PyPI - claude-mpm - Versions diffs - 5.4.21__py3-none-any.whl → 5.4.59__py3-none-any.whl - Mend

claude-mpm 5.4.21py3-none-any.whl → 5.4.59py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of claude-mpm might be problematic. Click here for more details.

Files changed (176) hide show

claude_mpm/init.py CHANGED Viewed

@@ -163,6 +163,15 @@ class ProjectInitializer:
                         f"✓ Found {agent_count} project agent(s) in .claude-mpm/agents/"
                     )
+            # Verify and deploy PM skills (non-blocking)
+            self._verify_and_deploy_pm_skills(project_root, is_mcp_mode)
+            # Setup security hooks (auto-install pre-commit, detect-secrets)
+            self._setup_security_hooks(project_root, is_mcp_mode)
+            # Perform security checks (non-blocking)
+            self._check_security_risks(project_root, is_mcp_mode)
             return True
         except Exception as e:
@@ -170,6 +179,68 @@ class ProjectInitializer:
             print(f"✗ Failed to create .claude-mpm/ directory: {e}")
             return False
+    def _verify_and_deploy_pm_skills(
+        self, project_root: Path, is_mcp_mode: bool = False
+    ) -> None:
+        """Verify PM skills are deployed and auto-deploy if missing.
+        Non-blocking operation that gracefully handles errors.
+        Args:
+            project_root: Project root directory
+            is_mcp_mode: Whether running in MCP mode (suppress console output)
+        """
+        try:
+            from claude_mpm.services.pm_skills_deployer import PMSkillsDeployerService
+            deployer = PMSkillsDeployerService()
+            result = deployer.verify_pm_skills(project_root)
+            if not result.verified:
+                # Log warnings
+                for warning in result.warnings:
+                    self.logger.warning(warning)
+                # Auto-deploy PM skills
+                self.logger.info("Auto-deploying PM skills...")
+                deploy_result = deployer.deploy_pm_skills(project_root)
+                if deploy_result.success:
+                    self.logger.info(
+                        f"PM skills deployed: {len(deploy_result.deployed)} deployed, "
+                        f"{len(deploy_result.skipped)} skipped"
+                    )
+                    # Print to console if not in MCP mode
+                    if not is_mcp_mode:
+                        if deploy_result.deployed:
+                            print(
+                                f"✓ Deployed {len(deploy_result.deployed)} PM skill(s) "
+                                f"to .claude-mpm/skills/pm/"
+                            )
+                else:
+                    self.logger.warning(
+                        f"PM skills deployment had errors: {len(deploy_result.errors)}"
+                    )
+                    if not is_mcp_mode and deploy_result.errors:
+                        print(
+                            f"⚠ PM skills deployment had {len(deploy_result.errors)} error(s)"
+                        )
+            else:
+                # Skills verified successfully
+                registry = deployer._load_registry(project_root)
+                skill_count = len(registry.get("skills", []))
+                self.logger.debug(f"PM skills verified: {skill_count} skills")
+                if not is_mcp_mode and skill_count > 0:
+                    print(f"✓ Verified {skill_count} PM skill(s)")
+        except ImportError:
+            self.logger.debug("PM skills deployer not available")
+        except Exception as e:
+            self.logger.warning(f"PM skills verification failed: {e}")
+            # Don't print to console - this is a non-critical failure
     def _migrate_project_agents(self):
         """Migrate agents from old subdirectory structure to direct agents directory.
@@ -319,6 +390,211 @@ class ProjectInitializer:
                 if not dst_file.exists():
                     shutil.copy2(template_file, dst_file)
+    def _setup_security_hooks(
+        self, project_root: Path, is_mcp_mode: bool = False
+    ) -> None:
+        """Automatically install pre-commit hooks for secret scanning.
+        This method:
+        1. Installs pre-commit and detect-secrets if missing
+        2. Copies .pre-commit-config.yaml to project root
+        3. Runs pre-commit install to set up git hooks
+        4. Creates .secrets.baseline for detect-secrets
+        Args:
+            project_root: Project root directory
+            is_mcp_mode: Whether running in MCP mode (suppress console output)
+        """
+        try:
+            import subprocess
+            # Only set up hooks if this is a git repository
+            if not (project_root / ".git").exists():
+                self.logger.debug("Not a git repository, skipping security hooks setup")
+                return
+            # Check/install pre-commit
+            try:
+                subprocess.run(
+                    ["pre-commit", "--version"],
+                    capture_output=True,
+                    text=True,
+                    timeout=2,
+                    check=True,
+                )
+            except (
+                subprocess.CalledProcessError,
+                subprocess.TimeoutExpired,
+                FileNotFoundError,
+            ):
+                self.logger.info("Installing pre-commit...")
+                try:
+                    subprocess.run(
+                        [sys.executable, "-m", "pip", "install", "pre-commit"],
+                        capture_output=True,
+                        text=True,
+                        timeout=60,
+                        check=True,
+                    )
+                    self.logger.info("pre-commit installed successfully")
+                except subprocess.CalledProcessError as e:
+                    self.logger.warning(f"Failed to install pre-commit: {e}")
+                    return
+            # Check/install detect-secrets
+            try:
+                subprocess.run(
+                    ["detect-secrets", "--version"],
+                    capture_output=True,
+                    text=True,
+                    timeout=2,
+                    check=True,
+                )
