securenow 7.7.5 → 7.7.7

package/NPM_README.md

@@ -186,7 +186,7 @@ codex mcp add securenow -- npx securenow mcp
 npx -p securenow securenow-mcp
 ```
 
-The MCP surface exposes tools for applications, traces, logs, firewall, IP intelligence, forensics, notifications, blocklist, allowlist, trusted IPs, and docs-backed prompts/resources. Write actions require `confirm:true` and a reason.
+The MCP surface exposes tools for applications, traces, logs, firewall, IP intelligence, forensics, notifications, blocklist, allowlist, trusted IPs, and docs-backed prompts/resources. Write actions require `confirm:true` and a reason. Use `securenow_blocklist_unblock` to stop firewall enforcement while keeping the block report/history; `securenow_blocklist_remove` is a compatibility alias.
 
 For hosted clients, SecureNow can expose the same surface at `https://api.securenow.ai/mcp`. The hosted endpoint uses the same API authentication and scope checks as the rest of SecureNow.
 
@@ -263,7 +263,7 @@ npx securenow alerts history --limit 20
 ### IP Intelligence & Blocklist
 
 ```bash
-# Look up any IP -- geo, abuse score, verdict, risk factors
+# Look up any IP -- geo, SecureNow IPDB score, verdict, risk factors
 npx securenow ip 203.0.113.42
 
 # Show traces from a specific IP
@@ -272,7 +272,9 @@ npx securenow ip traces 203.0.113.42
 # Manage the blocklist
 npx securenow blocklist
 npx securenow blocklist add 203.0.113.42 --reason "Brute force scanner"
-npx securenow blocklist remove <id>
+npx securenow blocklist unblock <id> --reason "Reviewed as safe"
+npx securenow blocklist remove <id>          # compatibility alias
+npx securenow blocklist list --status removed
 npx securenow blocklist stats
 
 # Manage trusted IPs
@@ -520,7 +522,8 @@ npx securenow logs --json --level error | jq '.logs'
 | | `automation dry-run <id>` | Preview automation matches without writing blocks |
 | | `automation execute <id> --yes` | Run an automation rule now |
 | | `blocklist add <ip>` | Block IP |
-| | `blocklist remove <id>` | Unblock IP |
+| | `blocklist unblock <id>` | Unblock IP and retain report/history |
+| | `blocklist remove <id>` | Compatibility alias for unblock |
 | | `blocklist stats` | Block stats |
 | | `allowlist` | Allowed IPs (restrict-mode) |
 | | `allowlist add <ip>` | Allow IP (`--label`, `--reason`) |

package/README.md

@@ -191,6 +191,7 @@ npx securenow doctor                # diagnose config + connectivity
 # Security
 npx securenow firewall status --env production
 npx securenow blocklist add 1.2.3.4 --reason "scanner"
+npx securenow blocklist unblock <id> --reason "reviewed safe"
 npx securenow fp ai-fill --description "Stripe webhook POST /api/stripe/webhook"
 
 # Telemetry from shell (no SDK boot)
@@ -357,6 +358,7 @@ After install, the `securenow` CLI is available via `npx securenow` or globally
 |---|---|
 | `securenow blocklist` | List blocked IPs |
 | `securenow blocklist add <ip> [--reason ...]` | Block an IP |
+| `securenow blocklist unblock <id> [--reason ...]` | Stop enforcement and keep block history |
 | `securenow allowlist add <ip>` | Allow an IP (restrict-mode) |
 | `securenow trusted add <ip>` | Mark an IP as trusted |
 

package/SKILL-API.md

@@ -66,9 +66,25 @@ npx securenow api-key set snk_live_abc123...
 
 Both paths write the key to `.securenow/credentials.json` (auto-gitignored) and the firewall activates on next start. For production, run `npx securenow credentials runtime --env production` and mount/copy the tokenless file as `.securenow/credentials.json`.
 
-The firewall syncs your blocklist and enforces it on every request — zero code changes.
-
----
+The firewall syncs your blocklist and enforces it on every request — zero code changes.
+
+Blocklist unblocks are audit-preserving: dashboard/API/CLI/MCP unblock actions
+mark the active block as `removed`, invalidate firewall sync, clear expiry to
+avoid TTL deletion, and retain block reports/history for future review or
+reblock context.
+
+For near-realtime propagation after a block/unblock, set
+`SECURENOW_FIREWALL_VERSION_INTERVAL=1` or `2` in the protected app. The SDK
+polls `/firewall/sync` with ETag/304, so unchanged checks are lightweight; keep
+`SECURENOW_FIREWALL_SYNC_INTERVAL` high as a safety-net full refresh.
+
+Default automation is active for new and existing customers. The API
+idempotently provisions risk-score rules for all apps/environments:
+`riskScore >= 95` blocks for 7 days, `90-94` for 72h, and `85-89` for 24h.
+Run `securenow automation defaults --yes` or the API backfill script when an
+operator needs to ensure those defaults immediately.
+
+---
 
 ## Import Map
 

package/SKILL-CLI.md

@@ -221,7 +221,7 @@ Use this for the same work shown in **Requires Human**: AI has already grouped a
 ```bash
 securenow human                              # list human decisions, most urgent first
 securenow human list --limit 20
-securenow human show 1                       # inspect row 1 with AI report, DAG, proofs, trace links
+securenow human show 1                       # inspect row 1 with AI report, investigation steps, proofs, trace links
 securenow human block 1 --yes --reason "AI evidence confirmed malicious"
 securenow human fp 1 --yes --reason "Scoped false positive after evidence review"
 securenow human action 1 --status rejected --yes --reason "Tuning guard is too broad"
@@ -300,18 +300,43 @@ securenow firewall test-ip <ip> --app <key> --env local  # check if IP would be
 securenow blocklist                          # list blocked IPs
 securenow blocklist list
 securenow blocklist add <ip> --app <key> --env production --reason "Brute force"
-securenow blocklist remove <id>
+securenow blocklist unblock <id> --reason "False alarm after review"
+securenow blocklist remove <id>              # compatibility alias for unblock
+securenow blocklist list --status removed    # audit retained unblocks
 securenow blocklist stats                    # block counts, top reasons
 ```
 
+Unblock stops firewall enforcement but preserves the block report, history, and
+unblock audit fields. Reblocking the same IP later creates a fresh active block
+without erasing the previous investigation trail.
+
+MCP exposes legacy pending-block cleanup separately from current Requires Human
+work:
+
+- `securenow_blocklist_unblock`
+- `securenow_blocklist_remove` (compatibility alias for unblock)
+- `securenow_blocklist_pending_list`
+- `securenow_blocklist_pending_approve`
+- `securenow_blocklist_pending_reject`
+- `securenow_blocklist_pending_bulk_approve`
+- `securenow_blocklist_pending_bulk_reject`
+- prompt: `cleanup_legacy_pending_blocks`
+
 ### Automation Rules
 
 ```bash
 securenow automation                         # list blocklist automation rules
+securenow automation defaults --yes          # ensure built-in default risk-score rules
 securenow automation show <id>
 securenow automation dry-run <id> --limit 500
 securenow automation execute <id> --yes
 ```
+
+Built-in default automation is enabled by default for all apps/environments and
+uses the canonical `riskScore`: 95-100 blocks for 7 days, 90-94 blocks for 72h,
+85-89 blocks for 24h, and scores below 85 stay in investigation/review unless
+the customer adds a stricter custom rule. Raw SecureNow IPDB confidence remains
+supporting evidence, not the primary automation score.
 
