npm - trace-mcp - Versions diffs - 1.6.1 → 1.7.0 - Mend

trace-mcp 1.6.1 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/cli.js +1147 -275
package/dist/cli.js.map +1 -1
package/dist/index.d.ts +43 -2
package/dist/index.js +337 -19
package/dist/index.js.map +1 -1
package/hooks/trace-mcp-guard.cmd +28 -2
package/hooks/trace-mcp-guard.sh +29 -1
package/package.json +1 -1

package/hooks/trace-mcp-guard.cmd CHANGED Viewed

@@ -1,7 +1,7 @@
 @echo off
-REM trace-mcp-guard v0.4.0
+REM trace-mcp-guard v0.5.0
 REM trace-mcp PreToolUse guard (Windows)
-REM Blocks Read/Grep/Glob/Bash on source code files - redirects to trace-mcp tools.
+REM Blocks Read/Grep/Glob/Bash on source code files + Agent(Explore) subagents - redirects to trace-mcp tools.
 REM Allows: non-code files, Read before Edit, safe Bash commands (git, npm, build, test).
 REM
 REM Consultation markers: trace-mcp server writes markers when tools access files.
@@ -138,6 +138,32 @@ if %errorlevel%==0 goto :allow
 call :deny "Use trace-mcp for code file discovery - it knows your project structure." "trace-mcp alternatives: get_project_map, search with file_pattern, get_outline. Use Glob only for non-code file patterns."
 goto :cleanup
+:check_agent
+REM --- Agent ---
+REM Block Agent(Explore) and exploration-style Agent(general-purpose).
+REM Each Agent subprocess costs ~50K tokens overhead (system prompt + CLAUDE.md + memory).
+if /i not "%TOOL_NAME%"=="Agent" goto :check_bash
+for /f "usebackq delims=" %%i in (`powershell -NoProfile -Command "try { (Get-Content '%TMPINPUT%' -Raw | ConvertFrom-Json).tool_input.subagent_type } catch { 'general-purpose' }"`) do set "SUBAGENT_TYPE=%%i"
+for /f "usebackq delims=" %%i in (`powershell -NoProfile -Command "(Get-Content '%TMPINPUT%' -Raw | ConvertFrom-Json).tool_input.description"`) do set "DESCRIPTION=%%i"
+REM Always block Explore agents
+if /i "%SUBAGENT_TYPE%"=="Explore" (
+    call :deny "Agent(Explore) wastes ~50K tokens on overhead. Use trace-mcp tools instead (~4K tokens)." "trace-mcp alternatives: get_task_context, get_feature_context, batch with multiple search/get_outline/get_symbol calls, get_project_map."
+    goto :cleanup
+)
+REM Block general-purpose agents doing code exploration
+if /i "%SUBAGENT_TYPE%"=="general-purpose" (
+    echo "%DESCRIPTION%" | findstr /i /r "explore investigate understand analyze analyse audit review study inspect catalog" >nul 2>&1
+    if !errorlevel!==0 (
+        call :deny "Agent(general-purpose) for code exploration wastes ~50K tokens. Use trace-mcp tools instead." "trace-mcp alternatives: get_task_context, get_feature_context, find_usages, get_call_graph, batch. Agent is OK for: writing code, running tests, web research, Plan mode."
+        goto :cleanup
+    )
+)
+goto :allow
 :check_bash
 REM --- Bash ---
 if /i not "%TOOL_NAME%"=="Bash" goto :allow

package/hooks/trace-mcp-guard.sh CHANGED Viewed

@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-# trace-mcp-guard v0.4.0
+# trace-mcp-guard v0.5.0
 # trace-mcp PreToolUse guard
 # Blocks Read/Grep/Glob/Bash on source code files → redirects to trace-mcp tools.
 # Allows: non-code files, Read before Edit, safe Bash commands (git, npm, build, test).
@@ -202,5 +202,33 @@ if [[ "$TOOL_NAME" == "Bash" ]]; then
   exit 0
 fi
+# --- Agent ---
+# Block Agent(Explore) and exploration-style Agent(general-purpose).
+# Each Agent subprocess costs ~50K tokens overhead (system prompt + CLAUDE.md + memory).
+# trace-mcp tools (get_task_context, get_feature_context, batch) do the same for ~4K tokens.
+if [[ "$TOOL_NAME" == "Agent" ]]; then
+  SUBAGENT_TYPE=$(echo "$INPUT" | jq -r '.tool_input.subagent_type // "general-purpose"')
+  DESCRIPTION=$(echo "$INPUT" | jq -r '.tool_input.description // ""' | tr '[:upper:]' '[:lower:]')
+  # Always block Explore agents — trace-mcp replaces them entirely
+  if [[ "$SUBAGENT_TYPE" == "Explore" ]]; then
+    deny \
+      "Agent(Explore) wastes ~50K tokens on overhead. Use trace-mcp tools instead (~4K tokens)." \
+      "trace-mcp alternatives:\\n- get_task_context { \\\"task\\\": \\\"your exploration goal\\\" } — focused context in one call\\n- get_feature_context { \\\"description\\\": \\\"what you need\\\" } — NL query → relevant symbols\\n- batch with multiple search/get_outline/get_symbol calls — parallel lookups\\n- get_project_map { \\\"summary_only\\\": true } — project overview"
+  fi
+  # Block general-purpose agents doing code exploration (not coding/testing/research)
+  if [[ "$SUBAGENT_TYPE" == "general-purpose" ]]; then
+    EXPLORE_RE='(explore|investigate|understand|analyze|analyse|audit|review|check .* (code|structure|architecture|implementation|pattern)|find .* (code|pattern|usage|definition)|study|deep dive|map .* (dependencies|imports)|catalog|inspect)'
+    if echo "$DESCRIPTION" | grep -qiE "$EXPLORE_RE"; then
+      deny \
+        "Agent(general-purpose) for code exploration wastes ~50K tokens. Use trace-mcp tools instead." \
+        "trace-mcp alternatives:\\n- get_task_context { \\\"task\\\": \\\"${DESCRIPTION}\\\" } — replaces exploration agents (~4K tokens)\\n- get_feature_context { \\\"description\\\": \\\"...\\\" } — NL query → relevant code\\n- find_usages / get_call_graph / get_change_impact — relationship analysis\\n- batch { \\\"calls\\\": [...] } — multiple lookups in one call\\nAgent is OK for: writing code, running tests, web research, Plan mode."
+    fi
+  fi
+  exit 0
+fi
 # Allow everything else
 exit 0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "trace-mcp",
-  "version": "1.6.1",
+  "version": "1.7.0",
   "mcpName": "io.github.nikolai-vysotskyi/trace-mcp",
   "description": "Framework-aware code intelligence MCP server — 48+ frameworks, 68 languages",
   "type": "module",