internaltool-mcp 1.6.40 → 1.6.42

package/index.js

@@ -18,7 +18,7 @@
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js'
 import { execSync } from 'child_process'
-import { mkdirSync, writeFileSync, unlinkSync, existsSync, readdirSync, statSync } from 'fs'
+import { mkdirSync, writeFileSync, readFileSync, unlinkSync, existsSync, readdirSync, statSync } from 'fs'
 import { join } from 'path'
 import { z } from 'zod'
 import { api, login, configure } from './api-client.js'
@@ -83,6 +83,180 @@ async function assertAdmin() {
   }
 }
 
+// ── Codebase analysis helpers (used by plan_task_from_codebase) ───────────────
+
+/**
+ * Reads manifest files in cwd and returns detected stack info.
+ * Works for any language — JS/TS, Python, Go, Ruby, Java, Rust, PHP.
+ */
+function detectStack(cwd) {
+  const stack = { language: null, framework: null, testRunner: null, packageManager: null, extra: [] }
+  try {
+    // Node.js / JS / TS
+    const pkgPath = join(cwd, 'package.json')
+    if (existsSync(pkgPath)) {
+      const pkg = JSON.parse(readFileSync(pkgPath, 'utf8'))
+      const deps = { ...pkg.dependencies, ...pkg.devDependencies }
+      stack.language = pkg.scripts?.build?.includes('tsc') || existsSync(join(cwd, 'tsconfig.json')) ? 'typescript' : 'javascript'
+      stack.packageManager = existsSync(join(cwd, 'pnpm-lock.yaml')) ? 'pnpm' : existsSync(join(cwd, 'yarn.lock')) ? 'yarn' : 'npm'
+      // Framework detection
+      if (deps.next)        stack.framework = 'nextjs'
+      else if (deps.nuxt)   stack.framework = 'nuxt'
+      else if (deps.react)  stack.framework = 'react'
+      else if (deps.vue)    stack.framework = 'vue'
+      else if (deps.svelte) stack.framework = 'svelte'
+      else if (deps.express)  stack.framework = 'express'
+      else if (deps.fastify)  stack.framework = 'fastify'
+      else if (deps.nestjs || deps['@nestjs/core']) stack.framework = 'nestjs'
+      else if (deps.hono)     stack.framework = 'hono'
+      // Test runner
+      if (deps.jest || deps['@jest/core'])   stack.testRunner = 'jest'
+      else if (deps.vitest)                  stack.testRunner = 'vitest'
+      else if (deps.mocha)                   stack.testRunner = 'mocha'
+      else if (deps.playwright || deps['@playwright/test']) stack.testRunner = 'playwright'
+      // ORM / DB
+      if (deps.mongoose)       stack.extra.push('mongoose')
+      if (deps.prisma)         stack.extra.push('prisma')
+      if (deps.drizzle)        stack.extra.push('drizzle')
+      if (deps.typeorm)        stack.extra.push('typeorm')
+      if (deps.sequelize)      stack.extra.push('sequelize')
+      if (deps['@supabase/supabase-js']) stack.extra.push('supabase')
+      if (deps.trpc || deps['@trpc/server']) stack.extra.push('trpc')
+      return stack
+    }
+    // Python
+    const reqPath  = join(cwd, 'requirements.txt')
+    const pyprojPath = join(cwd, 'pyproject.toml')
+    if (existsSync(reqPath) || existsSync(pyprojPath)) {
+      stack.language = 'python'
+      const content = existsSync(reqPath) ? readFileSync(reqPath, 'utf8') : readFileSync(pyprojPath, 'utf8')
+      if (content.includes('django'))  stack.framework = 'django'
+      else if (content.includes('fastapi')) stack.framework = 'fastapi'
+      else if (content.includes('flask'))   stack.framework = 'flask'
+      else if (content.includes('starlette')) stack.framework = 'starlette'
+      if (content.includes('pytest'))  stack.testRunner = 'pytest'
+      if (content.includes('sqlalchemy')) stack.extra.push('sqlalchemy')
+      if (content.includes('alembic'))    stack.extra.push('alembic')
+      return stack
+    }
+    // Go
+    if (existsSync(join(cwd, 'go.mod'))) {
+      stack.language = 'go'
+      const gomod = readFileSync(join(cwd, 'go.mod'), 'utf8')
+      if (gomod.includes('gin-gonic/gin'))  stack.framework = 'gin'
+      else if (gomod.includes('go-chi/chi')) stack.framework = 'chi'
+      else if (gomod.includes('labstack/echo')) stack.framework = 'echo'
+      else if (gomod.includes('gofiber/fiber')) stack.framework = 'fiber'
+      stack.testRunner = 'go test'
+      return stack
+    }
+    // Ruby
+    if (existsSync(join(cwd, 'Gemfile'))) {
+      stack.language = 'ruby'
+      const gemfile = readFileSync(join(cwd, 'Gemfile'), 'utf8')
+      if (gemfile.includes('rails'))  stack.framework = 'rails'
