feat(mcp): add native resources, prompts, and structured output schemas

[enjoyandlove]

Summary

• Implements issue feat(mcp): ship native resources prompts and output schemas #273 (mini-epic) and all five child issues (feat(mcp): add structured output schemas for existing tools #291–test(mcp): add resource and prompt discovery fixtures #295) for native MCP affordances
• feat(mcp): add structured output schemas for existing tools #291 — adds gittensory_local_status_structured tool with a validated outputSchema so modern MCP clients can discover and validate structured status output
• feat(mcp): expose decision-pack and doctor resources #292 — exposes three resources: gittensory://changelog (installed CHANGELOG.md), gittensory://compatibility (live API compatibility JSON), and gittensory://decision-packs/{login} (cached private decision pack, URI template)
• feat(mcp): add miner planning prompts #293 — adds four miner planning prompts: gittensory_miner_select_issue, gittensory_miner_draft_pr_packet, gittensory_miner_branch_preflight, gittensory_miner_cleanup_first
• feat(mcp): add maintainer and repo-owner workflow prompts #294 — adds six maintainer and repo-owner workflow prompts: gittensory_maintainer_queue_triage, gittensory_maintainer_review_prep, gittensory_maintainer_public_guidance, gittensory_repo_owner_intake_readiness, gittensory_repo_owner_focus_manifest_review, gittensory_repo_owner_onboarding_pack
• test(mcp): add resource and prompt discovery fixtures #295 — adds three discovery fixture test files covering resource discovery, prompt discovery, and prompt content safety
• All prompts are advisory only: no autonomous GitHub writes, no credential requests, no reward/scoring predictions
• All existing tools and CLI behavior are unchanged

Closes #273

Scope

• This PR is focused and does not mix unrelated backend, UI, MCP, docs, dependency, and deploy changes.
• This follows CONTRIBUTING.md and does not reintroduce GitHub Pages, VitePress, site/, or CNAME.
• I linked an issue, or this is small enough that the summary explains why an issue is not needed.

Validation

• git diff --check — clean
• npm run actionlint — clean
• npm run typecheck — clean
• npm run test:coverage — 878 passed, branches 97.03% (above 97% threshold)
• npm run test:workers — passed
• npm run build:mcp — clean (node --check passes on all three MCP entry points)
• npm run test:mcp-pack — dry-run ok, all expected files present
• npm run ui:openapi:check — artifact is fresh
• npm run ui:lint — clean
• npm run ui:typecheck — clean
• npm run ui:build — clean
• npm audit --audit-level=moderate — 0 vulnerabilities
• New or changed behavior has unit/integration tests for new branches, fallback paths, and sanitizer boundaries — three new test files: mcp-output-schemas.test.ts (4 tests), mcp-miner-prompts.test.ts (8 tests), mcp-discovery.test.ts (16 tests)

If any required check was skipped, explain why:

Safety

• No secrets, wallet details, hotkeys, coldkeys, user PATs, private keys, raw trust scores, private rankings, or private maintainer evidence are exposed. Prompt text is static advisory copy; tests assert no credential key=value patterns or trust-score claims appear in prompt output.
• Public GitHub text stays sanitized, low-noise, and does not imply compensation guarantees or optimization tactics. All prompts explicitly forbid reward prediction, payout estimates, and compensation language.
• Auth, cookie, CORS, GitHub App, Cloudflare, or session changes include negative-path tests. N/A — no auth surface changed.
• API/OpenAPI/MCP behavior is updated and tested where needed. Resource discovery, prompt discovery, outputSchema shape, and content safety all tested via MCP client transport.
• UI changes use live API data or real empty/error/loading states, not production mock/demo fallbacks. N/A — no UI changes.
• Visible UI changes include screenshots or a short recording. N/A — no UI changes.
• Public docs/changelogs are updated where needed. N/A — changelog updated at release only per CONTRIBUTING.md.

Notes

• All prompts use plain argsSchema shapes (not z.object()) for compatibility with the MCP SDK's zod version boundary; the SDK's internal zod v3 and the package's zod v4 do not mix through the tool() high-level API.
• The gittensory_local_status_structured tool mirrors gittensory_local_status with an added outputSchema; existing integrations using the unschematized tool are unaffected.
• Resource reads fail gracefully: gittensory://changelog returns "Changelog not available." if the file is missing; gittensory://compatibility returns a static unavailable payload if the API is unreachable.
• No prompt performs any GitHub write autonomously — all output is advisory and presented for human review before action.

[superagent-security]

Superagent found 1 security concern(s).

P2: Unreviewable binary ZIP added to public downloads directory

PR adds unreviewable binary ZIP in public downloads directory.

Remove binary or provide reproducible build and checksum attestation.

AI prompt

Check if this security scanner issue is valid. If so, understand the root cause and fix it. If appropriate, update or add tests. Keep the change focused and preserve intended behavior.

<file name="apps/gittensory-ui/public/downloads/gittensory-extension.zip">
<violation number="1" location="apps/gittensory-ui/public/downloads/gittensory-extension.zip">
<priority>P2</priority>
<title>Unreviewable binary ZIP added to public downloads directory</title>
<evidence>PR adds a binary blob (gittensory-extension.zip) that cannot be diff-reviewed. Binary files in public downloads may hide malicious payloads and bypass code review.</evidence>
<recommendation>Require the author to either remove the binary, replace it with a reproducible build script, or provide a checksum/attestation and independent verification of the ZIP contents.</recommendation>
</violation>
</file>