zero-config-cli-bridge 1.0.0 → 1.1.0

package/dist/executor.d.ts

@@ -3,5 +3,9 @@ export interface ExecuteResult {
     stderr: string;
     exitCode: number;
 }
-export declare function executeCommand(command: string): Promise<ExecuteResult>;
+/**
+ * Executes a binary directly with an args array.
+ * NO shell intermediary — shell injection is structurally impossible.
+ */
+export declare function executeCommand(bin: string, args: string[]): Promise<ExecuteResult>;
 //# sourceMappingURL=executor.d.ts.map

package/dist/executor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"executor.d.ts","sourceRoot":"","sources":["../src/executor.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAWD,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAqCtE"}
+{"version":3,"file":"executor.d.ts","sourceRoot":"","sources":["../src/executor.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAaD;;;GAGG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,CAgClF"}

package/dist/executor.js

@@ -1,29 +1,31 @@
 import { spawn } from 'child_process';
-const MAX_OUTPUT = 2000;
+// Raw character cap — fires only for non-JSON (error messages, plain text).
+// Structured JSON output is truncated at the item level in index.ts.
+const MAX_OUTPUT_CHARS = 10_000_000; // 10 MB hard ceiling
 const TRUNCATION_MSG = '\n...[Output truncated. Use grep/jq to filter]';
-const TIMEOUT_MS = 3000;
-function truncate(output) {
-    if (output.length <= MAX_OUTPUT)
-        return output;
-    return output.slice(0, MAX_OUTPUT) + TRUNCATION_MSG;
+const TIMEOUT_MS = 15_000;
+function truncate(s) {
+    if (s.length <= MAX_OUTPUT_CHARS)
+        return s;
+    return s.slice(0, MAX_OUTPUT_CHARS) + TRUNCATION_MSG;
 }
-export function executeCommand(command) {
+/**
+ * Executes a binary directly with an args array.
+ * NO shell intermediary — shell injection is structurally impossible.
+ */
+export function executeCommand(bin, args) {
     return new Promise((resolve, reject) => {
-        const proc = spawn('sh', ['-c', command], {
+        const proc = spawn(bin, args, {
             env: { ...process.env, CI: 'true' },
             stdio: ['ignore', 'pipe', 'pipe'],
         });
         let stdoutBuf = '';
         let stderrBuf = '';
-        proc.stdout.on('data', (chunk) => {
-            stdoutBuf += chunk.toString();
-        });
-        proc.stderr.on('data', (chunk) => {
-            stderrBuf += chunk.toString();
-        });
+        proc.stdout.on('data', (chunk) => { stdoutBuf += chunk.toString(); });
+        proc.stderr.on('data', (chunk) => { stderrBuf += chunk.toString(); });
         const timer = setTimeout(() => {
             proc.kill('SIGKILL');
-            reject(new Error(`Command timed out after ${TIMEOUT_MS}ms: ${command}`));
+            reject(new Error(`Command timed out after ${TIMEOUT_MS}ms`));
         }, TIMEOUT_MS);
         proc.on('close', (code) => {
             clearTimeout(timer);

