mcp-probe-kit 3.6.10 → 3.6.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/README.md +13 -7
  2. package/build/index.js +16 -13
  3. package/build/lib/__tests__/src8-guidance.unit.test.d.ts +1 -0
  4. package/build/lib/__tests__/src8-guidance.unit.test.js +62 -0
  5. package/build/lib/code-review-input.d.ts +15 -0
  6. package/build/lib/code-review-input.js +47 -0
  7. package/build/lib/src8-guidance.d.ts +178 -0
  8. package/build/lib/src8-guidance.js +633 -0
  9. package/build/lib/tbp8-guidance.d.ts +4 -0
  10. package/build/lib/tbp8-guidance.js +4 -0
  11. package/build/schemas/code-analysis-tools.d.ts +49 -5
  12. package/build/schemas/code-analysis-tools.js +49 -5
  13. package/build/schemas/code-gen-tools.d.ts +9 -1
  14. package/build/schemas/code-gen-tools.js +9 -1
  15. package/build/schemas/index.d.ts +65 -9
  16. package/build/schemas/orchestration-tools.d.ts +7 -3
  17. package/build/schemas/orchestration-tools.js +7 -3
  18. package/build/schemas/output/core-tools.d.ts +238 -13
  19. package/build/schemas/output/core-tools.js +63 -13
  20. package/build/schemas/structured-output.d.ts +26 -8
  21. package/build/schemas/structured-output.js +17 -7
  22. package/build/tools/__tests__/code_review.unit.test.d.ts +1 -0
  23. package/build/tools/__tests__/code_review.unit.test.js +43 -0
  24. package/build/tools/__tests__/fix_bug.unit.test.js +54 -17
  25. package/build/tools/__tests__/gentest.unit.test.d.ts +1 -0
  26. package/build/tools/__tests__/gentest.unit.test.js +40 -0
  27. package/build/tools/__tests__/refactor.unit.test.d.ts +1 -0
  28. package/build/tools/__tests__/refactor.unit.test.js +40 -0
  29. package/build/tools/__tests__/start_bugfix.unit.test.js +31 -18
  30. package/build/tools/code_review.js +149 -164
  31. package/build/tools/fix_bug.d.ts +1 -9
  32. package/build/tools/fix_bug.js +137 -289
  33. package/build/tools/gentest.js +149 -186
  34. package/build/tools/refactor.js +132 -360
  35. package/build/tools/start_bugfix.js +258 -344
  36. package/package.json +1 -1
@@ -1,31 +1,68 @@
1
1
  import { describe, expect, test } from "vitest";
2
+ import * as fs from "node:fs";
3
+ import * as os from "node:os";
4
+ import * as path from "node:path";
2
5
  import { fixBug } from "../fix_bug.js";
3
6
  describe("fix_bug 单元测试", () => {
4
- test("返回 TBP8 结构化输出", async () => {
7
+ test("返回 SRC-8 delegated plan、真因工作表与门禁", async () => {
5
8
  const result = await fixBug({
6
9
  error_message: "登录提交后页面白屏",
7
- stack_trace: "TypeError: Cannot read property 'token' of undefined at src/auth/login.ts:45:12",
8
- expected_behavior: "提示错误并保持页面可交互",
9
- actual_behavior: "页面白屏,无法继续操作",
10
+ stack_trace: "TypeError at src/auth/login.ts:45:12",
11
+ expected_behavior: "提示错误",
12
+ actual_behavior: "白屏",
13
+ success_sample: "错误密码时表单正常提示",
14
+ verification_target: "原复现步骤通过且 auth 单测绿",
10
15
  });
11
16
  expect(result.isError).toBe(false);
12
- expect("structuredContent" in result).toBe(true);
13
17
  const structured = result.structuredContent;
14
- expect(structured.analysisMode).toBe("tbp8");
