protect-mcp 0.3.0 → 0.3.2

package/dist/cli.mjs

@@ -1,10 +1,13 @@
 #!/usr/bin/env node
 import {
   ProtectGateway,
+  formatSimulation,
   initSigning,
   loadPolicy,
+  parseLogFile,
+  simulate,
   validateCredentials
-} from "./chunk-3WCA7O4D.mjs";
+} from "./chunk-GV7N53QE.mjs";
 
 // src/cli.ts
 function printHelp() {
@@ -13,9 +16,16 @@ protect-mcp \u2014 Shadow-mode security gateway for MCP servers
 
 Usage:
   protect-mcp [options] -- <command> [args...]
+  protect-mcp quickstart
   protect-mcp init [--dir <path>]
   protect-mcp demo
+  protect-mcp trace <receipt_id> [--endpoint <url>] [--depth <n>]
   protect-mcp status [--dir <path>]
+  protect-mcp digest [--today] [--dir <path>]
+  protect-mcp receipts [--last <n>] [--dir <path>]
+  protect-mcp bundle [--output <path>] [--dir <path>]
+  protect-mcp simulate --policy <path> [--log <path>] [--tier <tier>] [--json]
+  protect-mcp report [--period <days>d] [--format md|json] [--output <path>] [--dir <path>]
 
 Options:
   --policy <path>   Policy/config JSON file (default: allow-all)
@@ -25,17 +35,26 @@ Options:
   --help            Show this help
 
 Commands:
+  quickstart        Zero-config onboarding: init + demo + show receipts in one command
   init              Generate config template, Ed25519 keypair, and sample policy
   demo              Start a demo server wrapped with protect-mcp (see receipts instantly)
+  trace <id>        Visualize the receipt DAG from a given receipt_id (ASCII tree)
   status            Show tool call statistics from the local decision log
+  digest            Generate a human-readable summary of agent activity
+  receipts          Show recent persisted signed receipts
+  bundle            Export an offline-verifiable audit bundle
 
 Examples:
+  protect-mcp quickstart
   protect-mcp -- node my-server.js
   protect-mcp --policy protect-mcp.json -- node my-server.js
-  protect-mcp --policy protect-mcp.json --enforce -- node my-server.js
   protect-mcp init
   protect-mcp demo
+  protect-mcp trace sha256:abc123 --depth 5
   protect-mcp status
+  protect-mcp digest --today
+  protect-mcp receipts --last 10
+  protect-mcp bundle --output audit.json
 
 `);
 }
@@ -96,10 +115,7 @@ async function handleInit(argv) {
     process.exit(1);
   }
   let keypair;
-  try {
-    const artifacts = await import("@veritasacta/artifacts");
-    keypair = artifacts.generateKeypair();
-  } catch {
+  {
     const { randomBytes } = await import("crypto");
     const { ed25519 } = await import("./ed25519-EDO4K4EP.mjs");
     const { bytesToHex } = await import("./utils-IDWBSHJU.mjs");
@@ -196,11 +212,10 @@ Add --enforce when ready to block policy violations.
