spm-mcp 0.1.0

package/README.md

@@ -0,0 +1,156 @@
+# spm-mcp
+
+**Cursor for product management** — expert document review as MCP tools.
+
+AI made engineering 10x faster. But deciding *what* to build didn't get faster. SPM fixes the input — 30 domain-specific expert reviews that score your product documents against the standards senior PMs actually use.
+
+```bash
+npx spm-mcp
+```
+
+## The problem
+
+AI agents build what you specify — including every blind spot. A vague spec used to waste a sprint. Now it ships to production in hours. SPM catches the blind spots before they become shipped code.
+
+## What SPM reviews
+
+Not just PRDs. Every document in the PM lifecycle:
+
+- **Strategy** — Product Roadmap, Growth Strategy, Go-to-Market, OKR Planning, Product Vision
+- **Analysis** — Competitive Analysis, Market Research, Product Metrics, Stakeholder Management
+- **Execution** — User Stories, Feature Spec, Sprint Planning, PRD to Jira, Release Notes, Test Cases
+- **Discovery** — Problem Statement, Persona, Jobs-to-be-Done, Opportunity Assessment
+
+30 built-in expert reviews. Or create your own with `spm_create_custom_nano_app`.
+
+## Quick start
+
+### 1. Get your API key
+
+Sign in at [superproductmanager.ai](https://superproductmanager.ai) → Profile → Generate API Key
+
+### 2. Set it
+
+```bash
+export SPM_API_KEY=spm_k_your_key_here
+```
+
+### 3. Run
+
+```bash
+npx spm-mcp
+```
+
+## Tools
+
+| Tool | What it does |
+|------|-------------|
+| `spm_list_nano_apps` | Discover available expert reviews (30 built-in + your custom ones) |
+| `spm_analyze` | Score a document against domain-specific expert expectations. Every gap scored 0–1.0 with evidence. |
+| `spm_clarify` | Get decision-forcing questions for the weakest gaps. Questions escalate when you give vague answers. |
+| `spm_evaluate` | Re-score gaps after clarification rounds. Tracks progress. Use after every 3 rounds of `spm_clarify`. |
+| `spm_improve` | Generate paste-ready improvements grounded in your answers — not AI hallucination. |
+| `spm_create_custom_nano_app` | Create a custom expert review for any document type not covered by the built-in 30. |
+
+## How it works
+
+```
+Your document
+    → spm_analyze     Scores every gap 0–1.0 against expert expectations
+    → spm_clarify     Asks the questions your stakeholder would ask
+    → spm_evaluate    Re-scores — did the gap close?
+    → spm_improve     Generates improvements from YOUR answers
+```
+
+The clarification questions are the product. They surface the assumptions you've been carrying without examining. When you dodge, they escalate — evidence first, then action directives, then assumptions made on your behalf. Like a principal PM review, not a chatbot.
+
+## Example workflow
+
+```
+You:    Analyze this PRD with prd_critique
+SPM:    4 expectations scored. Problem Definition: 43/100. Success Metrics: 15/100.
+
+You:    Clarify the weakest gap
+SPM:    "Is operator churn or player registration drop-off your primary counter-metric?"
+
+You:    Operator churn — if >20% revert to WhatsApp, we've failed.
+SPM:    [re-evaluates] Counter-metric: 0 → 0.9. Now targeting: Instrumentation plan.
+
+You:    Improve the success metrics section
+SPM:    [generates paste-ready content grounded in your "operator churn" decision]
+```
+
+Average documents improve from 35% to 82% in three rounds.
+
+## Setup for AI coding assistants
+
+### Claude Code
+
+Add to `.claude/settings.json`:
+
+```json
+{
+  "mcpServers": {
+    "spm": {
+      "command": "npx",
+      "args": ["spm-mcp"],
+      "env": {
+        "SPM_API_KEY": "spm_k_your_key_here"
+      }
+    }
+  }
+}
+```
+
+### Cursor
+
+Add to MCP settings:
+
+```json
+{
+  "spm": {
+    "command": "npx",
+    "args": ["spm-mcp"],
+    "env": {
+      "SPM_API_KEY": "spm_k_your_key_here"
+    }
+  }
+}
+```
+
+### Windsurf
+
+Add to MCP configuration with the same command and env structure.
+
+## Environment variables
+
+| Variable | Required | Default | Description |
+|----------|----------|---------|-------------|
+| `SPM_API_KEY` | Yes | — | Your API key from [superproductmanager.ai](https://superproductmanager.ai) → Profile |
+| `SPM_SUPABASE_URL` | No | Production | Override for self-hosted or development |
+| `SPM_SUPABASE_ANON_KEY` | No | Production | Override for self-hosted or development |
+| `SPM_CLOUD_FUNCTIONS_BASE` | No | Production | Override Cloud Functions URL |
+
+## Security
+
+- **No filesystem access** — SPM never reads your local files, SSH keys, or credentials
+- **No postinstall scripts** — nothing runs on `npm install`
+- **4 specific env vars only** — reads `SPM_API_KEY`, `SPM_SUPABASE_URL`, `SPM_SUPABASE_ANON_KEY`, `SPM_CLOUD_FUNCTIONS_BASE`. No broad `process.env` access.
+- **Network calls only when tools are invoked** — not on import, not on install
+- **Source included** — TypeScript source ships alongside compiled JS for auditability
+- **Zero known vulnerabilities** — `npm audit` clean
+
+## Also available as
+
+- **Chrome extension** — reviews documents inside Google Docs, Notion, ClickUp, Linear. [Install from Chrome Web Store](https://chromewebstore.google.com/detail/super-product-manager/ocpjfedoogmpbkhpojdkfdimkbiamihg)
+- **Web app** — paste any document, full analysis in 30 seconds. [superproductmanager.ai](https://superproductmanager.ai)
+
+## Links
+
+- [Website](https://superproductmanager.ai)
+- [Chrome Extension](https://chromewebstore.google.com/detail/super-product-manager/ocpjfedoogmpbkhpojdkfdimkbiamihg)
+- [Y Combinator RFS: "Cursor for Product Management"](https://www.ycombinator.com/rfs)
+
+## License
+
+MIT

