start-vibing 2.0.6 → 2.0.7

package/dist/cli.js

@@ -416,6 +416,233 @@ function launchClaude(cwd) {
   });
 }
 
+// src/mcp.ts
+import { spawnSync as spawnSync2, spawn as spawn2 } from "child_process";
+var CORE_MCPS = [
+  {
+    name: "context7",
+    description: "Real-time library documentation",
+    command: "npx",
+    args: ["-y", "@upstash/context7-mcp@latest"]
+  },
+  {
+    name: "sequential-thinking",
+    description: "Structured reasoning for complex problems",
+    command: "npx",
+    args: ["-y", "@modelcontextprotocol/server-sequential-thinking"]
+  },
+  {
+    name: "memory",
+    description: "Persistent context across sessions",
+    command: "npx",
+    args: ["-y", "@modelcontextprotocol/server-memory"]
+  },
+  {
+    name: "playwright",
+    description: "Browser automation and E2E testing",
+    command: "npx",
+    args: ["-y", "@playwright/mcp@latest"]
+  }
+];
+var OPTIONAL_MCPS = [
+  {
+    name: "nextjs-devtools",
+    description: "Next.js development tools (requires Next.js project)",
+    command: "npx",
+    args: ["-y", "next-devtools-mcp@latest"],
+    optional: true
+  },
+  {
+    name: "mongodb",
+    description: "MongoDB database operations",
+    command: "npx",
+    args: ["-y", "@mongodb-js/mongodb-mcp-server"],
+    envVars: ["MONGODB_URI"],
+    optional: true
+  },
+  {
+    name: "github",
+    description: "GitHub repository management",
+    command: "claude",
+    args: ["mcp", "add", "--transport", "http", "-s", "user", "github", "https://api.githubcopilot.com/mcp/"],
+    transport: "http",
+    url: "https://api.githubcopilot.com/mcp/",
+    envVars: ["GITHUB_PERSONAL_ACCESS_TOKEN"],
+    optional: true
+  },
+  {
+    name: "sentry",
+    description: "Error tracking and monitoring",
+    command: "claude",
+    args: ["mcp", "add", "--transport", "http", "-s", "user", "sentry", "https://mcp.sentry.dev/mcp"],
+    transport: "http",
+    url: "https://mcp.sentry.dev/mcp",
+    optional: true
+  },
+  {
+    name: "brave-search",
+    description: "Web search for research",
+    command: "npx",
+    args: ["-y", "@modelcontextprotocol/server-brave-search"],
+    envVars: ["BRAVE_API_KEY"],
+    optional: true
+  },
+  {
+    name: "figma",
+    description: "Design to code workflows",
+    command: "claude",
+    args: ["mcp", "add", "--transport", "http", "-s", "user", "figma", "https://mcp.figma.com/mcp"],
+    transport: "http",
+    url: "https://mcp.figma.com/mcp",
+    optional: true
+  }
+];
+var c = {
+  reset: "\x1B[0m",
+  bright: "\x1B[1m",
+  dim: "\x1B[2m",
+  green: "\x1B[32m",
+  yellow: "\x1B[33m",
+  blue: "\x1B[34m",
+  cyan: "\x1B[36m",
+  red: "\x1B[31m",
+  magenta: "\x1B[35m"
+};
+function isClaudeMcpReady() {
+  return commandExists("claude");
+}
+function isMcpInstalled(name) {
+  try {
+    const result = spawnSync2("claude", ["mcp", "get", name], {
+      encoding: "utf-8",
+      stdio: ["pipe", "pipe", "pipe"],
+      shell: true,
+      timeout: 1e4
+    });
+    return result.status === 0;
+  } catch {
+    return false;
+  }
+}
+async function installMcp(server) {
+  if (isMcpInstalled(server.name)) {
+    return {
+      server: server.name,
+      success: true,
+      message: "Already installed",
+      skipped: true
+    };
+  }
+  return new Promise((resolve) => {
+    let args;
+    if (server.transport === "http" && server.url) {
+      args = server.args;
+    } else {
+      args = ["mcp", "add", "-s", "user", server.name, "--", server.command, ...server.args];
+    }
+    const cmd = server.transport === "http" ? "claude" : "claude";
+    const proc = spawn2(cmd, args, {
+      shell: true,
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    let stdout = "";
+    let stderr = "";
+    proc.stdout?.on("data", (data) => {
+      stdout += data.toString();
+    });
+    proc.stderr?.on("data", (data) => {
+      stderr += data.toString();
+    });
+    proc.on("close", (code) => {
+      if (code === 0) {
+        resolve({
+          server: server.name,
+          success: true,
+          message: "Installed"
+        });
+      } else {
+        resolve({
+          server: server.name,