 }
 async function handleDemo() {
   const { existsSync } = await import("fs");
-  const { join, dirname } = await import("path");
-  const { fileURLToPath } = await import("url");
-  const __filename = fileURLToPath(import.meta.url);
-  const __dirname = dirname(__filename);
-  const demoServerPath = join(__dirname, "demo-server.js");
+  const { join, dirname, resolve } = await import("path");
+  const cliPath = resolve(process.argv[1] || "dist/cli.js");
+  const cliDir = dirname(cliPath);
+  const demoServerPath = join(cliDir, "demo-server.js");
   const configPath = join(process.cwd(), "protect-mcp.json");
   const hasConfig = existsSync(configPath);
   if (!hasConfig) {
@@ -385,6 +400,27 @@ ${bold("protect-mcp status")}
     } catch {
     }
   }
+  const keyPath = join(dir, "keys", "gateway.json");
+  if (existsSync(keyPath)) {
+    try {
+      const keyData = JSON.parse(readFileSync(keyPath, "utf-8"));
+      if (keyData.publicKey) {
+        const fingerprint = keyData.publicKey.slice(0, 16) + "...";
+        process.stdout.write(`
+  ${bold("\u{1F6E1}\uFE0F Passport identity:")}
+`);
+        process.stdout.write(`    Public key:  ${fingerprint}
+`);
+        if (keyData.kid) process.stdout.write(`    Key ID:      ${keyData.kid}
+`);
+        process.stdout.write(`    Issuer:      ${keyData.issuer || "protect-mcp"}
+`);
+        process.stdout.write(`    Verify:      ${dim("npx @veritasacta/verify <receipt.json>")}
+`);
+      }
+    } catch {
+    }
+  }
   process.stdout.write(`
   Log file: ${dim(logPath)}
 
@@ -405,12 +441,502 @@ function red(s) {
 function yellow(s) {
   return process.env.NO_COLOR ? s : `\x1B[33m${s}\x1B[0m`;
 }
+async function handleDigest(argv) {
+  const { readFileSync, existsSync } = await import("fs");
+  const { join } = await import("path");
+  let dir = process.cwd();
+  const dirIdx = argv.indexOf("--dir");
+  if (dirIdx !== -1 && argv[dirIdx + 1]) dir = argv[dirIdx + 1];
+  const today = argv.includes("--today");
+  const logPath = join(dir, ".protect-mcp-log.jsonl");
+  if (!existsSync(logPath)) {
+    process.stderr.write(`${bold("protect-mcp digest")}
+
+No log file found. Run protect-mcp first.
+`);
+    process.exit(0);
+  }
+  const raw = readFileSync(logPath, "utf-8");
+  const lines = raw.trim().split("\n").filter(Boolean);
+  let entries = [];
+  for (const line of lines) {
+    try {
+      entries.push(JSON.parse(line));
+    } catch {
+    }
+  }
+  if (today) {
+    const todayStart = /* @__PURE__ */ new Date();
+    todayStart.setHours(0, 0, 0, 0);
+    entries = entries.filter((e) => e.timestamp >= todayStart.getTime());
+  }
+  if (entries.length === 0) {
+    process.stdout.write(`
+${bold("\u{1F6E1}\uFE0F Agent Digest")}
+
+  No activity${today ? " today" : ""}.
+
+`);
+    process.exit(0);
+  }
+  const allowed = entries.filter((e) => e.decision === "allow").length;
+  const denied = entries.filter((e) => e.decision === "deny").length;
+  const approvalRequired = entries.filter((e) => e.decision === "require_approval").length;
+  const toolUsage = /* @__PURE__ */ new Map();
+  for (const e of entries) {
+    toolUsage.set(e.tool, (toolUsage.get(e.tool) || 0) + 1);
+  }
+  const sortedTools = [...toolUsage.entries()].sort((a, b) => b[1] - a[1]);
+  const currentTier = entries[entries.length - 1]?.tier || "unknown";
+  const firstTime = new Date(Math.min(...entries.map((e) => e.timestamp)));
+  const lastTime = new Date(Math.max(...entries.map((e) => e.timestamp)));
+  const durationMs = lastTime.getTime() - firstTime.getTime();
+  const durationStr = durationMs < 6e4 ? `${Math.round(durationMs / 1e3)}s` : durationMs < 36e5 ? `${Math.round(durationMs / 6e4)}m` : `${(durationMs / 36e5).toFixed(1)}h`;
+  process.stdout.write(`
+${bold("\u{1F6E1}\uFE0F Agent Daily Digest")}
+
+`);
