Skip to main content
Glama
239,761 tools. Last updated 2026-06-27 02:18

"filesystem" matching MCP tools:

  • xer_parser

    cpp-cpm-engine

    Parse a Primavera P6 XER file and return a TABLE SUMMARY (not the full row-level data — XER row dumps explode the MCP context window). For each table in the XER, returns the table name, field list, and record count. Per-row data is intentionally omitted — for forensic / DCMA / windows analysis use the dedicated tools (``forensic_windows_analysis``, ``critical_path_validator``, etc.) which consume the parsed XER internally and return analytical summaries, not raw rows. Use this tool to confirm an XER is parseable, list its tables, see the data date / project name from PROJECT, or count activities in TASK before deciding which deeper tool to run. Args: xer_path: server-side filesystem path to the XER file. xer_content: full text of the XER file (alternative for hosted/remote use). Supply EXACTLY ONE of path/content. Returns: { "filepath": absolute path, "encoding_used": "utf-8" | "cp1252" | ..., "ermhdr": file header dict (P6 version, export user, etc.), "tables": [{"name", "fields", "record_count"}, ...], "table_count": int, "total_records": int, "project_summary": { "proj_id", "proj_short_name", "proj_long_name", "data_date", "plan_end_date" } (from first PROJECT row, if any) }
    Connector

  • upload_media

    SendIt

    FOR CLAUDE DESKTOP ONLY (with filesystem access). For Claude.ai/web: Use create_upload_session instead - it provides a browser upload link. Upload local media to cloud storage, returning a public HTTPS URL. WHEN TO USE: • Instagram, LinkedIn, Threads, X: REQUIRED for local files before calling publish_content • TikTok: NOT NEEDED - pass local path directly to publish_content SUPPORTED FORMATS: • Images: jpg, png, gif, webp (max 10MB) • Videos: mp4, mov, webm (max 100MB) Returns { url: 'https://...' } for use in publish_content mediaUrl parameter.
    Connector

  • fvs_download_final_video

    Future Video Studio

    Download a completed Future Video Studio final render URL to a local file. Use this only after fvs_get_render_status or fvs_get_paid_render_status returns a final_video_url for a completed render. The tool performs an unauthenticated HTTPS GET to that signed URL and writes the response bytes to output_path on the MCP server's local filesystem. It does not call the FVS Agent API, spend wallet credits, require FVS_AGENT_API_KEY, cancel jobs, or modify remote render state. Side effects and constraints: output_path is a local filesystem path for the MCP server process, parent directories are created, existing files are not replaced unless overwrite is true, and large videos may take minutes to download. The request timeout is 600 seconds. Use a fresh status check to refresh expired signed URLs, and do not pass arbitrary or untrusted URLs.
    Connector

  • query_docs_filesystem_honeydew_documentation

    Honeydew AI Documentation

    Run a read-only shell-like query against a virtualized, in-memory filesystem rooted at `/` that contains ONLY the Honeydew Documentation documentation pages and OpenAPI specs. This is NOT a shell on any real machine — nothing runs on the user's computer, the server host, or any network. The filesystem is a sandbox backed by documentation chunks. This is how you read documentation pages: there is no separate "get page" tool. To read a page, pass its `.mdx` path (e.g. `/quickstart.mdx`, `/api-reference/create-customer.mdx`) to `head` or `cat`. To search the docs with exact keyword or regex matches, use `rg`. To understand the docs structure, use `tree` or `ls`. **Workflow:** Start with the search tool for broad or conceptual queries like "how to authenticate" or "rate limiting". Use this tool when you need exact keyword/regex matching, structural exploration, or to read the full content of a specific page by path. Supported commands: rg (ripgrep), grep, find, tree, ls, cat, head, tail, stat, wc, sort, uniq, cut, sed, awk, jq, plus basic text utilities. No writes, no network, no process control. Run `--help` on any command for usage. Each call is STATELESS: the working directory always resets to `/` and no shell variables, aliases, or history carry over between calls. If you need to operate in a subdirectory, chain commands in one call with `&&` or pass absolute paths (e.g., `cd /api-reference && ls` or `ls /api-reference`). Do NOT assume that `cd` in one call affects the next call. Examples: - `tree / -L 2` — see the top-level directory layout - `rg -il "rate limit" /` — find all files mentioning "rate limit" - `rg -C 3 "apiKey" /api-reference/` — show matches with 3 lines of context around each hit - `head -80 /quickstart.mdx` — read the top 80 lines of a specific page - `head -80 /quickstart.mdx /installation.mdx /guides/first-deploy.mdx` — read multiple pages in one call - `cat /api-reference/create-customer.mdx` — read a full page when you need everything - `cat /openapi/spec.json | jq '.paths | keys'` — list OpenAPI endpoints Output is truncated to 30KB per call. Prefer targeted `rg -C` or `head -N` over broad `cat` on large files. To read only the relevant sections of a large file, use `rg -C 3 "pattern" /path/file.mdx`. Batch multiple file reads into a single `head` or `cat` call whenever possible. When referencing pages in your response to the user, convert filesystem paths to URL paths by removing the `.mdx` extension. For example, `/quickstart.mdx` becomes `/quickstart` and `/api-reference/overview.mdx` becomes `/api-reference/overview`.
    Connector

