)) throw new SecurityError("Access to private addresses is not allowed");
   const allowed = ALLOWED_DOMAINS[adapter];
-  if (allowed && allowed.length > 0) {
-    const ok = allowed.some(d => hostname === d || hostname.endsWith(`.${d}`));
-    if (!ok)
-      throw new SecurityError(`URL not allowed for ${adapter}. Allowed domains: ${allowed.join(", ")}`);
+  if (allowed?.length) {
+    if (!allowed.some(d => hostname === d || hostname.endsWith(`.${d}`)))
+      throw new SecurityError(`Domain not allowed for ${adapter}: ${hostname}`);
   }
   return rawUrl;
 }
-function sanitizeQuery(query: string, maxLen = MAX_QUERY_LENGTH): string {
-  if (query.length > maxLen)
-    throw new SecurityError(`Query too long (max ${maxLen} chars)`);
-  // Strip null bytes and control characters
-  return query.replace(/[\x00-\x1F\x7F]/g, "").trim();
-}
+// ─── Rate Limiting (KV-backed, globally consistent) ───────────────────────────
-// ─── Rate Limiting (in-memory, per isolate) ───────────────────────────────────
+const RATE_LIMIT     = 60;      // requests per window
+const RATE_WINDOW_S  = 60;      // window size in seconds
-interface RateEntry { count: number; windowStart: number; }
-const rateMap = new Map<string, RateEntry>();
+async function checkRateLimit(ip: string, kv: KVNamespace): Promise<void> {
+  const key = `rl:${ip}`;
-const RATE_LIMIT      = 20;   // max requests
-const RATE_WINDOW_MS  = 60_000; // per 60 seconds
+  // Get current count — KV TTL handles the window reset automatically
+  const current = await kv.get(key);
+  const count = current ? parseInt(current) : 0;
-function checkRateLimit(ip: string): void {
-  const now = Date.now();
-  const entry = rateMap.get(ip);
-  if (!entry || now - entry.windowStart > RATE_WINDOW_MS) {
-    rateMap.set(ip, { count: 1, windowStart: now });
-    return;
-  }
-  if (entry.count >= RATE_LIMIT) {
-    throw new SecurityError(`Rate limit exceeded. Max ${RATE_LIMIT} requests per minute.`);
+  if (count >= RATE_LIMIT) {
+    throw new SecurityError(
+      `Rate limit exceeded — max ${RATE_LIMIT} requests per minute per IP. Try again shortly.`
+    );
   }
-  entry.count++;
-}
-// Prevent the map from growing unboundedly
-function pruneRateMap(): void {
-  const now = Date.now();
-  for (const [ip, entry] of rateMap) {
-    if (now - entry.windowStart > RATE_WINDOW_MS) rateMap.delete(ip);
+  // Increment. On first request, set TTL so the key expires after the window.
+  // On subsequent requests within the window, preserve existing TTL via metadata.
+  if (!current) {
+    // First request in this window — set with TTL
+    await kv.put(key, "1", { expirationTtl: RATE_WINDOW_S });
+  } else {
+    // Increment without resetting TTL (KV doesn't support increment natively,
+    // so we overwrite — acceptable race condition for rate limiting purposes)
+    await kv.put(key, String(count + 1), { expirationTtl: RATE_WINDOW_S });
   }
 }
 // ─── Auth ─────────────────────────────────────────────────────────────────────
 function checkAuth(request: Request, env: Env): void {
-  if (!env.API_KEY) return; // Auth disabled if no key is set
-  const authHeader = request.headers.get("Authorization") ?? "";
-  const token = authHeader.startsWith("Bearer ") ? authHeader.slice(7) : "";
-  if (token !== env.API_KEY) {
-    throw new SecurityError("Unauthorized. Provide a valid Bearer token.");
-  }
+  if (!env.API_KEY) return;
+  const token = (request.headers.get("Authorization") ?? "").replace("Bearer ", "");
+  if (token !== env.API_KEY) throw new SecurityError("Unauthorized");
 }
 // ─── Helpers ──────────────────────────────────────────────────────────────────
 function getClientIp(request: Request): string {
-  return (
-    request.headers.get("CF-Connecting-IP") ??
-    request.headers.get("X-Forwarded-For")?.split(",")[0]?.trim() ??
