memstack-skill-loader 4.0.3__tar.gz → 4.0.5__tar.gz

{memstack_skill_loader-4.0.3/src/memstack_skill_loader.egg-info → memstack_skill_loader-4.0.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: memstack-skill-loader
-Version: 4.0.3
+Version: 4.0.5
 Summary: MCP server that vector-indexes MemStack Pro skills for on-demand loading
 Requires-Python: >=3.10
 Requires-Dist: mcp>=1.0.0

{memstack_skill_loader-4.0.3 → memstack_skill_loader-4.0.5}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "memstack-skill-loader"
-version = "4.0.3"
+version = "4.0.5"
 description = "MCP server that vector-indexes MemStack Pro skills for on-demand loading"
 requires-python = ">=3.10"
 dependencies = [

{memstack_skill_loader-4.0.3 → memstack_skill_loader-4.0.5}/src/memstack_skill_loader/__init__.py

@@ -1,3 +1,3 @@
 """MemStack Skill Loader — MCP server for semantic skill search."""
 
-__version__ = "4.0.3"
+__version__ = "4.0.5"

{memstack_skill_loader-4.0.3 → memstack_skill_loader-4.0.5}/src/memstack_skill_loader/agent_runner.py

@@ -12,6 +12,8 @@ import uuid
 from pathlib import Path
 from typing import Optional
 
+import httpx
+
 from .stats import log_agent_invocation
 
 
@@ -26,6 +28,8 @@ AGENT_TIMEOUT = 3600  # seconds per --print invocation (default 60 minutes)
 MAX_ITERATIONS = 2
 
 ANTHROPIC_BASE_URL = os.environ.get("ANTHROPIC_BASE_URL", "")
+API_DEFAULT_MODEL = "claude-sonnet-4-20250514"
+API_MAX_TOKENS = 16000
 
 SYSTEM_PROMPTS = {
     "manager": (
@@ -84,6 +88,49 @@ SYSTEM_PROMPTS = {
     ),
 }
 
+BUILDER_TOOLS_CONFIG_FILE = Path.home() / ".memstack" / "builder-tools-config.json"
+
+
+# ---------------------------------------------------------------------------
+# MCP server discovery & Builder tools config
+# ---------------------------------------------------------------------------
+
+def discover_mcp_servers(workdir: str) -> list[str]:
+    """Read .mcp.json from workdir and return the list of MCP server name keys."""
+    try:
+        mcp_file = Path(workdir) / ".mcp.json"
+        if not mcp_file.is_file():
+            return []
+        data = json.loads(mcp_file.read_text(encoding="utf-8"))
+        servers = data.get("mcpServers", {})
+        return sorted(servers.keys()) if isinstance(servers, dict) else []
+    except Exception:
+        return []
+
+
+def load_builder_tools_config() -> dict:
+    """Load per-project blocked MCP server lists from ~/.memstack/builder-tools-config.json."""
+    try:
+        if BUILDER_TOOLS_CONFIG_FILE.is_file():
+            return json.loads(BUILDER_TOOLS_CONFIG_FILE.read_text(encoding="utf-8"))
+    except Exception:
+        pass
+    return {}
+
+
+def save_builder_tools_config(config: dict) -> None:
+    """Save per-project blocked MCP server config."""
+    BUILDER_TOOLS_CONFIG_FILE.parent.mkdir(parents=True, exist_ok=True)
+    BUILDER_TOOLS_CONFIG_FILE.write_text(json.dumps(config, indent=2), encoding="utf-8")
+
+
+def get_blocked_servers_for_project(workdir: str) -> list[str]:
+    """Return blocked MCP servers for a project, falling back to global defaults."""
+    cfg = load_builder_tools_config()
+    if workdir in cfg:
+        return cfg[workdir]
+    return cfg.get("_global_defaults", [])
+
 
 # ---------------------------------------------------------------------------
 # Project context gathering
@@ -188,6 +235,7 @@ def _extract_commit_from_reviewer(reviewer_output: str) -> str:
 def _build_env() -> dict:
     """Build environment for subprocess, ensuring Anthropic vars are passed."""
     env = os.environ.copy()
+    env.pop("MEMSTACK_ENABLE_TTS", None)
     if ANTHROPIC_BASE_URL:
         env["ANTHROPIC_BASE_URL"] = ANTHROPIC_BASE_URL
     return env
@@ -254,22 +302,145 @@ def _parse_stream_json(raw: str) -> tuple[str, int, int, float, int]:
     return text, input_tokens, output_tokens, cost_usd, context_tokens
 
