karukia-mcp 3.0.0 → 3.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +75 -20
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -1,8 +1,20 @@
1
1
  # KARUKIA MCP
2
2
 
3
+ ```
4
+ ██╗ ██╗ █████╗ ██████╗ ██╗ ██╗██╗ ██╗ ██╗ █████╗
5
+ ██║ ██╔╝██╔══██╗██╔══██╗██║ ██║██║ ██╔╝ ██║██╔══██╗
6
+ █████╔╝ ███████║██████╔╝██║ ██║█████╔╝ ██║███████║
7
+ ██╔═██╗ ██╔══██║██╔══██╗██║ ██║██╔═██╗ ██║██╔══██║
8
+ ██║ ██╗██║ ██║██║ ██║╚██████╔╝██║ ██╗ ██║██║ ██║
9
+ ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝
10
+ AI methodology for highly regulated industries · Made in Guadeloupe 🇬🇵
11
+ ```
12
+
3
13
  **The complete AI-assisted development methodology, delivered via MCP.**
4
14
 
5
- 21 tools, 11 skills, 935+ security/quality/pentest checkpoints. Works with any AI platform (Claude Code, Cursor, Windsurf, Copilot...) through the Model Context Protocol.
15
+ **Latest: v3.0**
16
+
17
+ 27 tools, 20 skills, 1673+ checkpoints across 11 audit dimensions. Works with any AI platform (Claude Code, Cursor, Windsurf, Copilot...) through the Model Context Protocol.
6
18
 