-    "unknown"
-  );
+  return request.headers.get("CF-Connecting-IP")
+    ?? request.headers.get("X-Forwarded-For")?.split(",")[0]?.trim()
+    ?? "unknown";
 }
-function securityErrorResponse(message: string, status: number): Response {
+function errResponse(message: string, status: number): Response {
   return new Response(JSON.stringify({ error: message }), {
-    status,
-    headers: { "Content-Type": "application/json" },
+    status, headers: { "Content-Type": "application/json" },
   });
 }
-// ─── Freshness Stamp ──────────────────────────────────────────────────────────
-function stamp(
-  content: string,
-  url: string,
-  date: string | null,
-  confidence: "high" | "medium" | "low",
-  adapter: string
-): string {
-  const ctx: FreshContext = {
-    content: content.slice(0, 6000),
-    source_url: url,
-    content_date: date,
-    retrieved_at: new Date().toISOString(),
-    freshness_confidence: confidence,
-    adapter,
-  };
+function stamp(content: string, url: string, date: string | null, confidence: "high" | "medium" | "low", adapter: string): string {
   return [
     "[FRESHCONTEXT]",
-    `Source: ${ctx.source_url}`,
-    `Published: ${ctx.content_date ?? "unknown"}`,
-    `Retrieved: ${ctx.retrieved_at}`,
-    `Confidence: ${ctx.freshness_confidence}`,
+    `Source: ${url}`,
+    `Published: ${date ?? "unknown"}`,
+    `Retrieved: ${new Date().toISOString()}`,
+    `Confidence: ${confidence}`,
     "---",
-    ctx.content,
+    content.slice(0, 6000),
     "[/FRESHCONTEXT]",
   ].join("\n");
 }
@@ -179,14 +125,12 @@ function stamp(
 // ─── Server Factory ───────────────────────────────────────────────────────────
 function createServer(env: Env): McpServer {
-  const server = new McpServer({ name: "freshcontext-mcp", version: "0.1.3" });
+  const server = new McpServer({ name: "freshcontext-mcp", version: "0.1.7" });
   // ── extract_github ──────────────────────────────────────────────────────────
   server.registerTool("extract_github", {
     description: "Extract real-time data from a GitHub repository — README, stars, forks, last commit, topics. Returns timestamped freshcontext.",
-    inputSchema: z.object({
-      url: z.string().url().describe("Full GitHub repo URL e.g. https://github.com/owner/repo"),
-    }),
+    inputSchema: z.object({ url: z.string().url().describe("Full GitHub repo URL e.g. https://github.com/owner/repo") }),
     annotations: { readOnlyHint: true, openWorldHint: true },
   }, async ({ url }) => {
     try {
@@ -195,7 +139,6 @@ function createServer(env: Env): McpServer {
       const page = await browser.newPage();
       await page.setUserAgent("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36");
       await page.goto(safeUrl, { waitUntil: "domcontentloaded" });
       const data = await page.evaluate(`(function() {
         var readme = (document.querySelector('[data-target="readme-toc.content"]') || document.querySelector('.markdown-body') || {}).textContent || null;
         var starsEl = document.querySelector('[id="repo-stars-counter-star"]') || document.querySelector('.Counter.js-social-count');
@@ -211,60 +154,51 @@ function createServer(env: Env): McpServer {
         var language = langEl ? langEl.textContent.trim() : null;
         return { readme, stars, forks, lastCommit, description, topics, language };
       })()`);
       await browser.close();
       const d = data as any;
-      const raw = [
-        `Description: ${d.description ?? "N/A"}`,
-        `Stars: ${d.stars ?? "N/A"} | Forks: ${d.forks ?? "N/A"}`,
-        `Language: ${d.language ?? "N/A"}`,
-        `Last commit: ${d.lastCommit ?? "N/A"}`,
-        `Topics: ${d.topics?.join(", ") ?? "none"}`,
-        `\n--- README ---\n${d.readme ?? "No README"}`,
-      ].join("\n");
+      const raw = [`Description: ${d.description ?? "N/A"}`, `Stars: ${d.stars ?? "N/A"} | Forks: ${d.forks ?? "N/A"}`, `Language: ${d.language ?? "N/A"}`, `Last commit: ${d.lastCommit ?? "N/A"}`, `Topics: ${d.topics?.join(", ") ?? "none"}`, `\n--- README ---\n${d.readme ?? "No README"}`].join("\n");
       return { content: [{ type: "text", text: stamp(raw, safeUrl, d.lastCommit ?? null, d.lastCommit ? "high" : "medium", "github") }] };
-    } catch (err: any) {
-      return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] };
-    }
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
   });
   // ── extract_hackernews ──────────────────────────────────────────────────────
   server.registerTool("extract_hackernews", {
     description: "Extract top stories or search results from Hacker News with real-time timestamps.",
-    inputSchema: z.object({ url: z.string().url().describe("HN URL e.g. https://news.ycombinator.com") }),
+    inputSchema: z.object({ url: z.string().url().describe("HN URL e.g. https://news.ycombinator.com or https://hn.algolia.com/?q=...") }),
     annotations: { readOnlyHint: true, openWorldHint: true },
   }, async ({ url }) => {
     try {
+      // Use Algolia API for search URLs — no browser needed
