"npm" matching MCP tools:

• xer_parser

  cpp-cpm-engine

  Parse a Primavera P6 XER file and return a TABLE SUMMARY (not the full row-level data — XER row dumps explode the MCP context window). For each table in the XER, returns the table name, field list, and record count. Per-row data is intentionally omitted — for forensic / DCMA / windows analysis use the dedicated tools (``forensic_windows_analysis``, ``critical_path_validator``, etc.) which consume the parsed XER internally and return analytical summaries, not raw rows. Use this tool to confirm an XER is parseable, list its tables, see the data date / project name from PROJECT, or count activities in TASK before deciding which deeper tool to run. Args: xer_path: server-side filesystem path to the XER file. xer_content: full text of the XER file (alternative for hosted/remote use). Supply EXACTLY ONE of path/content. Returns: { "filepath": absolute path, "encoding_used": "utf-8" | "cp1252" | ..., "ermhdr": file header dict (P6 version, export user, etc.), "tables": [{"name", "fields", "record_count"}, ...], "table_count": int, "total_records": int, "project_summary": { "proj_id", "proj_short_name", "proj_long_name", "data_date", "plan_end_date" } (from first PROJECT row, if any) }

  Connector

• bet_research

  npm

  Research a Polymarket bet by pulling the relevant Pipeworx data for it in one call. Pass a market slug ("will-bitcoin-hit-150k-by-june-30-2026"), a polymarket.com URL, or a question text. The tool resolves the market, classifies the bet (crypto price / Fed rate / geopolitical / sports / corporate / drug approval / election / other), fans out to the right packs (e.g. crypto+fred+gdelt for a BTC bet, fred+bls for a Fed bet, gdelt+acled+comtrade for Strait of Hormuz), and returns an evidence packet plus a simple market-vs-model comparison so the caller can see where the implied probability disagrees with the data. Use for "should I bet on X?", "what does the data say about this Polymarket market?", or "is there edge in this bet?". This is the core demo product — agents that get bet-relevant context here convert better than ones that have to discover the packs themselves.

  Connector

• test_hypothesis

  Ground Truth

  Run a small verification plan made of concrete live checks and summarize whether a hypothesis is supported. Use this when one conclusion depends on multiple simple checks such as endpoint reachability, npm search counts, or whether a page contains an exact substring. This is a coordination tool, not an open-ended research agent: every test must be explicitly defined in advance, and tests run in order with no branching or early exit. The final verdict is mechanical: all tests passing => SUPPORTED, zero passing => REFUTED, otherwise PARTIALLY SUPPORTED. Use verify_claim when you already have evidence URLs, estimate_market for category sizing, and compare_competitors when you already know exact package names.

  Connector

• compare_entities

  Npi Registry

  Compare 2–5 companies (or drugs) side by side in one call. Use when a user says "compare X and Y", "X vs Y", "how do X, Y, Z stack up", "which is bigger", or wants tables/rankings of revenue / net income / cash / debt across companies — or adverse events / approvals / trials across drugs. type="company": pulls revenue, net income, cash, long-term debt from SEC EDGAR/XBRL for tickers like AAPL, MSFT, GOOGL. type="drug": pulls adverse-event report counts (FAERS), FDA approval counts, active trial counts. Returns paired data + pipeworx:// citation URIs. Replaces 8–15 sequential agent calls.

