lobbywatch-mcp 0.3.0__tar.gz

lobbywatch_mcp-0.3.0/.dockerignore

@@ -0,0 +1,35 @@
+# Build context hygiene — keep image small and leak-free.
+.git
+.github
+.venv
+venv
+env
+__pycache__
+*.py[cod]
+*.egg-info
+build
+dist
+.pytest_cache
+.ruff_cache
+.mypy_cache
+.coverage
+htmlcov
+
+# Documentation that doesn't belong in the runtime image.
+audits
+docs
+EXAMPLES.md
+CONTRIBUTING.md
+CHANGELOG.md
+README.de.md
+
+# Tests are not needed at runtime.
+tests
+
+# Local secrets / IDE state.
+.env
+.env.*
+.idea
+.vscode
+*.swp
+.DS_Store

lobbywatch_mcp-0.3.0/.github/workflows/ci.yml

@@ -0,0 +1,36 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ["3.11", "3.12", "3.13"]
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: pip
+
+      - name: Install
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev]"
+
+      - name: Lint (ruff)
+        run: |
+          ruff check .
+          ruff format --check .
+
+      - name: Test (offline only)
+        run: pytest -m "not live" -q

lobbywatch_mcp-0.3.0/.github/workflows/publish.yml

@@ -0,0 +1,86 @@
+name: Publish to PyPI
+
+# Tag-triggered release. Builds wheel + sdist and uploads via PyPI's
+# Trusted Publisher (OIDC) — no PYPI_API_TOKEN secret required.
+#
+# Setup (one-time, on PyPI):
+#   1. Create the project on PyPI (or skip — PyPI auto-creates on first
+#      successful trusted publish).
+#   2. PyPI → Account → Publishing → Add pending publisher
+#        Owner:        malkreide
+#        Repo:         lobbywatch-mcp
+#        Workflow:     publish.yml
+#        Environment:  pypi    (must match the `environment:` below)
+#   3. Push a tag matching v*.*.* — this workflow takes it from there.
+
+on:
+  push:
+    tags:
+      - "v*.*.*"
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    name: Build distribution
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python 3.13
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.13"
+
+      - name: Verify tag matches pyproject.toml version
+        run: |
+          tag="${GITHUB_REF##*/}"           # e.g. v0.3.0
+          tag_version="${tag#v}"            # 0.3.0
+          manifest_version=$(python -c "import tomllib,sys; print(tomllib.loads(open('pyproject.toml','rb').read().decode())['project']['version'])")
+          if [ "$tag_version" != "$manifest_version" ]; then
+            echo "::error::Tag $tag (=> $tag_version) does not match pyproject.toml version $manifest_version"
+            exit 1
+          fi
+          echo "Tag and manifest agree on version $manifest_version"
+
+      - name: Install build tooling
+        run: |
+          python -m pip install --upgrade pip
+          pip install build
+
+      - name: Build wheel + sdist
+        run: python -m build
+
+      - name: Upload artefacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+  publish:
+    name: Publish to PyPI
+    needs: build
+    runs-on: ubuntu-latest
+
+    # OIDC trusted-publisher requirements.
+    environment:
+      name: pypi
+      url: https://pypi.org/p/lobbywatch-mcp
+    permissions:
+      id-token: write   # required for trusted publishing
+
+    steps:
+      - name: Download build artefacts
+        uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+      - name: Publish via Trusted Publisher
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          # No `password:` — OIDC handles auth.
+          # No `repository-url:` — defaults to upload.pypi.org.
+          print-hash: true

lobbywatch_mcp-0.3.0/.gitignore

@@ -0,0 +1,36 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Distribution / packaging
+build/
+dist/
+*.egg-info/
+*.egg
+
+# Virtual environments
+.venv/
+venv/
+env/
+
+# Caches
+.pytest_cache/
+.ruff_cache/
+.mypy_cache/
+.coverage
+htmlcov/
+
+# IDE
+.idea/
+.vscode/
+*.swp
+
+# Local secrets
+.env
+.env.local
+.env.*.local
+
+# OS
+.DS_Store
+Thumbs.db

