sdd-mcp-server 1.3.11 → 1.4.1

package/dist/utils/specGenerator.js

@@ -0,0 +1,259 @@
+import { analyzeProject } from './documentGenerator.js';
+export async function generateRequirementsDocument(projectPath, featureName) {
+    const analysis = await analyzeProject(projectPath);
+    const desc = analysis.description || 'Feature requirements specification';
+    const obj = generateCoreObjective(analysis);
+    const acceptance = generateAcceptanceCriteria(analysis)
+        .map((c, i) => `${i + 1}. ${c}`)
+        .join('\n');
+    return `# Requirements Document
+
+## Introduction
+${featureName} - Requirements derived from codebase analysis.
+
+**Project**: ${analysis.name}  
+**Description**: ${desc}
+
+Generated on: ${new Date().toISOString()}
+
+## Functional Requirements
+
+### FR-1: Core Functionality
+**Objective:** ${obj}
+
+#### Acceptance Criteria
+${acceptance}
+
+### FR-2: Technology Integration
+**Objective:** Integrate with the detected technology stack
+
+#### Acceptance Criteria
+${generateTechRequirements(analysis).map((r, i) => `${i + 1}. ${r}`).join('\n')}
+
+### FR-3: Quality Standards
+**Objective:** Meet quality, testing, and review standards
+
+#### Acceptance Criteria
+${generateQualityRequirements(analysis).map((r, i) => `${i + 1}. ${r}`).join('\n')}
+
+## Non-Functional Requirements
+
+### NFR-1: Performance
+- System SHALL respond within acceptable time limits
+- Memory usage SHALL remain within reasonable bounds
+
+### NFR-2: Reliability
+- System SHALL handle errors gracefully
+- System SHALL maintain data integrity
+
+### NFR-3: Maintainability
+- Code SHALL follow established conventions
+- System SHALL be well-documented
+`;
+}
+export async function generateDesignDocument(projectPath, featureName) {
+    const analysis = await analyzeProject(projectPath);
+    const arch = describeArchitecture(analysis);
+    const components = generateComponentList(analysis).map(c => `- **${c.name}**: ${c.description}`).join('\n');
+    const dataModels = generateDataModels(analysis).map(m => `- **${m}**: Data structure definition`).join('\n');
+    const techStack = generateDetailedTechStack(analysis);
+    return `# Technical Design Document
+
+## Project: ${featureName}
+
+**Project Name:** ${analysis.name}
+**Architecture:** ${analysis.architecture}
+**Language:** ${analysis.language}
+
+Generated on: ${new Date().toISOString()}
+
+## Architecture Overview
+
+### System Architecture
+${arch}
+
+### Key Components
+${components}
+
+### Data Models
+${dataModels}
+
+## Implementation Details
+
+### Technology Stack
+${techStack}
+
+### Dependencies
+${generateDependencySummary(analysis)}
+
+## Interface Specifications
+
+### Module Interfaces
+${generateModuleInterfaces(analysis)}
+
+## Configuration
+
+### Environment Variables
+${generateEnvVars(analysis)}
+
+### Build Configuration
+${generateBuildConfig(analysis)}
+`;
+}
+export async function generateTasksDocument(projectPath, featureName) {
+    const analysis = await analyzeProject(projectPath);
+    const tasks = generateImplementationTasks(analysis);
+    const section = (title, list) => list.map((task, idx) => `- [ ] ${idx + 1}. ${task.title}
+  ${task.subtasks.map(s => `  - ${s}`).join('\n')}
+  - _Requirements: ${task.requirements}_`).join('\n\n');
+    return `# Implementation Plan
+
+## Project: ${featureName}
+
+**Project Name:** ${analysis.name}