  Connector

• time_impact_analysis_fragnet

  cpp-cpm-engine

  Time Impact Analysis (TIA) — prospective fragnet insertion into a pre-impact baseline schedule. Supports two modes. **Single-base mode** (legacy): supply ``baseline_xer_path`` or ``baseline_xer_content``. All fragnets are inserted into the same shared baseline XER and impact is measured against that shared baseline. The result carries a ``single_base_disclosure`` warning explaining this is an AACE 29R-03 §3.7 simplification — acceptable when all events share a single baseline window, but not strict MIP 3.7 Multiple Base. **Multi-base mode** (AACE 29R-03 MIP 3.7 Multiple Base): supply ``per_event_bases`` — a dict keyed by each fragnet's ``id``, with each value a dict containing EITHER ``xer_path`` OR ``xer_content`` for that event's pre-event contemporaneous baseline. Each fragnet is inserted into its OWN base, impact is measured against THAT base's pre-event finish, and the result carries ``per_event_methodology``, ``per_event_base_count``, and ``per_event_bases_used`` (sha256-truncated content hashes for audit reproducibility). The cumulative-impact figure carries ``cumulative_caveat`` because the sum of events measured against different bases is NOT a valid joint impact. Exactly ONE of {baseline_xer_path, baseline_xer_content, per_event_bases} must be supplied. Multi-base mode errors out (returning ``{"error": ...}``) if any fragnet id is missing from ``per_event_bases``. Use this tool when modeling delay impact prospectively (e.g. quantifying RFI / change-order delay before settlement). For retrospective windows analysis after the fact, use ``forensic_windows_analysis`` (MIP 3.3 windows). Args: baseline_xer_path: server-side pre-impact baseline XER (single-base mode). baseline_xer_content: full text of pre-impact baseline XER (single-base mode, hosted/remote use). per_event_bases: dict {fragnet_id: {"xer_path": "..."} OR {"xer_content": "<full XER text>"}} for AACE MIP 3.7 Multiple Base mode. Example:: { "F1": {"xer_path": "/tmp/bl_pre_F1.xer"}, "F2": {"xer_content": "<XER text>"}, } fragnets: list of fragnet dicts. Each must have: - 'id', 'name', 'liability' (responsible party) - 'activities': list of {code, name, duration_days, calendar_id?} - 'ties': list of {pred, succ, type, lag_days?} Optional: 'description'. output_dir: output dir for TIA_Report.txt + CSV (tempdir if ""). project_name: optional override. Returns: { "report": path to TIA_Report.txt, "impacts_csv": path to TIA_Impact_Details.csv, "baseline": {"project_finish", "critical_count", ...}, "per_fragnet": [{fragnet_id, name, liability, completion_before, completion_after, impact_days, impact_working_days, affected_activities, status, error}, ...], "cumulative_days": int (sum of per-fragnet impacts), "per_event_methodology": str (canonical label), "per_event_base_count": int (count of unique base XERs), "per_event_bases_used": {fragnet_id: sha256_hash8} (multi-base only), "single_base_disclosure": str (single-base only), "cumulative_caveat": str (multi-base only), }

  Connector

• estimate_market

  Ground Truth

  Search npm or PyPI to estimate how crowded a package category is before you claim that a market is empty, niche, or competitive. Use this when you have a category or search phrase such as 'edge orm' and want live result counts plus representative matches. Do not use it to compare exact known package names or to infer adoption from downloads; it reflects search results, not market share. Registry responses are cached for 5 minutes.

  Connector

• get_receipt

  TrustBench

  Fetch a TrustBench routing receipt by ID. Receipts are immutable, Ed25519-signed records of a routing or payment event. Use to verify what was paid, to whom, for what capability, and what the on-chain settlement reference is. IDs start with rcpt_ (Phase 3) or rrcpt_ (Phase 4). Output: returns the signed receipt envelope as JSON. Phase 3 (rcpt_) returns a SignedReceipt with receipt (call metadata + settlement ref) and signature (Ed25519 over JCS-canonicalized receipt body). Phase 4 (rrcpt_) returns {receipt, signature} where receipt.paid contains routing details and signature covers the canonical envelope. To verify an envelope offline use the verify_receipt tool with the returned JSON, or @trustbench/verify-receipt npm.

  Connector

• verify_receipt

  TrustBench

  Verify the Ed25519 signature on a TrustBench receipt. Two modes: (1) Lookup mode — pass receipt_id and the server fetches the receipt from trustbench.io and re-runs verification (handy when you only have an ID). (2) Offline mode — pass receipt_json (the full {receipt, signature} envelope an agent received from a third party) and the server verifies the Ed25519 signature against the published public key at trustbench.io/.well-known/trustbench-pubkey without trusting the database. Exactly one of receipt_id or receipt_json must be provided. Output: returns JSON with receipt_id, signature_valid (boolean), on_chain_verified (boolean, where present), signature_alg ("ed25519"), verify_url, pubkey_url. For non-server-mediated verification with no network round-trip, use the @trustbench/verify-receipt npm package.