+  process.stdout.write(`  \u{1F4CA} ${bold(String(entries.length))} actions | `);
+  process.stdout.write(`${green("\u2713 " + allowed)} allowed | `);
+  process.stdout.write(`${red("\u2717 " + denied)} blocked`);
+  if (approvalRequired > 0) process.stdout.write(` | ${yellow("\u23F3 " + approvalRequired)} awaiting approval`);
+  process.stdout.write(`
+`);
+  process.stdout.write(`  \u{1F3C5} Trust tier: ${bold(currentTier)} | \u23F1 Active: ${durationStr}
+
+`);
+  process.stdout.write(`  ${bold("Tools used:")}
+`);
+  for (const [tool, count] of sortedTools.slice(0, 8)) {
+    process.stdout.write(`    ${tool.padEnd(22)} ${count}x
+`);
+  }
+  if (denied > 0) {
+    const deniedTools = entries.filter((e) => e.decision === "deny");
+    const deniedToolNames = [...new Set(deniedTools.map((e) => e.tool))];
+    process.stdout.write(`
+  ${bold(red("Blocked tools:"))}
+`);
+    for (const tool of deniedToolNames) {
+      const reason = deniedTools.find((e) => e.tool === tool)?.reason_code || "policy";
+      process.stdout.write(`    ${red("\u2717")} ${tool} (${reason})
+`);
+    }
+  }
+  process.stdout.write(`
+  ${dim("Latest receipt: curl -s http://127.0.0.1:9876/receipts/latest | jq -r .receipt > receipt.json")}
+`);
+  process.stdout.write(`  ${dim("Verify: npx @veritasacta/verify receipt.json --key <public-key-hex>")}
+`);
+  process.stdout.write(`  ${dim("Export: npx protect-mcp bundle --output audit.json")}
+
+`);
+}
+async function handleReceipts(argv) {
+  const { readFileSync, existsSync } = await import("fs");
+  const { join } = await import("path");
+  let dir = process.cwd();
+  const dirIdx = argv.indexOf("--dir");
+  if (dirIdx !== -1 && argv[dirIdx + 1]) dir = argv[dirIdx + 1];
+  const lastIdx = argv.indexOf("--last");
+  const count = lastIdx !== -1 && argv[lastIdx + 1] ? parseInt(argv[lastIdx + 1], 10) : 20;
+  const receiptsPath = join(dir, ".protect-mcp-receipts.jsonl");
+  if (!existsSync(receiptsPath)) {
+    process.stderr.write(`${bold("protect-mcp receipts")}
+
+No signed receipt file found. Run protect-mcp with signing enabled first.
+`);
+    process.exit(0);
+  }
+  const raw = readFileSync(receiptsPath, "utf-8");
+  const lines = raw.trim().split("\n").filter(Boolean);
+  const recent = lines.slice(-count);
+  process.stdout.write(`
+${bold("\u{1F6E1}\uFE0F Recent Receipts")} (last ${recent.length})
+
+`);
+  for (const line of recent) {
+    try {
+      const entry = JSON.parse(line);
+      const payload = entry.payload || {};
+      const time = typeof entry.issued_at === "string" ? new Date(entry.issued_at).toLocaleTimeString() : "unknown";
+      const decision = payload.decision || "unknown";
+      const icon = decision === "allow" ? green("\u2713") : decision === "require_approval" ? yellow("\u23F3") : red("\u2717");
+      process.stdout.write(`  ${dim(time)} ${icon} ${String(payload.tool || "unknown").padEnd(22)} ${String(entry.type || "receipt").padEnd(18)} ${dim(String(payload.reason_code || "signed"))}
+`);
+    } catch {
+    }
+  }
+  process.stdout.write(`
+`);
+}
+async function handleBundle(argv) {
+  const { readFileSync, writeFileSync, existsSync } = await import("fs");
+  const { join } = await import("path");
+  const { createAuditBundle } = await import("./bundle-TXOTFJIJ.mjs");
+  let dir = process.cwd();
+  const dirIdx = argv.indexOf("--dir");
+  if (dirIdx !== -1 && argv[dirIdx + 1]) dir = argv[dirIdx + 1];
+  const outputIdx = argv.indexOf("--output");
+  const outputPath = outputIdx !== -1 && argv[outputIdx + 1] ? argv[outputIdx + 1] : join(dir, "audit-bundle.json");
+  const receiptsPath = join(dir, ".protect-mcp-receipts.jsonl");
+  const keyPath = join(dir, "keys", "gateway.json");
+  if (!existsSync(receiptsPath)) {
+    process.stderr.write(`${bold("protect-mcp bundle")}
+
+No signed receipt file found. Run protect-mcp with signing enabled first.
