securenow 7.7.5 → 7.7.6

package/NPM_README.md

@@ -263,7 +263,7 @@ npx securenow alerts history --limit 20
 ### IP Intelligence & Blocklist
 
 ```bash
-# Look up any IP -- geo, abuse score, verdict, risk factors
+# Look up any IP -- geo, SecureNow IPDB score, verdict, risk factors
 npx securenow ip 203.0.113.42
 
 # Show traces from a specific IP

package/SKILL-CLI.md

@@ -221,7 +221,7 @@ Use this for the same work shown in **Requires Human**: AI has already grouped a
 ```bash
 securenow human                              # list human decisions, most urgent first
 securenow human list --limit 20
-securenow human show 1                       # inspect row 1 with AI report, DAG, proofs, trace links
+securenow human show 1                       # inspect row 1 with AI report, investigation steps, proofs, trace links
 securenow human block 1 --yes --reason "AI evidence confirmed malicious"
 securenow human fp 1 --yes --reason "Scoped false positive after evidence review"
 securenow human action 1 --status rejected --yes --reason "Tuning guard is too broad"
@@ -304,6 +304,16 @@ securenow blocklist remove <id>
 securenow blocklist stats                    # block counts, top reasons
 ```
 
+MCP exposes legacy pending-block cleanup separately from current Requires Human
+work:
+
+- `securenow_blocklist_pending_list`
+- `securenow_blocklist_pending_approve`
+- `securenow_blocklist_pending_reject`
+- `securenow_blocklist_pending_bulk_approve`
+- `securenow_blocklist_pending_bulk_reject`
+- prompt: `cleanup_legacy_pending_blocks`
+
 ### Automation Rules
 
 ```bash
@@ -312,6 +322,11 @@ securenow automation show <id>
 securenow automation dry-run <id> --limit 500
 securenow automation execute <id> --yes
 ```
+
+For default automation, prefer production-scoped `riskScore` policies:
+`riskScore >= 90` for autonomous AI malicious blocking, `riskScore >= 80`
+plus `alertTag in xss` for short-lived XSS blocks, and keep raw SecureNow IPDB
+confidence as supporting reputation evidence.
 
 ### Allowlist — Restrict to Known IPs
 

package/cli/human.js

@@ -42,6 +42,78 @@ function parseTaskRef(ref) {
   return { kind: 'notification', notificationId: text };
 }
 
+function parseJsonOrList(value) {
+  if (value == null || value === true) return [];
+  if (Array.isArray(value)) return value.filter(Boolean).map(String);
+  const text = String(value).trim();
+  if (!text) return [];
+  if (text.startsWith('[')) {
+    try {
+      const parsed = JSON.parse(text);
+      return Array.isArray(parsed) ? parsed.filter(Boolean).map(String) : [];
+    } catch {}
+  }
+  return text.split(/\r?\n|;;/).map((item) => item.trim()).filter(Boolean);
+}
+
+function parseCommaList(value) {
+  if (value == null || value === true) return [];
+  if (Array.isArray(value)) return value.flatMap(parseCommaList);
+  const text = String(value).trim();
+  if (!text) return [];
+  if (text.startsWith('[')) return parseJsonOrList(text);
+  return text.split(',').map((item) => item.trim()).filter(Boolean);
+}
+
+function defaultReviewedHistory(task = {}) {
+  const history = [];
+  if (taskLabel(task)) history.push(`Case: ${taskLabel(task)}`);
+  if (task.aiDecision?.label || task.aiDecision?.recommendation) history.push(`AI recommendation: ${task.aiDecision.label || task.aiDecision.recommendation}`);
+  if (task.aiDecision?.reason) history.push(`AI reason: ${task.aiDecision.reason}`);
+  if (task.aiDecision?.confidence != null) history.push(`AI confidence: ${Math.round(Number(task.aiDecision.confidence))}%`);
+  if (task.proofs?.paths?.length) history.push(`Paths: ${formatList(task.proofs.paths, 8)}`);
+  if (task.proofs?.methods?.length) history.push(`Methods: ${formatList(task.proofs.methods, 8)}`);
+  if (task.proofs?.statusCodes?.length) history.push(`Status codes: ${formatList(task.proofs.statusCodes.map(String), 8)}`);
+  if (task.proofs?.userAgents?.length) history.push(`User agents: ${formatList(task.proofs.userAgents, 4)}`);
+  if (task.proofs?.traceIds?.length) history.push(`Trace IDs: ${formatList(task.proofs.traceIds, 8)}`);
+  return history;
+}
+
+function buildDecisionReport(task, flags = {}, outcome, fallbackSummary) {
+  let report = {};
+  if (flags.report) {
+    try {
+      report = JSON.parse(flags.report);
+    } catch (err) {
+      ui.error(`Invalid --report JSON: ${err.message}`);
+      process.exit(1);
+    }
+  }
+
+  const explicitEvidence = parseJsonOrList(flags.evidence);
+  const explicitHistory = parseJsonOrList(flags.history);
+  const explicitMissingProof = parseJsonOrList(flags['missing-proof']);
+  const explicitRecommendations = parseJsonOrList(flags.recommendations);
+  const traceIds = parseCommaList(flags['trace-ids']);
+
+  return {
+    source: 'cli',
+    outcome: flags.outcome || report.outcome || outcome || 'other',
+    summary: flags.summary || report.summary || fallbackSummary || flags.reason || '',
+    reason: flags.reason || report.reason || '',
+    evidence: explicitEvidence.length ? explicitEvidence : asArray(report.evidence),
+    reviewedHistory: explicitHistory.length ? explicitHistory : (asArray(report.reviewedHistory).length ? asArray(report.reviewedHistory) : defaultReviewedHistory(task)),