+      else if (gemfile.includes('sinatra')) stack.framework = 'sinatra'
+      if (gemfile.includes('rspec'))  stack.testRunner = 'rspec'
+      return stack
+    }
+    // Rust
+    if (existsSync(join(cwd, 'Cargo.toml'))) {
+      stack.language = 'rust'
+      const cargo = readFileSync(join(cwd, 'Cargo.toml'), 'utf8')
+      if (cargo.includes('actix-web')) stack.framework = 'actix-web'
+      else if (cargo.includes('axum')) stack.framework = 'axum'
+      else if (cargo.includes('warp')) stack.framework = 'warp'
+      stack.testRunner = 'cargo test'
+      return stack
+    }
+    // Java / Kotlin
+    if (existsSync(join(cwd, 'pom.xml')) || existsSync(join(cwd, 'build.gradle'))) {
+      stack.language = existsSync(join(cwd, 'build.gradle.kts')) ? 'kotlin' : 'java'
+      stack.framework = 'spring-boot'
+      stack.testRunner = 'junit'
+      return stack
+    }
+    // PHP
+    if (existsSync(join(cwd, 'composer.json'))) {
+      stack.language = 'php'
+      const composer = JSON.parse(readFileSync(join(cwd, 'composer.json'), 'utf8'))
+      const req = { ...composer.require, ...composer['require-dev'] }
+      if (req['laravel/framework']) stack.framework = 'laravel'
+      else if (req['symfony/symfony'] || req['symfony/framework-bundle']) stack.framework = 'symfony'
+      return stack
+    }
+  } catch { /* non-fatal */ }
+  return stack
+}
+
+/**
+ * Returns a shallow directory tree (depth 2) so the agent knows the folder layout.
+ * Ignores node_modules, .git, vendor, __pycache__, dist, build, .next
+ */
+function getDirTree(cwd, maxDepth = 2) {
+  const IGNORE = new Set(['node_modules', '.git', 'vendor', '__pycache__', 'dist', 'build', '.next', '.turbo', 'coverage', '.cache', 'target', 'venv', '.venv'])
+  function walk(dir, depth) {
+    if (depth > maxDepth) return []
+    let entries
+    try { entries = readdirSync(dir, { withFileTypes: true }) } catch { return [] }
+    return entries
+      .filter(e => !IGNORE.has(e.name) && !e.name.startsWith('.'))
+      .map(e => {
+        if (e.isDirectory()) {
+          const children = walk(join(dir, e.name), depth + 1)
+          return { name: e.name + '/', children: children.length ? children : undefined }
+        }
+        return { name: e.name }
+      })
+  }
+  return walk(cwd, 0)
+}
+
+/**
+ * Based on detected stack, grep for the most likely entry-point files.
+ * Returns a list of { pattern, matches } — actual file paths found locally.
+ */
+function findEntryPoints(cwd, stack) {
+  const results = {}
+  const greps = {
+    javascript: { typescript: true,
+      routes:     ['router\\.', 'app\\.get\\|app\\.post\\|app\\.put\\|fastify\\.', 'Route path='],
+      models:     ['mongoose\\.Schema\\|new Schema\\|@Entity\\|@Table'],
+      components: ['export default function\\|export const.*=.*=>\\|React\\.FC'],
+    },
+    python: {
+      routes:  ['@app\\.route\\|@router\\.\\|path(\\|urlpatterns\\|@api_view'],
+      models:  ['class.*Model\\|db\\.Model\\|Base\\)\\|models\\.Model'],
+      schemas: ['class.*Schema\\|serializers\\.\\|Pydantic\\|BaseModel'],
+    },
+    go: {
+      routes:  ['router\\.\\.\\|http\\.HandleFunc\\|r\\.GET\\|r\\.POST\\|e\\.GET'],
+      models:  ['type.*struct\\|gorm\\.Model'],
+    },
+    ruby: {
+      routes:  ['resources \\|get \'\\|post \'\\|Rails\\.application\\.routes'],
+      models:  ['ApplicationRecord\\|ActiveRecord::Base\\|belongs_to\\|has_many'],
+    },
+  }
+
+  const lang = stack.language === 'typescript' ? 'javascript' : stack.language
+  const patterns = greps[lang] || {}
+
+  for (const [type, patternList] of Object.entries(patterns)) {
+    if (type === 'typescript') continue
+    try {
+      const pat = Array.isArray(patternList) ? patternList.join('\\|') : patternList
+      const out = execSync(
+        `grep -rl "${pat}" . --include="*.js" --include="*.ts" --include="*.jsx" --include="*.tsx" --include="*.py" --include="*.go" --include="*.rb" --include="*.java" --include="*.kt" --include="*.rs" --include="*.php" 2>/dev/null | grep -v node_modules | grep -v ".git" | head -8`,
+        { cwd, encoding: 'utf8', timeout: 4000 }
+      )
+      const files = out.trim().split('\n').filter(Boolean)
+      if (files.length) results[type] = files
+    } catch { /* non-fatal */ }
+  }
+  return results
+}
+
 // ── Tool registration functions ───────────────────────────────────────────────
 