 ### Allowlist — Restrict to Known IPs
 

package/cli/automation.js

@@ -249,6 +249,34 @@ async function execute(args, flags) {
   }
 }
 
+async function defaults(args, flags) {
+  requireAuth();
+  if ((flags['force-enable'] || flags.force) && !flags.yes) {
+    const ok = await ui.confirm('Re-enable existing SecureNow default automation rules that were disabled?');
+    if (!ok) { ui.info('Cancelled'); return; }
+  }
+
+  const s = ui.spinner('Ensuring default automation rules');
+  try {
+    const data = await api.post('/automation-rules/defaults/ensure', {
+      forceEnableExisting: !!(flags['force-enable'] || flags.force),
+    });
+    s.stop('Default automation rules ensured');
+    if (flags.json) { ui.json(data); return; }
+
+    const result = data.result || {};
+    ui.keyValue([
+      ['Version', String(result.version ?? '-')],
+      ['Created', String(result.created ?? 0)],
+      ['Updated', String(result.updated ?? 0)],
+      ['Already present', String(result.alreadyProvisioned ?? 0)],
+    ]);
+  } catch (err) {
+    s.fail('Failed to ensure default automation rules');
+    throw err;
+  }
+}
+
 async function remove(args, flags) {
   requireAuth();
   const id = args[0];
@@ -272,4 +300,4 @@ async function remove(args, flags) {
   }
 }
 
-module.exports = { list, show, create, update, dryRun, execute, remove };
+module.exports = { list, show, create, update, dryRun, execute, defaults, remove };

package/cli/human.js

@@ -42,6 +42,78 @@ function parseTaskRef(ref) {
   return { kind: 'notification', notificationId: text };
 }
 
+function parseJsonOrList(value) {
+  if (value == null || value === true) return [];
+  if (Array.isArray(value)) return value.filter(Boolean).map(String);
+  const text = String(value).trim();
+  if (!text) return [];
+  if (text.startsWith('[')) {
+    try {
+      const parsed = JSON.parse(text);
+      return Array.isArray(parsed) ? parsed.filter(Boolean).map(String) : [];
+    } catch {}
+  }
+  return text.split(/\r?\n|;;/).map((item) => item.trim()).filter(Boolean);
+}
+
+function parseCommaList(value) {
+  if (value == null || value === true) return [];
+  if (Array.isArray(value)) return value.flatMap(parseCommaList);
+  const text = String(value).trim();
+  if (!text) return [];
+  if (text.startsWith('[')) return parseJsonOrList(text);
+  return text.split(',').map((item) => item.trim()).filter(Boolean);
+}
+
+function defaultReviewedHistory(task = {}) {
+  const history = [];
+  if (taskLabel(task)) history.push(`Case: ${taskLabel(task)}`);
+  if (task.aiDecision?.label || task.aiDecision?.recommendation) history.push(`AI recommendation: ${task.aiDecision.label || task.aiDecision.recommendation}`);
+  if (task.aiDecision?.reason) history.push(`AI reason: ${task.aiDecision.reason}`);
+  if (task.aiDecision?.confidence != null) history.push(`AI confidence: ${Math.round(Number(task.aiDecision.confidence))}%`);
+  if (task.proofs?.paths?.length) history.push(`Paths: ${formatList(task.proofs.paths, 8)}`);
+  if (task.proofs?.methods?.length) history.push(`Methods: ${formatList(task.proofs.methods, 8)}`);
+  if (task.proofs?.statusCodes?.length) history.push(`Status codes: ${formatList(task.proofs.statusCodes.map(String), 8)}`);
+  if (task.proofs?.userAgents?.length) history.push(`User agents: ${formatList(task.proofs.userAgents, 4)}`);
+  if (task.proofs?.traceIds?.length) history.push(`Trace IDs: ${formatList(task.proofs.traceIds, 8)}`);
+  return history;
+}
+
+function buildDecisionReport(task, flags = {}, outcome, fallbackSummary) {
+  let report = {};
+  if (flags.report) {
+    try {
+      report = JSON.parse(flags.report);
+    } catch (err) {
+      ui.error(`Invalid --report JSON: ${err.message}`);
+      process.exit(1);
+    }
+  }
+
+  const explicitEvidence = parseJsonOrList(flags.evidence);
+  const explicitHistory = parseJsonOrList(flags.history);
+  const explicitMissingProof = parseJsonOrList(flags['missing-proof']);
+  const explicitRecommendations = parseJsonOrList(flags.recommendations);
+  const traceIds = parseCommaList(flags['trace-ids']);
+
+  return {
+    source: 'cli',
+    outcome: flags.outcome || report.outcome || outcome || 'other',
+    summary: flags.summary || report.summary || fallbackSummary || flags.reason || '',
+    reason: flags.reason || report.reason || '',
+    evidence: explicitEvidence.length ? explicitEvidence : asArray(report.evidence),
+    reviewedHistory: explicitHistory.length ? explicitHistory : (asArray(report.reviewedHistory).length ? asArray(report.reviewedHistory) : defaultReviewedHistory(task)),
+    traceIds: traceIds.length ? traceIds : (asArray(report.traceIds).length ? asArray(report.traceIds) : asArray(task?.proofs?.traceIds)),
+    paths: asArray(report.paths).length ? asArray(report.paths) : asArray(task?.proofs?.paths),
+    methods: asArray(report.methods).length ? asArray(report.methods) : asArray(task?.proofs?.methods),
+    statusCodes: asArray(report.statusCodes).length ? asArray(report.statusCodes) : asArray(task?.proofs?.statusCodes).map(String),
+    userAgents: asArray(report.userAgents).length ? asArray(report.userAgents) : asArray(task?.proofs?.userAgents),
+    missingProof: explicitMissingProof.length ? explicitMissingProof : asArray(report.missingProof),
+    recommendations: explicitRecommendations.length ? explicitRecommendations : asArray(report.recommendations),
+    rawData: report.rawData || null,
+  };
+}
+
 async function fetchQueue(flags = {}) {
   const query = {
     page: flags.page || 1,
@@ -180,7 +252,7 @@ function printAiReport(ipReport = {}, notification = {}) {
 
   if (steps.length) {
     console.log('');
-    console.log(`  ${ui.c.bold('DAG steps')}`);
+    console.log(`  ${ui.c.bold('Investigation steps')}`);
     const rows = steps.map((step) => [
       step.id,
       step.status || '-',
@@ -323,12 +395,13 @@ async function action(args, flags) {
 
