projscan 3.4.1 → 3.6.0

package/dist/mcp/tools/plugin.js.map

@@ -1 +1 @@
-{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../../../src/mcp/tools/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EACL,UAAU,EACV,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,EACvB,cAAc,EACd,sBAAsB,GACvB,MAAM,uBAAuB,CAAC;AAE/B;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,UAAU,GAAY;IACjC,IAAI,EAAE,iBAAiB;IACvB,WAAW,EACT,6SAA6S;IAC/S,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;gBAC1B,WAAW,EACT,qJAAqJ;aACxJ;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iGAAiG;aAC/G;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACtE,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;gBACxD,OAAO;oBACL,OAAO,EAAE,cAAc,EAAE;oBACzB,OAAO,EAAE,mBAAmB;oBAC5B,KAAK,EAAE,OAAO,CAAC,MAAM;oBACrB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;wBAC3B,YAAY,EAAE,CAAC,CAAC,YAAY;wBAC5B,EAAE,EAAE,CAAC,CAAC,QAAQ,KAAK,IAAI;wBACvB,GAAG,CAAC,CAAC,CAAC,QAAQ;4BACZ,CAAC,CAAC;gCACE,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;gCACrB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;gCACrB,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;gCACzB,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU;oCAChC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE;oCACnC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;gCACtC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW;6BACpC;4BACH,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC;qBAClD,CAAC,CAAC;iBACJ,CAAC;YACJ,CAAC;YACD,KAAK,UAAU,CAAC,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,OAAO,IAAI,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3E,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;gBAC/E,MAAM,QAAQ,GAAG,MAAM,sBAAsB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAC3D,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAAE,OAAO,QAAQ,CAAC,OAAO,CAAC;gBAC1C,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACnE,OAAO,MAAM,CAAC,EAAE;oBACd,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE;oBACzC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC;YACzE,CAAC;YACD;gBACE,MAAM,IAAI,KAAK,CAAC,mBAAmB,MAAM,2BAA2B,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;CACF,CAAC;AAOF,KAAK,UAAU,sBAAsB,CAAC,QAAgB,EAAE,SAAiB;IACvE,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC/B,OAAO,mBAAmB,CAAC,oDAAoD,CAAC,CAAC;IACnF,CAAC;IACD,IAAI,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,EAAE,CAAC;QACjE,OAAO,mBAAmB,CAAC,mDAAmD,CAAC,CAAC;IAClF,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;QAC7C,OAAO,mBAAmB,CAAC,+BAA+B,mBAAmB,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;IACjF,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACpD,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,aAAa,CAAC,EAAE,CAAC;QACjD,OAAO,mBAAmB,CAAC,iCAAiC,UAAU,GAAG,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IAC1E,IAAI,CAAC,iBAAiB,CAAC,aAAa,EAAE,aAAa,CAAC,EAAE,CAAC;QACrD,OAAO,mBAAmB,CAAC,oCAAoC,UAAU,GAAG,CAAC,CAAC;IAChF,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,aAAa,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAiB,EAAE,SAAiB;IAC7D,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IACrD,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;AACzF,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAe;IAC1C,OAAO;QACL,EAAE,EAAE,KAAK;QACT,OAAO,EAAE;YACP,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,OAAO;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,uBAAuB;gBAC7B,OAAO;gBACP,IAAI,EAAE,mBAAmB,UAAU,UAAU,mBAAmB,GAAG;aACpE;SACF;KACF,CAAC;AACJ,CAAC"}
+{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../../../src/mcp/tools/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EACL,UAAU,EACV,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,EACvB,cAAc,EACd,sBAAsB,GACvB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAEjE;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,UAAU,GAAY;IACjC,IAAI,EAAE,iBAAiB;IACvB,WAAW,EACT,2iBAA2iB;IAC7iB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;gBAC1B,WAAW,EACT,qJAAqJ;aACxJ;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iGAAiG;aAC/G;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACtE,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;gBACxD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;oBACtB,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;wBAChB,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,YAAY,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC;oBAC/F,CAAC;oBACD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACjF,MAAM,KAAK,GAAG,MAAM,oBAAoB,CAAC,UAAU,CAAC,CAAC;oBACrD,OAAO;wBACL,YAAY,EAAE,CAAC,CAAC,YAAY;wBAC5B,EAAE,EAAE,IAAI;wBACR,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;wBACrB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;wBACrB,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;wBACzB,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU;4BAChC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE;4BACnC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;wBACtC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW;wBACnC,4DAA4D;wBAC5D,2DAA2D;wBAC3D,KAAK,EAAE,KAAK,CAAC,MAAM;qBACpB,CAAC;gBACJ,CAAC,CAAC,CACH,CAAC;gBACF,OAAO;oBACL,OAAO,EAAE,cAAc,EAAE;oBACzB,OAAO,EAAE,mBAAmB;oBAC5B,KAAK,EAAE,OAAO,CAAC,MAAM;oBACrB,OAAO;iBACR,CAAC;YACJ,CAAC;YACD,KAAK,UAAU,CAAC,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,OAAO,IAAI,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3E,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;gBAC/E,MAAM,QAAQ,GAAG,MAAM,sBAAsB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAC3D,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAAE,OAAO,QAAQ,CAAC,OAAO,CAAC;gBAC1C,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACnE,OAAO,MAAM,CAAC,EAAE;oBACd,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE;oBACzC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC;YACzE,CAAC;YACD;gBACE,MAAM,IAAI,KAAK,CAAC,mBAAmB,MAAM,2BAA2B,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;CACF,CAAC;AAOF,KAAK,UAAU,sBAAsB,CAAC,QAAgB,EAAE,SAAiB;IACvE,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC/B,OAAO,mBAAmB,CAAC,oDAAoD,CAAC,CAAC;IACnF,CAAC;IACD,IAAI,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,EAAE,CAAC;QACjE,OAAO,mBAAmB,CAAC,mDAAmD,CAAC,CAAC;IAClF,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;QAC7C,OAAO,mBAAmB,CAAC,+BAA+B,mBAAmB,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;IACjF,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACpD,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,aAAa,CAAC,EAAE,CAAC;QACjD,OAAO,mBAAmB,CAAC,iCAAiC,UAAU,GAAG,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IAC1E,IAAI,CAAC,iBAAiB,CAAC,aAAa,EAAE,aAAa,CAAC,EAAE,CAAC;QACrD,OAAO,mBAAmB,CAAC,oCAAoC,UAAU,GAAG,CAAC,CAAC;IAChF,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,aAAa,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAiB,EAAE,SAAiB;IAC7D,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IACrD,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;AACzF,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAe;IAC1C,OAAO;QACL,EAAE,EAAE,KAAK;QACT,OAAO,EAAE;YACP,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,OAAO;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,uBAAuB;gBAC7B,OAAO;gBACP,IAAI,EAAE,mBAAmB,UAAU,UAAU,mBAAmB,GAAG;aACpE;SACF;KACF,CAAC;AACJ,CAAC"}