 function registerAuthTools(server) {
@@ -289,6 +463,60 @@ Returns tasks with key, title, column, assignees, priority, taskType, and branch
     }
   )
 
+  // ── suggest_skill ─────────────────────────────────────────────────────────────
+  server.tool(
+    'suggest_skill',
+    `Propose a reusable skill, rule, prompt, subagent, or hook to the project's AgentKit — pending human approval.
+
+## When to call this
+
+Call this when you discover something during a coding session that would help future sessions in this codebase:
+
+- **skill**: A step-by-step methodology you used (e.g. "how to add a new API endpoint in this Express app", "how to run and interpret the test suite")
+- **rule**: A constraint that should always apply (e.g. "always validate with zod before touching the DB", "never modify migrations directly")
+- **prompt**: A prompt template that reliably produces good results for this project (e.g. "security sweep prompt", "PR review checklist")
+- **subagent**: A specialized agent persona (e.g. "database migration specialist with access to prisma tools only")
+- **hook**: A shell command that should run automatically (e.g. "check .internaltool-active-task before any Edit", "run lint after Write")
+
+## When NOT to call this
+
+- Do not suggest things that are obvious from the README or existing docs
+- Do not suggest generic skills that apply to any codebase (e.g. "how to write clean code")
+- Do not suggest more than 1-2 skills per session — be selective and high-signal
+
+## The human reviews and decides
+
+Your suggestion goes into a "Pending" queue visible in the project's AgentKit UI.
+The developer can edit the body, approve (which promotes it to active config), or reject.
+After approval, the skill/rule is injected at every future kickoff_task.`,
+    {
+      projectId:     z.string().describe("Project's MongoDB ObjectId"),
+      type:          z.enum(['skill', 'rule', 'prompt', 'subagent', 'hook']).describe('What kind of suggestion this is'),
+      name:          z.string().describe('Slug name — lowercase, hyphens, no spaces (e.g. "add-express-route", "require-zod-validation")'),
+      description:   z.string().describe('One-line description of what this does — shown in the AgentKit UI'),
+      body:          z.string().describe('Full markdown content — for skills: step-by-step instructions; for rules: constraint language; for hooks: shell command + explanation'),
+      rationale:     z.string().describe('Why this would help future sessions — what problem it solves, what mistake it prevents, or what pattern it captures'),
+      sourceTaskId:  z.string().optional().describe('Task ID this was discovered during (for traceability)'),
+      sourceTaskKey: z.string().optional().describe('Task key (e.g. PROJ-42) for display'),
+      // Hook-specific
+      hookTrigger:   z.string().optional().describe('For type=hook: when it fires (PreToolUse | PostToolUse | Stop)'),
+      hookMatcher:   z.string().optional().describe('For type=hook: tool name regex matcher (e.g. "Edit|Write")'),
+      hookCommand:   z.string().optional().describe('For type=hook: the shell command to execute'),
+    },
+    async ({ projectId, type, name, description, body, rationale, sourceTaskId, sourceTaskKey, hookTrigger, hookMatcher, hookCommand }) => {
+      try { assertProjectScope(projectId) } catch (e) { return errorText(e.message) }
+      return call(() => api.post(`/api/projects/${projectId}/skill-suggestions`, {
+        type, name, description, body, rationale,
+        sourceTaskId: sourceTaskId || null,
+        sourceTaskKey: sourceTaskKey || '',
+        suggestedBy: 'Claude Code',
+        hookTrigger: hookTrigger || '',
+        hookMatcher: hookMatcher || '',
+        hookCommand: hookCommand || '',
+      }))
+    }
+  )
+
   // ── plan_task_from_codebase ───────────────────────────────────────────────────
   server.tool(
     'plan_task_from_codebase',
@@ -370,7 +598,13 @@ Do NOT ask the developer to describe the codebase — read it yourself.`,
         return errorText(`Access denied: session is scoped to project ${scopedProjectId}`)
       }
 