+            except (
+                subprocess.CalledProcessError,
+                subprocess.TimeoutExpired,
+                FileNotFoundError,
+            ):
+                self.logger.info("Installing detect-secrets...")
+                try:
+                    subprocess.run(
+                        [sys.executable, "-m", "pip", "install", "detect-secrets"],
+                        capture_output=True,
+                        text=True,
+                        timeout=60,
+                        check=True,
+                    )
+                    self.logger.info("detect-secrets installed successfully")
+                except subprocess.CalledProcessError as e:
+                    self.logger.warning(f"Failed to install detect-secrets: {e}")
+                    return
+            # Copy .pre-commit-config.yaml to project root if it doesn't exist
+            precommit_config = project_root / ".pre-commit-config.yaml"
+            if not precommit_config.exists():
+                template_dir = Path(__file__).parent / "templates"
+                template_config = template_dir / ".pre-commit-config.yaml"
+                if template_config.exists():
+                    shutil.copy2(template_config, precommit_config)
+                    self.logger.info("Copied .pre-commit-config.yaml to project root")
+                else:
+                    self.logger.warning("Template .pre-commit-config.yaml not found")
+                    return
+            # Create .secrets.baseline if it doesn't exist
+            secrets_baseline = project_root / ".secrets.baseline"
+            if not secrets_baseline.exists():
+                try:
+                    subprocess.run(
+                        ["detect-secrets", "scan", "--baseline", ".secrets.baseline"],
+                        cwd=str(project_root),
+                        capture_output=True,
+                        text=True,
+                        timeout=30,
+                        check=True,
+                    )
+                    self.logger.info("Created .secrets.baseline")
+                except subprocess.CalledProcessError as e:
+                    self.logger.warning(f"Failed to create .secrets.baseline: {e}")
+            # Install git hooks
+            try:
+                subprocess.run(
+                    ["pre-commit", "install"],
+                    cwd=str(project_root),
+                    capture_output=True,
+                    text=True,
+                    timeout=30,
+                    check=True,
+                )
+                self.logger.info("Pre-commit hooks installed in git repository")
+                if not is_mcp_mode:
+                    print("✓ Security hooks installed (pre-commit + detect-secrets)")
+            except subprocess.CalledProcessError as e:
+                self.logger.warning(f"Failed to install pre-commit hooks: {e}")
+        except Exception as e:
+            self.logger.debug(f"Security hooks setup failed: {e}")
+            # Don't print to console - this is a non-critical failure
+    def _check_security_risks(
+        self, project_root: Path, is_mcp_mode: bool = False
+    ) -> None:
+        """Check for potential security risks like exposed config files.
+        Non-blocking operation that warns about security issues.
+        Args:
+            project_root: Project root directory
+            is_mcp_mode: Whether running in MCP mode (suppress console output)
+        """
+        try:
+            import subprocess
+            security_issues = []
+            # Common secret file patterns to check
+            secret_patterns = [
+                ".mcp-vector-search/config.json",
+                ".mcp/config.json",
+                "openrouter.json",
+                "anthropic-config.json",
+                "credentials.json",
+                "secrets.json",
+                "api-keys.json",
+            ]
+            for pattern in secret_patterns:
+                file_path = project_root / pattern
+                if file_path.exists():
+                    # Check if file is tracked by git
+                    try:
+                        result = subprocess.run(
+                            ["git", "ls-files", str(file_path)],
+                            check=False,
+                            cwd=str(project_root),
+                            capture_output=True,
+                            text=True,
+                            timeout=2,
+                        )
+                        if result.stdout.strip():
+                            security_issues.append(
+                                f"⚠️  SECURITY: {pattern} is tracked by git (may contain secrets)"
+                            )
+                    except (subprocess.TimeoutExpired, FileNotFoundError):
+                        pass
+                    # Check if file is ignored by .gitignore
+                    try:
+                        result = subprocess.run(
+                            ["git", "check-ignore", str(file_path)],
+                            check=False,
+                            cwd=str(project_root),
+                            capture_output=True,
+                            text=True,
+                            timeout=2,
+                        )
+                        if result.returncode != 0:  # File NOT ignored
+                            security_issues.append(
+                                f"⚠️  WARNING: {pattern} exists but not in .gitignore"
+                            )
+                    except (subprocess.TimeoutExpired, FileNotFoundError):
+                        pass
+            # Print security warnings if not in MCP mode
+            if security_issues and not is_mcp_mode:
+                print("\n🔒 Security Check:")
+                for issue in security_issues:
+                    print(f"   {issue}")
+                print()
+        except Exception as e:
+            self.logger.debug(f"Security check failed: {e}")
+            # Don't print to console - this is a non-critical failure
     def validate_dependencies(self) -> Dict[str, bool]:
         """Validate that all required dependencies are available."""
         dependencies = {}

