메뉴
Static security scan of a harness's declared MCP surface via `harness mcp-scan <path>`. Reads `.mcp/servers.json` + `.harness/claims.json`. Pure-read, no dispatch. Exits 1 on findings at or above `--fail-on` severity.
One-command drift detection. Composes audit-list + oia-audit + audit-trend into a single primitive — finds the most recent audit in `metaharness-audit` namespace, runs a fresh audit against the current repo, diffs them via ADR-152 §3.1 similarity, and alerts when structural distance crosses `--threshold`. Iter 53 of ADR-150 deep integration.
ADR-152 — weighted similarity between two harness fingerprints (genome + score JSON). Returns overall score in [0,1] plus per-component breakdown (cosine over 9 numerics, categorical agreement over 4 enums, jaccard over agent_topology). Unblocks ADR-151 §3.2 Recommender, §3.3 Drift Detection, §3.5 Plugin Compat. Pure-TS, no `@metaharness/*` dep — preserves ADR-150's four architectural constraints.
Composite Phase-2 audit worker (ADR-150). Bundles harness oia-manifest + threat-model + mcp-scan into one timestamped audit record stored in the `metaharness-audit` memory namespace. Designed for cron-scheduled drift detection.
7-section repo readiness report from `metaharness genome <path>`. Returns repo_type / agent_topology / risk_score / mcp_surface / test_confidence / publish_readiness. Pure-read; degrades gracefully (ADR-150).
Scaffold a custom AI agent harness via `metaharness new <name> --template <id> --host <id>`. Defaults to DRY-RUN (no writes) unless --confirm is passed. Refuses to write to the calling repo root or anywhere inside it. Honors ADR-150 architectural constraint + ruflo's "destructive-action confirmation" pattern.
5-dimension harness readiness scorecard from `metaharness score <path>`. Returns harnessFit / compileConfidence / taskCoverage / toolSafety / memoryUsefulness + estCostPerRunUsd + scaffoldReady. Pure-read; subprocess invocation; degrades gracefully when MetaHarness is absent (ADR-150 architectural constraint).
| name | harness-mcp-scan |
| description | Static security scan of a harness's declared MCP surface via `harness mcp-scan <path>`. Reads `.mcp/servers.json` + `.harness/claims.json`. Pure-read, no dispatch. Exits 1 on findings at or above `--fail-on` severity. |
| argument-hint | [--path .] [--fail-on low|medium|high] [--format table|json] |
| allowed-tools | Bash |
Calls harness mcp-scan to enumerate every declared MCP server + tool
and flag policy / permission / dependency issues. Never executes any
tool; pure static analysis.
Implementation: scripts/mcp-scan.mjs.
npx -p metaharness@latest harness mcp-scan <path> --json.findings[] with { severity, id, server, tool, message }.--fail-on <severity>: exit 1 when any finding is at or above that
level. Default high.| Severity | Rank |
|---|---|
| low | 1 |
| medium | 2 |
| high | 3 |
--fail-on high (default) only fails on HIGH; --fail-on medium also
fails on MEDIUM; --fail-on low fails on any finding.
- name: MCP static scan
run: node plugins/ruflo-metaharness/scripts/mcp-scan.mjs --fail-on high
The exit code is the only thing CI watches; the JSON output goes to artifacts for human review.
When harness binary is unavailable (no network, blocked registry),
emits structured { degraded: true, reason: 'metaharness-not-available' }
and exits 0. Ruflo continues — ADR-150 architectural constraint.