terramend 0.2.0

package/dist/lifecycle.d.ts

@@ -0,0 +1,2 @@
+/** timeout for lifecycle hook scripts */
+export declare const LIFECYCLE_HOOK_TIMEOUT_MS = 600000;

package/dist/main.d.ts

@@ -0,0 +1,8 @@
+export { Inputs } from "#app/utils/payload";
+export interface MainResult {
+    success: boolean;
+    output?: string | undefined;
+    error?: string | undefined;
+    result?: string | undefined;
+}
+export declare function main(): Promise<MainResult>;

package/dist/mcp/arkConfig.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/mcp/checkSuite.d.ts

@@ -0,0 +1,25 @@
+import type { ToolContext } from "#app/mcp/server";
+export declare const GetCheckSuiteLogs: import("arktype/internal/variants/object.ts").ObjectType<{
+    check_suite_id: number;
+}, {}>;
+type LogLine = {
+    line: number;
+    content: string;
+    type: "error" | "warning" | "failure" | "trace";
+};
+type LogAnalysis = {
+    totalLines: number;
+    index: LogLine[];
+    excerpt: {
+        content: string;
+        startLine: number;
+        endLine: number;
+    };
+};
+export declare function analyzeLog(logs: string, excerptLines?: number): LogAnalysis;
+export declare function GetCheckSuiteLogsTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    check_suite_id: number;
+}, {
+    check_suite_id: number;
+}>>;
+export {};

package/dist/mcp/checkout.d.ts

@@ -0,0 +1,77 @@
+import type { RestEndpointMethodTypes } from "@octokit/rest";
+import type { ToolContext } from "#app/mcp/server";
+type PullFile = RestEndpointMethodTypes["pulls"]["listFiles"]["response"]["data"][number];
+export type FormatFilesResult = {
+    content: string;
+    toc: string;
+};
+export type FetchAndFormatPrDiffResult = FormatFilesResult & {
+    files: PullFile[];
+};
+/**
+ * formats PR files with explicit line numbers for each code line.
+ * preserves all original diff info (file headers, hunk headers) and adds:
+ * | OLD | NEW | TYPE | code
+ * returns both the formatted content and a TOC with line ranges per file.
+ */
+export declare function formatFilesWithLineNumbers(files: PullFile[]): FormatFilesResult;
+export declare const CheckoutPr: import("arktype/internal/variants/object.ts").ObjectType<{
+    pull_number: number;
+}, {}>;
+export type CheckoutPrResult = {
+    success: true;
+    number: number;
+    title: string;
+    body: string | null;
+    base: string;
+    localBranch: string;
+    remoteBranch: string;
+    isFork: boolean;
+    maintainerCanModify: boolean;
+    url: string;
+    headRepo: string;
+    diffPath: string;
+    incrementalDiffPath?: string | undefined;
+    toc: string;
+    commitCount: number;
+    commitLog: string;
+    /** true when commitLog was capped because the PR has more commits than we render */
+    commitLogTruncated: boolean;
+    /** true when commit metadata could not be computed (e.g. base ref unreachable after shallow fetch). commitCount/commitLog are zero/empty in that case, not "no commits". */
+    commitLogUnavailable: boolean;
+    /** non-fatal warning from the post-checkout lifecycle hook, if any */
+    hookWarning?: string | undefined;
+    instructions: string;
+};
+/**
+ * fetches PR files from GitHub and formats them with line numbers and TOC.
+ * this is the core diff formatting logic, extracted for testability.
+ */
+export declare function fetchAndFormatPrDiff(ctx: ToolContext, pullNumber: number): Promise<FetchAndFormatPrDiffResult>;
+import { type GitContext } from "#app/utils/setup";
+export type PrData = {
+    number: number;
+    headSha: string;
+    headRef: string;
+    headRepoFullName: string;
+    baseRef: string;
+    baseRepoFullName: string;
+    maintainerCanModify: boolean;
+};
+type CheckoutPrBranchParams = GitContext & {
+    beforeSha?: string | undefined;
+};
+/**
+ * Shared helper to checkout a PR branch and configure fork remotes.
+ * Assumes origin remote is already configured with authentication.
+ * Updates toolState.issueNumber, toolState.checkoutSha, and toolState.pushUrl (for fork PRs).
+ */
+export declare function checkoutPrBranch(pr: PrData, params: CheckoutPrBranchParams): Promise<{
+    hookWarning?: string | undefined;
+}>;
+export declare function CheckoutPrTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    pull_number: number;
+}, {
+    pull_number: number;
+}>>;
+export {};