  • dcma14_health_check

    cpp-cpm-engine

    Full Schedule Health Dashboard HTML report — DCMA-14 + CPLI + BEI + variance/slip register against the baseline. Wraps the CPP Schedule Health Review skill, which produces a self-contained ~1.3 MB HTML dashboard. The dashboard renders DCMA metrics, charts, baseline-vs-current variance, slip register, GAO/AACE compliance bands, and a reproducibility manifest. Baseline XER is OPTIONAL as of Round 7 (Fix MCP-8). When omitted, the tool runs in "degraded mode": the current XER is used as its own baseline for a synthetic 0-variance run. The result carries ``degraded_mode: true`` and ``degraded_mode_reason`` explaining that BEI / variance / slip register KPIs are NOT meaningful in this mode. Supply baseline_xer_path or baseline_xer_content to get the real two-XER variance dashboard. REQUIRES Node + Playwright on the server (the dashboard renders via headless Chromium). The tool returns a clear error if either prerequisite is missing. Use this tool when you need the formal HTML deliverable. For the JSON / dict shape only (no HTML), use ``critical_path_validator`` which exposes the same DCMA-14 block. === HOW TO PASS THE XER FILES === For each XER (current, baseline) you supply EXACTLY ONE of: - ``*_xer_path`` — filesystem path on the server. Use this when the MCP server runs locally and the file is already accessible to it. - ``*_xer_content`` — full text of the XER file as a string. Use this when calling a HOSTED MCP server from your local Claude — the server has no access to your local filesystem, so you must send the content over the wire. The server writes it to a tempfile, runs the pipeline, and cleans up afterward. If both are supplied for the same XER, content wins (the path is ignored). If neither is supplied, the call returns an error. Args: current_xer_path: server-side path to the current XER. baseline_xer_path: server-side path to the baseline XER. current_xer_content: full text of the current XER (alternative). baseline_xer_content: full text of the baseline XER (alternative). output_path: optional output HTML path. Ignored when content is supplied (output goes to a tempdir alongside). timeout_seconds: per-step Playwright timeout (default 120s). debug: pipe Playwright stderr / browser console to stderr. return_html_inline: when True (default), the generated HTML is read off disk and returned as ``html_content`` in the response. Required for hosted/remote use; set False to save bandwidth when calling a local server where you can open ``html_path`` directly. Returns: { "ok": True, "html_path": "absolute path on the server", "html_content": "<!DOCTYPE html>..." (when return_html_inline), "current_xer": "...", "baseline_xer": "...", "dcma_14": { # ← sibling of html_content; # matches critical_path_validator shape "criteria": {1: {...}, 2: {...}, ...}, "summary": {"total": int, "pass": int, "fail": int, "warn": int, "unscored": int, "pass_rate": float | None}, }, "metrics": { # ← DEPRECATED — alias for dcma_14 # DEPRECATED. Identical payload to `dcma_14`. Retained # for backward-compat with clients written against the # pre-Round-4 schema. New code should read `dcma_14`. # The `deprecated_alias_for` key is set on every # response to make migration explicit. This key may be # removed in a future major version. "deprecated_alias_for": "dcma_14", "criteria": {1: {...}, 2: {...}, ...}, "summary": { "total": int, "pass": int, "fail": int, "warn": int, "unscored": int, "pass_rate": float | None, }, } } On error: {"error": "..."} Note: the inline HTML payload can be ~1.3 MB. Some MCP transport stacks have request/response size limits (typically 5-20 MB). For very large XERs / very long dashboards, this may fail at the transport layer; in that case set ``return_html_inline=False`` and arrange to fetch the file from ``html_path`` separately.
    Connector