package/dist/mcp/tools/route.d.ts

@@ -0,0 +1,7 @@
+import type { McpTool } from './_shared.js';
+/**
+ * `projscan_route` (4.x agent-ergonomics, epic 4) — map a stated goal to the
+ * right projscan tool, so an agent can find the one tool it needs without
+ * reasoning over the whole surface. Deterministic (no LLM).
+ */
+export declare const routeTool: McpTool;

package/dist/mcp/tools/route.js

@@ -0,0 +1,24 @@
+import { routeIntent } from '../../core/intentRouter.js';
+/**
+ * `projscan_route` (4.x agent-ergonomics, epic 4) — map a stated goal to the
+ * right projscan tool, so an agent can find the one tool it needs without
+ * reasoning over the whole surface. Deterministic (no LLM).
+ */
+export const routeTool = {
+    name: 'projscan_route',
+    description: "Find the right projscan tool for a goal. Given `intent` (free text — e.g. \"what breaks if I rename X\", \"coordinate parallel agents\", \"is it safe to commit\"), returns the best-matching tool(s) with the exact call and why to use each. With no `intent`, returns the full capability catalog grouped by category. A discovery entry point over projscan's surface; deterministic keyword routing, no inference.",
+    inputSchema: {
+        type: 'object',
+        properties: {
+            intent: {
+                type: 'string',
+                description: 'What you want to do, in plain words. Omit to get the full grouped tool catalog.',
+            },
+        },
+    },
+    handler: async (args) => {
+        const intent = typeof args.intent === 'string' && args.intent.length > 0 ? args.intent : undefined;
+        return routeIntent(intent);
+    },
+};
+//# sourceMappingURL=route.js.map