package/dist/executor.js.map

@@ -1 +1 @@
-{"version":3,"file":"executor.js","sourceRoot":"","sources":["../src/executor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAQtC,MAAM,UAAU,GAAG,IAAI,CAAC;AACxB,MAAM,cAAc,GAAG,gDAAgD,CAAC;AACxE,MAAM,UAAU,GAAG,IAAI,CAAC;AAExB,SAAS,QAAQ,CAAC,MAAc;IAC9B,IAAI,MAAM,CAAC,MAAM,IAAI,UAAU;QAAE,OAAO,MAAM,CAAC;IAC/C,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,cAAc,CAAC;AACtD,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE;YACxC,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE;YACnC,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,SAAS,GAAG,EAAE,CAAC;QAEnB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACvC,SAAS,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAChC,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACvC,SAAS,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAChC,CAAC,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACrB,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,UAAU,OAAO,OAAO,EAAE,CAAC,CAAC,CAAC;QAC3E,CAAC,EAAE,UAAU,CAAC,CAAC;QAEf,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAmB,EAAE,EAAE;YACvC,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,OAAO,CAAC;gBACN,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC;gBAC3B,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC;gBAC3B,QAAQ,EAAE,IAAI,IAAI,CAAC;aACpB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YAC9B,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
+{"version":3,"file":"executor.js","sourceRoot":"","sources":["../src/executor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAQtC,4EAA4E;AAC5E,qEAAqE;AACrE,MAAM,gBAAgB,GAAG,UAAU,CAAC,CAAC,qBAAqB;AAC1D,MAAM,cAAc,GAAG,gDAAgD,CAAC;AACxE,MAAM,UAAU,GAAG,MAAM,CAAC;AAE1B,SAAS,QAAQ,CAAC,CAAS;IACzB,IAAI,CAAC,CAAC,MAAM,IAAI,gBAAgB;QAAE,OAAO,CAAC,CAAC;IAC3C,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,gBAAgB,CAAC,GAAG,cAAc,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,GAAW,EAAE,IAAc;IACxD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE;YAC5B,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE;YACnC,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,SAAS,GAAG,EAAE,CAAC;QAEnB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,SAAS,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9E,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,SAAS,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9E,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACrB,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,UAAU,IAAI,CAAC,CAAC,CAAC;QAC/D,CAAC,EAAE,UAAU,CAAC,CAAC;QAEf,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAmB,EAAE,EAAE;YACvC,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,OAAO,CAAC;gBACN,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC;gBAC3B,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC;gBAC3B,QAAQ,EAAE,IAAI,IAAI,CAAC;aACpB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YAC9B,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/index.js