claude_mpm/models/git_repository.py CHANGED Viewed

@@ -34,7 +34,7 @@ class GitRepository:
     def cache_path(self) -> Path:
         """Return cache directory path for this repository.
-        Cache structure: ~/.claude-mpm/cache/remote-agents/{owner}/{repo}/{subdirectory}/
+        Cache structure: ~/.claude-mpm/cache/agents/{owner}/{repo}/{subdirectory}/
         Returns:
             Absolute path to cache directory for this repository
@@ -45,10 +45,10 @@ class GitRepository:
             ...     subdirectory="agents"
             ... )
             >>> repo.cache_path
-            Path('/Users/user/.claude-mpm/cache/remote-agents/bobmatnyc/claude-mpm-agents/agents')
+            Path('/Users/user/.claude-mpm/cache/agents/bobmatnyc/claude-mpm-agents/agents')
         """
         home = Path.home()
-        base_cache = home / ".claude-mpm" / "cache" / "remote-agents"
+        base_cache = home / ".claude-mpm" / "cache" / "agents"
         # Extract owner and repo from URL
         owner, repo = self._parse_github_url(self.url)

claude_mpm/scripts/start_activity_logging.py CHANGED Viewed

File without changes

claude_mpm/services/agents/agent_builder.py CHANGED Viewed

@@ -206,8 +206,8 @@ class AgentBuilderService:
         """
         errors = []
-        # Required fields
-        required_fields = ["id", "name", "prompt", "model"]
+        # Required fields (model is optional - defaults to sonnet if not specified)
+        required_fields = ["id", "name", "prompt"]
         for field in required_fields:
             if field not in config:
                 errors.append(f"Missing required field: {field}")
@@ -219,7 +219,7 @@ class AgentBuilderService:
             except AgentDeploymentError as e:
                 errors.append(str(e))
-        # Validate model
+        # Validate model (only if present)
         if "model" in config:
             try:
                 self._validate_model(config["model"])