15
- expect(structured.tbp.phenomenon).toMatch(/页面白屏|登录提交/);
16
- expect(Array.isArray(structured.tbp.timeline)).toBe(true);
17
- expect(structured.tbp.timeline.length).toBeGreaterThan(0);
18
- expect(Array.isArray(structured.tbp.repair)).toBe(true);
19
- expect(structured.affectedFiles).toContain("src/auth/login.ts");
18
+ const text = String(result.content[0].text);
19
+ expect(structured.mode).toBe("delegated");
20
+ expect(structured.methodology).toBe("src8");
21
+ expect(structured.metadata.plan.mode).toBe("delegated");
22
+ expect(structured.metadata.plan.steps.map((s) => s.id)).toEqual([
23
+ "src8-1",
24
+ "src8-2",
25
+ "src8-3",
26
+ "src8-4",
27
+ "src8-5",
28
+ "src8-6",
29
+ "src8-7",
30
+ "src8-8",
31
+ ]);
32
+ expect(structured.src8Checklist).toHaveLength(8);
33
+ expect(structured.rootCauseWorksheet.substeps).toHaveLength(5);
34
+ expect(structured.src8Gate.blockCodeChangeUntilStep).toBe(4);
35
+ expect(structured.attributionLayers.some((l) => l.id === "agent_behavior")).toBe(true);
36
+ expect(text).toMatch(/SRC-8/);
37
+ expect(text).not.toMatch(/方法论渊源/);
38
+ expect(text).not.toMatch(/docs\/src8-methodology/);
39
+ expect(text).toMatch(/rootCauseAnalysis|真因工作表/);
40
+ expect(text).toMatch(/metadata\.plan/);
41
+ expect(structured.bugfixInput.hasVerificationTarget).toBe(true);
20
42
  });
21
- test("支持 code_context 并进入证据链", async () => {
43
+ test("支持 code_context 进入证据链", async () => {
22
44
  const result = await fixBug({
23
- error_message: "接口返回成功但前端没生效",
24
- code_context: "图谱摘要: auth flow\n图谱线索: query: src/modules/record/index.js",
45
+ error_message: "接口成功但前端未生效",
46
+ code_context: "auth flow summary",
25
47
  });
26
- expect(result.isError).toBe(false);
27
48
  const structured = result.structuredContent;
28
- expect(structured.tbp.evidence.some((item) => item.source === "code_context")).toBe(true);
29
- expect(structured.fixPlan.steps[0]).toMatch(/TBP-1/);
49
+ expect(structured.bugfixInput.evidence.some((item) => item.source === "code_context")).toBe(true);
50
+ });
51
+ test("file_path 可读时注入代码上下文", async () => {
52
+ const dir = fs.mkdtempSync(path.join(os.tmpdir(), "fix-bug-"));
53
+ const filePath = path.join(dir, "handler.ts");
54
+ fs.writeFileSync(filePath, "throw new Error('boom');\n", "utf-8");
55
+ try {
56
+ const result = await fixBug({
57
+ error_message: "handler 抛错",
58
+ file_path: filePath,
59
+ project_root: dir,
60
+ });
61
+ const structured = result.structuredContent;
62
+ expect(structured.bugfixInput.code_context).toContain("boom");
63
+ }
64
+ finally {
65
+ fs.rmSync(dir, { recursive: true, force: true });
66
+ }
30
67
  });
31
68
  });
@@ -0,0 +1 @@
1
+ export {};
@@ -0,0 +1,40 @@
1
+ import { describe, expect, test } from "vitest";
2
+ import * as fs from "node:fs";
3
+ import * as os from "node:os";
4
+ import * as path from "node:path";
5
+ import { gentest } from "../gentest.js";
6
+ describe("gentest 单元测试", () => {
7
+ test("传入 code 时注入待测内容并标明 guidance 模式", async () => {
8
+ const sample = "export function add(a: number, b: number) { return a + b; }\n";
