mcp-squared 0.4.0 → 0.7.0

package/dist/tui/config.js

@@ -123,6 +123,274 @@ function ensureConfigDir(configPath) {
 var SOCKET_FILENAME = "mcp-squared.sock", INSTANCE_DIR_NAME = "instances", SOCKET_DIR_NAME = "sockets", DAEMON_DIR_NAME = "daemon", DAEMON_REGISTRY_FILENAME = "daemon.json", DAEMON_SOCKET_FILENAME = "daemon.sock", CONFIG_FILENAME = "mcp-squared.toml", CONFIG_DIR_NAME = ".mcp-squared", APP_NAME = "mcp-squared";
 var init_paths = () => {};
 
+// src/capabilities/inference.ts
+function createEmptyScores() {
+  return CAPABILITY_IDS.reduce((acc, capability) => {
+    acc[capability] = 0;
+    return acc;
+  }, {});
+}
+function extractSchemaSignal(schema) {
+  if (!schema || schema.type !== "object") {
+    return "";
+  }
+  const keys = Object.keys(schema.properties ?? {});
+  const required = schema.required ?? [];
+  return `${keys.join(" ")} ${required.join(" ")}`;
+}
+function scoreTextSignals(scores, text) {
+  for (const capability of CAPABILITY_IDS) {
+    for (const pattern of CAPABILITY_PATTERNS[capability]) {
+      if (pattern.test(text)) {
+        scores[capability] += 4;
+      }
+    }
+  }
+}
+function getHighestScoringCapability(scores) {
+  const bestScore = Math.max(...Object.values(scores));
+  if (bestScore <= 0) {
+    return "general";
+  }
+  for (const capability of CAPABILITY_PRIORITY) {
+    if (scores[capability] === bestScore) {
+      return capability;
+    }
+  }
+  return "general";
+}
+function inferNamespaceCapability(namespace, tools, capabilityOverrides = {}) {
+  const override = capabilityOverrides[namespace];
+  if (override) {
+    return override;
+  }
+  const scores = createEmptyScores();
+  const namespaceText = namespace.toLowerCase();
+  for (const hint of NAMESPACE_HINTS) {
+    if (hint.pattern.test(namespaceText)) {
+      scores[hint.capability] += hint.score;
+    }
+  }
+  for (const tool of tools) {
+    const signal = [
+      tool.name,
+      tool.description ?? "",
+      extractSchemaSignal(tool.inputSchema)
+    ].join(" ").toLowerCase();
+    scoreTextSignals(scores, signal);
+  }
+  return getHighestScoringCapability(scores);
+}
+function groupNamespacesByCapability(inventories, capabilityOverrides = {}) {
+  const grouped = CAPABILITY_IDS.reduce((acc, capability) => {
+    acc[capability] = [];
+    return acc;
+  }, {});
+  const byNamespace = {};
+  const sorted = [...inventories].sort((a, b) => a.namespace.localeCompare(b.namespace));
+  for (const inventory of sorted) {
+    const capability = inferNamespaceCapability(inventory.namespace, inventory.tools, capabilityOverrides);
+    byNamespace[inventory.namespace] = capability;
+    grouped[capability].push(inventory.namespace);
+  }
+  return { byNamespace, grouped };
+}
+var CAPABILITY_IDS, CAPABILITY_PRIORITY, NAMESPACE_HINTS, CAPABILITY_PATTERNS;
+var init_inference = __esm(() => {
+  CAPABILITY_IDS = [
+    "code_search",
+    "docs",
+    "browser_automation",
+    "issue_tracking",
+    "cms_content",
+    "design",
+    "ai_media_generation",
+    "hosting_deploy",
+    "time_util",
+    "research",
+    "general"
+  ];
+  CAPABILITY_PRIORITY = [
+    "code_search",
+    "docs",
+    "browser_automation",
+    "issue_tracking",
+    "cms_content",
+    "design",
+    "ai_media_generation",