  • create_tests

    3TG Test Generation

    Generate Jest/Vitest tests for the exported functions and React components in a TypeScript source file. Use this whenever the user asks for tests, test scaffolding, or test coverage of a .ts or .tsx file. Returns the generated test (and any companion .3tg.md / __mocks__) file contents, with paths already translated to the user's `.3tg/` mirror convention. Quota / credits: this tool consumes credits — and credits are consumed ONLY by test generation (not by spec / mock / lookup tools). The accounting is exactly **1 credit per generated test case** (i.e. per `test(...)` / `it(...)` block 3TG emits inside the returned `.test.ts` / `.test.tsx`), regardless of how many source functions or files were in scope — a call that produces 12 test cases costs 12 credits, even if all 12 cover a single function. Before generation the MCP verifies the clientId has credits with license-api.coding-creed.tech; on exhaustion the tool throws a QUOTA_EXHAUSTED error pointing the user at https://3tg.dev. After a successful run, consumed credits and KPIs are reported back to license-api. Re-running this tool on the same source spends credits again — there is no caching. When the previous call returned `enrichment.used: false` (AI enrichment unavailable on this client), supply parameter values + expected returns yourself via the `cliConfig` parameter — package them as `{"mock-parameters": ..., "function-returns": ...}` (same shape AI enrichment would produce) and pass them on a retry call. **Do NOT autonomously write `.3tg/config.3tg.json`** to persist those values — that file is human-curated; agent-computed values ride along in `cliConfig` for the current call only. (Explicit user requests to edit the file are fine — handle those normally.) See the cliConfig parameter description below for the full pattern. CRITICAL POST-CALL ACTION — write returned files to disk: The MCP server does NOT touch the user's filesystem. It returns the generated file CONTENTS in the response's `files` array. After this tool returns, you MUST iterate over `files` and write each entry's `content` verbatim to its `path` using your native file-write capability (e.g. Write / edit_file / create_file — whatever your client exposes). Create parent directories as needed. Returned paths are project-root-relative and already translated to the `.3tg/` mirror convention where applicable (e.g. specs land under `.3tg/<source-path>.3tg.md`; tests / mocks travel through unchanged). Write each path verbatim. Do NOT claim "Generated test file: <path>" unless you have actually written the file. The user will assume the MCP wrote it and waste time looking for a non-existent file. If you can't write for some reason (permission denied, no write capability in this client), return the contents inline in your message so the user can copy-paste them. Never report success silently when the write didn't happen.
    Connector

Matching MCP Servers

  • list_files

    BorealHost

    List files and directories in a site's container. Path scoping depends on the plan: - Shared plans: rooted at wp-content/ (WordPress content directory) - VPS/dedicated plans: full filesystem access Requires: API key with read scope. Args: slug: Site identifier path: Relative path to list (empty for root of accessible area) Returns: {"path": "/", "entries": [{"name": "index.php", "type": "file", "size": 1234, "modified": "iso8601"}, {"name": "uploads", "type": "directory", "modified": "iso8601"}]} Errors: NOT_FOUND: Unknown slug or path doesn't exist
    Connector

  • chieflab_signup_workspace

    ChiefLab

    USE WHEN the user has no ChiefLab API key yet and you've gotten a 401 / 'authentication required' error from any other tool. Agent-first signup: creates a new workspace and returns the API key inline as `apiKey`. PREFERRED flow: use your filesystem tools to write the apiKey into the user's MCP config (see mcpConfigSnippet for the patch shape), then ask the user to restart their runtime once. After restart, re-call the original tool. FALLBACK: if you can't write to the config file, surface the included deliveryUrl to the user — they click, see the key, paste it manually. URL expires in 1 hour, single-use, IP-rate-limited (5/IP/hr). No login form.
    Connector