@@ -3,52 +3,85 @@ import { Server } from '@modelcontextprotocol/sdk/server/index.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
 import { CallToolRequestSchema, ListToolsRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
 import { executeCommand } from './executor.js';
-import { validateReadOnly } from './security.js';
-import { buildGhCommand, getToolDefinitions } from './schema.js';
-const server = new Server({ name: 'zero-config-cli-bridge', version: '1.0.0' }, { capabilities: { tools: {} } });
-server.setRequestHandler(ListToolsRequestSchema, async () => {
-    return { tools: getToolDefinitions() };
-});
+const MAX_JSON_ITEMS = 30;
+const TRUNCATION_MSG = `\n...[Output truncated at ${MAX_JSON_ITEMS} items. Use --limit or filters to narrow results.]`;
+/**
+ * Ensures the output returned to the LLM is always valid JSON.
+ * If the output is a JSON array, caps it at MAX_JSON_ITEMS to prevent
+ * context exhaustion. Falls back to raw text if parsing fails.
+ */
+function toJsonOutput(raw) {
+    try {
+        const parsed = JSON.parse(raw);
+        if (Array.isArray(parsed)) {
+            if (parsed.length > MAX_JSON_ITEMS) {
+                return JSON.stringify(parsed.slice(0, MAX_JSON_ITEMS), null, 2) + TRUNCATION_MSG;
+            }
+            return JSON.stringify(parsed, null, 2);
+        }
+        return JSON.stringify(parsed, null, 2);
+    }
+    catch {
+        return raw; // non-JSON response (errors, etc.) returned as-is
+    }
+}
+import { validateSubcommand, validateArgs } from './security.js';
+import { buildToolDefinitions, buildGhArgs } from './schema.js';
+const server = new Server({ name: 'zero-config-cli-bridge', version: '1.1.0' }, { capabilities: { tools: {} } });
+let toolRegistry = new Map();
+server.setRequestHandler(ListToolsRequestSchema, async () => ({
+    tools: Array.from(toolRegistry.values()).map(({ name, description, inputSchema }) => ({
+        name,
+        description,
+        inputSchema,
+    })),
+}));
 server.setRequestHandler(CallToolRequestSchema, async (request) => {
     const { name: toolName, arguments: rawArgs } = request.params;
     const args = (rawArgs ?? {});
-    const command = buildGhCommand(toolName, args);
-    // Security check: block mutating commands
+    const tool = toolRegistry.get(toolName);
+    if (!tool) {
+        return {
+            content: [{ type: 'text', text: `Error: Unknown tool "${toolName}".` }],
+            isError: true,
+        };
+    }
+    // Security: whitelist subcommand + validate arg values
     try {
-        validateReadOnly(command);
+        validateSubcommand(tool.subcommand.join(' '));
+        validateArgs(args);
     }
     catch (err) {
-        const msg = err instanceof Error ? err.message : String(err);
         return {
-            content: [{ type: 'text', text: msg }],
+            content: [{ type: 'text', text: err instanceof Error ? err.message : String(err) }],
             isError: true,
         };
     }
-    // Execute command
+    // Direct spawn — no shell, no injection surface
+    const ghArgs = buildGhArgs(tool, args);
     let result;
     try {
-        result = await executeCommand(command);
+        result = await executeCommand('gh', ghArgs);
     }
     catch (err) {
-        const msg = err instanceof Error ? err.message : String(err);
         return {
-            content: [{ type: 'text', text: `Execution error: ${msg}` }],
+            content: [{ type: 'text', text: `Execution error: ${err instanceof Error ? err.message : String(err)}` }],
             isError: true,
         };
     }
-    const output = result.stdout ||
-        result.stderr ||
-        `(no output, exit code ${result.exitCode})`;
-    const isError = result.exitCode !== 0;
+    const raw = result.stdout || result.stderr || `(no output, exit code ${result.exitCode})`;
+    const output = toJsonOutput(raw);
     return {
         content: [{ type: 'text', text: output }],
-        isError,
+        isError: result.exitCode !== 0,
     };
 });
 async function main() {
+    // Probe local gh binary for available capabilities before accepting requests
+    const tools = await buildToolDefinitions();
+    toolRegistry = new Map(tools.map((t) => [t.name, t]));
     const transport = new StdioServerTransport();
     await server.connect(transport);
-    // Server is running on stdio - no console output to avoid corrupting MCP protocol
 }
 main().catch((err) => {
     process.stderr.write(`Fatal error: ${err}\n`);

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAEjE,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB,EAAE,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,OAAO,EAAE,EACpD,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;AAEF,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE;IAC1D,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE,EAAE,CAAC;AACzC,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9D,MAAM,IAAI,GAAG,CAAC,OAAO,IAAI,EAAE,CAA4B,CAAC;IAExD,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAE/C,0CAA0C;IAC1C,IAAI,CAAC;QACH,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;YACtC,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,kBAAkB;IAClB,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,oBAAoB,GAAG,EAAE,EAAE,CAAC;YAC5D,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GACV,MAAM,CAAC,MAAM;QACb,MAAM,CAAC,MAAM;QACb,yBAAyB,MAAM,CAAC,QAAQ,GAAG,CAAC;IAE9C,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,KAAK,CAAC,CAAC;IAEtC,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;QACzC,OAAO;KACR,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,kFAAkF;AACpF,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAAC;IAC9C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAE/C,MAAM,cAAc,GAAG,EAAE,CAAC;AAC1B,MAAM,cAAc,GAAG,6BAA6B,cAAc,oDAAoD,CAAC;AAEvH;;;;GAIG;AACH,SAAS,YAAY,CAAC,GAAW;IAC/B,IAAI,CAAC;QACH,MAAM,MAAM,GAAY,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACxC,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,cAAc,EAAE,CAAC;gBACnC,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,cAAc,CAAC;YACnF,CAAC;YACD,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,GAAG,CAAC,CAAC,kDAAkD;IAChE,CAAC;AACH,CAAC;AACD,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAkB,MAAM,aAAa,CAAC;AAEhF,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB,EAAE,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,OAAO,EAAE,EACpD,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAChC,CAAC;AAEF,IAAI,YAAY,GAAG,IAAI,GAAG,EAA0B,CAAC;AAErD,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;IAC5D,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC,CAAC;QACpF,IAAI;QACJ,WAAW;QACX,WAAW;KACZ,CAAC,CAAC;CACJ,CAAC,CAAC,CAAC;AAEJ,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9D,MAAM,IAAI,GAAG,CAAC,OAAO,IAAI,EAAE,CAA4B,CAAC;IAExD,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACxC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,QAAQ,IAAI,EAAE,CAAC;YACvE,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC;QACH,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9C,YAAY,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACnF,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,gDAAgD;IAChD,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAEvC,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,oBAAoB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACzG,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,IAAI,yBAAyB,MAAM,CAAC,QAAQ,GAAG,CAAC;IAC1F,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;IAEjC,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;QACzC,OAAO,EAAE,MAAM,CAAC,QAAQ,KAAK,CAAC;KAC/B,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,KAAK,UAAU,IAAI;IACjB,6EAA6E;IAC7E,MAAM,KAAK,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC3C,YAAY,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IAEtD,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAAC;IAC9C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/schema.d.ts

