veto
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| VETO_COMPACT | No | Set to '1' to enable compact mode, which reduces advertised tools from 93 to 9 to save context tokens. | |
| VETO_HTTP_HOST | No | Set to bind the HTTP transport to a non-loopback address. Default is loopback only. |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {} |
| prompts | {} |
| resources | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| veto_statusA | Returns Veto server status, version, and database info. Pass token_count to trigger auto-save if context usage crosses 70%. |
| veto_autosave_statusA | Returns the current auto-save state: whether a context is cached, the threshold, the last auto-save time, and the session ID. |
| veto_healthA | Returns a live health snapshot of the Veto server — DB size, session/memory/pattern counts, uptime, error count, and average council latency. |
| veto_rate_statusA | Returns current request counts and rate limit status for all AI platforms tracked by Veto. |
| veto_snapshotA | Returns the whole Veto state an editor HUD / statusline needs in ONE read-only call: latest session, latest council verdict, top learned patterns, per-platform rate usage, memory count, and health. Same shape the CLI statusline composes — built for veto-vscode and other editor integrations. |
| veto_session_saveA | Saves the current session context to SQLite. Set auto_summarize: true to have Veto read the full conversation and generate an accurate structured summary itself — no manual writing needed. Pass session_id to update an existing session in-place. |
| veto_session_restoreA | Restores the saved context snapshot of a previous session by ID so you can resume work where it left off. Use veto_sessions_list to find IDs. For the chronological event timeline instead of the working context, use veto_session_replay. |
| veto_sessions_listA | Lists the most recent saved sessions. Use query to search by summary, context, tags, or project path. |
| veto_handoffA | Saves the current session and returns step-by-step instructions to continue on another AI platform (Gemini or Codex). Call this when Claude is approaching its rate limit. The receiving platform calls veto_continue to restore full context instantly. |
| veto_continueA | Restores the most recent session on any platform. Call this immediately after switching platforms — Veto returns the full context, summary, and next action. Nothing needs to be re-explained. |
| veto_council_debateA | Runs the Veto Council — 7 specialist agents debate your task and return a GREEN/YELLOW/RED/DEADLOCK verdict. For full LLM-backed analysis on any platform (Claude Code, Gemini CLI, Codex CLI) with no API keys: (1) call with task only → get instant deterministic result + llm_upgrade.debate_prompt; (2) reason as all 7 agents using the prompt, then call again with agent_responses → get the LLM-backed verdict. |
| veto_benchmarkA | Compares two competing approaches by running a full council debate on each in parallel, then returns a structured winner analysis with verdict, confidence delta, warning counts, and council reasoning. Use when you have two valid options and want an unbiased council judgment before committing. |
| veto_route_taskA | Scores a task for complexity (0-100) and returns the optimal tier, model recommendation, and rate status. Use before any substantial task to let the router decide which model to use. |
| veto_agent_planA | Gets a domain-expert execution plan from a specific worker agent. Returns approach, ordered steps, checklist, patterns, and pitfalls for the task. |
| veto_execute_parallelB | Runs multiple worker agents simultaneously via Promise.all. Use to get domain expert input from several agents in one round-trip — e.g. coder + tester + security-scanner all planning the same feature together. |
| veto_task_parseA | Parses a plain-English project description or PRD into a structured task DAG with dependencies, complexity scores, priorities, and suggested agent assignments. Feeds directly into veto_workflow. |
| veto_code_reviewA | Runs the Code Reviewer agent on a single snippet or file you pass directly. Returns scored findings (complexity, error handling, magic numbers, nesting, dead code) with severity and fixes. Pass file_path to surface findings as VS Code inline diagnostics (squiggles). For reviewing changed files across a git diff, use veto_diff_review instead. |