+**Detected Stack:** ${[analysis.language, analysis.framework || '', analysis.buildTool || ''].filter(Boolean).join(' / ')}
+
+Generated on: ${new Date().toISOString()}
+
+## Development Phase Tasks
+
+${section('Development', tasks.development)}
+
+## Integration Phase Tasks
+
+${section('Integration', tasks.integration)}
+
+## Quality & Testing Tasks
+
+${section('Quality', tasks.quality)}
+`;
+}
+// Helpers derived from TemplateService, reduced and dependency-free
+function generateCoreObjective(analysis) {
+    if (analysis.dependencies?.includes('@modelcontextprotocol/sdk'))
+        return 'Provide MCP tools for spec-driven development workflows';
+    if (analysis.framework === 'Express.js')
+        return 'Expose REST endpoints and middleware for business logic';
+    if (analysis.framework === 'React')
+        return 'Render interactive UI components with state management';
+    return 'Deliver feature-aligned functionality integrated with existing architecture';
+}
+function generateAcceptanceCriteria(analysis) {
+    const criteria = [
+        'WHEN invoked THEN it SHALL execute without runtime errors',
+        'IF input is invalid THEN it SHALL return meaningful errors',
+        'WHILE under typical load IT SHALL meet performance targets'
+    ];
+    if (analysis.testFramework)
+        criteria.push('WHERE tests exist THEY SHALL pass with adequate coverage');
+    if (analysis.language === 'typescript')
+        criteria.push('WHEN type-checking THEN no TypeScript errors SHALL occur');
+    return criteria;
+}
+function generateTechRequirements(analysis) {
+    const out = ['Integrate with existing build and run scripts'];
+    if (analysis.dependencies?.includes('@modelcontextprotocol/sdk'))
+        out.push('Expose MCP-compliant tools over stdio');
+    if (analysis.buildTool)
+        out.push(`Provide build artifacts using ${analysis.buildTool}`);
+    return out;
+}
+function generateQualityRequirements(analysis) {
+    const out = ['Follow project coding conventions', 'Apply error handling and logging'];
+    if (analysis.testFramework)
+        out.push(`Include ${analysis.testFramework} tests for new code`);
+    return out;
+}
+function describeArchitecture(analysis) {
+    if (analysis.architecture === 'Domain-Driven Design (DDD)')
+        return 'Layered DDD: Domain, Application, Infrastructure, Presentation';
+    if (analysis.architecture.includes('API'))
+        return 'REST API with routing, middleware, services, and data access layers';
+    if (analysis.framework === 'MCP SDK')
+        return 'MCP server exposing development tools via stdio protocol';
+    return analysis.architecture || 'Modular architecture with clear separation of concerns';
+}
+function generateComponentList(analysis) {
+    const comps = [];
+    if (analysis.framework === 'MCP SDK') {
+        comps.push({ name: 'MCPServer', description: 'Handles stdio transport and tool registry' });
+        comps.push({ name: 'ToolHandlers', description: 'Implement SDD tools (init, requirements, design, tasks, etc.)' });
+    }
+    if (analysis.architecture.includes('API')) {
+        comps.push({ name: 'Controllers', description: 'HTTP route handlers' });
+        comps.push({ name: 'Services', description: 'Business logic orchestration' });
+    }
+    if (comps.length === 0)