claude_mpm/services/agents/cache_git_manager.py CHANGED Viewed

@@ -29,7 +29,7 @@ Error Handling:
 Example:
     >>> from pathlib import Path
-    >>> manager = CacheGitManager(Path.home() / ".claude-mpm/cache/remote-agents")
+    >>> manager = CacheGitManager(Path.home() / ".claude-mpm/cache/agents")
     >>> if manager.is_git_repo():
     ...     status = manager.get_status()
     ...     print(f"Branch: {status['branch']}, Uncommitted: {len(status['uncommitted'])}")
@@ -76,7 +76,7 @@ class CacheGitManager:
             timeout: Git command timeout in seconds (default: 30)
         Example:
-            >>> cache_dir = Path.home() / ".claude-mpm/cache/remote-agents"
+            >>> cache_dir = Path.home() / ".claude-mpm/cache/agents"
             >>> manager = CacheGitManager(cache_dir)
         """
         self.cache_path = Path(cache_path)
@@ -105,12 +105,12 @@ class CacheGitManager:
         Example:
             >>> # Case 1: cache_path inside repo (searches upward)
-            >>> # cache_path: ~/.claude-mpm/cache/remote-agents/bobmatnyc/claude-mpm-agents/agents
-            >>> # Found at: ~/.claude-mpm/cache/remote-agents/bobmatnyc/claude-mpm-agents
+            >>> # cache_path: ~/.claude-mpm/cache/agents/bobmatnyc/claude-mpm-agents/agents
+            >>> # Found at: ~/.claude-mpm/cache/agents/bobmatnyc/claude-mpm-agents
             >>> # Case 2: repo nested in cache_path (searches downward)
-            >>> # cache_path: ~/.claude-mpm/cache/remote-agents
-            >>> # Found at: ~/.claude-mpm/cache/remote-agents/bobmatnyc/claude-mpm-agents
+            >>> # cache_path: ~/.claude-mpm/cache/agents
+            >>> # Found at: ~/.claude-mpm/cache/agents/bobmatnyc/claude-mpm-agents
         """
         # Strategy 1: Search upward (cache_path is inside repo)
         current = self.cache_path

claude_mpm/services/agents/deployment/agent_deployment.py CHANGED Viewed

@@ -876,13 +876,13 @@ class AgentDeploymentService(ConfigServiceBase, AgentDeploymentInterface):
             user_agents_dir = potential_user_dir
             self.logger.info(f"Found user agents at: {user_agents_dir}")
-        # Check for remote agents (cached from GitHub)
-        remote_agents_dir = None
+        # Check for agents cache (from Git sources)
+        agents_cache_dir = None
         cache_dir = user_home / ".claude-mpm" / "cache"
-        potential_remote_dir = cache_dir / "remote-agents"
-        if potential_remote_dir.exists():
-            remote_agents_dir = potential_remote_dir
-            self.logger.info(f"Found remote agents cache at: {remote_agents_dir}")
+        potential_cache_dir = cache_dir / "agents"
+        if potential_cache_dir.exists():
+            agents_cache_dir = potential_cache_dir
+            self.logger.info(f"Found agents cache at: {agents_cache_dir}")
         # Get agents with version comparison and cleanup (4-tier discovery)
         agents_to_deploy, agent_sources, cleanup_results = (
@@ -890,7 +890,7 @@ class AgentDeploymentService(ConfigServiceBase, AgentDeploymentInterface):
                 system_templates_dir=system_templates_dir,
                 project_agents_dir=project_agents_dir,
                 user_agents_dir=user_agents_dir,
-                remote_agents_dir=remote_agents_dir,  # NEW: 4th tier
+                agents_cache_dir=agents_cache_dir,  # NEW: 4th tier
                 working_directory=self.working_directory,
                 excluded_agents=excluded_agents,
                 config=config,
@@ -898,6 +898,9 @@ class AgentDeploymentService(ConfigServiceBase, AgentDeploymentInterface):
             )
         )
+        # Keep track of all enabled agents before filtering (for cleanup)
+        all_enabled_agents = agents_to_deploy.copy()
         # Compare with deployed versions if agents directory exists
         if agents_dir.exists():
             comparison_results = self.multi_source_service.compare_deployed_versions(
@@ -954,6 +957,25 @@ class AgentDeploymentService(ConfigServiceBase, AgentDeploymentInterface):
                         f"All {len(comparison_results.get('up_to_date', []))} agents are up to date"
                     )
+        # Cleanup excluded agents (remove agents not in deployment list)
+        # CRITICAL: Use all_enabled_agents (before filtering for updates) to preserve up-to-date agents
+        # Bug fix (1M-XXX): Previously used filtered agents_to_deploy which could be empty,
+        # causing all agents to be removed when everything was up-to-date
+        exclusion_cleanup_results = self.multi_source_service.cleanup_excluded_agents(
+            deployed_agents_dir=agents_dir,
+            agents_to_deploy=all_enabled_agents,
+        )
+        # Add exclusion cleanup results to main cleanup results
+        if exclusion_cleanup_results.get("removed"):
+            cleanup_results.setdefault("excluded_removed", []).extend(
+                exclusion_cleanup_results["removed"]
+            )
+            self.logger.info(
+                f"Removed {len(exclusion_cleanup_results['removed'])} excluded agents: "
+                f"{', '.join(exclusion_cleanup_results['removed'])}"
+            )
         # Convert to list of Path objects
         template_files = list(agents_to_deploy.values())