@@ -9,7 +9,12 @@ export interface ToolDefinition {
         }>;
         required?: string[];
     };
+    /** gh subcommand tokens, e.g. ['issue', 'list'] */
+    subcommand: string[];
+    /** JSON fields confirmed available in the local gh binary */
+    jsonFields: string[];
 }
-export declare function getToolDefinitions(): ToolDefinition[];
-export declare function buildGhCommand(toolName: string, args: Record<string, unknown>): string;
+export declare function buildToolDefinitions(): Promise<ToolDefinition[]>;
+/** Builds the gh args array for direct spawn — no shell string, no injection surface. */
+export declare function buildGhArgs(tool: ToolDefinition, args: Record<string, unknown>): string[];
 //# sourceMappingURL=schema.d.ts.map

package/dist/schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ,CAAC;QACf,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;KACrB,CAAC;CACH;AAED,wBAAgB,kBAAkB,IAAI,cAAc,EAAE,CAqErD;AAED,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,MAAM,CA+BR"}
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ,CAAC;QACf,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAClE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;KACrB,CAAC;IACF,mDAAmD;IACnD,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,6DAA6D;IAC7D,UAAU,EAAE,MAAM,EAAE,CAAC;CACtB;AAwDD,wBAAsB,oBAAoB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC,CA4CtE;AAED,yFAAyF;AACzF,wBAAgB,WAAW,CAAC,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,EAAE,CAWzF"}