   const result = flags.result ? JSON.parse(flags.result) : {};
   if (flags.reason) result.reason = flags.reason;
+  const decisionReport = buildDecisionReport(task || { notificationId, actionKey }, flags, flags.outcome || 'case_action', result.summary || result.reason || `Case action ${status}`);
 
   const s = ui.spinner('Updating case action');
   try {
     const data = await api.put(
       `/notifications/${encodeURIComponent(notificationId)}/agent-case/actions/${encodeURIComponent(actionKey)}`,
-      { status, result }
+      { status, result, reportSource: 'cli', ips: parseCommaList(flags.ips), decisionReport }
     );
     s.stop('Case action updated');
     if (flags.json) { ui.json(data); return; }
@@ -358,6 +431,8 @@ async function block(args, flags) {
       riskScore: task.aiDecision?.riskScore ?? undefined,
       decisionSource: 'ai_dag',
       note: reason,
+      reportSource: 'cli',
+      decisionReport: buildDecisionReport(task, flags, 'blocked', reason),
     };
     const data = await api.put(`/notifications/${encodeURIComponent(task.notificationId)}/ips/${encodeURIComponent(task.ip)}/status`, body);
     s.stop(`${task.ip} blocked`);
@@ -391,6 +466,8 @@ async function fp(args, flags) {
       applyToExisting: flags['apply-existing'] != null ? flags['apply-existing'] !== 'false' : Boolean(scope.applyToExisting),
       ruleScope: flags['rule-scope'] || scope.ruleScope || 'this_rule',
       aiConfidence: task.aiDecision?.confidence ?? null,
+      reportSource: 'cli',
+      decisionReport: buildDecisionReport(task, flags, 'false_positive', reason),
     };
     const data = await api.post(`/notifications/${encodeURIComponent(task.notificationId)}/ips/${encodeURIComponent(task.ip)}/false-positive`, body);
     s.stop(`${task.ip} marked false positive`);
@@ -402,6 +479,43 @@ async function fp(args, flags) {
   }
 }
 
+async function report(args, flags) {
+  requireAuth();
+  const ref = args[0];
+  const { task } = await resolveTask(ref, flags);
+  const outcome = flags.outcome || (task.kind === 'case_action' || task.actionKey ? 'case_action' : 'other');
+  const summary = flags.summary || flags.reason || `Decision report recorded for ${taskLabel(task)}`;
+
+  if (!flags.yes && !flags.force) {
+    const target = task.ip ? `${task.ip}` : `${task.notificationId}`;
+    const ok = await ui.confirm(`Record decision report for ${target}?`);
+    if (!ok) return;
+  }
+
+  const s = ui.spinner('Recording decision report');
+  try {
+    const decisionReport = buildDecisionReport(task, flags, outcome, summary);
+    let data;
+    if (task.ip) {
+      data = await api.post(
+        `/notifications/${encodeURIComponent(task.notificationId)}/ips/${encodeURIComponent(task.ip)}/decision-report`,
+        { reportSource: 'cli', reason: flags.reason || summary, outcome, decisionReport }
+      );
+    } else {
+      data = await api.post(
+        `/notifications/${encodeURIComponent(task.notificationId)}/decision-report`,
+        { reportSource: 'cli', reason: flags.reason || summary, outcome, ips: parseCommaList(flags.ips), decisionReport }
+      );
+    }
+    s.stop('Decision report recorded');
+    if (flags.json) ui.json(data);
+    else ui.success(`Recorded decision report: ${decisionReport.outcome}`);
+  } catch (err) {
+    s.fail('Failed to record decision report');
+    throw err;
+  }
+}
+
 function mcpPromptText(ref, flags = {}) {
   const rowText = ref ? `Start with human action row/id: ${ref}.` : 'Work the human action queue from most urgent to least urgent.';
   const limit = flags.limit || 10;
@@ -417,14 +531,15 @@ function mcpPromptText(ref, flags = {}) {
     ref
       ? '2. Select the requested row number or task id, then call securenow_notifications_get and securenow_human_action_report for its notificationId and IP.'
       : '2. For each task, call securenow_notifications_get and securenow_human_action_report for the notificationId and IP.',
-    '3. Read the AI report, finalDecision, DAG steps, findings, proofs, metadata paths/user agents/status codes, and trace IDs.',
+    '3. Read the AI report, finalDecision, investigation steps, findings, proofs, metadata paths/user agents/status codes, and trace IDs.',
     '4. Open/inspect trace evidence with securenow_traces_show and securenow_logs_for_trace when trace IDs are available.',
     '5. Decide one outcome: block the IP, mark a scoped false positive, recommend alert-rule tuning, or skip if evidence is ambiguous.',
-    '6. For block decisions, call securenow_human_action_block with confirm:true and a precise reason.',
-    '7. For false positives, call securenow_human_action_false_positive with confirm:true, the narrowest available conditions, and a precise reason.',
+    '6. For block decisions, call securenow_human_action_block with confirm:true, a precise reason, and a decisionReport with summary/evidence/reviewedHistory/traceIds.',
+    '7. For false positives, call securenow_human_action_false_positive with confirm:true, the narrowest available conditions, a precise reason, and a decisionReport.',
     '8. For case-level tune_rule/create_exclusion rows, inspect the notification case and use securenow_human_case_action_update only when the proposed action is safe.',
-    '9. If many IPs share the same benign path/status/user-agent pattern, recommend tightening the alert rule with a precise guard instead of reviewing each IP as malicious.',
-    '10. Summarize each row handled, skipped, rule tuning needed, and still waiting. Do not globally trust an IP by default.',
+    '9. For skipped/ambiguous/rule-tuning-needed rows that should be auditable without changing status, call securenow_human_action_decision_report_add or securenow_human_case_decision_report_add with the missing proof.',
+    '10. If many IPs share the same benign path/status/user-agent pattern, recommend tightening the alert rule with a precise guard instead of reviewing each IP as malicious.',
+    '11. Summarize each row handled, skipped, rule tuning needed, and still waiting. Do not globally trust an IP by default.',
     '',
     'Safety:',
     '- Do not call write tools without confirm:true and a reason.',
@@ -455,6 +570,7 @@ module.exports = {
   action,
   block,
   fp,
+  report,
   prompt,
   work,
 };