lobbywatch_mcp-0.3.0/CHANGELOG.md

@@ -0,0 +1,170 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+- `.github/workflows/publish.yml` — tag-triggered PyPI release via
+  Trusted Publisher (OIDC, no API token in repo secrets). Verifies that
+  the pushed tag matches `pyproject.toml`'s `version` before publishing.
+  One-time setup on PyPI: register `malkreide/lobbywatch-mcp` ·
+  `publish.yml` · environment `pypi` as a pending publisher.
+- ASCII architecture diagram in README.md / README.de.md (audit OPS-002
+  closure — was the single remaining cosmetic finding from the
+  2026-05-09 re-audit). Visualises the dump-first / dataIF-fallback
+  split plus the SSRF-guarded outbound HTTP path.
+
+## [0.3.0] - 2026-05-09
+
+Audit-driven hardening release. Closes 24 of 25 findings from the
+initial mcp-audit-skill v1.0.0 run; the re-audit
+(`audits/2026-05-09T133506-Z-lobbywatch-mcp/`) reports
+`production_ready: true` (41 pass, 0 fail, 1 cosmetic partial).
+
+### Added
+- Structured JSON logging via structlog (audit OBS-003). Opt-in with
+  `LOBBYWATCH_MCP_LOG_FORMAT=json` — default stays `text` to preserve
+  the quiet stdio experience. Each tool invocation generates a
+  16-char correlation id that's bound into the structlog context vars
+  and surfaces in every JSON line as `correlation_id`.
+- OpenTelemetry distributed tracing (audit OBS-006). Opt-in with
+  `LOBBYWATCH_MCP_OTEL_ENABLED=1`; OTel is an optional dep installed
+  via `pip install 'lobbywatch-mcp[obs]'`. Wraps each tool call in a
+  `tool.<name>` span and auto-instruments the httpx client. The
+  `_observability.observed_tool` async context manager keeps OBS-003
+  + OBS-006 in sync — every tool body is wrapped exactly once.
+- Lifespan startup now logs the active MCP `protocolVersion` (audit
+  ARCH-012 closure: SDK upper-bound was already pinned in 0.2.0; this
+  closes the remaining "log it for operators" gap).
+- New optional dependency group `obs` covering
+  `opentelemetry-api`, `opentelemetry-sdk`,
+  `opentelemetry-exporter-otlp-proto-http`,
+  `opentelemetry-instrumentation-httpx`. Without it, tracing config
+  warns and no-ops; logging stays available either way.
+- Multi-stage `Dockerfile` and `.dockerignore` (audit SCALE-004). Runtime
+  image runs as `uid 1000`, read-only-rootfs compatible, no build
+  toolchain in the final stage (audit SEC-007).
+- `deploy/docker-compose.example.yml` with hardening defaults:
+  `read_only`, `cap_drop: [ALL]`, `no-new-privileges`, tmpfs cache,
+  loopback-only port bind, healthcheck, and `deploy.resources` limits
+  (256 MiB / 0.1 CPU request, 512 MiB / 0.5 CPU limit) — audit SCALE-006.
+- `docs/deployment.md`: trust-model recap, container build/run commands,
+  resource-sizing rationale, HAProxy stick-table example for sticky LBs
+  (audit SCALE-002, SCALE-003), and a Kubernetes egress `NetworkPolicy`
+  template (audit SEC-021).
+- SSRF / DNS-rebinding guard in the httpx client: an event hook re-resolves
+  every outbound host and refuses connections to RFC1918 / link-local /
+  loopback / cloud-metadata addresses (audit SEC-005). Hardcoded URL
+  allow-list + `follow_redirects=False` + this guard provide
+  defence-in-depth.
+- Optional CORS support for HTTP/SSE deployments via the
+  `LOBBYWATCH_MCP_CORS_ORIGINS` env var (comma-separated origin list).
+  When set, the FastMCP ASGI app is wrapped with a Starlette
+  `CORSMiddleware` that exposes `Mcp-Session-Id` to browser clients
+  (audit SDK-004). Default (empty) emits no CORS headers.
+- `lobbywatch_refresh_dump` now accepts a `Context` parameter and emits
+  `ctx.info` start/end notifications around the dump download (audit
+  SDK-003), giving long-running clients useful progress feedback.
+- Fuzzy-match suggestions on missed lookups (audit ARCH-003).
+  `lobbywatch_get_parlamentarier` and `lobbywatch_list_interessenbindungen`
+  return up to three near-miss candidates (rapidfuzz WRatio in
+  [50, 70)) in a new `suggestions` field, so the LLM can offer
+  "did you mean…?" instead of treating the empty result as truth. New
+  `LobbywatchClient.find_candidates()` powers this.
+- MCP Resources and Prompts (audit ARCH-008):
+  - Resource `lobbywatch://attribution` (text/plain) — the CC BY-SA 4.0
+    licence string for clients that want to display it standalone.
+  - Prompt `lobbywatch_anchor_demo` — parameterised by `branche`, scaffolds
+    the canonical Schulamt / KI-Fachgruppe demo query.
+  - Prompt `lobbywatch_top_lobbyists_by_party` — parameterised by `partei`,