package/dist/src/client/cloud-functions.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Helper to call Cloud Functions that return plain JSON (not SSE).
+ * Used for nano app CRUD and discovery endpoints.
+ */
+export declare function callJsonEndpoint(endpoint: string, body?: Record<string, unknown>, apiKey?: string): Promise<unknown>;

package/dist/src/client/cloud-functions.js

@@ -0,0 +1,25 @@
+/**
+ * Helper to call Cloud Functions that return plain JSON (not SSE).
+ * Used for nano app CRUD and discovery endpoints.
+ */
+import { config } from '../config.js';
+export async function callJsonEndpoint(endpoint, body = {}, apiKey) {
+    const url = `${config.cloudFunctionsBase}/${endpoint}`;
+    const headers = {
+        'Content-Type': 'application/json',
+    };
+    if (apiKey) {
+        headers['X-SPM-API-Key'] = apiKey;
+    }
+    const response = await fetch(url, {
+        method: 'POST',
+        headers,
+        body: JSON.stringify(body),
+    });
+    if (!response.ok) {
+        const errorBody = await response.text();
+        throw new Error(`${endpoint} failed (${response.status}): ${errorBody}`);
+    }
+    return response.json();
+}
+//# sourceMappingURL=cloud-functions.js.map

package/dist/src/client/spm-api.d.ts

@@ -0,0 +1,30 @@
+/**
+ * HTTP client for SPM Cloud Functions.
+ *
+ * Calls the same endpoints the Chrome extension uses, authenticated via
+ * API key (X-SPM-API-Key header) or Bearer token.
+ */
+declare const ENDPOINTS: {
+    readonly extensionAgentV3: "/extensionAgentV3";
+    readonly extensionClarificationAgentV3: "/extensionClarificationAgentV3";
+    readonly extensionGapEvaluatorV3: "/extensionGapEvaluatorV3";
+    readonly extensionImproviseAgentV3: "/extensionImproviseAgentV3";
+    readonly extensionReviewAgainAgentV3: "/extensionReviewAgainAgentV3";
+    readonly classifyIntent: "/classifyIntent";
+};
+type EndpointName = keyof typeof ENDPOINTS;
+/**
+ * Call an SPM Cloud Function endpoint.
+ * Handles SSE stream parsing automatically.
+ */
+export declare function callEndpoint(endpoint: EndpointName, body: Record<string, unknown>, apiKey?: string): Promise<unknown>;
+export declare class SpmApiError extends Error {
+    readonly code: 'AUTH_REQUIRED' | 'RATE_LIMITED' | 'UPSTREAM_ERROR' | 'INVALID_INPUT' | 'SESSION_NOT_FOUND' | 'INVALID_PHASE';
+    constructor(message: string, code: 'AUTH_REQUIRED' | 'RATE_LIMITED' | 'UPSTREAM_ERROR' | 'INVALID_INPUT' | 'SESSION_NOT_FOUND' | 'INVALID_PHASE');
+}
+export declare function callExpertAgent(body: Record<string, unknown>, apiKey?: string): Promise<unknown>;
+export declare function callClarificationAgent(body: Record<string, unknown>, apiKey?: string): Promise<unknown>;
+export declare function callGapEvaluator(body: Record<string, unknown>, apiKey?: string): Promise<unknown>;
+export declare function callImproviser(body: Record<string, unknown>, apiKey?: string): Promise<unknown>;
