marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
claude-code-ultimate-guide/mcp-server/IDEAS.md
Florian BRUNIAUX 7236362c1e feat(mcp): add 4 new tools — compare_versions, get_threat, list_threats, search_examples 
New tools (8 → 12 total):
- compare_versions(from, to): diff Claude Code releases between two versions,
  aggregating highlights and breaking changes across the range
- get_threat(id): look up any CVE or attack technique (T-code) with full details,
  severity, mitigation, and source references
- list_threats(category?): browse the threat database — summary table or
  detailed view by section (cves, authors, skills, techniques, mitigations, sources)
- search_examples(query, limit?): semantic search across 199 templates with
  token-aware scoring and get_example() hints

Infrastructure:
- content.ts: add loadThreatDb() with memory cache and dual-mode loading
  (GUIDE_ROOT filesystem in dev, GitHub fetch in production)
- Threat DB interface with correct Record<string, string> type for minimum_safe_versions

Docs:
- mcp-server/README.md: document all 12 tools with usage examples
- mcp-server/IDEAS.md: future ideas (quiz, methodology, workflow, diff resource)
- CHANGELOG.md: [Unreleased] entry for all 4 tools
- README.md: promote MCP section to standalone ## after Quick Start (was ### inside Quick Start)
- guide/architecture.md: add MCP server to Extended Tool Ecosystem

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-28 19:22:20 +01:00

78 lines
2.5 KiB
Markdown
Raw Permalink Blame History

# MCP Server — Future Ideas
Tracked ideas that didn't make it into the current release. Implementation complexity varies; all are technically feasible with existing data.
---
## Tools
### `get_quiz(topic?, count?)`
Interactive quiz from `machine-readable/questions.json` (274 questions, already used by the landing site).
- `topic` (optional string): filter by topic (e.g. "hooks", "agents", "mcp")
- `count` (optional number, default 5, max 20): number of questions to return
- Returns questions with options, correct answer, and explanation
- Useful for learning validation, onboarding, and teaching workflows
**Data**: `machine-readable/questions.json` — not currently bundled in the package; would need bundling or GitHub fetch.
---
### `get_methodology(name)`
Step-by-step workflows for TDD, SDD, BDD from `guide/methodologies.md`.
- `name` (string): `tdd | sdd | bdd | all`
- Returns the workflow steps, when to use it, and example commands
- Useful for agents doing test-driven development or spec-driven design
**Data**: `guide/methodologies.md` — fetched on demand (already in section-reader infrastructure).
---
### `get_workflow(name)`
Step-by-step workflows from `guide/workflows/` directory.
- `name` (string): partial name match (e.g. "code-review", "refactor", "debug")
- Returns the workflow with steps, triggers, and example prompts
- Could list available workflows when no name provided
**Data**: `guide/workflows/*.md` — fetched on demand.
---
## Resources
### `claude-code-guide://diff`
Shows what changed between the bundled YAML index version and the live GitHub version.
- Fetch live `machine-readable/reference.yaml` from GitHub
- Diff against bundled version (entry count, new keys, changed values)
- Helps users know when the package is stale vs. the guide
**Complexity**: Medium — requires async resource handler + structured diffing.
---
## Prompts
### `security-review`
Dedicated security audit workflow prompt using the threat database.
- Guides the model through: check CVEs → check authors → check skills → check techniques
- Returns a structured security posture report
- Reuses `list_threats` and `get_threat` tools internally
**Dependency**: Requires `threats.ts` tools (already implemented in v1.1.0).
---
## Notes
- All ideas use data already in the repo — no new data sources needed
- `get_quiz` requires bundling `questions.json` (currently not in npm package)
- `get_methodology` and `get_workflow` are low-effort since section-reader already handles arbitrary file fetching
Reference in a new issue View git blame Copy permalink