+    "hosting_deploy",
+    "time_util",
+    "research",
+    "general"
+  ];
+  NAMESPACE_HINTS = [
+    {
+      capability: "code_search",
+      pattern: /(auggie|augment|ctxdb|code|source|repo|symbol|search)/i,
+      score: 24
+    },
+    {
+      capability: "docs",
+      pattern: /(context7|ref|docs?|documentation|shadcn)/i,
+      score: 18
+    },
+    {
+      capability: "browser_automation",
+      pattern: /(chrome|devtools|browser|playwright|puppeteer|webdriver)/i,
+      score: 24
+    },
+    {
+      capability: "issue_tracking",
+      pattern: /(linear|jira|issue|ticket|project|milestone)/i,
+      score: 20
+    },
+    {
+      capability: "cms_content",
+      pattern: /(sanity|content|cms|dataset|schema|studio)/i,
+      score: 20
+    },
+    {
+      capability: "design",
+      pattern: /(pencil|figma|ui|design|artifact|visual)/i,
+      score: 20
+    },
+    {
+      capability: "hosting_deploy",
+      pattern: /(vercel|host|hosting|domain|dns|vps|deploy|infra)/i,
+      score: 22
+    },
+    {
+      capability: "time_util",
+      pattern: /(time|timezone|clock|date|utc)/i,
+      score: 22
+    },
+    {
+      capability: "ai_media_generation",
+      pattern: /(wavespeed|stability|replicate|midjourney|dall.?e|runway|imagen|flux|fal\.ai|dreamstudio)/i,
+      score: 24
+    },
+    {
+      capability: "research",
+      pattern: /(exa|perplexity|firecrawl|crawl|scrape|research|search)/i,
+      score: 16
+    }
+  ];
+  CAPABILITY_PATTERNS = {
+    code_search: [
+      /\bcodebase\b/i,
+      /\bsource\b/i,
+      /\brepo(?:sitory)?\b/i,
+      /\bsymbol(?:s)?\b/i,
+      /\bdefinition(?:s)?\b/i,
+      /\breference(?:s)?\b/i,
+      /\busage(?:s)?\b/i,
+      /\bsearch_context\b/i,
+      /\bcodebase-retrieval\b/i,
+      /\bdirectory_path\b/i
+    ],
+    docs: [
+      /\bdoc(?:s|umentation)?\b/i,
+      /\bread_docs\b/i,
+      /\bquery-docs\b/i,
+      /\breference\b/i,
+      /\bmanual\b/i,
+      /\bknowledge\b/i,
+      /\bregist(?:ry|ries)\b/i,
+      /\bcomponent(?:s)?\b/i,
+      /\bexample(?:s)?\b/i
+    ],
+    browser_automation: [
+      /\bbrowser\b/i,
+      /\bdevtools\b/i,
+      /\bnavigate\b/i,
+      /\bclick\b/i,
+      /\bhover\b/i,
+      /\bnetwork\b/i,
+      /\bconsole\b/i,
+      /\bscreenshot\b/i,
+      /\bpage\b/i
+    ],
+    issue_tracking: [
+      /\bissue(?:s)?\b/i,
+      /\bticket(?:s)?\b/i,
+      /\bmilestone(?:s)?\b/i,
+      /\bcycle(?:s)?\b/i,
+      /\bproject(?:s)?\b/i,
+      /\bcomment(?:s)?\b/i,
+      /\blinear\b/i
+    ],
+    cms_content: [
+      /\bcms\b/i,
+      /\bcontent\b/i,
+      /\bdocument(?:s)?\b/i,
+      /\bdataset(?:s)?\b/i,
+      /\bschema\b/i,
+      /\bpublish\b/i,
+      /\bdraft(?:s)?\b/i,
+      /\bsanity\b/i,
+      /\bmigration\b/i
+    ],
+    design: [
+      /\bdesign\b/i,
+      /\bui\b/i,
+      /\bartifact\b/i,
+      /\bstyle_guide\b/i,
+      /\bscreenshot\b/i,
+      /\bdiagram\b/i,
+      /\bimage\b/i,
+      /\blayout\b/i,
+      /\bframe\b/i
+    ],
+    ai_media_generation: [
+      /\btext.to.image\b/i,
+      /\bimage.to.image\b/i,
+      /\btext.to.video\b/i,
+      /\binpaint(?:ing)?\b/i,
+      /\bupscal(?:e|ing)\b/i,
+      /\bgenerat(?:e|ion)\b.*\bimage/i,
+      /\bimage\b.*\bgenerat(?:e|ion)\b/i,