package/dist/mcp/tools/route.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../src/mcp/tools/route.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAGzD;;;;GAIG;AACH,MAAM,CAAC,MAAM,SAAS,GAAY;IAChC,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,yZAAyZ;IAC3Z,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iFAAiF;aAC/F;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtB,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;QACnG,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC;IAC7B,CAAC;CACF,CAAC"}

package/dist/mcp/tools.js

@@ -28,6 +28,11 @@ import { reviewTool } from './tools/review.js';
 import { fixSuggestTool } from './tools/fixSuggest.js';
 import { explainIssueTool } from './tools/explainIssue.js';
 import { impactTool } from './tools/impact.js';
+import { collisionTool } from './tools/collision.js';
+import { claimTool } from './tools/claim.js';
+import { mergeRiskTool } from './tools/mergeRisk.js';
+import { routeTool } from './tools/route.js';
+import { coordinateTool } from './tools/coordinate.js';
 import { searchTool } from './tools/search.js';
 import { sessionTool } from './tools/session.js';
 import { memoryTool } from './tools/memory.js';
@@ -91,6 +96,11 @@ const tools = [
     adoptionTool,
     startTool,
     understandTool,
+    collisionTool,
+    claimTool,
+    mergeRiskTool,
+    routeTool,
+    coordinateTool,
 ];
 export function getToolDefinitions() {
     return tools.map(({ name, description, inputSchema }) => ({ name, description, inputSchema }));

package/dist/mcp/tools.js.map

@@ -1 +1 @@
-{"version":3,"file":"tools.js","sourceRoot":"","sources":["../../src/mcp/tools.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AACnE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAMvD,MAAM,KAAK,GAAc;IACvB,WAAW;IACX,UAAU;IACV,YAAY;IACZ,WAAW;IACX,QAAQ;IACR,aAAa;IACb,gBAAgB;IAChB,YAAY;IACZ,SAAS;IACT,WAAW;IACX,YAAY;IACZ,SAAS;IACT,iBAAiB;IACjB,YAAY;IACZ,cAAc;IACd,UAAU;IACV,UAAU;IACV,cAAc;IACd,gBAAgB;IAChB,UAAU;IACV,UAAU;IACV,WAAW;IACX,UAAU;IACV,kBAAkB;IAClB,YAAY;IACZ,SAAS;IACT,YAAY;IACZ,eAAe;IACf,eAAe;IACf,UAAU;IACV,aAAa;IACb,YAAY;IACZ,gBAAgB;IAChB,WAAW;IACX,gBAAgB;IAChB,kBAAkB;IAClB,cAAc;IACd,oBAAoB;IACpB,YAAY;IACZ,SAAS;IACT,cAAc;CACf,CAAC;AAEF,MAAM,UAAU,kBAAkB;IAChC,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC;AACjG,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,IAAY;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,OAAO,CAAC;AACrD,CAAC"}
+{"version":3,"file":"tools.js","sourceRoot":"","sources":["../../src/mcp/tools.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AACnE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAMvD,MAAM,KAAK,GAAc;IACvB,WAAW;IACX,UAAU;IACV,YAAY;IACZ,WAAW;IACX,QAAQ;IACR,aAAa;IACb,gBAAgB;IAChB,YAAY;IACZ,SAAS;IACT,WAAW;IACX,YAAY;IACZ,SAAS;IACT,iBAAiB;IACjB,YAAY;IACZ,cAAc;IACd,UAAU;IACV,UAAU;IACV,cAAc;IACd,gBAAgB;IAChB,UAAU;IACV,UAAU;IACV,WAAW;IACX,UAAU;IACV,kBAAkB;IAClB,YAAY;IACZ,SAAS;IACT,YAAY;IACZ,eAAe;IACf,eAAe;IACf,UAAU;IACV,aAAa;IACb,YAAY;IACZ,gBAAgB;IAChB,WAAW;IACX,gBAAgB;IAChB,kBAAkB;IAClB,cAAc;IACd,oBAAoB;IACpB,YAAY;IACZ,SAAS;IACT,cAAc;IACd,aAAa;IACb,SAAS;IACT,aAAa;IACb,SAAS;IACT,cAAc;CACf,CAAC;AAEF,MAAM,UAAU,kBAAkB;IAChC,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC;AACjG,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,IAAY;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,OAAO,CAAC;AACrD,CAAC"}