+export declare function callClassifyIntent(text: string, apiKey?: string): Promise<unknown>;
+export {};

package/dist/src/client/spm-api.js

@@ -0,0 +1,75 @@
+/**
+ * HTTP client for SPM Cloud Functions.
+ *
+ * Calls the same endpoints the Chrome extension uses, authenticated via
+ * API key (X-SPM-API-Key header) or Bearer token.
+ */
+import { config } from '../config.js';
+import { parseSseResponse } from './sse-parser.js';
+const ENDPOINTS = {
+    extensionAgentV3: '/extensionAgentV3',
+    extensionClarificationAgentV3: '/extensionClarificationAgentV3',
+    extensionGapEvaluatorV3: '/extensionGapEvaluatorV3',
+    extensionImproviseAgentV3: '/extensionImproviseAgentV3',
+    extensionReviewAgainAgentV3: '/extensionReviewAgainAgentV3',
+    classifyIntent: '/classifyIntent',
+};
+function getHeaders(apiKey) {
+    const key = apiKey || config.apiKey;
+    const headers = {
+        'Content-Type': 'application/json',
+        'Accept': 'text/event-stream, application/json',
+    };
+    if (key) {
+        headers['X-SPM-API-Key'] = key;
+    }
+    return headers;
+}
+/**
+ * Call an SPM Cloud Function endpoint.
+ * Handles SSE stream parsing automatically.
+ */
+export async function callEndpoint(endpoint, body, apiKey) {
+    const url = `${config.cloudFunctionsBase}${ENDPOINTS[endpoint]}`;
+    const response = await fetch(url, {
+        method: 'POST',
+        headers: getHeaders(apiKey),
+        body: JSON.stringify(body),
+    });
+    if (!response.ok) {
+        const text = await response.text().catch(() => '');
+        if (response.status === 401) {
+            throw new SpmApiError('Authentication required. Check your SPM_API_KEY.', 'AUTH_REQUIRED');
+        }
+        if (response.status === 429) {
+            throw new SpmApiError('Rate limited. Please slow down.', 'RATE_LIMITED');
+        }
+        throw new SpmApiError(`Cloud Function error (${response.status}): ${text.slice(0, 200)}`, 'UPSTREAM_ERROR');
+    }
+    return parseSseResponse(response);
+}
+export class SpmApiError extends Error {
+    code;
+    constructor(message, code) {
+        super(message);
+        this.code = code;
+        this.name = 'SpmApiError';
+    }
+}
+// Convenience wrappers
+export async function callExpertAgent(body, apiKey) {
+    return callEndpoint('extensionAgentV3', body, apiKey);
+}
+export async function callClarificationAgent(body, apiKey) {
+    return callEndpoint('extensionClarificationAgentV3', body, apiKey);
+}
+export async function callGapEvaluator(body, apiKey) {
+    return callEndpoint('extensionGapEvaluatorV3', body, apiKey);
+}
+export async function callImproviser(body, apiKey) {
+    return callEndpoint('extensionImproviseAgentV3', body, apiKey);
+}
+export async function callClassifyIntent(text, apiKey) {
+    return callEndpoint('classifyIntent', { text }, apiKey);
+}
+//# sourceMappingURL=spm-api.js.map