+    traceIds: traceIds.length ? traceIds : (asArray(report.traceIds).length ? asArray(report.traceIds) : asArray(task?.proofs?.traceIds)),
+    paths: asArray(report.paths).length ? asArray(report.paths) : asArray(task?.proofs?.paths),
+    methods: asArray(report.methods).length ? asArray(report.methods) : asArray(task?.proofs?.methods),
+    statusCodes: asArray(report.statusCodes).length ? asArray(report.statusCodes) : asArray(task?.proofs?.statusCodes).map(String),
+    userAgents: asArray(report.userAgents).length ? asArray(report.userAgents) : asArray(task?.proofs?.userAgents),
+    missingProof: explicitMissingProof.length ? explicitMissingProof : asArray(report.missingProof),
+    recommendations: explicitRecommendations.length ? explicitRecommendations : asArray(report.recommendations),
+    rawData: report.rawData || null,
+  };
+}
+
 async function fetchQueue(flags = {}) {
   const query = {
     page: flags.page || 1,
@@ -180,7 +252,7 @@ function printAiReport(ipReport = {}, notification = {}) {
 
   if (steps.length) {
     console.log('');
-    console.log(`  ${ui.c.bold('DAG steps')}`);
+    console.log(`  ${ui.c.bold('Investigation steps')}`);
     const rows = steps.map((step) => [
       step.id,
       step.status || '-',
@@ -323,12 +395,13 @@ async function action(args, flags) {
 
   const result = flags.result ? JSON.parse(flags.result) : {};
   if (flags.reason) result.reason = flags.reason;
+  const decisionReport = buildDecisionReport(task || { notificationId, actionKey }, flags, flags.outcome || 'case_action', result.summary || result.reason || `Case action ${status}`);
 
   const s = ui.spinner('Updating case action');
   try {
     const data = await api.put(
       `/notifications/${encodeURIComponent(notificationId)}/agent-case/actions/${encodeURIComponent(actionKey)}`,
-      { status, result }
+      { status, result, reportSource: 'cli', ips: parseCommaList(flags.ips), decisionReport }
     );
     s.stop('Case action updated');
     if (flags.json) { ui.json(data); return; }
@@ -358,6 +431,8 @@ async function block(args, flags) {
       riskScore: task.aiDecision?.riskScore ?? undefined,
       decisionSource: 'ai_dag',
       note: reason,
+      reportSource: 'cli',
+      decisionReport: buildDecisionReport(task, flags, 'blocked', reason),
     };
     const data = await api.put(`/notifications/${encodeURIComponent(task.notificationId)}/ips/${encodeURIComponent(task.ip)}/status`, body);
     s.stop(`${task.ip} blocked`);
@@ -391,6 +466,8 @@ async function fp(args, flags) {
       applyToExisting: flags['apply-existing'] != null ? flags['apply-existing'] !== 'false' : Boolean(scope.applyToExisting),
       ruleScope: flags['rule-scope'] || scope.ruleScope || 'this_rule',
       aiConfidence: task.aiDecision?.confidence ?? null,
+      reportSource: 'cli',
+      decisionReport: buildDecisionReport(task, flags, 'false_positive', reason),
     };
     const data = await api.post(`/notifications/${encodeURIComponent(task.notificationId)}/ips/${encodeURIComponent(task.ip)}/false-positive`, body);
     s.stop(`${task.ip} marked false positive`);
@@ -402,6 +479,43 @@ async function fp(args, flags) {
   }
 }
 
+async function report(args, flags) {
+  requireAuth();
+  const ref = args[0];
+  const { task } = await resolveTask(ref, flags);
+  const outcome = flags.outcome || (task.kind === 'case_action' || task.actionKey ? 'case_action' : 'other');
+  const summary = flags.summary || flags.reason || `Decision report recorded for ${taskLabel(task)}`;
+
+  if (!flags.yes && !flags.force) {
+    const target = task.ip ? `${task.ip}` : `${task.notificationId}`;
+    const ok = await ui.confirm(`Record decision report for ${target}?`);
+    if (!ok) return;
+  }
+
+  const s = ui.spinner('Recording decision report');
+  try {
+    const decisionReport = buildDecisionReport(task, flags, outcome, summary);
+    let data;
+    if (task.ip) {
+      data = await api.post(
+        `/notifications/${encodeURIComponent(task.notificationId)}/ips/${encodeURIComponent(task.ip)}/decision-report`,
+        { reportSource: 'cli', reason: flags.reason || summary, outcome, decisionReport }
+      );
+    } else {
+      data = await api.post(
+        `/notifications/${encodeURIComponent(task.notificationId)}/decision-report`,
+        { reportSource: 'cli', reason: flags.reason || summary, outcome, ips: parseCommaList(flags.ips), decisionReport }
+      );
+    }
+    s.stop('Decision report recorded');
+    if (flags.json) ui.json(data);
+    else ui.success(`Recorded decision report: ${decisionReport.outcome}`);
+  } catch (err) {
+    s.fail('Failed to record decision report');
+    throw err;
+  }
+}
+
 function mcpPromptText(ref, flags = {}) {
   const rowText = ref ? `Start with human action row/id: ${ref}.` : 'Work the human action queue from most urgent to least urgent.';
   const limit = flags.limit || 10;
@@ -417,14 +531,15 @@ function mcpPromptText(ref, flags = {}) {
     ref
       ? '2. Select the requested row number or task id, then call securenow_notifications_get and securenow_human_action_report for its notificationId and IP.'