+    surfaces the top-10 ranking with transparency metadata.
+
+### Changed
+- Tool-boundary error handling: upstream `RuntimeError` /
+  `httpx.HTTPError` are explicitly converted to `McpError` with code
+  `INTERNAL_ERROR` (audit OBS-001). Previously these fell through to
+  FastMCP's auto-coercion — same wire effect, but the categorisation is
+  now intentional and operators get a structured `logger.error` for the
+  underlying exception.
+- HTTP/SSE transport now runs through `uvicorn.run` directly on
+  `mcp.streamable_http_app()` / `mcp.sse_app()` so middleware can be
+  attached. `stdio` transport is unchanged.
+- All eight tools now declare typed Pydantic return models instead of
+  `dict[str, Any]` (audit SDK-002). FastMCP synthesises a real JSON
+  schema for each tool's output, giving downstream clients (Inspector,
+  custom UIs, schema-aware LLMs) field-level type information instead
+  of opaque `additionalProperties: true`. Wire format is unchanged.
+- Tool docstrings now carry `Use cases:` blocks (audit ARCH-002) with
+  three concrete example queries each, sharpening LLM tool selection.
+- `USER_AGENT` bumped to `lobbywatch-mcp/0.3.0`.
+
+### Audit verification
+
+- **Production-ready:** ✅ yes
+- **Audit run-id:** `2026-05-09T133506-Z-lobbywatch-mcp`
+- **Skill version:** `1.0.0`
+- **Catalog hash:** `091f446b27965044…`
+- **Check results:** 41 pass · 0 fail · 1 partial · 2 todo
+- **Remaining finding:** `OPS-002` — README ASCII architecture diagram
+  (cosmetic, ~10 min effort).
+
+## [0.2.0] - 2026-05-09
+
+### Changed (Breaking)
+- **Tool names now carry a `lobbywatch_` namespace prefix** (audit SEC-022).
+  All eight tools were renamed:
+  `get_parlamentarier` → `lobbywatch_get_parlamentarier`,
+  `list_interessenbindungen` → `lobbywatch_list_interessenbindungen`,
+  `search_parlamentarier_nach_branche` → `lobbywatch_search_parlamentarier_nach_branche`,
+  `get_lobbygruppe` → `lobbywatch_get_lobbygruppe`,
+  `get_ranking` → `lobbywatch_get_ranking`,
+  `get_transparenzquote` → `lobbywatch_get_transparenzquote`,
+  `refresh_dump` → `lobbywatch_refresh_dump`,
+  `dump_status` → `lobbywatch_dump_status`.
+  Existing clients referencing the old names must be updated.
+
+### Added
+- FastMCP `lifespan` context manager owns the `LobbywatchClient` lifecycle
+  (audit SDK-001). The shared `httpx.AsyncClient` is now closed cleanly on
+  server shutdown; previously it leaked at process exit.
+- Input validation at tool boundaries (audit SEC-018):
+  `name_or_id` and `branche_query` bound to 1–200 chars; `kommission` /
+  `partei` bound to ≤80 chars; `limit` bounded to 1–200 (search) /
+  1–100 (ranking); `kriterium` is now a `Literal` enum so invalid values
+  are rejected at the schema layer instead of via runtime `ValueError`.
+
+### Changed
+- `mcp[cli]` dependency is now bounded `<2.0.0` (audit ARCH-012).
+- `USER_AGENT` bumped to `lobbywatch-mcp/0.2.0`.
+
+## [0.1.0] - 2026-04-21
+
+### Added
+- Initial scaffold for `lobbywatch-mcp`, part of the Swiss Public Data MCP Portfolio.
+- Hybrid data access: dump-first (weekly Lobbywatch JSON export) with live
+  `dataIF` fallback for lobby groups.
+- Phase 1 tools:
+  - `get_parlamentarier` — profile lookup with fuzzy name match
+  - `list_interessenbindungen` — conflict-of-interest records per MP
+  - `search_parlamentarier_nach_branche` — branche + commission filter
+  - `get_lobbygruppe` — live lobby group fetch via dataIF
+  - `get_ranking` — top-N by criterion, commission/party filters
+  - `get_transparenzquote` — distribution of verguetungstransparenz labels
+  - `refresh_dump`, `dump_status` — cache control
+- Retry + exponential backoff (2s/4s/8s) for dump downloads — tolerant of upstream HTTP 503 blips observed live.
+- Dual transport: `stdio` (default) and `streamable-http` / `sse`.
+- Pydantic v2 response envelopes carrying CC BY-SA 4.0 attribution.
+- CI matrix (Python 3.11–3.13), ruff lint/format, respx-mocked unit tests.
+- Tag-triggered PyPI publish workflow via OIDC Trusted Publisher.
+- Live test suite (`@pytest.mark.live`) excluded from CI.
+
+### Known limitations
+- The upstream `/table/parlamentarier/...` dataIF endpoint returns empty
+  responses at release time; all parliamentarian-facing tools therefore use
+  the weekly dump. Lobby group lookups go through the live API.
+- `zutrittsberechtigungen` are present in the data model but empty in the
+  essential dump used here — surfaced as a stub for future expansion.