+`);
+    process.exit(0);
+  }
+  if (!existsSync(keyPath)) {
+    process.stderr.write(`${bold("protect-mcp bundle")}
+
+No key file found at ${keyPath}
+`);
+    process.exit(1);
+  }
+  const receipts = readFileSync(receiptsPath, "utf-8").trim().split("\n").filter(Boolean).map((line) => JSON.parse(line));
+  const keyData = JSON.parse(readFileSync(keyPath, "utf-8"));
+  const bundle = createAuditBundle({
+    tenant: keyData.issuer || "protect-mcp",
+    receipts,
+    signingKeys: [{
+      kty: "OKP",
+      crv: "Ed25519",
+      kid: keyData.kid || "unknown",
+      x: Buffer.from(keyData.publicKey, "hex").toString("base64url"),
+      use: "sig"
+    }]
+  });
+  writeFileSync(outputPath, JSON.stringify(bundle, null, 2) + "\n");
+  process.stdout.write(`
+${bold("protect-mcp bundle")}
+
+`);
+  process.stdout.write(`  Receipts: ${receipts.length}
+`);
+  process.stdout.write(`  Output:   ${outputPath}
+`);
+  process.stdout.write(`  Verify:   npx @veritasacta/verify ${outputPath} --bundle
+
+`);
+}
+async function handleQuickstart() {
+  const { mkdtempSync, writeFileSync, existsSync, mkdirSync, readFileSync } = await import("fs");
+  const { join } = await import("path");
+  const { tmpdir } = await import("os");
+  const dir = mkdtempSync(join(tmpdir(), "protect-mcp-quickstart-"));
+  process.stdout.write(`
+${bold("protect-mcp quickstart")}
+`);
+  process.stdout.write(`${"\u2500".repeat(50)}
+
+`);
+  process.stdout.write(`  This will:
+`);
+  process.stdout.write(`  1. Generate an Ed25519 signing keypair
+`);
+  process.stdout.write(`  2. Create a shadow-mode policy
+`);
+  process.stdout.write(`  3. Start a demo MCP server with protect-mcp wrapping it
+`);
+  process.stdout.write(`  4. Log signed receipts for every tool call
+
+`);
+  process.stdout.write(`  Working dir: ${dir}
+
+`);
+  const keysDir = join(dir, "keys");
+  mkdirSync(keysDir, { recursive: true });
+  const { randomBytes } = await import("crypto");
+  let keypair;
+  try {
+    const { ed25519 } = await import("./ed25519-EDO4K4EP.mjs");
+    const { bytesToHex } = await import("./utils-IDWBSHJU.mjs");
+    const privateKey = randomBytes(32);
+    const publicKey = ed25519.getPublicKey(privateKey);
+    keypair = {
+      privateKey: bytesToHex(privateKey),
+      publicKey: bytesToHex(publicKey),
+      kid: `quickstart-${Date.now()}`
+    };
+  } catch {
+    keypair = {
+      privateKey: randomBytes(32).toString("hex"),
+      publicKey: randomBytes(32).toString("hex"),
+      kid: `quickstart-${Date.now()}`
+    };
+  }
+  writeFileSync(join(keysDir, "gateway.json"), JSON.stringify({
+    privateKey: keypair.privateKey,
+    publicKey: keypair.publicKey,
+    kid: keypair.kid,
+    generated_at: (/* @__PURE__ */ new Date()).toISOString()
+  }, null, 2) + "\n");
+  const configPath = join(dir, "protect-mcp.json");
+  const config = {
+    tools: {
+      "*": { rate_limit: "100/hour" },
+      "delete_file": { block: true }
+    },
+    default_tier: "unknown",
+    signing: {
+      key_path: join(keysDir, "gateway.json"),
+      issuer: "protect-mcp-quickstart",
+      enabled: true
+    }
+  };
+  writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
+  process.stdout.write(`  \u2713 Keypair generated (kid: ${keypair.kid})
+`);
+  process.stdout.write(`  \u2713 Policy created (shadow mode, all tools logged)
+`);
+  process.stdout.write(`  \u2713 Signing enabled (Ed25519)
+
+`);
+  process.stdout.write(`${bold("Starting demo server...")}
+
+`);
+  process.stdout.write(`  Every tool call will produce a signed receipt.