       : '2. For each task, call securenow_notifications_get and securenow_human_action_report for the notificationId and IP.',
-    '3. Read the AI report, finalDecision, DAG steps, findings, proofs, metadata paths/user agents/status codes, and trace IDs.',
+    '3. Read the AI report, finalDecision, investigation steps, findings, proofs, metadata paths/user agents/status codes, and trace IDs.',
     '4. Open/inspect trace evidence with securenow_traces_show and securenow_logs_for_trace when trace IDs are available.',
     '5. Decide one outcome: block the IP, mark a scoped false positive, recommend alert-rule tuning, or skip if evidence is ambiguous.',
-    '6. For block decisions, call securenow_human_action_block with confirm:true and a precise reason.',
-    '7. For false positives, call securenow_human_action_false_positive with confirm:true, the narrowest available conditions, and a precise reason.',
+    '6. For block decisions, call securenow_human_action_block with confirm:true, a precise reason, and a decisionReport with summary/evidence/reviewedHistory/traceIds.',
+    '7. For false positives, call securenow_human_action_false_positive with confirm:true, the narrowest available conditions, a precise reason, and a decisionReport.',
     '8. For case-level tune_rule/create_exclusion rows, inspect the notification case and use securenow_human_case_action_update only when the proposed action is safe.',
-    '9. If many IPs share the same benign path/status/user-agent pattern, recommend tightening the alert rule with a precise guard instead of reviewing each IP as malicious.',
-    '10. Summarize each row handled, skipped, rule tuning needed, and still waiting. Do not globally trust an IP by default.',
+    '9. For skipped/ambiguous/rule-tuning-needed rows that should be auditable without changing status, call securenow_human_action_decision_report_add or securenow_human_case_decision_report_add with the missing proof.',
+    '10. If many IPs share the same benign path/status/user-agent pattern, recommend tightening the alert rule with a precise guard instead of reviewing each IP as malicious.',
+    '11. Summarize each row handled, skipped, rule tuning needed, and still waiting. Do not globally trust an IP by default.',
     '',
     'Safety:',
     '- Do not call write tools without confirm:true and a reason.',
@@ -455,6 +570,7 @@ module.exports = {
   action,
   block,
   fp,
+  report,
   prompt,
   work,
 };

package/cli/security.js

@@ -926,7 +926,7 @@ async function ipLookup(args, flags) {
     if (data.domain) pairs.push(['Domain', data.domain]);
     if (data.isp) pairs.push(['ISP', data.isp]);
     if (data.usageType) pairs.push(['Usage Type', data.usageType]);
-    if (data.abuseConfidenceScore != null) pairs.push(['Abuse Score', `${data.abuseConfidenceScore}/100`]);
+    if (data.abuseConfidenceScore != null) pairs.push(['SecureNow IPDB Score', `${data.abuseConfidenceScore}/100`]);
     if (data.securenowScore != null) pairs.push(['SecureNow Score', String(data.securenowScore)]);
     if (data.verdict) pairs.push(['Verdict', data.verdict]);
     if (data.isMalicious != null) pairs.push(['Malicious', data.isMalicious ? ui.c.red('Yes') : ui.c.green('No')]);

package/cli.js

@@ -164,13 +164,22 @@ const COMMANDS = {
   },
   human: {
     desc: 'Work the human action queue prepared by SecureNow AI',
-    usage: 'securenow human <list|show|block|fp|action|prompt|work> [row|notificationId:ip] [options]',
+    usage: 'securenow human <list|show|block|fp|report|action|prompt|work> [row|notificationId:ip] [options]',
     flags: {
       json: 'Output as JSON',
       page: 'Queue page number',
       limit: 'Queue page size',
       search: 'Search IP, rule, path, or verdict',
       reason: 'Reason for block/false-positive decisions',
+      summary: 'Decision report summary to write to the IP history',
+      outcome: 'Decision report outcome: blocked, false_positive, clean, deferred, case_action, rule_tuning, new_alert_rule, ambiguous, skipped, other',
+      evidence: 'Decision evidence; repeat as newline/;; separated text or JSON array',
+      history: 'Reviewed history/proofs; newline/;; separated text or JSON array',
+      'trace-ids': 'Comma-separated trace IDs reviewed for the decision',
+      ips: 'Comma-separated IPs affected by a case-level decision report',
+      'missing-proof': 'Missing proof for skipped or ambiguous rows',
+      recommendations: 'Follow-up recommendations; newline/;; separated text or JSON array',
+      report: 'Full decision report JSON object',
       yes: 'Confirm write actions without prompting',
       force: 'Alias for --yes',
       conditions: 'False-positive conditions JSON array',
@@ -185,9 +194,10 @@ const COMMANDS = {
     },
     sub: {
       list: { desc: 'List human decisions AI prepared', run: (a, f) => require('./cli/human').list(a, f) },