package/cli/security.js

@@ -339,6 +339,12 @@ async function blocklistList(args, flags) {
     if (flags.limit) query.limit = flags.limit;
     if (flags.app) query.appKey = flags.app;
     if (flags.env || flags.environment) query.environment = flags.env || flags.environment;
+    if (flags.status) query.status = flags.status;
+    if (flags.search) query.search = flags.search;
+    if (flags.view) query.view = flags.view;
+    if (flags.approvalStatus || flags['approval-status']) {
+      query.approvalStatus = flags.approvalStatus || flags['approval-status'];
+    }
     const data = await api.get('/blocklist', { query });
     const items = data.blockedIps || [];
     s.stop(`Found ${items.length} blocked IP${items.length !== 1 ? 's' : ''}${data.total ? ` (${data.total} total)` : ''}`);
@@ -348,15 +354,17 @@ async function blocklistList(args, flags) {
     console.log('');
     const rows = items.map(b => [
       ui.c.dim(ui.truncate(b._id, 12)),
-      ui.c.red(b.ip || b.cidr || '—'),
-      ui.truncate(b.reason || '', 40),
+      ui.c.red(b.ip || b.cidr || '—'),
+      ui.truncate(b.reason || '', 40),
       b.source || '—',
+      b.status || 'active',
       b.applicationKey || ui.c.dim('all apps'),
       b.environment || ui.c.dim('all envs'),
       ui.timeAgo(b.createdAt),
+      b.unblockedAt ? ui.timeAgo(b.unblockedAt) : ui.c.dim('—'),
       b.expiresAt ? new Date(b.expiresAt).toLocaleDateString() : ui.c.dim('permanent'),
     ]);
-    ui.table(['ID', 'IP/CIDR', 'Reason', 'Source', 'App', 'Env', 'Added', 'Expires'], rows);
+    ui.table(['ID', 'IP/CIDR', 'Reason', 'Source', 'Status', 'App', 'Env', 'Added', 'Unblocked', 'Expires'], rows);
     console.log('');
   } catch (err) {
     s.fail('Failed to fetch blocklist');
@@ -390,26 +398,28 @@ async function blocklistAdd(args, flags) {
 
 async function blocklistRemove(args, flags) {
   requireAuth();
-  const id = args[0];
-  if (!id) {
-    ui.error('Blocklist entry ID required. Usage: securenow blocklist remove <id>');
-    process.exit(1);
-  }
-
-  if (!flags.force && !flags.yes) {
-    const ok = await ui.confirm('Remove this IP from blocklist?');
-    if (!ok) { ui.info('Cancelled'); return; }
-  }
-
-  const s = ui.spinner('Removing from blocklist');
-  try {
-    await api.delete(`/blocklist/${id}`);
-    s.stop('Removed from blocklist');
-  } catch (err) {
-    s.fail('Failed to remove from blocklist');
-    throw err;
-  }
-}
+  const id = args[0];
+  if (!id) {
+    ui.error('Blocklist entry ID required. Usage: securenow blocklist unblock <id> [--reason <reason>]');
+    process.exit(1);
+  }
+
+  if (!flags.force && !flags.yes) {
+    const ok = await ui.confirm('Unblock this IP? Firewall enforcement stops, but block report and history stay saved.');
+    if (!ok) { ui.info('Cancelled'); return; }
+  }
+
+  const s = ui.spinner('Unblocking IP');
+  try {
+    const body = {};
+    if (flags.reason) body.reason = flags.reason;
+    await api.post(`/blocklist/${id}/unblock`, body);
+    s.stop('Unblocked; block report and history retained');
+  } catch (err) {
+    s.fail('Failed to unblock IP');
+    throw err;
+  }
+}
 
 async function blocklistStats(args, flags) {
   requireAuth();
@@ -926,7 +936,7 @@ async function ipLookup(args, flags) {
     if (data.domain) pairs.push(['Domain', data.domain]);
     if (data.isp) pairs.push(['ISP', data.isp]);
     if (data.usageType) pairs.push(['Usage Type', data.usageType]);
-    if (data.abuseConfidenceScore != null) pairs.push(['Abuse Score', `${data.abuseConfidenceScore}/100`]);
+    if (data.abuseConfidenceScore != null) pairs.push(['SecureNow IPDB Score', `${data.abuseConfidenceScore}/100`]);
     if (data.securenowScore != null) pairs.push(['SecureNow Score', String(data.securenowScore)]);
     if (data.verdict) pairs.push(['Verdict', data.verdict]);
     if (data.isMalicious != null) pairs.push(['Malicious', data.isMalicious ? ui.c.red('Yes') : ui.c.green('No')]);