+      /\bai\b.*\b(?:image|photo|video)\b/i,
+      /\bstable.diffusion\b/i,
+      /\bdiffusion\b/i,
+      /\bprompt\b.*\b(?:image|visual)\b/i
+    ],
+    hosting_deploy: [
+      /\bdeploy(?:ment)?\b/i,
+      /\bhosting\b/i,
+      /\bdomain(?:s)?\b/i,
+      /\bdns\b/i,
+      /\bvps\b/i,
+      /\bvirtual_machine(?:s)?\b/i,
+      /\bfirewall\b/i,
+      /\bwebsite\b/i,
+      /\bbilling\b/i,
+      /\bnameserver(?:s)?\b/i
+    ],
+    time_util: [
+      /\btime\b/i,
+      /\btimezone\b/i,
+      /\butc\b/i,
+      /\bclock\b/i,
+      /\bdate\b/i,
+      /\bconvert_time\b/i,
+      /\bget_current_time\b/i
+    ],
+    research: [
+      /\bresearch\b/i,
+      /\bcrawl\b/i,
+      /\bscrape\b/i,
+      /\bextract\b/i,
+      /\bsemantic_search\b/i,
+      /\bweb_search\b/i,
+      /\bask\b/i,
+      /\bperplexity\b/i,
+      /\bfirecrawl\b/i,
+      /\bexa\b/i
+    ],
+    general: []
+  };
+});
+
 // src/tui/config.ts
 import {
   ASCIIFontRenderable,
@@ -378,6 +646,7 @@ import { parse as parseToml } from "smol-toml";
 import { ZodError } from "zod";
 
 // src/config/schema.ts
+init_inference();
 import { z } from "zod";
 var LATEST_SCHEMA_VERSION = 1;
 var LogLevelSchema = z.enum([
@@ -434,6 +703,18 @@ var SecuritySchema = z.object({
 });
 var SearchModeSchema = z.enum(["fast", "semantic", "hybrid"]);
 var DetailLevelSchema = z.enum(["L0", "L1", "L2"]);
+var CapabilityIdSchema = z.enum(CAPABILITY_IDS);
+var DynamicToolSurfaceInferenceSchema = z.enum([
+  "heuristic_with_overrides",
+  "hybrid"
+]);
+var DynamicToolSurfaceRefreshSchema = z.enum(["on_connect"]);
+var DynamicToolSurfaceSchema = z.object({
+  inference: DynamicToolSurfaceInferenceSchema.default("heuristic_with_overrides"),
+  refresh: DynamicToolSurfaceRefreshSchema.default("on_connect"),
+  capabilityOverrides: z.record(z.string().min(1), CapabilityIdSchema).default({}),
+  semanticConfidenceThreshold: z.number().min(0).max(1).default(0.45)
+});
 var PreferredNamespacesByIntentSchema = z.object({
   codeSearch: z.array(z.string().min(1)).default([])
 });
@@ -455,6 +736,14 @@ var LoggingSchema = z.object({
 var EmbeddingsSchema = z.object({
   enabled: z.boolean().default(false)
 });
+var ResponseResourceSchema = z.object({
+  enabled: z.boolean().default(false),
+  thresholdBytes: z.number().int().min(1024).default(51200),
+  maxInlineLines: z.number().int().min(1).default(20),
+  maxResources: z.number().int().min(1).default(100),
+  ttlMs: z.number().int().min(0).default(600000)
+});
+var DEFAULT_RESPONSE_RESOURCE_CONFIG = ResponseResourceSchema.parse({});
 var SelectionCacheSchema = z.object({
   enabled: z.boolean().default(true),
   minCooccurrenceThreshold: z.number().int().min(1).default(2),
@@ -471,10 +760,17 @@ var OperationsSchema = z.object({
   index: IndexSchema.default({ refreshIntervalMs: 30000 }),
   logging: LoggingSchema.default({ level: "info" }),
   embeddings: EmbeddingsSchema.default({ enabled: false }),
+  responseResource: ResponseResourceSchema.default(DEFAULT_RESPONSE_RESOURCE_CONFIG),
   selectionCache: SelectionCacheSchema.default({
     enabled: true,
     minCooccurrenceThreshold: 2,
     maxBundleSuggestions: 3
+  }),
+  dynamicToolSurface: DynamicToolSurfaceSchema.default({
+    inference: "heuristic_with_overrides",