+        comps.push({ name: 'CoreModule', description: 'Primary feature implementation module' });
+    return comps;
+}
+function generateDataModels(analysis) {
+    if (analysis.framework === 'MCP SDK')
+        return ['Tool', 'Request', 'Response'];
+    if (analysis.architecture.includes('API'))
+        return ['RequestDTO', 'ResponseDTO'];
+    return ['Entity', 'ValueObject'];
+}
+function generateDetailedTechStack(analysis) {
+    const parts = [];
+    parts.push(`- Runtime: ${analysis.language === 'typescript' ? 'Node.js (TypeScript)' : 'Node.js (JavaScript)'}`);
+    if (analysis.framework)
+        parts.push(`- Framework: ${analysis.framework}`);
+    if (analysis.buildTool)
+        parts.push(`- Build: ${analysis.buildTool}`);
+    if (analysis.testFramework)
+        parts.push(`- Testing: ${analysis.testFramework}`);
+    return parts.join('\n');
+}
+function generateDependencySummary(analysis) {
+    const deps = (analysis.dependencies || []).slice(0, 10).map((d) => `- ${d}`).join('\n');
+    const dev = (analysis.devDependencies || []).slice(0, 10).map((d) => `- ${d}`).join('\n');
+    return `#### Production\n${deps || '- (none)'}\n\n#### Development\n${dev || '- (none)'}`;
+}
+function generateModuleInterfaces(analysis) {
+    if (analysis.framework === 'MCP SDK') {
+        return `- registerTool(name: string, handler: (args) => Promise<unknown>)\n- connect(transport): Promise<void>`;
+    }
+    if (analysis.architecture.includes('API')) {
+        return `- handle(request): Response\n- service.process(input): Result`;
+    }
+    return `- execute(input): Output`;
+}
+function generateEnvVars(analysis) {
+    const envs = ['NODE_ENV', 'LOG_LEVEL'];
+    if (analysis.framework === 'MCP SDK')
+        envs.push('MCP_MODE');
+    return envs.map(e => `- ${e}`).join('\n');
+}
+function generateBuildConfig(analysis) {
+    if (analysis.buildTool)
+        return `Use ${analysis.buildTool} to emit production artifacts`;
+    return 'Use npm scripts (build/test/lint) defined in package.json';
+}
+function generateImplementationTasks(analysis) {
+    const dev = [
+        { title: 'Set up project scaffolding', subtasks: ['Initialize directories', 'Configure scripts'], requirements: 'FR-1' },
+        { title: 'Implement core feature logic', subtasks: ['Add modules', 'Wire integrations'], requirements: 'FR-1' }
+    ];
+    const integ = [
+        { title: 'Integrate with stack', subtasks: ['Validate build', 'Run dev server'], requirements: 'FR-2' }
+    ];
+    const quality = [
+        { title: 'Add tests and quality checks', subtasks: ['Unit tests', 'Lint/typecheck', 'Quality review'], requirements: 'FR-3' }
+    ];
+    // Tailor tasks if MCP or API
+    if (analysis.framework === 'MCP SDK') {
+        dev.unshift({ title: 'Expose MCP tools', subtasks: ['Register tools', 'Handle stdio transport'], requirements: 'FR-2' });
+    }
+    if (analysis.architecture.includes('API')) {
+        dev.unshift({ title: 'Add HTTP endpoints', subtasks: ['Define routes', 'Implement handlers'], requirements: 'FR-1' });
+    }
+    if (analysis.testFramework) {
+        quality[0].subtasks.unshift(`Set up ${analysis.testFramework}`);
+    }
+    if (analysis.language === 'typescript') {
+        quality[0].subtasks.push('Ensure type safety (tsc)');
+    }
+    return { development: dev, integration: integ, quality };
+}
+//# sourceMappingURL=specGenerator.js.map