 
+def _extract_text_from_stream_line(line: str) -> Optional[str]:
+    """Extract user-visible text from a single stream-json line.
+
+    Returns the text if the line contains assistant text or a result, else None.
+    """
+    try:
+        obj = json.loads(line.strip())
+    except (json.JSONDecodeError, ValueError):
+        return None
+    msg_type = obj.get("type")
+    if msg_type == "assistant":
+        parts = []
+        for block in obj.get("message", {}).get("content", []):
+            if block.get("type") == "text":
+                t = block.get("text", "")
+                if t:
+                    parts.append(t)
+        return "\n".join(parts) if parts else None
+    if msg_type == "result":
+        t = obj.get("result", "")
+        return t if t else None
+    return None
+
+
+# ---------------------------------------------------------------------------
+# Direct API invocation (Manager / Reviewer — no file tools needed)
+# ---------------------------------------------------------------------------
+
+def _invoke_api_agent(name: str, prompt: str, system_prompt: str,
+                      log_path: Optional[Path] = None, timeout: int = 600,
+                      model: str = "", session_id: Optional[str] = None,
+                      ) -> tuple[str, int, int]:
+    """Call the Anthropic Messages API directly via httpx.
+
+    Returns (text, input_tokens, output_tokens).
+    """
+    api_key = os.environ.get("ANTHROPIC_API_KEY", "")
+    base_url = ANTHROPIC_BASE_URL or "https://api.anthropic.com"
+
+    if not api_key and not ANTHROPIC_BASE_URL:
+        raise RuntimeError(
+            f"{name}: ANTHROPIC_API_KEY not set and no ANTHROPIC_BASE_URL proxy configured"
+        )
+
+    url = f"{base_url.rstrip('/')}/v1/messages"
+    headers = {
+        "content-type": "application/json",
+        "anthropic-version": "2023-06-01",
+    }
+    if api_key:
+        headers["x-api-key"] = api_key
+
+    body = {
+        "model": model or API_DEFAULT_MODEL,
+        "max_tokens": API_MAX_TOKENS,
+        "system": system_prompt,
+        "messages": [{"role": "user", "content": prompt}],
+    }
+
+    if log_path:
+        log_path.parent.mkdir(parents=True, exist_ok=True)
+        ts = time.strftime("%H:%M:%S")
+        with open(log_path, "a", encoding="utf-8") as f:
+            f.write(f"[{ts}] === API call: {name} ===\n")
+            f.write(f"[{ts}] Model: {body['model']}\n")
+            f.write(f"[{ts}] Prompt length: {len(prompt)} chars\n")
+
+    try:
+        resp = httpx.post(url, json=body, headers=headers, timeout=timeout)
+        resp.raise_for_status()
+    except httpx.TimeoutException:
+        if log_path:
+            ts = time.strftime("%H:%M:%S")
+            with open(log_path, "a", encoding="utf-8") as f:
+                f.write(f"[{ts}] API timeout after {timeout}s\n")
+        raise subprocess.TimeoutExpired(f"api:{name}", timeout)
+    except httpx.HTTPStatusError as exc:
+        if log_path:
+            ts = time.strftime("%H:%M:%S")
+            with open(log_path, "a", encoding="utf-8") as f:
+                f.write(f"[{ts}] API error {exc.response.status_code}: {exc.response.text[:500]}\n")
+        raise RuntimeError(f"{name} API error {exc.response.status_code}: {exc.response.text[:200]}") from exc
+    except httpx.HTTPError as exc:
+        if log_path:
+            ts = time.strftime("%H:%M:%S")
+            with open(log_path, "a", encoding="utf-8") as f:
+                f.write(f"[{ts}] HTTP error: {exc}\n")
+        raise RuntimeError(f"{name} HTTP error: {exc}") from exc
+
+    data = resp.json()
+    text_parts = []
+    for block in data.get("content", []):
+        if block.get("type") == "text":
+            text_parts.append(block["text"])
+    output = "\n".join(text_parts).strip()
+
+    usage = data.get("usage", {})
+    input_tokens = usage.get("input_tokens", 0)
+    output_tokens = usage.get("output_tokens", 0)
+
+    if log_path:
+        ts = time.strftime("%H:%M:%S")
+        with open(log_path, "a", encoding="utf-8") as f:
+            f.write(f"[{ts}] Response: {len(output)} chars, "
+                    f"in={input_tokens} out={output_tokens}\n")
+
+    try:
+        log_agent_invocation(
+            name, len(prompt), len(output), session_id, "",
+            input_tokens=input_tokens, output_tokens=output_tokens, cost_usd=0.0,
+        )
+    except Exception:
+        pass
+
+    return output, input_tokens, output_tokens
+
+
+# ---------------------------------------------------------------------------
+# CC subprocess invocation (Builder — needs file tools)
+# ---------------------------------------------------------------------------
+
 def _invoke_agent(name: str, prompt: str, working_dir: str, log_path: Optional[Path] = None,
-                   skip_permissions: bool = False, bare: bool = False,
+                   skip_permissions: bool = False,
                    session_id: Optional[str] = None, timeout: int = AGENT_TIMEOUT,
-                   model: str = "") -> tuple[str, int, int, int]:
+                   model: str = "", disallowed_tools: Optional[list[str]] = None,
+                   session: Optional["Session"] = None) -> tuple[str, int, int, int]:
     """Run a single claude --print invocation and return the output."""
     claude_bin = shutil.which("claude")
     if not claude_bin:
         raise FileNotFoundError("'claude' CLI not found on PATH")
 
     cmd = [claude_bin, "--print", "--verbose", "--output-format", "stream-json"]
-    if bare and os.environ.get("ANTHROPIC_API_KEY"):
-        cmd.append("--bare")
     if skip_permissions:
         cmd.append("--dangerously-skip-permissions")
     if model:
         cmd.extend(["--model", model])
+    if disallowed_tools:
+        patterns = ",".join(f"mcp__{srv}__*" for srv in disallowed_tools)
+        cmd.extend(["--disallowedTools", patterns])
 
     if log_path:
         log_path.parent.mkdir(parents=True, exist_ok=True)
@@ -280,65 +451,96 @@ def _invoke_agent(name: str, prompt: str, working_dir: str, log_path: Optional[P
             f.write(f"[{ts}] === Invoking {name} ===\n")
             f.write(f"[{ts}] Prompt length: {len(prompt)} chars\n")
 
+    prompt_dir = log_path.parent if log_path else Path.home() / ".memstack" / "agent-runner"
+    prompt_dir.mkdir(parents=True, exist_ok=True)
+    prompt_file = prompt_dir / f"{name}_prompt.txt"
+    prompt_file.write_text(prompt, encoding="utf-8")
+
+    stdin_fh = open(prompt_file, "r", encoding="utf-8")  # noqa: SIM115
     global _current_process
     proc = subprocess.Popen(
         cmd,
-        stdin=subprocess.PIPE,
+        stdin=stdin_fh,
         stdout=subprocess.PIPE,
         stderr=subprocess.PIPE,
         cwd=working_dir,
-        text=True,
-        encoding="utf-8",
-        errors="replace",
         env=_build_env(),
-        creationflags=subprocess.CREATE_NO_WINDOW if sys.platform == "win32" else 0,
+        creationflags=0,
     )
+    stdin_fh.close()
     with _lock:
         _current_process = proc
 
+    if log_path:
+        with open(log_path, "a", encoding="utf-8") as f:
+            f.write(f"[{ts}] PID: {proc.pid}\n")
+
+    killed_by_watchdog = threading.Event()
+
+    def _watchdog_kill() -> None:
+        killed_by_watchdog.set()
+        proc.kill()
+
     stdout_chunks: list[str] = []
     stderr_chunks: list[str] = []
+    partial_text: list[str] = []
+
+    def _read_stdout() -> None:
+        for raw_line in proc.stdout:
+            line = raw_line.decode("utf-8", errors="replace")
+            stdout_chunks.append(line)
+            extracted = _extract_text_from_stream_line(line)
+            if extracted and session is not None:
+                partial_text.append(extracted)
+                try:
+                    session.agents[name]["last_output"] = "".join(partial_text)[-500:]
+                    session._save_state()
+                except Exception:
+                    pass
 