+    refresh: "on_connect",
+    capabilityOverrides: {},
+    semanticConfidenceThreshold: 0.45
   })
 }).default({
   findTools: {
@@ -487,10 +783,17 @@ var OperationsSchema = z.object({
   index: { refreshIntervalMs: 30000 },
   logging: { level: "info" },
   embeddings: { enabled: false },
+  responseResource: DEFAULT_RESPONSE_RESOURCE_CONFIG,
   selectionCache: {
     enabled: true,
     minCooccurrenceThreshold: 2,
     maxBundleSuggestions: 3
+  },
+  dynamicToolSurface: {
+    inference: "heuristic_with_overrides",
+    refresh: "on_connect",
+    capabilityOverrides: {},
+    semanticConfidenceThreshold: 0.45
   }
 });
 var ConfigSchema = z.object({
@@ -544,6 +847,34 @@ function migrateV0ToV1(config) {
 
 // src/config/load.ts
 init_paths();
+function isRecord(value) {
+  return typeof value === "object" && value !== null;
+}
+function getDeprecatedDynamicToolSurfaceKeys(raw) {
+  const operations = raw["operations"];
+  if (!isRecord(operations)) {
+    return [];
+  }
+  const dynamicToolSurface = operations["dynamicToolSurface"];
+  if (!isRecord(dynamicToolSurface)) {
+    return [];
+  }
+  const deprecated = [];
+  if ("mode" in dynamicToolSurface) {
+    deprecated.push("operations.dynamicToolSurface.mode");
+  }
+  if ("naming" in dynamicToolSurface) {
+    deprecated.push("operations.dynamicToolSurface.naming");
+  }
+  return deprecated;
+}
+function warnDeprecatedDynamicToolSurfaceKeys(filePath, keys) {
+  if (keys.length === 0) {
+    return;
+  }
+  console.warn(`[mcp\xB2] Deprecated config keys in ${filePath}: ${keys.join(", ")}. Run 'mcp-squared migrate' to clean up legacy settings.`);
+}
+
 class ConfigError extends Error {
   cause;
   constructor(message, cause) {
@@ -611,6 +942,7 @@ async function loadConfigFromPath(filePath, source) {
   } catch (err) {
     throw new ConfigParseError(filePath, err);
   }
+  warnDeprecatedDynamicToolSurfaceKeys(filePath, getDeprecatedDynamicToolSurfaceKeys(rawConfig));
   const migrated = migrateConfig(rawConfig);
   let config;
   try {
@@ -1473,60 +1805,68 @@ function cleanupExpiredTokens() {
     }
   }
 }
-function validateConfirmationToken(token, serverKey, toolName) {
+function validateConfirmationToken(token, capability, action) {
   cleanupExpiredTokens();
   const confirmation = pendingConfirmations.get(token);
   if (!confirmation) {
     return false;
   }
-  if (confirmation.serverKey !== serverKey || confirmation.toolName !== toolName) {
+  if (confirmation.capability !== capability || confirmation.action !== action) {
     return false;
   }
   pendingConfirmations.delete(token);
   return true;
 }
-function createConfirmationToken(serverKey, toolName) {
+function createConfirmationToken(capability, action) {
   cleanupExpiredTokens();
   const token = generateToken();
   pendingConfirmations.set(token, {
-    serverKey,
-    toolName,
+    capability,
+    action,
     createdAt: Date.now()
   });
   return token;
 }
 function evaluatePolicy(context, config) {
-  const { serverKey, toolName, confirmationToken } = context;
+  const capability = context.capability ?? context.serverKey;
+  const action = context.action ?? context.toolName;
+  const confirmationToken = context.confirmationToken;
   const { block, confirm, allow } = config.security.tools;