9
+ const result = await gentest({ code: sample, framework: "vitest" });
10
+ expect(result.isError).toBeFalsy();
11
+ const text = String(result.content[0].text);
12
+ expect(text).toContain("return a + b");
13
+ expect(text).toMatch(/指南型|guidance/i);
14
+ const structured = result.structuredContent;
15
+ expect(structured.mode).toBe("guidance");
16
+ expect(structured.gentestInput.received).toBe(true);
17
+ expect(structured.gentestInput.framework).toBe("vitest");
18
+ expect(structured.gentestInput.code).toContain("add");
19
+ });
20
+ test("未传 code/file_path 时明确提示 Agent 需先获取代码", async () => {
21
+ const result = await gentest({ framework: "jest" });
22
+ const text = String(result.content[0].text);
23
+ expect(text).toMatch(/未提供 code/);
24
+ expect(result.structuredContent.gentestInput.received).toBe(false);
25
+ });
26
+ test("file_path 可读时注入文件内容", async () => {
27
+ const dir = fs.mkdtempSync(path.join(os.tmpdir(), "gentest-"));
28
+ const filePath = path.join(dir, "math.ts");
29
+ fs.writeFileSync(filePath, "export const mul = (a: number, b: number) => a * b;\n", "utf-8");
30
+ try {
31
+ const result = await gentest({ file_path: filePath, project_root: dir });
32
+ const text = String(result.content[0].text);
33
+ expect(text).toContain("a * b");
34
+ expect(result.structuredContent.gentestInput.file).toBe(filePath);
35
+ }
36
+ finally {
37
+ fs.rmSync(dir, { recursive: true, force: true });
38
+ }
39
+ });
40
+ });
@@ -0,0 +1 @@
1
+ export {};
@@ -0,0 +1,40 @@
1
+ import { describe, expect, test } from "vitest";
2
+ import * as fs from "node:fs";
3
+ import * as os from "node:os";
4
+ import * as path from "node:path";
5
+ import { refactor } from "../refactor.js";
6
+ describe("refactor 单元测试", () => {
7
+ test("传入 code 时注入待重构内容并标明 guidance 模式", async () => {
8
+ const sample = "function f(x){if(x){if(x>0){return x*2}}return 0}\n";
9
+ const result = await refactor({ code: sample, goal: "reduce_complexity" });
10
+ expect(result.isError).toBeFalsy();
11
+ const text = String(result.content[0].text);
12
+ expect(text).toContain("return x*2");
13
+ expect(text).toMatch(/指南型|guidance/i);
14
+ const structured = result.structuredContent;
15
+ expect(structured.mode).toBe("guidance");
16
+ expect(structured.refactorInput.received).toBe(true);
17
+ expect(structured.refactorInput.goal).toBe("reduce_complexity");
18
+ expect(structured.refactorInput.code).toContain("return x*2");
19
+ });
20
+ test("未传 code/file_path 时明确提示 Agent 需先获取代码", async () => {
21
+ const result = await refactor({ goal: "improve_readability" });
22
+ const text = String(result.content[0].text);
23
+ expect(text).toMatch(/未提供 code/);
24
+ expect(result.structuredContent.refactorInput.received).toBe(false);
25
+ });
26
+ test("file_path 可读时注入文件内容", async () => {
27
+ const dir = fs.mkdtempSync(path.join(os.tmpdir(), "refactor-"));
28
+ const filePath = path.join(dir, "legacy.js");
29
+ fs.writeFileSync(filePath, "const MAGIC = 42;\n", "utf-8");
30
+ try {
31
+ const result = await refactor({ file_path: filePath, project_root: dir });