-      show: { desc: 'Show one row with AI report, proofs, DAG, and trace links', usage: 'securenow human show <row|notificationId:ip>', run: (a, f) => require('./cli/human').show(a, f) },
+      show: { desc: 'Show one row with AI report, proofs, investigation steps, and trace links', usage: 'securenow human show <row|notificationId:ip>', run: (a, f) => require('./cli/human').show(a, f) },
       block: { desc: 'Approve the AI block recommendation for a row', usage: 'securenow human block <row|notificationId:ip> --yes --reason "..."', run: (a, f) => require('./cli/human').block(a, f) },
       fp: { desc: 'Mark a row as a scoped false positive', usage: 'securenow human fp <row|notificationId:ip> --yes --reason "..."', run: (a, f) => require('./cli/human').fp(a, f) },
+      report: { desc: 'Record a structured decision report on a row without changing status', usage: 'securenow human report <row|notificationId:ip> --yes --outcome ambiguous --summary "..."', run: (a, f) => require('./cli/human').report(a, f) },
       action: { desc: 'Approve/reject/execute a case-level proposed action', usage: 'securenow human action <row|notificationId> [actionKey] --status approved --yes --reason "..."', run: (a, f) => require('./cli/human').action(a, f) },
       prompt: { desc: 'Print a Codex/Claude MCP prompt for row or queue work', usage: 'securenow human prompt [row|notificationId:ip] [--limit 10]', run: (a, f) => require('./cli/human').prompt(a, f) },
       work: { desc: 'List the queue and print the MCP runbook to work it deeply', usage: 'securenow human work [--limit 10]', run: (a, f) => require('./cli/human').work(a, f) },

package/mcp/catalog.js

@@ -162,6 +162,26 @@ const environmentInput = {
   environment: string('Deployment environment scope: production, staging, preview, local, test, or all. Default for investigations is production.'),
 };
 
+const decisionReportInput = {
+  decisionReport: {
+    type: 'object',
+    additionalProperties: true,
+    description: 'Structured audit report explaining the decision, evidence reviewed, trace IDs, missing proof, and recommendations.',
+  },
+  decisionSummary: string('Short decision summary to record on the IP/case history.'),
+  outcome: string('Decision outcome: blocked, false_positive, clean, deferred, case_action, rule_tuning, new_alert_rule, ambiguous, skipped, or other.'),
+  evidence: arrayOfStrings('Evidence strings that support the decision.'),
+  reviewedHistory: arrayOfStrings('History/proofs reviewed before deciding.'),
+  traceIds: arrayOfStrings('Trace IDs reviewed for this decision.'),
+  paths: arrayOfStrings('Paths/endpoints reviewed for this decision.'),
+  ips: arrayOfStrings('IP addresses affected by this case-level decision report.'),
+  methods: arrayOfStrings('HTTP methods reviewed for this decision.'),
+  statusCodes: arrayOfStrings('HTTP status codes reviewed for this decision.'),
+  userAgents: arrayOfStrings('User agents reviewed for this decision.'),
+  missingProof: arrayOfStrings('Proof that was missing when the row is skipped or ambiguous.'),
+  recommendations: arrayOfStrings('Follow-up recommendations to record with the decision.'),
+};
+
 const TOOLS = [
   {
     name: 'securenow_auth_status',
@@ -286,7 +306,7 @@ const TOOLS = [
     bodyFields: ['confidenceMinimum', 'environment'],
     inputSchema: objectSchema({
       appKey: string('Application key UUID.'),
-      confidenceMinimum: number('Minimum SecureNow IPDB abuse confidence score.', { minimum: 0, maximum: 100 }),
+      confidenceMinimum: number('Minimum SecureNow IPDB confidence score.', { minimum: 0, maximum: 100 }),
       ...environmentInput,
       ...confirmSchema,
     }, ['appKey', 'confidenceMinimum', 'confirm', 'reason']),
@@ -455,7 +475,7 @@ const TOOLS = [
   {
     name: 'securenow_human_action_report',
     title: 'Get Human Action Report',
-    description: 'Fetch the full IP investigation report, DAG steps, proofs, metadata, and AI decision for one human action row.',
+    description: 'Fetch the full IP investigation report, investigation steps, proofs, metadata, and AI decision for one human action row.',
     scope: 'notifications:read',
     readOnly: true,
     method: 'GET',
@@ -469,7 +489,7 @@ const TOOLS = [
   {
     name: 'securenow_human_action_block',
     title: 'Approve AI Block Recommendation',
-    description: 'Approve the AI-prepared block decision for an IP. Write action; requires confirmation.',
+    description: 'Approve the AI-prepared block decision for an IP and optionally attach a structured decision report to the IP history. Write action; requires confirmation.',
     scope: 'notifications:write',
     readOnly: false,
     destructive: true,
@@ -477,29 +497,50 @@ const TOOLS = [
     method: 'PUT',
     endpoint: '/notifications/:notificationId/ips/:ip/status',
     pathParams: ['notificationId', 'ip'],
-    fixedBody: { status: 'blocked', decisionSource: 'ai_dag' },