-    def _reader(stream: object, dest: list[str]) -> None:
-        try:
-            for line in stream:  # type: ignore[union-attr]
-                dest.append(line)
-        except Exception:
-            pass
+    def _read_stderr() -> None:
+        for raw_line in proc.stderr:
+            stderr_chunks.append(raw_line.decode("utf-8", errors="replace"))
+
+    t_out = threading.Thread(target=_read_stdout, daemon=True)
+    t_err = threading.Thread(target=_read_stderr, daemon=True)
+    t_out.start()
+    t_err.start()
 
-    t_out = threading.Thread(target=_reader, args=(proc.stdout, stdout_chunks), daemon=True)
-    t_err = threading.Thread(target=_reader, args=(proc.stderr, stderr_chunks), daemon=True)
+    watchdog = threading.Timer(timeout, _watchdog_kill)
+    watchdog.daemon = True
+    watchdog.start()
 
     try:
-        if proc.stdin:
-            try:
-                proc.stdin.write(prompt)
-                proc.stdin.close()
-            except OSError:
-                pass
-        t_out.start()
-        t_err.start()
-
-        deadline = time.monotonic() + timeout
-        while True:
-            t_out.join(timeout=30)
-            rc = proc.poll()
-            if rc is not None:
-                break
-            if time.monotonic() > deadline:
-                proc.kill()
-                t_out.join(5)
-                t_err.join(5)
-                raise subprocess.TimeoutExpired(cmd, timeout)
-        t_out.join(5)
-        t_err.join(5)
-        stdout_data = "".join(stdout_chunks)
-        stderr_data = "".join(stderr_chunks)
+        proc.wait()
+    except Exception as e:
+        watchdog.cancel()
+        with _lock:
+            if _current_process is proc:
+                _current_process = None
+        if log_path:
+            with open(log_path, "a", encoding="utf-8") as f:
+                f.write(f"[{ts}] wait() error: {e}\n")
+        raise RuntimeError(f"{name} wait() failed: {e}") from e
     finally:
+        watchdog.cancel()
         with _lock:
             if _current_process is proc:
                 _current_process = None
 
+    t_out.join(timeout=10)
+    t_err.join(timeout=10)
+
+    if killed_by_watchdog.is_set():
+        raise subprocess.TimeoutExpired(cmd, timeout)
+
+    stdout_data = "".join(stdout_chunks)
+    stderr_data = "".join(stderr_chunks)
+
+    if log_path:
+        with open(log_path, "a", encoding="utf-8") as f:
+            f.write(f"[{ts}] Process exited: stdout={len(stdout_data)} stderr={len(stderr_data)}\n")
+
     raw_stdout = stdout_data or ""
     stderr = stderr_data or ""
     output, input_tokens, output_tokens, cost_usd, context_tokens = _parse_stream_json(raw_stdout)
@@ -383,7 +585,8 @@ class Session:
     """Tracks the full state of an agent run session."""
 
     def __init__(self, task: str, working_dir: str, context: Optional[str] = None, auto_commit: bool = False, timeout_minutes: int = 60,
-                 manager_model: str = "", builder_model: str = "", reviewer_model: str = "", user_name: str = ""):
+                 manager_model: str = "", builder_model: str = "", reviewer_model: str = "", user_name: str = "",
+                 blocked_mcp_servers: Optional[list[str]] = None):
         self.session_id = uuid.uuid4().hex[:12]
         self.task = task
         self.working_dir = working_dir
@@ -391,6 +594,7 @@ class Session:
         self.user_name = user_name
         self.context = context
         self.auto_commit = auto_commit
+        self.blocked_mcp_servers = blocked_mcp_servers or []
         self.auto_committed = False
         self.timeout = max(5, min(120, timeout_minutes)) * 60
         self.status = "running"
@@ -505,6 +709,7 @@ def _orchestrate(session: Session) -> None:
         # Step 1: Manager analyzes the task
         session.agents["manager"]["status"] = "busy"
         session.agents["manager"]["started_at"] = time.strftime("%Y-%m-%dT%H:%M:%S")
+        session.agents["manager"]["last_output"] = ""
         session._save_state()
 
         context = _gather_project_context(session.working_dir)
@@ -515,17 +720,18 @@ def _orchestrate(session: Session) -> None:
         if session.user_name:
             manager_prompt = f"The user's name is {session.user_name}.\n\n" + manager_prompt
         try:
-            manager_output, m_in, m_out, m_ctx = _invoke_agent(
-                "manager", manager_prompt, session.working_dir,
+            manager_output, m_in, m_out = _invoke_api_agent(
+                "manager", manager_prompt,
+                system_prompt=SYSTEM_PROMPTS["manager"],
                 log_path=session_log_dir / "manager.log",
-                skip_permissions=True, session_id=session.session_id,
-                timeout=min(180, session.timeout),
+                timeout=min(600, session.timeout),
                 model=session.models.get("manager", ""),
+                session_id=session.session_id,
             )
         except subprocess.TimeoutExpired:
             session.agents["manager"]["status"] = "timeout"
             session.status = "error"
-            session.result = "Manager timed out after 3 minutes. Try a simpler task description or break the task into smaller pieces."
+            session.result = "Manager timed out after 10 minutes. Try a simpler task description or break the task into smaller pieces."
             session._save_state()
             return
         except RuntimeError:
@@ -536,7 +742,7 @@ def _orchestrate(session: Session) -> None:
             return
         session.agents["manager"]["input_tokens"] += m_in
         session.agents["manager"]["output_tokens"] += m_out
-        session.agents["manager"]["context_tokens"] = m_ctx
+        session.agents["manager"]["context_tokens"] = m_in
         session.agents["manager"]["last_output"] = (manager_output or "")[:500]
 
         session.agents["manager"]["status"] = "done"
@@ -563,6 +769,7 @@ def _orchestrate(session: Session) -> None:
             # Builder
             session.agents["builder"]["status"] = "busy"
             session.agents["builder"]["started_at"] = time.strftime("%Y-%m-%dT%H:%M:%S")
+            session.agents["builder"]["last_output"] = ""
             session._save_state()
 