32
+ const text = String(result.content[0].text);
33
+ expect(text).toContain("MAGIC = 42");
34
+ expect(result.structuredContent.refactorInput.file).toBe(filePath);
35
+ }
36
+ finally {
37
+ fs.rmSync(dir, { recursive: true, force: true });
38
+ }
39
+ });
40
+ });
@@ -21,6 +21,18 @@ describe('start_bugfix 单元测试', () => {
21
21
  expect(result.isError).toBe(true);
22
22
  expect(result.content[0].text).toMatch(/缺少必填参数|错误信息/i);
23
23
  });
24
+ test('description 可作为 error_message 别名', async () => {
25
+ const result = await startBugfix({
26
+ description: 'memory-config 读取 items 时未做空值检查导致 map 报错',
27
+ analysis_mode: 'src8',
28
+ });
29
+ expect(result.isError).toBe(false);
30
+ const structured = result.structuredContent;
31
+ const src8Step = structured?.metadata?.plan?.steps?.find((step) => step.id === 'src8-1');
32
+ expect(src8Step?.action).toMatch(/明确差距/);
33
+ expect(result.content[0].text).toMatch(/memory-config/);
34
+ expect(result.content[0].text).not.toMatch(/docs\/src8-methodology/);
35
+ });
24
36
  test('返回委托式执行计划(steps)', async () => {
25
37
  const result = await startBugfix({
26
38
  error_message: 'TypeError: Cannot read property',
@@ -36,12 +48,13 @@ describe('start_bugfix 单元测试', () => {
36
48
  expect(plan).toBeTruthy();
37
49
  expect(plan.mode).toBe('delegated');
38
50
  expect(Array.isArray(plan.steps)).toBe(true);
39
- expect(structured.analysisMode).toBe('tbp8');
51
+ expect(structured.analysisMode).toBe('src8');
40
52
  expect(structured.tbp.rootCauseStatement).toMatch(/A \+ B|因果句|待形成/);
41
- const fixStep = plan.steps.find((step) => step.tool === 'fix_bug');
53
+ const fixStep = plan.steps.find((step) => step.id === 'src8-4');
42
54
  expect(fixStep).toBeTruthy();
43
- expect(fixStep.args.error_message).toBe('TypeError: Cannot read property');
44
- expect(fixStep.args.analysis_mode).toBe('tbp8');
55
+ expect(fixStep.action).toMatch(/把握真因/);
56
+ const gentestStep = plan.steps.find((step) => step.id === 'src8-7');
57
+ expect(gentestStep?.tool).toBe('gentest');
45
58
  const contextStep = plan.steps.find((step) => step.tool === 'init_project_context');
46
59
  expect(contextStep.outputs).toContain('docs/graph-insights/latest.md');
47
60
  expect(contextStep.outputs).toContain('docs/graph-insights/latest.json');
@@ -90,20 +103,20 @@ describe('start_bugfix 单元测试', () => {
90
103
  });
91
104
  test('template_profile 自动选择 strict(结构化输入)', async () => {
92
105
  const result = await startBugfix({
93
- error_message: `## 复现步骤
94
- 1. 打开登录页
95
- 2. 输入错误账号
96
- 3. 点击登录
97
-
98
- ## 期望
99
- 提示错误信息并保持页面可交互
100
-
101
- ## 实际
102
- 页面白屏,控制台报错
103
-
104
- ## 环境
105
- - 浏览器: Chrome 120
106
- - 系统: Windows 11
106
+ error_message: `## 复现步骤
107
+ 1. 打开登录页
108
+ 2. 输入错误账号
109
+ 3. 点击登录
110
+
111
+ ## 期望
112
+ 提示错误信息并保持页面可交互
113
+
114
+ ## 实际
115
+ 页面白屏,控制台报错
116
+
117
+ ## 环境
118
+ - 浏览器: Chrome 120
119
+ - 系统: Windows 11
107
120
  - 版本: v2.3.0`,
108
121
  stack_trace: 'TypeError: Cannot read property',
109
122
  template_profile: 'auto',
@@ -1,187 +1,172 @@
1
1