-      // Fetch project context so the agent knows the project name and any existing conventions
+      // ── 1. Run codebase analysis using local filesystem access ────────────────
+      const cwd = process.cwd()
+      const stack       = detectStack(cwd)
+      const dirTree     = getDirTree(cwd, 2)
+      const entryPoints = findEntryPoints(cwd, stack)
+
+      // ── 2. Fetch project context ──────────────────────────────────────────────
       let projectContext = null
       try {
         const projRes = await api.get(`/api/projects/${projectId}`)
@@ -384,63 +618,58 @@ Do NOT ask the developer to describe the codebase — read it yourself.`,
         }
       } catch { /* non-fatal */ }
 
-      // Check for duplicate tasks first
-      let duplicateCheck = null
+      // ── 3. Duplicate check ────────────────────────────────────────────────────
+      let similarTasks = null
       try {
         const keywords = request.split(' ').filter(w => w.length > 4).slice(0, 3).join(' ')
         const searchRes = await api.get(
           `/api/projects/${projectId}/tasks/search?q=${encodeURIComponent(keywords)}&limit=3`
         )
         if (searchRes?.success && searchRes.data?.tasks?.length > 0) {
-          duplicateCheck = searchRes.data.tasks.map(t => ({
-            taskId:  t._id,
-            key:     t.key,
-            title:   t.title,
-            column:  t.column,
-            taskType: t.taskType,
+          similarTasks = searchRes.data.tasks.map(t => ({
+            taskId: t._id, key: t.key, title: t.title, column: t.column, taskType: t.taskType,
           }))
         }
       } catch { /* non-fatal */ }
 
-      if (duplicateCheck?.length > 0) {
-        return text({
-          duplicateWarning: true,
-          message: `Found ${duplicateCheck.length} potentially similar task(s). Review before creating a duplicate.`,
-          similarTasks: duplicateCheck,
-          instruction: [
-            'If one of these IS the same task: call kickoff_task on it instead of creating a new one.',
-            'If none match: proceed with the analysis protocol below.',
-          ],
-          analysisProtocol: {
-            step1: 'Read package.json / go.mod / requirements.txt to identify the stack',
-            step2: 'Grep for existing patterns relevant to the request',
-            step3: 'Identify files to create and modify',
-            step4: `Call create_task(projectId="${projectId}", title="...", readmeMarkdown="...", taskType="...", priority="${priority}", column="todo", subtasks=[...], suggestedFiles=[...])`,
-            step5: 'Call kickoff_task(taskId=<id>, confirmed=true, agentRole="builder", files=[...suggestedFiles])',
-          },
-          projectContext,
-          request,
-          projectId,
-          priority,
-        })
-      }
+      // ── 4. Return codebase intelligence + tight instructions ──────────────────
+      const hasEntryPoints = Object.keys(entryPoints).length > 0
+      const stackSummary = [
+        stack.language, stack.framework, stack.testRunner, ...(stack.extra || [])
+      ].filter(Boolean).join(', ') || 'unknown (no manifest found at cwd)'
 