             builder_prompt = (
@@ -578,9 +785,11 @@ def _orchestrate(session: Session) -> None:
                 builder_output, b_in, b_out, b_ctx = _invoke_agent(
                     "builder", builder_prompt, session.working_dir,
                     log_path=session_log_dir / "builder.log",
-                    skip_permissions=True, bare=True, session_id=session.session_id,
+                    skip_permissions=True, session_id=session.session_id,
                     timeout=session.timeout,
                     model=session.models.get("builder", ""),
+                    disallowed_tools=session.blocked_mcp_servers,
+                    session=session,
                 )
             except subprocess.TimeoutExpired:
                 session.agents["builder"]["status"] = "timeout"
@@ -630,6 +839,7 @@ def _orchestrate(session: Session) -> None:
             # Reviewer
             session.agents["reviewer"]["status"] = "busy"
             session.agents["reviewer"]["started_at"] = time.strftime("%Y-%m-%dT%H:%M:%S")
+            session.agents["reviewer"]["last_output"] = ""
             session._save_state()
 
             reviewer_prompt = (
@@ -638,12 +848,13 @@ def _orchestrate(session: Session) -> None:
                 + f"\n\nBuilder output (iteration {iteration}):\n{builder_output}"
             )
             try:
-                reviewer_output, r_in, r_out, r_ctx = _invoke_agent(
-                    "reviewer", reviewer_prompt, session.working_dir,
+                reviewer_output, r_in, r_out = _invoke_api_agent(
+                    "reviewer", reviewer_prompt,
+                    system_prompt=SYSTEM_PROMPTS["reviewer"],
                     log_path=session_log_dir / "reviewer.log",
-                    bare=True, session_id=session.session_id,
                     timeout=session.timeout,
                     model=session.models.get("reviewer", ""),
+                    session_id=session.session_id,
                 )
             except subprocess.TimeoutExpired:
                 session.agents["reviewer"]["status"] = "timeout"
@@ -659,7 +870,7 @@ def _orchestrate(session: Session) -> None:
                 return
             session.agents["reviewer"]["input_tokens"] += r_in
             session.agents["reviewer"]["output_tokens"] += r_out
-            session.agents["reviewer"]["context_tokens"] = r_ctx
+            session.agents["reviewer"]["context_tokens"] = r_in
             session.agents["reviewer"]["last_output"] = (reviewer_output or "")[:500]
 
             session.agents["reviewer"]["status"] = "done"
@@ -772,7 +983,8 @@ _BLOCKED_NIX = {"/etc", "/var", "/proc", "/sys", "/boot"}
 
 
 def start_run(task: str, working_dir: Optional[str] = None, context: Optional[str] = None, auto_commit: bool = True, timeout_minutes: int = 60,
-              manager_model: str = "", builder_model: str = "", reviewer_model: str = "", user_name: str = "") -> dict:
+              manager_model: str = "", builder_model: str = "", reviewer_model: str = "", user_name: str = "",
+              blocked_mcp_servers: Optional[list[str]] = None) -> dict:
     """Start a new agent run. Returns session info."""
     global _current_session, _orchestration_thread
 
@@ -791,18 +1003,22 @@ def start_run(task: str, working_dir: Optional[str] = None, context: Optional[st
         if any(str_wd == bp or str_wd.startswith(bp + "/") for bp in _BLOCKED_NIX):
             return {"error": f"Working directory not allowed: {wd}"}
 
+    if blocked_mcp_servers is None:
+        blocked_mcp_servers = get_blocked_servers_for_project(str(wd))
+
     with _lock:
         if _current_session and _current_session.status == "running":
             return {"error": "A session is already running", "session_id": _current_session.session_id}
 
         session = Session(task=task, working_dir=working_dir, context=context, auto_commit=auto_commit, timeout_minutes=timeout_minutes,
-                          manager_model=manager_model, builder_model=builder_model, reviewer_model=reviewer_model, user_name=user_name)
+                          manager_model=manager_model, builder_model=builder_model, reviewer_model=reviewer_model, user_name=user_name,
+                          blocked_mcp_servers=blocked_mcp_servers)
         _current_session = session
 
     session._save_state()
 
     _orchestration_thread = threading.Thread(
-        target=_orchestrate, args=(session,), daemon=True, name="orchestrator"
+        target=_orchestrate, args=(session,), daemon=False, name="orchestrator"
     )
     _orchestration_thread.start()
 

{memstack_skill_loader-4.0.3 → memstack_skill_loader-4.0.5}/src/memstack_skill_loader/dashboard.html