package/dist/src/client/sse-parser.d.ts

@@ -0,0 +1,23 @@
+/**
+ * SSE stream parser for SPM Cloud Functions.
+ *
+ * All Cloud Functions respond with Server-Sent Events (text/event-stream).
+ * Frame format:
+ *   data: {"type":"started"}\n\n
+ *   data: {"type":"chunk","content":"...","fullContent":"..."}\n\n
+ *   data: {"type":"complete","fullContent":"{...}"}\n\n
+ *   data: {"type":"error","message":"..."}\n\n
+ *   data: {"type":"status","message":"..."}\n\n
+ */
+export interface SseFrame {
+    type: 'started' | 'chunk' | 'complete' | 'error' | 'status';
+    content?: string;
+    fullContent?: string;
+    message?: string;
+    raw?: unknown;
+}
+/**
+ * Consumes an SSE response stream and returns the parsed final JSON result.
+ * Mirrors the parsing logic from src/lib/api/agent.ts.
+ */
+export declare function parseSseResponse(response: Response): Promise<unknown>;

package/dist/src/client/sse-parser.js

@@ -0,0 +1,85 @@
+/**
+ * SSE stream parser for SPM Cloud Functions.
+ *
+ * All Cloud Functions respond with Server-Sent Events (text/event-stream).
+ * Frame format:
+ *   data: {"type":"started"}\n\n
+ *   data: {"type":"chunk","content":"...","fullContent":"..."}\n\n
+ *   data: {"type":"complete","fullContent":"{...}"}\n\n
+ *   data: {"type":"error","message":"..."}\n\n
+ *   data: {"type":"status","message":"..."}\n\n
+ */
+/**
+ * Consumes an SSE response stream and returns the parsed final JSON result.
+ * Mirrors the parsing logic from src/lib/api/agent.ts.
+ */
+export async function parseSseResponse(response) {
+    const contentType = response.headers.get('content-type') || '';
+    // If not SSE, try plain JSON
+    if (!contentType.includes('text/event-stream')) {
+        const text = await response.text();
+        try {
+            return JSON.parse(text);
+        }
+        catch {
+            throw new Error(`Unexpected response format: ${text.slice(0, 200)}`);
+        }
+    }
+    const reader = response.body?.getReader();
+    if (!reader)
+        throw new Error('No response body');
+    const decoder = new TextDecoder();
+    let buffer = '';
+    let fullContent = '';
+    while (true) {
+        const { value, done } = await reader.read();
+        if (done)
+            break;
+        buffer += decoder.decode(value, { stream: true });
+        const frames = buffer.split('\n\n');
+        buffer = frames.pop() || '';
+        for (const frame of frames) {
+            const match = frame.match(/^data:\s*(.+)$/m);
+            if (!match)
+                continue;
+            let parsed;
+            try {
+                parsed = JSON.parse(match[1]);
+            }
+            catch {
+                continue; // Skip malformed frames
+            }
+            switch (parsed.type) {
+                case 'chunk':
+                    fullContent = parsed.fullContent || (fullContent + (parsed.content || ''));
+                    break;
+                case 'complete':
+                    fullContent = parsed.fullContent || fullContent;
+                    try {
+                        return JSON.parse(fullContent);
+                    }
+                    catch {
+                        return fullContent; // Return raw string if not JSON
+                    }
+                case 'error':
+                    throw new Error(parsed.message || 'Upstream agent error');
+                case 'status':
+                    // Status updates (model fallback, etc.) — log but continue
+                    break;
+                case 'started':
+                    break;
+            }
+        }
+    }
+    // Stream ended without a 'complete' frame — try parsing accumulated content
+    if (fullContent) {
+        try {
+            return JSON.parse(fullContent);
+        }
+        catch {
+            return fullContent;
+        }
+    }
+    throw new Error('Stream ended without a complete response');
+}
+//# sourceMappingURL=sse-parser.js.map

