mcp-squared 0.4.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +61 -21
  2. package/dist/index.js +1629 -467
  3. package/dist/tui/config.js +390 -23
  4. package/package.json +9 -4
package/README.md CHANGED
@@ -3,7 +3,7 @@
3
3
  MCP² (Mercury Control Plane) is a local-first meta-server and proxy for the Model Context Protocol (MCP). It addresses tool context bloat by enabling dynamic, progressive disclosure of tools to LLMs. Instead of flooding the model context with every available tool schema, MCP² exposes a stable, minimal surface area for tool discovery and execution.
4
4
 
5
5
  ## Status
6
- **Alpha (v0.1.x)** - Core functionality is implemented and tested; CLI and config details may evolve.
6
+ **Alpha (v0.6.x)** - Core functionality is implemented and tested; CLI and config details may evolve.
7
7
 
8
8
  ## Install & Run
9
9
 
@@ -161,9 +161,9 @@ url = "https://example.com/mcp"
161
161
  auth = true
162
162
  ```
163
163
 
164
- Security policies (allow/block/confirm) live under `security.tools`. Confirmation flows return a short-lived token that must be provided to `execute` to proceed. OAuth tokens for SSE upstreams are stored under `~/.config/mcp-squared/tokens/<upstream>.json`.
164
+ Security policies (allow/block/confirm) live under `security.tools` and are matched against `capability:action` patterns. Confirmation flows return a short-lived token that must be provided to the same capability/action call to proceed. OAuth tokens for SSE upstreams are stored under `~/.config/mcp-squared/tokens/<upstream>.json`.
165
165
 
166
- `mcp-squared init` now seeds code-search routing preferences so `find_tools` prioritizes common code indexers by default:
166
+ `mcp-squared init` seeds code-search routing preferences so internal retrieval/routing heuristics prioritize common code indexers by default:
167
167
 
168
168
  ```toml
169
169
  [operations.findTools.preferredNamespacesByIntent]
@@ -172,6 +172,18 @@ codeSearch = ["auggie", "ctxdb"]
172
172
 
173
173
  Tune this list (or set it to `[]`) if your environment uses different namespaces.
174
174
 
175
+ Capability-first connect-time tool surfacing is configurable via inference/override settings:
176
+
177
+ ```toml
178
+ [operations.dynamicToolSurface]
179
+ inference = "heuristic_with_overrides"
180
+ refresh = "on_connect"
181
+
182
+ [operations.dynamicToolSurface.capabilityOverrides]
183
+ # Optional explicit namespace -> capability pinning.
184
+ # auggie = "code_search"
185
+ ```
186
+
175
187
  For existing configs created before this default, run:
176
188
 
177
189
  ```bash
@@ -180,26 +192,53 @@ mcp-squared migrate
180
192
 
181
193
  Use `mcp-squared migrate --dry-run` to preview without writing.
182
194
 
183
- ## Tool API (Meta-Tools)
195
+ Migration note: capability-router mode is now the only public surface. `mcp-squared migrate` cleans legacy config keys and rewrites security patterns to capability/action form.
184
196
 
185
- MCP² exposes these tools to MCP clients:
186
- - `find_tools` - Search tools across upstream servers
187
- - `describe_tools` - Fetch full JSON schemas for selected tools
188
- - `execute` - Call an upstream tool with policy enforcement
189
- - `list_namespaces` - List upstream namespaces (optionally with tool names)
190
- - `clear_selection_cache` - Reset co-occurrence based suggestions
197
+ Legacy keys `operations.dynamicToolSurface.mode` and `operations.dynamicToolSurface.naming` are accepted for compatibility, ignored at runtime, and warned on load. `mcp-squared migrate` removes them.
191
198
 
192
- Recommended workflow for LLM clients:
193
- 1. Call `find_tools` first to discover candidate tools for the task.
194
- 2. Call `describe_tools` for selected candidates to confirm exact argument schemas.
195
- 3. Call `execute` with a qualified tool name (`namespace:tool_name`).
196
- 4. Use `list_namespaces` if tool names are ambiguous or you need namespace context.
199
+ ## Tool API (Capability Routers)
200
+
201
+ MCP² exposes one public tool per non-empty capability at connect time:
202
+ - `code_search`
203
+ - `docs`
204
+ - `browser_automation`
205
+ - `issue_tracking`
206
+ - `cms_content`
207
+ - `design`
208
+ - `hosting_deploy`
209
+ - `time_util`
210
+ - `research`
211
+ - `general`
197
212
 
198
- For codebase-search tasks, `find_tools` applies intent-aware ranking and may return namespace guidance (for example preferring configured code-search namespaces like `auggie`).
213
+ Each capability tool uses a thin router contract:
214
+
215
+ ```json
216
+ {
217
+ "action": "string",
218
+ "arguments": {},
219
+ "confirmation_token": "optional string"
220
+ }
221
+ ```
222
+
223
+ Every capability tool supports `action = "__describe_actions"` for introspection. This returns capability-local action IDs, summaries, and input schemas without exposing upstream namespace/tool identifiers.
224
+
225
+ When multiple upstream instances expose the same capability action, MCP² now
226
+ uses stable, instance-aware action IDs such as `create_issue__github_work`
227
+ instead of order-dependent numeric suffixes. `__describe_actions` also includes
228
+ `baseAction`, `instance`, and `instanceTitle` fields for colliding routes so
229
+ clients can distinguish duplicate accounts or environments. Legacy numeric
230
+ aliases such as `create_issue__2` are still accepted during the transition, but
231
+ the instance-aware IDs are the preferred public contract.
232
+
233
+ Recommended workflow for LLM clients:
234
+ 1. Call the relevant capability (for example `code_search`) with `action = "__describe_actions"`.
235
+ 2. Select an action ID and call the same capability with `arguments`.
236
+ 3. If `requires_disambiguation` is returned, retry with one of the returned candidate action IDs.
237
+ 4. If `requires_confirmation` is returned, retry with `confirmation_token`.
199
238
 
200
- ## Search Modes
239
+ ## Internal Retrieval Modes
201
240
 
202
- `find_tools` supports three search modes:
241
+ `operations.findTools.defaultMode` supports three retrieval modes used by MCP² internals and evaluation tooling:
203
242
  - `fast` (default): SQLite FTS5 full-text search
204
243
  - `semantic`: Embedding similarity search (falls back to `fast` if embeddings are missing)
205
244
  - `hybrid`: FTS5 + embedding rerank (falls back to `fast` if embeddings are missing)
@@ -216,11 +255,12 @@ MCP² can import or install MCP server configs for:
216
255
  ## Key Features
217
256
  - Multi-upstream support (stdio + SSE/HTTP)
218
257
  - OAuth 2.0 dynamic client registration for SSE upstreams
219
- - Hybrid search with optional local embeddings (FTS5 + Transformers.js)
220
- - Detail levels (L0/L1/L2) for progressive schema disclosure
258
+ - Capability-first public API (one router tool per capability)
259
+ - Action-level introspection via `__describe_actions`
260
+ - Hybrid retrieval with optional local embeddings (FTS5 + Transformers.js)
221
261
  - Selection caching with co-occurrence suggestions
222
262
  - Background index refresh with change detection
223
- - Security policies (allow/block/confirm) with confirmation tokens
263
+ - Security policies (allow/block/confirm) on `capability:action` patterns
224
264
  - Local-first architecture (SQLite index)
225
265
  - TUI interfaces for configuration and monitoring
226
266