@@ -835,6 +835,76 @@
     font-size: 0.82rem;
   }
 
+  /* ── Builder MCP Tools section ── */
+  .mcp-tools-details {
+    margin-bottom: 0.8rem;
+  }
+  .mcp-tools-summary {
+    cursor: pointer;
+    font-size: 0.82rem;
+    color: #8b949e;
+    font-weight: 600;
+    list-style: none;
+    display: flex;
+    align-items: center;
+    gap: 0.4rem;
+  }
+  .mcp-tools-summary::-webkit-details-marker { display: none; }
+  .mcp-tools-summary::before {
+    content: '▶';
+    font-size: 0.6rem;
+    transition: transform 0.2s;
+  }
+  .mcp-tools-details[open] > .mcp-tools-summary::before {
+    transform: rotate(90deg);
+  }
+  .mcp-tools-summary:hover { color: #c9d1d9; }
+  .mcp-tools-list {
+    margin-top: 0.5rem;
+    display: flex;
+    flex-direction: column;
+    gap: 0.3rem;
+  }
+  .mcp-tools-row {
+    display: flex;
+    align-items: center;
+    gap: 0.5rem;
+    font-size: 0.82rem;
+    color: #c9d1d9;
+  }
+  .mcp-tools-row input[type="checkbox"] {
+    accent-color: #238636;
+    width: 14px;
+    height: 14px;
+    cursor: pointer;
+    flex-shrink: 0;
+  }
+  .mcp-tools-row label { cursor: pointer; font-family: monospace; }
+  .mcp-tools-hint {
+    font-size: 0.72rem;
+    color: #484f58;
+    margin-top: 0.4rem;
+  }
+  .mcp-tools-save-btn {
+    margin-top: 0.5rem;
+    background: #21262d;
+    color: #8b949e;
+    border: 1px solid #30363d;
+    padding: 0.3rem 0.8rem;
+    border-radius: 6px;
+    font-size: 0.75rem;
+    cursor: pointer;
+    transition: background 0.2s, color 0.2s;
+  }
+  .mcp-tools-save-btn:hover { background: #30363d; color: #c9d1d9; }
+  .mcp-tools-saved {
+    font-size: 0.72rem;
+    color: #39d353;
+    margin-left: 0.5rem;
+    opacity: 0;
+    transition: opacity 0.3s;
+  }
+
   /* ── Dancing status phrases ── */
   .agent-status-phrase {
     transition: opacity 0.3s ease;
@@ -1431,7 +1501,7 @@
         <label style="display:block;font-size:0.82rem;color:#8b949e;margin-bottom:0.4rem;font-weight:600;">Task Description</label>
         <div style="position:relative;margin-bottom:1rem;">
           <textarea id="agent-task-input" rows="4" placeholder="Describe what you want the agents to build..." style="width:100%;background:#0d1117;border:1px solid #30363d;border-radius:6px;color:#e6edf3;padding:0.7rem;font-size:0.88rem;resize:vertical;font-family:inherit;margin:0;"></textarea>
-          <button onclick="document.getElementById('agent-task-input').value='';document.getElementById('agent-workdir-input').value='';document.getElementById('agent-context-input').value='';document.getElementById('agent-task-input').focus();" style="position:absolute;top:4px;right:4px;background:#21262d;border:1px solid #30363d;color:#8b949e;padding:8px;border-radius:4px;cursor:pointer;font-size:14px;line-height:1;z-index:1;" onmouseenter="this.style.color='#e6edf3'" onmouseleave="this.style.color='#8b949e'" title="Clear task and working directory">&times;</button>
+          <button onclick="document.getElementById('agent-task-input').value='';document.getElementById('agent-workdir-input').value='';document.getElementById('agent-context-input').value='';fetchMcpServers('');document.getElementById('agent-task-input').focus();" style="position:absolute;top:4px;right:4px;background:#21262d;border:1px solid #30363d;color:#8b949e;padding:8px;border-radius:4px;cursor:pointer;font-size:14px;line-height:1;z-index:1;" onmouseenter="this.style.color='#e6edf3'" onmouseleave="this.style.color='#8b949e'" title="Clear task and working directory">&times;</button>
         </div>
         <label style="display:block;font-size:0.82rem;color:#8b949e;margin-bottom:0.4rem;font-weight:600;">Working Directory</label>
         <div style="display:flex;gap:0.5rem;margin-bottom:0.3rem;">
@@ -1474,6 +1544,20 @@
             </div>
           </div>
         </details>
+        <details class="mcp-tools-details" id="mcp-tools-details">
+          <summary class="mcp-tools-summary" id="mcp-tools-summary">Builder MCP Tools</summary>
+          <div id="mcp-tools-container">
+            <div id="mcp-tools-loading" style="font-size:0.78rem;color:#484f58;padding:0.3rem 0;">Enter a working directory to discover MCP servers</div>
+            <div id="mcp-tools-list" class="mcp-tools-list" style="display:none;"></div>
+            <div id="mcp-tools-empty" style="display:none;font-size:0.78rem;color:#484f58;padding:0.3rem 0;">No MCP servers found in this project</div>
+            <p class="mcp-tools-hint" id="mcp-tools-hint" style="display:none;">Unchecked servers will be excluded from the Builder's context to reduce token usage</p>
+            <p id="mcp-tools-global-note" style="display:none;font-size:0.72rem;color:#d29922;margin:0.3rem 0 0;">Using global defaults</p>
+            <div id="mcp-tools-actions" style="display:none;margin-top:0.4rem;">
+              <button class="mcp-tools-save-btn" onclick="saveMcpToolsConfig()">Save as Default</button>
+              <span class="mcp-tools-saved" id="mcp-tools-saved">Saved</span>
+            </div>
+          </div>
+        </details>
         <label for="agent-autocommit-checkbox" style="display:flex;align-items:center;gap:0.5rem;font-size:0.82rem;color:#8b949e;margin-bottom:1rem;cursor:pointer;position:relative;z-index:1;">
           <input id="agent-autocommit-checkbox" type="checkbox" style="accent-color:#238636;width:15px;height:15px;cursor:pointer;flex-shrink:0;">
           Auto-commit on approval
@@ -1644,6 +1728,36 @@
     </div>
   </div>
 