package/dist/src/client/supabase.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Supabase client for the MCP server.
+ * Uses the anon key (public) to read nano apps, expectations, and rules.
+ * No auth session needed — all reads use RLS SELECT policies with USING (true).
+ */
+export declare const supabase: import("@supabase/supabase-js").SupabaseClient<any, "public", "public", any, any>;
+export interface NanoApp {
+    key: string;
+    name: string;
+    description: string | null;
+    category: string | null;
+    flowType: string;
+    expectations: Expectation[];
+}
+export interface Expectation {
+    id: string;
+    slug: string;
+    name: string;
+    description: string | null;
+    orderIndex: number;
+    rules: Rule[];
+}
+export interface Rule {
+    id: string;
+    name: string;
+    description: string | null;
+    spec: string;
+    isDefault: boolean;
+    orderIndex: number;
+}
+/**
+ * Fetch all nano apps with their expectations and rules.
+ * Mirrors fetchSubapps() in src/lib/api/subapps.ts.
+ */
+export declare function fetchNanoApps(): Promise<NanoApp[]>;
+/**
+ * Fetch a single nano app by key (slug).
+ * Returns null if not found.
+ */
+export declare function getNanoAppByKey(key: string): Promise<NanoApp | null>;
+/**
+ * Build the `rules` string for the expert agent payload.
+ * Mirrors buildExpectationRulesText() from src/lib/expectationUtils.ts
+ * and the SubappPage.tsx expectations assembly (lines 778-807).
+ */
+export declare function buildRulesPayload(nanoApp: NanoApp): string;

