npm - mcp-aws-manager - Versions diffs - 0.4.2 → 0.4.4 - Mend

mcp-aws-manager 0.4.2 → 0.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +22 -17
package/README_KO.md +21 -18
package/bin/lib/output-presentation.js +20 -1
package/bin/mcp-aws-manager.js +344 -20
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -4,14 +4,33 @@ AWS operations CLI + MCP stdio server (SSM-first).
 This package orchestrates AWS operations (inventory/runtime/remediation) with a normalized output schema and `ACTION_REQUIRED` guidance. It is not a plain AWS CLI wrapper.
-## TL;DR
+## Agent-First Quick Start
+Use this as the default flow for agent environments:
 ```bash
 npm install -g mcp-aws-manager
 mcp-aws-manager --version
-mcp-aws-manager
+mcp-aws-manager setup --force
 mcp-aws-manager doctor
-mcp-aws-manager discover --profiles default --no-progress
+```
+Agent Prompt Examples:
+Ask in natural language like below; the agent should run fetch/analysis steps as needed.
+```text
+Give me a fresh full AWS server status summary.
+```
+Then try requests like:
+```text
+Compare current AWS server status with the previous check and show only what changed.
+```
+```text
+Summarize AWS server status with required actions and high-impact warnings in priority order.
 ```
 ## What It Does
@@ -168,18 +187,6 @@ mcp-aws-manager doctor
 Default behavior (`doctor` without `--clients`) auto-detects installed clients and skips non-installed CLIs.
-### Agent Instruction Snippet (Any Client)
-When asking an agent to check AWS status, use this exact sequence first:
-```bash
-mcp-aws-manager setup --force
-mcp-aws-manager doctor
-mcp-aws-manager discover --profiles default --no-progress
-```
-Require the agent to include `runId`/`started_at` (live run evidence) in the response. If missing, treat it as file-only/cached summary.
 3. Configure AWS auth (SSO recommended):
 ```bash
@@ -991,5 +998,3 @@ Document status:
 - `docs/RECORDS_FIELD_REFERENCE_KO.md`: full `records[]` field reference (292 fields)
 - `docs/RESPONSE_COMPATIBILITY_POLICY.md`: response schema/version compatibility rules
 - `schemas/mcp-tool-response.schema.json`: canonical tool response JSON schema

package/README_KO.md CHANGED Viewed

@@ -4,14 +4,32 @@ SSM 우선(SSM-first) 방식의 AWS 운영 CLI + MCP stdio 서버입니다.
 이 패키지는 AWS 운영 작업(인벤토리/런타임/조치)을 정규화된 응답 스키마와 `ACTION_REQUIRED` 가이드로 제공합니다. 단순 AWS CLI 래퍼가 아니라, 에이전트 친화적인 운영 워크플로우 실행을 목표로 합니다.
-## 빠른 시작
+## 에이전트 기준 빠른 시작
+에이전트 환경에서는 아래 순서를 기본 플로우로 사용하세요.
 ```bash
 npm install -g mcp-aws-manager
 mcp-aws-manager --version
-mcp-aws-manager
+mcp-aws-manager setup --force
 mcp-aws-manager doctor
-mcp-aws-manager discover --profiles default --no-progress
+```
+에이전트 예시 프롬프트:
+아래처럼 자연어로 요청하면, 에이전트가 필요 시 조회/분석 단계를 실행합니다.
+```text
+AWS 서버 상태 전체를 최신으로 점검해서 요약해주세요.
+```
+이후에는 이렇게 요청해보세요.
+```text
+AWS 서버 상태를 지난 점검 결과와 비교해서 달라진 항목만 알려주세요.
+```
+```text
+AWS 서버의 상태를 필수 조치 및 주요 경고 사항을 중심으로 우선순위에 따라 요약해주세요.
 ```
 ## 무엇을 제공하나요
@@ -168,18 +186,6 @@ mcp-aws-manager doctor
 기본 동작(`--clients` 없이 `doctor`)은 설치된 클라이언트를 자동 감지하고, 미설치 CLI는 skip 처리합니다.
-### 에이전트 지시용 공통 스니펫
-에이전트에게 AWS 상태 점검을 지시할 때는 먼저 아래 순서를 그대로 실행하도록 요청하세요.
-```bash
-mcp-aws-manager setup --force
-mcp-aws-manager doctor
-mcp-aws-manager discover --profiles default --no-progress
-```
-응답에는 반드시 `runId`/`started_at`(라이브 실행 증거)를 포함하도록 요구하세요. 없으면 파일 기반/캐시 요약으로 간주하세요.