claude_mpm/services/agents/deployment/agent_discovery_service.py CHANGED Viewed

@@ -248,7 +248,9 @@ class AgentDiscoveryService:
             return agent_info
         except yaml.YAMLError as e:
-            self.logger.error(f"Invalid YAML frontmatter in {template_file.name}: {e}")
+            self.logger.warning(
+                f"Invalid YAML frontmatter in {template_file.name}: {e}"
+            )
             return None
         except Exception as e:
             self.logger.error(
@@ -431,7 +433,7 @@ class AgentDiscoveryService:
             return True
         except yaml.YAMLError:
-            self.logger.error(
+            self.logger.warning(
                 f"Invalid YAML frontmatter in template: {template_file.name}"
             )
             return False

claude_mpm/services/agents/deployment/agent_format_converter.py CHANGED Viewed

@@ -137,8 +137,8 @@ class AgentFormatConverter:
         else:
             pass
-        # Extract additional fields
-        model = self.extract_yaml_field(yaml_content, "model") or "sonnet"
+        # Extract additional fields - model is optional (Claude Code uses conversation model if not set)
+        model = self.extract_yaml_field(yaml_content, "model")  # None if not specified
         author = (
             self.extract_yaml_field(yaml_content, "author")
             or "claude-mpm@anthropic.com"
@@ -147,7 +147,7 @@ class AgentFormatConverter:
         # Extract instructions from YAML content
         instructions = self._extract_instructions_from_yaml(yaml_content, agent_name)
-        # Map model names to Claude Code format
+        # Map model names to Claude Code format (only if model is specified)
         model_map = {
             "claude-3-5-sonnet-20241022": "sonnet",
             "claude-3-5-sonnet": "sonnet",
@@ -159,7 +159,8 @@ class AgentFormatConverter:
             "opus": "opus",
         }
-        mapped_model = model_map.get(model, "sonnet")
+        # Only map model if it's not None (preserve None for agents without model field)
+        mapped_model = model_map.get(model, model) if model is not None else None
         # Create multiline description with example (Claude Code format)
         multiline_description = f"""{description}
@@ -172,16 +173,27 @@ assistant: "I'll use the {name} agent to provide specialized assistance."
         # Build new YAML frontmatter - Claude Code compatible format
         # NOTE: Removed tags field and other non-essential fields for Claude Code compatibility
-        new_frontmatter = f"""---
-name: {name}
-description: |
-  {self._indent_text(multiline_description, 2)}
-model: {mapped_model}
-version: "{version}"
-author: "{author}"
----
+        frontmatter_lines = [
+            "---",
+            f"name: {name}",
+            "description: |",
+            f"  {self._indent_text(multiline_description, 2)}",
+        ]
-"""
+        # Only include model field if explicitly set in source
+        if mapped_model is not None:
+            frontmatter_lines.append(f"model: {mapped_model}")
+        frontmatter_lines.extend(
+            [
+                f'version: "{version}"',
+                f'author: "{author}"',
+                "---",
+                "",
+            ]
+        )
+        new_frontmatter = "\n".join(frontmatter_lines)
         return new_frontmatter + instructions