  import { parseArgs, getString } from "../utils/parseArgs.js";
2
- import { okText } from "../lib/response.js";
2
+ import { okStructured } from "../lib/response.js";
3
3
  import { renderGuidanceHeader } from "../lib/guidance.js";
4
4
  import { handleToolError } from "../utils/error-handler.js";
5
5
  import { renderCodeLimits, renderBannedPatterns, CODE_LIMITS } from "../lib/quality-constraints.js";
6
- // code_review 工具实现
6
+ import { resolveReviewCode, trimReviewCodeForPrompt } from "../lib/code-review-input.js";
7
+ import { resolveWorkspaceRoot } from "../lib/workspace-root.js";
7
8
  export async function codeReview(args) {
8
9
  try {
9
- // 智能参数解析,支持自然语言输入
10
10
  const parsedArgs = parseArgs(args, {
11
11
  defaultValues: {
12
12
  code: "",
13
13
  focus: "all",
14
+ file_path: "",
15
+ project_root: "",
14
16
  },
15
- primaryField: "code", // 纯文本输入默认映射到 code 字段
17
+ primaryField: "code",
16
18
  fieldAliases: {
17
- code: ["source", "src", "代码", "content"],
19
+ code: ["source", "src", "代码", "content", "diff"],
18
20
  focus: ["type", "category", "类型", "重点"],
21
+ file_path: ["filePath", "filepath", "path", "文件路径"],
22
+ project_root: ["projectRoot", "project_path", "dir", "directory", "项目路径"],
19
23
  },
20
24
  });
21
- const code = getString(parsedArgs.code);
22
- const focus = getString(parsedArgs.focus) || "all"; // quality, security, performance, all
25
+ const focus = getString(parsedArgs.focus) || "all";
26
+ const inlineCode = getString(parsedArgs.code) || getString(parsedArgs.input);
27
+ const filePath = getString(parsedArgs.file_path);
28
+ const projectRoot = getString(parsedArgs.project_root);
29
+ const resolved = resolveReviewCode({
30
+ code: inlineCode,
31
+ filePath: filePath || undefined,
32
+ projectRoot: projectRoot ? resolveWorkspaceRoot(projectRoot) : undefined,
33
+ });
34
+ if (resolved.error) {
35
+ return okStructured(`❌ code_review 无法读取输入: ${resolved.error}`, {
36
+ mode: "guidance",
37
+ reviewInput: {
38
+ received: false,
39
+ error: resolved.error,
40
+ file: filePath || null,
41
+ },
42
+ }, {
43
+ note: "指南型工具:请修正 file_path / project_root 或传入 code 后,由 Agent 按清单完成审查并输出 issues JSON",
44
+ });
45
+ }
46
+ const hasCode = Boolean(resolved.code.trim());
47
+ const promptCode = hasCode ? trimReviewCodeForPrompt(resolved.code) : "";
23
48
  const header = renderGuidanceHeader({
24
49
  tool: "code_review",
25
- goal: "对代码进行全面审查,发现问题并提供改进建议。",
26
- tasks: ["基于代码进行质量/安全/性能检查", "列出发现的问题和建议"],
27
- outputs: ["审查报告(包含问题清单、优点、建议)"],
50
+ goal: "由 Agent 根据下方代码与审查清单完成审查,并输出结构化问题清单。",
51
+ tasks: [
52
+ "先阅读本次注入的 reviewInput.code(或 file_path 对应文件)",
53
+ "按审查清单逐项检查,不要只复述清单",
54
+ "在回复中输出 issues JSON(severity/category/message/suggestion)",
55
+ ],
56
+ outputs: ["审查报告(问题清单、优点、建议)— 由 Agent 生成,非 MCP 静态扫描"],
57
+ notes: [
58
+ "本工具为指南型(guidance-only),不在服务端做静态规则扫描",
59
+ hasCode ? `已注入待审代码(${resolved.code.split("\n").length} 行)` : "未收到 code/file_path,请先提供待审内容",
60
+ ],
28
61
  });
29
- const message = `${header}请对以下代码进行全面审查:
30
-
31
- 📝 **代码内容**:
32
- ${code || "请提供需要审查的代码"}
33
