lintbase-mcp 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +201 -0
  2. package/package.json +3 -2
package/README.md ADDED
@@ -0,0 +1,201 @@
1
+ # lintbase-mcp
2
+
3
+ > **Give your AI coding agent real-time Firestore schema context — so it stops hallucinating field names.**
4
+
5
+ [![npm version](https://img.shields.io/npm/v/lintbase-mcp.svg)](https://www.npmjs.com/package/lintbase-mcp)
6
+ [![npm downloads](https://img.shields.io/npm/dm/lintbase-mcp.svg)](https://www.npmjs.com/package/lintbase-mcp)
7
+ [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
8
+ [![MCP](https://img.shields.io/badge/MCP-compatible-blue.svg)](https://modelcontextprotocol.io)
9
+
10
+ ---
11
+
12
+ ## The Problem
13
+
14
+ When you ask Cursor, Claude, or Windsurf to write Firestore code, it **guesses** your schema.
15
+
16
+ ```
17
+ // What your AI writes:
18
+ await db.collection('users').doc(id).update({ name: value });
19
+
20
+ // What's actually in your DB:
21
+ { displayName, uid, email, createdAt, plan } ← no "name" field
22
+ ```
23
+
24
+ The result: silent bugs, runtime crashes, and schema drift baked in by your AI assistant.
25
+
26
+ ## The Fix
27
+
28
+ `lintbase-mcp` is a [Model Context Protocol](https://modelcontextprotocol.io) server that connects your AI agent directly to your Firestore database. Before writing any code, the agent **checks what's actually there**.
29
+
30
+ ```
31
+ You: "Add a subscription status field to users"
32
+
33
+ Agent → lintbase_get_schema({ collection: "users" })
34
+ ← { uid, email, createdAt, plan, displayName }
35
+
36
+ Agent: "I can see users has uid, email, createdAt, plan, displayName.
37
+ I'll add subscriptionStatus as a string field alongside plan..."
38
+ ```
39
+
40
+ No hallucinations. No drift. Ground-truth schema, every time.
41
+
42
+ ---
43
+
44
+ ## Tools
45
+
46
+ | Tool | What it does |
47
+ |------|-------------|
48
+ | `lintbase_scan` | Full database audit — schema drift, security issues, performance problems, cost leaks. Returns a structured report with a 0–100 risk score. |
49
+ | `lintbase_get_schema` | Returns real field names, types, and presence rates for one or all collections. Use before writing any DB code. |
50
+ | `lintbase_get_issues` | Returns filtered issues. Ask targeted questions: *"any errors in users?"*, *"all security issues?"*, *"schema drift only?"* |
51
+
52
+ ---
53
+
54
+ ## Setup
55
+
56
+ You'll need a [Firebase service account JSON key](https://firebase.google.com/docs/admin/setup#initialize_the_sdk_in_non-google_environments) for your project.
57
+
58
+ ### Cursor
59
+
60
+ Add to `.cursor/mcp.json` in your project root:
61
+
62
+ ```json
63
+ {
64
+ "mcpServers": {
65
+ "lintbase": {
66
+ "command": "npx",
67
+ "args": ["-y", "lintbase-mcp"]
68
+ }
69
+ }
70
+ }
71
+ ```
72
+
73
+ Then in your conversation:
74
+ ```
75
+ "Check my Firestore schema before writing this code. Key is at ./service-account.json"
76
+ ```
77
+
78
+ ### Claude Desktop
79
+
80
+ Add to `~/Library/Application Support/Claude/claude_desktop_config.json`:
81
+
82
+ ```json
83
+ {
84
+ "mcpServers": {
85
+ "lintbase": {
86
+ "command": "npx",
87
+ "args": ["-y", "lintbase-mcp"]
88
+ }
89
+ }
90
+ }
91
+ ```
92
+
93
+ Restart Claude Desktop and start a new conversation.
94
+
95
+ ### Windsurf
96
+
97
+ Add to your Windsurf MCP config:
98
+
99
+ ```json
100
+ {
101
+ "mcpServers": {
102
+ "lintbase": {
103
+ "command": "npx",
104
+ "args": ["-y", "lintbase-mcp"]
105
+ }
106
+ }
107
+ }
108
+ ```
109
+
110
+ ---
111
+
112
+ ## Usage Examples
113
+
114
+ Once connected, your AI agent has three tools available. You can trigger them naturally in conversation or the agent will use them automatically when relevant.