package/dist/mcp/comment.d.ts

@@ -0,0 +1,119 @@
+import type { ToolContext } from "#app/mcp/server";
+export { isLeapingIntoActionCommentBody, LEAPING_INTO_ACTION_PREFIX, } from "#app/utils/leapingComment";
+export declare function addFooter(ctx: ToolContext, body: string): string;
+export declare const Comment: import("arktype/internal/variants/object.ts").ObjectType<{
+    issueNumber: number;
+    body: string;
+    type?: "Plan" | "Comment";
+}, {}>;
+export declare function CreateCommentTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    issueNumber: number;
+    body: string;
+    type?: "Plan" | "Comment";
+}, {
+    issueNumber: number;
+    body: string;
+    type?: "Plan" | "Comment";
+}>>;
+export declare const EditComment: import("arktype/internal/variants/object.ts").ObjectType<{
+    commentId: number;
+    body: string;
+}, {}>;
+export declare function EditCommentTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    commentId: number;
+    body: string;
+}, {
+    commentId: number;
+    body: string;
+}>>;
+export declare const ReportProgress: import("arktype/internal/variants/object.ts").ObjectType<{
+    body: string;
+    target_plan_comment?: boolean;
+}, {}>;
+/**
+ * Report progress to a GitHub comment.
+ *
+ * progressComment has three states:
+ *   - undefined: no comment yet — will create one if an issue/PR target exists
+ *   - object:    active comment — will update it in place via the right REST endpoint for its type
+ *   - null:      deliberately deleted (e.g. after submitting a PR review) — skips silently
+ *
+ * The body is tracked in lastProgressBody for the job summary regardless of comment state,
+ * EXCEPT for `liveProgress` (todo-tracker) writes — see the param note below.
+ *
+ * The "existing plan comment" path always targets a top-level issue comment (plan comments are
+ * created by create_issue_comment with type:"Plan", never as review-thread replies).
+ */
+export declare function reportProgress(ctx: ToolContext, params: {
+    body: string;
+    target_plan_comment?: boolean;
+    liveProgress?: boolean;
+}): Promise<{
+    commentId?: number;
+    url?: string;
+    body: string;
+    action: "created" | "updated" | "skipped";
+}>;
+export declare function ReportProgressTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    body: string;
+    target_plan_comment?: boolean;
+}, {
+    body: string;
+    target_plan_comment?: boolean;
+}>>;
+/**
+ * Delete the progress comment if it exists.
+ * Used by main.ts for stranded-comment cleanup (orphaned "Leaping into action" or
+ * checklist left by the todo tracker when the agent didn't call report_progress).
+ * Sets progressComment to null so subsequent report_progress calls are no-ops.
+ */
+export declare function deleteProgressComment(ctx: ToolContext): Promise<boolean>;
+export declare const ReplyToReviewComment: import("arktype/internal/variants/object.ts").ObjectType<{
+    pull_number: number;
+    comment_id: number;
+    body: string;
+}, {}>;
+/**
+ * decision returned by `duplicateReplyDecision` when a session has already
+ * posted an identical reply to the same parent review comment.
+ */
+export interface DuplicateReplyDecision {
+    kind: "already-replied";
+    commentId: number;
+    url: string | undefined;
+    reason: string;
+}
+/**
+ * decide whether a second reply_to_review_comment call in the same session
+ * is a duplicate of an earlier reply to the same parent comment.
+ *
+ * the agent is instructed to call reply_to_review_comment exactly once per
+ * parent comment per AddressReviews session, but in practice it sometimes
+ * emits the same call twice. PR #610 reproduced this with Kimi K2:
+ * identical body posted 3 seconds apart, only one tool_use event in the
+ * agent log. the second post is always redundant and clutters the PR thread.
+ *
+ * we key on (comment_id, bodyWithFooter) so a legitimate follow-up reply
+ * with different content still goes through. within a single run the
+ * footer is constant (workflow run + model + jobId), so byte-equal bodies
+ * catch the stutter without blocking real follow-ups.
+ *
+ * mirrors the shape of `duplicateReviewDecision` in mcp/review.ts.
+ */
+export declare function duplicateReplyDecision(params: {
+    existing: {
+        commentId: number;
+        url: string | undefined;
+        bodyWithFooter: string;
+    } | undefined;
+    bodyWithFooter: string;
+}): DuplicateReplyDecision | null;
+export declare function ReplyToReviewCommentTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    pull_number: number;
+    comment_id: number;
+    body: string;
+}, {
+    pull_number: number;
+    comment_id: number;
+    body: string;
+}>>;