package/dist/schema.js

@@ -1,98 +1,114 @@
-export function getToolDefinitions() {
+import { executeCommand } from './executor.js';
+const FALLBACK_FIELDS = {
+    'issue list': ['number', 'title', 'state', 'labels', 'assignees', 'createdAt', 'url'],
+    'pr list': ['number', 'title', 'state', 'labels', 'assignees', 'createdAt', 'url', 'baseRefName'],
+};
+/**
+ * Fields known to work with the standard `repo` OAuth scope.
+ * Excludes:
+ *   - Fields requiring elevated scopes (e.g. `id` requires read:project)
+ *   - `body` — issue/PR body text is unbounded and causes JSON truncation
+ */
+const REPO_SCOPE_SAFE_FIELDS = new Set([
+    'number', 'title', 'state', 'labels', 'assignees',
+    'author', 'createdAt', 'updatedAt', 'closedAt', 'url',
+    'comments', 'milestone', 'isDraft', 'locked',
+    // PR-specific
+    'baseRefName', 'headRefName', 'headRepository', 'mergedAt', 'mergeCommit',
+    'reviewDecision', 'additions', 'deletions', 'changedFiles',
+]);
+/**
+ * Queries the local gh binary for the JSON fields it supports for a given
+ * subcommand. Uses an intentionally invalid field name to trigger gh's
+ * "available fields" error message, then parses the response.
+ *
+ * Falls back to a known-safe static list if detection fails.
+ */
+async function probeJsonFields(subcommand) {
+    const key = subcommand.join(' ');
+    try {
+        const result = await executeCommand('gh', [
+            ...subcommand,
+            '--json', '__probe__',
+            '--limit', '0',
+        ]);
+        const text = result.stderr;
+        // gh outputs: `run 'gh issue list --json' to see available fields`
+        // then lists them, or lists inline after a colon.
+        const match = text.match(/available fields?[:\s]+([\s\S]+?)(?:\n\n|$)/i);
+        if (match) {
+            const fields = match[1]
+                .trim()
+                .split(/[\s,]+/)
+                .map((f) => f.trim())
+                .filter((f) => /^[a-zA-Z][a-zA-Z0-9]*$/.test(f))
+                .filter((f) => REPO_SCOPE_SAFE_FIELDS.has(f)); // exclude elevated-scope fields
+            if (fields.length > 0)
+                return fields;
+        }
+    }
+    catch {
+        // gh not found or timed out — fall through to static
+    }
+    return FALLBACK_FIELDS[key] ?? [];
+}
+export async function buildToolDefinitions() {
+    const [issueFields, prFields] = await Promise.all([
+        probeJsonFields(['issue', 'list']),
+        probeJsonFields(['pr', 'list']),
+    ]);
     return [
         {
             name: 'gh_issue_list',
-            description: 'List GitHub issues for a repository using the local `gh` CLI. ' +
-                'Requires gh to be installed and authenticated.',
+            description: 'List GitHub issues as structured JSON. ' +
+                'Uses the local `gh` CLI and its existing authentication — no API key required.',
+            subcommand: ['issue', 'list'],
+            jsonFields: issueFields,
             inputSchema: {
                 type: 'object',
                 properties: {
-                    repo: {
-                        type: 'string',
-                        description: 'Repository in OWNER/REPO format (e.g. "cli/cli"). ' +
-                            'If omitted, uses the current directory\'s git remote.',
-                    },
-                    limit: {
-                        type: 'number',
-                        description: 'Maximum number of issues to fetch (default: 30).',
-                    },
-                    state: {
-                        type: 'string',
-                        description: 'Filter by state: "open" (default), "closed", or "all".',
-                    },
-                    label: {
-                        type: 'string',
-                        description: 'Filter by label name.',
-                    },
-                    assignee: {
-                        type: 'string',
-                        description: 'Filter by assignee login.',
-                    },
+                    repo: { type: 'string', description: 'OWNER/REPO (e.g. "cli/cli"). Omit to use current directory.' },