lobbywatch_mcp-0.3.0/CONTRIBUTING.md

@@ -0,0 +1,99 @@
+# Contributing / Mitwirken
+
+[🇬🇧 English](#english) · [🇩🇪 Deutsch](#deutsch)
+
+---
+
+## English
+
+Thanks for your interest in improving `lobbywatch-mcp`. This project is part of the [Swiss Public Data MCP Portfolio](https://github.com/malkreide). Contributions of any size — bug reports, documentation fixes, new tools, performance work — are welcome.
+
+### Development setup
+
+```bash
+git clone https://github.com/malkreide/lobbywatch-mcp.git
+cd lobbywatch-mcp
+python -m venv .venv
+source .venv/bin/activate
+pip install -e ".[dev]"
+```
+
+### Running tests
+
+Offline only (fast, what CI runs):
+
+```bash
+pytest -m "not live"
+```
+
+Including live API + dump probes:
+
+```bash
+pytest -m live
+```
+
+### Linting
+
+```bash
+ruff check .
+ruff format .
+```
+
+### Design principles
+
+1. **No-Auth-First.** All Phase 1 tools must work without credentials.
+2. **Live validation before coding.** If you add a tool that hits an upstream endpoint, verify the endpoint with a live probe first and document what you found in the PR.
+3. **Attribution is non-negotiable.** Every response goes through a Pydantic envelope that carries the CC BY-SA 4.0 credit. Don't route around it.
+4. **Portfolio synergy.** If a feature fits better in another server (`parlament-mcp`, `register-mcp`, …), suggest that instead of growing this one.
+
+### Pull requests
+
+Follow Conventional Commits (`feat:`, `fix:`, `docs:`, `refactor:`, `test:`, `chore:`) and update `CHANGELOG.md` under `[Unreleased]`.
+
+---
+
+## Deutsch
+
+Danke für das Interesse an `lobbywatch-mcp`. Das Projekt ist Teil des [Swiss Public Data MCP Portfolios](https://github.com/malkreide). Beiträge jeder Grössenordnung — Bug-Reports, Dokumentation, neue Tools, Performance — sind willkommen.
+
+### Entwicklungs-Setup
+
+```bash
+git clone https://github.com/malkreide/lobbywatch-mcp.git
+cd lobbywatch-mcp
+python -m venv .venv
+source .venv/bin/activate
+pip install -e ".[dev]"
+```
+
+### Tests ausführen
+
+Nur offline (schnell, entspricht CI):
+
+```bash
+pytest -m "not live"
+```
+
+Inklusive Live-Probes gegen API und Dump:
+
+```bash
+pytest -m live
+```
+
+### Linting
+
+```bash
+ruff check .
+ruff format .
+```
+
+### Design-Prinzipien
+
+1. **No-Auth-First.** Alle Phase-1-Tools müssen ohne Credentials funktionieren.
+2. **Live-Validierung vor dem Coden.** Wer ein Tool gegen einen Upstream-Endpoint baut, probiert den Endpoint zuerst live aus und dokumentiert die Erkenntnisse im PR.
+3. **Namensnennung ist nicht verhandelbar.** Jede Antwort läuft durch ein Pydantic-Envelope mit der CC-BY-SA-4.0-Attribution. Nicht umgehen.
+4. **Portfolio-Synergie.** Wenn ein Feature besser in einen anderen Server passt (`parlament-mcp`, `register-mcp`, …), besser dort einbringen als diesen Server aufblähen.
+
+### Pull Requests
+
+Conventional Commits verwenden (`feat:`, `fix:`, `docs:`, `refactor:`, `test:`, `chore:`) und `CHANGELOG.md` unter `[Unreleased]` nachführen.