package/dist/mcp/commitInfo.d.ts

@@ -0,0 +1,9 @@
+import type { ToolContext } from "#app/mcp/server";
+export declare const CommitInfo: import("arktype/internal/variants/object.ts").ObjectType<{
+    sha: string;
+}, {}>;
+export declare function CommitInfoTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    sha: string;
+}, {
+    sha: string;
+}>>;

package/dist/mcp/crosswalk.d.ts

@@ -0,0 +1,105 @@
+import type { ToolContext } from "#app/mcp/server";
+/**
+ * Compliance crosswalk (§differentiator 23 — "explain like I'm the auditor", the
+ * seed of the Part-6 moat). Maps a best-practice concern → the control families
+ * it touches across UK public-sector + general frameworks, so a remediation can
+ * be narrated to an assessor in their own language ("this closes NCSC Cloud
+ * Principle 2 / Cyber Essentials Secure Configuration") rather than as a raw
+ * scanner rule id.
+ *
+ * SCOPE / HONESTY: this is a deterministic STARTER rule-pack keyed on the
+ * defect's THEME (encryption, public exposure, least-privilege, logging, …),
+ * not a certified control-by-control mapping. The durable product is a
+ * versioned, framework-revision-pinned crosswalk (Part 6) — so every mapping
+ * carries the pack version + date and is labelled indicative, never an audit
+ * verdict. No open crosswalk to UK frameworks exists; this is the wedge.
+ */
+export declare const CROSSWALK_VERSION = "0.1.0";
+/** the date this rule-pack's framework references were last reviewed (absolute). */
+export declare const CROSSWALK_REVIEWED = "2026-06-07";
+export interface ControlRef {
+    /** the framework, e.g. "NCSC Cloud Security Principles". */
+    framework: string;
+    /** the control id within that framework, e.g. "Principle 2". */
+    control: string;
+    /** the control's short title. */
+    title: string;
+}
+/**
+ * Map a single concern to the indicative control references it touches. Matches
+ * the concern's `rule_id` + `evidence` (and an optional `category`) against the
+ * crosswalk themes; unions the controls of every theme that fires. Pure.
+ * Returns an empty array when nothing matches (honest — better than a forced
+ * mapping). De-duplicates identical control refs.
+ */
+export declare function mapConcernToControls(concern: {
+    rule_id: string;
+    evidence: string;
+    category?: string;
+}): {
+    themes: string[];
+    controls: ControlRef[];
+};
+export interface ConcernForCrosswalk {
+    id: string;
+    rule_id: string;
+    evidence: string;
+    category?: string;
+    severity?: string;
+    location?: {
+        file: string;
+        line: number | null;
+    };
+}
+export interface CrosswalkEntry {
+    concern_id: string;
+    rule_id: string;
+    themes: string[];
+    controls: ControlRef[];
+}
+export interface CrosswalkReport {
+    version: string;
+    reviewed: string;
+    /** per-concern control mappings (only concerns that mapped to ≥1 control). */
+    entries: CrosswalkEntry[];
+    /** framework → the distinct controls this scan touched, for an auditor index. */
+    by_framework: Record<string, {
+        control: string;
+        title: string;
+    }[]>;
+    /** concerns that did not map to any control (honest coverage signal). */
+    unmapped_concern_ids: string[];
+}
+/**
+ * Build the auditor crosswalk for a set of concerns: per-concern control refs
+ * plus a `by_framework` index (which controls this scan touched, deduped) and an
+ * honest `unmapped` list. Pure + deterministic. Carries the pack version + date
+ * so the report is reproducible and clearly indicative.
+ */
+export declare function buildCrosswalkReport(concerns: ConcernForCrosswalk[]): CrosswalkReport;
+export declare const ComplianceCrosswalkParams: import("arktype/internal/variants/object.ts").ObjectType<{
+    concerns: {
+        id: string;
+        rule_id: string;
+        evidence: string;
+        category?: string;
+        severity?: string;
+    }[];
+}, {}>;
+export declare function ComplianceCrosswalkTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    concerns: {
+        id: string;
+        rule_id: string;
+        evidence: string;
+        category?: string;
+        severity?: string;
+    }[];
+}, {
+    concerns: {
+        id: string;
+        rule_id: string;
+        evidence: string;
+        category?: string;
+        severity?: string;
+    }[];
+}>>;