-  if (matchesAnyPattern(block, serverKey, toolName)) {
+  if (!capability || !action) {
     return {
       decision: "block",
-      reason: `Tool "${toolName}" on server "${serverKey}" is blocked by security policy`
+      reason: "Missing capability/action in security policy context"
     };
   }
-  if (matchesAnyPattern(allow, serverKey, toolName)) {
+  if (matchesAnyPattern(block, capability, action)) {
+    return {
+      decision: "block",
+      reason: `Action "${action}" in capability "${capability}" is blocked by security policy`
+    };
+  }
+  if (matchesAnyPattern(allow, capability, action)) {
     return {
       decision: "allow",
-      reason: `Tool "${toolName}" is allowed by security policy`
+      reason: `Action "${action}" is allowed by security policy`
     };
   }
-  if (matchesAnyPattern(confirm, serverKey, toolName)) {
-    if (confirmationToken && validateConfirmationToken(confirmationToken, serverKey, toolName)) {
+  if (matchesAnyPattern(confirm, capability, action)) {
+    if (confirmationToken && validateConfirmationToken(confirmationToken, capability, action)) {
       return {
         decision: "allow",
-        reason: `Tool "${toolName}" confirmed with valid token`
+        reason: `Action "${action}" confirmed with valid token`
       };
     }
-    const token = createConfirmationToken(serverKey, toolName);
+    const token = createConfirmationToken(capability, action);
     return {
       decision: "confirm",
-      reason: `Tool "${toolName}" on server "${serverKey}" requires confirmation`,
+      reason: `Action "${action}" in capability "${capability}" requires confirmation`,
       confirmationToken: token
     };
   }
   return {
     decision: "block",
-    reason: `Tool "${toolName}" on server "${serverKey}" is not in the allow or confirm list`
+    reason: `Action "${action}" in capability "${capability}" is not in the allow or confirm list`
   };
 }
 function compilePolicy(config) {
@@ -1685,6 +2025,26 @@ async function waitForProcessExit(proc, timeoutMs) {
 }
 
 // src/upstream/cataloger.ts
+var AUTH_ERROR_PATTERNS = [
+  "invalid_token",
+  "invalid token",
+  "unauthorized",
+  "no token provided",
+  "no authorization",
+  "api key",
+  "api_key",
+  "authentication required",
+  "authentication failed",
+  "invalid credentials",
+  "invalid api",
+  "forbidden",
+  "access denied",
+  "not authenticated"
+];
+function isAuthError(message) {
+  const lower = message.toLowerCase();
+  return AUTH_ERROR_PATTERNS.some((pattern) => lower.includes(pattern));
+}
 function resolveEnvVars(env) {
   const resolved = {};
   for (const [key, value] of Object.entries(env)) {
@@ -1765,7 +2125,7 @@ class Cataloger {
         if (err instanceof UnauthorizedError2 && connection.authProvider) {
           if (connection.authProvider.isNonInteractive()) {
             connection.authPending = true;
-            connection.status = "error";
+            connection.status = "needs_auth";
             connection.error = `OAuth authorization required. Run: mcp-squared auth ${key}`;
             return;
           }
@@ -1789,8 +2149,9 @@ class Cataloger {
       }));
       connection.status = "connected";
     } catch (err) {
-      connection.status = "error";