+    fixedBody: { status: 'blocked', decisionSource: 'ai_dag', reportSource: 'mcp' },
     reasonAsNote: true,
-    bodyFields: ['note', 'verdict', 'riskScore'],
+    bodyFields: ['note', 'verdict', 'riskScore', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
     inputSchema: objectSchema({
       notificationId: string('Notification id from the human action row.'),
       ip: string('IP address to block.'),
       note: string('Audit note explaining why the AI block was approved.'),
       verdict: string('Optional final verdict text.'),
       riskScore: number('Optional risk score.', { minimum: 0, maximum: 100 }),
+      ...decisionReportInput,
+      ...confirmSchema,
+    }, ['notificationId', 'ip', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_human_action_decision_report_add',
+    title: 'Record Human Action Decision Report',
+    description: 'Attach a structured analyst/MCP decision report to one Requires Human IP row without changing its status. Use for skipped, ambiguous, rule-tuning-needed, or already-handled rows. Write action; requires confirmation.',
+    scope: 'notifications:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/notifications/:notificationId/ips/:ip/decision-report',
+    pathParams: ['notificationId', 'ip'],
+    fixedBody: { reportSource: 'mcp' },
+    bodyFields: ['reason', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
+    inputSchema: objectSchema({
+      notificationId: string('Notification id from the human action row.'),
+      ip: string('IP address for the report.'),
+      ...decisionReportInput,
       ...confirmSchema,
     }, ['notificationId', 'ip', 'confirm', 'reason']),
   },
   {
     name: 'securenow_human_action_false_positive',
     title: 'Mark Human Action False Positive',
-    description: 'Mark an AI-prepared human action as a scoped false positive. Write action; requires confirmation.',
+    description: 'Mark an AI-prepared human action as a scoped false positive and optionally attach a structured decision report to the IP history. Write action; requires confirmation.',
     scope: 'notifications:write',
     readOnly: false,
     confirm: true,
     method: 'POST',
     endpoint: '/notifications/:notificationId/ips/:ip/false-positive',
     pathParams: ['notificationId', 'ip'],
-    bodyFields: ['reason', 'conditions', 'matchMode', 'createExclusion', 'applyToExisting', 'ruleScope', 'targetRuleIds', 'aiConfidence'],
+    fixedBody: { reportSource: 'mcp' },
+    bodyFields: ['reason', 'conditions', 'matchMode', 'createExclusion', 'applyToExisting', 'ruleScope', 'targetRuleIds', 'aiConfidence', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
     inputSchema: objectSchema({
       notificationId: string('Notification id from the human action row.'),
       ip: string('IP address to mark as false positive.'),
@@ -510,6 +551,7 @@ const TOOLS = [
       ruleScope: string('Scope: this_rule, specific_rules, all_existing, or any_rule.'),
       targetRuleIds: arrayOfStrings('Specific rule ids when ruleScope is specific_rules.'),
       aiConfidence: number('AI confidence for audit metadata.', { minimum: 0, maximum: 100 }),
+      ...decisionReportInput,
       ...confirmSchema,
     }, ['notificationId', 'ip', 'confirm', 'reason']),
   },
@@ -523,16 +565,36 @@ const TOOLS = [
     method: 'PUT',
     endpoint: '/notifications/:notificationId/agent-case/actions/:actionKey',
     pathParams: ['notificationId', 'actionKey'],
-    bodyFields: ['status', 'result'],
+    fixedBody: { reportSource: 'mcp' },
+    bodyFields: ['status', 'result', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'ips', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
     reasonInResult: true,
     inputSchema: objectSchema({
       notificationId: string('Notification id from the case-action row.'),
       actionKey: string('Proposed action key from the row, for example tune_rule:...'),
       status: string('New status: proposed, approved, rejected, executed, or failed.'),
       result: { type: 'object', additionalProperties: true, description: 'Optional structured result/audit details.' },
+      ...decisionReportInput,
       ...confirmSchema,
     }, ['notificationId', 'actionKey', 'status', 'confirm', 'reason']),
   },
+  {
+    name: 'securenow_human_case_decision_report_add',
+    title: 'Record Case Decision Report',
+    description: 'Attach a structured analyst/MCP decision report to a notification/case without changing IP status or proposed action state. Write action; requires confirmation.',
+    scope: 'notifications:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/notifications/:notificationId/decision-report',
+    pathParams: ['notificationId'],
+    fixedBody: { reportSource: 'mcp' },
+    bodyFields: ['reason', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'ips', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