+      if (url.includes("hn.algolia.com")) {
+        const apiUrl = url.includes("/api/") ? url : `https://hn.algolia.com/api/v1/search?query=${encodeURIComponent(url)}&tags=story&hitsPerPage=20`;
+        const res = await fetch(apiUrl);
+        if (!res.ok) throw new Error(`HN API error: ${res.status}`);
+        const json = await res.json() as any;
+        const raw = json.hits.map((r: any, i: number) =>
+          `[${i+1}] ${r.title}\nURL: ${r.url ?? `https://news.ycombinator.com/item?id=${r.objectID}`}\nScore: ${r.points} | ${r.num_comments} comments\nPosted: ${r.created_at}`
+        ).join("\n\n");
+        const newest = json.hits.map((r: any) => r.created_at).sort().reverse()[0] ?? null;
+        return { content: [{ type: "text", text: stamp(raw, url, newest, newest ? "high" : "medium", "hackernews") }] };
+      }
+      // Browser scrape for front page
       const safeUrl = validateUrl(url, "hackernews");
       const browser = await puppeteer.launch(env.BROWSER);
       const page = await browser.newPage();
       await page.goto(safeUrl, { waitUntil: "domcontentloaded" });
       const data = await page.evaluate(`(function() {
         var items = Array.from(document.querySelectorAll('.athing')).slice(0, 20);
         return items.map(function(el) {
-          var titleLineEl = el.querySelector('.titleline > a');
-          var title = titleLineEl ? titleLineEl.textContent.trim() : null;
-          var link = titleLineEl ? titleLineEl.getAttribute('href') : null;
-          var subtext = el.nextElementSibling;
-          var scoreEl = subtext ? subtext.querySelector('.score') : null;
-          var score = scoreEl ? scoreEl.textContent.trim() : null;
-          var ageEl = subtext ? subtext.querySelector('.age') : null;
-          var age = ageEl ? ageEl.getAttribute('title') : null;
-          return { title, link, score, age };
+          var a = el.querySelector('.titleline > a');
+          var sub = el.nextElementSibling;
+          return { title: a?.textContent.trim(), link: a?.href, score: sub?.querySelector('.score')?.textContent.trim(), age: sub?.querySelector('.age')?.getAttribute('title') };
         });
       })()`);
       await browser.close();
       const items = data as any[];
-      const raw = items.map((r, i) =>
-        `[${i + 1}] ${r.title}\nURL: ${r.link}\nScore: ${r.score ?? "N/A"}\nPosted: ${r.age ?? "unknown"}`
-      ).join("\n\n");
+      const raw = items.map((r, i) => `[${i+1}] ${r.title}\nURL: ${r.link}\nScore: ${r.score ?? "N/A"}\nPosted: ${r.age ?? "unknown"}`).join("\n\n");
       const newest = items.map(r => r.age).filter(Boolean).sort().reverse()[0] ?? null;
       return { content: [{ type: "text", text: stamp(raw, safeUrl, newest, newest ? "high" : "medium", "hackernews") }] };
-    } catch (err: any) {
-      return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] };
-    }
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
   });
   // ── extract_scholar ─────────────────────────────────────────────────────────
@@ -279,33 +213,229 @@ function createServer(env: Env): McpServer {
       const page = await browser.newPage();
       await page.setUserAgent("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36");
       await page.goto(safeUrl, { waitUntil: "domcontentloaded" });
       const data = await page.evaluate(`(function() {
-        var items = Array.from(document.querySelectorAll('.gs_r.gs_or.gs_scl'));
-        return items.map(function(el) {
-          var titleEl = el.querySelector('.gs_rt');
-          var title = titleEl ? titleEl.textContent.trim() : null;
-          var authorsEl = el.querySelector('.gs_a');
-          var authors = authorsEl ? authorsEl.textContent.trim() : null;
-          var snippetEl = el.querySelector('.gs_rs');
-          var snippet = snippetEl ? snippetEl.textContent.trim() : null;
-          var yearMatch = authors ? authors.match(/\\b(19|20)\\d{2}\\b/) : null;
-          var year = yearMatch ? yearMatch[0] : null;
+        return Array.from(document.querySelectorAll('.gs_r.gs_or.gs_scl')).map(function(el) {
+          var title = el.querySelector('.gs_rt')?.textContent.trim();
+          var authors = el.querySelector('.gs_a')?.textContent.trim();
+          var snippet = el.querySelector('.gs_rs')?.textContent.trim();
+          var year = authors?.match(/\\b(19|20)\\d{2}\\b/)?.[0] ?? null;
           return { title, authors, snippet, year };
         });
       })()`);
+      await browser.close();
+      const items = data as any[];
+      const raw = items.map((r, i) => `[${i+1}] ${r.title ?? "Untitled"}\nAuthors: ${r.authors ?? "Unknown"}\nYear: ${r.year ?? "Unknown"}\nSnippet: ${r.snippet ?? "N/A"}`).join("\n\n");
+      const newest = items.map(r => r.year).filter(Boolean).sort().reverse()[0] ?? null;
+      return { content: [{ type: "text", text: stamp(raw, safeUrl, newest ? `${newest}-01-01` : null, newest ? "high" : "low", "google_scholar") }] };
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
+  });
+  // ── extract_yc ──────────────────────────────────────────────────────────────