+          success: false,
+          message: stderr || stdout || `Exit code: ${code}`
+        });
+      }
+    });
+    proc.on("error", (err) => {
+      resolve({
+        server: server.name,
+        success: false,
+        message: err.message
+      });
+    });
+    setTimeout(() => {
+      proc.kill();
+      resolve({
+        server: server.name,
+        success: false,
+        message: "Installation timed out"
+      });
+    }, 60000);
+  });
+}
+async function installMcpsParallel(servers, concurrency = 3) {
+  const results = [];
+  for (let i = 0;i < servers.length; i += concurrency) {
+    const batch = servers.slice(i, i + concurrency);
+    const batchResults = await Promise.all(batch.map(async (server) => {
+      process.stdout.write(`    ${c.dim}Installing ${server.name}...${c.reset}`);
+      const result = await installMcp(server);
+      process.stdout.clearLine?.(0);
+      process.stdout.cursorTo?.(0);
+      const icon = result.success ? `${c.green}\u2713${c.reset}` : `${c.red}\u2717${c.reset}`;
+      const status = result.skipped ? `${c.dim}(already installed)${c.reset}` : result.success ? `${c.green}OK${c.reset}` : `${c.red}${result.message}${c.reset}`;
+      console.log(`    ${icon} ${c.cyan}${server.name}${c.reset}: ${server.description} ${status}`);
+      return result;
+    }));
+    results.push(...batchResults);
+  }
+  return results;
+}
+async function installMcps() {
+  console.log("");
+  console.log(`  ${c.bright}${c.magenta}Installing MCP Servers...${c.reset}`);
+  console.log("");
+  if (!isClaudeMcpReady()) {
+    console.log(`  ${c.yellow}Claude CLI not available. Skipping MCP installation.${c.reset}`);
+    console.log(`  ${c.dim}MCPs will be installed on next run after Claude is ready.${c.reset}`);
+    return { installed: 0, failed: 0, skipped: CORE_MCPS.length };
+  }
+  console.log(`  ${c.blue}Core MCPs (auto-installed):${c.reset}`);
+  console.log("");
+  const results = await installMcpsParallel(CORE_MCPS, 3);
+  const installed = results.filter((r) => r.success && !r.skipped).length;
+  const failed = results.filter((r) => !r.success).length;
+  const skipped = results.filter((r) => r.skipped).length;
+  console.log("");
+  console.log(`  ${c.yellow}Optional MCPs (install manually if needed):${c.reset}`);
+  console.log("");
+  for (const mcp of OPTIONAL_MCPS) {
+    const envNote = mcp.envVars?.length ? `${c.dim}(requires: ${mcp.envVars.join(", ")})${c.reset}` : "";
+    console.log(`    ${c.cyan}${mcp.name}${c.reset}: ${mcp.description} ${envNote}`);
+    if (mcp.transport === "http") {
+      console.log(`      ${c.dim}claude mcp add --transport http -s user ${mcp.name} ${mcp.url}${c.reset}`);
+    } else {
+      console.log(`      ${c.dim}claude mcp add -s user ${mcp.name} -- ${mcp.command} ${mcp.args.join(" ")}${c.reset}`);
+    }
+  }
+  console.log("");
+  console.log(`  ${c.bright}MCP Summary:${c.reset}`);
+  console.log(`    ${c.green}Installed: ${installed}${c.reset}`);
+  if (skipped > 0)
+    console.log(`    ${c.dim}Already installed: ${skipped}${c.reset}`);
+  if (failed > 0)
+    console.log(`    ${c.red}Failed: ${failed}${c.reset}`);
+  console.log("");
+  console.log(`  ${c.dim}Verify with: claude mcp list${c.reset}`);
+  console.log(`  ${c.dim}Or inside Claude Code: /mcp${c.reset}`);
+  return { installed, failed, skipped };
+}
+
 // src/cli.ts
 var __filename3 = fileURLToPath2(import.meta.url);
 var __dirname3 = dirname2(__filename3);
@@ -461,6 +688,7 @@ ${BANNER}
   Options:
     --force           Overwrite all files (including custom domains)
     --no-claude       Skip Claude Code installation and launch
+    --no-mcp          Skip MCP server installation
     --no-update-check Skip checking for start-vibing updates
     --help, -h        Show this help message
     --version, -v     Show version
@@ -469,7 +697,8 @@ ${BANNER}
     1. Checks for start-vibing updates (cached for 1 hour)
     2. Creates .claude/ folder with agents, skills, hooks, config
     3. Installs Claude Code if not found on system
-    4. Launches Claude Code with --dangerously-skip-permissions
+    4. Installs recommended MCP servers (Context7, Playwright, etc.)