+  <div class="panel">
+    <h3>Agent Runner Setup</h3>
+    <p style="color:#8b949e;font-size:0.82rem;margin:0 0 0.8rem;">
+      The Agent Runner requires an Anthropic API key for the Manager and Reviewer agents.
+      The Builder uses Claude Code directly. Headroom is optional but recommended for token compression.
+    </p>
+    <div style="display:grid;grid-template-columns:auto 1fr;gap:0.5rem 1rem;font-size:0.82rem;align-items:start;">
+      <span style="color:#8b949e;">API Key</span>
+      <span id="settings-api-key-status" style="color:#c9d1d9;">—</span>
+      <span style="color:#8b949e;">Headroom Proxy</span>
+      <span id="settings-proxy-status" style="color:#c9d1d9;">—</span>
+    </div>
+  </div>
+
+  <div class="panel">
+    <details class="mcp-tools-details">
+      <summary class="mcp-tools-summary">Default MCP Tools</summary>
+      <div style="padding:0.3rem 0;">
+        <p style="color:#8b949e;font-size:0.78rem;margin:0 0 0.6rem;">Set which MCP servers are blocked by default across all projects. Per-project settings override these defaults.</p>
+        <label style="font-size:0.78rem;color:#8b949e;display:block;margin-bottom:0.3rem;">Blocked servers (comma-separated)</label>
+        <input type="text" id="settings-global-mcp-blocked" class="settings-text-input" placeholder="e.g. agent-bridge, connectstack-uptimerobot">
+        <div style="display:flex;gap:0.5rem;margin-top:0.5rem;align-items:center;">
+          <button class="mcp-tools-save-btn" onclick="saveGlobalMcpDefaults(false)">Save Defaults</button>
+          <button class="mcp-tools-save-btn" style="background:#30363d;" onclick="applyGlobalMcpToAll()">Apply to All Projects</button>
+          <span id="settings-global-mcp-saved" class="mcp-tools-saved">Saved</span>
+        </div>
+      </div>
+    </details>
+  </div>
+
   <div class="panel">
     <h3>Dashboard Info</h3>
     <div style="display:grid;grid-template-columns:auto 1fr;gap:0.4rem 1.2rem;font-size:0.82rem;">
@@ -2805,6 +2919,8 @@ async function startAgentTask() {
     body.builder_model = document.getElementById('agent-model-builder').value;
     body.reviewer_model = document.getElementById('agent-model-reviewer').value;
     body.user_name = userProfile.user_name || '';
+    const blockedMcp = getBlockedMcpServers();
+    if (blockedMcp.length) body.blocked_mcp_servers = blockedMcp;
     const res = await fetch('/api/agent-run', {method:'POST', headers: AUTH_HEADERS, body: JSON.stringify(body)});
     const data = await res.json();
     if (data.error) { alert(data.error); return; }
@@ -2843,6 +2959,12 @@ async function loadAgentMonitor() {
       lbl.textContent = userProfile.agent_names[role];
     }
   }
+  updateMcpToolsSummaryLabel();
+  const wdInput = document.getElementById('agent-workdir-input');
+  if (wdInput && !wdInput._mcpBound) {
+    wdInput._mcpBound = true;
+    wdInput.addEventListener('blur', () => fetchMcpServers(wdInput.value.trim()));
+  }
   fetchAgentStatus();
   loadRecentProjects();
   loadLastWorkdir();
@@ -2858,10 +2980,110 @@ async function loadLastWorkdir() {
     if (input.value.trim()) return;
     const res = await fetch('/api/last-workdir', {headers: {'X-Auth-Token': AUTH_TOKEN}});
     const data = await res.json();
-    if (data.path) input.value = data.path;
+    if (data.path) { input.value = data.path; fetchMcpServers(data.path); }
   } catch(e) { /* ignore */ }
 }
 
+/* ─── Builder MCP Tools ─── */
+let _mcpServers = [];
+let _mcpBlocked = new Set();
+
+function updateMcpToolsSummaryLabel() {
+  const el = document.getElementById('mcp-tools-summary');
+  if (!el) return;
+  const name = (userProfile.agent_names && userProfile.agent_names.builder) || 'Builder';
+  el.textContent = name + ' MCP Tools';
+}
+
+async function fetchMcpServers(workdir) {
+  const listEl = document.getElementById('mcp-tools-list');
+  const emptyEl = document.getElementById('mcp-tools-empty');
+  const loadingEl = document.getElementById('mcp-tools-loading');
+  const hintEl = document.getElementById('mcp-tools-hint');
+  const actionsEl = document.getElementById('mcp-tools-actions');
+  if (!workdir) {
+    listEl.style.display = 'none'; emptyEl.style.display = 'none'; hintEl.style.display = 'none'; actionsEl.style.display = 'none';
+    const gn = document.getElementById('mcp-tools-global-note'); if (gn) gn.style.display = 'none';
+    loadingEl.style.display = ''; loadingEl.textContent = 'Enter a working directory to discover MCP servers';
+    _mcpServers = []; _mcpBlocked = new Set();
+    return;
+  }
+  const globalNoteEl = document.getElementById('mcp-tools-global-note');
+  loadingEl.style.display = ''; loadingEl.textContent = 'Discovering MCP servers...';
+  listEl.style.display = 'none'; emptyEl.style.display = 'none'; hintEl.style.display = 'none'; actionsEl.style.display = 'none';
+  if (globalNoteEl) globalNoteEl.style.display = 'none';
+  try {
+    const res = await fetch('/api/mcp-servers?workdir=' + encodeURIComponent(workdir), {headers: AUTH_GET});
+    const data = await res.json();
+    _mcpServers = data.servers || [];
+    _mcpBlocked = new Set(data.blocked || []);
+    loadingEl.style.display = 'none';
+    if (_mcpServers.length === 0) {
+      emptyEl.style.display = ''; return;
+    }
+    listEl.innerHTML = _mcpServers.map(srv => {
+      const checked = !_mcpBlocked.has(srv) ? 'checked' : '';
+      const id = 'mcp-srv-' + srv.replace(/[^a-zA-Z0-9_-]/g, '_');
+      return `<div class="mcp-tools-row"><input type="checkbox" id="${id}" value="${escapeHtml(srv)}" ${checked}><label for="${id}">${escapeHtml(srv)}</label></div>`;
+    }).join('');
+    listEl.style.display = ''; hintEl.style.display = ''; actionsEl.style.display = '';
+    if (globalNoteEl && !data.has_project_config && (data.global_blocked || []).length > 0) {
+      globalNoteEl.style.display = '';
+    }
+  } catch(e) {
+    loadingEl.style.display = 'none'; emptyEl.style.display = ''; emptyEl.textContent = 'Failed to discover MCP servers';
+  }
+}
+
+function getBlockedMcpServers() {
+  const blocked = [];
+  for (const srv of _mcpServers) {
+    const id = 'mcp-srv-' + srv.replace(/[^a-zA-Z0-9_-]/g, '_');
+    const cb = document.getElementById(id);
+    if (cb && !cb.checked) blocked.push(srv);
+  }
+  return blocked;
+}
+
+async function saveMcpToolsConfig() {
+  const workdir = document.getElementById('agent-workdir-input').value.trim();
+  if (!workdir) return;
+  const blocked = getBlockedMcpServers();
+  try {
+    await fetch('/api/builder-tools-config', {method: 'POST', headers: AUTH_HEADERS, body: JSON.stringify({workdir, blocked})});
+    const savedEl = document.getElementById('mcp-tools-saved');
+    savedEl.style.opacity = '1';
+    setTimeout(() => { savedEl.style.opacity = '0'; }, 2000);
+  } catch(e) { /* ignore */ }
+}
+
+async function loadGlobalMcpDefaults() {
+  try {
+    const res = await fetch('/api/global-mcp-defaults', {headers: AUTH_GET});
+    const d = await res.json();
+    const el = document.getElementById('settings-global-mcp-blocked');
+    if (el) el.value = (d.blocked || []).join(', ');
+  } catch(e) { /* ignore */ }
+}
+
+async function saveGlobalMcpDefaults(applyAll) {
+  const el = document.getElementById('settings-global-mcp-blocked');
+  if (!el) return;
+  const blocked = el.value.split(',').map(s => s.trim()).filter(Boolean);
+  try {
+    await fetch('/api/global-mcp-defaults', {method: 'POST', headers: AUTH_HEADERS, body: JSON.stringify({blocked, apply_all: !!applyAll})});
+    const savedEl = document.getElementById('settings-global-mcp-saved');
+    savedEl.textContent = applyAll ? 'Applied to all' : 'Saved';
+    savedEl.style.opacity = '1';
+    setTimeout(() => { savedEl.style.opacity = '0'; }, 2000);
+  } catch(e) { /* ignore */ }
+}
+
+function applyGlobalMcpToAll() {
+  if (!confirm('This will overwrite all per-project MCP settings. Continue?')) return;
+  saveGlobalMcpDefaults(true);
+}
+
 function autoResize(textarea) {
     textarea.style.height = 'auto';
     textarea.style.height = textarea.scrollHeight + 'px';
@@ -2970,7 +3192,7 @@ async function loadRecentProjects() {
     if (!dirs.length) { dropdown.style.display = 'none'; return; }
     dropdown.style.display = 'block';
     dropdown.innerHTML = dirs.map(d =>
-      `<div style="padding:0.4rem 0.7rem;cursor:pointer;font-size:0.8rem;font-family:monospace;color:#8b949e;border-bottom:1px solid #21262d;transition:background 0.15s;" onmouseenter="this.style.background='#161b22';this.style.color='#e6edf3'" onmouseleave="this.style.background='';this.style.color='#8b949e'" onclick="document.getElementById('agent-workdir-input').value=this.textContent">${escapeHtml(d)}</div>`
+      `<div style="padding:0.4rem 0.7rem;cursor:pointer;font-size:0.8rem;font-family:monospace;color:#8b949e;border-bottom:1px solid #21262d;transition:background 0.15s;" onmouseenter="this.style.background='#161b22';this.style.color='#e6edf3'" onmouseleave="this.style.background='';this.style.color='#8b949e'" onclick="document.getElementById('agent-workdir-input').value=this.textContent;fetchMcpServers(this.textContent)">${escapeHtml(d)}</div>`
     ).join('');
   } catch(e) { /* ignore */ }
 }
@@ -2992,6 +3214,7 @@ function closeDirBrowser() {
 function selectDirBrowser() {
   document.getElementById('agent-workdir-input').value = dirBrowserCurrentPath;
   closeDirBrowser();
+  fetchMcpServers(dirBrowserCurrentPath);
 }
 