  Connector

• monte_carlo_p50_p80

  cpp-cpm-engine

  Monte Carlo Schedule Risk Analysis — P10/P50/P80/P90 completion-date forecast for a Primavera P6 schedule. Implements an AACE-style quantitative SRA (the same math as CPP's browser Tool_11 Portfolio Risk Engine, scripted Python counterpart). For each iteration, every activity duration is sampled from the chosen distribution (Triangular, BetaPERT, Uniform, Lognormal, etc.) parameterized by % of baseline duration; CPM re-runs and the project finish date is recorded. After all iterations, P10/P50/P80/P90 completion dates and a sensitivity tornado (per-activity correlation to project finish) are reported. Use this tool when you need probabilistic completion forecasts or a tornado/sensitivity ranking. For the AACE 122R-22 QRAMM maturity badge on the result, pipe the response into ``qramm_maturity``. Args: xer_path: server-side path to the schedule XER. xer_content: full text of the schedule XER (alternative for hosted/remote use). Supply EXACTLY ONE of path/content. iterations: number of MC iterations (default 5000). distribution: 'Triangular', 'BetaPERT', 'Uniform', 'Lognormal' (case-insensitive — passed through). optimistic_pct, most_likely_pct, pessimistic_pct: % of baseline duration for the distribution params (defaults: 85 / 100 / 120). seed: optional fixed seed for reproducibility (0 = system entropy = non-reproducible). output_dir: optional output dir; tempdir if "". Returns: Full SRA result dict, key paths: - 'baseline.percentiles': {'P10', 'P50', 'P80', 'P90'} - 'baseline.config': sim params used - 'baseline.sensitivity': per-activity tornado rows - 'project_name', 'data_date', ... - HTML / DOCX paths if outputs emitted

  Connector

• polymarket_arbitrage

  Npi Registry

  Find arbitrage opportunities on Polymarket by checking for monotonicity violations across related markets. TWO MODES: (1) `event` — pass a single Polymarket event slug; walks that event's child markets and checks ordering within it. (2) `topic` — pass a topic / seed question (e.g. "Strait of Hormuz traffic returns to normal"); the tool searches across separate events for related markets, groups them, then checks monotonicity. Cross-event mode catches the cases where Polymarket lists each cutoff as its own event ("…by May 31" is event A, "…by Jun 30" is event B — single-event mode misses the May≤June rule). Returns ranked opportunities with suggested trade direction + reasoning.

  Connector

• collapsed_as_built

  cpp-cpm-engine

  Collapsed As-Built / But-For analysis on a post-impact XER. Implements AACE RP 29R-03 §3.8 Modeled / Subtractive / Single Base method (paired with MIP 3.3 Windows for the dual-method gap report per SCL §11.5). Validates a forensic windows analysis (MIP 3.3) by independently computing the same project drift via subtractive removal of delays from the as-built schedule. For each delay event, the as-built duration of every ``affected_activity`` is shortened by ``impact_days`` (or removed entirely if ``removal_method="remove"``), then CPM re-runs and the resulting "but-for" finish date is compared to the as-built finish. Cumulative pass removes ALL events at once for a project-level but-for finish. Use this tool when opposing counsel demands a but-for analysis or you need a dual-method validation pairing §3.3 (windows) with §3.8 (collapsed-as-built). For prospective fragnet insertion (MIP 3.7), use ``time_impact_analysis_fragnet`` instead. Args: as_built_xer_path: server-side post-impact XER (after delays incurred). as_built_xer_content: full text of post-impact XER (alternative for hosted/remote use). Supply EXACTLY ONE of path/content. delay_events: list of event dicts. Each must have ``event_id``, ``affected_activities`` (list of task_codes), and ``impact_days`` (number). Optional: ``removal_method`` ('shorten'|'remove'), ``responsible_party``, ``name``, ``description``. output_dir: optional output dir for HTML/CSV (tempdir if ""). project_name: optional override. removal_method: global default 'shorten' or 'remove'. contractor_filter: when True, exclude contractor-caused events from the cumulative pass (owner audit mode). Returns: { "as_built_finish": "YYYY-MM-DD", "per_event_results": [{event_id, but_for_finish, impact_days, ...}, ...], "cumulative_but_for_finish": "YYYY-MM-DD", "cumulative_impact_days": int, "dual_method_gap": dict | None, "output_files": {...}, "warnings": [...], "method": "AACE 29R-03 §3.8 (Modeled/Subtractive/Single Base)" }