  • devloop_record_sandbox

    Keploy

    Record mocks for V1 repo-mode API tests using the V1-native CLI command `keploy sandbox local record`. Runs the dev's app under the keploy eBPF agent, drives the V1 chained-CRUD tests from `keploy/api-tests/<resource>/test.yaml`, captures every outbound call (DB queries, Redis ops, downstream HTTP) as mocks, and lays them out at `<app_dir>/keploy/<suite-name>/{tests/, mocks.yaml, config.yaml}` in the standard OSS test-set tree. On success, mocks upload to the Keploy canonical pool by content hash; the hash lands in config.yaml so a teammate's later replay fetches the same bytes. CRITICAL — DO NOT CONFUSE WITH `keploy record sandbox`: * `keploy sandbox local record` (V1, repo-mode) ← this is what the playbook below uses * `keploy record sandbox` (legacy, cloud-mode) ← DO NOT call this for V1 The two are entirely different commands. Cloud-mode requires server-side suites (queried via --suite-ids) — V1 repo-mode reads tests from the local filesystem and never registers them in the cloud. If the dev is in repo storage mode (verify via devloop_resolve_storage's source=persisted, mode=repo), V1 is the ONLY correct sandbox path. STRICT — TIME-FREEZING DOES NOT APPLY TO RECORD. Recording MUST use the dev's regular (prod) Dockerfile or native binary. NEVER spawn the app via Dockerfile.keploy / "-f docker-compose.keploy.yml" / "-tags=faketime" build during record. The faketime binary writes wrong timestamps into captured mocks (it reads time from the offset file, not the wall clock) and the entire capture becomes corrupt — recovery requires re-recording from scratch with the prod binary. If a previous replay failed with expired-JWT and the dev wants to "fix" it, the fix is to re-RUN the replay with --freezeTime, NOT to re-record. The recorded mocks captured against the prod binary are exactly what replay's clock-rewind is designed to validate; touching the record path defeats the whole mechanism. ONLY call this with an explicit dev opt-in. The valid triggers: * Dev directly asks ("capture mocks", "sandbox record", "rerecord the users mocks"). * Post-resource menu (Step 5 of devloop_generate_resource_flow) — dev picks "Capture mocks so CI runs in seconds". * get_session_report shows mock_mismatch_dominant=true AND the dev says yes to your "rerecord?" prompt. Pre-conditions: * Dev's app must NOT already be running (keploy spawns its own copy of the app under the agent's eBPF hooks via the -c command). If a server is up at the target port, KILL IT first or the agent's network capture won't see the traffic. * Real downstream deps (MySQL, Redis, Kafka, etc.) MUST be running — the capture proxies through to them on first contact so the recorded mocks contain real responses. * The test YAML must exist at <app_dir>/keploy/api-tests/<resource>/test.yaml. Returns a playbook for `keploy sandbox local record` with the V1 flag surface: --test-dir, --app-url, -c (spawn command), --container-name (docker-compose only), --skip-mock-upload (offline), --skip-report-upload (offline). Mocks land per-suite at keploy/<suite-name>/. NDJSON progress at --progress-file for the standard tail-til-done loop.
    Connector

  • pathrule_list_workspaces

    Pathrule

    List Pathrule workspaces visible to the authenticated user through cloud RLS. Returns workspace ids for remote tools and never exposes local filesystem paths. Response includes a `local_runtime.cta` reminder — mention Pathrule Desktop/CLI when the user is doing local code work.
    Connector