 function dirBrowserBack() {
@@ -3231,6 +3454,7 @@ function renderAgentUI(data) {
     const pulseStyle = a.status === 'busy' ? 'animation:pulse-busy 2s infinite;' : '';
     const roleIcon = role === 'manager' ? '&#128188;' : role === 'builder' ? '&#128736;' : '&#128269;';
     let statusDisplay;
+    const hasStreamOutput = a.status === 'busy' && a.last_output && a.last_output.trim().length > 0;
     if (a.status === 'busy' && BUSY_PHRASES[role]) {
       const phrase = BUSY_PHRASES[role][busyPhraseIndices[role] % BUSY_PHRASES[role].length];
       const customName = (userProfile.agent_names && userProfile.agent_names[role]) || role.charAt(0).toUpperCase() + role.slice(1);
@@ -3276,6 +3500,8 @@ function renderAgentUI(data) {
       }
     }
     const errorBorder = (a.status === 'error' || a.status === 'timeout' || a.status === 'crashed') ? ' agent-card-error-border' : '';
+    const outputMaxHeight = hasStreamOutput ? '6em' : '3em';
+    const outputSnippet = escapeHtml((a.last_output || '').substring(0, hasStreamOutput ? 500 : 150));
     return `<div class="agent-card${errorBorder}" style="${pulseStyle}">
       <span class="agent-tooltip">${escapeHtml(ROLE_DESCRIPTIONS[role] || '')}</span>
       <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:0.6rem;">
@@ -3283,7 +3509,7 @@ function renderAgentUI(data) {
         <span style="background:${color}20;color:${color};padding:2px 8px;border-radius:12px;font-size:0.7rem;font-weight:600;text-transform:uppercase;">${statusDisplay}</span>
       </div>
       <div style="font-size:0.75rem;color:#8b949e;line-height:1.6;">
-        <div style="margin-top:0.3rem;color:#c9d1d9;font-size:0.72rem;max-height:3em;overflow:hidden;text-overflow:ellipsis;">${escapeHtml((a.last_output || '').substring(0, 150))}</div>
+        <div style="margin-top:0.3rem;color:#c9d1d9;font-size:0.72rem;max-height:${outputMaxHeight};overflow:hidden;text-overflow:ellipsis;white-space:pre-wrap;word-break:break-word;">${outputSnippet}</div>
       </div>
       ${elapsedHtml}
       ${contextHtml}
@@ -3481,8 +3707,24 @@ async function loadSettings() {
     document.getElementById('settings-pro-dir').textContent = d.pro_skills_dir || '—';
     document.getElementById('settings-stats-db').textContent = d.stats_db || '—';
     document.getElementById('settings-sessions-dir').textContent = d.sessions_dir || '—';
+
+    const apiKeyEl = document.getElementById('settings-api-key-status');
+    if (d.api_key_set) {
+      apiKeyEl.innerHTML = '<span style="color:#3fb950;">&#10003;</span> API key detected';
+    } else {
+      apiKeyEl.innerHTML = '<span style="color:#f85149;">&#10007;</span> Not set &mdash; run <code style="background:#161b22;padding:0.1rem 0.4rem;border-radius:3px;color:#c9d1d9;">set ANTHROPIC_API_KEY=sk-ant-...</code> before starting the dashboard';
+    }
+
+    const proxyEl = document.getElementById('settings-proxy-status');
+    if (d.base_url) {
+      proxyEl.innerHTML = '<span style="color:#3fb950;">&#10003;</span> Headroom proxy active at <code style="background:#161b22;padding:0.1rem 0.4rem;border-radius:3px;color:#c9d1d9;">' + d.base_url.replace(/</g,'&lt;') + '</code>';
+    } else {
+      proxyEl.innerHTML = 'Optional: Install <a href="https://github.com/chopratejas/headroom" target="_blank" style="color:#58a6ff;">Headroom</a> for ~34% token savings';
+    }
+
     loadModelPrefs();
     await loadUserProfile();
+    loadGlobalMcpDefaults();
     settingsLoaded = true;
   } catch (e) {
     console.error('Settings load failed:', e);