  Connector

• path_explorer

  cpp-cpm-engine

  Logic-trace driver-chain explorer — answers "WHY is this activity critical?" and "WHAT does it drive?". Traces driving predecessors backward from a target activity to project start (the "why critical" chain) and/or driving successors forward to project finish (the "what it drives" chain). Detects constraint-driven artificial criticality and cites AACE RP 24R-03 §4 when found. Supports multiple parallel critical paths (MCPM) and near-critical paths. Use this tool when investigating a single activity's logic chain. For a project-wide CP / logic health audit, use ``critical_path_validator``. Args: xer_path: server-side path to the schedule XER. xer_content: full text of the schedule XER (alternative for hosted/remote use). Supply EXACTLY ONE of path/content. target_activity_codes: list of task_codes to trace; if empty, all CP / near-critical endpoints are traced. direction: 'backward' (predecessors), 'forward' (successors), or 'both' (default). include_near_critical: also trace near-critical endpoints (within float band). output_dir: optional dir for HTML / CSV / JSON outputs. Returns: { "paths": [{chain dicts ...}], "output_files": {dashboard, csv, json}, "project_finish": "YYYY-MM-DD", "project_name": ..., "data_date": ... }

  Connector

• critical_path_validator

  cpp-cpm-engine

  Critical-path validation, logic health, and DCMA-14 assessment of a Primavera P6 schedule. Runs the CPP critical-path validator: checks for false criticality, constraint-driven CP segments, open ends, broken logic, and surfaces a DCMA-14 block with the 14 metrics (logic, leads, lags, FS%, hard constraints, high float, high duration, invalid dates, resources, missed tasks, critical tasks, CPLI, BEI, etc.) at the chosen profile threshold (commercial / nuclear / mining). When ``baseline_xer_path`` is supplied, BEI (Baseline Execution Index) is computed. Use this tool to grade a schedule's logic health and find what should be fixed before forensic analysis. For the full HTML health-dashboard PDF render, use ``dcma14_health_check``. Args: xer_path: server-side path to the schedule XER. xer_content: full text of the schedule XER (alternative for hosted/remote use). Supply EXACTLY ONE of path/content. project_index: which project to analyze in a multi-project XER (0 = first/primary; default). profile: DCMA threshold profile - 'commercial' (default), 'nuclear', 'mining'. baseline_xer_path: optional server-side baseline XER for DCMA BEI. baseline_xer_content: optional baseline XER text content (alternative). Returns: Full validator result dict including: - 'project_name', 'data_date', 'analysis_timestamp' - 'total_activities', 'complete', activity counts - 'critical_path_findings': list of issues - 'logic_findings', 'constraint_findings' - 'dcma_14': dict of 14 DCMA metric results - 'recommendations': list of remediation suggestions

  Connector

• entity_profile

  Npi Registry

  Get everything about a company in one call. Use when a user asks "tell me about X", "give me a profile of Acme", "what do you know about Apple", "research Microsoft", "brief me on Tesla", or you'd otherwise need to call 10+ pack tools across SEC EDGAR, SEC XBRL, USPTO, news, and GLEIF. Returns recent SEC filings, latest revenue/net income/cash position fundamentals, USPTO patents matched by assignee, recent news mentions, and the LEI (legal entity identifier) — all with pipeworx:// citation URIs. Pass a ticker like "AAPL" or zero-padded CIK like "0000320193".

  Connector

• claim_workbench_evidence_ledger

  cpp-cpm-engine

  Forensic claim workbench — analyzes a folder of mixed evidence (XER chain + MSG/PDF/DOCX/XLSX correspondence) and produces a unified workbench dashboard. Built from the real-world workflow where forensic delay analysis starts from a folder containing schedule updates, owner correspondence, RFIs, change orders, and meeting minutes — all mixed together. The workbench produces: - Evidence ledger (chronological): all artifacts dated and summarized - Schedule chain-diff: 14-category manipulation log (TASKPRED add/remove, constraint flips, retroactive baseline edits, completion reversals) - Rolling baseline: per-activity baseline-at-introduction across the entire XER chain - Trust score: statistical impossibilities flagged (zero-duration-variance schedules, no-new-activities, every-activity-hits-baseline, etc.) - Slip-to-evidence cross-reference: each forensic slip auto-paired with documents in its window mentioning affected activity codes - Unified HTML dashboard with all of the above Use this tool when starting forensic delay analysis from raw evidence. For single-XER-pair forensic with hand-prepared events, use ``forensic_windows_analysis`` instead. Args: folder_path: path to the evidence folder (must exist). output_dir: optional dir for outputs (tempdir if ""). project_name: optional override. original_baseline_xer_filename: optional filename in the folder identifying the baseline XER. contract_form: contract template tag (default 'CCDC2'). run_forensic: when True (default), also runs forensic_windows_analysis on the discovered XER chain. Returns: { "evidence_ledger": {...}, "chain_diff": {...} | None, "rolling_baseline": {...} | None, "trust_score": {...} | None, "cross_reference": {...} | None, "forensic_result": {...} | None, "output_files": {...}, "errors": {...} (per-step failure log) }