| veto_diff_reviewA | Reviews a git diff — runs code review, security scan, and secrets scan in parallel across all changed files. Returns a structured verdict (pass/warn/fail), per-file findings, and a CI-ready summary. Pass diff directly or let Veto read it from project_dir automatically. |
| veto_security_scanA | Runs the Security Scanner (OWASP Top 10) on provided code. Returns vulnerabilities with severity, CWE/OWASP category, and remediation steps. Pass file_path to surface findings as VS Code inline diagnostics. |
| veto_secrets_scanA | Scans text or code for exposed credentials — API keys, tokens, passwords, connection strings, private keys. Returns findings with masked values and line numbers. Pass file_path to surface findings as VS Code inline diagnostics. |
| veto_pr_reviewA | Fetches a GitHub PR diff and runs the full Veto triple-scan (code review + security + secrets). Returns a structured verdict and ready-to-post GitHub review comments. Set GITHUB_TOKEN env var for private repos. |
| veto_decisionsA | Decision-drift enforcement: records architectural decisions as machine-checkable constraints, then flags diffs that violate them. AI assistants forget decisions and re-litigate them sessions later — record "we use Postgres" with forbidden_patterns ["mongoose", "mongodb"] once, and veto_diff_review / veto_ci_gate automatically fail any future diff that adds them. Actions: add (rule + forbidden_patterns), list, check (a diff or the working tree), disable / enable (by id). |
| veto_memory_storeA | Stores a knowledge entry (solution, pattern, error, reference, or decision) in the local knowledge base for retrieval across sessions. Search before storing to avoid duplicates. |
| veto_memory_searchA | Searches the local knowledge base for entries matching a query. Call at the start of every task to find prior solutions before solving from scratch. |
| veto_memory_deleteA | Deletes a knowledge entry by ID. Use to remove stale or duplicate entries found via veto_memory_search. |
| veto_memory_exportA | Exports all local memory (sessions, knowledge, patterns, decisions, project maps) to a portable JSON or Markdown file. Use markdown for a human-readable VETO_MEMORY.md file. |
| veto_memory_importA | Imports memory from a JSON file exported by veto_memory_export on another machine. Merges into local SQLite using INSERT OR IGNORE — existing local rows are never overwritten. Call veto_sessions_list after import to confirm sessions arrived. |
| veto_pattern_storeA | Stores or updates a coding pattern observed in the codebase. Patterns are keyed by category.pattern-name and confidence increases with repeated observation. |
| veto_patterns_listA | Returns stored coding patterns. Filter by prefix to get patterns in a specific category (e.g. prefix="naming." for all naming conventions). |
| veto_record_outcomeA | Records a task outcome (quality score) to feed the self-learning router. Call after completing any task. The router auto-applies learned tier thresholds every 20 recorded outcomes (disable via config auto_apply_learning=false); veto_learning_apply forces an update on demand. |
| veto_learning_statsA | Returns the self-learning router dashboard: tier distribution, per-agent quality stats, suggested threshold adjustments, and council insights. Use to understand how the router is performing and where to improve. |
| veto_learning_applyA | Applies learned tier thresholds to the router based on recorded task outcomes. Requires at least 20 recorded outcomes. The router immediately uses the new thresholds on the next veto_route_task call. |
| veto_project_map_updateA | Updates the project structure map for a directory. Call after creating, deleting, or moving files. The map enables fast codebase navigation without filesystem scans. |
| veto_project_map_getA | Returns the stored project structure map for a directory. Use to navigate the codebase without scanning the filesystem. |
| veto_discoverB | Scans a project directory and builds a rich context map: git state, tech stack, file structure, dependencies, and key config files. Stores the result in Veto memory so agents always have accurate project context. Call this once per project or after major structural changes. |
| veto_context_statusA | Returns the context window usage for a saved session — tokens used, % of platform limit consumed, and whether to compress or hand off before the window fills. |