+`);
+  process.stdout.write(`  Try it with Claude Desktop or any MCP client.
+
+`);
+  process.stdout.write(`  ${bold("To use in production:")}
+`);
+  process.stdout.write(`    1. Copy ${configPath} to your project
+`);
+  process.stdout.write(`    2. Edit tool policies to match your server
+`);
+  process.stdout.write(`    3. Run: protect-mcp --policy protect-mcp.json -- node your-server.js
+
+`);
+  process.stdout.write(`${"\u2500".repeat(50)}
+
+`);
+  process.env.PROTECT_MCP_CONFIG = configPath;
+  await handleDemo();
+}
+async function handleTrace(argv) {
+  const receiptId = argv[0];
+  if (!receiptId) {
+    process.stderr.write("[PROTECT_MCP] Usage: protect-mcp trace <receipt_id> [--endpoint <url>] [--depth <n>]\n");
+    process.exit(1);
+  }
+  let endpoint = "https://evidence-indexer.tomjwxf.workers.dev";
+  let depth = 3;
+  for (let i = 1; i < argv.length; i++) {
+    if (argv[i] === "--endpoint" && argv[i + 1]) {
+      endpoint = argv[++i];
+    } else if (argv[i] === "--depth" && argv[i + 1]) {
+      depth = Math.min(10, Math.max(1, parseInt(argv[++i], 10) || 3));
+    }
+  }
+  process.stdout.write(`
+${bold("protect-mcp trace")}
+`);
+  process.stdout.write(`${"\u2500".repeat(60)}
+
+`);
+  process.stdout.write(`  Root:     ${receiptId}
+`);
+  process.stdout.write(`  Endpoint: ${endpoint}
+`);
+  process.stdout.write(`  Depth:    ${depth}
+
+`);
+  const url = `${endpoint}/evidence/graph/${encodeURIComponent(receiptId)}?depth=${depth}&direction=both&max=50`;
+  let graphData;
+  try {
+    const resp = await fetch(url);
+    if (!resp.ok) {
+      const body = await resp.text();
+      process.stderr.write(`[PROTECT_MCP] Error fetching graph: ${resp.status} ${body}
+`);
+      process.exit(1);
+    }
+    graphData = await resp.json();
+  } catch (err) {
+    process.stderr.write(`[PROTECT_MCP] Could not reach evidence indexer at ${endpoint}
+`);
+    process.stderr.write(`[PROTECT_MCP] Trying local receipts...