package/dist/projscan-sbom.cdx.json

@@ -1,23 +1,23 @@
 {
   "bomFormat": "CycloneDX",
   "specVersion": "1.5",
-  "serialNumber": "urn:uuid:1a06c2ae-75e9-447d-a9d2-6ac19421312e",
+  "serialNumber": "urn:uuid:b6adeb25-e8d9-49a4-a809-6d6ad834e51e",
   "version": 1,
   "metadata": {
-    "timestamp": "2026-06-04T06:12:24.527Z",
+    "timestamp": "2026-06-05T10:34:04.779Z",
     "tools": [
       {
         "vendor": "projscan",
         "name": "projscan-sbom-generator",
-        "version": "3.4.1"
+        "version": "3.6.0"
       }
     ],
     "component": {
       "type": "application",
-      "bom-ref": "pkg:npm/projscan@3.4.1",
+      "bom-ref": "pkg:npm/projscan@3.6.0",
       "name": "projscan",
-      "version": "3.4.1",
-      "purl": "pkg:npm/projscan@3.4.1"
+      "version": "3.6.0",
+      "purl": "pkg:npm/projscan@3.6.0"
     }
   },
   "components": [

package/dist/tool-manifest.json

@@ -1,9 +1,9 @@
 {
   "name": "projscan",
-  "version": "3.4.1",
+  "version": "3.6.0",
   "mcpProtocolVersion": "2025-03-26",
-  "generatedAt": "2026-06-04T06:12:30.232Z",
-  "toolCount": 41,
+  "generatedAt": "2026-06-05T10:34:10.700Z",
+  "toolCount": 46,
   "tools": [
     {
       "name": "projscan_analyze",
@@ -778,7 +778,7 @@
     },
     {
       "name": "projscan_plugin",
-      "description": "Discover and validate stable local analyzer and reporter plugins under .projscan-plugins/. Execution is opt-in via the PROJSCAN_PLUGINS_PREVIEW=1 env flag because plugins are local code. Use action:\"list\" to see what is discoverable today, action:\"validate\" to check a manifest before committing it.",
+      "description": "Discover and validate stable local analyzer and reporter plugins under .projscan-plugins/. Execution is opt-in via the PROJSCAN_PLUGINS_PREVIEW=1 env flag AND each module must be approved with trust-on-first-use; the list reports a per-plugin `trust` status (trusted / untrusted / changed). Approving a plugin is a deliberate human action via the `projscan plugin trust <name>` CLI — it is intentionally not exposed here. Use action:\"list\" to see what is discoverable and whether it would run, action:\"validate\" to check a manifest before committing it.",
       "inputSchema": {
         "type": "object",
         "properties": {
@@ -1120,6 +1120,97 @@
           }
         }
       }
+    },
+    {
+      "name": "projscan_collision",
+      "description": "Detect change collisions across the repo's in-flight git worktrees (parallel agents). Reports same-file edits (two worktrees changed the same file) and dependency overlaps (one worktree changed a file another's change imports, via the import graph) BEFORE the branches merge. Local-first; needs at least two worktrees. Each collision has `kind` (same-file | dependency), `severity` (high | medium), the two worktree paths, and the files at risk. Use this when coordinating multiple agents/sub-agents working the same repo.",
+      "inputSchema": {
+        "type": "object",
+        "properties": {
+          "base_ref": {
+            "type": "string",
+            "description": "Base ref each worktree is diffed against to compute its changed files. Default: origin/main → main → master → HEAD~1, then the working tree."
+          }
+        }
+      }
+    },
+    {
+      "name": "projscan_claim",
+      "description": "Coordinate parallel agents with advisory claims/leases over files, directories, or symbols, shared across the repo's git worktrees. action:\"add\" records a claim (optionally a lease with `ttl_seconds`) and returns any `contention` (another agent already holding an overlapping, non-expired claim); \"list\" returns claims; \"release\" drops a claim by `id`, by `target`, or all of an `agent`'s; \"prune\" removes expired-lease claims. Local-first and advisory — claiming an already-claimed target still succeeds, but surfaces contention so the swarm can coordinate.",
+      "inputSchema": {
+        "type": "object",
+        "properties": {
+          "action": {
+            "type": "string",
+            "enum": [
+              "add",
+              "list",
+              "release",
+              "prune"
+            ],
+            "description": "Default \"list\". \"add\" records a claim; \"release\" drops one; \"prune\" removes expired leases."
+          },
+          "target": {
+            "type": "string",
+            "description": "\"add\"/\"release\" — a repo-relative file or directory path, or a symbol name."
+          },
+          "agent": {