package/dist/utils/specGenerator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"specGenerator.js","sourceRoot":"","sources":["../../src/utils/specGenerator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAExD,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAAC,WAAmB,EAAE,WAAmB;IACzF,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,CAAC;IACnD,MAAM,IAAI,GAAG,QAAQ,CAAC,WAAW,IAAI,oCAAoC,CAAC;IAC1E,MAAM,GAAG,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;IAC5C,MAAM,UAAU,GAAG,0BAA0B,CAAC,QAAQ,CAAC;SACpD,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;SAC/B,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,OAAO;;;EAGP,WAAW;;eAEE,QAAQ,CAAC,IAAI;mBACT,IAAI;;gBAEP,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;;;;;iBAKvB,GAAG;;;EAGlB,UAAU;;;;;;EAMV,wBAAwB,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;;EAM7E,2BAA2B,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;CAejF,CAAC;AACF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,WAAmB,EAAE,WAAmB;IACnF,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,CAAC;IACnD,MAAM,IAAI,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAC5C,MAAM,UAAU,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5G,MAAM,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,+BAA+B,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7G,MAAM,SAAS,GAAG,yBAAyB,CAAC,QAAQ,CAAC,CAAC;IAEtD,OAAO;;cAEK,WAAW;;oBAEL,QAAQ,CAAC,IAAI;oBACb,QAAQ,CAAC,YAAY;gBACzB,QAAQ,CAAC,QAAQ;;gBAEjB,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;;;;;EAKtC,IAAI;;;EAGJ,UAAU;;;EAGV,UAAU;;;;;EAKV,SAAS;;;EAGT,yBAAyB,CAAC,QAAQ,CAAC;;;;;EAKnC,wBAAwB,CAAC,QAAQ,CAAC;;;;;EAKlC,eAAe,CAAC,QAAQ,CAAC;;;EAGzB,mBAAmB,CAAC,QAAQ,CAAC;CAC9B,CAAC;AACF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,WAAmB,EAAE,WAAmB;IAClF,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,2BAA2B,CAAC,QAAQ,CAAC,CAAC;IAEpD,MAAM,OAAO,GAAG,CAAC,KAAa,EAAE,IAAwE,EAAE,EAAE,CAC1G,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,SAAS,GAAG,GAAG,CAAC,KAAK,IAAI,CAAC,KAAK;IACvD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;qBAC5B,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAEtD,OAAO;;cAEK,WAAW;;oBAEL,QAAQ,CAAC,IAAI;sBACX,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,SAAS,IAAI,EAAE,EAAE,QAAQ,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;;gBAEzG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;;;;EAItC,OAAO,CAAC,aAAa,EAAE,KAAK,CAAC,WAAW,CAAC;;;;EAIzC,OAAO,CAAC,aAAa,EAAE,KAAK,CAAC,WAAW,CAAC;;;;EAIzC,OAAO,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC;CAClC,CAAC;AACF,CAAC;AAED,oEAAoE;AACpE,SAAS,qBAAqB,CAAC,QAAa;IAC1C,IAAI,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,2BAA2B,CAAC;QAAE,OAAO,yDAAyD,CAAC;IACnI,IAAI,QAAQ,CAAC,SAAS,KAAK,YAAY;QAAE,OAAO,yDAAyD,CAAC;IAC1G,IAAI,QAAQ,CAAC,SAAS,KAAK,OAAO;QAAE,OAAO,wDAAwD,CAAC;IACpG,OAAO,6EAA6E,CAAC;AACvF,CAAC;AAED,SAAS,0BAA0B,CAAC,QAAa;IAC/C,MAAM,QAAQ,GAAG;QACf,2DAA2D;QAC3D,4DAA4D;QAC5D,4DAA4D;KAC7D,CAAC;IACF,IAAI,QAAQ,CAAC,aAAa;QAAE,QAAQ,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;IACtG,IAAI,QAAQ,CAAC,QAAQ,KAAK,YAAY;QAAE,QAAQ,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;IAClH,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,wBAAwB,CAAC,QAAa;IAC7C,MAAM,GAAG,GAAG,CAAC,+CAA+C,CAAC,CAAC;IAC9D,IAAI,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,2BAA2B,CAAC;QAAE,GAAG,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;IACpH,IAAI,QAAQ,CAAC,SAAS;QAAE,GAAG,CAAC,IAAI,CAAC,iCAAiC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;IACxF,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,2BAA2B,CAAC,QAAa;IAChD,MAAM,GAAG,GAAG,CAAC,mCAAmC,EAAE,kCAAkC,CAAC,CAAC;IACtF,IAAI,QAAQ,CAAC,aAAa;QAAE,GAAG,CAAC,IAAI,CAAC,WAAW,QAAQ,CAAC,aAAa,qBAAqB,CAAC,CAAC;IAC7F,