+
+`);
+    await traceLocal(receiptId);
+    return;
+  }
+  if (!graphData.nodes || graphData.nodes.length === 0) {
+    process.stdout.write(`  No receipts found for ${receiptId}
+
+`);
+    return;
+  }
+  process.stdout.write(`  ${bold("Evidence DAG")} (${graphData.node_count} nodes, ${graphData.edge_count} edges)
+
+`);
+  const nodeMap = /* @__PURE__ */ new Map();
+  for (const node of graphData.nodes) {
+    nodeMap.set(node.receipt_id, node);
+  }
+  const childMap = /* @__PURE__ */ new Map();
+  for (const edge of graphData.edges) {
+    if (!childMap.has(edge.from)) childMap.set(edge.from, []);
+    childMap.get(edge.from).push({ to: edge.to, relation: edge.relation });
+  }
+  const rendered = /* @__PURE__ */ new Set();
+  function renderNode(id, prefix, isLast) {
+    const node = nodeMap.get(id);
+    const connector = isLast ? "\u2514\u2500\u2500 " : "\u251C\u2500\u2500 ";
+    const childPrefix = isLast ? "    " : "\u2502   ";
+    const typeEmoji = getTypeEmoji(node?.receipt_type || "unknown");
+    const shortId = id.length > 16 ? id.slice(0, 12) + "\u2026" : id;
+    const time = node?.event_time ? new Date(node.event_time).toLocaleTimeString() : "?";
+    const type = node?.receipt_type?.replace("acta:", "") || "unknown";
+    process.stdout.write(`${prefix}${connector}${typeEmoji} ${bold(type)} ${dim(shortId)} ${dim(time)}
+`);
+    if (rendered.has(id)) {
+      process.stdout.write(`${prefix}${childPrefix}${dim("(cycle \u2014 already rendered)")}
+`);
+      return;
+    }
+    rendered.add(id);
+    const children = childMap.get(id) || [];
+    for (let i = 0; i < children.length; i++) {
+      const child = children[i];
+      const edgeLabel = dim(`\u2500\u2500[${child.relation}]\u2500\u2500\u25B6`);
+      process.stdout.write(`${prefix}${childPrefix}${edgeLabel}
+`);
+      renderNode(child.to, prefix + childPrefix, i === children.length - 1);
+    }
+  }
+  const rootNode = nodeMap.get(receiptId);
+  if (rootNode) {
+    const typeEmoji = getTypeEmoji(rootNode.receipt_type);
+    const type = rootNode.receipt_type?.replace("acta:", "") || "unknown";
+    const time = rootNode.event_time ? new Date(rootNode.event_time).toLocaleTimeString() : "?";
+    process.stdout.write(`  ${typeEmoji} ${bold(type)} ${dim(receiptId.slice(0, 16) + "\u2026")} ${dim(time)} ${bold("(root)")}
+`);
+    rendered.add(receiptId);
+    const children = childMap.get(receiptId) || [];
+    for (let i = 0; i < children.length; i++) {
+      const child = children[i];
+      const edgeLabel = dim(`\u2500\u2500[${child.relation}]\u2500\u2500\u25B6`);
+      process.stdout.write(`  ${edgeLabel}
+`);
+      renderNode(child.to, "  ", i === children.length - 1);
+    }
+    const incomingEdges = (graphData.edges || []).filter((e) => e.to === receiptId);
+    if (incomingEdges.length > 0) {
+      process.stdout.write(`
+  ${bold("Incoming edges:")}
+`);
+      for (const edge of incomingEdges) {
+        const fromNode = nodeMap.get(edge.from);
+        const fromType = fromNode?.receipt_type?.replace("acta:", "") || "unknown";
+        process.stdout.write(`  \u25C0\u2500\u2500[${edge.relation}]\u2500\u2500 ${getTypeEmoji(fromNode?.receipt_type)} ${fromType} ${dim(edge.from.slice(0, 16) + "\u2026")}
+`);
+      }
+    }
+  } else {
+    for (const node of graphData.nodes) {
+      const typeEmoji = getTypeEmoji(node.receipt_type);
+      const type = node.receipt_type?.replace("acta:", "") || "unknown";
+      process.stdout.write(`  ${typeEmoji} ${bold(type)} ${dim(node.receipt_id.slice(0, 16) + "\u2026")}
+`);
+    }
+  }
+  process.stdout.write(`
+${"\u2500".repeat(60)}
+`);
+  process.stdout.write(`  ${dim(`Fetched from ${endpoint}`)}
+
+`);
+}
+async function traceLocal(receiptId) {
+  const { readFileSync, existsSync } = await import("fs");
+  const { join } = await import("path");
+  const dir = process.cwd();
+  const receiptsDir = join(dir, ".protect-mcp", "receipts");
+  if (!existsSync(receiptsDir)) {
+    process.stdout.write(`  No local receipts found in ${receiptsDir}
+
+`);
+    return;
+  }
+  const { readdirSync } = await import("fs");
+  const files = readdirSync(receiptsDir).filter((f) => f.endsWith(".json"));
+  process.stdout.write(`  Scanning ${files.length} local receipts...