+            "type": "string",
+            "description": "\"add\" — who holds the claim. \"release\" — scope the release to this agent."
+          },
+          "note": {
+            "type": "string",
+            "description": "\"add\" — optional human-readable note."
+          },
+          "ttl_seconds": {
+            "type": "number",
+            "description": "\"add\" — lease duration in seconds; the claim expires after it. Omit for a permanent claim."
+          },
+          "id": {
+            "type": "string",
+            "description": "\"release\" — the claim id to drop."
+          }
+        }
+      }
+    },
+    {
+      "name": "projscan_merge_risk",
+      "description": "Merge-risk preflight across the repo's in-flight git worktrees (parallel agents). Given each worktree's changes and the collisions between them, returns `integrationOrder` (merge the least-entangled branch first, each with a risk score) and `hotFiles` (files changed by two or more worktrees — where merge conflict risk concentrates). Builds on projscan_collision; local-first; needs at least two worktrees.",
+      "inputSchema": {
+        "type": "object",
+        "properties": {
+          "base_ref": {
+            "type": "string",
+            "description": "Base ref each worktree is diffed against. Default: origin/main → main → master → HEAD~1."
+          }
+        }
+      }
+    },
+    {
+      "name": "projscan_route",
+      "description": "Find the right projscan tool for a goal. Given `intent` (free text — e.g. \"what breaks if I rename X\", \"coordinate parallel agents\", \"is it safe to commit\"), returns the best-matching tool(s) with the exact call and why to use each. With no `intent`, returns the full capability catalog grouped by category. A discovery entry point over projscan's surface; deterministic keyword routing, no inference.",
+      "inputSchema": {
+        "type": "object",
+        "properties": {
+          "intent": {
+            "type": "string",
+            "description": "What you want to do, in plain words. Omit to get the full grouped tool catalog."
+          }
+        }
+      }
+    },
+    {
+      "name": "projscan_coordinate",
+      "description": "One-call coordination read across the repo's in-flight git worktrees (parallel agents). Composes collisions, claims, and merge-risk into a `readiness` verdict (clear | caution | conflicted) plus counts (collisions by severity, contended claim targets, merge hotspots) and the recommended integration order. The single entry point for swarm coordination — use it before continuing parallel work. Local-first; needs at least two worktrees.",
+      "inputSchema": {
+        "type": "object",
+        "properties": {
+          "base_ref": {
+            "type": "string",
+            "description": "Base ref each worktree is diffed against. Default: origin/main → main → master → HEAD~1."
+          }
+        }
+      }
     }
   ]
 }

package/dist/utils/formatSupport.d.ts

@@ -8,6 +8,15 @@ export declare const COMMAND_FORMAT_SUPPORT: {
     readonly badge: readonly ["console"];
     readonly 'bug-hunt': readonly ["console", "json"];
     readonly ci: readonly ["console", "json", "markdown", "sarif"];
+    readonly claim: readonly ["console", "json"];
+    readonly 'claim list': readonly ["console", "json"];
+    readonly 'claim add': readonly ["console", "json"];
+    readonly 'claim release': readonly ["console", "json"];
+    readonly 'claim prune': readonly ["console", "json"];
+    readonly collisions: readonly ["console", "json"];
+    readonly coordinate: readonly ["console", "json"];
+    readonly 'merge-risk': readonly ["console", "json"];
+    readonly route: readonly ["console", "json"];
     readonly coupling: readonly ["console", "json", "markdown", "html"];
     readonly coverage: readonly ["console", "json", "markdown", "html"];
     readonly dependencies: readonly ["console", "json", "markdown"];
@@ -48,6 +57,8 @@ export declare const COMMAND_FORMAT_SUPPORT: {
     readonly 'plugin validate': readonly ["console", "json"];
     readonly 'plugin init': readonly ["console", "json"];
     readonly 'plugin test': readonly ["console", "json"];
+    readonly 'plugin trust': readonly ["console", "json"];
+    readonly 'plugin untrust': readonly ["console", "json"];
     readonly preflight: readonly ["console", "json"];
     readonly 'privacy-check': readonly ["console", "json"];
     readonly 'pr-diff': readonly ["console", "json", "markdown", "html"];