package/dist/mcp/dependencies.d.ts

@@ -0,0 +1,8 @@
+import type { ToolContext } from "#app/mcp/server";
+/**
+ * start dependency installation in the background (non-blocking, idempotent).
+ * called eagerly from main.ts at startup and also available via MCP tools.
+ */
+export declare function startInstallation(ctx: ToolContext): void;
+export declare function StartDependencyInstallationTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<object, object>>;
+export declare function AwaitDependencyInstallationTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<object, object>>;

package/dist/mcp/geminiSanitizer.d.ts

@@ -0,0 +1,28 @@
+import type { StandardSchemaV1 } from "@standard-schema/spec";
+import type { Tool } from "fastmcp";
+import type { ToolContext } from "#app/mcp/server";
+/**
+ * Recursively transform a JSON schema to gemini's stricter subset.
+ * See module header for the exact transforms applied.
+ */
+export declare function sanitizeForGemini(schema: unknown): unknown;
+export declare function wrapSchemaForGemini(schema: StandardSchemaV1<any>): StandardSchemaV1<any>;
+export declare function sanitizeToolForGemini<T extends Tool<any, any>>(tool: T): T;
+/**
+ * true when the effective upstream model is — or might become — google
+ * generative language API traffic. matches:
+ *   - direct `google/*`, opencode `opencode/gemini-*`, openrouter
+ *     `openrouter/google/gemini-*` (slug substring "gemini" wins).
+ *   - any unresolved specifier: `undefined`, `"auto"`, or a slug that
+ *     didn't map through the alias registry (no `provider/` prefix).
+ *     these flow through the agent's own auto-select, which may land
+ *     on gemini *after* the MCP server has already registered tools —
+ *     at which point sanitization is too late to apply. erring on the
+ *     side of sanitizing is safe: cases 1 + 2 are universally
+ *     compatible JSON-Schema normalizations (enum-only → typed string,
+ *     collapsible const-unions → string enum); case 3 is gemini-
+ *     specific but only fires on non-collapsible unions, which arktype
+ *     does not emit for our current tool schemas. see issue #676 for
+ *     the prod failure that motivated this widening.
+ */
+export declare function isGeminiRouted(ctx: ToolContext): boolean;

package/dist/mcp/git.d.ts

@@ -0,0 +1,46 @@
+import type { ToolContext } from "#app/mcp/server";
+export declare function rejectIfLeadingDash(value: string, kind: string): void;
+export declare function rejectSpecialRef(value: string, kind: string): void;
+export declare function validateTagName(tag: string): void;
+export declare const PushBranch: import("arktype/internal/variants/object.ts").ObjectType<{
+    force: import("arktype/internal/attributes.ts").Default<boolean, false>;
+    branchName?: string;
+}, {}>;
+export type PushErrorKind = "concurrent-push" | "transient" | "unknown";
+export declare function classifyPushError(msg: string): PushErrorKind;
+export declare function PushBranchTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    branchName?: string;
+    force?: boolean;
+}, {
+    branchName?: string;
+    force?: boolean;
+}>>;
+export declare const AUTH_REQUIRED_REDIRECT: Record<string, string>;
+export declare const NOSHELL_BLOCKED_SUBCOMMANDS: Record<string, string>;
+export declare const NOSHELL_BLOCKED_ARGS: string[];
+export declare function GitTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    command: string;
+    args?: string[];
+}, {
+    command: string;
+    args?: string[];
+}>>;
+export declare function GitFetchTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    ref: string;
+    depth?: number;
+}, {
+    ref: string;
+    depth?: number;
+}>>;
+export declare function DeleteBranchTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    branchName: string;
+}, {
+    branchName: string;
+}>>;
+export declare function PushTagsTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    tag: string;
+    force?: boolean;
+}, {
+    tag: string;
+    force?: boolean;
+}>>;