 3. AWS 인증 설정(권장: SSO):
 ```bash
@@ -985,6 +991,3 @@ E2E 러너 검증 항목:
 - `docs/RECORDS_FIELD_REFERENCE_KO.md`: `records[]` 전수 필드(292개) 레퍼런스
 - `docs/RESPONSE_COMPATIBILITY_POLICY.md`: 응답 스키마/버전 호환 정책
 - `schemas/mcp-tool-response.schema.json`: 표준 도구 응답 JSON 스키마

package/bin/lib/output-presentation.js CHANGED Viewed

@@ -329,7 +329,8 @@ function pickSectionPayload(section, context) {
       runFinishedAt: runMeta.runFinishedAt || null,
       outputHash: runMeta.outputHash || null,
       recordsHash: runMeta.recordsHash || null,
-      htmlHash: runMeta.htmlHash || null
+      htmlHash: runMeta.htmlHash || null,
+      generatedArtifacts: runMeta.generatedArtifacts || null
     };
   }
   return {};
@@ -428,6 +429,12 @@ function renderMarkdown(bundle, templateName = "default") {
   const fields = bundle && bundle.fields && Array.isArray(bundle.fields.effectiveFields)
     ? bundle.fields.effectiveFields
     : ["resourceType", "resourceId", "profile", "region", "state"];
+  const runMeta = bundle && bundle.runMeta && typeof bundle.runMeta === "object"
+    ? bundle.runMeta
+    : {};
+  const generatedArtifacts = runMeta.generatedArtifacts && typeof runMeta.generatedArtifacts === "object"
+    ? runMeta.generatedArtifacts
+    : {};
   const lines = [];
   lines.push("# AWS Discovery Output");
@@ -451,6 +458,18 @@ function renderMarkdown(bundle, templateName = "default") {
   lines.push(`| runtimeSnapshotSuccessCount | ${summary.runtimeSnapshotSuccessCount || 0} |`);
   lines.push("");
+  lines.push("## Generated Artifacts");
+  lines.push("");
+  lines.push("| artifact | path |");
+  lines.push("|---|---|");
+  lines.push(`| output | ${generatedArtifacts.outputPath || (generatedArtifacts.outputChannel || "stdout")} |`);
+  lines.push(`| htmlReport | ${generatedArtifacts.htmlReportPath || "off"} |`);
+  lines.push(`| topology | ${generatedArtifacts.topologyPath || "off"} |`);
+  lines.push(`| relationships | ${generatedArtifacts.relationshipsPath || "off"} |`);
+  lines.push(`| governanceLog | ${generatedArtifacts.governanceLogPath || "off"} |`);
+  lines.push(`| incidentPayload | ${generatedArtifacts.incidentPayloadPath || "off"} |`);
+  lines.push("");
   if (template === "default" && sections.length) {
     lines.push("## Sections");
     lines.push("");

package/bin/mcp-aws-manager.js CHANGED Viewed

@@ -2311,6 +2311,16 @@ function listLocalAwsProfiles() {
 }
 function runCLICommand(cliBin, args, options = {}) {
+  // Cursor 2.x no longer reliably supports `cursor mcp ...` CLI subcommands.
+  // Calling it can open editor tabs named like "mcp", "add", "get".
+  if (String(cliBin).toLowerCase() === "cursor" && Array.isArray(args) && String(args[0] || "").toLowerCase() === "mcp") {
+    return {
+      status: 2,
+      stdout: "",
+      stderr: "cursor mcp subcommand is disabled; use ~/.cursor/mcp.json registration"
+    };
+  }
   const execOptions = {
     cwd: process.cwd(),
     env: process.env,
@@ -2351,7 +2361,12 @@ function commandExists(bin, checkArgs) {
 }
 function clientHelpAttempts(cliBin) {
-  if (cliBin === "cursor" || cliBin === "windsurf" || cliBin === "antigravity") {
+  if (cliBin === "cursor") {
+    return [
+      ["--help"]
+    ];
+  }
+  if (cliBin === "windsurf" || cliBin === "antigravity") {
     return [
       ["mcp", "--help"],
       ["--help"]
@@ -2360,6 +2375,226 @@ function clientHelpAttempts(cliBin) {
   return [["mcp", "--help"]];
 }
+function normalizeComparableText(value) {
+  const text = String(value == null ? "" : value).trim();
+  return process.platform === "win32" ? text.toLowerCase() : text;
+}
+function normalizeComparableArgs(args) {
+  return Array.isArray(args) ? args.map((arg) => normalizeComparableText(arg)) : [];
+}
+function dedupePaths(paths) {
+  const seen = new Set();
+  const out = [];
+  for (const candidate of paths) {
+    const resolved = path.resolve(String(candidate || ""));
+    const key = normalizeComparableText(resolved);
+    if (!key || seen.has(key)) continue;
+    seen.add(key);
+    out.push(resolved);
+  }
+  return out;
+}
+function cursorMcpConfigCandidates() {
+  const explicitPath = envText("CURSOR_MCP_CONFIG_PATH");
+  if (explicitPath) {
+    return dedupePaths([path.resolve(explicitPath)]);