package/dist/utils/formatSupport.js

@@ -7,6 +7,15 @@ export const COMMAND_FORMAT_SUPPORT = {
     badge: ['console'],
     'bug-hunt': ['console', 'json'],
     ci: ['console', 'json', 'markdown', 'sarif'],
+    claim: ['console', 'json'],
+    'claim list': ['console', 'json'],
+    'claim add': ['console', 'json'],
+    'claim release': ['console', 'json'],
+    'claim prune': ['console', 'json'],
+    collisions: ['console', 'json'],
+    coordinate: ['console', 'json'],
+    'merge-risk': ['console', 'json'],
+    route: ['console', 'json'],
     coupling: ['console', 'json', 'markdown', 'html'],
     coverage: ['console', 'json', 'markdown', 'html'],
     dependencies: ['console', 'json', 'markdown'],
@@ -47,6 +56,8 @@ export const COMMAND_FORMAT_SUPPORT = {
     'plugin validate': ['console', 'json'],
     'plugin init': ['console', 'json'],
     'plugin test': ['console', 'json'],
+    'plugin trust': ['console', 'json'],
+    'plugin untrust': ['console', 'json'],
     preflight: ['console', 'json'],
     'privacy-check': ['console', 'json'],
     'pr-diff': ['console', 'json', 'markdown', 'html'],

package/dist/utils/formatSupport.js.map

@@ -1 +1 @@
-{"version":3,"file":"formatSupport.js","sourceRoot":"","sources":["../../src/utils/formatSupport.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAA4C,CAAC;AAE1H,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACzD,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC/C,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,EAAE,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC5C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC7C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACxD,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAChD,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC9C,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,oBAAoB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACzC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,cAAc,EAAE,CAAC,SAAS,CAAC;IAC3B,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAClD,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAClD,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACvC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC1C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,kBAAkB,EAAE,CAAC,SAAS,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC3C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;CAC6B,CAAC;AAI7D,MAAM,UAAU,UAAU,CAAC,UAAmC,cAAc;IAC1E,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,WAAmB;IACzD,OAAQ,sBAAkE,CAAC,WAAW,CAAC,CAAC;AAC1F,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;QACzE,OAAO,EAAE,OAA4B;QACrC,OAAO;KACR,CAAC,CAAC,CAAC;AACN,CAAC"}
+{"version":3,"file":"formatSupport.js","sourceRoot":"","sources":["../../src/utils/formatSupport.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAA4C,CAAC;AAE1H,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACzD,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC/C,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,EAAE,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC5C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC7C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACxD,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAChD,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC9C,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,oBAAoB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACzC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,cAAc,EAAE,CAAC,SAAS,CAAC;IAC3B,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAClD,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAClD,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACvC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC1C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,kBAAkB,EAAE,CAAC,SAAS,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC3C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;CAC6B,CAAC;AAI7D,MAAM,UAAU,UAAU,CAAC,UAAmC,cAAc;IAC1E,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,WAAmB;IACzD,OAAQ,sBAAkE,CAAC,WAAW,CAAC,CAAC;AAC1F,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;QACzE,OAAO,EAAE,OAA4B;QACrC,OAAO;KACR,CAAC,CAAC,CAAC;AACN,CAAC"}

package/docs/PLUGIN-AUTHORING.md

@@ -1,12 +1,24 @@
 # Plugin Authoring
 
 projscan 2.0 stabilizes the local analyzer and reporter plugin contract.
-Plugin execution is opt-in via `PROJSCAN_PLUGINS_PREVIEW=1` so repositories
-must explicitly trust local plugin code before it runs.
+Plugin execution is gated by two independent controls:
 