+    inputSchema: objectSchema({
+      notificationId: string('Notification id from the case-action row.'),
+      ...decisionReportInput,
+      ...confirmSchema,
+    }, ['notificationId', 'confirm', 'reason']),
+  },
   {
     name: 'securenow_ip_lookup',
     title: 'IP Intelligence Lookup',
@@ -636,13 +698,14 @@ const TOOLS = [
     confirm: true,
     method: 'POST',
     endpoint: '/automation-rules',
-    bodyFields: ['name', 'description', 'conditions', 'conditionLogic', 'actions', 'applicationsAll', 'applicationKeys', 'environmentsAll', 'environments'],
+    bodyFields: ['name', 'description', 'conditions', 'conditionLogic', 'actions', 'status', 'applicationsAll', 'applicationKeys', 'environmentsAll', 'environments'],
     inputSchema: objectSchema({
       name: string('Rule name.'),
       description: string('Optional rule description.'),
       conditions: { type: 'array', items: { type: 'object', additionalProperties: true }, description: 'Condition array. Fields include abuseConfidenceScore, riskScore, alertName, alertTag, attackType, path, environment.' },
       conditionLogic: string('AND or OR.'),
       actions: { type: 'array', items: { type: 'object', additionalProperties: true }, description: 'Action array, for example [{ "type":"addToBlocklist", "config":{ "reason":"...", "ttlHours":24 }}].' },
+      status: string('Initial rule status: active or disabled. Defaults to active.'),
       applicationsAll: boolean('Apply to all applications.'),
       applicationKeys: arrayOfStrings('Application keys when not applying to all applications.'),
       environmentsAll: boolean('Apply to all environments.'),
@@ -864,13 +927,97 @@ const TOOLS = [
     readOnly: true,
     method: 'GET',
     endpoint: '/blocklist',
-    queryFields: ['page', 'limit', 'appKey', 'environment'],
+    queryFields: ['page', 'limit', 'status', 'approvalStatus', 'search', 'view', 'appKey', 'environment'],
     inputSchema: objectSchema({
       ...pagingInput,
+      status: string('Block entry status: active or removed. Defaults to active.'),
+      approvalStatus: string('Optional approval filter: pending, approved, or rejected.'),
+      search: string('Optional IP prefix search.'),
+      view: string('List view: all or operational.'),
       appKey: string('Optional application key scope.'),
       ...environmentInput,
     }),
   },
+  {
+    name: 'securenow_blocklist_pending_list',
+    title: 'List Pending Block Approvals',
+    description: 'List legacy or AI-prepared blocklist entries with approvalStatus=pending. Pending blocks are not enforced until approved.',
+    scope: 'blocklist:read',
+    readOnly: true,
+    method: 'GET',
+    endpoint: '/blocklist/pending',
+    queryFields: ['page', 'limit', 'search', 'appKey', 'environment'],
+    inputSchema: objectSchema({
+      ...pagingInput,
+      search: string('Optional IP prefix search.'),
+      appKey: string('Optional application key scope.'),
+      ...environmentInput,
+    }),
+  },
+  {
+    name: 'securenow_blocklist_pending_approve',
+    title: 'Approve Pending Block',
+    description: 'Approve one pending blocklist entry so the firewall enforces it. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    destructive: true,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/:id/approve',
+    pathParams: ['id'],
+    bodyFields: ['reason'],
+    inputSchema: objectSchema({
+      id: string('Pending blocklist entry id.'),
+      ...confirmSchema,
+    }, ['id', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_blocklist_pending_reject',
+    title: 'Reject Pending Block',
+    description: 'Reject one pending blocklist entry and remove it from enforcement consideration. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/:id/reject',
+    pathParams: ['id'],
+    bodyFields: ['reason'],
+    inputSchema: objectSchema({
+      id: string('Pending blocklist entry id.'),
+      ...confirmSchema,
+    }, ['id', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_blocklist_pending_bulk_approve',
+    title: 'Bulk Approve Pending Blocks',
+    description: 'Approve multiple pending blocklist entries after they have all been reviewed under the same safe policy. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    destructive: true,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/bulk-approve',
+    bodyFields: ['ids', 'reason'],
+    inputSchema: objectSchema({
+      ids: arrayOfStrings('Pending blocklist entry ids to approve.'),
+      ...confirmSchema,
+    }, ['ids', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_blocklist_pending_bulk_reject',
+    title: 'Bulk Reject Pending Blocks',
+    description: 'Reject multiple pending blocklist entries after they have all been reviewed as false positives or stale/ambiguous. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/bulk-reject',
+    bodyFields: ['ids', 'reason'],