+  }
+  const home = os.homedir();
+  const candidates = [
+    path.join(home, ".cursor", "mcp.json")
+  ];
+  if (process.platform === "win32") {
+    const appData = process.env.APPDATA || path.join(home, "AppData", "Roaming");
+    candidates.push(path.join(appData, "Cursor", "User", "mcp.json"));
+  } else if (process.platform === "darwin") {
+    candidates.push(path.join(home, "Library", "Application Support", "Cursor", "User", "mcp.json"));
+  } else {
+    candidates.push(path.join(home, ".config", "Cursor", "User", "mcp.json"));
+  }
+  return dedupePaths(candidates);
+}
+function cursorMcpConfigPath() {
+  const candidates = cursorMcpConfigCandidates();
+  for (const candidate of candidates) {
+    if (fs.existsSync(candidate)) return candidate;
+  }
+  return candidates[0];
+}
+function parseCursorMcpConfigContent(raw, filePath) {
+  const normalizedRaw = String(raw || "").replace(/^\uFEFF/, "");
+  if (!normalizedRaw.trim()) {
+    return { ok: true, data: { mcpServers: {} } };
+  }
+  try {
+    const parsed = JSON.parse(normalizedRaw);
+    if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+      return { ok: false, error: `Cursor MCP config must be a JSON object. (${filePath})` };
+    }
+    const mcpServers = parsed.mcpServers && typeof parsed.mcpServers === "object" && !Array.isArray(parsed.mcpServers)
+      ? parsed.mcpServers
+      : {};
+    return { ok: true, data: { ...parsed, mcpServers } };
+  } catch (error) {
+    return {
+      ok: false,
+      error: `Failed to parse Cursor MCP config: ${error && error.message ? error.message : String(error)} (${filePath})`
+    };
+  }
+}
+function readCursorMcpConfig() {
+  const candidates = cursorMcpConfigCandidates();
+  const errors = [];
+  for (const candidate of candidates) {
+    if (!fs.existsSync(candidate)) continue;
+    try {
+      const raw = fs.readFileSync(candidate, "utf8");
+      const parsed = parseCursorMcpConfigContent(raw, candidate);
+      if (!parsed.ok) {
+        errors.push(parsed.error);
+        continue;
+      }
+      return {
+        ok: true,
+        filePath: candidate,
+        exists: true,
+        data: parsed.data,
+        candidates
+      };
+    } catch (error) {
+      errors.push(`Failed to read Cursor MCP config: ${error && error.message ? error.message : String(error)} (${candidate})`);
+    }
+  }
+  if (errors.length) {
+    return {
+      ok: false,
+      filePath: candidates[0],
+      error: errors.join("; ")
+    };
+  }
+  return { ok: true, filePath: candidates[0], exists: false, data: { mcpServers: {} }, candidates };
+}
+function writeCursorMcpConfig(filePath, data, mirrorPaths = []) {
+  const allPaths = dedupePaths([filePath, ...(Array.isArray(mirrorPaths) ? mirrorPaths : [])]);
+  const written = [];
+  const mirrorFailures = [];
+  for (let i = 0; i < allPaths.length; i += 1) {
+    const currentPath = allPaths[i];
+    try {
+      fs.mkdirSync(path.dirname(currentPath), { recursive: true });
+      fs.writeFileSync(currentPath, JSON.stringify(data, null, 2) + "\n", "utf8");
+      written.push(currentPath);
+    } catch (error) {
+      const message = `${currentPath}: ${error && error.message ? error.message : String(error)}`;
+      if (i === 0) {
+        throw new Error(message);
+      }
+      mirrorFailures.push(message);
+    }
+  }
+  return { written, mirrorFailures };
+}
+function cursorRegistrationMatches(entry, mcpCommand, mcpArgs = []) {
+  if (!entry || typeof entry !== "object" || Array.isArray(entry)) return false;
+  const entryCommand = normalizeComparableText(entry.command);
+  if (!entryCommand) return false;
+  if (normalizeComparableText(mcpCommand) && entryCommand !== normalizeComparableText(mcpCommand)) {
+    return false;
+  }
+  const expectedArgs = normalizeComparableArgs(mcpArgs);
+  const actualArgs = normalizeComparableArgs(entry.args);
+  if (expectedArgs.length !== actualArgs.length) return false;
+  for (let i = 0; i < expectedArgs.length; i += 1) {
+    if (expectedArgs[i] !== actualArgs[i]) return false;
+  }
+  return true;
+}
+function ensureCursorRegistered(serverName, mcpCommand, mcpArgs = [], force = false) {
+  const loaded = readCursorMcpConfig();