package/cli.js

@@ -164,13 +164,22 @@ const COMMANDS = {
   },
   human: {
     desc: 'Work the human action queue prepared by SecureNow AI',
-    usage: 'securenow human <list|show|block|fp|action|prompt|work> [row|notificationId:ip] [options]',
+    usage: 'securenow human <list|show|block|fp|report|action|prompt|work> [row|notificationId:ip] [options]',
     flags: {
       json: 'Output as JSON',
       page: 'Queue page number',
       limit: 'Queue page size',
       search: 'Search IP, rule, path, or verdict',
       reason: 'Reason for block/false-positive decisions',
+      summary: 'Decision report summary to write to the IP history',
+      outcome: 'Decision report outcome: blocked, false_positive, clean, deferred, case_action, rule_tuning, new_alert_rule, ambiguous, skipped, other',
+      evidence: 'Decision evidence; repeat as newline/;; separated text or JSON array',
+      history: 'Reviewed history/proofs; newline/;; separated text or JSON array',
+      'trace-ids': 'Comma-separated trace IDs reviewed for the decision',
+      ips: 'Comma-separated IPs affected by a case-level decision report',
+      'missing-proof': 'Missing proof for skipped or ambiguous rows',
+      recommendations: 'Follow-up recommendations; newline/;; separated text or JSON array',
+      report: 'Full decision report JSON object',
       yes: 'Confirm write actions without prompting',
       force: 'Alias for --yes',
       conditions: 'False-positive conditions JSON array',
@@ -185,9 +194,10 @@ const COMMANDS = {
     },
     sub: {
       list: { desc: 'List human decisions AI prepared', run: (a, f) => require('./cli/human').list(a, f) },
-      show: { desc: 'Show one row with AI report, proofs, DAG, and trace links', usage: 'securenow human show <row|notificationId:ip>', run: (a, f) => require('./cli/human').show(a, f) },
+      show: { desc: 'Show one row with AI report, proofs, investigation steps, and trace links', usage: 'securenow human show <row|notificationId:ip>', run: (a, f) => require('./cli/human').show(a, f) },
       block: { desc: 'Approve the AI block recommendation for a row', usage: 'securenow human block <row|notificationId:ip> --yes --reason "..."', run: (a, f) => require('./cli/human').block(a, f) },
       fp: { desc: 'Mark a row as a scoped false positive', usage: 'securenow human fp <row|notificationId:ip> --yes --reason "..."', run: (a, f) => require('./cli/human').fp(a, f) },
+      report: { desc: 'Record a structured decision report on a row without changing status', usage: 'securenow human report <row|notificationId:ip> --yes --outcome ambiguous --summary "..."', run: (a, f) => require('./cli/human').report(a, f) },
       action: { desc: 'Approve/reject/execute a case-level proposed action', usage: 'securenow human action <row|notificationId> [actionKey] --status approved --yes --reason "..."', run: (a, f) => require('./cli/human').action(a, f) },
       prompt: { desc: 'Print a Codex/Claude MCP prompt for row or queue work', usage: 'securenow human prompt [row|notificationId:ip] [--limit 10]', run: (a, f) => require('./cli/human').prompt(a, f) },
       work: { desc: 'List the queue and print the MCP runbook to work it deeply', usage: 'securenow human work [--limit 10]', run: (a, f) => require('./cli/human').work(a, f) },
@@ -245,7 +255,7 @@ const COMMANDS = {
   },
   automation: {
     desc: 'Manage automation rules for blocklist actions',
-    usage: 'securenow automation <list|show|create|update|dry-run|execute|delete> [rule-id] [options]',
+    usage: 'securenow automation <list|defaults|show|create|update|dry-run|execute|delete> [rule-id] [options]',
     flags: {
       json: 'Output as JSON',
       body: 'Full JSON body for create/update',
@@ -270,6 +280,7 @@ const COMMANDS = {
     },
     sub: {
       list: { desc: 'List automation rules', run: (a, f) => require('./cli/automation').list(a, f) },
+      defaults: { desc: 'Ensure SecureNow default risk-score automation rules', usage: 'securenow automation defaults [--force-enable] [--yes]', run: (a, f) => require('./cli/automation').defaults(a, f) },
       show: { desc: 'Show automation rule details', usage: 'securenow automation show <rule-id>', run: (a, f) => require('./cli/automation').show(a, f) },
       create: { desc: 'Create automation rule', usage: 'securenow automation create --name "..." --conditions \'[...]\' --actions \'[...]\'', run: (a, f) => require('./cli/automation').create(a, f) },
       update: { desc: 'Update automation rule', usage: 'securenow automation update <rule-id> --body \'{...}\'', run: (a, f) => require('./cli/automation').update(a, f) },
@@ -282,13 +293,14 @@ const COMMANDS = {
   blocklist: {
     desc: 'Manage IP blocklist',
     usage: 'securenow blocklist <subcommand> [options]',
-    flags: { app: 'Scope to app key', env: 'Scope to environment', environment: 'Alias for --env', page: 'Page number', limit: 'Max results', json: 'Output as JSON' },
+    flags: { app: 'Scope to app key', env: 'Scope to environment', environment: 'Alias for --env', page: 'Page number', limit: 'Max results', status: 'Entry status: active or removed', 'approval-status': 'Approval filter: pending, approved, or rejected', search: 'IP prefix search', view: 'List view: all or operational', reason: 'Audit reason for unblock', json: 'Output as JSON' },
     sub: {
       list: { desc: 'List blocked IPs', run: (a, f) => require('./cli/security').blocklistList(a, f) },
       add: { desc: 'Block an IP', usage: 'securenow blocklist add <ip> [--app <key>] [--env production] [--reason <reason>]', run: (a, f) => require('./cli/security').blocklistAdd(a, f) },
-      remove: { desc: 'Unblock an IP', usage: 'securenow blocklist remove <id>', run: (a, f) => require('./cli/security').blocklistRemove(a, f) },
-      stats: { desc: 'Blocklist statistics', run: (a, f) => require('./cli/security').blocklistStats(a, f) },
-    },
+      unblock: { desc: 'Unblock an IP and keep block history', usage: 'securenow blocklist unblock <id> [--reason <reason>]', run: (a, f) => require('./cli/security').blocklistRemove(a, f) },
+      remove: { desc: 'Unblock an IP (compatibility alias)', usage: 'securenow blocklist remove <id> [--reason <reason>]', run: (a, f) => require('./cli/security').blocklistRemove(a, f) },
+      stats: { desc: 'Blocklist statistics', run: (a, f) => require('./cli/security').blocklistStats(a, f) },
+    },
     defaultSub: 'list',
   },
   allowlist: {

package/mcp/catalog.js

@@ -162,6 +162,26 @@ const environmentInput = {
   environment: string('Deployment environment scope: production, staging, preview, local, test, or all. Default for investigations is production.'),
 };
 