| veto_full_reviewA | Full pre-ship review: runs code review + security scan + secrets scan + quality analysis in parallel, then returns a combined verdict (pass/warn/fail). Use before any merge or deploy when you want richer output than veto_diff_review alone. |
| veto_pre_commitA | Pre-commit gate: runs secrets scan (hard block on any finding) + code review in parallel on staged changes. Faster than veto_full_review — tuned for commit-time validation. Returns a blocked/warn/pass verdict. |
| veto_new_featureA | New feature planning pipeline: council governance → execution plan → task DAG, in sequence. Collapses 3 manual tool calls into 1. RED council verdict stops the pipeline early — do not plan what is blocked. Returns council verdict + agent plan + structured task list. |
| veto_delegateA | Delegates a subtask to a specialist agent and returns only a compact summary — not the full output. Use when orchestrating multi-step work and you need an agent's conclusion without polluting your context with verbose output. Mirrors the "boomerang" delegation pattern. |
| veto_prompt_optimizerA | Scores a prompt for failure modes (vague role, missing output format, injection-prone, no examples) and returns a rewritten version with improvements. Zero API keys needed — uses the local agent loop. |
| veto_sre_advisorA | Calculates SLO error budget status (remaining %, projected exhaustion) and returns ranked reliability improvements. Error budget math is deterministic; prioritization uses the local agent loop. |
| veto_diagramA | Generates a Mermaid architecture diagram of the project. Returns diagram text ready to paste into GitHub, Notion, or any Mermaid renderer. |
| veto_adrA | Converts a veto_council_debate result into a MADR-format Architecture Decision Record (ADR). Writes to docs/decisions/NNNN-.md if project_dir is provided. Returns the ADR markdown content. |
| veto_env_setupA | Analyzes project config files (package.json, requirements.txt, .env, etc.) and generates a .env.example with all required environment variables, plus a step-by-step setup guide. |
| veto_commit_messageA | Generates a conventional-commit message from staged changes (git diff --cached). Returns type, scope, subject, and body following the Conventional Commits specification. |
| veto_pr_descriptionA | Generates a complete GitHub PR description (title, summary, change list, test plan, breaking changes) from git diff main...HEAD. Ready to paste into GitHub or post via veto_pr_post. |
| veto_pr_postA | Posts veto_pr_review or veto_diff_review findings directly to a GitHub PR as review comments. Requires GITHUB_TOKEN environment variable. Returns the review URL. |
| veto_debt_registerA | Analyzes code quality + git commit frequency to produce a ranked technical debt register. High-churn + low-quality files are highest priority. Returns a prioritized list with debt type, location, and suggested agent. |
| veto_doc_genA | Reads a source file and generates JSDoc/TSDoc/docstring comments for all public APIs. Returns the annotated file content. |
| veto_type_coverageA | Scans a TypeScript project for |
| veto_test_gapsA | Reads a coverage report (lcov/JSON) or scans source files to identify untested paths and suggests concrete test cases. |
| veto_onboardA | Generates a complete new-developer onboarding guide: setup, architecture, key files, how to run tests, first PR checklist. |
| veto_rcaA | Stack trace or error description → structured root-cause hypothesis with likely introducing commit. Combines git blame/log with debugger analysis. |
| veto_release_notesA | Generates user-facing release notes from merged commits since the last git tag. Rewrites dev-speak into plain English (fix: race condition → Login is now more reliable). |
| veto_postmortemA | Incident description + timeline → blameless postmortem with five-whys RCA, action items, and correlation with past council RED verdicts if available. |
| veto_dep_advisorA | Parses package.json/requirements.txt/Cargo.toml lockfile, queries OSV.dev (free, no key) for known vulnerabilities, and returns a risk-ranked upgrade plan with breaking-change flags. |
| veto_dep_verifyA | Dependency-hallucination guard: verifies proposed package names against the live registry (npm, PyPI, crates.io) BEFORE install. Checks existence, age, monthly downloads, version history, deprecation, and typo-distance from popular packages. Catches hallucinated names and slopsquatting/typosquat risks. Call this whenever an AI suggests installing a package you have not used before. |