+  if (!loaded.ok) {
+    return { ok: false, action: "cursor config invalid", detail: `${loaded.error} (${loaded.filePath})` };
+  }
+  const desiredEntry = {
+    command: String(mcpCommand || ""),
+    args: Array.isArray(mcpArgs) ? mcpArgs.map((arg) => String(arg)) : []
+  };
+  const config = loaded.data;
+  const current = config.mcpServers[serverName];
+  if (force || !cursorRegistrationMatches(current, desiredEntry.command, desiredEntry.args)) {
+    config.mcpServers[serverName] = desiredEntry;
+    try {
+      const mirrors = (loaded.candidates || []).filter(
+        (candidate) => normalizeComparableText(candidate) !== normalizeComparableText(loaded.filePath)
+      );
+      const writeResult = writeCursorMcpConfig(loaded.filePath, config, mirrors);
+      const detailParts = [`primary=${loaded.filePath}`];
+      if (writeResult.written.length > 1) {
+        detailParts.push(`mirrored=${writeResult.written.slice(1).join(",")}`);
+      }
+      if (writeResult.mirrorFailures.length) {
+        detailParts.push(`mirror_failures=${writeResult.mirrorFailures.join(" | ")}`);
+      }
+      return { ok: true, action: "registered", detail: detailParts.join("; ") };
+    } catch (error) {
+      return {
+        ok: false,
+        action: "cursor registration failed",
+        detail: `${error && error.message ? error.message : String(error)} (${loaded.filePath})`
+      };
+    }
+  }
+  return { ok: true, action: "already registered", detail: `primary=${loaded.filePath}` };
+}
+function removeCursorRegistration(serverName) {
+  const loaded = readCursorMcpConfig();
+  if (!loaded.ok || !loaded.exists) return;
+  if (!Object.prototype.hasOwnProperty.call(loaded.data.mcpServers, serverName)) return;
+  delete loaded.data.mcpServers[serverName];
+  try {
+    const mirrors = (loaded.candidates || []).filter(
+      (candidate) => normalizeComparableText(candidate) !== normalizeComparableText(loaded.filePath)
+    );
+    writeCursorMcpConfig(loaded.filePath, loaded.data, mirrors);
+  } catch (_) {
+    // ignore best-effort cleanup
+  }
+}
+function isCursorRegistered(serverName, mcpCommand, mcpArgs = []) {
+  const candidates = cursorMcpConfigCandidates();
+  for (const candidate of candidates) {
+    if (!fs.existsSync(candidate)) continue;
+    try {
+      const raw = fs.readFileSync(candidate, "utf8");
+      const parsed = parseCursorMcpConfigContent(raw, candidate);
+      if (!parsed.ok) continue;
+      const entry = parsed.data && parsed.data.mcpServers ? parsed.data.mcpServers[serverName] : null;
+      if (cursorRegistrationMatches(entry, mcpCommand, mcpArgs)) {
+        return true;
+      }
+    } catch (_) {
+      continue;
+    }
+  }
+  return false;
+}
 function clientGetAttempts(cliBin, serverName) {
   if (cliBin === "claude") {
     return [
@@ -2427,13 +2662,22 @@ function clientAddAttempts(cliBin, serverName, mcpCommand, mcpArgs = []) {
 }
 function removeRegistration(cliBin, serverName) {
+  if (cliBin === "cursor") {
+    removeCursorRegistration(serverName);
+    return;
+  }
   const attempts = clientRemoveAttempts(cliBin, serverName);
   for (const args of attempts) {
     runCLICommand(cliBin, args, { stdio: "ignore" });
   }
 }
-function isRegistered(cliBin, serverName) {
+function isRegistered(cliBin, serverName, target = null) {
+  if (cliBin === "cursor") {
+    const mcpCommand = target && target.mcpCommand ? target.mcpCommand : "";
+    const mcpArgs = target && Array.isArray(target.mcpArgs) ? target.mcpArgs : [];
+    return isCursorRegistered(serverName, mcpCommand, mcpArgs);
+  }
   const attempts = clientGetAttempts(cliBin, serverName);
   for (const args of attempts) {
     const run = runCLICommand(cliBin, args, { stdio: "ignore" });
@@ -2531,11 +2775,36 @@ function runSetupInternal(config, options = {}) {
   for (const cliBin of clients) {
     for (const target of activeTargets) {
-      const alreadyRegistered = isRegistered(cliBin, target.serverName);
+      const alreadyRegistered = isRegistered(cliBin, target.serverName, target);
       if (config.force || !ensureOnly || alreadyRegistered) {
         removeRegistration(cliBin, target.serverName);
       }