-Plugins are local code. Enabling the opt-in flag means you trust the plugin code in
-the repository, the same way you trust project scripts in `package.json`.
-projscan does not fetch remote plugin code.
+1. **Opt-in flag** — set `PROJSCAN_PLUGINS_PREVIEW=1` to enable the plugin system at all.
+2. **Trust-on-first-use** — even with the flag on, each plugin **module** must be
+   explicitly approved with `projscan plugin trust <name>` before projscan will
+   execute it. Approval pins the module's SHA-256; if the file later changes, it
+   reverts to untrusted and must be re-approved. Untrusted plugins are discovered
+   and listed but never run.
+
+This means setting the flag globally (e.g. in your shell profile) can't silently
+execute attacker-authored code from a repository you happen to scan — you still
+have to approve each module once. The trust store lives in your user config
+directory (`$XDG_CONFIG_HOME/projscan` or `~/.config/projscan`,
+overridable with `PROJSCAN_PLUGIN_TRUST_HOME`), never inside the scanned repo.
+
+Plugins are local code. Approving one means you trust that code in the repository,
+the same way you trust project scripts in `package.json`. projscan does not fetch
+remote plugin code.
 
 ## Layout
 
@@ -208,11 +220,28 @@ projscan plugin list --format json
 ```
 
 The list command discovers manifests whether or not execution is enabled. It
-shows `enabled:false` until the opt-in flag is set.
+shows `enabled:false` until the opt-in flag is set, and a per-plugin `trust`
+status (`trusted` / `untrusted` / `changed`) so you can see what would actually run.
+
+## Trust
+
+Approve a plugin's current module bytes before it can execute:
+
+```sh
+projscan plugin trust policy        # approve one plugin by name
+projscan plugin trust --all         # approve every valid discovered plugin
+projscan plugin untrust policy      # revoke approval
+```
+
+Trust is intentionally a human CLI action — it is not exposed over the MCP server,
+so an agent can't approve a plugin on your behalf.
 
 ## Enable
 
+Enabling requires both the opt-in flag and a trusted module:
+
 ```sh
+projscan plugin trust --all
 PROJSCAN_PLUGINS_PREVIEW=1 projscan doctor
 PROJSCAN_PLUGINS_PREVIEW=1 projscan ci
 PROJSCAN_PLUGINS_PREVIEW=1 projscan analyze

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "projscan",
   "mcpName": "io.github.abhiyoheswaran1/projscan",
-  "version": "3.4.1",
+  "version": "3.6.0",
   "description": "Agent-first code intelligence. MCP server (2025-03-26) with AST parsing for JavaScript, TypeScript, Python, Go, Java, Ruby, Rust, PHP, C#, Kotlin, Swift, and C++; repo understanding maps (projscan_understand), stable v3 semantic graph (projscan_semantic_graph), dataflow risk engine with bridge-helper detection (projscan_dataflow), code graph, file + per-function AST cyclomatic complexity, per-function fan-in + fan-out, coupling + cycle detection, structural PR diff with HTML reporter, coverage report with HTML reporter, intent-grounded one-call PR review (projscan_review with optional `intent` arg, new taint flows, contract changes, and newDataflowRisks) and long-running PR-watch mode with structured per-bucket deltas (projscan_review_watch), first-60-seconds workflow orientation (projscan_start), agent workplans (projscan_workplan), bug-hunt queues (projscan_bug_hunt), product-line planning (projscan_release_train), evidence packs (projscan_evidence_pack), regression planning (projscan_regression_plan), agent briefs (projscan_agent_brief), quality scorecards (projscan_quality_scorecard), and preflight with supply-chain IOC evidence, rule-driven fix suggestions + mechanical apply layer with rollback (projscan_apply_fix, projscan_fix_suggest, projscan_explain_issue), source-to-sink taint analysis (projscan_taint) with truncation reporting, transitive blast-radius analysis with cross-repo mode (projscan_impact for files and symbols), cross-repo workspace registration + intelligence (projscan_workspace_graph), per-function semantic search chunks (sub-file embeddings), per-rule confidence + severity drift + cost-summary analytics with live streaming (projscan_cost_summary), stable local analyzer + reporter plugin API (projscan_plugin, CLI --reporter, opt-in via PROJSCAN_PLUGINS_PREVIEW=1), monorepo workspace awareness with cross-package import policy + per-package dependencies / outdated / audit, BM25 + optional semantic search, cursor pagination, progress notifications, context-budgeted output, and a stable-surface CI guard. CLI on the side.",
   "type": "module",
   "main": "./dist/index.js",