+    5. Launches Claude Code with --dangerously-skip-permissions
 
   Smart Copy Behavior:
     - ALWAYS overwrites: agents/*.md, hooks/*.py, settings.json
@@ -500,6 +729,7 @@ async function main() {
   }
   const force = args.includes("--force");
   const skipClaude = args.includes("--no-claude");
+  const skipMcp = args.includes("--no-mcp");
   const skipUpdateCheck = args.includes("--no-update-check");
   const targetDir = process.cwd();
   if (!skipUpdateCheck) {
@@ -573,6 +803,17 @@ async function main() {
       } else {
         console.log("  Claude Code is already installed.");
       }
+      if (!skipMcp && isClaudeMcpReady()) {
+        console.log("");
+        console.log("  ========================================");
+        console.log("  MCP Servers Setup");
+        console.log("  ========================================");
+        await installMcps();
+      } else if (!skipMcp) {
+        console.log("");
+        console.log("  MCP installation skipped (Claude CLI not ready).");
+        console.log('  Run "claude mcp list" after restart to verify.');
+      }
       console.log("");
       launchClaude(targetDir);
     } else {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "start-vibing",
-  "version": "2.0.6",
+  "version": "2.0.7",
   "description": "Setup Claude Code agents, skills, and hooks in your project. Smart copy that preserves your custom domains and configurations.",
   "type": "module",
   "bin": {

package/template/.claude/config/mcp-config.json

@@ -0,0 +1,330 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$comment": "MCP Server Configuration - Recommended servers based on project stack and security review",
+
+  "metadata": {
+    "version": "1.0.0",
+    "lastUpdated": "2025-01-04",
+    "researchSources": [
+      "https://modelcontextprotocol.io/specification/2025-11-25",
+      "https://registry.modelcontextprotocol.io",
+      "https://github.com/modelcontextprotocol/servers",
+      "https://github.com/punkpeye/awesome-mcp-servers",
+      "https://docs.docker.com/ai/mcp-catalog-and-toolkit/catalog/"
+    ]
+  },
+
+  "tiers": {
+    "core": {
+      "description": "Essential MCPs for daily development - Must install",
+      "servers": ["github", "nextjs-devtools", "mongodb", "playwright", "context7", "sequential-thinking"]
+    },
+    "productivity": {
+      "description": "Enhanced productivity and monitoring",
+      "servers": ["sentry", "figma", "brave-search", "memory", "time"]
+    },
+    "infrastructure": {
+      "description": "DevOps and infrastructure tools",
+      "servers": ["docker-hub", "upstash", "fetch"]
+    }
+  },
+
+  "servers": {
+    "github": {
+      "name": "GitHub MCP Server",
+      "description": "Official GitHub server for repository management, issues, PRs, and CI/CD",
+      "tier": "core",
+      "verified": true,
+      "publisher": "github",
+      "repository": "https://github.com/github/github-mcp-server",
+      "transport": "http",
+      "config": {
+        "remote": {
+          "url": "https://api.githubcopilot.com/mcp/"
+        },
+        "local": {
+          "command": "docker",
+          "args": ["run", "-i", "--rm", "-e", "GITHUB_PERSONAL_ACCESS_TOKEN", "ghcr.io/github/github-mcp-server"]
+        }
+      },
+      "envVars": ["GITHUB_PERSONAL_ACCESS_TOKEN"],
+      "requiredPermissions": ["repo", "read:org", "read:user"],
+      "agentMappings": ["commit-manager", "code-reviewer", "quality-checker"],
+      "securityNotes": "Use fine-grained PAT with minimal scopes. Never commit tokens."
+    },
+
+    "nextjs-devtools": {
+      "name": "Next.js DevTools MCP",
+      "description": "Official Vercel server for Next.js 16+ development with error detection and live state",
+      "tier": "core",
+      "verified": true,
+      "publisher": "vercel",
+      "repository": "https://github.com/vercel/next-devtools-mcp",
+      "transport": "stdio",
+      "config": {
+        "command": "npx",
+        "args": ["-y", "next-devtools-mcp@latest"]
+      },
+      "envVars": [],
+      "requiredPermissions": [],
+      "agentMappings": ["debugger", "performance", "quality-checker"],
+      "securityNotes": "Safe - connects to local dev server only"
+    },
+
+    "mongodb": {
+      "name": "MongoDB MCP Server",
+      "description": "Official MongoDB server for database operations on Atlas and local MongoDB",
+      "tier": "core",
+      "verified": true,
+      "publisher": "mongodb-js",
+      "repository": "https://github.com/mongodb-js/mongodb-mcp-server",
+      "transport": "stdio",
+      "config": {
+        "command": "npx",
+        "args": ["-y", "@mongodb-js/mongodb-mcp-server"],
+        "options": {
+          "readOnly": false,
+          "connectionString": "${MONGODB_URI}"
+        }
+      },
+      "envVars": ["MONGODB_URI"],
+      "requiredPermissions": ["database read/write"],
+      "agentMappings": ["analyzer", "debugger", "performance"],
+      "securityNotes": "Enable readOnly mode for production. Use connection strings with minimal privileges."