+
+`);
+  const receipts = [];
+  for (const file of files) {
+    try {
+      const content = readFileSync(join(receiptsDir, file), "utf-8");
+      const receipt = JSON.parse(content);
+      receipts.push(receipt);
+    } catch {
+    }
+  }
+  const match = receipts.find(
+    (r) => r.signed_claims?.claims?.receipt_id === receiptId || r.receipt_id === receiptId
+  );
+  if (match) {
+    const claims = match.signed_claims?.claims || match;
+    process.stdout.write(`  Found: ${getTypeEmoji(claims.receipt_type)} ${bold(claims.receipt_type?.replace("acta:", "") || "unknown")}
+`);
+    process.stdout.write(`  Event:  ${claims.event_id || "?"}
+`);
+    process.stdout.write(`  Issuer: ${claims.issuer_id || "?"}
+`);
+    process.stdout.write(`  Time:   ${claims.event_time || "?"}
+`);
+    if (claims.edges && claims.edges.length > 0) {
+      process.stdout.write(`
+  ${bold("Edges:")}
+`);
+      for (const edge of claims.edges) {
+        process.stdout.write(`    \u2500\u2500[${edge.relation}]\u2500\u2500\u25B6 ${dim(edge.receipt_id?.slice(0, 16) + "\u2026")}
+`);
+      }
+    }
+  } else {
+    process.stdout.write(`  Receipt ${receiptId} not found locally.
+`);
+  }
+  process.stdout.write("\n");
+}
+function getTypeEmoji(type) {
+  switch (type) {
+    case "acta:observation":
+      return "\u{1F441} ";
+    case "acta:policy-load":
+      return "\u{1F4CB}";
+    case "acta:approval":
+      return "\u2705";
+    case "acta:decision":
+      return "\u2696\uFE0F ";
+    case "acta:execution":
+      return "\u26A1";
+    case "acta:outcome":
+      return "\u{1F4E6}";
+    case "acta:delegation":
+      return "\u{1F91D}";
+    case "acta:capability-attestation":
+      return "\u{1F3C5}";
+    default:
+      return "\u{1F4C4}";
+  }
+}
 async function main() {
   const args = process.argv.slice(2);
   if (args.length === 0 || args.includes("--help") || args.includes("-h")) {
     printHelp();
     process.exit(0);
   }
+  if (args[0] === "quickstart") {
+    await handleQuickstart();
+    return;
+  }
   if (args[0] === "init") {
     await handleInit(args.slice(1));
     process.exit(0);
@@ -423,6 +949,30 @@ async function main() {
     await handleStatus(args.slice(1));
     process.exit(0);
   }
+  if (args[0] === "digest") {
+    await handleDigest(args.slice(1));
+    process.exit(0);
+  }
+  if (args[0] === "receipts") {
+    await handleReceipts(args.slice(1));
+    process.exit(0);
+  }
+  if (args[0] === "bundle") {
+    await handleBundle(args.slice(1));
+    process.exit(0);
+  }
+  if (args[0] === "trace") {
+    await handleTrace(args.slice(1));
+    process.exit(0);
+  }
+  if (args[0] === "simulate") {
+    await handleSimulate(args.slice(1));
+    process.exit(0);
+  }
+  if (args[0] === "report") {
+    await handleReport(args.slice(1));
+    process.exit(0);
+  }
   const { policyPath, slug, enforce, verbose, childCommand } = parseArgs(args);
   let policy = null;
   let policyDigest = "none";