+const decisionReportInput = {
+  decisionReport: {
+    type: 'object',
+    additionalProperties: true,
+    description: 'Structured audit report explaining the decision, evidence reviewed, trace IDs, missing proof, and recommendations.',
+  },
+  decisionSummary: string('Short decision summary to record on the IP/case history.'),
+  outcome: string('Decision outcome: blocked, false_positive, clean, deferred, case_action, rule_tuning, new_alert_rule, ambiguous, skipped, or other.'),
+  evidence: arrayOfStrings('Evidence strings that support the decision.'),
+  reviewedHistory: arrayOfStrings('History/proofs reviewed before deciding.'),
+  traceIds: arrayOfStrings('Trace IDs reviewed for this decision.'),
+  paths: arrayOfStrings('Paths/endpoints reviewed for this decision.'),
+  ips: arrayOfStrings('IP addresses affected by this case-level decision report.'),
+  methods: arrayOfStrings('HTTP methods reviewed for this decision.'),
+  statusCodes: arrayOfStrings('HTTP status codes reviewed for this decision.'),
+  userAgents: arrayOfStrings('User agents reviewed for this decision.'),
+  missingProof: arrayOfStrings('Proof that was missing when the row is skipped or ambiguous.'),
+  recommendations: arrayOfStrings('Follow-up recommendations to record with the decision.'),
+};
+
 const TOOLS = [
   {
     name: 'securenow_auth_status',
@@ -286,7 +306,7 @@ const TOOLS = [
     bodyFields: ['confidenceMinimum', 'environment'],
     inputSchema: objectSchema({
       appKey: string('Application key UUID.'),
-      confidenceMinimum: number('Minimum SecureNow IPDB abuse confidence score.', { minimum: 0, maximum: 100 }),
+      confidenceMinimum: number('Minimum SecureNow IPDB confidence score.', { minimum: 0, maximum: 100 }),
       ...environmentInput,
       ...confirmSchema,
     }, ['appKey', 'confidenceMinimum', 'confirm', 'reason']),
@@ -455,7 +475,7 @@ const TOOLS = [
   {
     name: 'securenow_human_action_report',
     title: 'Get Human Action Report',
-    description: 'Fetch the full IP investigation report, DAG steps, proofs, metadata, and AI decision for one human action row.',
+    description: 'Fetch the full IP investigation report, investigation steps, proofs, metadata, and AI decision for one human action row.',
     scope: 'notifications:read',
     readOnly: true,
     method: 'GET',
@@ -469,7 +489,7 @@ const TOOLS = [
   {
     name: 'securenow_human_action_block',
     title: 'Approve AI Block Recommendation',
-    description: 'Approve the AI-prepared block decision for an IP. Write action; requires confirmation.',
+    description: 'Approve the AI-prepared block decision for an IP and optionally attach a structured decision report to the IP history. Write action; requires confirmation.',
     scope: 'notifications:write',
     readOnly: false,
     destructive: true,
@@ -477,29 +497,50 @@ const TOOLS = [
     method: 'PUT',
     endpoint: '/notifications/:notificationId/ips/:ip/status',
     pathParams: ['notificationId', 'ip'],
-    fixedBody: { status: 'blocked', decisionSource: 'ai_dag' },
+    fixedBody: { status: 'blocked', decisionSource: 'ai_dag', reportSource: 'mcp' },
     reasonAsNote: true,
-    bodyFields: ['note', 'verdict', 'riskScore'],
+    bodyFields: ['note', 'verdict', 'riskScore', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
     inputSchema: objectSchema({
       notificationId: string('Notification id from the human action row.'),
       ip: string('IP address to block.'),
       note: string('Audit note explaining why the AI block was approved.'),
       verdict: string('Optional final verdict text.'),
       riskScore: number('Optional risk score.', { minimum: 0, maximum: 100 }),
+      ...decisionReportInput,
+      ...confirmSchema,
+    }, ['notificationId', 'ip', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_human_action_decision_report_add',
+    title: 'Record Human Action Decision Report',
+    description: 'Attach a structured analyst/MCP decision report to one Requires Human IP row without changing its status. Use for skipped, ambiguous, rule-tuning-needed, or already-handled rows. Write action; requires confirmation.',
+    scope: 'notifications:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/notifications/:notificationId/ips/:ip/decision-report',
+    pathParams: ['notificationId', 'ip'],
+    fixedBody: { reportSource: 'mcp' },
+    bodyFields: ['reason', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
+    inputSchema: objectSchema({
+      notificationId: string('Notification id from the human action row.'),
+      ip: string('IP address for the report.'),
+      ...decisionReportInput,
       ...confirmSchema,
     }, ['notificationId', 'ip', 'confirm', 'reason']),
   },
   {
     name: 'securenow_human_action_false_positive',
     title: 'Mark Human Action False Positive',
-    description: 'Mark an AI-prepared human action as a scoped false positive. Write action; requires confirmation.',
+    description: 'Mark an AI-prepared human action as a scoped false positive and optionally attach a structured decision report to the IP history. Write action; requires confirmation.',
     scope: 'notifications:write',
     readOnly: false,
     confirm: true,
     method: 'POST',
     endpoint: '/notifications/:notificationId/ips/:ip/false-positive',
     pathParams: ['notificationId', 'ip'],
-    bodyFields: ['reason', 'conditions', 'matchMode', 'createExclusion', 'applyToExisting', 'ruleScope', 'targetRuleIds', 'aiConfidence'],
+    fixedBody: { reportSource: 'mcp' },
+    bodyFields: ['reason', 'conditions', 'matchMode', 'createExclusion', 'applyToExisting', 'ruleScope', 'targetRuleIds', 'aiConfidence', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
     inputSchema: objectSchema({
       notificationId: string('Notification id from the human action row.'),
       ip: string('IP address to mark as false positive.'),
@@ -510,6 +551,7 @@ const TOOLS = [
       ruleScope: string('Scope: this_rule, specific_rules, all_existing, or any_rule.'),
       targetRuleIds: arrayOfStrings('Specific rule ids when ruleScope is specific_rules.'),
       aiConfidence: number('AI confidence for audit metadata.', { minimum: 0, maximum: 100 }),
+      ...decisionReportInput,
       ...confirmSchema,
     }, ['notificationId', 'ip', 'confirm', 'reason']),
   },
@@ -523,16 +565,36 @@ const TOOLS = [
     method: 'PUT',
     endpoint: '/notifications/:notificationId/agent-case/actions/:actionKey',
     pathParams: ['notificationId', 'actionKey'],
-    bodyFields: ['status', 'result'],
+    fixedBody: { reportSource: 'mcp' },
+    bodyFields: ['status', 'result', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'ips', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
     reasonInResult: true,
     inputSchema: objectSchema({
       notificationId: string('Notification id from the case-action row.'),
       actionKey: string('Proposed action key from the row, for example tune_rule:...'),
       status: string('New status: proposed, approved, rejected, executed, or failed.'),
       result: { type: 'object', additionalProperties: true, description: 'Optional structured result/audit details.' },
+      ...decisionReportInput,
       ...confirmSchema,
     }, ['notificationId', 'actionKey', 'status', 'confirm', 'reason']),
   },
+  {
+    name: 'securenow_human_case_decision_report_add',
+    title: 'Record Case Decision Report',
+    description: 'Attach a structured analyst/MCP decision report to a notification/case without changing IP status or proposed action state. Write action; requires confirmation.',
+    scope: 'notifications:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/notifications/:notificationId/decision-report',
+    pathParams: ['notificationId'],
+    fixedBody: { reportSource: 'mcp' },
+    bodyFields: ['reason', 'decisionReport', 'decisionSummary', 'outcome', 'evidence', 'reviewedHistory', 'traceIds', 'paths', 'ips', 'methods', 'statusCodes', 'userAgents', 'missingProof', 'recommendations'],
+    inputSchema: objectSchema({
+      notificationId: string('Notification id from the case-action row.'),
+      ...decisionReportInput,
+      ...confirmSchema,
+    }, ['notificationId', 'confirm', 'reason']),
+  },
   {
     name: 'securenow_ip_lookup',
     title: 'IP Intelligence Lookup',
@@ -614,6 +676,21 @@ const TOOLS = [
     endpoint: '/automation-rules',
     inputSchema: objectSchema({}),
   },
+  {
+    name: 'securenow_automation_defaults_ensure',
+    title: 'Ensure Default Automation Rules',
+    description: 'Create or refresh SecureNow default risk-score automation rules for the current account. Write action; requires confirmation.',
+    scope: 'automation:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/automation-rules/defaults/ensure',
+    bodyFields: ['forceEnableExisting'],
+    inputSchema: objectSchema({
+      forceEnableExisting: boolean('Re-enable existing SecureNow default rules if the customer disabled them. Defaults to false.'),
+      ...confirmSchema,
+    }, ['confirm', 'reason']),
+  },
   {
     name: 'securenow_automation_rule_get',
     title: 'Get Automation Rule',
@@ -636,13 +713,14 @@ const TOOLS = [
     confirm: true,
     method: 'POST',
     endpoint: '/automation-rules',
-    bodyFields: ['name', 'description', 'conditions', 'conditionLogic', 'actions', 'applicationsAll', 'applicationKeys', 'environmentsAll', 'environments'],
+    bodyFields: ['name', 'description', 'conditions', 'conditionLogic', 'actions', 'status', 'applicationsAll', 'applicationKeys', 'environmentsAll', 'environments'],
     inputSchema: objectSchema({
       name: string('Rule name.'),
       description: string('Optional rule description.'),
       conditions: { type: 'array', items: { type: 'object', additionalProperties: true }, description: 'Condition array. Fields include abuseConfidenceScore, riskScore, alertName, alertTag, attackType, path, environment.' },
       conditionLogic: string('AND or OR.'),
       actions: { type: 'array', items: { type: 'object', additionalProperties: true }, description: 'Action array, for example [{ "type":"addToBlocklist", "config":{ "reason":"...", "ttlHours":24 }}].' },
+      status: string('Initial rule status: active or disabled. Defaults to active.'),
       applicationsAll: boolean('Apply to all applications.'),
       applicationKeys: arrayOfStrings('Application keys when not applying to all applications.'),
       environmentsAll: boolean('Apply to all environments.'),
@@ -864,13 +942,97 @@ const TOOLS = [
     readOnly: true,
     method: 'GET',
     endpoint: '/blocklist',
-    queryFields: ['page', 'limit', 'appKey', 'environment'],
+    queryFields: ['page', 'limit', 'status', 'approvalStatus', 'search', 'view', 'appKey', 'environment'],
     inputSchema: objectSchema({
       ...pagingInput,
+      status: string('Block entry status: active or removed. Defaults to active.'),
+      approvalStatus: string('Optional approval filter: pending, approved, or rejected.'),
+      search: string('Optional IP prefix search.'),
+      view: string('List view: all or operational.'),
       appKey: string('Optional application key scope.'),
       ...environmentInput,
     }),
   },
+  {
+    name: 'securenow_blocklist_pending_list',
+    title: 'List Pending Block Approvals',
+    description: 'List legacy or AI-prepared blocklist entries with approvalStatus=pending. Pending blocks are not enforced until approved.',
+    scope: 'blocklist:read',
+    readOnly: true,
+    method: 'GET',
+    endpoint: '/blocklist/pending',
+    queryFields: ['page', 'limit', 'search', 'appKey', 'environment'],
+    inputSchema: objectSchema({
+      ...pagingInput,
+      search: string('Optional IP prefix search.'),
+      appKey: string('Optional application key scope.'),
+      ...environmentInput,
+    }),
+  },
+  {
+    name: 'securenow_blocklist_pending_approve',
+    title: 'Approve Pending Block',
+    description: 'Approve one pending blocklist entry so the firewall enforces it. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    destructive: true,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/:id/approve',
+    pathParams: ['id'],
+    bodyFields: ['reason'],
+    inputSchema: objectSchema({
+      id: string('Pending blocklist entry id.'),
+      ...confirmSchema,
+    }, ['id', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_blocklist_pending_reject',
+    title: 'Reject Pending Block',
+    description: 'Reject one pending blocklist entry and remove it from enforcement consideration. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/:id/reject',
+    pathParams: ['id'],
+    bodyFields: ['reason'],
+    inputSchema: objectSchema({
+      id: string('Pending blocklist entry id.'),
+      ...confirmSchema,
+    }, ['id', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_blocklist_pending_bulk_approve',
+    title: 'Bulk Approve Pending Blocks',
+    description: 'Approve multiple pending blocklist entries after they have all been reviewed under the same safe policy. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    destructive: true,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/bulk-approve',
+    bodyFields: ['ids', 'reason'],
+    inputSchema: objectSchema({
+      ids: arrayOfStrings('Pending blocklist entry ids to approve.'),
+      ...confirmSchema,
+    }, ['ids', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_blocklist_pending_bulk_reject',
+    title: 'Bulk Reject Pending Blocks',
+    description: 'Reject multiple pending blocklist entries after they have all been reviewed as false positives or stale/ambiguous. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/bulk-reject',
+    bodyFields: ['ids', 'reason'],
+    inputSchema: objectSchema({
+      ids: arrayOfStrings('Pending blocklist entry ids to reject.'),
+      ...confirmSchema,
+    }, ['ids', 'confirm', 'reason']),
+  },
   {
     name: 'securenow_blocklist_add',
     title: 'Add Blocked IP',
@@ -893,14 +1055,31 @@ const TOOLS = [
   },
   {
     name: 'securenow_blocklist_remove',
-    title: 'Remove Blocked IP',
-    description: 'Remove a blocklist entry. Write action; requires confirmation.',
+    title: 'Unblock IP (Compat Alias)',
+    description: 'Compatibility alias for unblocking a blocklist entry while retaining block report/history. Write action; requires confirmation.',
     scope: 'blocklist:write',
     readOnly: false,
     confirm: true,
-    method: 'DELETE',
-    endpoint: '/blocklist/:id',
+    method: 'POST',
+    endpoint: '/blocklist/:id/unblock',
+    pathParams: ['id'],
+    bodyFields: ['reason'],
+    inputSchema: objectSchema({
+      id: string('Blocklist entry id.'),
+      ...confirmSchema,
+    }, ['id', 'confirm', 'reason']),
+  },
+  {
+    name: 'securenow_blocklist_unblock',
+    title: 'Unblock IP And Keep History',
+    description: 'Unblock a blocklist entry so firewall enforcement stops, while retaining the block report, history, and unblock audit trail. Write action; requires confirmation.',
+    scope: 'blocklist:write',
+    readOnly: false,
+    confirm: true,
+    method: 'POST',
+    endpoint: '/blocklist/:id/unblock',
     pathParams: ['id'],
+    bodyFields: ['reason'],
     inputSchema: objectSchema({
       id: string('Blocklist entry id.'),
       ...confirmSchema,
@@ -1114,6 +1293,25 @@ const PROMPTS = [
       { name: 'confirmWrites', description: 'Set true only when the user explicitly wants the MCP agent to execute decisions.', required: false },
     ],
   },
+  {
+    name: 'cleanup_legacy_pending_blocks',
+    title: 'Clean Legacy Pending Blocks',
+    description: 'Use MCP tools to review and approve/reject legacy pending blocklist rows so only current human work remains.',
+    arguments: [
+      { name: 'limit', description: 'Maximum pending block rows to review this run. Defaults to 50.', required: false },
+      { name: 'environment', description: 'Environment scope. Defaults to production.', required: false },
+      { name: 'confirmWrites', description: 'Set true only when the user explicitly wants the MCP agent to execute approvals/rejections.', required: false },
+    ],
+  },
+  {
+    name: 'configure_default_automation',
+    title: 'Configure Default Automation',
+    description: 'Use MCP tools to set conservative default SecureNow automation rules based on the canonical riskScore and supporting evidence.',
+    arguments: [
+      { name: 'environment', description: 'Environment scope. Defaults to production.', required: false },
+      { name: 'confirmWrites', description: 'Set true only when the user explicitly wants the MCP agent to create/update automation rules.', required: false },
+    ],
+  },
 ];
 