package/dist/src/client/supabase.js

@@ -0,0 +1,167 @@
+/**
+ * Supabase client for the MCP server.
+ * Uses the anon key (public) to read nano apps, expectations, and rules.
+ * No auth session needed — all reads use RLS SELECT policies with USING (true).
+ */
+import { createClient } from '@supabase/supabase-js';
+import { config } from '../config.js';
+export const supabase = createClient(config.supabaseUrl, config.supabaseAnonKey);
+// ── Queries ──
+/**
+ * Fetch all nano apps with their expectations and rules.
+ * Mirrors fetchSubapps() in src/lib/api/subapps.ts.
+ */
+export async function fetchNanoApps() {
+    const { data, error } = await supabase
+        .from('subapps')
+        .select(`
+      id, key, name, description, category, metadata, default_expectation_id,
+      expectations:expectations!subapp_id (
+        id, slug, name, description, order_index, metadata,
+        rules:rules!expectation_id (
+          id, name, description, spec, is_default, order_index
+        )
+      )
+    `)
+        .order('name', { ascending: true });
+    if (error)
+        throw new Error(`Failed to fetch nano apps: ${error.message}`);
+    return (data ?? []).map((s) => {
+        const expectationsArr = Array.isArray(s.expectations) ? s.expectations : [];
+        const expectations = expectationsArr.map((e) => ({
+            id: e.id,
+            slug: e.slug,
+            name: e.name,
+            description: e.description ?? null,
+            orderIndex: e.order_index ?? 0,
+            rules: (Array.isArray(e.rules) ? e.rules : []).map((r) => ({
+                id: r.id,
+                name: r.name,
+                description: r.description ?? null,
+                spec: typeof r.spec === 'string' ? r.spec : JSON.stringify(r.spec ?? ''),
+                isDefault: !!r.is_default,
+                orderIndex: r.order_index ?? 0,
+            })),
+        }));
+        const dbFlowType = s.metadata?.flow_type;
+        return {
+            key: s.key,
+            name: s.name,
+            description: s.description,
+            category: s.category,
+            flowType: (dbFlowType === 'direct' || dbFlowType === 'normal') ? dbFlowType : 'normal',
+            expectations,
+        };
+    });
+}
+/**
+ * Fetch a single nano app by key (slug).
+ * Returns null if not found.
+ */
+export async function getNanoAppByKey(key) {
+    const { data, error } = await supabase
+        .from('subapps')
+        .select(`
+      id, key, name, description, category, metadata, default_expectation_id,
+      expectations:expectations!subapp_id (
+        id, slug, name, description, order_index, metadata,
+        rules:rules!expectation_id (
+          id, name, description, spec, is_default, order_index
+        )
+      )
+    `)
+        .eq('key', key)
+        .maybeSingle();
+    if (error)
+        throw new Error(`Failed to fetch nano app '${key}': ${error.message}`);
+    if (!data)
+        return null;
+    const expectationsArr = Array.isArray(data.expectations) ? data.expectations : [];
+    const expectations = expectationsArr.map((e) => ({
+        id: e.id,
+        slug: e.slug,
+        name: e.name,
+        description: e.description ?? null,
+        orderIndex: e.order_index ?? 0,
+        rules: (Array.isArray(e.rules) ? e.rules : []).map((r) => ({
+            id: r.id,
+            name: r.name,
+            description: r.description ?? null,
+            spec: typeof r.spec === 'string' ? r.spec : JSON.stringify(r.spec ?? ''),
+            isDefault: !!r.is_default,
+            orderIndex: r.order_index ?? 0,
+        })),
+    }));
+    const dbFlowType = data.metadata?.flow_type;
+    return {
+        key: data.key,
+        name: data.name,
+        description: data.description,
+        category: data.category,
+        flowType: (dbFlowType === 'direct' || dbFlowType === 'normal') ? dbFlowType : 'normal',
+        expectations,
+    };
+}
+/**
+ * Build the `rules` string for the expert agent payload.
+ * Mirrors buildExpectationRulesText() from src/lib/expectationUtils.ts
+ * and the SubappPage.tsx expectations assembly (lines 778-807).
+ */
+export function buildRulesPayload(nanoApp) {
+    const expectationsText = nanoApp.expectations
+        .sort((a, b) => a.orderIndex - b.orderIndex)
+        .reduce((acc, section, idx) => {
+        const key = String(idx + 1);
+        const { rulesBlock, aiInstructions } = buildExpectationRulesText(section.rules);
+        acc[key] = {
+            sectionTitle: section.name || '',
+            isEdited: false,
+            currentExpectation: [
+                `Full Expectation: ${section.description || ''}`.trim(),
+                '',
+                'Detailed Requirements:',
+                '',
+                rulesBlock.trim(),
+                aiInstructions,
+            ].join('\n').trim(),
+            previousExpectation: '',
+        };
+        return acc;
+    }, {});
+    return JSON.stringify(expectationsText);
+}
+// Minimum content length for a rule to be included (matches extension logic)
+const MIN_RULE_CONTENT_LENGTH = 10;
+const MINIMAL_PATTERNS = [
+    /^\.+$/,
+    /^[a-z]{1,3}$/i,
+    /^\s*$/,
+    /^[^\w\s]+$/,
+];
+function buildExpectationRulesText(rules) {
+    const filtered = rules
+        .filter(r => r.name !== 'AI Analysis Instructions')
+        .sort((a, b) => a.orderIndex - b.orderIndex)
+        .filter(rule => {
+        const content = rule.spec.trim();
+        if (content.length < MIN_RULE_CONTENT_LENGTH)
+            return false;
+        return !MINIMAL_PATTERNS.some(p => p.test(content));
+    });
+    const rulesBlock = filtered
+        .map((rule, i) => {
+        let content = rule.spec;
+        // Strip "For Content Generation" sections
+        const idx = content.indexOf('## For Content Generation');
+        if (idx !== -1)
+            content = content.slice(0, idx).trimEnd();
+        return `${i + 1}. ${rule.name}:\n${content}\n`;
+    })
+        .join('\n');
+    const aiRule = rules.find(r => r.name === 'AI Analysis Instructions');
+    const aiInstructions = aiRule?.spec
+        ? `\n\nAdditional AI Instructions:\n${aiRule.spec}`
+        : '';
+    return { rulesBlock, aiInstructions };
+}
+//# sourceMappingURL=supabase.js.map