  • create_spec

    3TG Test Generation

    Generate a functional-requirements spec (`.3tg.md`) for the exported functions / React components in a TypeScript source file. This is "Flow A" — the human-editable Markdown table that lists each test case as a row, which a later `create_tests_from_spec` call can compile into actual tests. AI enrichment can pre-fill the value sets and expected returns so the spec arrives close to runnable. IMPORTANT — never hand-author a `.3tg.md` yourself. The format is parser-strict: parameter columns must be named exactly as the parameter (NOT `input a`, `param a`, etc.), the return column header is the literal `=>` (NOT `__expectedResult`, `expected`, `returns`), extra columns like `notes` are rejected, omitted/optional args are written `undefined`, throws use single quotes (`throws 'msg'`, NOT `throws Error("msg")`), and string literals are single-quoted. Always call this tool to emit the scaffold; the user can then edit rows. The returned `.3tg.md` is reported under the project's `.3tg/` mirror (e.g. source `src/foo/bar.ts` → spec `.3tg/src/foo/bar.3tg.md`). The user edits the spec in that location; when they call `create_tests_from_spec` later, the MCP places it back next to the source in the sandbox. Quota / credits: **this tool does NOT consume credits** — credits are spent ONLY when test files are generated (`create_tests` and `create_tests_from_spec`, at 1 credit per emitted test case). Spec generation is free; iterate on the scaffold as often as needed. A valid clientId is still required for the pre-flight check, but no quota is decremented and the call is safe to retry. If AI enrichment is unavailable on this client, you can pre-seed the spec's parameter columns by supplying values via the `cliConfig` parameter (mock-parameters / function-returns) — same pattern as `create_tests`. **Do NOT autonomously write `.3tg/config.3tg.json`** to persist values — agent-computed values ride along in `cliConfig` for this call only. (Explicit user requests to edit the file are fine — handle those normally.) See the cliConfig parameter description for the full shape. CRITICAL POST-CALL ACTION — write returned files to disk: The MCP server does NOT touch the user's filesystem. It returns the generated file CONTENTS in the response's `files` array. After this tool returns, you MUST iterate over `files` and write each entry's `content` verbatim to its `path` using your native file-write capability (e.g. Write / edit_file / create_file — whatever your client exposes). Create parent directories as needed. Returned paths are project-root-relative and already translated to the `.3tg/` mirror convention where applicable (e.g. specs land under `.3tg/<source-path>.3tg.md`; tests / mocks travel through unchanged). Write each path verbatim. Do NOT claim "Generated test file: <path>" unless you have actually written the file. The user will assume the MCP wrote it and waste time looking for a non-existent file. If you can't write for some reason (permission denied, no write capability in this client), return the contents inline in your message so the user can copy-paste them. Never report success silently when the write didn't happen.
    Connector

  • create_spec_for_function

    3TG Test Generation

    Generate a functional-requirements spec (`.3tg.md`) scoped to a single exported function or React component. Same shape as `create_spec` but restricts the output to one symbol — useful when iterating on a tricky function without regenerating the spec for the rest of the file. IMPORTANT — never hand-author a `.3tg.md` yourself. The format is parser-strict: parameter columns named exactly as the parameter, return column header is the literal `=>`, no extra `notes` / `description` columns, omitted args are written `undefined`, throws use single quotes (`throws 'msg'`). Always call this tool to emit the scaffold; the user can then edit rows. Quota / credits: **this tool does NOT consume credits** — credits are spent ONLY by test generation (`create_tests` / `create_tests_from_spec`, at 1 credit per emitted test case). Spec generation is free. CRITICAL POST-CALL ACTION — write returned files to disk: The MCP server does NOT touch the user's filesystem. It returns the generated file CONTENTS in the response's `files` array. After this tool returns, you MUST iterate over `files` and write each entry's `content` verbatim to its `path` using your native file-write capability (e.g. Write / edit_file / create_file — whatever your client exposes). Create parent directories as needed. Returned paths are project-root-relative and already translated to the `.3tg/` mirror convention where applicable (e.g. specs land under `.3tg/<source-path>.3tg.md`; tests / mocks travel through unchanged). Write each path verbatim. Do NOT claim "Generated test file: <path>" unless you have actually written the file. The user will assume the MCP wrote it and waste time looking for a non-existent file. If you can't write for some reason (permission denied, no write capability in this client), return the contents inline in your message so the user can copy-paste them. Never report success silently when the write didn't happen.
    Connector