+    },
+
+    "playwright": {
+      "name": "Playwright MCP Server",
+      "description": "Official Microsoft server for browser automation and E2E testing",
+      "tier": "core",
+      "verified": true,
+      "publisher": "microsoft",
+      "repository": "https://github.com/microsoft/playwright-mcp",
+      "transport": "stdio",
+      "config": {
+        "command": "npx",
+        "args": ["-y", "@playwright/mcp@latest"]
+      },
+      "envVars": [],
+      "requiredPermissions": [],
+      "agentMappings": ["tester", "ui-ux-reviewer", "quality-checker"],
+      "securityNotes": "Safe - runs in isolated browser context"
+    },
+
+    "context7": {
+      "name": "Context7 MCP",
+      "description": "Real-time, version-specific documentation for libraries and frameworks",
+      "tier": "core",
+      "verified": true,
+      "publisher": "upstash",
+      "repository": "https://github.com/upstash/context7",
+      "transport": "stdio",
+      "config": {
+        "command": "npx",
+        "args": ["-y", "@upstash/context7-mcp@latest"]
+      },
+      "envVars": [],
+      "requiredPermissions": [],
+      "agentMappings": ["research", "analyzer", "documenter"],
+      "securityNotes": "Safe - read-only documentation fetching"
+    },
+
+    "sequential-thinking": {
+      "name": "Sequential Thinking MCP",
+      "description": "Structured reasoning for complex problem-solving and planning",
+      "tier": "core",
+      "verified": true,
+      "publisher": "modelcontextprotocol",
+      "repository": "https://github.com/modelcontextprotocol/servers/tree/main/src/sequentialthinking",
+      "transport": "stdio",
+      "config": {
+        "command": "npx",
+        "args": ["-y", "@modelcontextprotocol/server-sequential-thinking"]
+      },
+      "envVars": [],
+      "requiredPermissions": [],
+      "agentMappings": ["orchestrator", "analyzer", "debugger"],
+      "securityNotes": "Safe - no external connections"
+    },
+
+    "sentry": {
+      "name": "Sentry MCP Server",
+      "description": "Error tracking, monitoring, and AI-powered debugging with Seer",
+      "tier": "productivity",
+      "verified": true,
+      "publisher": "getsentry",
+      "repository": "https://github.com/getsentry/sentry-mcp-stdio",
+      "transport": "http",
+      "config": {
+        "url": "https://mcp.sentry.dev/mcp"
+      },
+      "envVars": [],
+      "requiredPermissions": ["Sentry OAuth"],
+      "agentMappings": ["debugger", "quality-checker", "performance"],
+      "securityNotes": "Requires OAuth authentication to Sentry"
+    },
+
+    "figma": {
+      "name": "Figma MCP Server",
+      "description": "Design-to-code workflows with direct Figma integration",
+      "tier": "productivity",
+      "verified": true,
+      "publisher": "figma",
+      "repository": "https://github.com/figma/mcp-server-guide",
+      "transport": "http",
+      "config": {
+        "url": "https://mcp.figma.com/mcp"
+      },
+      "envVars": [],
+      "requiredPermissions": ["Figma OAuth"],
+      "agentMappings": ["ui-ux-reviewer", "documenter"],
+      "securityNotes": "Requires Figma account. Rate limited based on plan."
+    },
+
+    "brave-search": {
+      "name": "Brave Search MCP",
+      "description": "Privacy-first web search for research and current information",
+      "tier": "productivity",
+      "verified": true,
+      "publisher": "modelcontextprotocol",
+      "repository": "https://github.com/modelcontextprotocol/servers/tree/main/src/brave-search",
+      "transport": "stdio",
+      "config": {
+        "command": "npx",
+        "args": ["-y", "@modelcontextprotocol/server-brave-search"]
+      },
+      "envVars": ["BRAVE_API_KEY"],
+      "requiredPermissions": [],
+      "agentMappings": ["research", "ui-ux-reviewer"],
+      "securityNotes": "Requires Brave Search API key. Free tier available."