 function promptMessages(name, args = {}) {
@@ -1186,11 +1384,11 @@ function promptMessages(name, args = {}) {
           text: [
             `Investigate Requires Human row ${rowNumber} using SecureNow MCP.`,
             `Fetch page=${page}, limit=${limit} with securenow_human_actions_list, select row ${rowNumber}, then call securenow_notifications_get and securenow_human_action_report for that notificationId and IP.`,
-            'Read the AI report, finalDecision, DAG steps, findings, proofs, metadata paths/user agents/status codes, and trace IDs.',
+            'Read the AI report, finalDecision, investigation steps, findings, proofs, metadata paths/user agents/status codes, and trace IDs.',
             'Open trace evidence with securenow_traces_show and correlated logs with securenow_logs_for_trace when trace IDs are available.',
             'Return one clear outcome: Block IP, False Positive, Rule Tuning Needed, or Ambiguous. If evidence is ambiguous, stop and explain what is missing.',
             confirmWrites
-              ? 'The user requested execution. If evidence supports the decision, call securenow_human_action_block or securenow_human_action_false_positive with confirm:true and a precise reason.'
+              ? 'The user requested execution. If evidence supports the decision, call securenow_human_action_block or securenow_human_action_false_positive with confirm:true, a precise reason, and a decisionReport containing summary, evidence, reviewedHistory, traceIds, and missingProof when relevant. If you skip/mark ambiguous but still need to record the audit trail, call securenow_human_action_decision_report_add.'
               : 'Do not execute write tools yet. Prepare the recommended decision and exact tool call the user can approve.',
             'If many IPs share the same benign path/status/user-agent pattern, recommend tightening the alert rule with a precise guard instead of reviewing each IP as malicious.',
             'False positives must be narrow: app + alert rule + path + method/status/user-agent/body evidence where possible. Never globally trust an IP by default.',
@@ -1211,10 +1409,10 @@ function promptMessages(name, args = {}) {
           text: [
             'Work my SecureNow Requires Human queue like a senior security analyst using the MCP tools.',
             `Review up to ${limit} row(s), most urgent first.${args.search ? ` Search filter: ${args.search}.` : ''}`,
-            'Start with securenow_human_actions_list. For each row, call securenow_notifications_get and securenow_human_action_report, inspect the AI report/DAG/proofs/trace IDs, and fetch trace/log evidence where useful.',
+            'Start with securenow_human_actions_list. For each row, call securenow_notifications_get and securenow_human_action_report, inspect the AI report/investigation steps/proofs/trace IDs, and fetch trace/log evidence where useful.',
             'For each row choose exactly one outcome: Block IP, False Positive, Rule Tuning Needed, or Skip because evidence is insufficient. Explain skipped rows.',
             confirmWrites
-              ? 'The user requested execution. For supported decisions, call the correct write tool with confirm:true and a precise reason, then continue.'
+              ? 'The user requested execution. For supported decisions, call the correct write tool with confirm:true, a precise reason, and a decisionReport containing summary, evidence, reviewedHistory, traceIds, and missingProof when relevant, then continue. For skipped/ambiguous/rule-tuning-needed rows that should be auditable without changing IP status, use securenow_human_action_decision_report_add.'
               : 'Do not execute write tools yet. Produce a row-by-row action plan and exact MCP write calls for user approval.',
             'For block decisions, use securenow_human_action_block. For false positives, use securenow_human_action_false_positive with restrictive conditions. For case-level tune_rule/create_exclusion rows, inspect securenow_notifications_get and then use securenow_human_case_action_update only when the action is safe to approve/reject.',
             'End with counts: handled, proposed block, proposed false positive, rule tuning needed, skipped, still waiting.',
@@ -1224,6 +1422,62 @@ function promptMessages(name, args = {}) {
     ];
   }
 