+                    limit: { type: 'number', description: 'Max results (default: 30).' },
+                    state: { type: 'string', description: '"open" (default) | "closed" | "all".' },
+                    label: { type: 'string', description: 'Filter by label name.' },
+                    assignee: { type: 'string', description: 'Filter by assignee login.' },
                 },
             },
         },
         {
             name: 'gh_pr_list',
-            description: 'List GitHub pull requests for a repository using the local `gh` CLI. ' +
-                'Requires gh to be installed and authenticated.',
+            description: 'List GitHub pull requests as structured JSON. ' +
+                'Uses the local `gh` CLI and its existing authentication — no API key required.',
+            subcommand: ['pr', 'list'],
+            jsonFields: prFields,
             inputSchema: {
                 type: 'object',
                 properties: {
-                    repo: {
-                        type: 'string',
-                        description: 'Repository in OWNER/REPO format (e.g. "cli/cli"). ' +
-                            'If omitted, uses the current directory\'s git remote.',
-                    },
-                    limit: {
-                        type: 'number',
-                        description: 'Maximum number of PRs to fetch (default: 30).',
-                    },
-                    state: {
-                        type: 'string',
-                        description: 'Filter by state: "open" (default), "closed", or "merged".',
-                    },
-                    base: {
-                        type: 'string',
-                        description: 'Filter by base branch name.',
-                    },
-                    assignee: {
-                        type: 'string',
-                        description: 'Filter by assignee login.',
-                    },
+                    repo: { type: 'string', description: 'OWNER/REPO (e.g. "cli/cli"). Omit to use current directory.' },
+                    limit: { type: 'number', description: 'Max results (default: 30).' },
+                    state: { type: 'string', description: '"open" (default) | "closed" | "merged".' },
+                    base: { type: 'string', description: 'Filter by base branch.' },
+                    assignee: { type: 'string', description: 'Filter by assignee login.' },
                 },
             },
         },
     ];
 }
-export function buildGhCommand(toolName, args) {
-    const parts = ['gh'];
-    if (toolName === 'gh_issue_list') {
-        parts.push('issue', 'list');
-    }
-    else if (toolName === 'gh_pr_list') {
-        parts.push('pr', 'list');
-    }
-    else {
-        throw new Error(`Unknown tool: ${toolName}`);
-    }
-    if (args['repo'] !== undefined) {
+/** Builds the gh args array for direct spawn — no shell string, no injection surface. */
+export function buildGhArgs(tool, args) {
+    const parts = [...tool.subcommand, '--json', tool.jsonFields.join(',')];
+    if (args['repo'] !== undefined)
         parts.push('--repo', String(args['repo']));
-    }
-    if (args['limit'] !== undefined) {
+    if (args['limit'] !== undefined)
         parts.push('--limit', String(args['limit']));
-    }
-    if (args['state'] !== undefined) {
+    if (args['state'] !== undefined)
         parts.push('--state', String(args['state']));
-    }
-    if (toolName === 'gh_issue_list' && args['label'] !== undefined) {
+    if (args['label'] !== undefined && tool.name === 'gh_issue_list')
         parts.push('--label', String(args['label']));
-    }
-    if (args['assignee'] !== undefined) {
+    if (args['assignee'] !== undefined)
         parts.push('--assignee', String(args['assignee']));
-    }
-    if (toolName === 'gh_pr_list' && args['base'] !== undefined) {
+    if (args['base'] !== undefined && tool.name === 'gh_pr_list')
         parts.push('--base', String(args['base']));
-    }
-    return parts.join(' ');
+    return parts;
 }
 //# sourceMappingURL=schema.js.map