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAa;IACzC,IAAI,QAAQ,CAAC,YAAY,KAAK,4BAA4B;QAAE,OAAO,gEAAgE,CAAC;IACpI,IAAI,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,qEAAqE,CAAC;IACxH,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS;QAAE,OAAO,0DAA0D,CAAC;IACxG,OAAO,QAAQ,CAAC,YAAY,IAAI,wDAAwD,CAAC;AAC3F,CAAC;AAED,SAAS,qBAAqB,CAAC,QAAa;IAC1C,MAAM,KAAK,GAAG,EAAkD,CAAC;IACjE,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC,CAAC;QAC5F,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,+DAA+D,EAAE,CAAC,CAAC;IACrH,CAAC;IACD,IAAI,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1C,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC,CAAC;QACxE,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,8BAA8B,EAAE,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,uCAAuC,EAAE,CAAC,CAAC;IACjH,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAa;IACvC,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS;QAAE,OAAO,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAC7E,IAAI,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;IAChF,OAAO,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AACnC,CAAC;AAED,SAAS,yBAAyB,CAAC,QAAa;IAC9C,MAAM,KAAK,GAAG,EAAc,CAAC;IAC7B,KAAK,CAAC,IAAI,CAAC,cAAc,QAAQ,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,sBAAsB,EAAE,CAAC,CAAC;IACjH,IAAI,QAAQ,CAAC,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;IACzE,IAAI,QAAQ,CAAC,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;IACrE,IAAI,QAAQ,CAAC,aAAa;QAAE,KAAK,CAAC,IAAI,CAAC,cAAc,QAAQ,CAAC,aAAa,EAAE,CAAC,CAAC;IAC/E,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,yBAAyB,CAAC,QAAa;IAC9C,MAAM,IAAI,GAAG,CAAC,QAAQ,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClG,OAAO,oBAAoB,IAAI,IAAI,UAAU,yBAAyB,GAAG,IAAI,UAAU,EAAE,CAAC;AAC5F,CAAC;AAED,SAAS,wBAAwB,CAAC,QAAa;IAC7C,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACrC,OAAO,wGAAwG,CAAC;IAClH,CAAC;IACD,IAAI,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1C,OAAO,+DAA+D,CAAC;IACzE,CAAC;IACD,OAAO,0BAA0B,CAAC;AACpC,CAAC;AAED,SAAS,eAAe,CAAC,QAAa;IACpC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IACvC,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS;QAAE,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC5D,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAa;IACxC,IAAI,QAAQ,CAAC,SAAS;QAAE,OAAO,OAAO,QAAQ,CAAC,SAAS,+BAA+B,CAAC;IACxF,OAAO,2DAA2D,CAAC;AACrE,CAAC;AAED,SAAS,2BAA2B,CAAC,QAAa;IAChD,MAAM,GAAG,GAAG;QACV,EAAE,KAAK,EAAE,4BAA4B,EAAE,QAAQ,EAAE,CAAC,wBAAwB,EAAE,mBAAmB,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE;QACxH,EAAE,KAAK,EAAE,8BAA8B,EAAE,QAAQ,EAAE,CAAC,aAAa,EAAE,mBAAmB,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE;KAChH,CAAC;IACF,MAAM,KAAK,GAAG;QACZ,EAAE,KAAK,EAAE,sBAAsB,EAAE,QAAQ,EAAE,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE;KACxG,CAAC;IACF,MAAM,OAAO,GAAG;QACd,EAAE,KAAK,EAAE,8BAA8B,EAAE,QAAQ,EAAE,CAAC,YAAY,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE;KAC9H,CAAC;IAEF,6BAA6B;IAC7B,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACrC,GAAG,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,CAAC,gBAAgB,EAAE,wBAAwB,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAC;IAC3H,CAAC;IACD,IAAI,QAAQ,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1C,GAAG,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,QAAQ,EAAE,CAAC,eAAe,EAAE,oBAAoB,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAC;IACxH,CAAC;IAED,IAAI,QAAQ,CAAC,aAAa,EAAE,CAAC;QAC3B,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,QAAQ,CAAC,aAAa,EAAE,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,QAAQ,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;QACvC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACvD,CAAC;IAED,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AAC3D,CAAC"}