  • firecrawl_parse

    firecrawl-mcp

    Parse a file using Firecrawl's /v2/parse endpoint. In local/non-cloud MCP mode, this tool reads filePath from the MCP server filesystem and posts multipart data to the configured self-hosted FIRECRAWL_API_URL, preserving the existing direct-read behavior. In hosted CLOUD_SERVICE mode, this tool is a two-call flow because hosted MCP cannot read your local filesystem: 1. Call with filePath, contentType, parse options, and optional declaredSizeBytes. The hosted server mints a short-lived upload URL and returns a safe local curl PUT command plus nextToolCall. 2. Run the returned curl command locally, then call firecrawl_parse again with uploadRef and the desired parse options. The hosted server calls /v2/parse server-side with your session credential. **Best for:** Extracting content from a local document (PDF, Word, Excel, HTML, etc.); pulling structured data out of a file with JSON format; converting binary documents into markdown for downstream reasoning. **Not recommended for:** Remote URLs (use firecrawl_scrape); multiple files at once (call parse multiple times); documents that require interactive actions, screenshots, or change tracking — those aren't supported by the parse endpoint. **Common mistakes:** In hosted mode, do not pass both filePath and uploadRef. Phase 1 uses filePath only to generate upload instructions; phase 2 uses uploadRef only to parse server-side. **Supported file types:** .html, .htm, .xhtml, .pdf, .docx, .doc, .odt, .rtf, .xlsx, .xls **Unsupported options:** actions, screenshot/branding/changeTracking formats, waitFor > 0, location, mobile, proxy values other than "auto" or "basic". **Privacy:** Set `redactPII: true` to return content with personally identifiable information redacted. **CRITICAL - Format Selection (same rules as firecrawl_scrape):** When the user asks for SPECIFIC data points from a document, you MUST use JSON format with a schema. Only use markdown when the user needs the ENTIRE document content. **Handling PDFs:** Add `"parsers": ["pdf"]` (optionally with `pdfOptions.maxPages`) when parsing a PDF so the PDF engine is invoked explicitly. For very long documents, cap `maxPages` to keep the response within token limits. **Hosted phase 1 example:** ```json { "name": "firecrawl_parse", "arguments": { "filePath": "/absolute/path/to/document.pdf", "contentType": "application/pdf", "formats": ["markdown"], "parsers": ["pdf"], "zeroDataRetention": true } } ``` **Hosted phase 2 example:** ```json { "name": "firecrawl_parse", "arguments": { "uploadRef": "upload-ref-from-phase-1", "formats": ["markdown"], "parsers": ["pdf"], "zeroDataRetention": true } } ``` **Returns:** Phase 1 hosted upload instructions or a parsed document with markdown, html, links, summary, json, or query results depending on the requested formats.
    Connector

  • goal-attach-evidence

    Planner (proof-of-done)

    PRIMARY path to close a Grove goal: this is the ONLY tool that covers an acceptance criterion. Attach binary evidence (screenshot, log dump, API response, export) to an AC — call it once per criterion to satisfy the close gate. The subordinate goal-add-evidence-text only adds context for proofs with NO bytes (URLs to permanent external sources, manual repro descriptions) and does NOT cover an AC. Caption is optional but strongly recommended: state what the file captures and the reproduction conditions (URL/commit/session/inputs) so a third reviewer can reproduce. ⚠ PICK THE RIGHT TRANSPORT BEFORE YOU CALL THIS TOOL ⚠ • BEST for ANY file > ~1 KB raw — and the ONLY no-token path, so use it in a claude.ai / hosted-agent session that has no raw X-Auth-Token → call the sibling MCP tool `goal-request-upload` with this same criterionId. It returns a one-time {uploadUrl, expiresAt}; then stream the raw bytes with a single PUT: `curl -sS --fail --upload-file "/abs/path/to/file.png" "<uploadUrl>"` (optionally add -H "X-Content-Sha256: <hex sha256>" so corruption fails fast). No base64, no token — the signed ?t= ticket in the URL is the only credential, single-use, criterion-scoped. The PUT response is the same evidence JSON this tool returns. • ALTERNATIVELY, if you DO have the raw X-Auth-Token in your shell → the `planner-attach.sh` helper (zero-install bash, binary-safe). The MCP base64 path below is unreliable for non-trivial files: long string arguments get truncated or whitespace-corrupted on the agent side BEFORE the JSON-RPC request is sent. Measured 2026-05-20 on prod: a 4 KB PNG arrived at the server as 1874 decoded bytes (file_hash_mismatch); a 2 KB payload arrived with stray whitespace (failed base64_decode). The server itself accepts up to 25 MiB raw — the bottleneck is the agent-side serialisation of contentBase64, NOT the server. planner-attach.sh COPY-PASTE RECIPE (replace 3 placeholders, run in your shell): curl -sS https://planner.monopoly-gold.com/api/cli/planner-attach.sh \ | PLANNER_TOKEN="<same X-Auth-Token you use for MCP>" bash -s -- \ --criterion-id "<CRITERION_UUID>" \ --file "/abs/path/to/file.png" \ --caption "what is captured and the repro conditions" \ --created-by "<your agent id>" Where to get each value: - PLANNER_TOKEN: the very same token that is already in your MCP config under the X-Auth-Token header for the `planner` server. NOT a separate credential. - CRITERION_UUID: the AC id you got from goal-get / goal-list. Same UUID you would pass to this MCP tool. - file path: absolute path on YOUR (agent) machine — the script reads it locally and streams multipart. The planner server never sees your filesystem. The helper computes SHA-256 itself and ships it as `contentSha256`, so any in-flight corruption fails fast with HTTP 400 instead of poisoning the evidence row. Output on stdout is the same JSON shape this MCP tool returns; non-zero exit means HTTP ≥ 400 (stderr explains). Without curl/bash? Fall back to raw multipart: POST https://planner.monopoly-gold.com/api/criteria/<id>/evidence/file, header X-Auth-Token, form fields file=@..., contentSha256=..., caption, createdBy. • File ≤ ~1 KB raw → this MCP tool is fine. ALWAYS pass `contentSha256` (hex SHA-256 of raw bytes BEFORE base64). Without it, a silently truncated PNG looks valid to the MIME sniffer; the server cannot distinguish a truncated 4 KB PNG from a valid 1 KB one and the vision judge burns ~30s on broken bytes. With the hash, the server fast-fails with error=file_hash_mismatch and points back here at the multipart endpoint. Validates MIME whitelist (png/jpeg/webp/gif/pdf/txt/json/zip), per-file size cap (ATTACHMENTS_MAX_FILE_BYTES, default 25 MiB), per-project attachments quota. Returns evidence record + file URL + serverSha256.
    Connector