{memstack_skill_loader-4.0.3 → memstack_skill_loader-4.0.5}/src/memstack_skill_loader/dashboard.py

@@ -458,6 +458,27 @@ class _Handler(BaseHTTPRequestHandler):
                 pass
             body = json.dumps({"path": path}).encode()
             self._respond(200, "application/json", body)
+        elif self.path.startswith("/api/mcp-servers"):
+            parsed = urlparse(self.path)
+            qs = parse_qs(parsed.query)
+            workdir = qs.get("workdir", [""])[0]
+            servers = agent_runner.discover_mcp_servers(workdir) if workdir else []
+            cfg = agent_runner.load_builder_tools_config()
+            blocked: list[str] = []
+            has_project_config = False
+            if workdir:
+                if workdir in cfg:
+                    blocked = cfg[workdir]
+                    has_project_config = True
+                else:
+                    blocked = cfg.get("_global_defaults", [])
+            global_blocked = cfg.get("_global_defaults", [])
+            body = json.dumps({"servers": servers, "blocked": blocked, "global_blocked": global_blocked, "has_project_config": has_project_config}).encode()
+            self._respond(200, "application/json", body)
+        elif self.path == "/api/global-mcp-defaults":
+            cfg = agent_runner.load_builder_tools_config()
+            body = json.dumps({"blocked": cfg.get("_global_defaults", [])}).encode()
+            self._respond(200, "application/json", body)
         elif self.path == "/api/headroom-stats":
             try:
                 req = urllib.request.Request("http://127.0.0.1:8787/stats")
@@ -511,6 +532,8 @@ class _Handler(BaseHTTPRequestHandler):
                 "pro_skills_dir": str(home / ".memstack" / "pro-skills"),
                 "stats_db": str(DB_PATH),
                 "sessions_dir": str(home / ".memstack" / "agent-runner" / "sessions"),
+                "api_key_set": bool(os.environ.get("ANTHROPIC_API_KEY")),
+                "base_url": os.environ.get("ANTHROPIC_BASE_URL", ""),
             }
             body = json.dumps(data).encode()
             self._respond(200, "application/json", body)
@@ -723,8 +746,10 @@ class _Handler(BaseHTTPRequestHandler):
                 builder_model = data.get("builder_model", "")
                 reviewer_model = data.get("reviewer_model", "")
                 user_name = str(data.get("user_name", "")).strip()
+                blocked_mcp = data.get("blocked_mcp_servers", [])
                 result = agent_runner.start_run(task=task, working_dir=working_dir, context=context, auto_commit=auto_commit, timeout_minutes=timeout_minutes,
-                                                manager_model=manager_model, builder_model=builder_model, reviewer_model=reviewer_model, user_name=user_name)
+                                                manager_model=manager_model, builder_model=builder_model, reviewer_model=reviewer_model, user_name=user_name,
+                                                blocked_mcp_servers=blocked_mcp)
                 body = json.dumps(result).encode()
                 status_code = 200 if "session_id" in result else 400
                 self._respond(status_code, "application/json", body)
@@ -766,6 +791,49 @@ class _Handler(BaseHTTPRequestHandler):
             except Exception as exc:
                 body = json.dumps({"success": False, "error": str(exc)}).encode()
                 self._respond(500, "application/json", body)
+        elif self.path == "/api/builder-tools-config":
+            try:
+                content_len = int(self.headers.get("Content-Length", 0))
+                raw = self.rfile.read(content_len).decode("utf-8") if content_len else ""
+                data = json.loads(raw)
+                workdir = data.get("workdir", "").strip()
+                blocked = data.get("blocked", [])
+                if not workdir:
+                    body = json.dumps({"success": False, "error": "Missing 'workdir' field."}).encode()
+                    self._respond(400, "application/json", body)
+                    return
+                cfg = agent_runner.load_builder_tools_config()
+                cfg[workdir] = blocked
+                agent_runner.save_builder_tools_config(cfg)
+                body = json.dumps({"success": True}).encode()
+                self._respond(200, "application/json", body)
+            except (json.JSONDecodeError, ValueError):
+                body = json.dumps({"success": False, "error": "Invalid JSON body."}).encode()
+                self._respond(400, "application/json", body)
+            except Exception as exc:
+                body = json.dumps({"success": False, "error": str(exc)}).encode()
+                self._respond(500, "application/json", body)
+        elif self.path == "/api/global-mcp-defaults":
+            try:
+                content_len = int(self.headers.get("Content-Length", 0))
+                raw = self.rfile.read(content_len).decode("utf-8") if content_len else ""
+                data = json.loads(raw)
+                blocked = data.get("blocked", [])
+                cfg = agent_runner.load_builder_tools_config()
+                cfg["_global_defaults"] = blocked
+                if data.get("apply_all"):
+                    for key in list(cfg.keys()):
+                        if key != "_global_defaults":
+                            cfg[key] = list(blocked)
+                agent_runner.save_builder_tools_config(cfg)
+                body = json.dumps({"success": True}).encode()
+                self._respond(200, "application/json", body)
+            except (json.JSONDecodeError, ValueError):
+                body = json.dumps({"success": False, "error": "Invalid JSON body."}).encode()
+                self._respond(400, "application/json", body)
+            except Exception as exc:
+                body = json.dumps({"success": False, "error": str(exc)}).encode()
+                self._respond(500, "application/json", body)
         elif self.path == "/api/burn-report/reset":
             try:
                 from .stats import reset_burn_stats

{memstack_skill_loader-4.0.3 → memstack_skill_loader-4.0.5/src/memstack_skill_loader.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: memstack-skill-loader
-Version: 4.0.3
+Version: 4.0.5
 Summary: MCP server that vector-indexes MemStack Pro skills for on-demand loading
 Requires-Python: >=3.10
 Requires-Dist: mcp>=1.0.0