-
34
- 🎯 **审查重点**:${focus}
35
-
36
- ---
37
-
38
- ## 代码审查清单
39
-
40
- ### 1️⃣ 代码质量检查
41
-
42
- ${renderCodeLimits()}
43
-
44
- **代码坏味道(Code Smells)**:
45
- - [ ] 重复代码(Duplicated Code)
46
- - [ ] 过长函数(Long Function)> ${CODE_LIMITS.maxFunctionLines} 行
47
- - [ ] 过长参数列表(Long Parameter List)> ${CODE_LIMITS.maxParameters} 个
48
- - [ ] 复杂条件判断(Complex Conditional)> ${CODE_LIMITS.maxNestingDepth} 层嵌套
49
- - [ ] 魔法数字(Magic Numbers)
50
- - [ ] 命名不清晰(Poor Naming)
51
-
52
- **设计原则**:
53
- - [ ] 单一职责原则(SRP)
54
- - [ ] 开闭原则(OCP)
55
- - [ ] 接口隔离原则(ISP)
56
- - [ ] 依赖倒置原则(DIP)
57
-
58
- ### 2️⃣ 安全漏洞检查
59
-
60
- **常见漏洞**:
61
- - [ ] SQL 注入风险
62
- - [ ] XSS(跨站脚本)风险
63
- - [ ] CSRF(跨站请求伪造)
64
- - [ ] 硬编码密钥/密码
65
- - [ ] 不安全的随机数生成
66
- - [ ] 路径遍历漏洞
67
- - [ ] 未验证的输入
68
- - [ ] 敏感信息泄露
69
-
70
- **安全最佳实践**:
71
- - [ ] 输入验证和过滤
72
- - [ ] 输出编码
73
- - [ ] 使用参数化查询
74
- - [ ] 密码/密钥使用环境变量
75
- - [ ] HTTPS 通信
76
-
77
- ### 3️⃣ 性能问题检查
78
-
79
- **性能风险**:
80
- - [ ] 循环内创建对象
81
- - [ ] 嵌套循环(O(n²) 或更差)
82
- - [ ] 不必要的重复计算
83
- - [ ] 内存泄漏风险
84
- - [ ] 阻塞主线程
85
- - [ ] 大数据量未分页
86
- - [ ] 同步 I/O 操作
87
-
88
- **React/Vue 性能**:
89
- - [ ] 未使用 useMemo/useCallback
90
- - [ ] 组件不必要的重渲染
91
- - [ ] 大列表未虚拟化
92
- - [ ] 状态管理不当
93
-
94
- ### 4️⃣ 完整性检查
95
-
96
- ${renderBannedPatterns()}
97
-
98
- ### 5️⃣ 最佳实践检查
99
-
100
- **TypeScript/JavaScript**:
101
- - [ ] 类型定义完整(避免 any)
102
- - [ ] 错误处理完善(try-catch)
103
- - [ ] 异步操作正确处理
104
- - [ ] 使用 const/let 替代 var
105
- - [ ] 箭头函数合理使用
106
-
107
- **命名规范**:
108
- - [ ] 变量:驼峰命名(camelCase)
109
- - [ ] 常量:大写下划线(UPPER_CASE)
110
- - [ ] 类/接口:帕斯卡命名(PascalCase)
111
- - [ ] 文件:短横线命名(kebab-case)
112
- - [ ] 布尔值:is/has/should 前缀
113
-
114
- **注释和文档**:
115
- - [ ] 复杂逻辑有注释说明
116
- - [ ] 公共 API 有文档
117
- - [ ] TODO/FIXME 标记清晰
118
-
119
- ---
120
-
121
- ## 审查报告格式
122
-
123
- **严重问题(🔴 Critical)**:
124
- 1. [位置] 问题描述
125
- - 风险:...
126
- - 建议:...
127
- - 修复示例:\`\`\`typescript ... \`\`\`
128
-
129
- **警告(🟡 Warning)**:
130
- 1. [位置] 问题描述
131
- - 影响:...
132
- - 建议:...
133
-
134
- **建议(🟢 Suggestion)**:
135
- 1. [位置] 改进建议
136
- - 当前:...
137
- - 建议:...
138
- - 收益:...
139
-
140
- **优点(✅ Good)**:
141
- - 做得好的地方
142
-
143
- ---
144
-
145
- ---
146
-
147
- ## 📤 输出格式要求
148
-
149
- 请严格按以下 JSON 格式输出审查结果:
150
-
151
- \`\`\`json
152
- {
153
- "summary": "代码整体评价(一句话)",
154
- "score": 85,
155
- "issues": [
156
- {
157
- "severity": "critical|high|medium|low",
158
- "category": "quality|security|performance|style",
159
- "file": "文件路径(如有)",
160
- "line": 10,
161
- "code": "问题代码片段",
162
- "message": "问题描述",
163
- "suggestion": "修复建议",
164
- "fix_example": "修复示例代码"
165
- }
166
- ],
167
- "highlights": ["做得好的地方1", "做得好的地方2"]
168
- }
169
- \`\`\`
170
-
171
- ## ⚠️ 边界约束
172
-
173
- - ❌ 仅分析,不自动修改源代码
174
- - ❌ 不执行代码或 shell 命令
175
- - ❌ 不做业务逻辑正确性判断(只关注代码质量)
176
- - ✅ 输出结构化问题清单和改进建议
177
-
178
- 现在请开始代码审查,生成详细的审查报告。`;
179
- return okText(message, {
180
- schema: (await import('../schemas/output/core-tools.js')).CodeReviewReportSchema,
181
- note: "本工具返回代码审查指南,AI 应根据指南分析代码并输出审查报告"
62
+ const message = `${header}请对以下代码进行全面审查:
63
+
64