| veto_query_advisorA | Accepts a SQL query or EXPLAIN ANALYZE output + optional schema → returns rewrite suggestions, CREATE INDEX statements, N+1 detection, and index risk assessment. |
| veto_bundle_advisorA | Accepts a webpack/Rollup/Vite stats JSON file → top 10 heaviest modules, duplicate packages, code-split candidates, and CDN externalization suggestions. |
| veto_dead_codeA | Project-scope dead code detector: unused exports, unreachable branches, stale feature flags (always-true/false constants). Returns council-governed deletion recommendations. |
| veto_hitl_checkpointA | Pauses an agentic workflow and returns a structured approval-request the host AI surfaces to the user. The user's reply in the AI conversation provides the approval signal. Use before destructive operations, RED council verdicts, or bulk deletes. |
| veto_openapi_genA | Reads Express/FastAPI/Hono/Fastify route files and generates an OpenAPI 3.1 spec YAML. Returns the spec as a string and optionally writes it to openapi.yaml. |
| veto_flag_auditorA | SDK-agnostic feature flag auditor — detects LaunchDarkly/Unleash SDK calls AND custom if(flags.X) patterns. Classifies flags as: actively toggled / candidate for removal / orphaned. |
| veto_drift_checkA | Compounding-error checkpoint: queries the session's tool execution trace to detect loop indicators (consecutive failures, duplicate errors, tool repetition) and calls the debugger agent to formulate a concrete loop-breaker remediation plan. |
| veto_workflowA | Runs a sequential agent pipeline with optional pass/fail gates between steps. Each step runs a worker agent; if a gate score is set and the step confidence falls below it, the pipeline stops. Returns per-step results plus an overall verdict (passed/partial/failed). |
| veto_watchA | Starts a file watcher on a project directory. Returns a watch_id. Call veto_watch_poll to collect file-change events with recommended agents. Call veto_watch_stop when done. |
| veto_watch_pollA | Polls for file-change events from an active watcher. Returns accumulated events since last poll (events are cleared on read). Each event includes the file, recommended agent, and suggested veto tool to call. |
| veto_watch_stopA | Stops an active file watcher. |
| veto_ci_gateA | CI/CD pipeline gate. Runs code review + security scan + secrets scan on a git diff and returns a structured pass/warn/fail verdict with exit code. Ready for GitHub Actions and GitLab CI. |
| veto_usage_statusA | Live AI usage dashboard. Shows tokens consumed today, requests per platform, subscription vs API usage split, 7-day history, and warnings when approaching limits. |
| veto_audit_logA | Queryable log of every council verdict, decision, and session event. Filter by session, agent, verdict, or date. Essential for tracing what happened and why. |
| veto_platform_setupA | Returns the exact MCP config and setup steps to connect a specific AI platform to this Veto server. |
| veto_pluginsA | Lists all custom agents loaded from ~/.veto/agents/. Drop a .js file there that exports plan(task, context?) to register a new agent available in veto_agent_plan and veto_execute_parallel. |
| veto_docs_fetchA | Fetches current, version-accurate documentation for any npm, PyPI, or crates.io package and returns it for injection into agent context. Eliminates hallucinated APIs. Results are cached for 24 hours. |
| veto_explainA | Explains a file or raw text using the most appropriate expert agent. Pass file_path to explain a source file, or text to explain an error message, stack trace, or compiler output. Agent is auto-detected from file extension or content. |
| veto_summarizeA | Generates a concise expert briefing of a project, directory, or file. Use at the start of a session to orient yourself on unfamiliar code. Returns bullet-point summary, key components, tech stack, and entry points. Faster and higher-level than veto_explain. |
| veto_metricsA | Returns a usage dashboard for the current Veto installation — sessions saved, council debates, quality trend, most-used agents, and knowledge base stats. Zero cost: pure SQLite reads. Great for a weekly health check. |