package/mcp-server.js

@@ -11,6 +11,26 @@ import {
   generateStructureDocument 
 } from './documentGenerator.js';
 
+// Best-effort dynamic loader for spec generators (requirements/design/tasks)
+async function loadSpecGenerator() {
+  const tried = [];
+  const attempts = [
+    './specGenerator.js',                 // root-level JS (dev/runtime)
+    './dist/utils/specGenerator.js',      // compiled TS output
+    './utils/specGenerator.js'            // TS runtime (when transpiled on-the-fly)
+  ];
+  for (const p of attempts) {
+    try {
+      // eslint-disable-next-line no-await-in-loop
+      const mod = await import(p);
+      return { mod, path: p };
+    } catch (e) {
+      tried.push(`${p}: ${(e && e.message) || e}`);
+    }
+  }
+  throw new Error(`Unable to load specGenerator from known paths. Tried: \n- ${tried.join('\n- ')}`);
+}
+
 // Resolve version dynamically from package.json when possible
 async function resolveVersion() {
   try {
@@ -172,39 +192,14 @@ server.registerTool("sdd-requirements", {
     const specContent = await fs.readFile(specPath, 'utf8');
     const spec = JSON.parse(specContent);
     
-    // Generate requirements based on project analysis and AI understanding
-    const requirementsContent = `# Requirements Document
-
-## Project Context
-**Feature**: ${spec.feature_name}
-**Description**: ${spec.description || 'Feature to be implemented'}
-
-## Instructions for AI Agent
-
-Please analyze the current project structure and the feature description above to generate comprehensive requirements. Consider:
-
-1. **Project Analysis**: Examine the codebase structure, existing files, dependencies, and architecture patterns
-2. **Feature Scope**: Based on the feature description, identify what needs to be built
-3. **User Stories**: Create user stories that capture the value this feature provides
-4. **Technical Requirements**: Identify technical constraints and integration points
-5. **Acceptance Criteria**: Use EARS format (WHEN/IF/WHILE/WHERE) for testable criteria
-
-## Requirements Generation Guidelines
-
-Generate requirements that:
-- Are specific to this actual project (not generic)
-- Consider the existing codebase architecture
-- Include functional and non-functional requirements
-- Use EARS format for acceptance criteria
-- Are testable and measurable
-- Consider integration with existing features
-
-## Current Project Information
-- Project Path: ${process.cwd()}
-- Feature Name: ${spec.feature_name}
-- Initialization Date: ${spec.created_at}
-
-**Note**: This template will be replaced by AI-generated requirements specific to your project and feature description.`;
+    // Generate requirements using specGenerator with fallback
+    let requirementsContent;
+    try {
+      const { mod } = await loadSpecGenerator();
+      requirementsContent = await mod.generateRequirementsDocument(currentPath, featureName);
+    } catch (e) {
+      requirementsContent = `# Requirements Document\n\n<!-- Warning: Analysis-backed generation failed. Using fallback template. -->\n<!-- Error: ${e && e.message ? e.message : String(e)} -->\n\n## Project Context\n**Feature**: ${spec.feature_name}\n**Description**: ${spec.description || 'Feature to be implemented'}\n`;
+    }
     
     await fs.writeFile(path.join(featurePath, 'requirements.md'), requirementsContent);
     
@@ -266,8 +261,14 @@ server.registerTool("sdd-design", {
       requirementsContext = 'Requirements document not available';
     }
 