+ 📝 **待审代码**${resolved.file ? `(来源: ${resolved.file})` : ""}:
65
+ ${hasCode ? `\`\`\`\n${promptCode}\n\`\`\`` : "_未提供 code / file_path,请 Agent 先读取目标文件或让用户补充后再审查_"}
66
+
67
+ 🎯 **审查重点**:${focus}
68
+
69
+ ---
70
+
71
+ ## 代码审查清单
72
+
73
+ ### 1️⃣ 代码质量检查
74
+
75
+ ${renderCodeLimits()}
76
+
77
+ **代码坏味道(Code Smells)**:
78
+ - [ ] 重复代码(Duplicated Code)
79
+ - [ ] 过长函数(Long Function)> ${CODE_LIMITS.maxFunctionLines} 行
80
+ - [ ] 过长参数列表(Long Parameter List)> ${CODE_LIMITS.maxParameters} 个
81
+ - [ ] 复杂条件判断(Complex Conditional)> ${CODE_LIMITS.maxNestingDepth} 层嵌套
82
+ - [ ] 魔法数字(Magic Numbers)
83
+ - [ ] 命名不清晰(Poor Naming)
84
+
85
+ **设计原则**:
86
+ - [ ] 单一职责原则(SRP)
87
+ - [ ] 开闭原则(OCP)
88
+ - [ ] 接口隔离原则(ISP)
89
+ - [ ] 依赖倒置原则(DIP)
90
+
91
+ ### 2️⃣ 安全漏洞检查
92
+
93
+ **常见漏洞**:
94
+ - [ ] SQL 注入风险
95
+ - [ ] XSS(跨站脚本)风险
96
+ - [ ] CSRF(跨站请求伪造)
97
+ - [ ] 硬编码密钥/密码
98
+ - [ ] 不安全的随机数生成
99
+ - [ ] 路径遍历漏洞
100
+ - [ ] 未验证的输入
101
+ - [ ] 敏感信息泄露
102
+
103
+ ### 3️⃣ 性能问题检查
104
+
105
+ **性能风险**:
106
+ - [ ] 循环内创建对象
107
+ - [ ] 嵌套循环(O(n²) 或更差)
108
+ - [ ] 不必要的重复计算
109
+ - [ ] 内存泄漏风险
110
+ - [ ] 阻塞主线程
111
+ - [ ] 大数据量未分页
112
+ - [ ] 同步 I/O 操作
113
+
114
+ ### 4️⃣ 完整性检查
115
+
116
+ ${renderBannedPatterns()}
117
+
118
+ ### 5️⃣ 最佳实践检查
119
+
120
+ **TypeScript/JavaScript**:
121
+ - [ ] 类型定义完整(避免 any)
122
+ - [ ] 错误处理完善(try-catch)
123
+ - [ ] 异步操作正确处理
124
+
125
+ ---
126
+
127
+ ## 📤 Agent 必须输出的 JSON 格式
128
+
129
+ \`\`\`json
130
+ {
131
+ "summary": "代码整体评价(一句话)",
132
+ "overallScore": 85,
133
+ "issues": [
134
+ {
135
+ "severity": "critical|high|medium|low",
136
+ "category": "quality|security|performance|style",
137
+ "file": "文件路径(如有)",
138
+ "line": 10,
139
+ "code": "问题代码片段",
140
+ "message": "问题描述",
141
+ "suggestion": "修复建议"
142
+ }
143
+ ],
144
+ "strengths": ["做得好的地方"]
145
+ }
146
+ \`\`\`
147
+
148
+ ## ⚠️ 边界
149
+
150
+ - MCP 仅返回指南 + 注入的待审代码,**issues 由 Agent 审查后生成**
151
+ - 不要声称「工具已扫描完成」;应基于上方代码与清单给出真实发现
152
+
153
+ 现在请开始审查并输出问题清单。`;
154
+ return okStructured(message, {
155
+ mode: "guidance",
156
+ reviewInput: {
157
+ received: hasCode,
158
+ focus,
159
+ file: resolved.file ?? null,
160
+ lineCount: hasCode ? resolved.code.split("\n").length : 0,
161
+ code: hasCode ? resolved.code : null,
162
+ truncatedInPrompt: hasCode && resolved.code.length !== promptCode.length,
163
+ },
164
+ }, {
165
+ schema: (await import("../schemas/output/core-tools.js")).CodeReviewReportSchema,
166
+ note: "指南型工具:issues 须由 Agent 按清单审查后生成;MCP 不返回静态扫描结果",
182
167
  });
183
168
  }
184
169
  catch (error) {
185
- return handleToolError(error, 'code_review');
170
+ return handleToolError(error, "code_review");
186
171
  }
187
172
  }
@@ -1,13 +1,5 @@
1
1
  /**
2
- * fix_bug 工具
3
- *
4
- * 功能:基于 TBP 8 步法输出真因分析与修复指南
5
- * 模式:指令生成器模式 - 返回详细的 RCA 与修复指南,由 AI 执行实际操作
6
- *
7
- * 流程:定义现象 → 复盘时间线 → 排除错误方向 → 找共同模式 → 定位边界 → 陈述真因 → 闭合证据链 → 设计修复方案
8
- */
9
- /**
10
- * fix_bug 工具实现
2
+ * fix_bug 工具 — SRC-8 delegated plan + 真因工作表
11
3
  */
12
4
  export declare function fixBug(args: any): Promise<import("../lib/response.js").ToolResponse | {
13
5
  content: Array<{