llm-cli-gateway 2.6.3 → 2.7.0

package/dist/resources.js

@@ -2,6 +2,7 @@ import { CLI_TYPES, PROVIDER_TYPES } from "./session-manager.js";
 import { getAvailableCliInfo } from "./model-registry.js";
 import { computeGlobalCacheStats, computePrefixCacheStats, computeSessionCacheStats, computeTtlRemaining, } from "./cache-stats.js";
 import { buildProviderSubcommandsCompactCatalog, getCliSubcommandContract, serializeCliSubcommandContract, } from "./upstream-contracts.js";
+import { getOneProviderToolCapabilities, getProviderToolCapabilities, providerCapabilityIds, } from "./provider-tool-capabilities.js";
 export class ResourceProvider {
     sessionManager;
     performanceMetrics;
@@ -176,6 +177,28 @@ export class ResourceProvider {
                     priority: 0.7,
                 },
             },
+            {
+                uri: "provider-tools://catalog",
+                name: "Provider Tool Capabilities Catalog",
+                title: "Provider Tool Capabilities Catalog",
+                description: "Read-only catalog of gateway tool controls and discovered provider skills",
+                mimeType: "application/json",
+                annotations: {
+                    audience: ["user", "assistant"],
+                    priority: 0.8,
+                },
+            },
+            ...providerCapabilityIds().map(cli => ({
+                uri: `provider-tools://${cli}`,
+                name: `${cli} Tool Capabilities`,
+                title: `${cli} Tool Capabilities`,
+                description: `Gateway tool controls and discovered local skills for ${cli}`,
+                mimeType: "application/json",
+                annotations: {
+                    audience: ["user", "assistant"],
+                    priority: 0.8,
+                },
+            })),
         ];
     }
     async readResource(uri) {
@@ -320,6 +343,21 @@ export class ResourceProvider {
                 text: JSON.stringify(buildProviderSubcommandsCompactCatalog()),
             };
         }
+        if (uri === "provider-tools://catalog" || uri === "provider_tools://catalog") {
+            return {
+                uri,
+                mimeType: "application/json",
+                text: JSON.stringify(getProviderToolCapabilities(), null, 2),
+            };
+        }
+        const providerToolsResource = parseProviderToolsUri(uri);
+        if (providerToolsResource) {
+            return {
+                uri,
+                mimeType: "application/json",
+                text: JSON.stringify(getOneProviderToolCapabilities(providerToolsResource.provider), null, 2),
+            };
+        }
         const subcommandResource = parseProviderSubcommandUri(uri);
         if (subcommandResource) {
             const contract = getCliSubcommandContract(subcommandResource.provider, subcommandResource.commandPath);
@@ -354,3 +392,16 @@ function parseProviderSubcommandUri(uri) {
         commandPath: pathParts.map(part => decodeURIComponent(part)).filter(Boolean),
     };
 }
+function parseProviderToolsUri(uri) {
+    const prefix = uri.startsWith("provider-tools://")
+        ? "provider-tools://"
+        : uri.startsWith("provider_tools://")
+            ? "provider_tools://"
+            : null;
+    if (!prefix || uri === `${prefix}catalog`)
+        return null;
+    const provider = uri.slice(prefix.length);
+    if (!providerCapabilityIds().includes(provider))
+        return null;
+    return { provider: provider };
+}

package/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "llm-cli-gateway",
-  "version": "2.6.3",
+  "version": "2.7.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "llm-cli-gateway",
-      "version": "2.6.3",
+      "version": "2.7.0",
       "license": "MIT",
       "dependencies": {
         "@modelcontextprotocol/sdk": "^1.29.0",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "llm-cli-gateway",
-  "version": "2.6.3",
+  "version": "2.7.0",
   "mcpName": "io.github.verivus-oss/llm-cli-gateway",
   "description": "MCP server providing unified access to Claude Code, Codex, Gemini, Grok, and Mistral Vibe CLIs with session management, retry logic, async job orchestration, durable job results, and cross-LLM validation.",
   "license": "MIT",