+    inputSchema: objectSchema({
+      ids: arrayOfStrings('Pending blocklist entry ids to reject.'),
+      ...confirmSchema,
+    }, ['ids', 'confirm', 'reason']),
+  },
   {
     name: 'securenow_blocklist_add',
     title: 'Add Blocked IP',
@@ -1114,6 +1261,25 @@ const PROMPTS = [
       { name: 'confirmWrites', description: 'Set true only when the user explicitly wants the MCP agent to execute decisions.', required: false },
     ],
   },
+  {
+    name: 'cleanup_legacy_pending_blocks',
+    title: 'Clean Legacy Pending Blocks',
+    description: 'Use MCP tools to review and approve/reject legacy pending blocklist rows so only current human work remains.',
+    arguments: [
+      { name: 'limit', description: 'Maximum pending block rows to review this run. Defaults to 50.', required: false },
+      { name: 'environment', description: 'Environment scope. Defaults to production.', required: false },
+      { name: 'confirmWrites', description: 'Set true only when the user explicitly wants the MCP agent to execute approvals/rejections.', required: false },
+    ],
+  },
+  {
+    name: 'configure_default_automation',
+    title: 'Configure Default Automation',
+    description: 'Use MCP tools to set conservative default SecureNow automation rules based on the canonical riskScore and supporting evidence.',
+    arguments: [
+      { name: 'environment', description: 'Environment scope. Defaults to production.', required: false },
+      { name: 'confirmWrites', description: 'Set true only when the user explicitly wants the MCP agent to create/update automation rules.', required: false },
+    ],
+  },
 ];
 
 function promptMessages(name, args = {}) {
@@ -1186,11 +1352,11 @@ function promptMessages(name, args = {}) {
           text: [
             `Investigate Requires Human row ${rowNumber} using SecureNow MCP.`,
             `Fetch page=${page}, limit=${limit} with securenow_human_actions_list, select row ${rowNumber}, then call securenow_notifications_get and securenow_human_action_report for that notificationId and IP.`,
-            'Read the AI report, finalDecision, DAG steps, findings, proofs, metadata paths/user agents/status codes, and trace IDs.',
+            'Read the AI report, finalDecision, investigation steps, findings, proofs, metadata paths/user agents/status codes, and trace IDs.',
             'Open trace evidence with securenow_traces_show and correlated logs with securenow_logs_for_trace when trace IDs are available.',
             'Return one clear outcome: Block IP, False Positive, Rule Tuning Needed, or Ambiguous. If evidence is ambiguous, stop and explain what is missing.',
             confirmWrites
-              ? 'The user requested execution. If evidence supports the decision, call securenow_human_action_block or securenow_human_action_false_positive with confirm:true and a precise reason.'
+              ? 'The user requested execution. If evidence supports the decision, call securenow_human_action_block or securenow_human_action_false_positive with confirm:true, a precise reason, and a decisionReport containing summary, evidence, reviewedHistory, traceIds, and missingProof when relevant. If you skip/mark ambiguous but still need to record the audit trail, call securenow_human_action_decision_report_add.'
               : 'Do not execute write tools yet. Prepare the recommended decision and exact tool call the user can approve.',
             'If many IPs share the same benign path/status/user-agent pattern, recommend tightening the alert rule with a precise guard instead of reviewing each IP as malicious.',
             'False positives must be narrow: app + alert rule + path + method/status/user-agent/body evidence where possible. Never globally trust an IP by default.',
@@ -1211,10 +1377,10 @@ function promptMessages(name, args = {}) {
           text: [
             'Work my SecureNow Requires Human queue like a senior security analyst using the MCP tools.',
             `Review up to ${limit} row(s), most urgent first.${args.search ? ` Search filter: ${args.search}.` : ''}`,
-            'Start with securenow_human_actions_list. For each row, call securenow_notifications_get and securenow_human_action_report, inspect the AI report/DAG/proofs/trace IDs, and fetch trace/log evidence where useful.',
+            'Start with securenow_human_actions_list. For each row, call securenow_notifications_get and securenow_human_action_report, inspect the AI report/investigation steps/proofs/trace IDs, and fetch trace/log evidence where useful.',
             'For each row choose exactly one outcome: Block IP, False Positive, Rule Tuning Needed, or Skip because evidence is insufficient. Explain skipped rows.',
             confirmWrites
-              ? 'The user requested execution. For supported decisions, call the correct write tool with confirm:true and a precise reason, then continue.'