-      connection.error = err instanceof Error ? err.message : String(err);
+      const errorMsg = err instanceof Error ? err.message : String(err);
+      connection.status = isAuthError(errorMsg) ? "needs_auth" : "error";
+      connection.error = errorMsg;
       try {
         await this.cleanupConnection(connection);
       } catch (_cleanupErr) {}
@@ -1924,10 +2285,15 @@ class Cataloger {
       name: bareToolName,
       arguments: args
     });
-    return {
+    const response = {
       content: callResult.content,
       isError: callResult.isError
     };
+    const sc = callResult["structuredContent"];
+    if (sc != null && typeof sc === "object" && !Array.isArray(sc)) {
+      response.structuredContent = sc;
+    }
+    return response;
   }
   async refreshTools(key) {
     const connection = this.connections.get(key);
@@ -1952,13 +2318,14 @@ class Cataloger {
       if (err instanceof UnauthorizedError2 && connection.authProvider) {
         if (connection.authProvider.isNonInteractive()) {
           connection.authPending = true;
-          connection.status = "error";
+          connection.status = "needs_auth";
           connection.error = `OAuth authorization required. Run: mcp-squared auth ${key}`;
           return;
         }
       }
-      connection.status = "error";
-      connection.error = err instanceof Error ? err.message : String(err);
+      const errorMsg = err instanceof Error ? err.message : String(err);
+      connection.status = isAuthError(errorMsg) ? "needs_auth" : "error";
+      connection.error = errorMsg;
     }
   }
   async refreshAllTools() {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mcp-squared",
-  "version": "0.4.0",
+  "version": "0.7.0",
   "description": "MCP² (Mercury Control Plane) - A local-first meta-server and proxy for the Model Context Protocol",
   "author": "aditzel",
   "license": "Apache-2.0",
@@ -28,7 +28,7 @@
     "test": "bun test",
     "test:fast": "SKIP_SLOW_TESTS=true bun test",
     "test:watch": "bun test --watch",
-    "coverage:check": "bun run scripts/check-line-coverage.ts coverage/coverage-summary.txt 80",
+    "coverage:check": "bun run scripts/check-line-coverage.ts coverage/coverage-summary.txt coverage/lcov.info 80",
     "typecheck": "tsc --noEmit",
     "lint": "biome check src tests scripts AGENTS.md CLAUDE.md WARP.md README.md CHANGELOG.md package.json biome.json tsconfig.json",
     "release:check": "bun run audit && bun test && bun run build && bun run build:verify && bun run lint && bun run typecheck && bun pm pack --dry-run",
@@ -60,10 +60,13 @@
     "url": "https://github.com/aditzel/mcp-squared"
   },
   "dependencies": {
+    "@hono/node-server": "^1.19.11",
     "@huggingface/transformers": "^3.8.1",
     "@modelcontextprotocol/sdk": "^1.27.1",
     "@opentui/core": "^0.1.82",
+    "hono": "^4.12.5",
     "smol-toml": "^1.6.0",
+    "tar": "^7.5.10",
     "yaml": "^2.8.2",
     "zod": "^4.3.6"
   },
@@ -72,10 +75,12 @@
     "@opentelemetry/sdk-trace-base": "^1.30.1"
   },
   "overrides": {
+    "@hono/node-server": "^1.19.11",
     "ajv": "^8.18.0",
     "diff": "8.0.3",
-    "hono": "^4.11.10",
+    "express-rate-limit": "8.2.2",
+    "hono": "^4.12.5",
     "qs": "6.15.0",
-    "tar": "7.5.9"
+    "tar": "^7.5.10"
   }
 }