package/dist/mcp/guardrails.d.ts

@@ -0,0 +1,104 @@
+import type { ToolContext } from "#app/mcp/server";
+/**
+ * Terraform-write guardrails — hard, code-level limits that back the prompt
+ * rules of the modes that write Terraform and open PRs (**Remediate** and
+ * **GenerateTerraform**). They only engage for those modes, so every other mode
+ * (Build, Fix, Review, …) is completely unaffected.
+ */
+export declare const REMEDIATE_MODE = "Remediate";
+export declare const GENERATE_MODE = "GenerateTerraform";
+/** §27 — the stale-fix self-healing sweep re-derives + force-updates remediation
+ * PRs, so it writes Terraform and pushes exactly like Remediate and is bounded by
+ * the same guardrails. */
+export declare const REFRESH_REMEDIATION_MODE = "RefreshRemediation";
+/** default paths these modes may modify/create: Terraform sources only. */
+export declare const DEFAULT_ALLOWED_PATHS: readonly ["**/*.tf", "**/*.tfvars"];
+/** §28 — extra paths the Terratest scaffold writes, allowed only when the
+ * `terratest` input is enabled (Go test files + native `*.tftest.hcl` tests fall
+ * outside the Terraform-only default). */
+export declare const TERRATEST_ALLOWED_PATHS: readonly ["**/*_test.go", "**/*.tftest.hcl", "test/**", "tests/**", "go.mod", "go.sum"];
+export declare function resolveAllowedPaths(ctx: ToolContext): string[];
+/**
+ * Compile a glob to an anchored RegExp. Supports `**` (any path segments,
+ * including the `**\/` "zero or more leading dirs" idiom), `*` (within a
+ * segment), and `?`. Sufficient for the path allow-list patterns
+ * (`**\/*.tf`, `modules/**`, `*.tfvars`).
+ */
+export declare function globToRegex(glob: string): RegExp;
+export declare function isPathAllowed(path: string, globs: string[]): boolean;
+/**
+ * Enforce the path allow-list before a Remediate-mode push. Throws if the
+ * branch changed any file outside the allowed globs — the choke point is
+ * push_branch, the only way changes reach a PR. Fails closed: if the baseline
+ * can't be established it refuses rather than letting an unbounded change
+ * through.
+ */
+export declare function enforceRemediationPaths(ctx: ToolContext): void;
+/** glob patterns marking files the fixer must NEVER auto-modify (prod state,
+ * data stores, anything sensitive). The inverse of `allowed_paths`. */
+export declare function resolveProtectedPaths(ctx: ToolContext): string[];
+/**
+ * Block a push that touched any file matching `protected_paths`. This is the
+ * inverse of the allow-list: a changed file matching a protected glob fails the
+ * push, even though it's a `.tf`/`.tfvars` the allow-list would otherwise permit.
+ * No-op when `protected_paths` is unset or outside a guarded mode. Fails closed:
+ * if the run-start baseline can't be established it refuses, same as
+ * `enforceRemediationPaths`.
+ */
+export declare function enforceProtectedPaths(ctx: ToolContext): void;
+export interface SecretHit {
+    file: string;
+    line: number;
+    rule: string;
+}
+/**
+ * Scan a unified `git diff` for inlined secrets on ADDED lines only. Tracks the
+ * current file from `+++ b/<path>` headers and the new-side line number from
+ * `@@` hunk headers, so each hit carries an accurate `file:line`. Pure — the
+ * guardrail feeds it `git diff` output. Removed/context lines are ignored (a
+ * secret already in the base isn't this run's doing).
+ */
+export declare function scanDiffForSecrets(diff: string): SecretHit[];
+/**
+ * Parse a `gitleaks detect --report-format json` report (an array of finding
+ * objects) into the shared `SecretHit` shape. Pure, so it's unit-testable
+ * without the binary. `gitleaks:` prefixes the rule so a hit's engine is
+ * obvious next to the built-in detectors. Tolerates an empty / non-array report.
+ */
+export declare function parseGitleaksReport(json: string): SecretHit[];
+/**
+ * Block a push whose diff (since run start) inlines a secret. Reuses the same
+ * run-start baseline as the path guardrail. No-op outside a guarded mode. Fails
+ * closed on a missing baseline. The diff is read with `$` (restricted env), so
+ * no secret leaks into the subprocess.
+ *
+ * The built-in detectors always run (the deterministic, fail-closed baseline).
+ * When the operator opts in via the `gitleaks` input, gitleaks ALSO runs for
+ * deeper coverage and its hits are merged — but its absence never weakens the
+ * baseline (see scanWithGitleaks).
+ */
+export declare function assertNoSecretsInDiff(ctx: ToolContext): void;
+/** resource addresses the operator has explicitly allowed to be destroyed/replaced. */
+export declare function resolveAllowReplace(ctx: ToolContext): string[];
+/**
+ * Block a push that `terraform_plan` showed would DELETE or REPLACE a stateful
+ * (data-bearing) resource — RDS, S3, EBS, a SQL database, etc. A best-practice
+ * remediation should never destroy data; if the replacement is genuinely
+ * intended the operator opts in per-resource via the `allow_replace` input
+ * (an address, a glob, or `*`/`all`). No-op outside guarded modes. When no plan
+ * ran (no cloud credentials — `terraform_plan` degraded green), there is no
+ * evidence to act on and nothing is blocked: this gate engages only on what the
+ * plan actually reported, so it strengthens the run when creds are wired and is
+ * silent otherwise.
+ */
+export declare function assertNoBlockedDestroy(ctx: ToolContext): void;
+/** maximum remediation PRs a single run may open (default 1). */
+export declare function resolveMaxPrs(ctx: ToolContext): number;
+/**
+ * Enforce the per-run PR cap before opening a remediation PR. Throws when the
+ * cap is already reached so the agent stops at the configured number of scoped
+ * PRs instead of fanning out.
+ */
+export declare function assertUnderPrCap(ctx: ToolContext): void;
+/** record that a guarded-mode PR was opened (after create_pull_request succeeds). */
+export declare function recordRemediationPrOpened(ctx: ToolContext): void;