@@ -473,6 +1023,85 @@ async function main() {
   const gateway = new ProtectGateway(config);
   await gateway.start();
 }
+async function handleSimulate(args) {
+  let policyPath = "";
+  let logPath = ".protect-mcp-log.jsonl";
+  let tier = "unknown";
+  let jsonOutput = false;
+  for (let i = 0; i < args.length; i++) {
+    if (args[i] === "--policy" && args[i + 1]) {
+      policyPath = args[++i];
+    } else if (args[i] === "--log" && args[i + 1]) {
+      logPath = args[++i];
+    } else if (args[i] === "--tier" && args[i + 1]) {
+      tier = args[++i];
+    } else if (args[i] === "--json") {
+      jsonOutput = true;
+    }
+  }
+  if (!policyPath) {
+    process.stderr.write("Usage: protect-mcp simulate --policy <path> [--log <path>] [--tier <tier>] [--json]\n");
+    process.exit(1);
+  }
+  const { existsSync } = await import("fs");
+  if (!existsSync(logPath)) {
+    process.stderr.write(`Log file not found: ${logPath}
+`);
+    process.stderr.write("Run protect-mcp in shadow mode first to generate a log file.\n");
+    process.exit(1);
+  }
+  const { policy } = loadPolicy(policyPath);
+  const entries = parseLogFile(logPath);
+  if (entries.length === 0) {
+    process.stderr.write("No tool call entries found in log file.\n");
+    process.exit(1);
+  }
+  const summary = simulate(entries, policy, tier);
+  summary.policy_file = policyPath;
+  summary.log_file = logPath;
+  if (jsonOutput) {
+    process.stdout.write(JSON.stringify(summary, null, 2) + "\n");
+  } else {
+    process.stdout.write(formatSimulation(summary) + "\n");
+  }
+}
+async function handleReport(args) {
+  let period = 30;
+  let format = "json";
+  let outputPath = "";
+  let dir = process.cwd();
+  for (let i = 0; i < args.length; i++) {
+    if (args[i] === "--period" && args[i + 1]) {
+      const match = args[++i].match(/^(\d+)d$/);
+      if (match) period = parseInt(match[1], 10);
+    } else if (args[i] === "--format" && args[i + 1]) {
+      format = args[++i];
+    } else if (args[i] === "--output" && args[i + 1]) {
+      outputPath = args[++i];
+    } else if (args[i] === "--dir" && args[i + 1]) {
+      dir = args[++i];
+    }
+  }
+  const { generateReport, formatReportMarkdown } = await import("./report-ENQ3KUI2.mjs");
+  const { join } = await import("path");
+  const logPath = join(dir, ".protect-mcp-log.jsonl");
+  const receiptPath = join(dir, ".protect-mcp-receipts.jsonl");
+  const report = generateReport(logPath, receiptPath, period);
+  let output;
+  if (format === "md") {
+    output = formatReportMarkdown(report);
+  } else {
+    output = JSON.stringify(report, null, 2);
+  }
+  if (outputPath) {
+    const { writeFileSync } = await import("fs");
+    writeFileSync(outputPath, output, "utf-8");
+    process.stderr.write(`Report written to ${outputPath}
+`);
+  } else {
+    process.stdout.write(output + "\n");
+  }
+}
 main().catch((err) => {
   process.stderr.write(`[PROTECT_MCP] Fatal error: ${err instanceof Error ? err.message : err}
 `);