claude_mpm/services/agents/deployment/agent_template_builder.py CHANGED Viewed

@@ -135,8 +135,8 @@ class AgentTemplateBuilder:
                 break
             # Stop at common repository root indicators (check AFTER finding BASE-AGENT.md)
-            # This ensures we check the 'agents' directory before stopping at 'remote-agents'
-            if current_dir.name in [".claude-mpm", "remote-agents", "cache"]:
+            # Stop at cache root or .claude-mpm directory
+            if current_dir.name in [".claude-mpm", "cache"]:
                 self.logger.debug(
                     f"Reached repository root indicator at: {current_dir}"
                 )
@@ -419,7 +419,7 @@ class AgentTemplateBuilder:
         if non_standard:
             self.logger.info(f"Using non-standard tools: {non_standard}")
-        # Extract model from template with fallback
+        # Extract model from template (no fallback - preserve None if not specified)
         capabilities_model = (
             capabilities.get("model") if isinstance(capabilities, dict) else None
         )
@@ -428,7 +428,7 @@ class AgentTemplateBuilder:
             template_data.get("model")
             or capabilities_model
             or template_data.get("configuration_fields", {}).get("model")
-            or "sonnet"  # Default fallback
+            # No default fallback - preserve None if not set
         )
         # Convert tools list to comma-separated string (without spaces for compatibility)
@@ -448,11 +448,11 @@ class AgentTemplateBuilder:
             "opus": "opus",
         }
-        if model in model_map:
-            model = model_map[model]
-        else:
-            # Default to sonnet if model not found in map
-            model = "sonnet"
+        # Only map model if it's not None
+        if model is not None:
+            if model in model_map:
+                model = model_map[model]
+            # If model is specified but not in map, keep as-is (no default)
         # Get response format from template or use base agent default
         template_data.get("response", {}).get("format", "structured")
@@ -559,8 +559,9 @@ class AgentTemplateBuilder:
             f"description: {self._format_description_for_yaml(description)}"
         )
-        # Add model field (required for Claude Code)
-        frontmatter_lines.append(f"model: {model}")
+        # Add model field only if explicitly set (not required for Claude Code)
+        if model is not None:
+            frontmatter_lines.append(f"model: {model}")
         # Add type field (important for agent categorization)
         if agent_type and agent_type != "general":
@@ -718,21 +719,32 @@ Only include memories that are:
             "description", f"{name} agent for specialized tasks"
         )
-        # Get tools and model with fallbacks
+        # Get tools and model (no fallback for model)
         raw_tools = merged_config.get("tools")
         tools = self.normalize_tools_input(raw_tools)
-        model = merged_config.get("model", "sonnet")
+        model = merged_config.get("model")  # No default - preserve None
         # Format tools as YAML list
         tools_yaml = self.format_yaml_list(tools, 2)
         # Build YAML content with only essential fields
-        return f"""name: {name}
-description: {description}
-model: {model}
-tools:
-{tools_yaml}
-"""
+        yaml_lines = [
+            f"name: {name}",
+            f"description: {description}",
+        ]
+        # Only include model if explicitly set
+        if model is not None:
+            yaml_lines.append(f"model: {model}")
+        yaml_lines.extend(
+            [
+                "tools:",
+                tools_yaml,
+            ]
+        )
+        return "\n".join(yaml_lines) + "\n"
     def merge_narrative_fields(self, base_data: dict, template_data: dict) -> dict:
         """

claude_mpm/services/agents/deployment/agents_directory_resolver.py CHANGED Viewed

@@ -8,7 +8,7 @@ DEPLOYMENT ARCHITECTURE:
 Agent Source Locations (Discovery):
 -----------------------------------
-1. System Agents:  ~/.claude-mpm/cache/remote-agents/bobmatnyc/claude-mpm-agents/
+1. System Agents:  ~/.claude-mpm/cache/agents/bobmatnyc/claude-mpm-agents/
    - Synced from GitHub repository
    - Read-only (managed by git pull)
    - 44+ agents organized by category
@@ -39,7 +39,7 @@ Why Project-Level Deployment?
 Example Flow:
 -------------
 1. User runs: claude-mpm agents deploy
-2. Agents synced from GitHub → ~/.claude-mpm/cache/remote-agents/
+2. Agents synced from GitHub → ~/.claude-mpm/cache/agents/
 3. Agents deployed FROM cache → .claude/agents/
 4. Claude Code discovers agents FROM .claude/agents/

claude-mpm 5.4.21__py3-none-any.whl → 5.4.59__py3-none-any.whl

Potentially problematic release.

claude-mpm 5.4.21py3-none-any.whl → 5.4.59py3-none-any.whl