+  server.registerTool("extract_yc", {
+    description: "Scrape YC company listings by keyword. Returns name, batch, tags, description per company.",
+    inputSchema: z.object({ url: z.string().url().describe("YC URL e.g. https://www.ycombinator.com/companies?query=mcp") }),
+    annotations: { readOnlyHint: true, openWorldHint: true },
+  }, async ({ url }) => {
+    try {
+      const safeUrl = validateUrl(url, "yc");
+      const browser = await puppeteer.launch(env.BROWSER);
+      const page = await browser.newPage();
+      await page.goto(safeUrl, { waitUntil: "networkidle0" });
+      await new Promise(r => setTimeout(r, 1500));
+      const data = await page.evaluate(`(function() {
+        return Array.from(document.querySelectorAll('a._company_i9oky_355')).slice(0, 20).map(function(el) {
+          var name = el.querySelector('._coName_i9oky_470')?.textContent.trim();
+          var desc = el.querySelector('._coDescription_i9oky_478')?.textContent.trim();
+          var batch = el.querySelector('._batch_i9oky_496')?.textContent.trim();
+          var tags = Array.from(el.querySelectorAll('._pill_i9oky_33')).map(function(t) { return t.textContent.trim(); });
+          return { name, desc, batch, tags };
+        });
+      })()`);
       await browser.close();
       const items = data as any[];
-      const raw = items.map((r, i) =>
-        `[${i + 1}] ${r.title ?? "Untitled"}\nAuthors: ${r.authors ?? "Unknown"}\nYear: ${r.year ?? "Unknown"}\nSnippet: ${r.snippet ?? "N/A"}`
+      const raw = items.map((c, i) => `[${i+1}] ${c.name ?? "Unknown"} (${c.batch ?? "N/A"})\n${c.desc ?? "No description"}\nTags: ${c.tags?.join(", ") ?? "none"}`).join("\n\n");
+      return { content: [{ type: "text", text: stamp(raw, safeUrl, new Date().toISOString().slice(0, 10), "medium", "ycombinator") }] };
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
+  });
+  // ── search_repos ────────────────────────────────────────────────────────────
+  server.registerTool("search_repos", {
+    description: "Search GitHub for repositories matching a keyword. Returns top results by stars.",
+    inputSchema: z.object({ query: z.string().describe("Search query e.g. 'mcp server typescript'") }),
+    annotations: { readOnlyHint: true, openWorldHint: true },
+  }, async ({ query }) => {
+    try {
+      const q = query.replace(/[\x00-\x1F]/g, "").trim().slice(0, 200);
+      const res = await fetch(`https://api.github.com/search/repositories?q=${encodeURIComponent(q)}&sort=stars&order=desc&per_page=15`, {
+        headers: { "User-Agent": "freshcontext-mcp/0.1.6", "Accept": "application/vnd.github+json" },
+      });
+      if (!res.ok) throw new Error(`GitHub API error: ${res.status}`);
+      const json = await res.json() as any;
+      const raw = json.items.map((r: any, i: number) =>
+        `[${i+1}] ${r.full_name}\n⭐ ${r.stargazers_count} stars | ${r.language ?? "N/A"}\n${r.description ?? "No description"}\nUpdated: ${r.updated_at?.slice(0,10)}\nURL: ${r.html_url}`
       ).join("\n\n");
-      const years = items.map(r => r.year).filter(Boolean).sort().reverse();
-      const newest = years[0] ?? null;
-      return { content: [{ type: "text", text: stamp(raw, safeUrl, newest ? `${newest}-01-01` : null, newest ? "high" : "low", "google_scholar") }] };
-    } catch (err: any) {
-      return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] };
-    }
+      const newest = json.items.map((r: any) => r.updated_at).filter(Boolean).sort().reverse()[0] ?? null;
+      return { content: [{ type: "text", text: stamp(raw, `https://github.com/search?q=${encodeURIComponent(q)}`, newest, newest ? "high" : "medium", "github_search") }] };
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
+  });
+  // ── package_trends ──────────────────────────────────────────────────────────
+  server.registerTool("package_trends", {
+    description: "npm and PyPI package metadata — version history, release cadence, last updated.",
+    inputSchema: z.object({ packages: z.string().describe("Package name(s) e.g. 'langchain' or 'npm:zod,pypi:fastapi'") }),
+    annotations: { readOnlyHint: true, openWorldHint: true },
+  }, async ({ packages }) => {
+    try {
+      const entries = packages.split(",").map(s => s.trim()).filter(Boolean).slice(0, 5);
+      const results: string[] = [];
+      for (const entry of entries) {
+        const isNpm = !entry.startsWith("pypi:") && (entry.startsWith("npm:") || !entry.includes(":"));
+        const name = entry.replace(/^(npm:|pypi:)/, "");
+        if (isNpm) {
+          const res = await fetch(`https://registry.npmjs.org/${encodeURIComponent(name)}`);
+          if (!res.ok) { results.push(`[npm:${name}] Not found`); continue; }
+          const j = await res.json() as any;
+          const versions = Object.keys(j.versions ?? {}).slice(-5).reverse();
+          results.push(`npm:${name}\nLatest: ${j["dist-tags"]?.latest ?? "N/A"}\nUpdated: ${j.time?.modified?.slice(0,10) ?? "N/A"}\nRecent versions: ${versions.join(", ")}\nDescription: ${j.description ?? "N/A"}`);