package/dist/schema.js.map

@@ -1 +1 @@
-{"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAUA,MAAM,UAAU,kBAAkB;IAChC,OAAO;QACL;YACE,IAAI,EAAE,eAAe;YACrB,WAAW,EACT,gEAAgE;gBAChE,gDAAgD;YAClD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAE;wBACJ,IAAI,EAAE,QAAQ;wBACd,WAAW,EACT,oDAAoD;4BACpD,uDAAuD;qBAC1D;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,kDAAkD;qBAChE;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,wDAAwD;qBACtE;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,uBAAuB;qBACrC;oBACD,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,2BAA2B;qBACzC;iBACF;aACF;SACF;QACD;YACE,IAAI,EAAE,YAAY;YAClB,WAAW,EACT,uEAAuE;gBACvE,gDAAgD;YAClD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAE;wBACJ,IAAI,EAAE,QAAQ;wBACd,WAAW,EACT,oDAAoD;4BACpD,uDAAuD;qBAC1D;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,+CAA+C;qBAC7D;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,2DAA2D;qBACzE;oBACD,IAAI,EAAE;wBACJ,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,6BAA6B;qBAC3C;oBACD,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,2BAA2B;qBACzC;iBACF;aACF;SACF;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,QAAgB,EAChB,IAA6B;IAE7B,MAAM,KAAK,GAAa,CAAC,IAAI,CAAC,CAAC;IAE/B,IAAI,QAAQ,KAAK,eAAe,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC9B,CAAC;SAAM,IAAI,QAAQ,KAAK,YAAY,EAAE,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC3B,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,iBAAiB,QAAQ,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,SAAS,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,SAAS,EAAE,CAAC;QAChC,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,SAAS,EAAE,CAAC;QAChC,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,IAAI,QAAQ,KAAK,eAAe,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,SAAS,EAAE,CAAC;QAChE,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,SAAS,EAAE,CAAC;QACnC,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,QAAQ,KAAK,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,SAAS,EAAE,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC"}
+{"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAgB/C,MAAM,eAAe,GAA6B;IAChD,YAAY,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC;IACrF,SAAS,EAAK,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,KAAK,EAAE,aAAa,CAAC;CACrG,CAAC;AAEF;;;;;GAKG;AACH,MAAM,sBAAsB,GAAwB,IAAI,GAAG,CAAC;IAC1D,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW;IACjD,QAAQ,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK;IACrD,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ;IAC5C,cAAc;IACd,aAAa,EAAE,aAAa,EAAE,gBAAgB,EAAE,UAAU,EAAE,aAAa;IACzE,gBAAgB,EAAE,WAAW,EAAE,WAAW,EAAE,cAAc;CAC3D,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,KAAK,UAAU,eAAe,CAAC,UAAoB;IACjD,MAAM,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE;YACxC,GAAG,UAAU;YACb,QAAQ,EAAE,WAAW;YACrB,SAAS,EAAE,GAAG;SACf,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC;QAC3B,mEAAmE;QACnE,kDAAkD;QAClD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;QACzE,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC;iBACpB,IAAI,EAAE;iBACN,KAAK,CAAC,QAAQ,CAAC;iBACf,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;iBACpB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;iBAC/C,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,gCAAgC;YAClF,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;gBAAE,OAAO,MAAM,CAAC;QACvC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,qDAAqD;IACvD,CAAC;IACD,OAAO,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;AACpC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB;IACxC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAChD,eAAe,CAAC,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAClC,eAAe,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;KAChC,CAAC,CAAC;IAEH,OAAO;QACL;YACE,IAAI,EAAE,eAAe;YACrB,WAAW,EACT,yCAAyC;gBACzC,gFAAgF;YAClF,UAAU,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;YAC7B,UAAU,EAAE,WAAW;YACvB,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE;oBACjF,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE;oBAClE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;QACD;YACE,IAAI,EAAE,YAAY;YAClB,WAAW,EACT,gDAAgD;gBAChD,gFAAgF;YAClF,UAAU,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC;YAC1B,UAAU,EAAE,QAAQ;YACpB,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE;oBACxG,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;oBACvE,KAAK,EAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;oBACpF,IAAI,EAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wBAAwB,EAAE;oBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;iBACvE;aACF;SACF;KACF,CAAC;AACJ,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,WAAW,CAAC,IAAoB,EAAE,IAA6B;IAC7E,MAAM,KAAK,GAAa,CAAC,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAElF,IAAI,IAAI,CAAC,MAAM,CAAC,KAAS,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAM,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACnF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,SAAS,EAAK,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACpF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,SAAS,EAAK,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACpF,IAAI,IAAI,CAAC,OAAO,CAAC,KAAQ,SAAS,IAAI,IAAI,CAAC,IAAI,KAAK,eAAe;QAAE,KAAK,CAAC,IAAI,CAAC,SAAS,EAAK,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACrH,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IACvF,IAAI,IAAI,CAAC,MAAM,CAAC,KAAS,SAAS,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY;QAAK,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAM,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAEpH,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/security.d.ts