package/dist/src/config.d.ts

@@ -0,0 +1,16 @@
+/**
+ * SPM MCP Server configuration.
+ * All credentials must be provided via environment variables.
+ */
+export declare const config: {
+    /** Supabase project URL */
+    readonly supabaseUrl: string;
+    /** Supabase anon key */
+    readonly supabaseAnonKey: string;
+    /** Base URL for Cloud Functions */
+    readonly cloudFunctionsBase: string;
+    /** User's SPM API key for authenticating with Cloud Functions */
+    readonly apiKey: string;
+    /** Port for hosted HTTP transport */
+    readonly port: number;
+};

package/dist/src/config.js

@@ -0,0 +1,23 @@
+/**
+ * SPM MCP Server configuration.
+ * All credentials must be provided via environment variables.
+ */
+function requireEnv(name) {
+    const v = process.env[name];
+    if (!v)
+        throw new Error(`${name} environment variable is required`);
+    return v;
+}
+export const config = {
+    /** Supabase project URL */
+    supabaseUrl: requireEnv('SPM_SUPABASE_URL'),
+    /** Supabase anon key */
+    supabaseAnonKey: requireEnv('SPM_SUPABASE_ANON_KEY'),
+    /** Base URL for Cloud Functions */
+    cloudFunctionsBase: process.env.SPM_CLOUD_FUNCTIONS_BASE || 'https://us-central1-litethink.cloudfunctions.net',
+    /** User's SPM API key for authenticating with Cloud Functions */
+    apiKey: process.env.SPM_API_KEY || '',
+    /** Port for hosted HTTP transport */
+    port: parseInt(process.env.PORT || '8080', 10),
+};
+//# sourceMappingURL=config.js.map

package/dist/src/index.d.ts

@@ -0,0 +1,18 @@
+/**
+ * SPM MCP Server — Main entry point.
+ *
+ * Creates an MCP server with 6 stateless tools:
+ * - spm_list_nano_apps: Discover available analysis templates
+ * - spm_analyze: Expert analysis of a product document
+ * - spm_clarify: Clarification questions for identified gaps
+ * - spm_evaluate: Re-score gaps after clarification rounds
+ * - spm_improve: Generate improved content for gaps
+ * - spm_create_custom_nano_app: Create a custom nano app
+ *
+ * Used by both stdio (local NPM) and HTTP (Cloud Run) transports.
+ */
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+export declare function createSpmMcpServer(options?: {
+    apiKey?: string;
+}): McpServer;
+export { SpmApiError } from './client/spm-api.js';