+        } else {
+          const res = await fetch(`https://pypi.org/pypi/${encodeURIComponent(name)}/json`);
+          if (!res.ok) { results.push(`[pypi:${name}] Not found`); continue; }
+          const j = await res.json() as any;
+          const versions = Object.keys(j.releases ?? {}).slice(-5).reverse();
+          results.push(`pypi:${name}\nLatest: ${j.info?.version ?? "N/A"}\nDescription: ${j.info?.summary ?? "N/A"}\nRecent versions: ${versions.join(", ")}`);
+        }
+      }
+      const raw = results.join("\n\n─────────────\n\n");
+      return { content: [{ type: "text", text: stamp(raw, "package-registries", new Date().toISOString(), "high", "package_registry") }] };
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
+  });
+  // ── extract_reddit ──────────────────────────────────────────────────────────
+  server.registerTool("extract_reddit", {
+    description: "Extract posts and community sentiment from Reddit. Accepts subreddit name, URL, or search query.",
+    inputSchema: z.object({ url: z.string().describe("Subreddit name e.g. 'r/MachineLearning' or search URL") }),
+    annotations: { readOnlyHint: true, openWorldHint: true },
+  }, async ({ url }) => {
+    try {
+      let apiUrl = url;
+      if (!apiUrl.startsWith("http")) {
+        const clean = apiUrl.replace(/^r\//, "");
+        apiUrl = `https://www.reddit.com/r/${clean}/.json?limit=25&sort=hot`;
+      }
+      if (!apiUrl.includes(".json")) apiUrl = apiUrl.replace(/\/?$/, ".json");
+      if (!apiUrl.includes("limit=")) apiUrl += (apiUrl.includes("?") ? "&" : "?") + "limit=25";
+      const res = await fetch(apiUrl, { headers: { "User-Agent": "freshcontext-mcp/0.1.6", "Accept": "application/json" } });
+      if (!res.ok) throw new Error(`Reddit API error: ${res.status}`);
+      const json = await res.json() as any;
+      const posts = json?.data?.children ?? [];
+      if (!posts.length) throw new Error("No posts found");
+      const raw = posts.slice(0, 20).map((child: any, i: number) => {
+        const p = child.data;
+        const date = new Date(p.created_utc * 1000).toISOString();
+        return [`[${i+1}] ${p.title}`, `r/${p.subreddit} · u/${p.author} · ${date.slice(0,10)}`, `↑ ${p.score} · ${p.num_comments} comments`, `https://reddit.com${p.permalink}`].join("\n");
+      }).join("\n\n");
+      const newest = posts.map((c: any) => c.data.created_utc).sort((a: number, b: number) => b - a)[0];
+      const date = newest ? new Date(newest * 1000).toISOString() : null;
+      return { content: [{ type: "text", text: stamp(raw, apiUrl, date, date ? "high" : "medium", "reddit") }] };
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
+  });
+  // ── extract_producthunt ─────────────────────────────────────────────────────
+  server.registerTool("extract_producthunt", {
+    description: "Recent Product Hunt launches by keyword or topic. Returns names, taglines, votes, links.",
+    inputSchema: z.object({ url: z.string().describe("Search query e.g. 'AI writing tools' or a PH topic URL") }),
+    annotations: { readOnlyHint: true, openWorldHint: true },
+  }, async ({ url }) => {
+    try {
+      const isUrl = url.startsWith("http");
+      const gql = `{ posts(first: 20, order: VOTES${isUrl ? "" : `, search: ${JSON.stringify(url)}`}) { edges { node { name tagline url votesCount commentsCount createdAt topics { edges { node { name } } } } } } }`;
+      const res = await fetch("https://api.producthunt.com/v2/api/graphql", {
+        method: "POST",
+        headers: { "Content-Type": "application/json", "Authorization": "Bearer irgTzMNAz-S-p1P8H5pFCxzU4TEF7GIJZ8vZZi0gLJg" },
+        body: JSON.stringify({ query: gql }),
+      });
+      const json = await res.json() as any;
+      const posts = json?.data?.posts?.edges ?? [];
+      if (!posts.length) throw new Error("No results found");
+      const raw = posts.map((e: any, i: number) => {
+        const p = e.node;
+        const topics = p.topics?.edges?.map((t: any) => t.node.name).join(", ");
+        return [`[${i+1}] ${p.name}`, `"${p.tagline}"`, `↑ ${p.votesCount} · ${p.commentsCount} comments`, topics ? `Topics: ${topics}` : null, `Launched: ${p.createdAt?.slice(0,10)}`, `Link: ${p.url}`].filter(Boolean).join("\n");
+      }).join("\n\n");
+      const newest = posts.map((e: any) => e.node.createdAt).filter(Boolean).sort().reverse()[0] ?? null;
+      return { content: [{ type: "text", text: stamp(raw, url, newest, newest ? "high" : "medium", "producthunt") }] };
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
+  });
+  // ── extract_finance ─────────────────────────────────────────────────────────
+  server.registerTool("extract_finance", {
+    description: "Live stock data via Yahoo Finance. Accepts comma-separated ticker symbols. Returns price, change, market cap, P/E, 52w range, sector, company summary.",
+    inputSchema: z.object({ url: z.string().describe("Ticker symbol(s) e.g. 'AAPL' or 'MSFT,GOOG,AMZN'") }),