package/dist/mcp/issue.d.ts

@@ -0,0 +1,18 @@
+import type { ToolContext } from "#app/mcp/server";
+export declare const Issue: import("arktype/internal/variants/object.ts").ObjectType<{
+    title: string;
+    body: string;
+    labels?: string[];
+    assignees?: string[];
+}, {}>;
+export declare function IssueTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    title: string;
+    body: string;
+    labels?: string[];
+    assignees?: string[];
+}, {
+    title: string;
+    body: string;
+    labels?: string[];
+    assignees?: string[];
+}>>;

package/dist/mcp/issueComments.d.ts

@@ -0,0 +1,9 @@
+import type { ToolContext } from "#app/mcp/server";
+export declare const GetIssueComments: import("arktype/internal/variants/object.ts").ObjectType<{
+    issue_number: number;
+}, {}>;
+export declare function GetIssueCommentsTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    issue_number: number;
+}, {
+    issue_number: number;
+}>>;

package/dist/mcp/issueEvents.d.ts

@@ -0,0 +1,9 @@
+import type { ToolContext } from "#app/mcp/server";
+export declare const GetIssueEvents: import("arktype/internal/variants/object.ts").ObjectType<{
+    issue_number: number;
+}, {}>;
+export declare function GetIssueEventsTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    issue_number: number;
+}, {
+    issue_number: number;
+}>>;

package/dist/mcp/issueInfo.d.ts

@@ -0,0 +1,9 @@
+import type { ToolContext } from "#app/mcp/server";
+export declare const IssueInfo: import("arktype/internal/variants/object.ts").ObjectType<{
+    issue_number: number;
+}, {}>;
+export declare function IssueInfoTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    issue_number: number;
+}, {
+    issue_number: number;
+}>>;

package/dist/mcp/labels.d.ts

@@ -0,0 +1,12 @@
+import type { ToolContext } from "#app/mcp/server";
+export declare const AddLabelsParams: import("arktype/internal/variants/object.ts").ObjectType<{
+    issue_number: number;
+    labels: string[];
+}, {}>;
+export declare function AddLabelsTool(ctx: ToolContext): import("fastmcp").Tool<any, import("@standard-schema/spec").StandardSchemaV1<{
+    issue_number: number;
+    labels: string[];
+}, {
+    issue_number: number;
+    labels: string[];
+}>>;

package/dist/mcp/localContext.d.ts

@@ -0,0 +1,19 @@
+import type { ToolState } from "#app/toolState";
+import type { ResolvedPayload } from "#app/utils/payload";
+/**
+ * The cwd-scoped, GitHub-free subset of `ToolContext` that the read-only
+ * Terraform tools depend on. Two providers exist:
+ *
+ *   - the GitHub Action run: the full `ToolContext` (structurally assignable —
+ *     it carries these fields plus the GitHub/auth surface), and
+ *   - `terramend mcp` (the local stdio MCP server): exactly this shape, built
+ *     from CLI flags — no octokit, no tokens, no event payload.
+ *
+ * Keep this interface to fields a LOCAL run can genuinely provide. A tool that
+ * needs more (octokit, push, PR state) belongs on `ToolContext`, not here.
+ */
+export interface LocalToolContext {
+    payload: Pick<ResolvedPayload, "cwd" | "scanScope" | "severityThreshold" | "autonomyThreshold" | "costIncreaseBlockUsd" | "moduleCatalogue">;
+    toolState: ToolState;
+    tmpdir: string;
+}