lobbywatch_mcp-0.3.0/Dockerfile

@@ -0,0 +1,73 @@
+# syntax=docker/dockerfile:1.7
+#
+# Multi-stage build for lobbywatch-mcp (audit SCALE-004, SEC-007, SCALE-006).
+# Hardening goals:
+#   - Non-root runtime user (uid/gid 1000)
+#   - read-only rootfs compatible (cache lives in /home/lobbywatch/.cache,
+#     mount as tmpfs in compose/k8s)
+#   - No build toolchain or apt cache in the runtime image
+#   - Image small enough for routine pulls (~80 MB on python:slim)
+
+ARG PYTHON_VERSION=3.13
+
+# ---------------------------------------------------------------------------
+# Builder: install the project into an isolated venv we can copy out.
+# ---------------------------------------------------------------------------
+FROM python:${PYTHON_VERSION}-slim AS builder
+
+ENV PIP_DISABLE_PIP_VERSION_CHECK=1 \
+    PIP_NO_CACHE_DIR=1 \
+    PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1
+
+WORKDIR /build
+
+# Install into a venv so we can COPY just /opt/venv to the runtime image.
+RUN python -m venv /opt/venv
+ENV PATH="/opt/venv/bin:$PATH"
+
+# Copy only what hatchling needs to build the wheel.
+COPY pyproject.toml README.md LICENSE ./
+COPY src ./src
+
+RUN pip install --no-cache-dir .
+
+# ---------------------------------------------------------------------------
+# Runtime: minimal image, non-root user, no build tools.
+# ---------------------------------------------------------------------------
+FROM python:${PYTHON_VERSION}-slim AS runtime
+
+LABEL org.opencontainers.image.source="https://github.com/malkreide/lobbywatch-mcp" \
+      org.opencontainers.image.description="MCP server for the Lobbywatch.ch lobby database" \
+      org.opencontainers.image.licenses="MIT"
+
+# Create a fixed-uid non-root user. uid 1000 is the convention; matches the
+# default Pod SecurityContext in most k8s presets and avoids volume-permission
+# surprises on host-mount setups.
+RUN groupadd --system --gid 1000 lobbywatch \
+ && useradd --system --uid 1000 --gid 1000 \
+        --home-dir /home/lobbywatch --shell /sbin/nologin lobbywatch \
+ && mkdir -p /home/lobbywatch/.cache/lobbywatch-mcp \
+ && chown -R lobbywatch:lobbywatch /home/lobbywatch
+
+COPY --from=builder /opt/venv /opt/venv
+
+ENV PATH="/opt/venv/bin:$PATH" \
+    PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    LOBBYWATCH_MCP_TRANSPORT=http \
+    LOBBYWATCH_MCP_HOST=0.0.0.0 \
+    LOBBYWATCH_MCP_PORT=8000 \
+    LOBBYWATCH_MCP_CACHE_DIR=/home/lobbywatch/.cache/lobbywatch-mcp
+
+USER 1000:1000
+WORKDIR /home/lobbywatch
+EXPOSE 8000
+
+# In-image healthcheck: ensure the entry point still imports cleanly.
+# This is intentionally lightweight — full liveness/readiness probes belong on
+# the orchestrator (see docs/deployment.md).
+HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
+    CMD python -c "import lobbywatch_mcp" || exit 1
+
+ENTRYPOINT ["lobbywatch-mcp"]