@@ -1,2 +1,11 @@
-export declare function validateReadOnly(command: string): void;
+/**
+ * Security layer.
+ *
+ * With direct spawn(bin, args[]) there is no shell to inject into.
+ * This layer provides defense-in-depth by:
+ *   1. Whitelisting the exact subcommand paths allowed to execute.
+ *   2. Validating individual argument values for anomalous content.
+ */
+export declare function validateSubcommand(subcommand: string): void;
+export declare function validateArgs(args: Record<string, unknown>): void;
 //# sourceMappingURL=security.d.ts.map

package/dist/security.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAWA,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAWtD"}
+{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAQH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAM3D;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAWhE"}

package/dist/security.js

@@ -1,20 +1,30 @@
-const BLOCKED_KEYWORDS = [
-    'create',
-    'delete',
-    'edit',
-    'rm',
-    'update',
-    'close',
-    'reopen',
-    'merge',
-];
-export function validateReadOnly(command) {
-    const lower = command.toLowerCase();
-    for (const keyword of BLOCKED_KEYWORDS) {
-        // Match keyword as a whole word (surrounded by non-alphanumeric chars or at boundaries)
-        const pattern = new RegExp(`(?<![a-z0-9])${keyword}(?![a-z0-9])`);
-        if (pattern.test(lower)) {
-            throw new Error('Error: Mutating commands are blocked in MVP version. Use read-only commands.');
+/**
+ * Security layer.
+ *
+ * With direct spawn(bin, args[]) there is no shell to inject into.
+ * This layer provides defense-in-depth by:
+ *   1. Whitelisting the exact subcommand paths allowed to execute.
+ *   2. Validating individual argument values for anomalous content.
+ */
+/** Only these gh subcommand paths may execute. */
+const ALLOWED_SUBCOMMANDS = new Set([
+    'issue list',
+    'pr list',
+]);
+export function validateSubcommand(subcommand) {
+    if (!ALLOWED_SUBCOMMANDS.has(subcommand)) {
+        throw new Error(`Error: Subcommand "${subcommand}" is not in the read-only allow-list.`);
+    }
+}
+export function validateArgs(args) {
+    for (const [, val] of Object.entries(args)) {
+        if (typeof val === 'string') {
+            if (val.includes('\0')) {
+                throw new Error('Error: Null byte detected in argument value.');
+            }
+            if (val.length > 512) {
+                throw new Error('Error: Argument value exceeds maximum length (512).');
+            }
         }
     }
 }

package/dist/security.js.map

@@ -1 +1 @@
-{"version":3,"file":"security.js","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA,MAAM,gBAAgB,GAAG;IACvB,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,IAAI;IACJ,QAAQ;IACR,OAAO;IACP,QAAQ;IACR,OAAO;CACR,CAAC;AAEF,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC9C,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IACpC,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;QACvC,wFAAwF;QACxF,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,gBAAgB,OAAO,cAAc,CAAC,CAAC;QAClE,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,8EAA8E,CAC/E,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC"}
+{"version":3,"file":"security.js","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,kDAAkD;AAClD,MAAM,mBAAmB,GAAwB,IAAI,GAAG,CAAC;IACvD,YAAY;IACZ,SAAS;CACV,CAAC,CAAC;AAEH,MAAM,UAAU,kBAAkB,CAAC,UAAkB;IACnD,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CACb,sBAAsB,UAAU,uCAAuC,CACxE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAA6B;IACxD,KAAK,MAAM,CAAC,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAClE,CAAC;YACD,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC"}

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "zero-config-cli-bridge",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "Zero Setup. Zero API Keys. Expose your local authenticated CLIs as MCP tools.",
   "type": "module",
   "main": "dist/index.js",
   "bin": {
-    "zero-config-cli-bridge": "./dist/index.js"
+    "zero-config-cli-bridge": "dist/index.js"
   },
   "files": [
     "dist",
@@ -28,6 +28,14 @@
     "agent",
     "tool"
   ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/hatyibei/zero-config-cli-bridge"
+  },
+  "homepage": "https://github.com/hatyibei/zero-config-cli-bridge#readme",
+  "bugs": {
+    "url": "https://github.com/hatyibei/zero-config-cli-bridge/issues"
+  },
   "license": "MIT",
   "engines": {
     "node": ">=20.0.0"