+              ? 'The user requested execution. For supported decisions, call the correct write tool with confirm:true, a precise reason, and a decisionReport containing summary, evidence, reviewedHistory, traceIds, and missingProof when relevant, then continue. For skipped/ambiguous/rule-tuning-needed rows that should be auditable without changing IP status, use securenow_human_action_decision_report_add.'
               : 'Do not execute write tools yet. Produce a row-by-row action plan and exact MCP write calls for user approval.',
             'For block decisions, use securenow_human_action_block. For false positives, use securenow_human_action_false_positive with restrictive conditions. For case-level tune_rule/create_exclusion rows, inspect securenow_notifications_get and then use securenow_human_case_action_update only when the action is safe to approve/reject.',
             'End with counts: handled, proposed block, proposed false positive, rule tuning needed, skipped, still waiting.',
@@ -1224,6 +1390,62 @@ function promptMessages(name, args = {}) {
     ];
   }
 
+  if (name === 'cleanup_legacy_pending_blocks') {
+    const limit = args.limit || 50;
+    const environment = args.environment || 'production';
+    const confirmWrites = args.confirmWrites === true || args.confirmWrites === 'true';
+    return [
+      {
+        role: 'user',
+        content: {
+          type: 'text',
+          text: [
+            'Clean my SecureNow legacy pending blocklist queue using MCP tools.',
+            `Review up to ${limit} pending block row(s). Environment scope: ${environment}.`,
+            'Start with securenow_blocklist_stats, then securenow_blocklist_pending_list({ page: 1, limit, environment }).',
+            'For each pending block, inspect id, IP, source, reason, metadata.riskScore, metadata.aiRiskScore, metadata.abuseConfidenceScore, automation rule, linked notification, age, app, and environment.',
+            'When investigationNotificationId exists, fetch securenow_notifications_get for that case and use the linked IP report/history as evidence.',
+            'Approve only when the row has clear malicious evidence, riskScore >= 90, or SecureNow IPDB evidence score >= 80 with no false-positive/test signal.',
+            'Reject stale, ambiguous, synthetic/test, self-traffic, or false-positive rows. Prefer narrow rule/exclusion tuning when the same benign pattern repeats.',
+            confirmWrites
+              ? 'The user requested execution. Use securenow_blocklist_pending_approve or securenow_blocklist_pending_reject with confirm:true and a precise reason. Use bulk tools only after every selected row satisfies the same reviewed policy.'
+              : 'Do not execute writes yet. Produce exact approve/reject MCP calls grouped by safe policy for user approval.',
+            'After each write or batch, re-fetch securenow_blocklist_stats and securenow_blocklist_pending_list until the legacy pending count is zero or only ambiguous rows remain.',
+            'End with counts: approved, rejected, skipped ambiguous, legacyPendingBlockCount, and remaining proof gaps.',
+          ].join('\n'),
+        },
+      },
+    ];
+  }
+
+  if (name === 'configure_default_automation') {
+    const environment = args.environment || 'production';
+    const confirmWrites = args.confirmWrites === true || args.confirmWrites === 'true';
+    return [
+      {
+        role: 'user',
+        content: {
+          type: 'text',
+          text: [
+            'Configure SecureNow default automation using the MCP tools.',
+            `Default environment scope: ${environment}.`,
+            'Use one canonical product score for automation decisions: riskScore. Treat SecureNow IPDB / AbuseIPDB score and AI confidence as supporting evidence, not the primary UI score.',
+            'Desired defaults:',
+            '- Auto-block High-Confidence AI Malicious IPs: aiDecision=pending_approval AND isMalicious=true AND riskScore>=90, TTL 168h.',
+            '- Auto-block High-Confidence XSS IPs: alertTag in xss AND riskScore>=80, TTL 24h.',
+            '- High-reputation IPDB automation may remain enabled only as an explicit reputation policy: abuseConfidenceScore>=80.',
+            'Start with securenow_automation_rules_list. Reuse/update existing rules where names/conditions match instead of creating duplicates.',
+            'Create new rules with status=disabled when possible, dry-run each changed or created rule with securenow_automation_rule_dry_run, then enable only after the sample matches look safe.',
+            confirmWrites
+              ? 'The user requested execution. Create/update rules with confirm:true, production scope, clear names, and precise reasons. For new rules, prefer status=disabled, dry-run, then update status=active after review. Re-list rules after writes.'
+              : 'Do not execute writes yet. Return exact MCP update/create calls and dry-run calls for approval.',
+            'End with active rules, disabled rules that should stay disabled, and any risk from automation scope.',
+          ].join('\n'),
+        },
+      },
+    ];
+  }
+
   throw new Error(`Unknown prompt: ${name}`);
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "securenow",
-  "version": "7.7.5",
+  "version": "7.7.6",
   "description": "OpenTelemetry instrumentation for Node.js, Next.js, and Nuxt - Send traces and logs to any OTLP-compatible backend",
   "type": "commonjs",
   "main": "register.js",