lobbywatch_mcp-0.3.0/EXAMPLES.md

@@ -0,0 +1,71 @@
+# Use Cases & Examples — lobbywatch-mcp
+
+Real-world queries by audience. Indicate per example whether an API key is required.
+
+> **Hinweis zur Authentifizierung:** Der `lobbywatch-mcp` Server benötigt **keinen API-Key** und keine Authentifizierung für den Zugriff auf die öffentlichen Daten.
+
+### 🏫 Bildung & Schule
+Lehrpersonen, Schulbehörden, Fachreferent:innen
+
+**Interessenbindungen im Bildungswesen**
+«Welche Mitglieder der nationalrätlichen Bildungskommission (WBK-N) haben deklarierte Interessenbindungen zu Bildungsverlagen oder privaten Bildungsträgern?»
+→ `search_parlamentarier_nach_branche(branche_query="Bildung", kommission="WBK-N")`
+Warum nützlich: Erlaubt Lehrpersonen und Schulbehörden, mögliche Befangenheiten bei bildungspolitischen Entscheidungen zu erkennen.
+
+**Transparenz bei Bildungspolitiker:innen**
+«Wie transparent sind die Mitglieder der Bildungskommission (WBK-N) bezüglich ihrer Entschädigungen bei Nebeneinkünften?»
+→ `get_transparenzquote(kommission="WBK-N")`
+Warum nützlich: Zeigt auf, wie offen die zuständigen Politiker:innen ihre finanziellen Interessen im Bildungsbereich deklarieren.
+
+### 👨‍👩‍👧 Eltern & Schulgemeinde
+Elternräte, interessierte Erziehungsberechtigte
+
+**Verbindungen zu Krankenkassen**
+«Gibt es Parlamentarier aus meinem Kanton, die bezahlte Mandate bei Krankenkassen haben, und wie beeinflusst das familienpolitische Vorlagen?»
+→ `search_parlamentarier_nach_branche(branche_query="Krankenkasse")`
+Warum nützlich: Hilft Eltern, die Hintergründe von Entscheidungen zu Gesundheits- und Prämienfragen zu verstehen.
+
+**Einfluss von Familienorganisationen**
+«Welche Nationalräte sind mit Lobbygruppen aus dem Bereich Familie oder Kinderbetreuung verbunden?»
+→ `search_parlamentarier_nach_branche(branche_query="Familie")`
+Warum nützlich: Macht sichtbar, welche Politiker:innen direkte Verbindungen zu familienpolitischen Interessenvertretungen pflegen.
+
+### 🗳️ Bevölkerung & öffentliches Interesse
+Allgemeine Öffentlichkeit, politisch und gesellschaftlich Interessierte
+
+**Ranking der Interessenbindungen**
+«Welche Nationalrätinnen oder Ständeräte haben am meisten bezahlte Nebenmandate (hauptberufliche Interessenbindungen)?»
+→ `get_ranking(kriterium="anzahl_hauptberuflich", limit=10)`
+Warum nützlich: Bietet der Öffentlichkeit einen klaren Überblick über die politische Unabhängigkeit und mögliche zeitliche Überbelastung von Gewählten.
+
+**Überprüfung einer Lobbygruppe**
+«Wer sitzt für den Verband 'economiesuisse' im Parlament und welche Organisationen sind damit verknüpft?»