+    annotations: { readOnlyHint: true, openWorldHint: true },
+  }, async ({ url }) => {
+    try {
+      const tickers = url.split(",").map(t => t.trim().toUpperCase()).filter(Boolean).slice(0, 5);
+      const results: string[] = [];
+      let latestTs: number | null = null;
+      for (const ticker of tickers) {
+        const res = await fetch(
+          `https://query1.finance.yahoo.com/v7/finance/quote?symbols=${ticker}&fields=shortName,longName,regularMarketPrice,regularMarketChange,regularMarketChangePercent,marketCap,regularMarketVolume,fiftyTwoWeekHigh,fiftyTwoWeekLow,trailingPE,dividendYield,currency,exchangeName,regularMarketTime`,
+          { headers: { "User-Agent": "Mozilla/5.0 (compatible; freshcontext-mcp/0.1.6)" } }
+        );
+        if (!res.ok) { results.push(`[${ticker}] Error: ${res.status}`); continue; }
+        const json = await res.json() as any;
+        const q = json?.quoteResponse?.result?.[0];
+        if (!q) { results.push(`[${ticker}] No data found`); continue; }
+        if (q.regularMarketTime) latestTs = Math.max(latestTs ?? 0, q.regularMarketTime);
+        const sign = (q.regularMarketChange ?? 0) >= 0 ? "+" : "";
+        const cap = q.marketCap >= 1e12 ? `$${(q.marketCap/1e12).toFixed(2)}T` : q.marketCap >= 1e9 ? `$${(q.marketCap/1e9).toFixed(2)}B` : q.marketCap >= 1e6 ? `$${(q.marketCap/1e6).toFixed(2)}M` : "N/A";
+        results.push([
+          `${q.symbol} — ${q.longName ?? q.shortName ?? "Unknown"}`,
+          `Exchange: ${q.exchangeName ?? "N/A"} · Currency: ${q.currency ?? "USD"}`,
+          `Price:      $${q.regularMarketPrice?.toFixed(2) ?? "N/A"}`,
+          `Change:     ${sign}${q.regularMarketChange?.toFixed(2) ?? "N/A"} (${sign}${q.regularMarketChangePercent?.toFixed(2) ?? "N/A"}%)`,
+          `Market Cap: ${cap}`,
+          `Volume:     ${q.regularMarketVolume?.toLocaleString() ?? "N/A"}`,
+          `52w High:   $${q.fiftyTwoWeekHigh?.toFixed(2) ?? "N/A"}`,
+          `52w Low:    $${q.fiftyTwoWeekLow?.toFixed(2) ?? "N/A"}`,
+          `P/E Ratio:  ${q.trailingPE?.toFixed(2) ?? "N/A"}`,
+          `Div Yield:  ${q.dividendYield ? (q.dividendYield * 100).toFixed(2) + "%" : "N/A"}`,
+        ].join("\n"));
+      }
+      const raw = results.join("\n\n─────────────────────────────\n\n");
+      const date = latestTs ? new Date(latestTs * 1000).toISOString() : new Date().toISOString();
+      return { content: [{ type: "text", text: stamp(raw, `yahoo-finance:${tickers.join(",")}`, date, "high", "yahoo_finance") }] };
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
+  });
+  // ── extract_landscape ───────────────────────────────────────────────────────
+  server.registerTool("extract_landscape", {
+    description: "Composite tool. Queries YC + GitHub + HN + Reddit + Product Hunt + npm/PyPI simultaneously. Returns a unified 6-source timestamped landscape report.",
+    inputSchema: z.object({ topic: z.string().describe("Project idea or keyword e.g. 'mcp server'") }),
+    annotations: { readOnlyHint: true, openWorldHint: true },
+  }, async ({ topic }) => {
+    try {
+      const t = topic.replace(/[\x00-\x1F]/g, "").trim().slice(0, 200);
+      const [hn, repos, pkg] = await Promise.allSettled([
+        fetch(`https://hn.algolia.com/api/v1/search?query=${encodeURIComponent(t)}&tags=story&hitsPerPage=10`).then(r => r.json()),
+        fetch(`https://api.github.com/search/repositories?q=${encodeURIComponent(t)}&sort=stars&per_page=8`, { headers: { "User-Agent": "freshcontext-mcp/0.1.6" } }).then(r => r.json()),
+        fetch(`https://registry.npmjs.org/-/v1/search?text=${encodeURIComponent(t)}&size=5`).then(r => r.json()),
+      ]);
+      const sections = [
+        `# Landscape Report: "${t}"`,
+        `Generated: ${new Date().toISOString()}`,
+        "",
+        "## 💬 HN Sentiment",
+        hn.status === "fulfilled" ? (hn.value as any).hits?.slice(0, 8).map((h: any, i: number) => `[${i+1}] ${h.title} (${h.points}pts, ${h.created_at?.slice(0,10)})`).join("\n") : `Error: ${(hn as any).reason}`,
+        "",
+        "## 📦 Top GitHub Repos",
+        repos.status === "fulfilled" ? (repos.value as any).items?.slice(0, 8).map((r: any, i: number) => `[${i+1}] ${r.full_name} ⭐${r.stargazers_count} — ${r.description ?? "N/A"}`).join("\n") : `Error: ${(repos as any).reason}`,
+        "",
+        "## 📊 npm Packages",
+        pkg.status === "fulfilled" ? (pkg.value as any).objects?.map((o: any, i: number) => `[${i+1}] ${o.package.name}@${o.package.version} — ${o.package.description ?? "N/A"}`).join("\n") : `Error: ${(pkg as any).reason}`,
+      ].join("\n");
+      return { content: [{ type: "text", text: sections }] };
+    } catch (err: any) { return { content: [{ type: "text", text: `[ERROR] ${err.message}` }] }; }
   });
   return server;
@@ -315,26 +445,19 @@ function createServer(env: Env): McpServer {
 export default {
   async fetch(request: Request, env: Env): Promise<Response> {
-    // Prune stale rate limit entries occasionally
-    if (Math.random() < 0.05) pruneRateMap();
     try {