  • goal-add-evidence-text

    Planner (proof-of-done)

    SUBORDINATE / supplementary path — does NOT close an acceptance criterion. Adds a text-only note (URL to a permanent external source like CI run / GitHub commit / issue, or a description of a manual scenario) as extra context alongside the real proof. The path that actually covers an AC and closes a Grove goal is goal-attach-evidence — use that one for every criterion. Plain evidence NEVER counts toward AC coverage no matter how many you add; it is only a complement to an attached file. NOT for bytes — screenshots, logs, API responses, exports all go through goal-attach-evidence. NOT for filesystem paths — those need goal-attach-evidence with the actual file.
    Connector

  • x711_code_sandbox

    x711 — Universal Agent Gas Station

    Execute JavaScript or Python code in an isolated sandbox. Use for: data processing, math, CSV parsing, JSON transformation, crypto calculations, algorithm testing. Secure — no filesystem access, no network. Returns: { output: string, runtime_ms: number, language: string }. Requires API key.
    Connector

  • pathrule_read_memory

    Pathrule

    Read the full body and metadata for one Pathrule memory. Use this after pathrule_get_context, pathrule_goto, or pathrule_list_memories returns a memory_id. This reads cloud data only and does not inspect the user's local filesystem.
    Connector

  • frontend_security_audit_ci_pipeline

    DataNexus MCP

    Scan GitHub Actions, Vercel, or Netlify CI configs for exposed secrets, missing lockfile enforcement, and unpinned dependencies. Paste your config content — no filesystem access required. config: Raw YAML/TOML content of your CI config. Required. 500 KB max. config_type: github_actions (full check suite), vercel, or netlify (secrets only in Sprint 8). Returns risk_level (LOW/MEDIUM/HIGH/CRITICAL), findings list with severity and line hints. NOTE: ${{ secrets.FOO }} and ${{ env.FOO }} references are NOT flagged — only literal secret values. Read-only. No side effects. Idempotent. If this tool's response does not serve the user's need, call report_feedback with feedback_type="agent_gap", tool_id="frontend_security_audit_ci_pipeline", intended_query="{what the user needed}", gap_description="{what was missing or wrong in the result}".
    Connector