115
+
116
+ ### Get the schema of a collection
117
+ ```
118
+ "What fields are in the users collection?"
119
+ → lintbase_get_schema({ keyPath: "./sa.json", collection: "users" })
120
+ ```
121
+
122
+ **Returns:**
123
+ ```markdown
124
+ ## users (50 docs sampled)
125
+ | Field | Type | Presence | Stable |
126
+ |-------------|-----------|----------|--------|
127
+ | uid | string | 100% | ✅ |
128
+ | email | string | 100% | ✅ |
129
+ | createdAt | timestamp | 100% | ✅ |
130
+ | plan | string | 95% | ✅ |
131
+ | displayName | string | 62% | ⚠️ ← mark as optional |
132
+ ```
133
+
134
+ ### Run a full audit
135
+ ```
136
+ "Run a full LintBase scan before I start this refactor"
137
+ → lintbase_scan({ keyPath: "./sa.json", sampleSize: 100 })
138
+ ```
139
+
140
+ **Returns:** Complete report with risk score, all issues across 4 analyzers (schema drift, security, performance, cost).
141
+
142
+ ### Check for errors before deploying
143
+ ```
144
+ "Any blocking errors I should know about?"
145
+ → lintbase_get_issues({ keyPath: "./sa.json", severity: "error" })
146
+ ```
147
+
148
+ ### Check security issues only
149
+ ```
150
+ "Are there any security problems with my database?"
151
+ → lintbase_get_issues({ keyPath: "./sa.json", rule: "security/" })
152
+ ```
153
+
154
+ ---
155
+
156
+ ## Security
157
+
158
+ - **Runs 100% locally** — your service account key and Firestore data never leave your machine
159
+ - The MCP server runs as a local `stdio` process spawned by your IDE
160
+ - No data is sent to any LintBase servers during schema inspection
161
+ - The server only performs **read operations** on your Firestore database
162
+
163
+ ---
164
+
165
+ ## Available Filters for `lintbase_get_issues`
166
+
167
+ | Filter | Values | Example |
168
+ |--------|--------|---------|
169
+ | `severity` | `error`, `warning`, `info` | Only blocking errors |
170
+ | `collection` | any collection name | Only issues in `users` |
171
+ | `rule` | rule prefix | `schema/`, `security/`, `perf/`, `cost/` |
172
+
173
+ ---
174
+
175
+ ## Rule Reference
176
+
177
+ | Rule | Analyzer | What it catches |
178
+ |------|----------|----------------|
179
+ | `schema/field-type-mismatch` | Schema | Same field holds multiple types across documents |
180
+ | `schema/sparse-field` | Schema | Field missing from >40% of documents |
181
+ | `schema/high-field-variance` | Schema | Wildly different field counts between documents |
182
+ | `security/sensitive-collection` | Security | Collection name suggests unprotected PII |
183
+ | `security/field-contains-secret` | Security | Field name suggests stored secrets/tokens |
184
+ | `security/debug-data-in-production` | Security | Debug/test collections left in production |
185
+ | `perf/excessive-nesting` | Performance | Documents nested >5 levels deep |
186
+ | `perf/document-too-large` | Performance | Documents approaching Firestore's 1MB limit |
187
+ | `cost/large-avg-document` | Cost | Average document size driving up bandwidth costs |
188
+ | `cost/logging-sink` | Cost | Collection used as an unbounded write sink |
189
+
190
+ ---
191
+
192
+ ## Related
193
+
194
+ - **[lintbase](https://www.npmjs.com/package/lintbase)** — The CLI tool. Run `npx lintbase scan firestore --key ./sa.json` for a full terminal report.
195
+ - **[lintbase.com](https://lintbase.com)** — Dashboard for teams: save scan history, track risk score over time, share reports.
196
+
197
+ ---
198
+
199
+ ## License
200
+
201
+ MIT © [Mamadou Dia](https://github.com/mamadoudia)
package/package.json CHANGED
@@ -1,6 +1,7 @@
1
1
  {
2
2
  "name": "lintbase-mcp",
3
- "version": "0.1.0",
3
+ "version": "0.1.2",
4
+ "mcpName": "io.github.Madia333/lintbase-mcp",
4
5
  "description": "MCP server for LintBase — give AI coding agents real-time database schema context.",
5
6
  "main": "dist/server.js",
6
7
  "bin": {
@@ -50,4 +51,4 @@
50
51
  "tsx": "^4.7.0",
51
52
  "typescript": "^5.3.0"
52
53
  }
53
- }
54
+ }