-      // 1. Auth check
       checkAuth(request, env);
-      // 2. Rate limit check
       const ip = getClientIp(request);
-      checkRateLimit(ip);
+      await checkRateLimit(ip, env.RATE_LIMITER);
     } catch (err: any) {
       const status = err.message.startsWith("Unauthorized") ? 401 : 429;
-      return securityErrorResponse(err.message, status);
+      return errResponse(err.message, status);
     }
-    // 3. Handle MCP request
     const transport = new WebStandardStreamableHTTPServerTransport();
     const server = createServer(env);
     await server.connect(transport);
     return transport.handleRequest(request);
   },
 } satisfies ExportedHandler<Env>;

package/worker/wrangler.jsonc CHANGED Viewed

@@ -6,5 +6,11 @@
   "compatibility_flags": ["nodejs_compat_v2"],
   "browser": {
     "binding": "BROWSER"
-  }
+  },
+  "kv_namespaces": [
+    {
+      "binding": "RATE_LIMITER",
+      "id": "7b74255ddbee42a99feea5898a11842b"
+    }
+  ]
 }

package/src/server.ts.bak DELETED Viewed

@@ -1,204 +0,0 @@
-import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
-import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
-import { z } from "zod";
-import { githubAdapter } from "./adapters/github.js";
-import { scholarAdapter } from "./adapters/scholar.js";
-import { hackerNewsAdapter } from "./adapters/hackernews.js";
-import { ycAdapter } from "./adapters/yc.js";
-import { repoSearchAdapter } from "./adapters/repoSearch.js";
-import { packageTrendsAdapter } from "./adapters/packageTrends.js";
-import { stampFreshness, formatForLLM } from "./tools/freshnessStamp.js";
-import { SecurityError, formatSecurityError } from "./security.js";
-const server = new McpServer({
-  name: "freshcontext-mcp",
-  version: "0.1.0",
-});
-// ─── Tool: extract_github ────────────────────────────────────────────────────
-server.registerTool(
-  "extract_github",
-  {
-    description:
-      "Extract real-time data from a GitHub repository — README, stars, forks, language, topics, last commit. Returns timestamped freshcontext.",
-    inputSchema: z.object({
-      url: z.string().url().describe("Full GitHub repo URL e.g. https://github.com/owner/repo"),
-      max_length: z.number().optional().default(6000).describe("Max content length"),
-    }),
-    annotations: { readOnlyHint: true, openWorldHint: true },
-  },
-  async ({ url, max_length }) => {
-    try {
-      const result = await githubAdapter({ url, maxLength: max_length });
-      const ctx = stampFreshness(result, { url, maxLength: max_length }, "github");
-      return { content: [{ type: "text", text: formatForLLM(ctx) }] };
-    } catch (err) {
-      return { content: [{ type: "text", text: formatSecurityError(err) }] };
-    }
-  }
-);
-// ─── Tool: extract_scholar ───────────────────────────────────────────────────
-server.registerTool(
-  "extract_scholar",
-  {
-    description:
-      "Extract research results from a Google Scholar search URL. Returns titles, authors, publication years, and snippets — all timestamped.",
-    inputSchema: z.object({
-      url: z.string().url().describe("Google Scholar search URL e.g. https://scholar.google.com/scholar?q=..."),
-      max_length: z.number().optional().default(6000),
-    }),
-    annotations: { readOnlyHint: true, openWorldHint: true },
-  },
-  async ({ url, max_length }) => {
-    try {
-      const result = await scholarAdapter({ url, maxLength: max_length });
-      const ctx = stampFreshness(result, { url, maxLength: max_length }, "google_scholar");
-      return { content: [{ type: "text", text: formatForLLM(ctx) }] };
-    } catch (err) {
-      return { content: [{ type: "text", text: formatSecurityError(err) }] };
-    }
-  }
-);
-// ─── Tool: extract_hackernews ────────────────────────────────────────────────
-server.registerTool(
-  "extract_hackernews",
-  {
-    description:
-      "Extract top stories or search results from Hacker News. Real-time dev/tech community sentiment with post timestamps.",
-    inputSchema: z.object({
-      url: z.string().url().describe("HN URL e.g. https://news.ycombinator.com or https://hn.algolia.com/?q=..."),
-      max_length: z.number().optional().default(4000),
-    }),
-    annotations: { readOnlyHint: true, openWorldHint: true },
-  },
-  async ({ url, max_length }) => {
-    try {
-      const result = await hackerNewsAdapter({ url, maxLength: max_length });
-      const ctx = stampFreshness(result, { url, maxLength: max_length }, "hackernews");
-      return { content: [{ type: "text", text: formatForLLM(ctx) }] };
-    } catch (err) {
-      return { content: [{ type: "text", text: formatSecurityError(err) }] };
-    }
-  }
-);
-// ─── Tool: extract_yc ──────────────────────────────────────────────────────────
-server.registerTool(
-  "extract_yc",
-  {
-    description:
-      "Scrape YC company listings. Use https://www.ycombinator.com/companies?query=KEYWORD to find startups in a space. Returns name, batch, tags, description per company with freshness timestamp.",
-    inputSchema: z.object({