| veto_git_blameA | Returns ownership and contribution history for a file or directory — total commits, contributor list with commit counts, and last-modified metadata. Uses local git history: instant, zero network. |
| veto_changelogA | Generates a structured changelog from git commits since the last tag, grouped by conventional commit type (feat, fix, refactor, etc.). Pure local git — no external calls. |
| veto_local_llmA | Routes a task to a local LLM (via Ollama or LM Studio) instead of a cloud provider. Useful for privacy-sensitive data or simple, repetitive tasks. |
| veto_clone_detectorA | Scans the project for duplicated code blocks or structural clones. Returns grouped findings and refactoring suggestions. |
| veto_lint_rulesB | Analyzes project coding style and auto-generates or updates ESLint/Prettier/Ruff configurations to match current conventions. |
| veto_api_contractB | Analyzes API endpoints and generates/verifies API contracts (e.g. OpenAPI or TypeScript types) to ensure front/back compatibility. |
| veto_merge_conflictA | Analyzes a file with git conflict markers and returns a semantically correct resolution by understanding the intent of both branches. |
| veto_translateA | Translates text or structured i18n files (JSON/YAML) to target languages while preserving variables and formatting. |
| veto_a11y_advisorA | Analyzes UI components (React, Vue, HTML) for accessibility (a11y) compliance (WCAG) and provides actionable fix recommendations. |
| veto_session_replayA | Returns the chronological event/tool-call trace for a past session — the timeline of operations that occurred, for auditing or reconstructing what happened. Unlike veto_session_restore (which loads the saved context snapshot to resume work), this returns the sequence of events, not the working context. |
| veto_compose_agentsB | Creates a custom meta-agent by composing existing agents into a specialized pipeline. |
| veto_semantic_searchA | Local vector index codebase search. Answers natural-language queries over code (e.g. "where is user authentication handled?"). |
| veto_sdd_agentB | Spec-Driven Development agent. Provides full SDD loop: spec validation, acceptance criteria generation, and BDD scenario authoring. |
| veto_playwrightC | Playwright MCP integration. Coordinates browser sessions for testing, a11y review, and security scanning of UI vulnerabilities. |
| veto_notify_ideA | Sends a notification or instruction back to the IDE/client. Useful for opening files, showing alerts, or requesting UI actions in bidirectional MCP setups (JetBrains, Zed). |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
| code-review | Full code review prompt — paste code, get scored findings with severity and fixes. |
| security-audit | OWASP Top 10 security audit — scans code for vulnerabilities with CWE references. |
| deploy-checklist | Pre-deploy checklist debate — council reviews your deployment plan. |
| explain-file | Expert explanation of a file — routes to the best-fit agent based on file type. |
| full-review | Complete pre-ship review: code quality + security + secrets + quality in one call. Uses veto_full_review pipeline. |
| new-feature | New feature planning: council governance → execution plan → task DAG. Uses veto_new_feature pipeline. |
| debug-incident | Incident debugging workflow: recent-change blame → debugger plan → deep-dive explanation. |
| onboard | New-developer onboarding: full project discovery → plain-English briefing → recommended starting agents. |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
| Saved Sessions | List of all saved Veto sessions. Append ?limit=N to control count. |
| Latest Session | The most recently saved session — summary, context, and task_state. |
| Project Map (stored) | Manually-maintained project structure. Append ?dir=<absolute_path> to get a specific project. |
| Repo Map (live) | Live structural index: symbol extraction + dependency graph + PageRank ranking. Append ?dir=<absolute_path>. More accurate than the stored project map. |
| Knowledge Base | All stored knowledge entries. Append ?q=<query> to search, ?type=<type> to filter. |
| Recent Memory | The 10 most recently stored knowledge entries — no query required. |
| Learned Patterns | Coding patterns Veto has learned from your sessions. Append ?prefix=<prefix> to filter by key prefix. |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/jigyasudham/veto'
If you have feedback or need assistance with the MCP directory API, please join our Discord server