+→ `get_lobbygruppe(name_or_id="economiesuisse")`
+Warum nützlich: Schafft Transparenz über den direkten Einfluss grosser Wirtschaftsverbände auf die Gesetzgebung.
+
+### 🤖 KI-Interessierte & Entwickler:innen
+MCP-Enthusiast:innen, Forscher:innen, Prompt Engineers, öffentliche Verwaltung
+
+**Analyse politischer Netzwerke (mit parlament-mcp)**
+«Finde heraus, wer für 'economiesuisse' lobbyiert, und suche dann mit parlament-mcp nach Vorstössen dieser Personen zum Thema Unternehmenssteuern.»
+→ `get_lobbygruppe(name_or_id="economiesuisse")` (lobbywatch-mcp)
+→ `search_affairs(query="Unternehmenssteuer")` (parlament-mcp: https://github.com/malkreide/parlament-mcp)
+Warum nützlich: Demonstriert die mächtige Kombination von Lobby-Netzwerken mit tatsächlichem Abstimmungs- und Vorstossverhalten.
+
+**Branchen-Profiling und parlamentarisches Wirken**
+«Welche Politiker:innen sind im Bereich 'Pharma' aktiv und welche Vorstösse haben sie in der letzten Session eingereicht?»
+→ `search_parlamentarier_nach_branche(branche_query="Pharma")` (lobbywatch-mcp)
+→ `get_parlamentarier(name_or_id="[Name]")` (lobbywatch-mcp)
+Warum nützlich: Verbindet finanzielle Interessen direkt mit parlamentarischem Handeln durch serverübergreifende oder kombinierte Abfragen.
+
+### 🔧 Technische Referenz: Tool-Auswahl nach Anwendungsfall
+
+| Ich möchte… | Tool(s) | Auth nötig? |
+| :--- | :--- | :--- |
+| **das vollständige Profil eines Politikers abrufen** | `get_parlamentarier` | Nein |
+| **alle Nebenmandate einer Person auflisten** | `list_interessenbindungen` | Nein |
+| **nach Branchen oder Themen suchen** | `search_parlamentarier_nach_branche` | Nein |
+| **das Netzwerk einer Lobbygruppe analysieren** | `get_lobbygruppe` | Nein |
+| **Ranglisten nach Anzahl Mandaten erstellen** | `get_ranking` | Nein |
+| **die Transparenz einer Kommission auswerten** | `get_transparenzquote` | Nein |
+| **den lokalen Datenbestand aktualisieren** | `refresh_dump` / `dump_status` | Nein |

lobbywatch_mcp-0.3.0/LICENSE

@@ -0,0 +1,34 @@
+MIT License
+
+Copyright (c) 2026 malkreide
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+---
+
+Data notice
+-----------
+
+This software accesses and redistributes data from Lobbywatch.ch, which is
+licensed under the Creative Commons Attribution-ShareAlike 4.0 International
+License (CC BY-SA 4.0): https://creativecommons.org/licenses/by-sa/4.0/
+
+Users of this software must comply with the CC BY-SA 4.0 terms for the data,
+independently of the MIT licence that covers the code. Every tool response
+produced by this server includes the required attribution string.