-    // Generate design document
-    const designContent = `# Technical Design Document\n\n## Project Context\n**Feature**: ${spec.feature_name}\n**Description**: ${spec.description || 'Feature to be implemented'}\n**Requirements Phase**: ${spec.approvals.requirements.generated ? 'Completed' : 'Pending'}\n\n## Instructions for AI Agent\n\nPlease analyze the requirements document and current project structure to create a comprehensive technical design. Consider:\n\n1. **Requirements Analysis**: Review the requirements to understand what needs to be built\n2. **Architecture Review**: Examine the existing codebase architecture and patterns\n3. **Technology Stack**: Identify the current tech stack and integration points\n4. **Design Decisions**: Make architectural decisions based on the project context\n5. **Component Design**: Define components, interfaces, and data models\n6. **Implementation Strategy**: Outline how this feature fits into the existing system\n\n## Design Generation Guidelines\n\nCreate a design that:\n- Addresses all requirements from requirements.md\n- Fits naturally into the existing codebase architecture\n- Uses the project's existing technology stack and patterns\n- Includes specific component interfaces and data models\n- Considers error handling and edge cases\n- Provides clear implementation guidance\n\n## Requirements Context\n\`\`\`\n${requirementsContext.substring(0, 2000)}${requirementsContext.length > 2000 ? '...\n[Requirements document truncated - see requirements.md for full content]' : ''}\n\`\`\`\n\n## Current Project Information\n- Project Path: ${process.cwd()}\n- Feature Name: ${spec.feature_name}\n- Phase: ${spec.phase}\n- Created: ${spec.created_at}\n\n**Note**: This template will be replaced by AI-generated design specific for spec-driven development workflows to AI development teams.\n\n**Users**: AI developers and development teams will utilize this for structured project development.\n\n**Impact**: Transforms ad-hoc development into systematic, phase-based workflows with quality gates.\n\n### Goals\n- Provide complete SDD workflow automation\n- Ensure quality through Linus-style code review\n- Enable multi-language development support\n- Integrate seamlessly with AI development tools\n\n### Non-Goals\n- Real-time collaboration features\n- Deployment automation\n- Version control integration\n\n## Architecture\n\n### High-Level Architecture\n\n\`\`\`mermaid\ngraph TB\n    A[AI Client] --> B[MCP Server]\n    B --> C[SDD Workflow Engine]\n    C --> D[Project Management]\n    C --> E[Template System]\n    C --> F[Quality Analysis]\n    D --> G[File System]\n    E --> G\n    F --> G\n\`\`\`\n\n### Technology Stack\n\n**Runtime**: Node.js with ES modules\n**Protocol**: Model Context Protocol (MCP)\n**Templates**: Handlebars-based generation\n**Quality**: AST-based code analysis\n**Storage**: File-based project persistence\n\n### Key Design Decisions\n\n**Decision**: Use MCP protocol for AI tool integration\n**Context**: Need seamless integration with Claude Code and other AI development tools\n**Alternatives**: REST API, GraphQL, custom protocol\n**Selected Approach**: MCP provides standardized AI tool integration\n**Rationale**: Direct integration with AI development workflows\n**Trade-offs**: Protocol-specific but optimized for AI use cases\n\n## Components and Interfaces\n\n### SDD Workflow Engine\n\n**Responsibility**: Manages 5-phase workflow state transitions\n**Domain Boundary**: Workflow orchestration and validation\n**Data Ownership**: Phase state, approval tracking, transition rules\n\n**Contract Definition**:\n\`\`\`typescript\ninterface SDDWorkflowEngine {\n  initializeProject(name: string, description: string): ProjectSpec;\n  generateRequirements(featureName: string): RequirementsDoc;\n  generateDesign(featureName: string): DesignDoc;\n  generateTasks(featureName: string): TasksDoc;\n  checkQuality(code: string): QualityReport;\n}\n\`\`\`\n\n### Template System\n\n**Responsibility**: Generate structured documents from templates\n**Domain Boundary**: Document generation and formatting\n**Data Ownership**: Template definitions, generated content\n\n### Quality Analysis Engine\n\n**Responsibility**: Perform Linus-style 5-layer code review\n**Domain Boundary**: Code quality assessment\n**Data Ownership**: Quality metrics, review reports\n\n## Data Models\n\n### Project Specification\n\`\`\`json\n{\n  "feature_name": "string",\n  "created_at": "ISO8601",\n  "updated_at": "ISO8601",\n  "language": "en",\n  "phase": "initialized|requirements-generated|design-generated|tasks-generated|implementation",\n  "approvals": {\n    "requirements": { "generated": boolean, "approved": boolean },\n    "design": { "generated": boolean, "approved": boolean },\n    "tasks": { "generated": boolean, "approved": boolean }\n  },\n  "ready_for_implementation": boolean\n}\n\`\`\`\n\n## Error Handling\n\n### Error Strategy\n- Phase validation with clear error messages\n- Graceful degradation for missing dependencies\n- Detailed logging for debugging\n\n### Error Categories\n**User Errors**: Invalid phase transitions → workflow guidance\n**System Errors**: File system failures → graceful error handling\n**Business Logic Errors**: Missing approvals → phase requirement messages\n\n## Testing Strategy\n\n- Unit Tests: SDD workflow engine methods\n- Integration Tests: MCP protocol communication\n- E2E Tests: Complete workflow execution\n- Performance Tests: Large project handling`;
+    // Generate design using specGenerator with fallback
+    let designContent;
+    try {
+      const { mod } = await loadSpecGenerator();
+      designContent = await mod.generateDesignDocument(currentPath, featureName);
+    } catch (e) {
+      designContent = `# Technical Design Document\n\n<!-- Warning: Analysis-backed generation failed. Using fallback template. -->\n<!-- Error: ${e && e.message ? e.message : String(e)} -->\n\n## Project Context\n**Feature**: ${spec.feature_name}\n**Phase**: ${spec.phase}`;
+    }
     
     await fs.writeFile(path.join(featurePath, 'design.md'), designContent);
     
@@ -384,6 +385,14 @@ ${designContext.substring(0, 1000)}${designContext.length > 1000 ? '...\n[Design
 - Created: ${spec.created_at}
 