package/setup/status.schema.json

@@ -16,6 +16,7 @@
     "endpoint_exposure",
     "client_config",
     "cache_awareness",
+    "provider_capabilities",
     "upstream",
     "next_actions"
   ],
@@ -289,12 +290,7 @@
         },
         "vibe_session_logging": {
           "type": "object",
-          "required": [
-            "config_path",
-            "config_present",
-            "session_logging_enabled",
-            "note"
-          ],
+          "required": ["config_path", "config_present", "session_logging_enabled", "note"],
           "properties": {
             "config_path": { "type": "string" },
             "config_present": { "type": "boolean" },
@@ -344,6 +340,71 @@
       },
       "additionalProperties": false
     },
+    "provider_capabilities": {
+      "type": "object",
+      "required": ["schema_version", "tool", "resources", "cache_ttl_ms", "providers"],
+      "properties": {
+        "schema_version": { "const": "provider-tool-capabilities.v2" },
+        "tool": { "const": "provider_tool_capabilities" },
+        "resources": {
+          "type": "object",
+          "required": ["catalog", "providers"],
+          "properties": {
+            "catalog": { "const": "provider-tools://catalog" },
+            "providers": {
+              "type": "object",
+              "required": ["claude", "codex", "gemini", "grok", "grok_api", "mistral"],
+              "additionalProperties": { "type": "string" }
+            }
+          },
+          "additionalProperties": false
+        },
+        "cache_ttl_ms": { "type": "integer", "minimum": 0 },
+        "providers": {
+          "type": "object",
+          "required": ["claude", "codex", "gemini", "grok", "grok_api", "mistral"],
+          "additionalProperties": {
+            "type": "object",
+            "required": [
+              "provider_kind",
+              "cli_available",
+              "gateway_request_tools",
+              "supported_features",
+              "unsupported_inputs",
+              "config_surface_count",
+              "discovered_skill_count",
+              "discovered_provider_tool_count",
+              "warnings"
+            ],
+            "properties": {
+              "provider_kind": { "enum": ["cli", "api"] },
+              "cli_available": { "type": "boolean" },
+              "gateway_request_tools": {
+                "type": "array",
+                "items": { "type": "string" }
+              },
+              "supported_features": {
+                "type": "array",
+                "items": { "type": "string" }
+              },
+              "unsupported_inputs": {
+                "type": "array",
+                "items": { "type": "string" }
+              },
+              "config_surface_count": { "type": "integer", "minimum": 0 },
+              "discovered_skill_count": { "type": "integer", "minimum": 0 },
+              "discovered_provider_tool_count": { "type": "integer", "minimum": 0 },
+              "warnings": {
+                "type": "array",
+                "items": { "type": "string" }
+              }
+            },
+            "additionalProperties": false
+          }
+        }
+      },
+      "additionalProperties": false
+    },
     "upstream": {
       "type": "object",
       "required": [

package/socket.yml

@@ -35,6 +35,28 @@ version: 2
 #     release security audit now hard-fails if any of those packages re-enter
 #     the prod graph (and still blocks the flagged tar-stream 2.x versions).
 #
+#   shrinkwrap
+#     The published npm package intentionally includes npm-shrinkwrap.json. It
+#     is not an install-script bypass or a hidden dependency surface; it is a
+#     prod-only projection generated from package-lock.json by
+#     scripts/make-prod-shrinkwrap.mjs so registry consumers resolve the same
+#     audited tree we release. scripts/release-security-audit.sh regenerates
+#     that projection and hard-fails on mismatch, and
+#     scripts/verify-registry-install.sh publishes to a temporary registry and
+#     verifies a fresh consumer install has no better-sqlite3, prebuild-install,
+#     tar-fs, or tar-stream production chain.
+#
+#     This is the npm-documented narrow use case for shrinkwrap: applications,
+#     daemons, and command-line tools published through the registry for global
+#     installs or devDependency use. llm-cli-gateway is a CLI/MCP appliance, not
+#     a library whose users need unpinned transitive dependency control.
+#
+#     Historical note: releases that previously reported healthy public Socket
+#     scores, including 2.3.0, 2.4.0, and 2.5.0, also shipped
+#     npm-shrinkwrap.json. The same socket.yml shellAccess policy was present
+#     there too. A public package-page alert on 2.6.x therefore reflects Socket
+#     scoring/rescan behavior, not a newly introduced shrinkwrap or shell path.
+#
 #   shellAccess
 #     This alert fires on every module that imports node:child_process, and
 #     because spawning provider CLIs and git is the entire purpose of the package
@@ -93,8 +115,9 @@ issueRules:
   didYouMean: true
   installScripts: true
   telemetry: true
-  hasNativeCode: true            # devDependency-only as of 2.0.0 (better-sqlite3); prod artifact has no native code
-  shellAccess: false             # reviewed gateway capability; see rationale above
+  hasNativeCode: true # devDependency-only as of 2.0.0 (better-sqlite3); prod artifact has no native code
+  shrinkwrap: false # reviewed published CLI lockfile; see rationale above
+  shellAccess: false # reviewed gateway capability; see rationale above
   shellScriptOverride: true
   gitDependency: true
   httpDependency: true