+      if (cliBin === "cursor") {
+        const registered = ensureCursorRegistered(target.serverName, target.mcpCommand, target.mcpArgs || [], config.force);
+        if (registered.ok) {
+          const action = ensureOnly
+            ? (alreadyRegistered ? "updated" : "registered")
+            : (alreadyRegistered ? "re-registered" : "registered");
+          results.push({
+            cliBin,
+            serverName: target.serverName,
+            ok: true,
+            action: `${action} (cursor mcp.json)`,
+            detail: registered.detail || ""
+          });
+        } else {
+          results.push({
+            cliBin,
+            serverName: target.serverName,
+            ok: false,
+            action: registered.action || "registration failed",
+            detail: registered.detail || "unknown"
+          });
+        }
+        continue;
+      }
       const registered = tryRegister(cliBin, target.serverName, target.mcpCommand, target.mcpArgs || []);
       if (registered.ok) {
         const action = ensureOnly
@@ -2554,7 +2823,7 @@ function runSetupInternal(config, options = {}) {
   for (const row of results) {
     process.stdout.write(`${row.cliBin}/${row.serverName}: ${row.action}\n`);
-    if (!row.ok && row.detail) {
+    if (row.detail && (!row.ok || /\bcursor mcp\.json\b/i.test(String(row.action || "")))) {
       process.stdout.write(`  detail: ${row.detail}\n`);
     }
   }
@@ -2603,7 +2872,7 @@ function runDoctor(config) {
     foundClient = true;
     for (const target of targets) {
-      const registered = isRegistered(cliBin, target.serverName);
+      const registered = isRegistered(cliBin, target.serverName, target);
       if (registered) {
         process.stdout.write(`${cliBin}: registered (${target.serverName})\n`);
       } else {
@@ -8775,6 +9044,52 @@ function writeJsonArtifact(targetPath, payload, label, warnings, requiredActions
   }
 }
+function buildGeneratedArtifacts(config, state = {}) {
+  return {
+    outputPath: config && config.outPath ? config.outPath : null,
+    outputChannel: config && config.outPath ? "file" : "stdout",
+    htmlReportPath: state.htmlReportPath || null,
+    topologyPath: state.topologyPath || null,
+    relationshipsPath: state.relationshipsPath || null,
+    governanceLogPath: state.governanceLogPath || null,
+    incidentPayloadPath: state.incidentPayloadPath || null
+  };
+}
+function generatedArtifactsSummary(artifacts) {
+  const item = artifacts && typeof artifacts === "object" ? artifacts : {};
+  return [
+    `output=${item.outputPath || (item.outputChannel || "stdout")}`,
+    `html=${item.htmlReportPath || "off"}`,
+    `topology=${item.topologyPath || "off"}`,
+    `relationships=${item.relationshipsPath || "off"}`,
+    `governance=${item.governanceLogPath || "off"}`,
+    `incident=${item.incidentPayloadPath || "off"}`
+  ].join(", ");
+}
+function syncRunMetaToPresentationBundle(presentationBundle, runMeta) {
+  if (!presentationBundle || typeof presentationBundle !== "object") return;
+  const meta = runMeta && typeof runMeta === "object" ? { ...runMeta } : {};
+  presentationBundle.runMeta = meta;
+  const sections = presentationBundle.sections;
+  const payload = sections && typeof sections === "object" ? sections.payload : null;
+  const governance = payload && typeof payload === "object" ? payload.governance : null;
+  if (!governance || typeof governance !== "object") return;
+  payload.governance = {
+    ...governance,
+    runId: meta.runId || null,
+    runStartedAt: meta.runStartedAt || null,
+    runFinishedAt: meta.runFinishedAt || null,
+    outputHash: meta.outputHash || null,
+    recordsHash: meta.recordsHash || null,
+    htmlHash: meta.htmlHash || null,
+    generatedArtifacts: meta.generatedArtifacts || null
+  };
+}
 function readLastGovernanceEntryHash(logPath) {
   if (!logPath || !fs.existsSync(logPath)) return null;
   try {
@@ -11985,6 +12300,14 @@ async function runWorkflow(config) {
     incidentArtifactHash: incidentDispatch.artifactHash || null
   };
   const outputSummary = summarizeOutputRecords(outputRecords);
+  const recordsHash = hashText(JSON.stringify(outputRecords));
+  const runMeta = {
+    ...baseRunMeta,
+    recordsHash,