  Connector

• check_bulk

  DepScope

  Fast pre-flight filter for a batch of (ecosystem, package) pairs. DB-only, <100ms for 100 items. USE WHEN: about to emit `npm install a b c …` or `pip install a b c …` — catches hallucinated names, stdlib, typos, and known-bad in ONE call. NOT a dep-tree audit (use scan_project for that). RETURNS: per-item {status: exists|stdlib|malicious|typosquat_suspect|historical_incident|unknown}.

  Connector

• woet_classifier

  cpp-cpm-engine

  Worked-vs-On-time Execution Timeline (WOET) per-activity day-by-day classification of as-built execution against baseline. For each pairable activity (matched by ``task_code``), classifies execution into 4 day-states: - PROGRESS: work performed during the baseline-planned window - GAIN: work performed BEFORE the baseline window opened - EXTENDED: work performed AFTER the baseline window closed - VOID: baseline-window day where activity was NOT active This is a CPP-disclosed enhancement layered on top of AACE 29R-03 §3.3 Windows Analysis — a per-day execution classifier (Progress/Gain/Extended/Void) NOT itself AACE-defined. It is not a substitute for fragnet-based AACE 29R-03 §3.7 (TIA) modeling. It gives the trier-of-fact a calendar picture of how the project executed versus how it was supposed to execute, which is otherwise buried in finish-date deltas. Use this tool when you want a per-activity execution-quality picture (on-time %, count of activities with VOID days, etc.). Args: baseline_xer_path: server-side path to baseline XER (target dates). actual_xer_path: server-side path to as-built XER (act dates). baseline_xer_content: full text of baseline XER (alternative). actual_xer_content: full text of as-built XER (alternative). Supply EXACTLY ONE of path/content per pair. today: optional ISO date (YYYY-MM-DD) reference for in-progress activities. Defaults to actual XER's last_recalc_date if available, else today's date. Returns: { "method": "WOET", "standard": "AACE 29R-03 §3.3 Windows Analysis — per-day execution classification overlay (CPP-disclosed enhancement, not AACE-defined)", "today": "YYYY-MM-DD", "project_totals": {progress, gain, extended, void}, "per_activity": [{code, name, baseline_start, ...}, ...], "on_time_pct": float (0-100) }

  Connector

• compare_competitors

  Ground Truth

  Compare two or more exact package names side by side using live npm or PyPI metadata. Use this when you already know the candidate packages and need evidence for claims such as 'tool A is newer', 'tool B is still maintained', or 'these packages use different licenses'. It returns per-package registry metadata in input order, with field availability varying by registry. Missing or unpublished packages return found=false. Do not use it to discover unknown alternatives, estimate market size, or compare packages across different registries. Registry responses are cached for 5 minutes.

  Connector

• entity_profile

  npm

  Get everything about a company in one call. Use when a user asks "tell me about X", "give me a profile of Acme", "what do you know about Apple", "research Microsoft", "brief me on Tesla", or you'd otherwise need to call 10+ pack tools across SEC EDGAR, SEC XBRL, USPTO, news, and GLEIF. Returns recent SEC filings, latest revenue/net income/cash position fundamentals, USPTO patents matched by assignee, recent news mentions, and the LEI (legal entity identifier) — all with pipeworx:// citation URIs. Pass a ticker like "AAPL" or zero-padded CIK like "0000320193".

  Connector

• check_package

  Hextrap MCP

  Check if a package is allowed by a hextrap firewall and verify it is not a suspected typosquat. Call this BEFORE suggesting any npm, PyPI, or Go dependency to ensure it meets security policy.

  Connector