 **Note**: This template will be replaced by AI-generated implementation tasks specific to your project requirements and design.`;
+
+    // Try to replace template with analysis-backed tasks
+    try {
+      const { mod } = await loadSpecGenerator();
+      tasksContent = await mod.generateTasksDocument(currentPath, featureName);
+    } catch (e) {
+      // Keep template; include debug info in file header already
+    }
     
     await fs.writeFile(path.join(featurePath, 'tasks.md'), tasksContent);
     
@@ -1189,6 +1198,63 @@ Managed by \`/kiro:steering\` command. Updates here reflect command changes.
       }
       await fs.writeFile(agentsPath, agentsContent);
     }
+
+    // Ensure security-check.md exists (static)
+    const securityPath = path.join(steeringPath, 'security-check.md');
+    const securityExists = await fs.access(securityPath).then(() => true).catch(() => false);
+    if (!securityExists) {
+      const securityContent = `# Security Check (OWASP Top 10 Aligned)
+
+Use this checklist during code generation and review. Avoid OWASP Top 10 issues by design.
+
+## A01: Broken Access Control
+- Enforce least privilege; validate authorization on every request/path
+- No client-side trust; never rely on hidden fields or disabled UI
+
+## A02: Cryptographic Failures
+- Use HTTPS/TLS; do not roll your own crypto
+- Store secrets in env vars/secret stores; never commit secrets
+
+## A03: Injection
+- Use parameterized queries/ORM and safe template APIs
+- Sanitize/validate untrusted input; avoid string concatenation in queries
+
+## A04: Insecure Design
+- Threat model critical flows; add security requirements to design
+- Fail secure; disable features by default until explicitly enabled
+
+## A05: Security Misconfiguration
+- Disable debug modes in prod; set secure headers (CSP, HSTS, X-Content-Type-Options)
+- Pin dependencies and lock versions; no default credentials
+
+    ## A06: Vulnerable & Outdated Components
+    - Track SBOM/dependencies; run npm audit or a scanner regularly and patch
+    - Prefer maintained libraries; remove unused deps
+
+## A07: Identification & Authentication Failures
+- Use vetted auth (OIDC/OAuth2); enforce MFA where applicable
+- Secure session handling (HttpOnly, Secure, SameSite cookies)
+
+## A08: Software & Data Integrity Failures
+- Verify integrity of third-party artifacts; signed releases when possible
+- Protect CI/CD: signed commits/tags, restricted tokens, principle of least privilege
+
+## A09: Security Logging & Monitoring Failures
+- Log authz/authn events and errors without sensitive data
+- Add alerts for suspicious activity; retain logs per policy
+
+## A10: Server-Side Request Forgery (SSRF)
+- Validate/deny-list outbound destinations; no direct fetch to arbitrary URLs
+- Use network egress controls; fetch via vetted proxies when needed
+
+## General Practices
+- Validate inputs (schema, length, type) and outputs (encoding)
+- Handle errors without leaking stack traces or secrets
+- Use content security best practices for templates/HTML
+- Add security tests where feasible (authz, input validation)
+`;
+      await fs.writeFile(securityPath, securityContent);
+    }
     
     const mode = updateMode === 'update' ? 'Updated' : 'Created';
     
@@ -1207,6 +1273,7 @@ Managed by \`/kiro:steering\` command. Updates here reflect command changes.
 - \`.kiro/steering/structure.md\` - Project organization and architectural decisions (AI analysis template)
 - \`.kiro/steering/linus-review.md\` - Code review guidelines (full content)
 - \`.kiro/steering/commit.md\` - Commit message standards (full content)
+- \`.kiro/steering/security-check.md\` - Security checklist aligned to OWASP Top 10 (full content)
 - \`.kiro/steering/AGENTS.md\` - Universal AI agent workflow guidance
 
 **AI-Driven Approach**:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sdd-mcp-server",
-  "version": "1.3.11",
+  "version": "1.4.1",
   "description": "MCP server for spec-driven development workflows across AI-agent CLIs and IDEs",
   "main": "dist/index.js",
   "bin": {
@@ -12,6 +12,7 @@
     "dist/**/*",
     "mcp-server.js",
     "documentGenerator.js",
+    "specGenerator.js",
     "README.md",
     "LICENSE",
     "package.json"