7
19
  ## What is KARUKIA?
8
20
 
@@ -17,12 +29,20 @@ You: "Run a security audit"
17
29
  -> AI becomes Neo, follows the methodology, produces structured findings
18
30
  ```
19
31
 
20
- ## The Three Layers
32
+ ## The 11 Audit Dimensions
21
33
 
22
34
  ```
23
- Layer 1 - DEFENSIVE (Neo) 445 controls "Is my code secure?"
24
- Layer 2 - QUALITY (Opquast) 245 rules "Is my app well-built?"
25
- Layer 3 - OFFENSIVE (Viper) 245 tests "How would a hacker break in?"
35
+ SECURITY → Neo (445 pts) "Is my code secure?"
36
+ QUALITY → Opquast (245 pts) "Is my app well-built?"
37
+ OFFENSIVE Viper (245+ tests) "How would a hacker break in?"
38
+ TS → ts_quality (118) "Is my TypeScript clean?"
39
+ CSS → css_quality (55) "Is my design system maintainable?"
40
+ ARCHI → archi (70) "Is my architecture sound?"
41
+ TESTS → test_coverage (68) "Am I testing the right things?"
42
+ PERF → perf (90) "Where are the bottlenecks?"
43
+ DEBT → debt (55) "What's slowing us down?"
44
+ HDS/ISO → audit_expert (200+)"Am I ready for certification?"
45
+ SCAN → karukia_scan "Run all 11 dimensions at once"
26
46
  ```
27
47
 
28
48
  ---
@@ -50,7 +70,7 @@ Create or edit `.mcp.json` at the root of your project:
50
70
 
51
71
  ### Step 2 — Restart your AI client
52
72
 
53
- Restart Claude Code (`/quit` then relaunch) or your IDE. The 21 KARUKIA tools are now available.
73
+ Restart Claude Code (`/quit` then relaunch) or your IDE. The 27 KARUKIA tools are now available.
54
74
 
55
75
  > On first launch, `npx` downloads the package automatically (~175 KB). Subsequent launches use the cached version.
56
76
 
@@ -108,7 +128,7 @@ Then add to your global AI config (`~/.claude.json` for Claude Code):
108
128
 
109
129
  ---
110
130
 
111
- ## 21 Tools
131
+ ## 27 Tools
112
132
 
113
133
  ### Essential (start here)
114
134
 
@@ -118,7 +138,7 @@ Then add to your global AI config (`~/.claude.json` for Claude Code):
118
138
  | `auto` | **[MAIN TOOL]** Describe what you need — KARUKIA routes to the right skills |
119
139
  | `start` | Quick-start guide — explains all skills at 3 progressive levels |
120
140
 
121
- ### 11 Skills (AI Personas)
141
+ ### Core Skills (AI Personas)
122
142
 
123
143
  Each skill returns a complete prompt that transforms your AI into a specialist.
124
144
 
@@ -134,28 +154,39 @@ Each skill returns a complete prompt that transforms your AI into a specialist.
134
154
  | `terraform_update` | IaC Specialist | Terraform automation for KMS, GCS, IAM |
135
155
  | `doc_refactor` | Doc Auditor | Documentation accuracy audit vs actual code |
136
156
 
137
- ### 5 Utilities
157
+ ### Dimensional Skills (v3.0 New)
158
+
159
+ | Tool | Checkpoints | What it does |
160
+ |------|-------------|-------------|
161
+ | `ts_quality` | 118 | TypeScript audit — type safety, strict config, generics, async patterns |
162
+ | `css_quality` | 55 | CSS/Design System — maintainability, accessibility, metrics |
163
+ | `archi` | 70 | Architecture — module structure, coupling, layering |
164
+ | `test_coverage` | 68 | Test inventory — frontend/backend coverage quality |
165
+ | `perf` | 90 | Performance — frontend, backend, build/bundle |
166
+ | `debt` | 55 | Technical debt — dead code, dependency health, code smells |
167
+ | `karukia_scan` | 1673+ | **Global scan** — all 11 dimensions in parallel |
168
+ | `audit_expert_hds` | 200+ | Expert HDS 2.0/ISO 27001 — 8 domains, certification readiness |
169
+ | `change_report` | — | Change management report (ISO 27001 A.8.32) |
170
+
171
+ ### Utilities
138
172
 
139
173
  | Tool | Description |
140
174
  |------|-------------|
141
- | `list_checklists` | Browse all 24 checklists by category |
142
- | `get_checklist` | Retrieve the full content of any checklist |
143
- | `search_rules` | Search across all 935+ checkpoints by keyword and severity |
175
+ | `list_checklists` | Browse all 31 checklists by category |
144
176
  | `suggest_checklists` | Describe your project — get a prioritized audit plan |
145
177
  | `generate_report` | Compile audit results into a scored Markdown report |
146
178
 
147
- ### 4 Memory & Config
179
+ ### Memory & Config
148
180
 
149
181
  | Tool | Description |
150
182
  |------|-------------|
151
183
  | `init_memory` | Initialize KARUKIA memory structure in a project |
152
184
  | `get_session_template` | Get pre-filled session templates for any skill |
153
185
  | `get_config_template` | Get configuration templates (security scope, CLAUDE.md, analytics) |
154
- | `get_shared` | Access shared methodology components (guard rules, workflow, agents) |
155
186
 
156
187
  ---
157
188
 
158
- ## 24 Checklists
189
+ ## 31 Checklists
159
190
 
160
191
  ### Defensive Security (Neo) — 6 checklists, 445 controls
161
192
 
@@ -183,6 +214,18 @@ Based on [Opquast](https://www.opquast.com/) — the French web quality referenc
183
214
  | **Healthcare** | 50+ | PHI, encryption, medical data |
184
215
  | **Attack Scenarios** | 15+ | PTES templates, MITRE ATT&CK |
185
216
 
217
+ ### Dimensional Quality (New in v3.0) — 7 checklists, 656+ checkpoints
218
+
219
+ | Checklist | Points | Scope |
220
+ |-----------|--------|-------|
221
+ | **TypeScript Quality** | 118 | Type safety, strict config, patterns |
222
+ | **CSS / Design System** | 55 | Maintainability, a11y, metrics |
223
+ | **Architecture** | 70 | Module structure, coupling, layering |
224
+ | **Test Coverage** | 68 | Frontend/backend inventory, quality |
225
+ | **Performance** | 90 | Frontend, backend, build/bundle |
226
+ | **Technical Debt** | 55 | Dead code, deps, code smells |
227
+ | **Expert HDS/ISO 27001** | 200+ | Certification readiness — 8 domains |
228
+
186
229
  ---
187
230
 
188
231
  ## Usage Examples
@@ -215,25 +258,37 @@ Your AI calls `auto` — analyzes the request — routes to the right skill(s)
215
258
 
216
259
  ## Documentation
217
260
 
218
- - [Livre Blanc (Francais)](./LIVRE-BLANC.md) — Document technique detaille : architecture, methodologie, cas d'usage
261
+ - [Livre Blanc (Français)](./LIVRE-BLANC.md) — Document technique détaillé : architecture, méthodologie, cas d'usage
219
262
  - [Whitepaper (English)](./WHITEPAPER.md) — Technical deep-dive: architecture, methodology, use cases
220
263
 
221
264
  ---
222
265
 
223
266
  ## Cloud / Enterprise
224
267
 
225
- KARUKIA runs locally by default (stdio transport via `npx`). A remote HTTP transport is also available for enterprise deployments — hosted on your own infrastructure, accessible via API with bearer authentication.
268
+ KARUKIA runs locally by default (stdio via `npx`). Free, zero infrastructure.
269
+
270
+ **For teams** — a managed KARUKIA server (waitlist): connect your whole team via a single API key, centralized audit trail, consistent checklists across all developers.
271
+
272
+ → **contact@karukia.com** to join the waitlist.
273
+
274
+ ---
275
+
276
+ ## About
277
+
278
+ KARUKIA is developed by **[KARUK IA Solutions](https://karukia.com)**, a B2B SaaS studio specializing in regulated industries (healthcare, finance, pharma), based in Guadeloupe. 🇬🇵
279
+
280
+ Built from the experience of securing a healthcare SaaS application for HDS 2.0 / ISO 27001 certification. The methodology was made open to share what a real certification process actually requires — not just theory.
226
281
 
227
- Interested in a managed KARUKIA instance for your team? Contact: **contact@karukia.com**
282
+ > *Made in Guadeloupe AI doesn't replace the expert, it frees them.*
228
283
 
229
284
  ---
230
285
 
231
- ## About KARUKIA
286
+ ## Why KARUKIA
232
287
 
233
288
  KARUKIA is a structured AI-assisted development methodology built around three principles:
234
289
 
235
290
  1. **Separation of concerns** — Security, quality, and implementation are separate disciplines handled by separate AI personas.
236
- 2. **Formal checkpoints over gut feeling** — 935 documented checkpoints beat "I think it's fine."
291
+ 2. **Formal checkpoints over gut feeling** — 1673+ documented checkpoints beat "I think it's fine."
237
292
  3. **Defense in depth** — Defensive audit first, quality validation second, offensive testing last.
238
293
 
239
294
  Built from real-world experience securing a healthcare SaaS application to HDS 2.0 / ISO 27001 standards.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "karukia-mcp",
3
- "version": "3.0.0",
3
+ "version": "3.0.1",
4
4
  "description": "KARUKIA MCP Server v3.0 — AI-powered development methodology with 27 tools, 20 skills, 1673+ checkpoints across 11 audit dimensions. Works with any AI platform via MCP protocol.",
5
5
  "keywords": [
6
6
  "mcp",