+  if (name === 'cleanup_legacy_pending_blocks') {
+    const limit = args.limit || 50;
+    const environment = args.environment || 'production';
+    const confirmWrites = args.confirmWrites === true || args.confirmWrites === 'true';
+    return [
+      {
+        role: 'user',
+        content: {
+          type: 'text',
+          text: [
+            'Clean my SecureNow legacy pending blocklist queue using MCP tools.',
+            `Review up to ${limit} pending block row(s). Environment scope: ${environment}.`,
+            'Start with securenow_blocklist_stats, then securenow_blocklist_pending_list({ page: 1, limit, environment }).',
+            'For each pending block, inspect id, IP, source, reason, metadata.riskScore, metadata.aiRiskScore, metadata.abuseConfidenceScore, automation rule, linked notification, age, app, and environment.',
+            'When investigationNotificationId exists, fetch securenow_notifications_get for that case and use the linked IP report/history as evidence.',
+            'Approve only when the row has clear malicious evidence, riskScore >= 90, or SecureNow IPDB evidence score >= 80 with no false-positive/test signal.',
+            'Reject stale, ambiguous, synthetic/test, self-traffic, or false-positive rows. Prefer narrow rule/exclusion tuning when the same benign pattern repeats.',
+            confirmWrites
+              ? 'The user requested execution. Use securenow_blocklist_pending_approve or securenow_blocklist_pending_reject with confirm:true and a precise reason. Use bulk tools only after every selected row satisfies the same reviewed policy.'
+              : 'Do not execute writes yet. Produce exact approve/reject MCP calls grouped by safe policy for user approval.',
+            'After each write or batch, re-fetch securenow_blocklist_stats and securenow_blocklist_pending_list until the legacy pending count is zero or only ambiguous rows remain.',
+            'End with counts: approved, rejected, skipped ambiguous, legacyPendingBlockCount, and remaining proof gaps.',
+          ].join('\n'),
+        },
+      },
+    ];
+  }
+
+  if (name === 'configure_default_automation') {
+    const environment = args.environment || 'production';
+    const confirmWrites = args.confirmWrites === true || args.confirmWrites === 'true';
+    return [
+      {
+        role: 'user',
+        content: {
+          type: 'text',
+          text: [
+            'Configure SecureNow default automation using the MCP tools.',
+            `Review environment context: ${environment}. Built-in defaults apply to all apps and all environments unless the customer narrows them later.`,
+            'Use one canonical product score for automation decisions: riskScore. SecureNow IPDB / AbuseIPDB score and AI confidence remain supporting evidence.',
+            'Built-in defaults are active by default:',
+            '- Critical Risk Auto-Block: riskScore>=95, TTL 168h.',
+            '- High Risk Auto-Block: riskScore>=90 AND riskScore<95, TTL 72h.',
+            '- Elevated Risk Auto-Block: riskScore>=85 AND riskScore<90, TTL 24h.',
+            'Start with securenow_automation_defaults_ensure({ confirm:true, reason:"Provision SecureNow default risk-score automation" }) when writes are confirmed, otherwise start with securenow_automation_rules_list and report what would be ensured.',
+            'After ensuring defaults, dry-run each default rule with securenow_automation_rule_dry_run to inspect sample matches. Disable or tune only if evidence shows customer-specific false positives.',
+            confirmWrites
+              ? 'The user requested execution. Ensure defaults with confirm:true, do not force-enable previously disabled defaults unless the user explicitly asked, and re-list rules after writes.'
+              : 'Do not execute writes yet. Return exact MCP update/create calls and dry-run calls for approval.',
+            'End with active rules, disabled rules that should stay disabled, and any risk from automation scope.',
+          ].join('\n'),
+        },
+      },
+    ];
+  }
+
   throw new Error(`Unknown prompt: ${name}`);
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "securenow",
-  "version": "7.7.5",
+  "version": "7.7.7",
   "description": "OpenTelemetry instrumentation for Node.js, Next.js, and Nuxt - Send traces and logs to any OTLP-compatible backend",
   "type": "commonjs",
   "main": "register.js",