-      // No duplicate — return the analysis brief
       return text({
-        projectId,
+        // Real codebase data — use these directly, do NOT re-read what's already here
+        codebaseIntelligence: {
+          cwd,
+          stack: { ...stack, summary: stackSummary },
+          dirTree,
+          entryPoints: hasEntryPoints
+            ? entryPoints
+            : { note: 'No entry points found at cwd — check that MCP server is running from the project root' },
+        },
+
+        // Duplicate guard
+        ...(similarTasks?.length > 0 && {
+          duplicateWarning: true,
+          similarTasks,
+          duplicateInstruction: 'Check the list above. If one matches → call kickoff_task on it. If none match → proceed.',
+        }),
+
+        // What to do now — use codebaseIntelligence above to skip re-reading the filesystem
+        nextSteps: [
+          'Use dirTree + entryPoints above to identify which files need changing — you already have the map.',
+          `Read 2-3 files from entryPoints.routes / entryPoints.models / entryPoints.components to extract naming conventions and wiring patterns.`,
+          'Draft readmeMarkdown with: ## Goal, ## Stack, ## Technical approach (name real files), ## Files to create, ## Files to modify, ## Subtasks (ordered), ## Acceptance criteria.',
+          `Call create_task(projectId="${projectId}", title="<verb + noun>", readmeMarkdown="<plan>", taskType="<feature|bugfix|...>", priority="${priority}", column="todo", subtasks=[...], suggestedFiles=[...])`,
+          'Immediately after: call kickoff_task(taskId=<returned id>, confirmed=true, agentRole="builder", files=[...suggestedFiles])',
+        ],
+
+        // Context
         request,
+        projectId,
         priority,
         projectContext,
-        analysisProtocol: {
-          overview: 'Follow these steps IN ORDER before calling create_task',
-          step1_stack: 'Read package.json / go.mod / requirements.txt / Cargo.toml — detect language, framework, test runner',
-          step2_entrypoint: 'Grep for the relevant area: routes, controllers, components, models — find where similar features live',
-          step3_patterns: 'Read 2-3 existing similar files — note naming conventions, folder structure, wiring patterns',
-          step4_impact: 'List every file to CREATE and every file to MODIFY — be exhaustive',
-          step5_create: `Call create_task(projectId="${projectId}", title="<action-verb noun>", readmeMarkdown="<full plan>", taskType="<type>", priority="${priority}", column="todo", subtasks=[{title: "step1"}, ...], suggestedFiles=["path/to/file1", ...])`,
-          step6_kickoff: 'Call kickoff_task(taskId=<returned id>, confirmed=true, agentRole="builder", files=[...suggestedFiles])',
-        },
-        reminder: 'Do NOT call create_task before completing steps 1-4. The readmeMarkdown must reference real file paths from your analysis.',
       })
     }
   )
@@ -680,6 +909,9 @@ Set confirmed=false first to preview, then confirmed=true to execute everything.
         agentWorkspace: { clearedAt: new Date().toISOString() }
       }).catch(() => {/* non-fatal */})
 
+      // Remove .internaltool-active-task so the Claude Code hook blocks edits until next kickoff
+      try { unlinkSync(join(process.cwd(), '.internaltool-active-task')) } catch { /* non-fatal */ }
+
       // ── #9 Capture last commit for handoff metadata ───────────────────────
       const lastCommit = getLastCommitMeta(repoRoot)
 
@@ -3913,6 +4145,15 @@ After \`request_human_input\`: STOP, show the question in chat, wait for reply,
       }
       api.patch(`/api/tasks/${taskId}`, workspacePatch).catch(() => {/* non-fatal */})
 
+      // Write .internaltool-active-task so the Claude Code hook knows a task is active
+      try {
+        writeFileSync(
+          join(process.cwd(), '.internaltool-active-task'),
+          JSON.stringify({ taskId, taskKey: task.key, title: task.title, agentRole: agentRole || null, kickedOffAt: new Date().toISOString() }, null, 2),
+          'utf8'
+        )
+      } catch { /* non-fatal — hook gracefully degrades if file can't be written */ }
+
       // Auto-scan workspace so the Workspace tab in the UI is fresh immediately after kickoff.
       if (kickoffProject) {
         runWorkspaceScan(taskId, task, kickoffProject, repoPath).catch(() => {/* non-fatal */})

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "internaltool-mcp",
-  "version": "1.6.40",
+  "version": "1.6.42",
   "description": "MCP server for InternalTool — connect AI assistants (Claude Code, Cursor) to your project and task management platform",
   "type": "module",
   "main": "index.js",