+    },
+
+    "memory": {
+      "name": "Memory MCP Server",
+      "description": "Persistent context retention across sessions using knowledge graph",
+      "tier": "productivity",
+      "verified": true,
+      "publisher": "modelcontextprotocol",
+      "repository": "https://github.com/modelcontextprotocol/servers/tree/main/src/memory",
+      "transport": "stdio",
+      "config": {
+        "command": "npx",
+        "args": ["-y", "@modelcontextprotocol/server-memory"]
+      },
+      "envVars": [],
+      "requiredPermissions": [],
+      "agentMappings": ["orchestrator", "domain-updater", "commit-manager"],
+      "securityNotes": "Stores data locally. Review stored data periodically."
+    },
+
+    "time": {
+      "name": "Time MCP Server",
+      "description": "Timezone conversion and scheduling capabilities",
+      "tier": "productivity",
+      "verified": true,
+      "publisher": "modelcontextprotocol",
+      "repository": "https://github.com/modelcontextprotocol/servers/tree/main/src/time",
+      "transport": "stdio",
+      "config": {
+        "command": "uvx",
+        "args": ["mcp-server-time"]
+      },
+      "envVars": [],
+      "requiredPermissions": [],
+      "agentMappings": ["commit-manager", "documenter"],
+      "securityNotes": "Safe - no external connections"
+    },
+
+    "docker-hub": {
+      "name": "Docker Hub MCP Server",
+      "description": "Container image discovery and management from Docker Hub",
+      "tier": "infrastructure",
+      "verified": true,
+      "publisher": "docker",
+      "repository": "https://www.docker.com/blog/introducing-docker-hub-mcp-server/",
+      "transport": "stdio",
+      "config": {
+        "command": "docker",
+        "args": ["run", "-i", "--rm", "mcp/docker-hub"]
+      },
+      "envVars": ["DOCKER_HUB_PAT"],
+      "requiredPermissions": ["Docker Hub account"],
+      "agentMappings": ["quality-checker"],
+      "securityNotes": "Use read-only tokens when possible"
+    },
+
+    "upstash": {
+      "name": "Upstash MCP Server",
+      "description": "Redis and rate limiting management for serverless applications",
+      "tier": "infrastructure",
+      "verified": true,
+      "publisher": "upstash",
+      "repository": "https://github.com/upstash/mcp-server",
+      "transport": "stdio",
+      "config": {
+        "command": "npx",
+        "args": ["-y", "@upstash/mcp-server@latest"]
+      },
+      "envVars": ["UPSTASH_EMAIL", "UPSTASH_API_KEY"],
+      "requiredPermissions": ["Upstash account"],
+      "agentMappings": ["performance", "security-auditor"],
+      "securityNotes": "Use API keys with minimal permissions"
+    },
+
+    "fetch": {
+      "name": "Fetch MCP Server",
+      "description": "HTTP API requests and web content retrieval",
+      "tier": "infrastructure",
+      "verified": true,
+      "publisher": "modelcontextprotocol",
+      "repository": "https://github.com/modelcontextprotocol/servers/tree/main/src/fetch",
+      "transport": "stdio",
+      "config": {
+        "command": "uvx",
+        "args": ["mcp-server-fetch"]
+      },
+      "envVars": [],
+      "requiredPermissions": [],
+      "agentMappings": ["research", "analyzer"],
+      "securityNotes": "Be cautious with untrusted URLs - prompt injection risk"
+    }
+  },
+
+  "security": {
+    "guidelines": [
+      "Only install verified MCPs from official publishers",
+      "Use fine-grained tokens with minimal permissions",
+      "Never commit API keys or tokens to version control",
+      "Enable readOnly mode for production databases",
+      "Review MCP source code before installation",
+      "Use containerized MCPs when available for isolation",
+      "Monitor MCP activity logs for unusual behavior"
+    ],
+    "redFlags": [
+      "MCPs requesting excessive permissions",
+      "Unverified publishers or missing repository",
+      "MCPs that execute arbitrary shell commands",
+      "MCPs with eval() or exec() in source code",
+      "MCPs with recent CVEs or security advisories"
+    ],
+    "trustedPublishers": [
+      "modelcontextprotocol",
+      "anthropic",
+      "github",
+      "microsoft",
+      "vercel",
+      "mongodb-js",
+      "upstash",
+      "docker",
+      "figma",
+      "getsentry"
+    ]
+  },
+
+  "installation": {
+    "parallelLimit": 5,
+    "timeout": 60000,
+    "retryAttempts": 3,
+    "scope": "project"
+  }
+}