+    htmlOutPath: null,
+    htmlHash: null,
+    generatedArtifacts: null
+  };
   const presentationBundle = buildOutputBundle({
     rawRecords: outputRecords,
     summary: outputSummary,
@@ -11997,26 +12320,13 @@ async function runWorkflow(config) {
     excludeFields: config.excludeFields,
     sections: config.sections,
     clientProfile: config.clientProfile,
-    runMeta: baseRunMeta
+    runMeta
   });
-  const outputBody = renderOutput(config, presentationBundle);
-  const outputHash = hashText(outputBody);
-  const recordsHash = hashText(JSON.stringify(outputRecords));
-  const runMeta = { ...baseRunMeta, outputHash, recordsHash };
-  presentationBundle.runMeta = {
-    ...(presentationBundle.runMeta && typeof presentationBundle.runMeta === "object" ? presentationBundle.runMeta : {}),
-    ...runMeta
-  };
-  writeOutput(config, outputBody);
+  syncRunMetaToPresentationBundle(presentationBundle, runMeta);
   const htmlPath = writeHtmlReport(config, outputRecords, domainInsights, runMeta, presentationBundle);
   if (htmlPath) {
     runMeta.htmlOutPath = htmlPath;
     runMeta.htmlHash = hashText(fs.readFileSync(htmlPath, "utf8"));
-  } else {
-    runMeta.htmlOutPath = null;
-    runMeta.htmlHash = null;
   }
   if (htmlPath && shouldAutoOpenHtml(config)) {
     const opened = tryOpenFile(htmlPath);
@@ -12027,6 +12337,19 @@ async function runWorkflow(config) {
     }
   }
+  runMeta.generatedArtifacts = buildGeneratedArtifacts(config, {
+    htmlReportPath: runMeta.htmlOutPath,
+    topologyPath: topologyWrite.path || null,
+    relationshipsPath: relationshipsWrite.path || null,
+    governanceLogPath: governancePersist.path || null,
+    incidentPayloadPath: incidentDispatch.artifactPath || null
+  });
+  syncRunMetaToPresentationBundle(presentationBundle, runMeta);
+  const outputBody = renderOutput(config, presentationBundle);
+  runMeta.outputHash = hashText(outputBody);
+  writeOutput(config, outputBody);
   progress(config, 19, "END: emit execution summary and evidence metadata");
   const outputEc2 = outputRecords.filter((r) => r.resourceType === "ec2");
   const outputLambda = outputRecords.filter((r) => r.resourceType === "lambda");
@@ -12078,6 +12401,7 @@ async function runWorkflow(config) {
   const ssmManaged = outputEc2.filter((r) => r.ssmManaged).length;
   const ssmOnline = outputEc2.filter((r) => r.ssmOnline).length;
   const publicCount = outputEc2.filter((r) => Boolean(r.publicIp)).length;
+  eprint(`Artifacts: ${generatedArtifactsSummary(runMeta.generatedArtifacts)}`);
   eprint(`Summary: execution_mode=${INTERNAL_BACKEND_ID}, manual_mode=${config.manualServerListPath ? "on" : "off"}, selected_surface=${selectedSurface}, selected_schema_tier=${selectedSchemaTier}, mode=${routing.modeInfo.mode}, mode_source=${routing.modeInfo.source}, profiles=${stats.profiles}, regions_scanned=${stats.regions}, region_errors=${stats.regionErrors}, ec2_scanned=${stats.instancesScanned}, lambda_scanned=${stats.lambdaFunctionsScanned}, alb_scanned=${stats.loadBalancersScanned}, targetgroup_scanned=${stats.targetGroupsScanned}, asg_scanned=${stats.autoScalingGroupsScanned}, rds_scanned=${stats.rdsInstancesScanned}, elasticache_scanned=${stats.elasticacheClustersScanned}, route53_zone_scanned=${stats.route53ZonesScanned}, vpc_scanned=${stats.vpcsScanned || 0}, subnet_scanned=${stats.subnetsScanned || 0}, security_group_scanned=${stats.securityGroupsScanned || 0}, ecs_cluster_scanned=${stats.ecsClustersScanned || 0}, ecs_service_scanned=${stats.ecsServicesScanned || 0}, s3_bucket_scanned=${stats.s3BucketsScanned || 0}, iam_role_scanned=${stats.iamRolesScanned || 0}, kms_key_scanned=${stats.kmsKeysScanned || 0}, cloudwatch_alarm_scanned=${stats.cloudwatchAlarmsScanned || 0}, cloudtrail_trail_scanned=${stats.cloudtrailTrailsScanned || 0}, config_recorder_scanned=${stats.configRecordersScanned || 0}, secret_scanned=${stats.secretsScanned || 0}, ssm_parameter_scanned=${stats.parametersScanned || 0}, ecr_repository_scanned=${stats.ecrRepositoriesScanned || 0}, dynamodb_table_scanned=${stats.dynamodbTablesScanned || 0}, sns_topic_scanned=${stats.snsTopicsScanned || 0}, eventbridge_bus_scanned=${stats.eventbridgeBusesScanned || 