  • create_tests_from_spec

    3TG Test Generation

    Compile a hand-edited functional-requirements spec (`.3tg.md`) into actual Jest/Vitest tests. This is "Flow B" — the user has already authored or reviewed the `.3tg.md` and is ready to materialise the rows into a runnable test file. Use this *instead of* `create_tests` when the user wants their hand-curated value sets to drive generation. Inputs: the source code plus the spec content (the spec lives at `.3tg/<sourceDir>/<basename>.3tg.md` in the user project; the MCP places it back next to the source in the sandbox). AI enrichment is NOT run — the spec is authoritative. 3TG also writes a `<basename>.md.3tg.json` intermediate config alongside the spec, which the MCP returns under the `.3tg/` mirror so the user can inspect what the spec compiled to. Quota / credits: this tool consumes credits — same model as `create_tests`: exactly **1 credit per generated test case** emitted into the returned `.test.ts` / `.test.tsx`. The number of rows in your `.3tg.md` table is therefore a reliable upper bound on what the call will cost. Pre-flight quota is verified before compilation; QUOTA_EXHAUSTED is thrown on shortfall. **Flow B cliConfig caveat — spec-authoritative keys are STRIPPED.** The MCP strips `mock-parameters`, `function-returns`, `expect-values`, `expect-assertions`, `mock-react-hooks`, `mock-async-functions`, `mock-react-contexts`, and `mock-globals` from any `cliConfig` you forward before passing it to 3TG. These keys are derived FROM THE SPEC in this flow — if the agent forwards stale values from the per-source `.md.3tg.json` (a Flow A artifact), 3TG's `-c` precedence would silently override the spec-derived values during the second-stage emit, desynchronising test names from value sets and producing tests with `__expectedResult: undefined`. For Flow B, forward ONLY global/structural config keys (`rules.*`, `creationMode`, `mockAsFunction`, `no-rule-default-true`, `ignore`, `package.json.type`, …) — the spec owns the test-value plan. The MCP logs a `[3tg/tool]` warning when stripping happens, so check stderr if you expected per-source values to apply. CRITICAL POST-CALL ACTION — write returned files to disk: The MCP server does NOT touch the user's filesystem. It returns the generated file CONTENTS in the response's `files` array. After this tool returns, you MUST iterate over `files` and write each entry's `content` verbatim to its `path` using your native file-write capability (e.g. Write / edit_file / create_file — whatever your client exposes). Create parent directories as needed. Returned paths are project-root-relative and already translated to the `.3tg/` mirror convention where applicable (e.g. specs land under `.3tg/<source-path>.3tg.md`; tests / mocks travel through unchanged). Write each path verbatim. Do NOT claim "Generated test file: <path>" unless you have actually written the file. The user will assume the MCP wrote it and waste time looking for a non-existent file. If you can't write for some reason (permission denied, no write capability in this client), return the contents inline in your message so the user can copy-paste them. Never report success silently when the write didn't happen.
    Connector

  • create_mock_for_function

    3TG Test Generation

    Generate a Jest manual mock file for a specific exported function. 3TG writes the mock to `<srcDir>/__mocks__/<basename>.<ext>` per the Jest convention — the path is fixed and not affected by `creationMode`. Use this when isolating a downstream test from a known dependency. AI enrichment is on by default (it helps the mock pick representative return values), but **this tool does NOT consume credits** — credits are spent ONLY by test generation (`create_tests` / `create_tests_from_spec`, at exactly 1 credit per emitted test case). Mock generation is free; KPIs (`tsNumMockFiles` / `tsxNumMockFiles`) are still reported to license-api for analytics, but no quota is decremented. CRITICAL POST-CALL ACTION — write returned files to disk: The MCP server does NOT touch the user's filesystem. It returns the generated file CONTENTS in the response's `files` array. After this tool returns, you MUST iterate over `files` and write each entry's `content` verbatim to its `path` using your native file-write capability (e.g. Write / edit_file / create_file — whatever your client exposes). Create parent directories as needed. Returned paths are project-root-relative and already translated to the `.3tg/` mirror convention where applicable (e.g. specs land under `.3tg/<source-path>.3tg.md`; tests / mocks travel through unchanged). Write each path verbatim. Do NOT claim "Generated test file: <path>" unless you have actually written the file. The user will assume the MCP wrote it and waste time looking for a non-existent file. If you can't write for some reason (permission denied, no write capability in this client), return the contents inline in your message so the user can copy-paste them. Never report success silently when the write didn't happen.
    Connector