-      url: z.string().url().describe("YC companies URL e.g. https://www.ycombinator.com/companies?query=mcp"),
-      max_length: z.number().optional().default(6000),
-    }),
-    annotations: { readOnlyHint: true, openWorldHint: true },
-  },
-  async ({ url, max_length }) => {
-    try {
-      const result = await ycAdapter({ url, maxLength: max_length });
-      const ctx = stampFreshness(result, { url, maxLength: max_length }, "ycombinator");
-      return { content: [{ type: "text", text: formatForLLM(ctx) }] };
-    } catch (err) {
-      return { content: [{ type: "text", text: formatSecurityError(err) }] };
-    }
-  }
-);
-// ─── Tool: search_repos ──────────────────────────────────────────────────────
-server.registerTool(
-  "search_repos",
-  {
-    description:
-      "Search GitHub for repositories matching a keyword or topic. Returns top results by stars with activity signals. Use to find competitors, similar tools, or related projects.",
-    inputSchema: z.object({
-      query: z.string().describe("Search query e.g. 'mcp server typescript' or 'cashflow prediction python'"),
-      max_length: z.number().optional().default(6000),
-    }),
-    annotations: { readOnlyHint: true, openWorldHint: true },
-  },
-  async ({ query, max_length }) => {
-    try {
-      const result = await repoSearchAdapter({ url: query, maxLength: max_length });
-      const ctx = stampFreshness(result, { url: query, maxLength: max_length }, "github_search");
-      return { content: [{ type: "text", text: formatForLLM(ctx) }] };
-    } catch (err) {
-      return { content: [{ type: "text", text: formatSecurityError(err) }] };
-    }
-  }
-);
-// ─── Tool: package_trends ────────────────────────────────────────────────────
-server.registerTool(
-  "package_trends",
-  {
-    description:
-      "Look up npm and PyPI package metadata — version history, release cadence, last updated. Use to gauge ecosystem activity around a tool or dependency. Supports comma-separated list of packages.",
-    inputSchema: z.object({
-      packages: z.string().describe("Package name(s) e.g. 'langchain' or 'npm:zod,pypi:fastapi'"),
-      max_length: z.number().optional().default(5000),
-    }),
-    annotations: { readOnlyHint: true, openWorldHint: true },
-  },
-  async ({ packages, max_length }) => {
-    try {
-      const result = await packageTrendsAdapter({ url: packages, maxLength: max_length });
-      const ctx = stampFreshness(result, { url: packages, maxLength: max_length }, "package_registry");
-      return { content: [{ type: "text", text: formatForLLM(ctx) }] };
-    } catch (err) {
-      return { content: [{ type: "text", text: formatSecurityError(err) }] };
-    }
-  }
-);
-// ─── Tool: extract_landscape ─────────────────────────────────────────────────
-server.registerTool(
-  "extract_landscape",
-  {
-    description:
-      "Composite intelligence tool. Given a project idea or keyword, simultaneously queries YC startups, GitHub repos, HN sentiment, and package activity to answer: Who is building this? Is it funded? What's getting traction? Returns a unified timestamped landscape report.",
-    inputSchema: z.object({
-      topic: z.string().describe("Your project idea or keyword e.g. 'mcp server' or 'cashflow prediction'"),
-      max_length: z.number().optional().default(8000),
-    }),
-    annotations: { readOnlyHint: true, openWorldHint: true },
-  },
-  async ({ topic, max_length }) => {
-    const perSection = Math.floor((max_length ?? 8000) / 4);
-    const [ycResult, repoResult, hnResult, pkgResult] = await Promise.allSettled([
-      ycAdapter({ url: `https://www.ycombinator.com/companies?query=${encodeURIComponent(topic)}`, maxLength: perSection }),
-      repoSearchAdapter({ url: topic, maxLength: perSection }),
-      hackerNewsAdapter({ url: `https://hn.algolia.com/api/v1/search?query=${encodeURIComponent(topic)}&tags=story&hitsPerPage=15`, maxLength: perSection }),
-      packageTrendsAdapter({ url: topic, maxLength: perSection }),
-    ]);
-    const section = (label: string, result: PromiseSettledResult<{ raw: string; content_date: string | null; freshness_confidence: string }>) =>
-      result.status === "fulfilled"
-        ? `## ${label}\n${result.value.raw}`
-        : `## ${label}\n[Error: ${(result as PromiseRejectedResult).reason}]`;
-    const combined = [
-      `# Landscape Report: "${topic}"`,
-      `Generated: ${new Date().toISOString()}`,
-      "",
-      section("🚀 YC Startups in this space", ycResult),
-      section("📦 Top GitHub repos", repoResult),
-      section("💬 HN sentiment (last month)", hnResult),
-      section("📊 Package ecosystem", pkgResult),
-    ].join("\n\n");
-    return { content: [{ type: "text", text: combined }] };
-  }
-);
-// ─── Start ───────────────────────────────────────────────────────────────────
-async function main() {
-  const transport = new StdioServerTransport();
-  await server.connect(transport);
-  console.error("freshcontext-mcp running on stdio");
-}
-main().catch(console.error);