0}, sqs_queue_scanned=${stats.sqsQueuesScanned || 0}, acm_certificate_scanned=${stats.acmCertificatesScanned || 0}, kinesis_stream_scanned=${stats.kinesisStreamsScanned || 0}, msk_cluster_scanned=${stats.mskClustersScanned || 0}, budget_scanned=${stats.budgetsScanned || 0}, cost_anomaly_scanned=${stats.costAnomaliesScanned || 0}, ebs_volume_scanned=${stats.ebsVolumesScanned || 0}, efs_filesystem_scanned=${stats.efsFileSystemsScanned || 0}, eks_cluster_scanned=${stats.eksClustersScanned || 0}, apigateway_rest_api_scanned=${stats.apiGatewayRestApisScanned || 0}, apigatewayv2_api_scanned=${stats.apiGatewayV2ApisScanned || 0}, cloudfront_distribution_scanned=${stats.cloudFrontDistributionsScanned || 0}, waf_web_acl_scanned=${stats.wafWebAclsScanned || 0}, shield_protection_scanned=${stats.shieldProtectionsScanned || 0}, stepfunctions_scanned=${stats.stepFunctionsScanned || 0}, cloudwatch_log_group_scanned=${stats.cloudwatchLogGroupsScanned || 0}, xray_group_scanned=${stats.xrayGroupsScanned || 0}, inspector2_finding_scanned=${stats.inspector2FindingsScanned || 0}, redshift_cluster_scanned=${stats.redshiftClustersScanned || 0}, opensearch_domain_scanned=${stats.opensearchDomainsScanned || 0}, organizations_account_scanned=${stats.organizationsAccountsScanned || 0}, controltower_landing_zone_scanned=${stats.controlTowerLandingZonesScanned || 0}, manual_servers_scanned=${stats.manualServersScanned || 0}, manual_servers_loaded=${stats.manualServersLoaded || 0}, output_records=${outputRecords.length}, output_ec2=${outputEc2.length}, output_lambda=${outputLambda.length}, output_alb=${outputAlb.length}, output_target_group=${outputTargetGroups.length}, output_asg=${outputAsg.length}, output_rds=${outputRds.length}, output_elasticache=${outputElastiCache.length}, output_route53_zone=${outputRoute53.length}, output_vpc=${outputVpc.length}, output_subnet=${outputSubnet.length}, output_security_group=${outputSecurityGroup.length}, output_ecs_cluster=${outputEcsCluster.length}, output_ecs_service=${outputEcsService.length}, output_s3_bucket=${outputS3.length}, output_iam_role=${outputIam.length}, output_kms_key=${outputKms.length}, output_cloudwatch_alarm=${outputCloudwatch.length}, output_cloudtrail_trail=${outputCloudtrail.length}, output_config_recorder=${outputConfig.length}, output_secret=${outputSecret.length}, output_ssm_parameter=${outputParameter.length}, output_ecr_repository=${outputEcr.length}, output_dynamodb_table=${outputDynamodb.length}, output_sns_topic=${outputSns.length}, output_eventbridge_bus=${outputEventbridge.length}, output_sqs_queue=${outputSqs.length}, output_acm_certificate=${outputAcm.length}, output_kinesis_stream=${outputKinesis.length}, output_msk_cluster=${outputMsk.length}, output_budget=${outputBudget.length}, output_cost_anomaly=${outputCostAnomaly.length}, output_ebs_volume=${outputEbs.length}, output_efs_filesystem=${outputEfs.length}, output_eks_cluster=${outputEks.length}, output_apigateway_rest_api=${outputApiGateway.length}, output_apigatewayv2_api=${outputApiGatewayV2.length}, output_cloudfront_distribution=${outputCloudfront.length}, output_waf_web_acl=${outputWaf.length}, output_shield_protection=${outputShield.length}, output_stepfunctions=${outputStepFunctions.length}, output_cloudwatch_log_group=${outputCloudwatchLogs.length}, output_xray_group=${outputXray.length}, output_inspector2_finding=${outputInspector2.length}, output_redshift_cluster=${outputRedshift.length}, output_opensearch_domain=${outputOpensearch.length}, output_organizations_account=${outputOrganizations.length}, output_controltower_landing_zone=${outputControlTower.length}, ec2_public_ip_records=${publicCount}, ec2_ssm_managed=${ssmManaged}, ec2_ssm_online=${ssmOnline}, remediation_attempts=${runtimeStats.remediationAttempts}, remediation_changed=${runtimeStats.remediationChanged}, runtime_snapshot_attempted=${runtimeStats.snapshotAttempted}, runtime_snapshot_succeeded=${runtimeStats.snapshotSucceeded}, runtime_snapshot_ssm_attempted=${runtimeStats.snapshotSsmAttempted}, runtime_snapshot_ssm_succeeded=${runtimeStats.snapshotSsmSucceeded}, runtime_snapshot_ssh_attempted=${runtimeStats.snapshotSshAttempted}, runtime_snapshot_ssh_succeeded=${runtimeStats.snapshotSshSucceeded}, snapshot_profile=${config.snapshotProfile}, output_profile=${presentationBundle.outputProfile || "operator"}, output_profile_source=${presentationBundle.outputProfileSource || "default"}, client_profile=${presentationBundle.clientProfile || "none"}, renderer_template=${config.rendererTemplate || "default"}, topology_path=${topologyWrite.path || "off"}, relationships_path=${relationshipsWrite.path || "off"}, governance_persisted=${governancePersist.persisted ? "on" : "off"}, governance_chain_checked=${governanceVerify.checked ? "on" : "off"}, governance_chain_valid=${governanceVerify.valid == null ? "unknown" : (governanceVerify.valid ? "yes" : "no")}, incident_webhook_dispatched=${incidentDispatch.webhookDispatched ? "on" : "off"}, policy_pack=${integrationDispatch.activePolicyPack || "balanced"}, policy_gate=${policyDecision.allowed !== false ? "allow" : "blocked"}, integration_connectors_enabled=${integrationDispatch.enabledConnectors}, integration_incident_success=${integrationDispatch.incident ? integrationDispatch.incident.successCount : 0}, integration_incident_failure=${integrationDispatch.incident ? integrationDispatch.incident.failureCount : 0}, integration_action_success=${integrationDispatch.actionRequired ? integrationDispatch.actionRequired.successCount : 0}, integration_action_failure=${integrationDispatch.actionRequired ? integrationDispatch.actionRequired.failureCount : 0}, view_sections=${presentationBundle.sections && Array.isArray(presentationBundle.sections.effective) ? presentationBundle.sections.effective.join(",") : "none"}, view_fields=${presentationBundle.fields && Array.isArray(presentationBundle.fields.effectiveFields) ? presentationBundle.fields.effectiveFields.length : 0}, iac_stacks=${domainInsights.iac.scannedStacks || 0}, iac_drifted=${domainInsights.iac.driftedStacks || 0}, cicd_pipelines=${domainInsights.cicd.pipelinesScanned || 0}, cicd_failing=${domainInsights.cicd.pipelinesFailing || 0}, backup_plans=${domainInsights.backupDr.backupPlans || 0}, backup_protected=${domainInsights.backupDr.protectedResources || 0}, security_high_critical=${domainInsights.security.highOrCritical || 0}, finops_cost_7d_usd=${domainInsights.finops.totalCost7dUsd || 0}, app_runtime_coverage_pct=${domainInsights.application.runtimeCoveragePct == null ? "n/a" : domainInsights.application.runtimeCoveragePct}, app_degraded_hosts=${domainInsights.application.degradedHosts || 0}, app_ecs_degraded=${domainInsights.application.ecsServicesDegraded || 0}, app_managed_degraded=${domainInsights.application.managedServicesDegraded || 0}, app_lambda_degraded=${domainInsights.application.lambdaHealth && domainInsights.application.lambdaHealth.degraded ? domainInsights.application.lambdaHealth.degraded : 0}, incident_severity=${domainInsights.incident.severity || "none"}, warnings=${warnings.length}, required_actions=${requiredActions.length}`);
   eprint(`EvidenceMeta: workflow_id=b60f0f18-cc45-4af9-a7c7-217284457759; schema=gesia.orflow.contract.v2; step_count=${TOTAL_STEPS}; execution_mode=${INTERNAL_BACKEND_ID}; run_id=${runId}; output_hash=${runMeta.outputHash}; records_hash=${runMeta.recordsHash}; html_hash=${runMeta.htmlHash || "n/a"}; topology_hash=${runMeta.topologyHash || "n/a"}; relationships_hash=${runMeta.relationshipsHash || "n/a"}; governance_entry_hash=${runMeta.governanceEntryHash || "n/a"}; governance_chain_valid=${runMeta.governanceChainValid == null ? "unknown" : (runMeta.governanceChainValid ? "yes" : "no")}; incident_artifact_hash=${runMeta.incidentArtifactHash || "n/a"}; policy_pack=${integrationDispatch.activePolicyPack || "balanced"}; policy_gate=${policyDecision.allowed !== false ? "allow" : "blocked"}; integration_connectors_enabled=${integrationDispatch.enabledConnectors}; inventory_ops=${operationPlan.inventoryOps.length}; runtime_ops=${operationPlan.runtimeOps.length}; analysis_ops=${operationPlan.analysisOps.length}`);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mcp-aws-manager",
-  "version": "0.4.2",
+  "version": "0.4.4",
   "description": "AWS operations CLI and MCP server (SSM-only) for EC2/Lambda inventory, remediation, and runtime snapshots",
   "license": "MIT",
   "publishConfig": {